From ffa2bbd7b8bbd76d811f7d55e84a6b13aa23cc69 Mon Sep 17 00:00:00 2001
From: L4RM4ND <21357789+l4rm4nd@users.noreply.github.com>
Date: Tue, 28 Nov 2023 13:43:37 +0100
Subject: [PATCH] add mattermost

---
 README.md                              |  1 +
 examples/mattermost/README.md          | 16 ++++++
 examples/mattermost/docker-compose.yml | 77 ++++++++++++++++++++++++++
 examples/mattermost/env.example        | 61 ++++++++++++++++++++
 4 files changed, 155 insertions(+)
 create mode 100644 examples/mattermost/README.md
 create mode 100644 examples/mattermost/docker-compose.yml
 create mode 100644 examples/mattermost/env.example

diff --git a/README.md b/README.md
index 52355bb..a51818e 100644
--- a/README.md
+++ b/README.md
@@ -221,6 +221,7 @@ docker compose up
 ### Communication and Social
 - [Mirotalk P2P](examples/mirotalk) - Simple, Secure, Fast Real-Time Video Conferences Up to 4k and 60fps, compatible with all browsers and platforms.
 - [Rocket.Chat](examples/rocketchat) - Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript for organizations with high standards of data protection.
+- [Mattermost](examples/mattermost) - Mattermost is an open source platform for secure collaboration across the entire software development lifecycle.
 - [Answer](examples/answer) - An open-source knowledge-based community software. You can use it quickly to build Q&A community for your products, customers, teams, and more.
 - [Excalidraw](examples/excalidraw) - Excalidraw is a virtual collaborative whiteboard tool that lets you easily sketch diagrams that have a hand-drawn feel to them.
 - [Reactive-Resume](examples/rxresume) - A one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever.
diff --git a/examples/mattermost/README.md b/examples/mattermost/README.md
new file mode 100644
index 0000000..cb19d13
--- /dev/null
+++ b/examples/mattermost/README.md
@@ -0,0 +1,16 @@
+# References
+
+- https://github.com/mattermost/docker
+- https://docs.mattermost.com/install/install-docker.html
+
+# Notes
+
+The bind volume permissions must be adjusted:
+
+````
+sudo chown -R 2000:2000 /mnt/docker-volumes/mattermost/*
+````
+
+Then rename `env.example` to `.env` and adjust to your needs.
+
+Finally, run `docker compose up` to spawn the container.
diff --git a/examples/mattermost/docker-compose.yml b/examples/mattermost/docker-compose.yml
new file mode 100644
index 0000000..e17d946
--- /dev/null
+++ b/examples/mattermost/docker-compose.yml
@@ -0,0 +1,77 @@
+version: "2.4"
+
+services:
+  postgres:
+    image: postgres:${POSTGRES_IMAGE_TAG}
+    container_name: mattermost-db
+    restart: ${RESTART_POLICY}
+    security_opt:
+      - no-new-privileges:true
+    pids_limit: 100
+    read_only: true
+    tmpfs:
+      - /tmp
+      - /var/run/postgresql
+    volumes:
+      - ${POSTGRES_DATA_PATH}:/var/lib/postgresql/data
+    environment:
+      # timezone inside container
+      - TZ
+      # necessary Postgres options/variables
+      - POSTGRES_USER
+      - POSTGRES_PASSWORD
+      - POSTGRES_DB
+    #networks:
+    #  - mattermost_default
+
+  mattermost:
+    image: mattermost/${MATTERMOST_IMAGE}:${MATTERMOST_IMAGE_TAG}
+    container_name: mattermost
+    depends_on:
+      - postgres
+    restart: ${RESTART_POLICY}
+    security_opt:
+      - no-new-privileges:true
+    pids_limit: 200
+    read_only: ${MATTERMOST_CONTAINER_READONLY}
+    expose:
+      - 8065
+    tmpfs:
+      - /tmp
+    volumes:
+      - ${MATTERMOST_CONFIG_PATH}:/mattermost/config:rw
+      - ${MATTERMOST_DATA_PATH}:/mattermost/data:rw
+      - ${MATTERMOST_LOGS_PATH}:/mattermost/logs:rw
+      - ${MATTERMOST_PLUGINS_PATH}:/mattermost/plugins:rw
+      - ${MATTERMOST_CLIENT_PLUGINS_PATH}:/mattermost/client/plugins:rw
+      - ${MATTERMOST_BLEVE_INDEXES_PATH}:/mattermost/bleve-indexes:rw
+    environment:
+      # timezone inside container
+      - TZ
+      # necessary Mattermost options/variables (see env.example)
+      - MM_SQLSETTINGS_DRIVERNAME
+      - MM_SQLSETTINGS_DATASOURCE
+      # necessary for bleve
+      - MM_BLEVESETTINGS_INDEXDIR
+      # additional settings
+      - MM_SERVICESETTINGS_SITEURL
+    #networks:
+    #  - proxy
+    #  - mattermost_default
+    #labels:
+    #  - traefik.enable=true
+    #  - traefik.docker.network=proxy
