Commit ac82198b authored by PICHOU Kyâne's avatar PICHOU Kyâne Committed by PICHOU Kyâne
Browse files

New mattermost versions

parent 303987b8
......@@ -19,6 +19,7 @@ The following people help to maintain this open source project:
| Current Maintainer(s) | Start Date |
|:-----------------------|:--------------|
| Pan Luo - @xcompass | Nov 30 2015 |
| Kyâne Pichou - @pichouk| Jun 01 2017 |
In case something happens where no maintainers are able to complete their responsibilies, the following sponsoring organization can help find a new maintainer:
......
......@@ -5,8 +5,9 @@ This project enables deployment of a Mattermost server in a multi-node productio
[![Build Status](https://travis-ci.org/mattermost/mattermost-docker.svg?branch=master)](https://travis-ci.org/mattermost/mattermost-docker)
Notes:
- The default Mattermost edition for this repo has changed from team edition to enterprise edition. Please see [Choose Edition](#choose-edition-to-install) section.
- To install this Docker project on AWS Elastic Beanstalk please see [AWS Elastic Beanstalk Guide](./README.aws.md).
- The default Mattermost edition for this repo has changed from Team Edition to Enterprise Edition. Please see [Choose Edition](#choose-edition-to-install) section.
- To install this Docker project on AWS Elastic Beanstalk please see [AWS Elastic Beanstalk Guide](contrib/aws/README.md).
- To run Mattermost on Kubernetes you can start with the [manifest examples in the kubernetes folder](contrib/kubernetes/README.md)
- To install Mattermost without Docker directly onto a Linux-based operating systems, please see [Admin Guide](https://docs.mattermost.com/guides/administrator.html#installing-mattermost).
## Installation using Docker Compose
......@@ -20,140 +21,121 @@ The following instructions deploy Mattermost in a production configuration using
### Choose Edition to Install
If you want to install enterprise edition, you can skip this section.
If you want to install Enterprise Edition, you can skip this section.
To install the team edition, comment out the following line in docker-compose.yaml file:
```
dockerfile: Dockerfile-enterprise
```
### Database
Make sure to set the appropriate values for `MM_USERNAME`, `MM_PASSWORD` and `MM_DBNAME`.
### Install with SSL certificate
1. Put your SSL certificate as `./volumes/web/cert/cert.pem` and the private key that has
no password as `./volumes/web/cert/key-no-password.pem`. If you don't have
them you may generate a self-signed SSL certificate.
2. Build and run mattermost
```
docker-compose up -d
```
3. Open `https://your.domain` with your web browser.
### Install without SSL certificate
1. Build and run mattermost
```
docker-compose up -d
```
2. Open `http://your.domain` with your web browser.
## Starting/Stopping
### Start
docker-compose start
### Stop
To install the Team Edition, comment out the following line in docker-compose.yaml file:
```
dockerfile: Dockerfile-enterprise
```
docker-compose stop
### Database container
This repository offer a Docker image for the Mattermost database. It is a customized PostgreSQL image that you should configure with following environment variables :
* `POSTGRES_USER`: database username
* `POSTGRES_PASSWORD`: database password
* `POSTGRES_DB`: database name
### Update
#### AWS
If deploying to AWS, you could also set following variables to enable [Wal-E](https://github.com/wal-e/wal-e) backup to S3 :
* `AWS_ACCESS_KEY_ID`: AWS access key
* `AWS_SECRET_ACCESS_KEY`: AWS secret
* `WALE_S3_PREFIX`: AWS s3 bucket name
* `AWS_REGION`: AWS region
Make sure to backup Mattermost data before proceeding.
