Commit 8cb8750c authored by PICHOU Kyâne's avatar PICHOU Kyâne Committed by PICHOU Kyâne
Browse files

Update mattermost

parent cc9b10fc
......@@ -16,17 +16,19 @@ The following instructions deploy Mattermost in a production configuration using
### Requirements
* [docker]
* [docker-compose]
* [docker] (version `1.10.0+`)
* [docker-compose] (version `1.6.0+` to support Compose file version `2.0`)
### Choose Edition to Install
If you want to install Enterprise Edition, you can skip this section.
To install the Team Edition, comment out the following line in docker-compose.yaml file:
```
dockerfile: Dockerfile-enterprise
To install the team edition, comment out the two following lines in docker-compose.yaml file:
```yaml
args:
- edition=team
```
The `app` Dockerfile will read the `edition` build argument to install Team (`edition = 'team'`) or Entreprise (`edition != team`) edition.
### Database container
This repository offer a Docker image for the Mattermost database. It is a customized PostgreSQL image that you should configure with following environment variables :
......@@ -34,6 +36,8 @@ This repository offer a Docker image for the Mattermost database. It is a custom
* `POSTGRES_PASSWORD`: database password
* `POSTGRES_DB`: database name
It is possible to use your own PostgreSQL database, or even use MySQL. But you will need to ensure that Application container can connect to the database (see [Application container](#application-container))
#### AWS
If deploying to AWS, you could also set following variables to enable [Wal-E](https://github.com/wal-e/wal-e) backup to S3 :
* `AWS_ACCESS_KEY_ID`: AWS access key
......@@ -63,8 +67,11 @@ If your database use some custom host and port, it is also possible to configure
If you use a Mattermost configuration file on a different location than the default one (`/mattermost/config/config.json`) :
* `MM_CONFIG`: configuration file location inside the container.
If you choose to use MySQL instead of PostgreSQL, you should set a different datasource :
* `MM_SQLSETTINGS_DATASOURCE` : `"$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT_NUMBER)/$MM_DBNAME?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"`
If you choose to use MySQL instead of PostgreSQL, you should set a different datasource and SQL driver :
* `DB_PORT_NUMBER` : `3306`
* `MM_SQLSETTINGS_DRIVERNAME` : `mysql`
* `MM_SQLSETTINGS_DATASOURCE` : `MM_USERNAME:MM_PASSWORD@tcp(DB_HOST:DB_PORT_NUMBER)/MM_DBNAME?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"`
Don't forget to replace all entries (beginning by `MM_` and `DB_`) in `MM_SQLSETTINGS_DATASOURCE` with the real variables values.
### Web server container
This image is optional, you should not use it you have your own reverse-proxy. It is a simple front Web server for the Mattermost app container.
......@@ -132,6 +139,27 @@ docker-compose up -d
```
See the [offical Upgrade Guide](http://docs.mattermost.com/administration/upgrade.html) for more details.
## Installation using Docker Swarm Mode
The following instructions deploy Mattermost in a production configuration using docker swarm mode on one node.
Running containerized applications on multi-node swarms involves specific data portability and replication handling that are not covered here.
### Requirements
* [docker] (1.12.0+)
### Swarm Mode Installation
First, create mattermost directory structure on the docker hosts:
```
mkdir -p /var/lib/mattermost/{cert,config,data,logs}
```
Then, fire up the stack in your swarm:
```
docker stack deploy -c contrib/swarm/docker-stack.yml mattermost
```
## Known Issues
* Do not modify the Listen Address in Service Settings.
......
