diff --git a/mattermost/MAINTENANCE.md b/mattermost/MAINTENANCE.md
index b6d7ac2b9e2ac67a0abb510a989a2bb4f8715431..3de6d03358b80c9f3fbdad4fece8b6351a2dd5f2 100644
--- a/mattermost/MAINTENANCE.md
+++ b/mattermost/MAINTENANCE.md
@@ -43,15 +43,11 @@ The following steps should be completed by a new maintainer
When receive a mailing list email about a new security update or major version of Mattermost being released, update the version number of this project by doing the following:
-1) In the **master branch**
+In the **master branch**
- Change the [version number](https://github.com/mattermost/mattermost-docker/blob/master/app/Dockerfile#L6) to the latest release
- Tag the repo
-2) In the **team-and-enterprise branch**
-
-- Change the [version number](https://github.com/mattermost/mattermost-docker/blob/team-and-enterprise/app/Dockerfile#L6) to the latest release
-
### Issue and Pull Request Review
Maintainer(s) should periodically review pull requests and issues submitted to provide feedback and to merge pull request changes when the maintainer feels the change would be appropriate.
diff --git a/mattermost/README.md b/mattermost/README.md
index be33e8eba01945959b2aa9f7eabd7b717fca17ae..7368dc8d9e331078d834cbafb91d89981774fcdd 100644
--- a/mattermost/README.md
+++ b/mattermost/README.md
@@ -175,4 +175,4 @@ For the server configurations, see [prod-ubuntu.rst] of Mattermost.
[docker]: http://docs.docker.com/engine/installation/
[docker-compose]: https://docs.docker.com/compose/install/
-[prod-ubuntu.rst]: https://docs.mattermost.com/install/install-ubuntu-1404.html
+[prod-ubuntu.rst]: https://docs.mattermost.com/install/install-ubuntu-1604.html
diff --git a/mattermost/app/Dockerfile b/mattermost/app/Dockerfile
index c6312d7e1ec302b041213b1e90bbed4bb5b5aab4..4746d76f5d380a03c489af9637b5f9937345430c 100644
--- a/mattermost/app/Dockerfile
+++ b/mattermost/app/Dockerfile
@@ -1,20 +1,24 @@
-FROM ubuntu:16.04
+FROM alpine:3.6
# Some ENV variables
ENV PATH="/mattermost/bin:${PATH}"
-ENV MM_VERSION=4.5.0
+ENV MM_VERSION=4.8.0
# Build argument to set Mattermost edition
ARG edition=enterprise
# Install some needed packages
-RUN apt-get update \
- && apt-get -y --no-install-recommends install \
- curl \
- jq \
- netcat \
- ca-certificates \
- && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin
+RUN apk add --no-cache \
+ ca-certificates \
+ curl \
+ jq \
+ libc6-compat \
+ libffi-dev \
+ linux-headers \
+ mailcap \
+ netcat-openbsd \
+ xmlsec-dev \
+ && rm -rf /tmp/*
# Get Mattermost
RUN mkdir -p /mattermost/data \
@@ -26,7 +30,7 @@ RUN mkdir -p /mattermost/data \
# Configure entrypoint and command
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
-WORKDIR /mattermost/bin
+WORKDIR /mattermost
CMD ["platform"]
# Expose port 80 of the container
diff --git a/mattermost/app/entrypoint.sh b/mattermost/app/entrypoint.sh
index ccb17bd9911bf447a37b1955169c30027558975a..293055c8e4f87db5fa9e18c54cb59dba76aaa276 100755
--- a/mattermost/app/entrypoint.sh
+++ b/mattermost/app/entrypoint.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
# Function to generate a random salt
generate_salt() {
@@ -58,7 +58,9 @@ if [ "$1" = 'platform' ]; then
if [ -z "$MM_SQLSETTINGS_DATASOURCE" ]
then
echo -ne "Configure database connection..."
