Technical requirements
This document describes the hardware requirements and other necessary steps for installation of SalaX Secure Messaging software.
1. Server Requirements
Operating System
Rocky Linux 8 or 9
RHEL 8 or 9
Recommended Minimum Server Requirements
| Number of Users in Server | Open Federation Specs | Closed Federation Specs | Video Conference Specs |
|---|---|---|---|
| 0-99 | 5 vCPU, 6 GB RAM | 3 vCPU, 3 GB RAM | 3 vCPU, 5 GB RAM |
| 100-299 | 5 vCPU, 6 GB RAM | 3 vCPU, 3 GB RAM | 9 vCPU, 15 GB RAM |
| 300-499 | 8 vCPU, 8 GB RAM | 3 vCPU, 6 GB RAM | 16 vCPU, 32 GB RAM |
| 500-999 | 8 vCPU, 10 GB RAM | 5 vCPU, 10 GB RAM | 32 vCPU, 64 GB RAM |
| 1000-1999 | 10 vCPU, 16 GB RAM | 7 vCPU, 15 GB RAM | 64 vCPU, 128 GB RAM |
| 2000+ | decide based on users | decide based on users | decide based on users |
Note: As this is a messaging platform, the disc storage depends on the number of users in the homeserver. Below is an example calculation of the required space based on the number of users:
- If Federation is enabled: required disk space = active users × 0.9GB.
- If Federation is disabled or limited: required disk space = active users × 0.6GB.
The following calculation is based on the total volume of attachments uploaded by users per year.
- Total Upload Volume (per year) = Average media size × Average uploads per user per day × Number of active users × 365
Ensuring data integrity requires that your storage provider fully supports fsync.
/var: 50GB
/data/element-deployment: The default directory that will contain your Synapse media.
/data/postgres: The default directory that will contain your Postgres database.
Standard Server Specifications for Customers Hosted by SSH
For Secure Messaging hosted by SSH, the server specifications are provided below. SSH retains the right to revise these specifications as deemed necessary and may apply additional charges for any supplementary server resources required.
| Number of Users in Server | vCPU | RAM | Storage |
|---|---|---|---|
| 0 to 99 | 8 vCPU | 16 GB RAM | 100 GB |
| 100 to 299 | 16 vCPU | 32 GB RAM | 300 GB |
| 300 to 499 | 32 vCPU | 64 GB RAM | 500 GB |
| 500 to 999 | 64 vCPU | 192 GB RAM | 1000 GB |
| 1000 to 1999 | 80 vCPU | 512 GB RAM | 2000 GB |
| 2000+ | to be agreed separately |
2. Hardware Requirements
Desktop
- Windows, Linux, or macOS
- Both ARM and Intel processors are supported.
- The minimum recommended RAM is 4 GB.
Tablet
- Ipads with iPadOS 14 or later
- Android devices with Android 10 or later
Mobile
- iPhones with iOS 14 or later
- Android devices with Android 10 or later. TIP: Fast CPU improves the video call quality.
Browser
Android and Desktop
- Chrome: 72 or later
- Firefox: 68 or later
- Safari: 14 or later
- Edge: 79 or later
iOS and iPad
Safari: 14.3 or later
3. Network connections and IP Addresses
4.1. Requirements
Servers are placed into the network so that a secure or reliable connection to mail servers can be made. Server requires one public IP address. This address acts as cluster address which e-mail traffic is relayed to. If NAT is used in address translation, information of both public and network address translated addresses is needed.
4.2. Options
It is recommended that web-based management tool is separated from public network by defining D-Center with its own IP address and own port (default 443).
4.3. Firewall settings requirements
Firewall must allow the required connections. The following table shows requirements for basic installation; rules must be specified.
| Protocol | Source | Destination | Port(s) | Usage |
|---|---|---|---|---|
| TCP | * | Server | 80, 443 | Port 80 is needed for Let’s Encrypt. 443 for SSL connection to deployed services |
| TCP | Server | 35.228.17.156 | 443 | If push notification will be used on Android/iOS. Signal server hosted by SSH. |
| TCP | Server | * | 80 | Let’s Encrypt functionality VERIFY |
| TCP & UDP | Server | * | 3478, 5349 | Outbound connection used by TURN server |
| TCP & UDP | * | Server | 3478, 5349 | Inbound connection used by TURN server |
| TCP & UDP | Server | * | 40000–40500 | Outbound used by TURN server for TURN connections |
| TCP & UDP | * | Server | 40000–40500 | Inbound used by TURN server for TURN connections |
| TCP & UDP | Server | * | 30300 | Outbound used for the media traffic by video conferencing system |
| TCP & UDP | * | Server | 30300 | Inbound used for the media traffic by video conferencing system |
| TCP | Server | * | 1081 | FQDN check during installation, can be disabled after installation is completed |
4.4. DNS. Required FQDNs
All following records are A-records pointing towards the server/virtual machine where SalaX Secure Messaging will be installed. NAT also needs to be taken into account.
- SalaX Wellknown URL: mydomain.com
- SalaX client URL: chat.mydomain.com
- Admin panel URL: admin.mydomain.com
- Homeserver URL: matrix.mydomain.com
- Identity server URL: im.mydomain.com (on old installation it was sshsn-identity.xxx.xxx)
- Homepage URL: share.mydomain.com( for some installations it was home.xxx.xxx)
- Conference URL: conference.mydomain.com
- Turn URL: turn.mydomain.com
Note: Additional subdomains may be utilized depending on the enabled add-on services.
4. Bandwidth Requirements for Video Conferencing
The Salax Secure Messaging group video conferencing solution is built on top of Jitsi, and the following requirements are based on Jitsi's official recommendations and best practices. While exact bandwidth usage depends on various implementation details and optimizations, the following estimates offer a general guideline based on video resolution:
| Resolution | Estimated Minimum Bandwidth Requirement |
|---|---|
| 180p | 200 kbit/s |
| 360p | 500 kbit/s |
| 720p (HD) | 2.5 Mbit/s |
| 4K | 10 Mbit/s |
Note: The table above shows estimated bandwidth requirements per user based on video resolution.
Your actual network requirements will depend on how many users are active at the same time. For example, 20 users streaming 4K video simultaneously would require minimum 200 Mbit/s.
Recommendations
- For production/live deployments use, a 10 Gbit/s connection is strongly recommended.