From 2bd2249e6921066ed09ea9fee7c4a219429fc6cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?PICHOU=20Ky=C3=A2ne?= <kyane.pichou@etu.utc.fr>
Date: Wed, 28 Mar 2018 22:39:06 +0200
Subject: [PATCH] Upgrade mattermost to 4.8.0
---
mattermost/MAINTENANCE.md | 6 +-
mattermost/README.md | 2 +-
mattermost/app/Dockerfile | 24 +--
mattermost/app/entrypoint.sh | 6 +-
.../kubernetes/mattermost.deployment.yaml | 2 +-
mattermost/contrib/swarm/docker-stack.yml | 165 ++++++++++--------
mattermost/db/Dockerfile | 25 ++-
mattermost/db/entrypoint.sh | 85 +++++----
mattermost/db/setup-wale.sh | 4 +-
mattermost/web/mattermost-ssl | 2 +-
pica-bot/picasoft/plugins/discussion.py | 4 +-
11 files changed, 180 insertions(+), 145 deletions(-)
diff --git a/mattermost/MAINTENANCE.md b/mattermost/MAINTENANCE.md
index b6d7ac2b..3de6d033 100644
--- a/mattermost/MAINTENANCE.md
+++ b/mattermost/MAINTENANCE.md
@@ -43,15 +43,11 @@ The following steps should be completed by a new maintainer
When receive a mailing list email about a new security update or major version of Mattermost being released, update the version number of this project by doing the following:
-1) In the **master branch**
+In the **master branch**
- Change the [version number](https://github.com/mattermost/mattermost-docker/blob/master/app/Dockerfile#L6) to the latest release
- Tag the repo
-2) In the **team-and-enterprise branch**
-
-- Change the [version number](https://github.com/mattermost/mattermost-docker/blob/team-and-enterprise/app/Dockerfile#L6) to the latest release
-
### Issue and Pull Request Review
Maintainer(s) should periodically review pull requests and issues submitted to provide feedback and to merge pull request changes when the maintainer feels the change would be appropriate.
diff --git a/mattermost/README.md b/mattermost/README.md
index be33e8eb..7368dc8d 100644
--- a/mattermost/README.md
+++ b/mattermost/README.md
@@ -175,4 +175,4 @@ For the server configurations, see [prod-ubuntu.rst] of Mattermost.
[docker]: http://docs.docker.com/engine/installation/
[docker-compose]: https://docs.docker.com/compose/install/
-[prod-ubuntu.rst]: https://docs.mattermost.com/install/install-ubuntu-1404.html
+[prod-ubuntu.rst]: https://docs.mattermost.com/install/install-ubuntu-1604.html
diff --git a/mattermost/app/Dockerfile b/mattermost/app/Dockerfile
index c6312d7e..4746d76f 100644
--- a/mattermost/app/Dockerfile
+++ b/mattermost/app/Dockerfile
@@ -1,20 +1,24 @@
-FROM ubuntu:16.04
+FROM alpine:3.6
# Some ENV variables
ENV PATH="/mattermost/bin:${PATH}"
-ENV MM_VERSION=4.5.0
+ENV MM_VERSION=4.8.0
# Build argument to set Mattermost edition
ARG edition=enterprise
# Install some needed packages
-RUN apt-get update \
- && apt-get -y --no-install-recommends install \
- curl \
- jq \
- netcat \
- ca-certificates \
- && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin
+RUN apk add --no-cache \
+ ca-certificates \
+ curl \
+ jq \
+ libc6-compat \
+ libffi-dev \
+ linux-headers \
+ mailcap \
+ netcat-openbsd \
+ xmlsec-dev \
+ && rm -rf /tmp/*
# Get Mattermost
RUN mkdir -p /mattermost/data \
@@ -26,7 +30,7 @@ RUN mkdir -p /mattermost/data \
# Configure entrypoint and command
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
-WORKDIR /mattermost/bin
+WORKDIR /mattermost
CMD ["platform"]
# Expose port 80 of the container
diff --git a/mattermost/app/entrypoint.sh b/mattermost/app/entrypoint.sh
index ccb17bd9..293055c8 100755
--- a/mattermost/app/entrypoint.sh
+++ b/mattermost/app/entrypoint.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
# Function to generate a random salt
generate_salt() {
@@ -58,7 +58,9 @@ if [ "$1" = 'platform' ]; then
if [ -z "$MM_SQLSETTINGS_DATASOURCE" ]
then
echo -ne "Configure database connection..."