- export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$MM_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=disable&connect_timeout=10"
+ # URLEncode the password, allowing for special characters
+ ENCODED_PASSWORD=$(printf %s $MM_PASSWORD | jq -s -R -r @uri)
+ export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$ENCODED_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=disable&connect_timeout=10"
echo OK
else
echo "Using existing database connection"
diff --git a/mattermost/contrib/kubernetes/mattermost.deployment.yaml b/mattermost/contrib/kubernetes/mattermost.deployment.yaml
index 3ecdc5ad84210aef3c610686be1d1c61fcd7783a..7fc938425ca9ac507f6eeb0e0c4c79e9e2fe7793 100644
--- a/mattermost/contrib/kubernetes/mattermost.deployment.yaml
+++ b/mattermost/contrib/kubernetes/mattermost.deployment.yaml
@@ -17,7 +17,7 @@ spec:
spec:
containers:
- name: mattermost-app
- image: "mattermost/mattermost-prod-app:3"
+ image: "mattermost/mattermost-prod-app:4.7.0"
env:
- name: DB_HOST
valueFrom:
diff --git a/mattermost/contrib/swarm/docker-stack.yml b/mattermost/contrib/swarm/docker-stack.yml
index affbbf2c72bfbfab88030c7f5ce6f7eafab36018..883c338830ca2328ac00f437a8a83269e305afa8 100644
--- a/mattermost/contrib/swarm/docker-stack.yml
+++ b/mattermost/contrib/swarm/docker-stack.yml
@@ -1,78 +1,107 @@
-# This file allow you to run mattermost within your docker swarm mode cluster
+# This file allows you to run mattermost within your docker swarm mode cluster
# for more informations check: https://docs.docker.com/engine/swarm/
#
+# Simply run:
+#
+# `docker stack up [STACK NAME] -c docker-stack.yml`
+#
+# In this case `mm` is going to be stack name, so the command will be:
+#
+# `docker stack up mm -c docker-stack.yml`
+#
+# From now on all the services that belong to this stack will be prefixed with `mm_`
+# this file defines 3 services, these are going to be mm_db, mm_app and mm_web,
+# each of these names is the service's hostname as well, they can communicate
+# with each other easily by using the hostname instead of the ip or exposing ports to the host.
+#
+# As a side note, images tagged as latest are pulled by default,
+# that means there's no need to use `image:latest`
+#
# use latest compose v3.3 file format for optimal compatibility with latest docker release and swarm features.
# see https://docs.docker.com/compose/compose-file/compose-versioning/#version-3
# and https://docs.docker.com/compose/compose-file/compose-versioning/#version-33
# and https://docs.docker.com/compose/compose-file/compose-versioning/#upgrading
version: '3.3'
-
-services:
- db:
- # use official mattermost prod-db image
- image: mattermost/mattermost-prod-db:latest
- ports:
- - "5432"
- networks:
- - mm-network
- volumes:
- # use a named-volume for data persistency
- - mm-dbdata:/var/lib/postgresql/data
- - /etc/localtime:/etc/localtime:ro
- environment:
- POSTGRES_USER: mmuser
- POSTGRES_PASSWORD: mmuser_password
- POSTGRES_DB: mattermost
- # uncomment the following to enable backup
- # AWS_ACCESS_KEY_ID=XXXX
- # AWS_SECRET_ACCESS_KEY=XXXX
- # WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
- # AWS_REGION=us-east-1
- deploy:
- restart_policy:
- condition: on-failure
- app:
- # use official mattermost prod-app image
- image: mattermost/mattermost-prod-app:latest
- ports:
- - "8065"
- networks:
- - mm-network
- volumes:
- - /var/lib/mattermost/config:/mattermost/config:rw
- - /var/lib/mattermost/data:/mattermost/data:rw
- - /var/lib/mattermost/logs:/mattermost/logs:rw
- - /etc/localtime:/etc/localtime:ro
- environment:
- DB_HOST: db
- DB_PORT_NUMBER: 5432
- MM_USERNAME: mmuser
- MM_PASSWORD: mmuser_password
- MM_DBNAME: mattermost
- # in case your config is not in default location
- # MM_CONFIG=/mattermost/config/config.json
- deploy:
- restart_policy:
- condition: on-failure
- web:
- # use official mattermost prod-web image
- image: mattermost/mattermost-prod-web:latest
- ports:
- - "80:80"
- - "443:443"
- networks:
- - mm-network
- volumes:
- # This directory must have cert files
- - /var/lib/mattermost/cert:/cert:ro
- - /etc/localtime:/etc/localtime:ro
- deploy:
- restart_policy:
- condition: on-failure
-
networks:
- mm-network:
-
+ # network for App <-> DB transactions
+ mm-in:
+ driver: overlay
+ internal: true
+ # this network faces the outside world
+ mm-out:
+ driver: overlay
+ internal: false
volumes:
- mm-dbdata:
+ mm-dbdata:
+services:
+ db:
+ # use official mattermost prod-db image
+ image: mattermost/mattermost-prod-db
+ networks:
+ - mm-in
+ volumes:
+ # use a named-volume for data persistency
+ - mm-dbdata:/var/lib/postgresql/data
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ - POSTGRES_USER=mmuser
+ - POSTGRES_PASSWORD=mmuser_password
+ - POSTGRES_DB=mattermost
+ # uncomment the following to enable backup
+ # - AWS_ACCESS_KEY_ID=XXXX
