After a bit of research, I landed on Mattermost. I explained the reason for the shift, and migrated the whole family over sometime in 2019. As far as the family is concerned, the process was painless, and other than the lack of collapsible threads (recently fixed as mentioned in TIFA!) everything has been great. I run the whole thing on a $5/mo VULTR VM, that also also acts as a WireGuard and PiHole server.
On the backend, I’ve only had one major bump - I went too long between server upgrades (I think I jumped from 5.21 to 5.29). The SQL encoding changed and caused messages to stay “unread.” Took me a day to find/correct the issue, and it’s been smooth sailing ever since.
Now that's an achievement I rarely hear, Here I am ostracized from the family and friends for not being in their WhatsApp groups.
So either nemosaltat is incredibly lucky with his family, or he is an extremely patient person. Kudos either way.
I'm talking from my experience in India, WhatsApp has embedded itself deeply in the lifestyle, It is not just a messaging app but 'The gateway for Internet' as smartphones are the first computer for the majority.
So they see a personal connection to it, It has disproportionate level of trust leading to severe misinformation/disinformation issues; Especially alarming during pandemic w.r.t vaccination.
Everything from Govt. messages to banking messages arrive on WhatsApp. I've given up trying to convert people to secure solutions and so I have sandboxed WhatsApp in a VM to receive WhatsApp messages via email.
I’m not the most patient person, but I’ve made extra efforts to be patient with this. I’ve also done everything I can to include/involve interested family members in the process. We have a channel dedicated to feedback on Mattermost itself, and I’ve been able to recruit a few folks to help me evangelize.
I may not be able to change the world, but I can make a difference to those closest to me. I am extremely fortunate to have a family that humors me.
It'd be nice to see it become as safe and easy to run an infrastructure service (like Mattermost) as it is to manage and update apps on a phone.
We're not too far off from that; small computers like the Raspberry Pi - or even smartphones themselves - could act as servers, and then container images could be used to package and distribute application updates.
Persistent data management becomes an issue at some point.. but that's already true for on-device chat messages. Perhaps SyncThing or similar tools could help there.
Sandstorm is basically this. Requires a bit of setup at the start, but afterwards installing apps is like installing phone apps, the apps and Sandstorm itself update automatically, etc.
For example, here's a Rocket.Chat instance I just spun up with a few clicks: https://sandstorm.terracrypt.net/shared/uaFeexA3f3mlU77m6nvJ...
A few of the apps get regular updates, but admittedly a lot of them have gone stale. Sandstorm's security model makes it so that this isn't a security risk in the way it would be on other platforms, but it's certainly disappointing if you're looking for the latest versions of apps.
* As trivial to set up as a smartphone.
* Visually appealing.
* Handles backup and restoration of user data seamlessly.
* Has an app store where you can grab docker images for apps like mattermost and handles upgrades seamlessly.
There's a lot of solutions out there but theyre all a bit ratty or require technical knowhow or both.
I kind of wish mozilla went down this route rather than trying to reinvent the smartphone.
I self-hosted a Matrix server for family chat reasons but the encryption key changes (Let's Encrypt) and frequent need to re-login became a hassle for me and the "membership group" at large. Tried out Discord, haven't looked back.
My mother-in-law even created her own Discord "server" (all done very easily in-app) with no help from anyone.
Very slightly worried about content not being in my control, but shopping lists, pictures of the cat being cute, and requests to pre-heat the oven aren't high on my snooping paranoia list.
I'm curious by what you mean by frequent need to re-login in the context of Matrix? I've had a Matrix server for several years now and never needed to re-login.
The certificate issues were more specifically related to Apple devices not liking that an accepted certificate had expired, and a new one had taken its place, and wouldn't even allow for the updated certificate to be "trusted" in place of the expired one. On Android I'd have to accept a new certificate to trust, and it allowed me to do so - although possibly this resulted in the requirement to re-login (and if memory serves, old messages would be unreadable).
These issues may have been of my own making, or may be fixed now, but I've been using Discord happily for a whole now.