- export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$MM_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=disable&connect_timeout=10"
+ # URLEncode the password, allowing for special characters
+ ENCODED_PASSWORD=$(printf %s $MM_PASSWORD | jq -s -R -r @uri)
+ export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$ENCODED_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=disable&connect_timeout=10"
echo OK
else
echo "Using existing database connection"
diff --git a/mattermost/contrib/kubernetes/mattermost.deployment.yaml b/mattermost/contrib/kubernetes/mattermost.deployment.yaml
index 3ecdc5ad..7fc93842 100644
--- a/mattermost/contrib/kubernetes/mattermost.deployment.yaml
+++ b/mattermost/contrib/kubernetes/mattermost.deployment.yaml
@@ -17,7 +17,7 @@ spec:
spec:
containers:
- name: mattermost-app
- image: "mattermost/mattermost-prod-app:3"
+ image: "mattermost/mattermost-prod-app:4.7.0"
env:
- name: DB_HOST
valueFrom:
diff --git a/mattermost/contrib/swarm/docker-stack.yml b/mattermost/contrib/swarm/docker-stack.yml
index affbbf2c..883c3388 100644
--- a/mattermost/contrib/swarm/docker-stack.yml
+++ b/mattermost/contrib/swarm/docker-stack.yml
@@ -1,78 +1,107 @@
-# This file allow you to run mattermost within your docker swarm mode cluster
+# This file allows you to run mattermost within your docker swarm mode cluster
# for more informations check: https://docs.docker.com/engine/swarm/
#
+# Simply run:
+#
+# `docker stack up [STACK NAME] -c docker-stack.yml`
+#
+# In this case `mm` is going to be stack name, so the command will be:
+#
+# `docker stack up mm -c docker-stack.yml`
+#
+# From now on all the services that belong to this stack will be prefixed with `mm_`
+# this file defines 3 services, these are going to be mm_db, mm_app and mm_web,
+# each of these names is the service's hostname as well, they can communicate
+# with each other easily by using the hostname instead of the ip or exposing ports to the host.