+ # - AWS_SECRET_ACCESS_KEY=XXXX
+ # - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
+ # - AWS_REGION=us-east-1
+ deploy:
+ restart_policy:
+ condition: on-failure
+ app:
+ # use official mattermost prod-app image
+ image: mattermost/mattermost-prod-app
+ networks:
+ - mm-in
+ - mm-out
+ volumes:
+ - /var/lib/mattermost/config:/mattermost/config:rw
+ - /var/lib/mattermost/data:/mattermost/data:rw
+ - /var/lib/mattermost/logs:/mattermost/logs:rw
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ # use service's hostname
+ - DB_HOST=mm_db
+ # talk to the port within the overlay network
+ # without (over)exposing ports
+ - DB_PORT_NUMBER=5432
+ - MM_USERNAME=mmuser
+ - MM_PASSWORD=mmuser_password
+ - MM_DBNAME=mattermost
+ # pass the edition to be used, default is enterprise
+ # setting this env var will make the app use the team edition
+ - edition=team
+ # in case your config is not in default location
+ # - MM_CONFIG=/mattermost/config/config.json
+ deploy:
+ restart_policy:
+ condition: on-failure
+ web:
+ # use official mattermost prod-web image
+ image: mattermost/mattermost-prod-web
+ ports:
+ - "80:80"
+ - "443:443"
+ networks:
+ - mm-out
+ volumes:
+ # This directory must have cert files
+ - /var/lib/mattermost/cert:/cert:ro
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ # use app service's hostname
+ - APP_HOST=mm_app
+ # talk to the port within the overlay network
+ # without (over)exposing ports
+ - APP_PORT_NUMBER=80
+ deploy:
+ restart_policy:
+ condition: on-failure
\ No newline at end of file
diff --git a/mattermost/db/Dockerfile b/mattermost/db/Dockerfile
index 4ed322147e9171a125eab22719eef0686fb90190..a3e16300cf53013d3de8c520e88709ab2f17c777 100644
--- a/mattermost/db/Dockerfile
+++ b/mattermost/db/Dockerfile
@@ -1,24 +1,19 @@
-FROM postgres:9.4
+FROM postgres:9.4-alpine
+
+ENV DEFAULT_TIMEZONE UTC
# Install some packages to use WAL
-RUN apt-get update \
- && apt-get install -y \
- build-essential \
+RUN apk add --no-cache \
+ build-base \
curl \
- daemontools \
+ libc6-compat \
libffi-dev \
- libssl-dev \
- lzop \
- pv \
+ linux-headers \
python-dev \
+ py-cryptography \
&& curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python \
- && pip install 'wal-e<1.0.0' \
- && apt-get remove -y \
- build-essential \
- python-dev \
- && apt-get autoremove -y \
- && apt-get clean \
- && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin /tmp/* /var/tmp/*
+ && pip --no-cache-dir install 'wal-e<1.0.0' envdir \
+ && rm -rf /var/cache/apk/* /tmp/* /var/tmp/*
# Add wale script
COPY setup-wale.sh /docker-entrypoint-initdb.d/
diff --git a/mattermost/db/entrypoint.sh b/mattermost/db/entrypoint.sh
index a134f0e0a41d60bc0af31533be04fcb915df6e87..5d4dd349ecb95cde7afdcb928e708d245f288a2f 100755
--- a/mattermost/db/entrypoint.sh
+++ b/mattermost/db/entrypoint.sh
@@ -1,53 +1,62 @@
#!/bin/bash
-# if wal backup is not enabled, use minimal wal logging to reduce disk space
-: ${WAL_LEVEL:=minimal}
-: ${ARCHIVE_MODE:=off}
-: ${ARCHIVE_TIMEOUT:=60}
-
-export WAL_LEVEL
-export ARCHIVE_MODE
-export ARCHIVE_TIMEOUT
-
-# PGDATA is defined in upstream postgres dockerfile
+# if wal-e backup is not enabled, use minimal wal-e logging to reduce disk space
+export WAL_LEVEL=${WAL_LEVEL:-minimal}
+export ARCHIVE_MODE=${ARCHIVE_MODE:-off}
+export ARCHIVE_TIMEOUT=${ARCHIVE_TIMEOUT:-60}
function update_conf () {
- if [ -f $PGDATA/postgresql.conf ]; then
- sed -i "s/wal_level =.*$/wal_level = $WAL_LEVEL/g" $PGDATA/postgresql.conf
- sed -i "s/archive_mode =.*$/archive_mode = $ARCHIVE_MODE/g" $PGDATA/postgresql.conf
- sed -i "s/archive_timeout =.*$/archive_timeout = $ARCHIVE_TIMEOUT/g" $PGDATA/postgresql.conf
- fi
+ wal=$1
+ # PGDATA is defined in upstream postgres dockerfile
+ config_file=$PGDATA/postgresql.conf
+
+ # Check if configuration file exists. If not, it probably means that database is not initialized yet
+ if [ ! -f $config_file ]; then
+ return
+ fi
+ # Reinitialize config
+ sed -i "s/log_timezone =.*$//g" $PGDATA/postgresql.conf
+ sed -i "s/timezone =.*$//g" $PGDATA/postgresql.conf
+ sed -i "s/wal_level =.*$//g" $config_file
+ sed -i "s/archive_mode =.*$//g" $config_file
+ sed -i "s/archive_timeout =.*$//g" $config_file
+ sed -i "s/archive_command =.*$//g" $config_file
+
+ # Configure wal-e
+ if [ "$wal" = true ] ; then
+ /docker-entrypoint-initdb.d/setup-wale.sh
+ fi
+ echo "log_timezone = $DEFAULT_TIMEZONE" >> $config_file
+ echo "timezone = $DEFAULT_TIMEZONE" >> $config_file
}
-if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
+if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
fi
-if [ "$1" = 'postgres' ]; then
- VARS=(AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY WALE_S3_PREFIX AWS_REGION)
-
- for v in ${VARS[@]}; do
- if [ "${!v}" = "" ]; then
- echo "$v is required for Wal-E but not set. Skipping Wal-E setup."