P.S. I don't multi-account on Discord (because I didn't know you could), but I do have different names depending on the server context.
Huh, that doesn't sound right. You shouldn't be having to accept anything -- a renewed certificate should just work, transparently, without any interruption. You shouldn't even notice it changed.
Given that a large part of the web now uses LetsEncrypt, if this wasn't so, you would've already had problems on other websites as well.
> (and if memory serves, old messages would be unreadable).
This may have been the case if you managed to lose your keys. This is quite unlikely now since (encrypted) server-side backup of keys is supported. Additionally, if you have more than one device, one of them will likely continue to have keys and can share them with the new device once it is verified.
The Android Riot client was fine with the updated cert, other than the cert update possibly being the catalyst for needing to re-login.
This was three-odd years ago, not sure how much progress there's been since (including on my side in the use of certbot).
I use certbot to automate certificate updates on a couple of self-hosted sites, and it works fine for them - it really was just the ipad being repeatedly / repeatably finicky back then.
That said, personally i use Rocket.Chat, which has been pretty easy to self host: https://rocket.chat/
I'm sure that someone who has experience with both could drop by and share their experience, but if nothing else, it's at least nice to have these options to choose from.
Either way, i can definitely confirm that most of these platforms indeed are very well off on smaller VPSes, as long as you don't have too much data in them (think file uploads rather than just messages).
Getting more support for something like that in the company that i work in, however, is another story entirely. For a while they tried Nextcloud Talk, but it was a bit too barebones: https://nextcloud.com/talk/
And ever since, sadly, there has been little to no interest in setting up another self-hosted platform, even if there are teams whose old messages are eaten away by Slack's limitations, the management seemingly having little to no interest in paying a bit of money for it.
The integrations with gitlab issues/groups/etc are also look neat but are barely used tbh. Cant compare with rocket.chat.
Note: you do need to flip the feature flag to try it out:
Account Settings > Display > Collapsed Reply Threads (Beta).
Twist is kinda unreliable and flaky.
But I'll put up with anything to get sane threading.
If you just want to self-host mattermost, push notifications should work out of box.
Mattermost Team Edition is designed for teams (I.e. groups of people that work together and trust each other) and there were issues when Team Edition was deployed to unintended use cases—-like hosting hundreds of users, saving millions of posts, or other scenarios outside of what a team was meant to do.
Admin adviser was meant to help admins who hit those scenarios, and some of the advisory in scenarios Team Edition wasn’t intended to handle was for the Enterprise Edition. It sounds like that came across the wrong way and we should revisit.
Note: I think a fair chunk of admin advisor was paused a while ago. Not sure how much is running these days. Regardless we should take a look.
I run a fairly big instance with hundreds of users. We wanted to support/promote a more free/libre alternative to Slack, but you are basically saying we should not use Mattermost?
(I think that channel deletion was a concern at some point, but archiving mitigates it, we are happy users in general)
We offer a non-profit license for open-source projects  with special nonprofit pricing. We also plan to move the System Permissions Scheme into the open source Team Edition with the 6.0 release on September 15 .
Thanks for being a user, feedback is always welcome!
And now when you enter the system console, the very first thing you so is the Upgrade to Enterprise Edition CTA button. It concerns me that they'll keep pushing free (OSS) users towards the paid product. They've eroded some of our trust and given the choice we'd probably go in another direction in the future.
Really appreciate your feedback. We had intended to pause the admin advisor notifications couple of months ago but due to an intended bug some of the messages are still coming through. We've queued an update to pause them in the next release (v5.38). 
The original vision for the admin advisor notification feature was to guide administrators through proper activation and configuration of the system as the needs of their user base evolves, with some additional capabilities in the Enterprise offering. However, based on the feedback we received, it was evident that the experience felt spammy with limited value which was not the intent, negatively impacting the trust with our community. Hence why we've decided to pause admin advisor notifications at this time.
As part of the revised implementation, the proposal is to add unit testing, so that we can detect it in the future as part of our build process.
