We're Hiring!

Mattermost, Inc.

On-premise HPNS proxy without recompiling apps

Hello there,
I’ve recently deployed a family Mattermost instance in order to gain more privacy. The only problem I have is with push notifications : I could either

  • subscribe to Mattermost Enterprise (but would like to avoid paying… Sorry about that :slight_smile:),
  • or I can setup my own proxy but then I’d have to provide self-compiled apps for both Android and iOS users in my family and make them enable developer mode on their phone (which isn’t very practical as they’re not tech-savvy),
  • or I can (ab)use the TPNS service, which isn’t great either because I don’t want to put a burden free-loading off your computing power, and also because privacy :slight_smile:

I understand that the notification proxy pushes to Google/Apple services using a secret key, and that a secret key is required to be compiled in the apps to access the pushed notifications. I suppose it’s assymetric keys, but am unsure about that ?

Anyway, my idea was, if it’s an assymetric key, would it be possible that the server pushes the public key to the app after the user connects to a Mattermost instance, instead of compiling the key in the app ?

That would make it possible to operate one own’s push proxy, without having to deploy customized apps to their users.

(If the key is symetric, transferring it over the network, even encrypted, would probably pose a bigger security issue than having it compiled, of course.

If this feature seems like a good idea to you, I may be willing to have a go at implementing it (probably very slowly though as I never had a dive in your code yet).

Thanks in advance for your feedback,
Colin