- update_conf
- # Run the postgresql entrypoint
- . /docker-entrypoint.sh
- exit
- fi
- done
-
- umask u=rwx,g=rx,o=
- mkdir -p /etc/wal-e.d/env
+if [ "$1" = 'postgres' ]; then
+ # Check wal-e variables
+ wal_enable=true
+ VARS=(AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY WALE_S3_PREFIX AWS_REGION)
+ for v in ${VARS[@]}; do
+ if [ "${!v}" = "" ]; then
+ echo "$v is required for Wal-E but not set. Skipping Wal-E setup."
+ wal_enable=false
+ fi
+ done
+ # Setup wal-e env variables
+ if [ "$wal_enable" = true ] ; then
for v in ${VARS[@]}; do
- echo "${!v}" > /etc/wal-e.d/env/$v
+ export $v="${!v}"
done
- chown -R root:postgres /etc/wal-e.d
-
WAL_LEVEL=archive
ARCHIVE_MODE=on
+ fi
+
+ # Update postgresql configuration
+ update_conf $wal_enable
- update_conf
- # Run the postgresql entrypoint
- . /docker-entrypoint.sh
+ # Run the postgresql entrypoint
+ . /docker-entrypoint.sh
fi
diff --git a/mattermost/db/setup-wale.sh b/mattermost/db/setup-wale.sh
index 2cbe9fed33a8b4166604aede4b9e0f7684c43265..cf34ea584518b40940257d56b5f53872a4ffa36f 100755
--- a/mattermost/db/setup-wale.sh
+++ b/mattermost/db/setup-wale.sh
@@ -1,7 +1,7 @@
#!/bin/bash
-# wal-e specific
+# wal-e specific configuration
echo "wal_level = $WAL_LEVEL" >> $PGDATA/postgresql.conf
echo "archive_mode = $ARCHIVE_MODE" >> $PGDATA/postgresql.conf
-echo "archive_command = 'envdir /etc/wal-e.d/env /usr/local/bin/wal-e wal-push %p'" >> $PGDATA/postgresql.conf
+echo "archive_command = '/usr/bin/wal-e wal-push %p'" >> $PGDATA/postgresql.conf
echo "archive_timeout = $ARCHIVE_TIMEOUT" >> $PGDATA/postgresql.conf
diff --git a/mattermost/web/mattermost-ssl b/mattermost/web/mattermost-ssl
index 1bd5fea454e141c5f4bb99d4ee807a5538772545..89d48aabcf9cae8128a5e017af95a688673ee28b 100644
--- a/mattermost/web/mattermost-ssl
+++ b/mattermost/web/mattermost-ssl
@@ -55,4 +55,4 @@ server {
}
}
-# See https://github.com/mattermost/docs/blob/master/source/install/prod-ubuntu.rst for the SSL configuration
+# See https://docs.mattermost.com/install/install-ubuntu-1604.html#configuring-nginx-with-ssl-and-http-2 for the SSL configuration
diff --git a/pica-bot/picasoft/plugins/discussion.py b/pica-bot/picasoft/plugins/discussion.py
index 3eed90533317f35200eec3f87ffc047d2ba402c5..d585d09c27331f4e8936200ae57dc9264b368974 100644
--- a/pica-bot/picasoft/plugins/discussion.py
+++ b/pica-bot/picasoft/plugins/discussion.py
@@ -18,8 +18,8 @@ def thanks_comment(message):
message.comment('No problemo :relaxed:')
-@respond_to('help|aide|man')
-@listen_to('help|aide|man')
+@respond_to('help|aide|^man$')
+@listen_to('help|aide|^man$')
def help(message):
message.comment('Salut je suis le bot de Picasoft\nPour le moment, je sais réduire des liens avec la commande `\link <url> [<affichage>]`')