All four environment variables are required. It will enable completed WAL segments sent to archive storage (S3). The base backup and clean up can be done through the following command:
```bash
# Base backup
docker exec mattermost-db su - postgres sh -c "/usr/bin/envdir /etc/wal-e.d/env /usr/local/bin/wal-e backup-push /var/lib/postgresql/data"
# Keep the most recent 7 base backups and remove the old ones
docker exec mattermost-db su - postgres sh -c "/usr/bin/envdir /etc/wal-e.d/env /usr/local/bin/wal-e delete --confirm retain 7"
```
Those tasks can be executed through a cron job or systemd timer.
docker-compose down
git pull
docker-compose build
docker-compose up -d
### Application container
Application container run the Mattermost application. You should configure it with following environment variables :
* `MM_USERNAME`: database username
* `MM_PASSWORD`: database password
* `MM_DBNAME`: database name
## Removing
If your database use some custom host and port, it is also possible to configure them :
* `DB_HOST`: database host address
* `DB_PORT_NUMBER`: database port
### Remove the containers
If you use a Mattermost configuration file on a different location than the default one (`/mattermost/config/config.json`) :
* `MM_CONFIG`: configuration file location inside the container.
docker-compose stop && docker-compose rm
If you choose to use MySQL instead of PostgreSQL, you should set a different datasource :
* `MM_SQLSETTINGS_DATASOURCE` : `"$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT_NUMBER)/$MM_DBNAME?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"`
### Remove the data and settings of your mattermost instance
### Web server container
This image is optional, you should not use it you have your own reverse-proxy. It is a simple front Web server for the Mattermost app container.
* `MATTERMOST_ENABLE_SSL`: whether to enable SSL
* `PLATFORM_PORT_80_TCP_PORT`: port that Mattermost image is listening on
sudo rm -rf volumes
#### Install with SSL certificate
Put your SSL certificate as `./volumes/web/cert/cert.pem` and the private key that has
no password as `./volumes/web/cert/key-no-password.pem`. If you don't have
them you may generate a self-signed SSL certificate.
## Database Backup
### Starting/Stopping Docker
When AWS S3 environment variables are specified on db docker container, it enables [Wal-E](https://github.com/wal-e/wal-e) backup to S3.
#### Start
```
docker-compose start
```
```bash
docker run -d --name mattermost-db \
-e AWS_ACCESS_KEY_ID=XXXX \
-e AWS_SECRET_ACCESS_KEY=XXXX \
-e WALE_S3_PREFIX=s3://BUCKET_NAME/PATH \
-e AWS_REGION=us-east-1
-v ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
-v /etc/localtime:/etc/localtime:ro
db
#### Stop
```
docker-compose stop
```
All four environment variables are required. It will enable completed WAL segments sent to archive storage (S3). The base backup and clean up can be done through the following command:
### Removing Docker
```bash
# base backup
docker exec mattermost-db su - postgres sh -c "/usr/bin/envdir /etc/wal-e.d/env /usr/local/bin/wal-e backup-push /var/lib/postgresql/data"
# keep the most recent 7 base backups and remove the old ones
docker exec mattermost-db su - postgres sh -c "/usr/bin/envdir /etc/wal-e.d/env /usr/local/bin/wal-e delete --confirm retain 7"
#### Remove the containers
```
docker-compose stop && docker-compose rm
```
Those tasks can be executed through a cron job or systemd timer.
## Customization
#### Remove the data and settings of your Mattermost instance
```
sudo rm -rf volumes
```
Customization can be done through environment variables.
## Update Mattermost to latest version
### Mattermost App Image
First, shutdown your containers to back up your data.
* MM_USERNAME: database username, must be the same as one in DB image
* MM_PASSWORD: database password, must be the same as one in DB image
* MM_DBNAME: database name, must be the same as one in DB image
* DB_HOST: database host address
* DB_PORT_5432_TCP_PORT: database port
* MM_CONFIG: configuration file location. It can be used when config is mounted in a different location.
```
docker-compose down
```
### Mattermost DB Image
Back up your mounted volumes to save your data. If you use the default `docker-compose.yml` file proposed on this repository, your data is on `./volumes/` folder.
* MM_USERNAME: database username, must be the same as on in App image
* MM_PASSWORD: database password, must be the same as on in App image
* MM_DBNAME: database name, must be the same as on in App image
* AWS_ACCESS_KEY_ID: aws access key, used for db backup
* AWS_SECRET_ACCESS_KEY: aws secret, used for db backup
* WALE_S3_PREFIX: aws s3 bucket name, used for db backup
* AWS_REGION: aws region, used for db backup
Then run the following commands.