......@@ -2,7 +2,10 @@ FROM ubuntu:14.04
# Some ENV variables
ENV PATH="/mattermost/bin:${PATH}"
ENV MM_VERSION=4.2.0
ENV MM_VERSION=4.3.0
# Build argument to set Mattermost edition
ARG edition=entreprise
# Install some needed packages
RUN apt-get update \
......@@ -10,23 +13,23 @@ RUN apt-get update \
curl \
jq \
netcat \
&& rm -rf /var/lib/apt/lists/*
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin
# Prepare Mattermost
# Get Mattermost
RUN mkdir -p /mattermost/data \
&& curl https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz | tar -xvz \
&& if [ "$edition" = "team" ] ; then curl https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz | tar -xvz ; \
else curl https://releases.mattermost.com/$MM_VERSION/mattermost-$MM_VERSION-linux-amd64.tar.gz | tar -xvz ; fi \
&& cp /mattermost/config/config.json /config.json.save \
&& rm -rf /mattermost/config/config.json
# Configure entrypoint
COPY docker-entry.sh /
# Set permission (TODO should be removed and replace by a chmod on the file in the repository ?)
RUN chmod +x /docker-entry.sh
ENTRYPOINT ["/docker-entry.sh"]
# Configure entrypoint and command
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
WORKDIR /mattermost/bin
CMD ["platform"]
# Expose port 80 of the container
EXPOSE 80
# Use a volume for the data directory
VOLUME /mattermost/data
WORKDIR /mattermost/bin
CMD ["platform"]
FROM ubuntu:14.04
# Some ENV variables
ENV PATH="/mattermost/bin:${PATH}"
ENV MM_VERSION=4.2.0
# Install some needed packages
RUN apt-get update \
&& apt-get -y install \
curl \
jq \
netcat \
&& rm -rf /var/lib/apt/lists/*
# Prepare Mattermost
RUN mkdir -p /mattermost/data \
&& curl https://releases.mattermost.com/$MM_VERSION/mattermost-$MM_VERSION-linux-amd64.tar.gz | tar -xvz \
&& cp /mattermost/config/config.json /config.json.save \
&& rm -rf /mattermost/config/config.json
# Configure entrypoint
COPY docker-entry.sh /
# Set permission (TODO should be removed and replace by a chmod on the file in the repository ?)
RUN chmod +x /docker-entry.sh
ENTRYPOINT ["/docker-entry.sh"]
EXPOSE 80
VOLUME /mattermost/data
WORKDIR /mattermost/bin
CMD ["platform"]
#!/bin/bash
generate_salt() {
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 48 | head -n 1
}
DB_HOST=${DB_HOST:-db}
DB_PORT_NUMBER=${DB_PORT_NUMBER:-5432}
MM_USERNAME=${MM_USERNAME:-mmuser}
MM_PASSWORD=${MM_PASSWORD:-mmuser_password}
MM_DBNAME=${MM_DBNAME:-mattermost}
MM_CONFIG=${MM_CONFIG:-/mattermost/config/config.json}
if [ "${1:0:1}" = '-' ]; then
set -- platform "$@"
fi
if [ "$1" = 'platform' ]; then
for ARG in $@;
do
case "$ARG" in
-config=*)
MM_CONFIG=${ARG#*=};;
esac
done
if [ ! -f $MM_CONFIG ]
then
echo "No configuration file" $MM_CONFIG
echo "Creating a new one"
# Copy default configuration file
cp /config.json.save $MM_CONFIG
# Substitue some parameters with jq
jq '.ServiceSettings.ListenAddress = ":80"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.LogSettings.EnableConsole = false' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.LogSettings.ConsoleLevel = "INFO"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.Directory = "/mattermost/data/"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.EnablePublicLink = true' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.PublicLinkSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SendEmailNotifications = false' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.FeedbackEmail = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SMTPServer = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SMTPPort = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.InviteSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.PasswordResetSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.RateLimitSettings.Enable = true' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.SqlSettings.DriverName = "postgres"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.SqlSettings.AtRestEncryptKey = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
else
echo "Using existing config file" $MM_CONFIG
fi
if [ -z "$MM_SQLSETTINGS_DATASOURCE"]
then
echo -ne "Configure database connection..."
export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$MM_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=disable&connect_timeout=10"
echo OK
else
echo "Using existing database connection"
fi
echo "Wait until database $DB_HOST:$DB_PORT_NUMBER is ready..."
