Mattermost Docker Deployment
Free-to-use Mattermost Team Edition

1. Background
Mattermost is an open-source, self-hostable online chat service with file sharing, search, and integrations. It is designed as an internal chat for organizations and companies, and mostly markets itself as an open-source alternative to Slack and Microsoft Teams.
Team Edition is a free-to-use, open source, self-hosted collaboration platform offering all the core productivity benefits of competing SaaS solutions. It deploys as a single Linux binary with MySQL or PostgreSQL under an MIT license.
2. Mattermost Configuration
- Prerequisites
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
- Create Mattermost directory
mkdir -p /your/path/mattermost && cd /your/path/mattermost
- Create compose file
nano docker-compose.yml
version: '3.8'
services:
postgres:
container_name: postgres_mattermost
image: postgres:13-alpine
restart: unless-stopped
security_opt:
- no-new-privileges:true
pids_limit: 100
read_only: true
tmpfs:
- /tmp
- /var/run/postgresql
env_file:
- .env
volumes:
- ./volumes/db:/var/lib/postgresql/data
mattermost:
container_name: mattermost
image: mattermost/mattermost-team-edition:latest
restart: unless-stopped
depends_on:
- postgres
security_opt:
- no-new-privileges:true
pids_limit: 200
read_only: false
tmpfs:
- /tmp
env_file:
- .env
ports:
- 127.0.0.1:8065:8065
volumes:
- ./volumes/app/mattermost/config:/mattermost/config:rw
- ./volumes/app/mattermost/data:/mattermost/data:rw
- ./volumes/app/mattermost/logs:/mattermost/logs:rw
- ./volumes/app/mattermost/plugins:/mattermost/plugins:rw
- ./volumes/app/mattermost/client/plugins:/mattermost/client/plugins:rw
- ./volumes/app/mattermost/bleve-indexes:/mattermost/bleve-indexes:rw
- Create .env file
nano .env
POSTGRES_DB=mattermost
POSTGRES_USER=example_user
POSTGRES_PASSWORD=example_password
MM_SQLSETTINGS_DRIVERNAME=postgres
MM_SQLSETTINGS_DATASOURCE=postgres://example_user:example_password@postgres:5432/mattermost?sslmode=disable&connect_timeout=10
MM_BLEVESETTINGS_INDEXDIR=/mattermost/bleve-indexes
MM_SERVICESETTINGS_SITEURL=https://mattermost.example.com
Replace POSTGRES_USER
, POSTGRES_PASSWORD
, MM_SQLSETTINGS_DATASOURCE
, MM_SERVICESETTINGS_SITEURL
with your own value.
- Create directories
mkdir -p ./volumes/app/mattermost/{config,data,logs,plugins,client/plugins,bleve-indexes}
- Grant the correct directory permissions
chown -R 2000:2000 ./volumes/app/mattermost
- Bring up the container
docker-compose up -d
2. Nginx Configuration
- Install Nginx and Certbot
apt -y install nginx python3-certbot-nginx
- Create a new Nginx site configuration file
nano /etc/nginx/conf.d/mattermost.conf
upstream backend {
server 127.0.0.1:8065;
keepalive 32;
}
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;
server {
listen 80;
server_name mattermost.example.com;
location ~ /api/v[0-9]+/(users/)?websocket$ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
client_max_body_size 0;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
client_body_timeout 60;
send_timeout 300;
lingering_timeout 5;
proxy_connect_timeout 90;
proxy_send_timeout 300;
proxy_read_timeout 90s;
proxy_pass http://backend;
}
location / {
client_max_body_size 0;
proxy_set_header Connection "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
proxy_read_timeout 600s;
proxy_cache mattermost_cache;
proxy_cache_revalidate on;
proxy_cache_min_uses 2;
proxy_cache_use_stale timeout;
proxy_cache_lock on;
proxy_http_version 1.1;
proxy_pass http://backend;
}
}
- Issue SSL cert via Certbot
certbot –nginx
- Restart Nginx
nginx -t
systemctl restart nginx
Enjoy!
Copyright statement: Unless otherwise stated, all articles on this blog adopt the CC BY-NC-SA 4.0 license agreement. For non-commercial reprints and citations, please indicate the author: Henry, and original article URL. For commercial reprints, please contact the author for authorization.