Git is a double-barrelled footgun with a hair trigger.
Entire article: Try this cool product of ours!
At the same time, if people are using our open source project to showcase their work, I am a fan.
We definitely do that ourselves talking about React, React Native and Golang :)
But MM is still nicer than slack/discord in terms of controlling your data.
Can someone from Mattermost comment on that?
We have quite a few customers deploying Mattermost in air-gapped environments, so even for the enterprise versions we don't require internet connectivity.
There are some things that may not work without any internet connectivity, such as mobile push notifications, since that requires Mattermost Server to connect to our Push Proxy by default. You can host that yourself but will need a custom Apple/Android mobile app then, and the push proxy still needs internet connectivity in the end to reach Apple/Android Push Notification Services. Also our plugin marketplace may not work and you need to download and upload plugins manually.
So overall, some convenience functions may not work, but overall Mattermost can be deployed air-gapped and doesn't have any phone-home aside from optional diagnostics. Let me know if there are any other questions!
(Disclosure: I am working at Mattermost in Security)
That's an odd phrasing to me. I would expect the enterprise version to offer more admin features, so of course that version would have the option to disable the Internet requirements. Can you confirm it's the same for all other versions?
1. It's the most expensive chat out there, at $10/month and no free plan.
2. Focalboard is being integrated to be part of the chat. Focalboard doesn't currently do much that I find interesting, but I have hope that it will with time.
On 1), our SaaS version is equivalent to our higher end Enterprise Edition E20 and aimed at larger orgs. For small orgs we have the open source version that can be easily self-hosted. That said, it sounds like price is material for you, so maybe there’s something we can do at a lower price tier, with features closer to our open source product.
On 2), Focalboard is still in its early days. We are using it internally and with early adopters of the open source version and are pretty excited about where it could go—replacing Trello, Asana, Notion, Jire, Confluence on-prem and as SaaS in the long run, and on an open source platform you can customize.
Our hope is in future there could be a “Why we switched to Mattermost and Focalboard” with a blog post on replacing a fair chunk of the collaboration stack with an open source alternative that could be extended.
And even it's still missing features.
Cinny (https://cinny.in) is the first Matrix client that actually looks promising. They just plain stole Slack's UX and it's working. There's no need to be unique for the sake of being unique when it comes to UX.
The clients though... whooo boy. Element is so bad that it hurts to use it. The worst part is that it doesn't have a singular major flaw, it has a hundred tiny issues that are just a bit wonky.
Mattermost is fully open source. I pointed to the GitHub repos which contain the entire client and server systems.
I really don't see the difference between open core and open source if the "core" is a fully functional standalone product.
That's the difference. Mattermost won't ever accept contributions, that reimplement features from their paid product. If you want to use such features, you would have to fork, and forced to keep the fork public, since it is AGPL.
Weirdly, I actually didn't mind Teams too much, after you stop creating new conversations instead of replying (which took me WEEKS), it was reasonably stable and it just sort of worked for me. Although I hear a lot of people gripe about it.
Really not sure about that. I work at an MSP/MHP that has infrastructure everywhere ( multiple DCs, AWS, Azure, GCP, OVH, etc.) and recently we had a huge network outage at a few of our on-prem DCs due to a firmware bug in some redundant networking equipment. Having the communications software "in the cloud" allowed collaboration on fixing and communicating about the issue.
Sometimes it's a good idea not to have all the eggs in one basket. In a similar vein, if your "on-prem" is dead, how do you access the documentation helping you debug/connect/etc.?
In terms of losing systems that you need to access while troubleshooting systems issues, that can be a mess with self-hosted tools, but nobody is immune. When AWS had a cascading network failure at US -East-1, their team was unable to access their logging service which made triage incredibly difficult. That’s super rare, and unlikely to happen again for AWS in that manner, but outages can cripple any ops team. Runbooks are a great thing to copy offline!
I worked on a couple of teams, and somehow no IT team could make the chat apps run reliably: we always had disconnects, terrible loading times, lost messages and we had to jump through hoops to enable the most basic integrations. No regular updates, outdated apps that are years behind in looks, features and integrations.
