Package Details: smp-server 6.4.5-1

Git Clone URL: https://aur.archlinux.org/smp-server.git (read-only, click to copy)
Package Base: smp-server
Description: SMP relay server for SimpleX Chat - private messaging without user identifiers
Upstream URL: https://simplex.chat/docs/server.html
Licenses: AGPL-3.0-only
Submitter: guglovich
Maintainer: guglovich
Last Packager: guglovich
Votes: 0
Popularity: 0.000000
First Submitted: 2026-03-10 21:26 (UTC)
Last Updated: 2026-03-11 17:26 (UTC)

Dependencies (8)

Required by (0)

Sources (5)

Latest Comments

guglovich commented on 2026-03-11 15:32 (UTC) (edited on 2026-03-11 17:34 (UTC) by guglovich)

smp-server — setup guide
1. Initialization
# open server — anyone can create queues
sudo -u smp smp-server init -y --store-log \
    --no-password --fqdn=your.domain.com

# with password — only trusted users can create queues
sudo -u smp smp-server init -y --store-log \
    --password='your-strong-password' \
    --fqdn=your.domain.com

init will generate self-signed TLS certificates. SimpleX verifies authenticity via fingerprint, not a browser CA.

2. Configuration

Edit /etc/opt/simplex/smp-server.ini: - [TRANSPORT] host: — your domain or IP - [TRANSPORT] port: — default 443,8443

Port 443 is chosen as a reliable fallback — it is standard HTTPS and is almost never blocked. Port 8443 is an alternative if 443 is occupied. The default SMP ports 5223/5224 may be blocked in some countries with internet censorship.

Conflict with Caddy: if Caddy is running — it occupies port 8443. Either disable it (systemctl disable --now caddy), or change smp-server port, e.g. to 443,5443.

3. Start
systemctl enable --now smp-server
journalctl -u smp-server | grep "Server address"
4. Server address
smp://FINGERPRINT@your.domain.com:PORT
smp://FINGERPRINT@1.2.3.4:PORT

Always specify the port — without it the client tries to connect on 5223.

Fingerprint:

cat /etc/opt/simplex/fingerprint
5. Re-issuing TLS certificate

When changing domain or IP — without losing fingerprint:

sudo systemctl stop smp-server
sudo -u smp smp-server cert --cn your.domain.com
sudo systemctl start smp-server

ca.key must be present in /etc/opt/simplex/ for this to work.

6. CA key
sudo cat /etc/opt/simplex/ca.key  # back it up
sudo rm /etc/opt/simplex/ca.key   # optional — server works without it

The key is only needed for smp-server cert when rotating the certificate.

7. Migration from manual installation

Do not run smp-server init. Copy files from your backup:

sudo cp ca.crt ca.key ca.srl fingerprint \
    /etc/opt/simplex/
sudo cp server.crt server.csr \
    /etc/opt/simplex/
sudo cp smp-server.ini /etc/opt/simplex/
sudo chown -R smp:smp /etc/opt/simplex/
sudo chown -R smp:smp /var/opt/simplex/
systemctl enable --now smp-server

Fingerprint and server address will remain the same.

8. Free domain via DuckDNS
  1. Register at https://duckdns.org, create a subdomain
  2. Set your external IP
  3. Weekly keepalive to prevent domain deactivation:
# /etc/systemd/system/duckdns.service
[Unit]
Description=DuckDNS keepalive
After=network-online.target

[Service]
Type=oneshot
ExecStart=/bin/sh -c \
  'curl -fsSo /dev/null \
  "https://www.duckdns.org/update?domains=NAME&token=TOKEN&ip="'

# /etc/systemd/system/duckdns.timer
[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target

systemctl enable --now duckdns.timer
9. Caddy and public info page (optional)

Caddy is only needed if you want a browser-accessible page at https://your.domain.com. It is not required for SMP to function.

If using Caddy — configure it on a port different from SMP ports, copy the obtained certificates to /etc/opt/simplex/web.crt and web.key, then uncomment in smp-server.ini:

[WEB]
https: 443
cert: /etc/opt/simplex/web.crt
key: /etc/opt/simplex/web.key