+#
+# As a side note, images tagged as latest are pulled by default,
+# that means there's no need to use `image:latest`
+#
# use latest compose v3.3 file format for optimal compatibility with latest docker release and swarm features.
# see https://docs.docker.com/compose/compose-file/compose-versioning/#version-3
# and https://docs.docker.com/compose/compose-file/compose-versioning/#version-33
# and https://docs.docker.com/compose/compose-file/compose-versioning/#upgrading
version: '3.3'
-
-services:
- db:
- # use official mattermost prod-db image
- image: mattermost/mattermost-prod-db:latest
- ports:
- - "5432"
- networks:
- - mm-network
- volumes:
- # use a named-volume for data persistency
- - mm-dbdata:/var/lib/postgresql/data
- - /etc/localtime:/etc/localtime:ro
- environment:
- POSTGRES_USER: mmuser
- POSTGRES_PASSWORD: mmuser_password
- POSTGRES_DB: mattermost
- # uncomment the following to enable backup
- # AWS_ACCESS_KEY_ID=XXXX
- # AWS_SECRET_ACCESS_KEY=XXXX
- # WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
- # AWS_REGION=us-east-1
- deploy:
- restart_policy:
- condition: on-failure
- app:
- # use official mattermost prod-app image
- image: mattermost/mattermost-prod-app:latest
- ports:
- - "8065"
- networks:
- - mm-network
- volumes:
- - /var/lib/mattermost/config:/mattermost/config:rw
- - /var/lib/mattermost/data:/mattermost/data:rw
- - /var/lib/mattermost/logs:/mattermost/logs:rw
- - /etc/localtime:/etc/localtime:ro
- environment:
- DB_HOST: db
- DB_PORT_NUMBER: 5432
- MM_USERNAME: mmuser
- MM_PASSWORD: mmuser_password
- MM_DBNAME: mattermost
- # in case your config is not in default location
- # MM_CONFIG=/mattermost/config/config.json
- deploy:
- restart_policy:
- condition: on-failure
- web:
- # use official mattermost prod-web image
- image: mattermost/mattermost-prod-web:latest
- ports:
- - "80:80"
- - "443:443"
- networks:
- - mm-network
- volumes:
- # This directory must have cert files
- - /var/lib/mattermost/cert:/cert:ro
- - /etc/localtime:/etc/localtime:ro
- deploy:
- restart_policy:
- condition: on-failure
-
networks:
- mm-network:
-
+ # network for App <-> DB transactions
+ mm-in:
+ driver: overlay
+ internal: true
+ # this network faces the outside world
+ mm-out:
+ driver: overlay
+ internal: false
volumes:
- mm-dbdata:
+ mm-dbdata:
+services:
+ db:
+ # use official mattermost prod-db image
+ image: mattermost/mattermost-prod-db
+ networks:
+ - mm-in
+ volumes:
+ # use a named-volume for data persistency
+ - mm-dbdata:/var/lib/postgresql/data
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ - POSTGRES_USER=mmuser
+ - POSTGRES_PASSWORD=mmuser_password
+ - POSTGRES_DB=mattermost
+ # uncomment the following to enable backup
+ # - AWS_ACCESS_KEY_ID=XXXX
+ # - AWS_SECRET_ACCESS_KEY=XXXX
+ # - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
+ # - AWS_REGION=us-east-1
+ deploy:
+ restart_policy:
+ condition: on-failure
+ app:
+ # use official mattermost prod-app image
+ image: mattermost/mattermost-prod-app
+ networks:
+ - mm-in
+ - mm-out
+ volumes:
+ - /var/lib/mattermost/config:/mattermost/config:rw
+ - /var/lib/mattermost/data:/mattermost/data:rw
+ - /var/lib/mattermost/logs:/mattermost/logs:rw
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ # use service's hostname
+ - DB_HOST=mm_db
+ # talk to the port within the overlay network
+ # without (over)exposing ports
+ - DB_PORT_NUMBER=5432
+ - MM_USERNAME=mmuser
+ - MM_PASSWORD=mmuser_password
+ - MM_DBNAME=mattermost
+ # pass the edition to be used, default is enterprise
+ # setting this env var will make the app use the team edition
+ - edition=team
+ # in case your config is not in default location
+ # - MM_CONFIG=/mattermost/config/config.json
+ deploy:
+ restart_policy:
+ condition: on-failure
+ web:
+ # use official mattermost prod-web image
+ image: mattermost/mattermost-prod-web
+ ports:
+ - "80:80"
+ - "443:443"
+ networks:
+ - mm-out
+ volumes:
+ # This directory must have cert files
+ - /var/lib/mattermost/cert:/cert:ro
+ - /etc/localtime:/etc/localtime:ro
+ environment:
+ # use app service's hostname
+ - APP_HOST=mm_app
+ # talk to the port within the overlay network
+ # without (over)exposing ports
+ - APP_PORT_NUMBER=80
+ deploy:
+ restart_policy:
+ condition: on-failure
\ No newline at end of file
diff --git a/mattermost/db/Dockerfile b/mattermost/db/Dockerfile
index 4ed32214..a3e16300 100644
--- a/mattermost/db/Dockerfile
+++ b/mattermost/db/Dockerfile
@@ -1,24 +1,19 @@
-FROM postgres:9.4
+FROM postgres:9.4-alpine
+
+ENV DEFAULT_TIMEZONE UTC
# Install some packages to use WAL
-RUN apt-get update \
- && apt-get install -y \
- build-essential \
+RUN apk add --no-cache \
+ build-base \
curl \
- daemontools \
+ libc6-compat \
libffi-dev \
- libssl-dev \
- lzop \
- pv \
+ linux-headers \
python-dev \
+ py-cryptography \
&& curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python \
- && pip install 'wal-e<1.0.0' \
- && apt-get remove -y \
- build-essential \
- python-dev \
- && apt-get autoremove -y \
- && apt-get clean \
- && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin /tmp/* /var/tmp/*
+ && pip --no-cache-dir install 'wal-e<1.0.0' envdir \
+ && rm -rf /var/cache/apk/* /tmp/* /var/tmp/*
# Add wale script
COPY setup-wale.sh /docker-entrypoint-initdb.d/
diff --git a/mattermost/db/entrypoint.sh b/mattermost/db/entrypoint.sh
index a134f0e0..5d4dd349 100755
--- a/mattermost/db/entrypoint.sh
+++ b/mattermost/db/entrypoint.sh
@@ -1,53 +1,62 @@
#!/bin/bash
-# if wal backup is not enabled, use minimal wal logging to reduce disk space
-: ${WAL_LEVEL:=minimal}
-: ${ARCHIVE_MODE:=off}
-: ${ARCHIVE_TIMEOUT:=60}
-
-export WAL_LEVEL
-export ARCHIVE_MODE
-export ARCHIVE_TIMEOUT
-
-# PGDATA is defined in upstream postgres dockerfile
+# if wal-e backup is not enabled, use minimal wal-e logging to reduce disk space
+export WAL_LEVEL=${WAL_LEVEL:-minimal}
+export ARCHIVE_MODE=${ARCHIVE_MODE:-off}
+export ARCHIVE_TIMEOUT=${ARCHIVE_TIMEOUT:-60}
function update_conf () {
- if [ -f $PGDATA/postgresql.conf ]; then
- sed -i "s/wal_level =.*$/wal_level = $WAL_LEVEL/g" $PGDATA/postgresql.conf
- sed -i "s/archive_mode =.*$/archive_mode = $ARCHIVE_MODE/g" $PGDATA/postgresql.conf
- sed -i "s/archive_timeout =.*$/archive_timeout = $ARCHIVE_TIMEOUT/g" $PGDATA/postgresql.conf
- fi
+ wal=$1
+ # PGDATA is defined in upstream postgres dockerfile
+ config_file=$PGDATA/postgresql.conf
+
+ # Check if configuration file exists. If not, it probably means that database is not initialized yet
+ if [ ! -f $config_file ]; then
+ return
+ fi
+ # Reinitialize config
+ sed -i "s/log_timezone =.*$//g" $PGDATA/postgresql.conf
+ sed -i "s/timezone =.*$//g" $PGDATA/postgresql.conf
+ sed -i "s/wal_level =.*$//g" $config_file
+ sed -i "s/archive_mode =.*$//g" $config_file
+ sed -i "s/archive_timeout =.*$//g" $config_file
+ sed -i "s/archive_command =.*$//g" $config_file
+
+ # Configure wal-e
+ if [ "$wal" = true ] ; then
+ /docker-entrypoint-initdb.d/setup-wale.sh
+ fi
+ echo "log_timezone = $DEFAULT_TIMEZONE" >> $config_file
+ echo "timezone = $DEFAULT_TIMEZONE" >> $config_file
}
-if [ "${1:0:1}" = '-' ]; then
- set -- postgres "$@"
+if [ "${1:0:1}" = '-' ]; then
+ set -- postgres "$@"
fi
-if [ "$1" = 'postgres' ]; then
- VARS=(AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY WALE_S3_PREFIX AWS_REGION)
-
- for v in ${VARS[@]}; do
- if [ "${!v}" = "" ]; then
- echo "$v is required for Wal-E but not set. Skipping Wal-E setup."