+    #  - traefik.http.routers.mattermost.rule=Host(`mattermost.example.com`)
+    #  - traefik.http.services.mattermost.loadbalancer.server.port=8065
+    #  - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
+    #  - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
+    #  - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
+    #  - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # optional, only necessary for file uploads; allow 50MB
+    #  # Part for optional traefik middlewares
+    #  - traefik.http.routers.mattermost.middlewares=local-ipwhitelist@file
+
+#networks:
+#  proxy:
+#    external: true
+#  mattermost_default:
+#    external: false
\ No newline at end of file
diff --git a/examples/mattermost/env.example b/examples/mattermost/env.example
new file mode 100644
index 0000000..1f7712a
--- /dev/null
+++ b/examples/mattermost/env.example
@@ -0,0 +1,61 @@
+# Domain of service
+DOMAIN=mattermost.example.com
+
+# Container settings
+## Timezone inside the containers. The value needs to be in the form 'Europe/Berlin'.
+## A list of these tz database names can be looked up at Wikipedia
+## https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
+TZ=Europe/Berlin
+RESTART_POLICY=unless-stopped
+
+# Postgres settings
+## Documentation for this image and available settings can be found on hub.docker.com
+## https://hub.docker.com/_/postgres
+## Please keep in mind this will create a superuser and it's recommended to use a less privileged
+## user to connect to the database.
+## A guide on how to change the database user to a nonsuperuser can be found in docs/creation-of-nonsuperuser.md
+POSTGRES_IMAGE_TAG=13-alpine
+#POSTGRES_DATA_PATH=./volumes/db/var/lib/postgresql/data
+POSTGRES_DATA_PATH=${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/mattermost/psql
+POSTGRES_USER=mmuser
+POSTGRES_PASSWORD=mmuserpassword
+POSTGRES_DB=mattermost
+
+# Mattermost settings
+## Inside the container the uid and gid is 2000. The folder owner can be set with
+## `sudo chown -R 2000:2000 ./volumes/app/mattermost`.
+MATTERMOST_CONFIG_PATH=${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/mattermost/config
+MATTERMOST_DATA_PATH=${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/mattermost/data
+MATTERMOST_LOGS_PATH=${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/mattermost/logs
+MATTERMOST_PLUGINS_PATH=${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/mattermost/plugins
+MATTERMOST_CLIENT_PLUGINS_PATH=${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/mattermost/plugins
+MATTERMOST_BLEVE_INDEXES_PATH=${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/mattermost/bleve-indexes
+
+## Bleve index (inside the container)
+MM_BLEVESETTINGS_INDEXDIR=/mattermost/bleve-indexes
+
+## This will be 'mattermost-enterprise-edition' or 'mattermost-team-edition' based on the version of Mattermost you're installing.
+MATTERMOST_IMAGE=mattermost-enterprise-edition
+MATTERMOST_IMAGE_TAG=7.8
+
+## Make Mattermost container readonly. This interferes with the regeneration of root.html inside the container. Only use
+## it if you know what you're doing.
+## See https://github.com/mattermost/docker/issues/18
+MATTERMOST_CONTAINER_READONLY=false
+
+## The app port is only relevant for using Mattermost without the nginx container as reverse proxy. This is not meant
+## to be used with the internal HTTP server exposed but rather in case one wants to host several services on one host
+## or for using it behind another existing reverse proxy.
+APP_PORT=8065
+
+## Configuration settings for Mattermost. Documentation on the variables and the settings itself can be found at
+## https://docs.mattermost.com/administration/config-settings.html
+## Keep in mind that variables set here will take precedence over the same setting in config.json. This includes
+## the system console as well and settings set with env variables will be greyed out.
+
+## Below one can find necessary settings to spin up the Mattermost container
+MM_SQLSETTINGS_DRIVERNAME=postgres
+MM_SQLSETTINGS_DATASOURCE=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?sslmode=disable&connect_timeout=10
+
+## Example settings (any additional setting added here also needs to be introduced in the docker-compose.yml)
+MM_SERVICESETTINGS_SITEURL=https://${DOMAIN}
\ No newline at end of file