Whenever we just simply used Slack, it was snappy, reliable, and it was easy to set up connectors for different external services.
In my mind the gold standard is Discord. One login/password/mfa and I have access to hundreds of "servers". I have over 30 slack passwords and MFA tokens in my password manager and I know people with many more. Though I suspect the ability to self host Mattermost will make it more like Slack than Discord there.
I would also like to say thank you. Mattermost is one of the few products I've seen that doesn't lock MFA behind an enterprise subscription. I can't stress enough how happy I was to see that.
1. You limit your attack surfaces.
Threats on your LAN, WAN or Internet can't communicate with the user computer or the server, e.g. they can't be landing points (attack surfaces) for malware or ransomware.
2. You isolate any damage
In a full zero trust architecture, if one app is compromised, then there is no network for the virus to leverage to spread. For example, a ransomware loader can't call home to acquire more robust functionality, and can't find other data on your network to infiltrate and encrypt. This is because the loader is not on a 'trust' network in which it has access simply because it found its way into a network.
Other solutions are open to networks (large attack surfaces) and are susceptible to spreading attacks (as they spread through the 'trusted' network).
And, direct access to the PG database has been awesome for integrations. (Watch out tho, seems to be missing a bunch of FKs (that I think should be there))
And basically every table with a user_id column.
My install created none.
My contact is in my profile if you want more info
As long as the decision makers know something is available and actually provides value (and the decision makers are not stubborn and set in their ways for decades), it will be implemented.
Caveat - people writing most medical/billing software don't have any incentive to release it as FOSS and they have more money for promotion than any FOSS project.
Bribery is very common in large software sales.
So one cannot use e.g. slack channels to shout to everyone about some problem. The usage pattern should be closer to email or an issue tracker with only involved doctors and nurses added to each patient or case. Email is of course unsuitable because of how easily information can slip out unprotected.
Unfortunately, doctors are people like the rest of us, use whatsapp and facebook to ask thousands of colleagues for help with their patients. Totally against the law.
The only thing I missed is FOSS LDAP connector, I am strong believer that at least in some basic form it should come in such products - after all, you don't use such tools if you are not in enterprise and not having at least login is seriously problematic. We finished using Gitlab auth instead of it but I don't like that we are coupled to it.
I’m definitely not a Slack “power user.” In fact, I had to be dragged kicking and screaming into using it (I don’t like IM communication, in general), because everyone else uses it.
That “everyone else uses it” is the biggest hurdle for MM.
It was easy to just whip up a Docker container with it with the help of our IT folks and then it's go time.
We managed to get the on-site license approved by appealing to the corp's high focus on security (the head of security was ex-military, so he was _strict_ about security). Slack would've been WAY too expensive to get approved.
All this before the penny-pinchers figured out that Teams would've been free. At that point Mattermost was integrated into dev processes everywhere and it was too late to move out.
It's been mostly free of hiccups of any sort. Occasionally it crashes, but I haven't been curious enough to figure out if it is something I can fix.
But this is just UI candy, could be implemented in an IRC client too. From a protocol standpoint, what IRC really lacks is the consistent handling of chat history. I can imagine IRC handling this too; every registered user could always be "online" on the server, and therefore receiving all messages, and when their client actually connects, they would see the messages similarly how the IMAP works for email. But this is really reaching now, isn't it? Why not just use something that's similar in spirit, but actually updated to the moders internet, like the Matrix protocol?
Instead Slack & co add server side search and effectively turn company chat into a eternal meeting with random participants.
I would be curious whether they considered Zulip or any of the other open source chat alternatives in this decision, and how they compared.
my sense is that chat is one of those areas where there's not so much obvious differentiation from the outside, and a lot of stickiness once you land somewhere, which implies there will remain 5-10 players in the space for some time to come.
Oh yeah? Try being forced to move to MS Teams.
"I protect that which matters most" :-)
We go back and forth on whether we should have a .org and a .com, curious as to your thoughts.