josiah
ece64af0ed
- Add new DO records - Create TF for provisioning mm virtual machine inside bikeshed - write basic ansible play for deploying single node chat cluster.
84 lines
3.2 KiB
Org Mode
84 lines
3.2 KiB
Org Mode
* Mattermost ansible role
|
||
does what it says on the tin.
|
||
|
||
** before you can run
|
||
make sure you copied the appropriate key to the system (which should be done by tf, but check if something doesn't work)
|
||
make sure your local agent has the key, moron.
|
||
|
||
** install guide from mattermost website
|
||
Reference: https://docs.mattermost.com/install/install-docker.html#deploy-mattermost-on-docker-for-production-use
|
||
|
||
|
||
In a terminal window, clone the repository and enter the directory.
|
||
|
||
git clone https://github.com/mattermost/docker
|
||
cd docker
|
||
|
||
Create your .env file by copying and adjusting the env.example file.
|
||
|
||
cp env.example .env
|
||
|
||
Important
|
||
|
||
At a minimum, you must edit the DOMAIN value in the .env file to correspond to the domain for your Mattermost server.
|
||
|
||
Create the required directories and set their permissions.
|
||
|
||
mkdir -p ./volumes/app/mattermost/{config,data,logs,plugins,client/plugins,bleve-indexes}
|
||
sudo chown -R 2000:2000 ./volumes/app/mattermost
|
||
|
||
Configure TLS for NGINX (optional). If you’re not using the included NGINX reverse proxy, you can skip this step.
|
||
|
||
If creating a new certificate and key:
|
||
|
||
bash scripts/issue-certificate.sh -d <YOUR_MM_DOMAIN> -o ${PWD}/certs
|
||
|
||
To include the certificate and key, uncomment the following lines in your .env file and ensure they point to the appropriate files.
|
||
|
||
#CERT_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/fullchain.pem
|
||
#KEY_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/privkey.pem
|
||
|
||
If using a pre-existing certificate and key:
|
||
|
||
mkdir -p ./volumes/web/cert
|
||
cp <PATH-TO-PRE-EXISTING-CERT>.pem ./volumes/web/cert/cert.pem
|
||
cp <PATH-TO-PRE-EXISTING-KEY>.pem ./volumes/web/cert/key-no-password.pem
|
||
|
||
To include the certificate and key, ensure the following lines in your .env file points to the appropriate files.
|
||
|
||
CERT_PATH=./volumes/web/cert/cert.pem
|
||
KEY_PATH=./volumes/web/cert/key-no-password.pem
|
||
|
||
Configure SSO with GitLab (optional). If you want to use SSO with GitLab, and you’re using a self-signed certificate, you have to add the PKI chain for your authority. This is required to avoid the Token request failed: certificate signed by unknown authority error.
|
||
|
||
To add the PKI chain, uncomment this line in your .env file, and ensure it points to your pki_chain.pem file:
|
||
|
||
#GITLAB_PKI_CHAIN_PATH=<path_to_your_gitlab_pki>/pki_chain.pem
|
||
|
||
Then uncomment this line in your docker-compose.yml file, and ensure it points to the same pki_chain.pem file:
|
||
|
||
# - ${GITLAB_PKI_CHAIN_PATH}:/etc/ssl/certs/pki_chain.pem:ro
|
||
|
||
Deploy Mattermost.
|
||
|
||
Without using the included NGINX:
|
||
|
||
sudo docker compose -f docker-compose.yml -f docker-compose.without-nginx.yml up -d
|
||
|
||
To access your new Mattermost deployment, navigate to http://<YOUR_MM_DOMAIN>:8065/ in your browser.
|
||
|
||
To shut down your deployment:
|
||
|
||
sudo docker compose -f docker-compose.yml -f docker-compose.without-nginx.yml down
|
||
|
||
Using the included NGINX:
|
||
|
||
sudo docker compose -f docker-compose.yml -f docker-compose.nginx.yml up -d
|
||
|
||
To access your new Mattermost deployment via HTTPS, navigate to https://<YOUR_MM_DOMAIN>/ in your browser.
|
||
|
||
To shut down your deployment:
|
||
|
||
sudo docker compose -f docker-compose.yml -f docker-compose.nginx.yml down
|
||
|
||
Create your first Mattermost System Admin user, invite more users, and explore the Mattermost platform. |