[MM] Update compose file

2024-02-13 12:58:55 +01:00 · 2024-02-13 12:58:55 +01:00 · 4dabce86f4
commit 4dabce86f4
parent 562a7a520b
4 changed files with 7 additions and 143 deletions
--- a/mattermost/.env.example
+++ b/mattermost/.env.example
@ -1,2 +1,3 @@
 DATA_PATH=
 CN=
 MM_VERSION=
--- a/mattermost/Dockerfile
+++ b/mattermost/Dockerfile
@ -1,50 +0,0 @@
 FROM alpine:3.17
 # Some ENV variables
 ENV PATH="/mattermost/bin:${PATH}"
 # Build argument to set Mattermost edition
 ARG MM_VERSION
 ARG PUID=2000
 ARG PGID=2000
 # Install some needed packages
 RUN apk add --no-cache \
 	ca-certificates \
 	curl \
 	jq \
 	libc6-compat \
 	libffi-dev \
 	libcap \
 	linux-headers \
 	mailcap \
 	netcat-openbsd \
 	xmlsec-dev \
 	tzdata \
 	postgresql-client \
 	&& rm -rf /tmp/*
 # Get Mattermost
 RUN mkdir -p /mattermost/data /mattermost/plugins /mattermost/client/plugins \
 	&& curl https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz | tar -xvz \
 	&& cp /mattermost/config/config.json /config.json.save \
 	&& rm -rf /mattermost/config/config.json \
 	&& addgroup -g ${PGID} mattermost \
 	&& adduser -D -u ${PUID} -G mattermost -h /mattermost -D mattermost \
 	&& chown -R mattermost:mattermost /mattermost /config.json.save /mattermost/plugins /mattermost/client/plugins \
 	&& setcap cap_net_bind_service=+ep /mattermost/bin/mattermost
 # Expose port 8000 of the container
 EXPOSE 8000
 #Healthcheck to make sure container is ready
 HEALTHCHECK CMD curl --fail http://localhost:8000/api/v4/system/ping || exit 1
 USER mattermost
 # Configure entrypoint and command
 COPY entrypoint.sh /
 ENTRYPOINT ["/entrypoint.sh"]
 WORKDIR /mattermost
 CMD ["mattermost"]
--- a/mattermost/docker-compose.yml
+++ b/mattermost/docker-compose.yml
@ -14,13 +14,15 @@ services:
      - "co.elastic.logs/fileset=log"
  app:
-    image: mm_app:8.0.1
+    image: mm_app:${MM_VERSION}
    build:
-      context: .
+      context: https://github.com/mattermost/mattermost.git#v${MM_VERSION}:server/build
      args:
-        MM_VERSION: 8.0.1
+        MM_PACKAGE: https://releases.mattermost.com/${MM_VERSION}/mattermost-team-${MM_VERSION}-linux-amd64.tar.gz
    depends_on:
      - db
    security_opt:
      - no-new-privileges:true
    restart: unless-stopped
    networks:
      - default
@ -28,16 +30,13 @@ services:
    volumes:
      - ${DATA_PATH}/app/mattermost/config:/mattermost/config:rw
      - ${DATA_PATH}/app/mattermost/data:/mattermost/data:rw
      - ${DATA_PATH}/app/mattermost/logs:/mattermost/logs:rw
      - ${DATA_PATH}/app/mattermost/plugins:/mattermost/plugins:rw
      - ${DATA_PATH}/app/mattermost/client-plugins:/mattermost/client/plugins:rw
      - /etc/localtime:/etc/localtime:ro
    env_file: secrets/app.secrets
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=proxy"
-      - "traefik.http.services.mm-svc.loadbalancer.server.port=8000"
+      - "traefik.http.services.mm-svc.loadbalancer.server.port=8065"
      - "traefik.http.routers.mm.service=mm-svc"
      - "traefik.http.routers.mm.entrypoints=websecure"
      - "traefik.http.routers.mm.rule=Host(`${CN}`)"
--- a/mattermost/entrypoint.sh
+++ b/mattermost/entrypoint.sh
@ -1,86 +0,0 @@
 #!/bin/sh
 # Function to generate a random salt
 generate_salt() {
  tr -dc 'a-zA-Z0-9' </dev/urandom | fold -w 48 | head -n 1
 }
 # Read environment variables or set default values
 DB_HOST=${DB_HOST:-db}
 DB_PORT_NUMBER=${DB_PORT_NUMBER:-5432}
