Secure ScuttleButt

Secure ScuttleButt (SSB) is a P2P social network that stores all of an individual’s data on their own device. It has all of the features of diaspora* except aspects. In addition, it also has “gatherings” to organize events.

SSB is an offline-first protocol that delivers its messages over various channels - LAN discovery, bluetooth, tor, cjdns etc. If two nodes on the network cannot connect to each other over these transports, they can talk through a public relay called “pub” which is a server on the internet.

This thread is to discuss the use cases of SSB and its relevance to FreedomBox.

Our experience with SSB so far

First discussion about ScuttleButt on the mailing list
https://alioth-lists.debian.net/pipermail/freedombox-discuss/2018-March/008336.html

My personal notes on SSB
https://njoseph.me/mediawiki/SSB

I have started experimenting with the Patchwork and Manyverse clients of SSB.

Use cases

Family social network

1. FreedomBox users can already use ScuttleButt as a local social network at home to share photos and documents, create events etc. I think the private message feature can even be used like chat threads.
2. Someone away from home can create posts on their SSB client and sync them to other family members after coming home. Relatives visiting and syncing photos is a classic use case in ScuttleButt.

Hosting an SSB Pub on FreedomBox

FreedomBox can potentially host an SSB pub (see mailing list thread above) since it’s publicly reachable over the internet. This allows the possibility to form private social networks with people located far away and also allows syncing with less delay.

Local social network in Community Wi-Fi networks

FreedomBox Community Wi-Fi networks (universities and villages) are basically large LANs where ScuttleButt network discovery and sync would work very well. People can form local social networks without dependence on any centralized servers. It can be used as a digital noticeboard, discussion forum etc.

Host ScuttleButt data directory on FreedomBox

ScuttleButt creates a new keypair on each new installation by default. This means, your desktop account and mobile account are essentially different accounts. Hosting the data directory .ssb on the FreedomBox and accessing the web interface through a browser can possibly solve this problem. Patchfoo is a client that can be used for this purpose. Multiple users can be supported too, each with their own .ssb directory.

References

Official website
https://www.scuttlebutt.nz/

FAQ
https://www.scuttlebutt.nz/faq/

Technical documentation
https://ssbc.github.io/docs/

I encourage some of the power users in our community to try it out and come up with more use cases. We should also find out the best privacy settings for this network.

The reference implementation is in NodeJS and the Android app called Manyverse is still in Beta.

One of the problems with SSB is that the “pub” and “room” servers should switch names.

Pub servers are extremely intimate because they actually host and save everyone’s feeds. So they’re more like someone’s home.

Room servers are public meeting places that only connect user feeds to each other when users are online at the same time. So quite literally, they are like real life pubs.

Overall, SSB has a long way to go to be user friendly. Right now, it’s very opaque how data is handled on the network. Who is able to see your stuff is very mysterious. Because of that, I think it’s not a good fit for grandma, right now.

It’s sad because SSB gets so much very very right.

Stumbled upon this today

A functioning, single-user, self-hosted Secure Scuttlebutt web server!

Self-hosting an SSB client on a FreedomBox allows access from multiple devices.
We might be able to create one instance for each FreedomBox user as well.

Another alternative for self-hosting SSB has been suggested on our Matrix channel.

Oasis can be hosted on a FreedomBox and accessed from multiple devices using a web browser. The installation will be very similar to Syncthing (another P2P application). Our current SSO mechanism should work with this.

I’d really love to see an SSB server running on FreedomBox.

I am currently trying to run this go implemented server here:
go-ssb-room

I hope I get this compiled and linked into the Apache server.

What is the integration process into the main SSO and system-control structure from FreedomBox?
Has anyone else managed to run an SSB server on their FreedomBox?

Edit:
I am currently trying to get the nginx config file converted so that it plays nicely with the rest of FreedomBox. The example Nginx config is here: go-ssb-room/example-nginx.conf at master · ssbc/go-ssb-room · GitHub

For now, I only got the following, but it’s not working. Any advice would be much appreciated!
It lives in a room-freedombox.conf file inside /etc/apache2/sites-avalible/

In particular, I am uncertain if I need to reference the SSL certs again and if I need to create another virtual host, or if just referencing the location should be enough.

<Location /room >
    ProxyPass http://127.0.0.1:8899/
    ProxyPassReverse http://127.0.0.1:8899/
    RequestHeader set X-Forwarded-Host url.hidden
    RequestHeader set X-Forwarded-Port "443"
    RequestHeader set X-Forwarded-Proto "https"
</Location>

Without looking into the details, here is my best guess:

• I think the file should go under conf-available, not sites-available.
• Probably don’t need to reference SSL certs or make another virtual host.

Thanks for these tips. I think the Apache site is mostly working, i.e. it’s pointing towards the SSB server.
However, I still get a Bad Host on the webpage and the Apache Log is showing "GET /room HTTP/2.0" 500 226 .
@jvalleory Thanks for the insights.

So I think something about the form Apache forwarded request is wrong, in particular the host!?. I can’t seem to find any error message or so from the SSB server, so it is difficult to understand what’s wrong about the request.