### Mattermost Web Image
```
git pull
docker-compose build
docker-compose up -d
```
* MATTERMOST_ENABLE_SSL: whether to enable SSL
* PLATFORM_PORT_80_TCP_PORT: port that Mattermost image is listening on
Your Docker image should now be on the latest Mattermost version.
## Upgrading to Team Edition 3.0.x from 2.x
You need to migrate your database before upgrading mattermost to 3.0.x from
2.x. Run these commands in the latest mattermost-docker directory.
docker-compose rm -f app
docker-compose build app
docker-compose run app -upgrade_db_30
docker-compose up -d
You need to migrate your database before upgrading Mattermost to `3.0.x` from
`2.x`. Run these commands in the latest `mattermost-docker` directory.
```
docker-compose rm -f app
docker-compose build app
docker-compose run app -upgrade_db_30
docker-compose up -d
```
See the [offical Upgrade Guide](http://docs.mattermost.com/administration/upgrade.html) for more details.
## Known Issues
* Do not modify the Listen Address in Service Settings.
* Rarely 'app' container fails to start because of "connection refused" to
* Rarely `app` container fails to start because of "connection refused" to
database. Workaround: Restart the container.
## More information
......@@ -161,9 +143,7 @@ See the [offical Upgrade Guide](http://docs.mattermost.com/administration/upgrad
If you want to know how to use docker-compose, see [the overview
page](https://docs.docker.com/compose).
If you want to run Mattermost on Kubernetes you can start with the [manifest examples in the kubernetes folder](contrib/kubernetes/README.md)
For the server configurations, see [prod-ubuntu.rst] of mattermost.
For the server configurations, see [prod-ubuntu.rst] of Mattermost.
[docker]: http://docs.docker.com/engine/installation/
[docker-compose]: https://docs.docker.com/compose/install/
......
FROM ubuntu:14.04
# Some ENV variables
ENV PATH="/mattermost/bin:${PATH}"
RUN apt-get update && apt-get -y install curl netcat
RUN mkdir -p /mattermost/data
ENV MM_VERSION=3.8.2
RUN curl https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz | tar -xvz
RUN rm /mattermost/config/config.json
COPY config.template.json /
ENV MM_VERSION=4.2.0
# Install some needed packages
RUN apt-get update \
&& apt-get -y install \
curl \
jq \
netcat \
&& rm -rf /var/lib/apt/lists/*
# Prepare Mattermost
RUN mkdir -p /mattermost/data \
&& curl https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz | tar -xvz \
&& cp /mattermost/config/config.json /config.json.save \
&& rm -rf /mattermost/config/config.json
# Configure entrypoint
COPY docker-entry.sh /
# Set permission (TODO should be removed and replace by a chmod on the file in the repository ?)
RUN chmod +x /docker-entry.sh
ENTRYPOINT ["/docker-entry.sh"]
......
FROM ubuntu:14.04
# Some ENV variables
ENV PATH="/mattermost/bin:${PATH}"
RUN apt-get update && apt-get -y install curl netcat
RUN mkdir -p /mattermost/data
ENV MM_VERSION=3.8.2
RUN curl https://releases.mattermost.com/$MM_VERSION/mattermost-$MM_VERSION-linux-amd64.tar.gz | tar -xvz
RUN rm /mattermost/config/config.json
COPY config.template.json /
ENV MM_VERSION=4.2.0
# Install some needed packages
RUN apt-get update \
&& apt-get -y install \
curl \
jq \
netcat \
&& rm -rf /var/lib/apt/lists/*
# Prepare Mattermost
RUN mkdir -p /mattermost/data \
&& curl https://releases.mattermost.com/$MM_VERSION/mattermost-$MM_VERSION-linux-amd64.tar.gz | tar -xvz \
&& cp /mattermost/config/config.json /config.json.save \
&& rm -rf /mattermost/config/config.json
# Configure entrypoint
COPY docker-entry.sh /
# Set permission (TODO should be removed and replace by a chmod on the file in the repository ?)
RUN chmod +x /docker-entry.sh
ENTRYPOINT ["/docker-entry.sh"]
......