 # see https://www.postgresql.org/docs/current/libpq-ssl.html
 # for usage when database connection requires encryption
 # filenames should be escaped if they contain spaces
 #  i.e. $(printf %s ${MY_ENV_VAR:-''}  | jq -s -R -r @uri)
 # the location of the CA file can be set using environment var PGSSLROOTCERT
 # the location of the CRL file can be set using PGSSLCRL
 # The URL syntax for connection string does not support the parameters
 # sslrootcert and sslcrl reliably, so use these PostgreSQL-specified variables
 # to set names if using a location other than default
 DB_USE_SSL=${DB_USE_SSL:-disable}
 MM_DBNAME=${MM_DBNAME:-mattermost}
 MM_CONFIG=${MM_CONFIG:-/mattermost/config/config.json}
 _1=$(echo "$1" | awk '{ s=substr($0, 0, 1); print s; }')
 if [ "$_1" = '-' ]; then
  set -- mattermost "$@"
 fi
 if [ "$1" = 'mattermost' ]; then
  # Check CLI args for a -config option
  for ARG in "$@"; do
    case "$ARG" in
    -config=*) MM_CONFIG=${ARG#*=} ;;
    esac
  done
  if [ ! -f "$MM_CONFIG" ]; then
    # If there is no configuration file, create it with some default values
    echo "No configuration file $MM_CONFIG"
    echo "Creating a new one"
    # Copy default configuration file
    cp /config.json.save "$MM_CONFIG"
    # Substitute some parameters with jq
    jq '.ServiceSettings.ListenAddress = ":8000"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.LogSettings.EnableConsole = true' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.LogSettings.ConsoleLevel = "ERROR"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.FileSettings.Directory = "/mattermost/data/"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.FileSettings.EnablePublicLink = true' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq ".FileSettings.PublicLinkSalt = \"$(generate_salt)\"" "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.EmailSettings.SendEmailNotifications = false' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.EmailSettings.FeedbackEmail = ""' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.EmailSettings.SMTPServer = ""' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.EmailSettings.SMTPPort = ""' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq ".EmailSettings.InviteSalt = \"$(generate_salt)\"" "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq ".EmailSettings.PasswordResetSalt = \"$(generate_salt)\"" "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.RateLimitSettings.Enable = true' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.SqlSettings.DriverName = "postgres"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq ".SqlSettings.AtRestEncryptKey = \"$(generate_salt)\"" "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
    jq '.PluginSettings.Directory = "/mattermost/plugins/"' "$MM_CONFIG" >"$MM_CONFIG.tmp" && mv "$MM_CONFIG.tmp" "$MM_CONFIG"
  else
    echo "Using existing config file $MM_CONFIG"
  fi
  # Configure database access
  if [ -z "$MM_SQLSETTINGS_DATASOURCE" ] && [ -n "$MM_USERNAME" ] && [ -n "$MM_PASSWORD" ]; then
    echo "Configure database connection..."
    # URLEncode the password, allowing for special characters
    ENCODED_PASSWORD=$(printf %s "$MM_PASSWORD" | jq -s -R -r @uri)
    export MM_SQLSETTINGS_DATASOURCE="postgres://$MM_USERNAME:$ENCODED_PASSWORD@$DB_HOST:$DB_PORT_NUMBER/$MM_DBNAME?sslmode=$DB_USE_SSL&connect_timeout=10"
    echo "OK"
  else
    echo "Using existing database connection"
  fi
  # Wait another second for the database to be properly started.
  # Necessary to avoid "panic: Failed to open sql connection pq: the database system is starting up"
  until pg_isready -h $DB_HOST -p $DB_PORT_NUMBER -U $MM_USERNAME
  do
 	  echo "Database is not ready yet. Waiting 5 seconds."
 	  sleep 5
  done
  echo "Starting mattermost"
 fi
 exec "$@"