Mattermost
- Mattermost is an open source, self-hosted Slack-alternative.
- As an alternative to proprietary SaaS messaging, Mattermost brings all your team communication into one place, making it searchable and accessible anywhere.
Contents
Installation
Install the mattermostAUR package.
Configuration
Setting up the database
PostgreSQL
user$ sudo -i -u postgres postgres$ psql
postgres=# CREATE DATABASE mattermost; postgres=# CREATE USER mmuser WITH PASSWORD 'mmuser_password'; postgres=# GRANT ALL PRIVILEGES ON DATABASE mattermost to mmuser; postgres=# \q postgres$ exit
Verify that your new user and database works from your normal user:
psql --host=127.0.0.1 --dbname=mattermost --username=mmuser --password
mattermost=> \q
Configuring Mattermost
You'll find the configuration file at /etc/webapps/mattermost/config.json
.
There are essentially two things you need to change.
"DriverName": "mysql"
should be changed to use PostgreSQL if that is the case:
"DriverName": "postgres"
And the connection string "DataSource": "..."
should match your database and user settings
"DataSource": "postgres://mmuser:mmuser_password@127.0.0.1:5432/mattermost?sslmode=disable&connect_timeout=10"
Starting mattermost
The package provides the mattermost
service, which can be normally started and enabled.
Testing
Open up a browser and navigate to http://127.0.0.1:8065/ and that should give you a mattermost chat startpage.
Useful Tips
TLS/SSL via reverse web-proxy
Since Mattermost doesn't support self signed TLS/SSL keys in their Android or iOS app, a good thing to do is to setup a reverse web proxy.
Some alterantives are:
- Nginx
- Apache
- Lighttpd or lighttpd2-gitAUR
TLS/SSL via Lighttpd2
A quick example using lighttpd2-gitAUR with nothing but acting as a proxy for mattermost and mattermost only.
/etc/lighttpd2/lighttpd.conf
setup { module_load [ "mod_accesslog", "mod_proxy", "mod_openssl" ]; openssl [ "listen" => "0.0.0.0:443", "listen" => "[::]:443", "pemfile" => "/etc/lighttpd2/certs/lighttpd2.pem", "options" => ["ALL", "NO_TICKET"], "verify" => true, "verify-any" => true, "verify-depth" => 9 ]; listen "0.0.0.0:80"; listen "[::]:80"; log ["debug" => "", default => "/var/log/lighttpd2/error.log"]; accesslog "/var/log/lighttpd2/access.log"; accesslog.format "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}\""; static.exlude_extensions [ ".php", ".pl", ".fcgi", "~", ".inc" ]; } openssl.setenv "client-cert"; keepalive.timeout 360; docroot "/srv/http"; index [ "index.php", "index.html", "index.htm" ]; include "/etc/lighttpd2/mimetypes.conf"; proxy "127.0.0.1:8065";
Assuming you have a certificate at /etc/lighttpd2/certs/lighttpd2.pem
this would serve as a descent reverse web proxy for mattermost on standard web-ports. See mod_vhost if you want to transfer the proxy "127.0.0.1:8065"
line into a virtual host domain.