josiah
ece64af0ed
- Add new DO records - Create TF for provisioning mm virtual machine inside bikeshed - write basic ansible play for deploying single node chat cluster.
3.2 KiB
Mattermost ansible role
does what it says on the tin.
before you can run
make sure you copied the appropriate key to the system (which should be done by tf, but check if something doesn't work) make sure your local agent has the key, moron.
install guide from mattermost website
In a terminal window, clone the repository and enter the directory.
git clone https://github.com/mattermost/docker cd docker
Create your .env file by copying and adjusting the env.example file.
cp env.example .env
Important
At a minimum, you must edit the DOMAIN value in the .env file to correspond to the domain for your Mattermost server.
Create the required directories and set their permissions.
mkdir -p ./volumes/app/mattermost/{config,data,logs,plugins,client/plugins,bleve-indexes} sudo chown -R 2000:2000 ./volumes/app/mattermost
Configure TLS for NGINX (optional). If you’re not using the included NGINX reverse proxy, you can skip this step.
If creating a new certificate and key:
bash scripts/issue-certificate.sh -d <YOUR_MM_DOMAIN> -o ${PWD}/certs
To include the certificate and key, uncomment the following lines in your .env file and ensure they point to the appropriate files.
#CERT_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/fullchain.pem #KEY_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/privkey.pem
If using a pre-existing certificate and key:
mkdir -p ./volumes/web/cert cp <PATH-TO-PRE-EXISTING-CERT>.pem ./volumes/web/cert/cert.pem cp <PATH-TO-PRE-EXISTING-KEY>.pem ./volumes/web/cert/key-no-password.pem
To include the certificate and key, ensure the following lines in your .env file points to the appropriate files.
CERT_PATH=./volumes/web/cert/cert.pem KEY_PATH=./volumes/web/cert/key-no-password.pem
Configure SSO with GitLab (optional). If you want to use SSO with GitLab, and you’re using a self-signed certificate, you have to add the PKI chain for your authority. This is required to avoid the Token request failed: certificate signed by unknown authority error.
To add the PKI chain, uncomment this line in your .env file, and ensure it points to your pki_chain.pem file:
#GITLAB_PKI_CHAIN_PATH=<path_to_your_gitlab_pki>/pki_chain.pem
Then uncomment this line in your docker-compose.yml file, and ensure it points to the same pki_chain.pem file:
Deploy Mattermost.
Without using the included NGINX:
sudo docker compose -f docker-compose.yml -f docker-compose.without-nginx.yml up -d
To access your new Mattermost deployment, navigate to http://<YOUR_MM_DOMAIN>:8065/ in your browser.
To shut down your deployment:
sudo docker compose -f docker-compose.yml -f docker-compose.without-nginx.yml down
Using the included NGINX:
sudo docker compose -f docker-compose.yml -f docker-compose.nginx.yml up -d
To access your new Mattermost deployment via HTTPS, navigate to https://<YOUR_MM_DOMAIN>/ in your browser.
To shut down your deployment:
sudo docker compose -f docker-compose.yml -f docker-compose.nginx.yml down
Create your first Mattermost System Admin user, invite more users, and explore the Mattermost platform.