{
"ServiceSettings": {
"ListenAddress": ":80",
"MaximumLoginAttempts": 10,
"SegmentDeveloperKey": "",
"GoogleDeveloperKey": "",
"EnableOAuthServiceProvider": false,
"EnableIncomingWebhooks": false,
"EnableOutgoingWebhooks": false,
"EnablePostUsernameOverride": false,
"EnablePostIconOverride": false,
"EnableTesting": false,
"EnableSecurityFixAlert": true
},
"TeamSettings": {
"SiteName": "Mattermost",
"MaxUsersPerTeam": 50,
"EnableTeamCreation": true,
"EnableUserCreation": true,
"RestrictCreationToDomains": "",
"RestrictTeamNames": true,
"EnableTeamListing": false
},
"SqlSettings": {
"DriverName": "postgres",
"DataSource": "postgres://MM_USERNAME:MM_PASSWORD@DB_HOST:DB_PORT/MM_DBNAME?sslmode=disable&connect_timeout=10",
"DataSourceReplicas": [],
"MaxIdleConns": 10,
"MaxOpenConns": 10,
"Trace": false,
"AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QVg"
},
"LogSettings": {
"EnableConsole": false,
"ConsoleLevel": "INFO",
"EnableFile": true,
"FileLevel": "INFO",
"FileFormat": "",
"FileLocation": ""
},
"FileSettings": {
"DriverName": "local",
"Directory": "/mattermost/data/",
"EnablePublicLink": true,
"PublicLinkSalt": "A705AklYF8MFDOfcwh3I488G8vtLlVip",
"ThumbnailWidth": 120,
"ThumbnailHeight": 100,
"PreviewWidth": 1024,
"PreviewHeight": 0,
"ProfileWidth": 128,
"ProfileHeight": 128,
"InitialFont": "luximbi.ttf",
"AmazonS3AccessKeyId": "",
"AmazonS3SecretAccessKey": "",
"AmazonS3Bucket": "",
"AmazonS3Region": ""
},
"EmailSettings": {
"EnableSignUpWithEmail": true,
"SendEmailNotifications": false,
"RequireEmailVerification": false,
"FeedbackName": "",
"FeedbackEmail": "",
"SMTPUsername": "",
"SMTPPassword": "",
"SMTPServer": "",
"SMTPPort": "",
"ConnectionSecurity": "",
"InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9YoS",
"PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5eL",
"ApplePushServer": "",
"ApplePushCertPublic": "",
"ApplePushCertPrivate": ""
},
"RateLimitSettings": {
"EnableRateLimiter": true,
"PerSec": 10,
"MemoryStoreSize": 10000,
"VaryByRemoteAddr": true,
"VaryByHeader": ""
},
"PrivacySettings": {
"ShowEmailAddress": true,
"ShowFullName": true
},
"GitLabSettings": {
"Enable": false,
"Secret": "",
"Id": "",
"Scope": "",
"AuthEndpoint": "",
"TokenEndpoint": "",
"UserApiEndpoint": ""
}
}
#!/bin/bash
generate_salt() {
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 48 | head -n 1
}
DB_HOST=${DB_HOST:-db}
DB_PORT_5432_TCP_PORT=${DB_PORT_5432_TCP_PORT:-5432}
DB_PORT_NUMBER=${DB_PORT_NUMBER:-5432}
MM_USERNAME=${MM_USERNAME:-mmuser}
MM_PASSWORD=${MM_PASSWORD:-mmuser_password}
MM_DBNAME=${MM_DBNAME:-mattermost}
MM_CONFIG=/mattermost/config/config.json
MM_CONFIG=${MM_CONFIG:-/mattermost/config/config.json}
if [ "${1:0:1}" = '-' ]; then
set -- platform "$@"
......@@ -20,24 +24,44 @@ if [ "$1" = 'platform' ]; then
esac
done
echo "Using config file" $MM_CONFIG
echo -ne "Configure database connection..."
