====== Nethserver / Mattermost ======
Trucs pour l'installation.
https://docs.nethserver.org/projects/nethserver-devel/en/latest/nethserver-mattermost.html
Mattermost est sur une VM Nethserver sur un nethserver
Installer le paquet Mattermost normalement (je ne sais pas si le ldap est bien pris en compte pour le moment)
===== virtual.conf =====
fabriquer un service proxy du webmin
/etc/httpd/conf.d/virtualhosts.conf
* virtual.conf sur le nethserver d'hergement (partie)
# Virtual Host chat.monsite.xyz - *:443
# Description : mattermost nethserver VM
ServerName chat.monsite.xyz
SSLEngine on
ProxyPreserveHost On
# setup the proxy
Order allow,deny
Allow from all
# Set web sockets
RewriteEngine On
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* ws://192.168.1.163:8065%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
# Force SSL redirect
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
[0-9]+)/(?users/)?websocket">
Require all granted
ProxyPass ws://192.168.1.163:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverse ws://192.168.1.163:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverseCookieDomain 192.168.1.163 chat.monsite.org
Require all granted
ProxyPass http://192.168.1.163:8065/
ProxyPassReverse http://192.168.1.163:8065/
ProxyPassReverseCookieDomain 192.168.1.163 chat.monsite.org
#
# Virtual Host chat.monsite.xyz - *:80
# Description : mattermost nethserver VM
ServerName chat.monsite.xyz
# Start Rewrite Engine
RewriteEngine On
# forcessl_redirect
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}$1 [R,L]
RedirectMatch 301 ^(?!/\.well-known/acme-challenge/).* https://chat.monsite.org
* virtual.conf sur le nethserver mattermost : celui fabriqué fonctionne (zz_mattermost.conf)
===== /opt/mattermost/config/config.json =====
{
"ServiceSettings": {
"SiteURL": "https://chat.monsite.xyz",
"WebsocketURL": "",
"LicenseFileLocation": "",
"ListenAddress": ":8065",
"ConnectionSecurity": "",
"TLSCertFile": "",
"TLSKeyFile": "",
"TLSMinVer": "1.2",
"TLSStrictTransport": false,
...
"EnableAPIChannelDeletion": false,
"EnableLocalMode": true,
"LocalModeSocketLocation": "/var/tmp/mattermost_local.socket",
===== Intégration des utilisateurs existant =====
Le ldap à été liée sur le serveur principal, récupération des utilisateurs ldap
mattermost-bulk-user-create Password,1234
Donne le role d'admin à l'admin existant pour le mode console
sudo -u mattermost bin/mattermost --local roles system_admin admin
https://monsite.xyz/admin_console/reporting/system_analytics est alors accessible