- update_conf
- # Run the postgresql entrypoint
- . /docker-entrypoint.sh
- exit
- fi
- done
-
- umask u=rwx,g=rx,o=
- mkdir -p /etc/wal-e.d/env
+if [ "$1" = 'postgres' ]; then
+ # Check wal-e variables
+ wal_enable=true
+ VARS=(AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY WALE_S3_PREFIX AWS_REGION)
+ for v in ${VARS[@]}; do
+ if [ "${!v}" = "" ]; then
+ echo "$v is required for Wal-E but not set. Skipping Wal-E setup."
+ wal_enable=false
+ fi
+ done
+ # Setup wal-e env variables
+ if [ "$wal_enable" = true ] ; then
for v in ${VARS[@]}; do
- echo "${!v}" > /etc/wal-e.d/env/$v
+ export $v="${!v}"
done
- chown -R root:postgres /etc/wal-e.d
-
WAL_LEVEL=archive
ARCHIVE_MODE=on
+ fi
+
+ # Update postgresql configuration
+ update_conf $wal_enable
- update_conf
- # Run the postgresql entrypoint
- . /docker-entrypoint.sh
+ # Run the postgresql entrypoint
+ . /docker-entrypoint.sh
fi
diff --git a/mattermost/db/setup-wale.sh b/mattermost/db/setup-wale.sh
index 2cbe9fed..cf34ea58 100755
--- a/mattermost/db/setup-wale.sh
+++ b/mattermost/db/setup-wale.sh
@@ -1,7 +1,7 @@
#!/bin/bash
-# wal-e specific
+# wal-e specific configuration
echo "wal_level = $WAL_LEVEL" >> $PGDATA/postgresql.conf
echo "archive_mode = $ARCHIVE_MODE" >> $PGDATA/postgresql.conf
-echo "archive_command = 'envdir /etc/wal-e.d/env /usr/local/bin/wal-e wal-push %p'" >> $PGDATA/postgresql.conf
+echo "archive_command = '/usr/bin/wal-e wal-push %p'" >> $PGDATA/postgresql.conf
echo "archive_timeout = $ARCHIVE_TIMEOUT" >> $PGDATA/postgresql.conf
diff --git a/mattermost/web/mattermost-ssl b/mattermost/web/mattermost-ssl
index 1bd5fea4..89d48aab 100644
--- a/mattermost/web/mattermost-ssl
+++ b/mattermost/web/mattermost-ssl
@@ -55,4 +55,4 @@ server {
}
}
-# See https://github.com/mattermost/docs/blob/master/source/install/prod-ubuntu.rst for the SSL configuration
+# See https://docs.mattermost.com/install/install-ubuntu-1604.html#configuring-nginx-with-ssl-and-http-2 for the SSL configuration
diff --git a/pica-bot/picasoft/plugins/discussion.py b/pica-bot/picasoft/plugins/discussion.py
index 3eed9053..d585d09c 100644
--- a/pica-bot/picasoft/plugins/discussion.py
+++ b/pica-bot/picasoft/plugins/discussion.py
@@ -18,8 +18,8 @@ def thanks_comment(message):
message.comment('No problemo :relaxed:')
-@respond_to('help|aide|man')
-@listen_to('help|aide|man')
+@respond_to('help|aide|^man$')
+@listen_to('help|aide|^man$')
def help(message):
message.comment('Salut je suis le bot de Picasoft\nPour le moment, je sais réduire des liens avec la commande `\link <url> [<affichage>]`')
--
GitLab