Skip to content

Commit

Permalink
Merge pull request mattermost#49 from craph/update_mm_version
Browse files Browse the repository at this point in the history
Update Mattermost version in env.example
  • Loading branch information
metanerd authored Oct 12, 2021
2 parents 3270c21 + f901fee commit 1a4a18e
Show file tree
Hide file tree
Showing 4 changed files with 7 additions and 20 deletions.
14 changes: 3 additions & 11 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -64,28 +64,20 @@ mkdir -p ./volumes/web/cert
cp PATH-TO-CERT.PEM ./volumes/web/cert/cert.pem
cp PATH-TO-KEY.PEM ./volumes/web/cert/key-no-password.pem
```
#### 5.2 Configure SSO with GitLab
If you are looking for SSO with GitLab and you use self signed certificate you have to add the PKI chain of your authority in app because Alpine doesn't know him. This is required to avoid **Token request failed: certificate signed by unknown authority**

For that uncomment this line :
```
# - ${GITLAB_PKI_CHAIN_PATH}:/etc/ssl/certs/pki_chain.pem:ro
```

#### 5.3 Let's Encrypt
#### 5.2 Let's Encrypt
For using Let's Encrypt you can use this Bash script located in scripts/issue-certificate.sh (or follow the steps in docs/issuing-letsencrypt-certificate.md). Make sure to adjust `mm.example.com` to match your domain configured in step 2.
```
bash scripts/issue-certificate.sh -d mm.example.com -o ${PWD}/certs
```
Otherwise please consult the Certbot [documentation](https://certbot.eff.org/instructions) on how to issue a standalone certificate and ensure the paths to the certificate and key are correctly set in your *.env*.

#### 5.4 Adjusting the `.env` file.
Once you've completed 5.1 or 5.2 or 5.3 you'll need to adjust the `.env` file accordingly. With 5.1 verify the first two lines below are uncommented in the `.env` file, with 5.2 uncomment the third line and put the correct path for your pki chain, with 5.3 comment out the first two lines and uncomment the last two lines.
#### 5.3 Adjusting the `.env` file.
Once you've completed 5.1 or 5.2 you'll need to adjust the `.env` file accordingly. With 5.1 verify the first two lines below are uncommented in the `.env` file, with 5.2 comment out the first two lines and uncomment the last two lines.

```
CERT_PATH=./volumes/web/cert/cert.pem
KEY_PATH=./volumes/web/cert/key-no-password.pem
#GITLAB_PKI_CHAIN_PATH=<path_to_your_gitlab_pki>/pki_chain.pem
#CERT_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/fullchain.pem
#KEY_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/privkey.pem
```
Expand Down
6 changes: 1 addition & 5 deletions docker-compose.nginx.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,13 +21,9 @@ services:
- ${CERT_PATH}:/cert.pem:ro
- ${KEY_PATH}:/key.pem:ro
- shared-webroot:/usr/share/nginx/html
# When you want to use SSO with GitLab, you have to add the cert pki chain of GitLab inside Alpine
# to avoid Token request failed: certificate signed by unknown authority
# (link: https://github.com/mattermost/mattermost-server/issues/13059 and https://github.com/mattermost/docker/issues/34)
# - ${GITLAB_PKI_CHAIN_PATH}:/etc/ssl/certs/pki_chain.pem:ro
environment:
# timezone inside container
- TZ: ${TZ}
- TZ
ports:
- ${HTTPS_PORT}:443
- ${HTTP_PORT}:80
Expand Down
4 changes: 2 additions & 2 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ services:
- ${POSTGRES_DATA_PATH}:/var/lib/postgresql/data
environment:
# timezone inside container
- TZ: ${TZ}
- TZ

# necessary Postgres options/variables
- POSTGRES_USER
Expand All @@ -45,7 +45,7 @@ services:
- ${MATTERMOST_CLIENT_PLUGINS_PATH}:/mattermost/client/plugins:rw
environment:
# timezone inside container
- TZ: ${TZ}
- TZ

# necessary Mattermost options/variables (see env.example)
- MM_SQLSETTINGS_DRIVERNAME
Expand Down
3 changes: 1 addition & 2 deletions env.example
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,6 @@ NGINX_DHPARAMS_FILE=./nginx/dhparams4096.pem

CERT_PATH=./volumes/web/cert/cert.pem
KEY_PATH=./volumes/web/cert/key-no-password.pem
#GITLAB_PKI_CHAIN_PATH=<path_to_your_gitlab_pki>/pki_chain.pem
#CERT_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/fullchain.pem
#KEY_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/privkey.pem

Expand All @@ -56,7 +55,7 @@ MATTERMOST_CLIENT_PLUGINS_PATH=./volumes/app/mattermost/client/plugins

## This will be 'mattermost-enterprise-edition' or 'mattermost-team-edition' based on the version of Mattermost you're installing.
MATTERMOST_IMAGE=mattermost-enterprise-edition
MATTERMOST_IMAGE_TAG=5.38
MATTERMOST_IMAGE_TAG=5.39

## Make Mattermost container readonly. This interferes with the regeneration of root.html inside the container. Only use
## it if you know what you're doing.
Expand Down

0 comments on commit 1a4a18e

Please sign in to comment.