Introduction
This procedure is for a single-server setup, with a common front-end Apache webserver.
Procedure
-
- Run:
apt-get -y install postgresql
- Decide on a password for the mattermost database account.
- Create the mattermost database as follows:
su - postgres psql CREATE DATABASE mattermost; CREATE USER mmuser WITH PASSWORD '<mmuser-password>'; GRANT ALL PRIVILEGES ON DATABASE mattermost to mmuser; ALTER DATABASE mattermost OWNER TO mmuser; \q # exit psql exit # exit su
- Allow the Mattermost server to communicate with the database by editing /etc/postgresql/*/main/pg_hba.conf and changing these lines:
# "local" is for Unix domain socket connections only local all all peer # IPv4 local connections: host all all 127.0.0.1/32 scram-sha-256
to this:
# "local" is for Unix domain socket connections only local all all trust # IPv4 local connections: host all all 127.0.0.1/32 trust
(Note that the official documentation assumes we’re using IPv6 and so refers to a different
hostline.) - Run:
systemctl reload postgresql
- Test that database user mmuser has access:
su - postgres -c "psql --dbname=mattermost --username=mmuser --password" \q
- Download Mattermost, unpack it in /opt, make the
datadirectory and correct permissions:wget https://releases.mattermost.com/10.0.0/mattermost-10.0.0-linux-amd64.tar.gz tar xCzf /opt mattermost-10.0.0-linux-amd64.tar.gz mkdir /opt/mattermost/data useradd --system --user-group mattermost chown -R mattermost:mattermost /opt/mattermost chmod -R g+w /opt/mattermost - Run:
cat > /etc/systemd/system/mattermost.service <<EOF [Unit] Description=Mattermost After=network.target After=postgresql.service BindsTo=postgresql.service [Service] Type=notify ExecStart=/opt/mattermost/bin/mattermost TimeoutStartSec=3600 KillMode=mixed Restart=always RestartSec=10 WorkingDirectory=/opt/mattermost User=mattermost Group=mattermost LimitNOFILE=49152 [Install] WantedBy=multi-user.target EOF systemctl daemon-reload
(Note that the official documentation says to create this file in /lib/systemd/system but that is wrong.)
- Edit /opt/mattermost/config/config.json and set:
... "ServiceSettings": { "SiteURL": "<official-url-for-this-mattermost-instance>", ... "SqlSettings": { "Driver": "postgres", "DataSource": "postgres://mmuser:<mmuser-password>@localhost:5432/mattermost?sslmode=disable&connect_timeout=10", ...(Note that it should be possible to tell mattermost to use the Unix socket to access the database but I could not get that to work as described here.)
- Start mattermost and enable it at system boot:
systemctl start mattermost systemctl enable mattermost
- Test that the basics are working with:
curl http://localhost:8065
- Complete configuring a reverse proxy (revision 1) with environment settings:
FRONTENDHOST=armonie.pasta.net FRONTENDVHOST=mattermost.pasta.freemyip.com BACKENDHOST=gomiti.pasta.net BACKENDVHOST=gomiti.pasta.net BACKENDVPROT=http BACKENDVPORT=8065
- To stop “Error: Please check connection, Mattermost unreachable. If issue persists, ask administrator to check WebSocket port” do the following:
- Edit /etc/apache2/sites-available/$FRONTENDVHOST-ssl.conf and replace these lines:
ProxyPass / http://gomiti.pasta.net:8065/ ProxyPassReverse / http://gomiti.pasta.net:8065/
with these lines:
RewriteEngine On RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC] RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR] RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC] RewriteRule .* ws://gomiti.pasta.net:8065%{REQUEST_URI} [P,QSA,L] <Location /> Require all granted ProxyPass http://gomiti.pasta.net:8065/ ProxyPassReverse http://gomiti.pasta.net:8065/ ProxyPassReverseCookieDomain gomiti.pasta.net mattermost.pasta.freemyip.com </Location> - Run:
a2enmod proxy_wstunnel systemctl restart apache2
- It may be that this is also needed but for the moment I don’t do it:
- Edit /opt/mattermost/config/config.json and set:
"ServiceSettings": { ... "AllowCorsFrom": "*", ... - Run:
systemctl stop mattermost systemctl start mattermost
- Edit /opt/mattermost/config/config.json and set:
(This section is based on a semi-official guide.)
- Edit /etc/apache2/sites-available/$FRONTENDVHOST-ssl.conf and replace these lines:
- Log in to your mattermost instance; the first account created gets admin rights. (This can be seen by logging out and then attempting to create a new account.)
- Run:
Basic administration
- Configure mail as follows:
- Go to the mattermost system console (grid-like button on top left of user interface) –> Environment –> SMTP.
- Set:
- SMTP Server: localhost
- Port: 25
and save.
- Test connection
- Configure users as follows:
- Go to the system console –> Authentication –> Signup
- Set:
- Enable email invitations: true
and save.
- Invite a user by email address.
- To Stop “Preview Mode: Email notifications have not been configured.”
- Go to the mattermost system console (grid-like button on top left of user interface) –> Site Configuration –> Notifications.
- Set:
- Enable Email Notifications: true
- Notification Display Name: Mattermost Notification
- Notification From Address: mattermost@pasta.net
- Support Email Address: root@pasta.net
and save.