feat: add Mattermost team chat platform to replace Gotify

Added Mattermost stack to the docker-compose infrastructure: - **Mattermost stack** (mattermost.pivoine.art): - Team collaboration and chat platform - PostgreSQL backend for message persistence - Email notifications via IONOS SMTP - Support for channels, direct messages, and integrations - Mobile and desktop app support - Full Traefik integration with SSL termination Infrastructure updates: - Updated PostgreSQL init script to create mattermost database - Added environment variables to arty.yml for Mattermost configuration - Updated compose.yaml include list - Configured email settings for notifications and invitations This will replace Gotify as the primary notification and messaging platform. All services integrated with Traefik for SSL termination and include Watchtower auto-update labels. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-08 19:43:11 +01:00
parent 4e43563d06
commit 5342dcfaf2
4 changed files with 88 additions and 1 deletions
--- a/arty.yml
+++ b/arty.yml
@@ -53,6 +53,12 @@ envs:
    GOTIFY_COMPOSE_PROJECT_NAME: messaging
    GOTIFY_IMAGE: gotify/server:latest
    GOTIFY_TRAEFIK_HOST: gotify.pivoine.art
+    # Mattermost
+    MATTERMOST_TRAEFIK_ENABLED: true
+    MATTERMOST_COMPOSE_PROJECT_NAME: mattermost
+    MATTERMOST_IMAGE: mattermost/mattermost-team-edition:latest
+    MATTERMOST_TRAEFIK_HOST: mattermost.pivoine.art
+    MATTERMOST_DB_NAME: mattermost
    # Scrapy
    SCRAPY_TRAEFIK_ENABLED: true
    SCRAPY_COMPOSE_PROJECT_NAME: scrapy
--- a/compose.yaml
+++ b/compose.yaml
@@ -4,6 +4,7 @@ include:
  - awsm/compose.yaml
  - sexy/compose.yaml
  - gotify/compose.yaml
+  - mattermost/compose.yaml
  - scrapy/compose.yaml
  - n8n/compose.yaml
  - stash/compose.yaml
--- a/core/postgres/init/01-init-databases.sh
+++ b/core/postgres/init/01-init-databases.sh
@@ -29,17 +29,22 @@ psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-E
    SELECT 'CREATE DATABASE joplin'
    WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'joplin')\gexec

+    -- Mattermost chat platform database
+    SELECT 'CREATE DATABASE mattermost'
+    WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'mattermost')\gexec
+
    -- Grant privileges to all databases
    GRANT ALL PRIVILEGES ON DATABASE directus TO $POSTGRES_USER;
    GRANT ALL PRIVILEGES ON DATABASE umami TO $POSTGRES_USER;
    GRANT ALL PRIVILEGES ON DATABASE n8n TO $POSTGRES_USER;
    GRANT ALL PRIVILEGES ON DATABASE linkwarden TO $POSTGRES_USER;
    GRANT ALL PRIVILEGES ON DATABASE joplin TO $POSTGRES_USER;
+    GRANT ALL PRIVILEGES ON DATABASE mattermost TO $POSTGRES_USER;

    -- Log success
    SELECT 'Compose databases initialized:' AS status;
    SELECT datname FROM pg_database
-    WHERE datname IN ('directus', 'umami', 'n8n', 'linkwarden', 'joplin')
+    WHERE datname IN ('directus', 'umami', 'n8n', 'linkwarden', 'joplin', 'mattermost')
    ORDER BY datname;
 EOSQL

@@ -53,4 +58,5 @@ echo "  • umami        - Tracking database"
 echo "  • n8n          - Workflow automation database"
 echo "  • linkwarden   - Bookmark manager database"
 echo "  • joplin       - Note-taking server database"
+echo "  • mattermost   - Chat platform database"
 echo ""
--- a/mattermost/compose.yaml
+++ b/mattermost/compose.yaml
@@ -0,0 +1,74 @@
+services:
+  mattermost:
+    image: ${MATTERMOST_IMAGE:-mattermost/mattermost-team-edition:latest}
+    container_name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_app
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    pids_limit: 200
+    read_only: false
+    tmpfs:
+      - /tmp
+    volumes:
+      - mattermost_config:/mattermost/config:rw
+      - mattermost_data:/mattermost/data:rw
+      - mattermost_logs:/mattermost/logs:rw
+      - mattermost_plugins:/mattermost/plugins:rw
+      - mattermost_client_plugins:/mattermost/client/plugins:rw
+      - mattermost_bleve:/mattermost/bleve-indexes:rw
+    environment:
+      TZ: ${TIMEZONE:-Europe/Berlin}
+      MM_SQLSETTINGS_DRIVERNAME: postgres
+      MM_SQLSETTINGS_DATASOURCE: postgres://${DB_USER}:${DB_PASSWORD}@${CORE_DB_HOST}:${CORE_DB_PORT}/${MATTERMOST_DB_NAME}?sslmode=disable&connect_timeout=10
+      MM_BLEVESETTINGS_INDEXDIR: /mattermost/bleve-indexes
+      MM_SERVICESETTINGS_SITEURL: https://${MATTERMOST_TRAEFIK_HOST}
+      MM_SERVICESETTINGS_ENABLELOCALMODE: "true"
+      # Email settings
+      MM_EMAILSETTINGS_ENABLESMTPAUTH: "true"
+      MM_EMAILSETTINGS_SMTPUSERNAME: ${EMAIL_SMTP_USER}
+      MM_EMAILSETTINGS_SMTPPASSWORD: ${EMAIL_SMTP_PASSWORD}
+      MM_EMAILSETTINGS_SMTPSERVER: ${EMAIL_SMTP_HOST}
+      MM_EMAILSETTINGS_SMTPPORT: ${EMAIL_SMTP_PORT}
+      MM_EMAILSETTINGS_CONNECTIONSECURITY: TLS
+      MM_EMAILSETTINGS_FEEDBACKNAME: Mattermost
+      MM_EMAILSETTINGS_FEEDBACKEMAIL: ${EMAIL_FROM}
+      MM_EMAILSETTINGS_REPLYTOADDRESS: ${EMAIL_FROM}
+    networks:
+      - compose_network
+    labels:
+      - 'traefik.enable=${MATTERMOST_TRAEFIK_ENABLED}'
+      # HTTP to HTTPS redirect
+      - 'traefik.http.middlewares.${MATTERMOST_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
+      - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.middlewares=${MATTERMOST_COMPOSE_PROJECT_NAME}-redirect-web-secure'
+      - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.rule=Host(`${MATTERMOST_TRAEFIK_HOST}`)'
+      - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
+      # HTTPS router
+      - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${MATTERMOST_TRAEFIK_HOST}`)'
+      - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
+      - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
+      - 'traefik.http.middlewares.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
+      - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure-compress,security-headers@file'
+      # Service
+      - 'traefik.http.services.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=8065'
+      - 'traefik.docker.network=${NETWORK_NAME}'
+      # Watchtower
+      - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
+
+volumes:
+  mattermost_config:
+    name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_config
+  mattermost_data:
+    name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_data
+  mattermost_logs:
+    name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_logs
+  mattermost_plugins:
+    name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_plugins
+  mattermost_client_plugins:
+    name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_client_plugins
+  mattermost_bleve:
+    name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_bleve
+
+networks:
+  compose_network:
+    name: ${NETWORK_NAME}
+    external: true