-
Splitting the Horizon: Secure Public Federation vs. Blind Internal LAN Routing in Matrix
When architecting a sovereign communication appliance, the engineering requirements for security and usability are frequently at war. This tension reaches its peak when configuring federation for a private Matrix homeserver. By default, self-hosted Matrix setups inherit a classic, binary problem: When engineering the Remote Rails Sovereign Appliance, we rejected this compromise. We implemented a Split-Horizon…
-
Bypassing Google and Apple: Implementing True De-Googled Push Notifications with UnifiedPush and ntfy
When engineering a sovereign communication stack, the most difficult architectural hurdle is rarely the chat protocol itself. The true weakest link for metadata leakage is the push notification pipeline. Historically, mobile operating systems have forced developers into a centralized paradigm. If a message arrives on your private server, that server has to ping Google’s Firebase…
-
Architecting Element Call: Escaping Docker Bottlenecks, Double Encryption, and WebRTC Port Ranges
Deploying a native, high-performance video conferencing stack for a sovereign Matrix homeserver requires far more than just spinning up a few containers. At the core of Element Call’s architecture are two critical components: LiveKit (operating as the Selective Forwarding Unit, or SFU) and Coturn (acting as the STUN/TURN relay). When engineering the communications stack for…