Enterprise Secure Messaging

Overview

A self-hosted messaging proof-of-concept for organizations that cannot let communication leave their network. A high-concurrency Go WebSocket server pairs with a Flutter client, and the whole device is locked down and provisioned through Headwind MDM — turning handsets into single-purpose, tamper-resistant terminals.

The problem

Some environments (regulated, classified, or air-gapped) need internal chat with full data sovereignty and no path for users to install or exfiltrate anything. Off-the-shelf messengers route through third-party clouds and run on unmanaged devices.

Architecture

Go server using Gorilla WebSockets for high-concurrency fan-out, PostgreSQL for persistence, and stateless JWT auth. The entire stack is orchestrated with Docker Compose for one-command deployment. Headwind MDM handles device enrollment, silent app distribution, and kiosk lockdown. Build-time URL injection via --dart-define lets the same client target any deployment.

Tech stack

Key features

• High-concurrency Go WebSocket server
• Flutter client with a dark hacker/geek theme
• Stateless JWT authentication with managed passkeys
• One-command Docker Compose deployment of the full stack
• MDM-driven enrollment and silent app distribution
• Kiosk-mode lockdown — devices become single-purpose terminals
• Air-gapped ready — functions with no internet access

Security considerations

• Kiosk lockdown removes app-install and side-loading vectors
• All traffic stays on the private network — full data sovereignty

Challenges

• Coordinating build-time configuration across server, client, and MDM provisioning
• Keeping the WebSocket layer responsive under many concurrent managed clients

Outcome

• Device lockdown with no user bypass vectors
• Automated deployment pipeline via Docker and MDM