if [ ! -f $MM_CONFIG ]
then
cp /config.template.json $MM_CONFIG
sed -Ei "s/DB_HOST/$DB_HOST/" $MM_CONFIG
sed -Ei "s/DB_PORT/$DB_PORT_5432_TCP_PORT/" $MM_CONFIG
sed -Ei "s/MM_USERNAME/$MM_USERNAME/" $MM_CONFIG
sed -Ei "s/MM_PASSWORD/$MM_PASSWORD/" $MM_CONFIG
sed -Ei "s/MM_DBNAME/$MM_DBNAME/" $MM_CONFIG
echo OK
echo "No configuration file" $MM_CONFIG
echo "Creating a new one"
# Copy default configuration file
cp /config.json.save $MM_CONFIG
# Substitue some parameters with jq
jq '.ServiceSettings.ListenAddress = ":80"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.LogSettings.EnableConsole = false' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.LogSettings.ConsoleLevel = "INFO"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.Directory = "/mattermost/data/"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.EnablePublicLink = true' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.FileSettings.PublicLinkSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SendEmailNotifications = false' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.FeedbackEmail = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SMTPServer = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.SMTPPort = ""' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.InviteSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.EmailSettings.PasswordResetSalt = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.RateLimitSettings.Enable = true' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.SqlSettings.DriverName = "postgres"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
jq '.SqlSettings.AtRestEncryptKey = "'$(generate_salt)'"' $MM_CONFIG > $MM_CONFIG.tmp && mv $MM_CONFIG.tmp $MM_CONFIG
else
echo "Using existing config file" $MM_CONFIG
fi
if [ -z "$MM_SQLSETTINGS_DATASOURCE"]
then
echo -ne "Configure database connection..."
export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$MM_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=disable&connect_timeout=10"
echo OK
else
echo SKIP
echo "Using existing database connection"
fi
echo "Wait until database $DB_HOST:$DB_PORT_5432_TCP_PORT is ready..."
until nc -z $DB_HOST $DB_PORT_5432_TCP_PORT
echo "Wait until database $DB_HOST:$DB_PORT_NUMBER is ready..."
until nc -z $DB_HOST $DB_PORT_NUMBER
do
sleep 1
done
......
......@@ -13,14 +13,49 @@
"sourcePath": "/var/app/current/app/mattermost/data"
}
},
{
"name": "app-logs",
"host": {
"sourcePath": "/var/app/current/app/mattermost/logs"
}
},
{
"name": "db-data",
"host": {
"sourcePath": "/var/app/current/db/mattermost/var/lib/postgresql/data"
}
},
{
"name": "web-cert",
"host": {
"sourcePath": "/var/app/current/web/cert"
}
}
],
"containerDefinitions": [
{
"name": "db",
"image": "mattermost/mattermost-prod-db:latest",
"memory": 128,
"mountPoints": [
{
"sourceVolume": "db-data",
"containerPath": "/var/lib/postgresql/data"
}
],
"environment": [
{
"name": "POSTGRES_USER",
"value": "mmuser"
}, {
"name": "POSTGRES_PASSWORD",
"value": "mmuser_password"
}, {
"name": "POSTGRES_DB",
"value": "mattermost"
}
]
},
{
"name": "app",
"image": "mattermost/mattermost-prod-app:latest",
......@@ -33,12 +68,10 @@
{
"sourceVolume": "app-data",
"containerPath": "/mattermost/data"
}
],
"portMappings": [
},
{
"hostPort": 80,
"containerPort": 80
"sourceVolume": "app-logs",
"containerPath": "/mattermost/logs"
}
],
"links": [
......@@ -46,14 +79,27 @@
]
},
{
"name": "db",
"image": "mattermost/mattermost-prod-db:latest",
"name": "web",
"image": "mattermost/mattermost-prod-web:latest",
"memory": 128,
"mountPoints": [
{
"sourceVolume": "db-data",
"containerPath": "/var/lib/postgresql/data"
"sourceVolume": "web-cert",
"containerPath": "/cert"
}
],
"portMappings": [
{
"hostPort": 80,
"containerPort": 80
},
{
"hostPort": 443,
"containerPort": 443
}
],
"links": [
"app"
]
}
]
......
FROM postgres:9.4
RUN apt-get update \
&& apt-get install -y python-dev lzop pv daemontools curl build-essential \
&& apt-get install -y python-dev libffi-dev libssl-dev lzop pv daemontools curl build-essential \
&& curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python \
&& pip install 'wal-e<1.0.0' \
&& apt-get remove -y build-essential python-dev \
......
db:
build: db
restart: unless-stopped
volumes:
- ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=mmuser_password
- POSTGRES_DB=mattermost