diff --git a/arty.yml b/arty.yml index 4df3a03..b9707f2 100644 --- a/arty.yml +++ b/arty.yml @@ -53,6 +53,12 @@ envs: GOTIFY_COMPOSE_PROJECT_NAME: messaging GOTIFY_IMAGE: gotify/server:latest GOTIFY_TRAEFIK_HOST: gotify.pivoine.art + # Mattermost + MATTERMOST_TRAEFIK_ENABLED: true + MATTERMOST_COMPOSE_PROJECT_NAME: mattermost + MATTERMOST_IMAGE: mattermost/mattermost-team-edition:latest + MATTERMOST_TRAEFIK_HOST: mattermost.pivoine.art + MATTERMOST_DB_NAME: mattermost # Scrapy SCRAPY_TRAEFIK_ENABLED: true SCRAPY_COMPOSE_PROJECT_NAME: scrapy diff --git a/compose.yaml b/compose.yaml index 2d5f0a3..59dcd60 100644 --- a/compose.yaml +++ b/compose.yaml @@ -4,6 +4,7 @@ include: - awsm/compose.yaml - sexy/compose.yaml - gotify/compose.yaml + - mattermost/compose.yaml - scrapy/compose.yaml - n8n/compose.yaml - stash/compose.yaml diff --git a/core/postgres/init/01-init-databases.sh b/core/postgres/init/01-init-databases.sh index 33ea4b2..a7270d4 100644 --- a/core/postgres/init/01-init-databases.sh +++ b/core/postgres/init/01-init-databases.sh @@ -29,17 +29,22 @@ psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-E SELECT 'CREATE DATABASE joplin' WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'joplin')\gexec + -- Mattermost chat platform database + SELECT 'CREATE DATABASE mattermost' + WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'mattermost')\gexec + -- Grant privileges to all databases GRANT ALL PRIVILEGES ON DATABASE directus TO $POSTGRES_USER; GRANT ALL PRIVILEGES ON DATABASE umami TO $POSTGRES_USER; GRANT ALL PRIVILEGES ON DATABASE n8n TO $POSTGRES_USER; GRANT ALL PRIVILEGES ON DATABASE linkwarden TO $POSTGRES_USER; GRANT ALL PRIVILEGES ON DATABASE joplin TO $POSTGRES_USER; + GRANT ALL PRIVILEGES ON DATABASE mattermost TO $POSTGRES_USER; -- Log success SELECT 'Compose databases initialized:' AS status; SELECT datname FROM pg_database - WHERE datname IN ('directus', 'umami', 'n8n', 'linkwarden', 'joplin') + WHERE datname IN ('directus', 'umami', 'n8n', 'linkwarden', 'joplin', 'mattermost') ORDER BY datname; EOSQL @@ -53,4 +58,5 @@ echo " • umami - Tracking database" echo " • n8n - Workflow automation database" echo " • linkwarden - Bookmark manager database" echo " • joplin - Note-taking server database" +echo " • mattermost - Chat platform database" echo "" diff --git a/mattermost/compose.yaml b/mattermost/compose.yaml new file mode 100644 index 0000000..7bec1dd --- /dev/null +++ b/mattermost/compose.yaml @@ -0,0 +1,74 @@ +services: + mattermost: + image: ${MATTERMOST_IMAGE:-mattermost/mattermost-team-edition:latest} + container_name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_app + restart: unless-stopped + security_opt: + - no-new-privileges:true + pids_limit: 200 + read_only: false + tmpfs: + - /tmp + volumes: + - mattermost_config:/mattermost/config:rw + - mattermost_data:/mattermost/data:rw + - mattermost_logs:/mattermost/logs:rw + - mattermost_plugins:/mattermost/plugins:rw + - mattermost_client_plugins:/mattermost/client/plugins:rw + - mattermost_bleve:/mattermost/bleve-indexes:rw + environment: + TZ: ${TIMEZONE:-Europe/Berlin} + MM_SQLSETTINGS_DRIVERNAME: postgres + MM_SQLSETTINGS_DATASOURCE: postgres://${DB_USER}:${DB_PASSWORD}@${CORE_DB_HOST}:${CORE_DB_PORT}/${MATTERMOST_DB_NAME}?sslmode=disable&connect_timeout=10 + MM_BLEVESETTINGS_INDEXDIR: /mattermost/bleve-indexes + MM_SERVICESETTINGS_SITEURL: https://${MATTERMOST_TRAEFIK_HOST} + MM_SERVICESETTINGS_ENABLELOCALMODE: "true" + # Email settings + MM_EMAILSETTINGS_ENABLESMTPAUTH: "true" + MM_EMAILSETTINGS_SMTPUSERNAME: ${EMAIL_SMTP_USER} + MM_EMAILSETTINGS_SMTPPASSWORD: ${EMAIL_SMTP_PASSWORD} + MM_EMAILSETTINGS_SMTPSERVER: ${EMAIL_SMTP_HOST} + MM_EMAILSETTINGS_SMTPPORT: ${EMAIL_SMTP_PORT} + MM_EMAILSETTINGS_CONNECTIONSECURITY: TLS + MM_EMAILSETTINGS_FEEDBACKNAME: Mattermost + MM_EMAILSETTINGS_FEEDBACKEMAIL: ${EMAIL_FROM} + MM_EMAILSETTINGS_REPLYTOADDRESS: ${EMAIL_FROM} + networks: + - compose_network + labels: + - 'traefik.enable=${MATTERMOST_TRAEFIK_ENABLED}' + # HTTP to HTTPS redirect + - 'traefik.http.middlewares.${MATTERMOST_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https' + - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.middlewares=${MATTERMOST_COMPOSE_PROJECT_NAME}-redirect-web-secure' + - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.rule=Host(`${MATTERMOST_TRAEFIK_HOST}`)' + - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web.entrypoints=web' + # HTTPS router + - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${MATTERMOST_TRAEFIK_HOST}`)' + - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver' + - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure' + - 'traefik.http.middlewares.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true' + - 'traefik.http.routers.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure-compress,security-headers@file' + # Service + - 'traefik.http.services.${MATTERMOST_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=8065' + - 'traefik.docker.network=${NETWORK_NAME}' + # Watchtower + - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}' + +volumes: + mattermost_config: + name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_config + mattermost_data: + name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_data + mattermost_logs: + name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_logs + mattermost_plugins: + name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_plugins + mattermost_client_plugins: + name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_client_plugins + mattermost_bleve: + name: ${MATTERMOST_COMPOSE_PROJECT_NAME}_bleve + +networks: + compose_network: + name: ${NETWORK_NAME} + external: true