until nc -z $DB_HOST $DB_PORT_NUMBER
do
sleep 1
done
# Wait to avoid "panic: Failed to open sql connection pq: the database system is starting up"
sleep 1
echo "Starting platform"
fi
exec "$@"
#!/bin/bash
# Function to generate a random salt
generate_salt() {
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 48 | head -n 1
}
# Read environment variables or set default values
DB_HOST=${DB_HOST:-db}
DB_PORT_NUMBER=${DB_PORT_NUMBER:-5432}
MM_USERNAME=${MM_USERNAME:-mmuser}
MM_PASSWORD=${MM_PASSWORD:-mmuser_password}
MM_DBNAME=${MM_DBNAME:-mattermost}
MM_CONFIG=${MM_CONFIG:-/mattermost/config/config.json}
if [ "${1:0:1}" = '-' ]; then
set -- platform "$@"
fi
if [ "$1" = 'platform' ]; then
# Check CLI args for a -config option
for ARG in $@;
do
case "$ARG" in
-config=*)
MM_CONFIG=${ARG#*=};;
esac
done
if [ ! -f $MM_CONFIG ]
then
# If there is no configuration file, create it with some default values
echo "No configuration file" $MM_CONFIG
echo "Creating a new one"
# Copy default configuration file
cp /config.json.save $MM_CONFIG
# Substitue some parameters with jq
jq '.ServiceSettings.ListenAddress = ":80"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.LogSettings.EnableConsole = false' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.LogSettings.ConsoleLevel = "INFO"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.Directory = "/mattermost/data/"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.EnablePublicLink = true' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.PublicLinkSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SendEmailNotifications = false' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.FeedbackEmail = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SMTPServer = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SMTPPort = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.InviteSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.PasswordResetSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.RateLimitSettings.Enable = true' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.SqlSettings.DriverName = "postgres"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.SqlSettings.AtRestEncryptKey = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
else
echo "Using existing config file" $MM_CONFIG
fi
# Configure database access
if [ -z "$MM_SQLSETTINGS_DATASOURCE" ]
then
echo -ne "Configure database connection..."
export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$MM_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=disable&connect_timeout=10"
echo OK
else
echo "Using existing database connection"
fi
# Wait for database to be reachable
echo "Wait until database $DB_HOST:$DB_PORT_NUMBER is ready..."
until nc -z $DB_HOST $DB_PORT_NUMBER
do
sleep 1
done
# Wait another second for the database to be properly started.
# Necessary to avoid "panic: Failed to open sql connection pq: the database system is starting up"
sleep 1
echo "Starting platform"
fi
exec "$@"
# This file allow you to run mattermost within your docker swarm mode cluster
# for more informations check: https://docs.docker.com/engine/swarm/
#
# use latest compose v3.3 file format for optimal compatibility with latest docker release and swarm features.
# see https://docs.docker.com/compose/compose-file/compose-versioning/#version-3
# and https://docs.docker.com/compose/compose-file/compose-versioning/#version-33
# and https://docs.docker.com/compose/compose-file/compose-versioning/#upgrading
version: '3.3'
services:
db:
# use official mattermost prod-db image
image: mattermost/mattermost-prod-db:latest
ports:
- "5432"
networks:
- mm-network
volumes:
# use a named-volume for data persistency
- mm-dbdata:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
POSTGRES_USER: mmuser
POSTGRES_PASSWORD: mmuser_password
POSTGRES_DB: mattermost
