====== Nethserver / Mattermost ======
Trucs pour l'installation.
https://docs.nethserver.org/projects/nethserver-devel/en/latest/nethserver-mattermost.html

Mattermost est sur une VM Nethserver sur un nethserver

Installer le paquet Mattermost normalement (je ne sais pas si le ldap est bien pris en compte pour le moment)

===== virtual.conf =====
fabriquer un service proxy du webmin

/etc/httpd/conf.d/virtualhosts.conf
  * virtual.conf sur le nethserver d'hergement (partie)
<code>
# Virtual Host chat.monsite.xyz - *:443
# Description : mattermost nethserver VM
<VirtualHost *:443>
  ServerName chat.monsite.xyz
  SSLEngine on
  ProxyPreserveHost On
  # setup the proxy
  <Proxy *>
         Order allow,deny
         Allow from all
  </Proxy>
  # Set web sockets
  RewriteEngine On
  RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
  RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
  RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
  RewriteRule .* ws://192.168.1.163:8065%{REQUEST_URI} [P,QSA,L]
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f

  # Force SSL redirect
  RewriteCond %{HTTPS} !=on
  RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
  <LocationMatch "^/api/v(?<apiversion>[0-9]+)/(?<apiusers>users/)?websocket">
        Require all granted
        ProxyPass ws://192.168.1.163:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
        ProxyPassReverse ws://192.168.1.163:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
        ProxyPassReverseCookieDomain 192.168.1.163 chat.monsite.org
  </LocationMatch>
  <Location />
        Require all granted
        ProxyPass http://192.168.1.163:8065/
        ProxyPassReverse http://192.168.1.163:8065/
        ProxyPassReverseCookieDomain 192.168.1.163 chat.monsite.org
  </Location>
</VirtualHost>
# 
# Virtual Host chat.monsite.xyz - *:80
# Description : mattermost nethserver VM
<VirtualHost *:80>
    ServerName chat.monsite.xyz
    # Start Rewrite Engine
    RewriteEngine On
    # forcessl_redirect
    RewriteCond %{HTTPS} !=on
    RewriteRule (.*) https://%{SERVER_NAME}$1 [R,L]
    RedirectMatch 301 ^(?!/\.well-known/acme-challenge/).* https://chat.monsite.org
</VirtualHost>
</code>
  * virtual.conf sur le nethserver mattermost : celui fabriqué fonctionne (zz_mattermost.conf)

===== /opt/mattermost/config/config.json =====
<code>
{
    "ServiceSettings": {
        "SiteURL": "https://chat.monsite.xyz",
        "WebsocketURL": "",
        "LicenseFileLocation": "",
        "ListenAddress": ":8065",
        "ConnectionSecurity": "",
        "TLSCertFile": "",
        "TLSKeyFile": "",
        "TLSMinVer": "1.2",
        "TLSStrictTransport": false,
...
        "EnableAPIChannelDeletion": false,
        "EnableLocalMode": true,
        "LocalModeSocketLocation": "/var/tmp/mattermost_local.socket",
</code>

===== Intégration des utilisateurs existant =====

Le ldap à été liée sur le serveur principal, récupération des utilisateurs ldap
  mattermost-bulk-user-create Password,1234

Donne le role d'admin à l'admin existant pour le mode console

  sudo -u mattermost bin/mattermost --local roles system_admin admin

https://monsite.xyz/admin_console/reporting/system_analytics est alors accessible