# uncomment the following to enable backup
# AWS_ACCESS_KEY_ID=XXXX
# AWS_SECRET_ACCESS_KEY=XXXX
# WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
# AWS_REGION=us-east-1
deploy:
restart_policy:
condition: on-failure
app:
# use official mattermost prod-app image
image: mattermost/mattermost-prod-app:latest
ports:
- "8065"
networks:
- mm-network
volumes:
- /var/lib/mattermost/config:/mattermost/config:rw
- /var/lib/mattermost/data:/mattermost/data:rw
- /var/lib/mattermost/logs:/mattermost/logs:rw
- /etc/localtime:/etc/localtime:ro
environment:
DB_HOST: db
DB_PORT_NUMBER: 5432
MM_USERNAME: mmuser
MM_PASSWORD: mmuser_password
MM_DBNAME: mattermost
# in case your config is not in default location
# MM_CONFIG=/mattermost/config/config.json
deploy:
restart_policy:
condition: on-failure
web:
# use official mattermost prod-web image
image: mattermost/mattermost-prod-web:latest
ports:
- "80:80"
- "443:443"
networks:
- mm-network
volumes:
# This directory must have cert files
- /var/lib/mattermost/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
deploy:
restart_policy:
condition: on-failure
networks:
mm-network:
volumes:
mm-dbdata:
FROM postgres:9.4
# Install some packages to use WAL
RUN apt-get update \
&& apt-get install -y python-dev libffi-dev libssl-dev lzop pv daemontools curl build-essential \
&& apt-get install -y \
build-essential \
curl \
daemontools \
libffi-dev \
libssl-dev \
lzop \
pv \
python-dev \
&& curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python \
&& pip install 'wal-e<1.0.0' \
&& apt-get remove -y build-essential python-dev \
&& apt-get remove -y \
build-essential \
python-dev \
&& apt-get autoremove -y \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin /tmp/* /var/tmp/*
# Add wale script
COPY setup-wale.sh /docker-entrypoint-initdb.d/
COPY docker-entrypoint1.sh /
RUN chmod +x /docker-entrypoint1.sh
ENTRYPOINT ["/docker-entrypoint1.sh"]
# Add and configure entrypoint and command
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
CMD ["postgres"]
......@@ -30,6 +30,7 @@ if [ "$1" = 'postgres' ]; then
if [ "${!v}" = "" ]; then
echo "$v is required for Wal-E but not set. Skipping Wal-E setup."
update_conf
# Run the postgresql entrypoint
. /docker-entrypoint.sh
exit
fi
......@@ -47,5 +48,6 @@ if [ "$1" = 'postgres' ]; then
ARCHIVE_MODE=on
update_conf
# Run the postgresql entrypoint
. /docker-entrypoint.sh
fi
......@@ -5,7 +5,3 @@ echo "wal_level = $WAL_LEVEL" >> $PGDATA/postgresql.conf
echo "archive_mode = $ARCHIVE_MODE" >> $PGDATA/postgresql.conf
echo "archive_command = 'envdir /etc/wal-e.d/env /usr/local/bin/wal-e wal-push %p'" >> $PGDATA/postgresql.conf
echo "archive_timeout = $ARCHIVE_TIMEOUT" >> $PGDATA/postgresql.conf
# no cron in the image, use systemd timer on host instead
#su - postgres -c "crontab -l | { cat; echo \"0 3 * * * /usr/bin/envdir /etc/wal-e.d/env /usr/local/bin/wal-e backup-push /var/lib/postgresql/data\"; } | crontab -"
#su - postgres -c "crontab -l | { cat; echo \"0 4 * * * /usr/bin/envdir /etc/wal-e.d/env /usr/local/bin/wal-e delete --confirm retain 7\"; } | crontab -"
......@@ -21,8 +21,9 @@ services:
app:
build:
context: app
# comment out for team edition
#dockerfile: Dockerfile-enterprise
# comment out 2 following lines for team edition
args:
- edition=team
restart: unless-stopped
volumes:
- ./volumes/app/mattermost/config:/mattermost/config:rw
......@@ -49,5 +50,8 @@ services:
# This directory must have cert files
- ./volumes/web/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
# Uncomment for SSL
# environment:
# - MATTERMOST_ENABLE_SSL=true
links:
- app:app
FROM nginx:mainline
# Remove default configuration and add our custom Nginx configuration files
RUN rm /etc/nginx/conf.d/default.conf
COPY ./mattermost /etc/nginx/sites-available/
COPY ./mattermost-ssl /etc/nginx/sites-available/
COPY docker-entry.sh /
RUN chmod +x /docker-entry.sh
ENTRYPOINT /docker-entry.sh
# Add and setup entrypoint
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment