update to 10.11

Merge pull request 'insert busybox into distroless container' (#7 ) from build-test into main
Reviewed-on: coop-cloud/mattermost#7
2025-12-18 10:57:36 -05:00 · 2025-12-18 15:52:56 +00:00 · 2025-12-15 20:16:47 -05:00 · 2025-12-15 20:11:58 -05:00 · 2025-12-15 20:08:32 -05:00 · 2025-12-15 19:48:27 -05:00
7 changed files with 45 additions and 9 deletions
--- a/.env.sample
+++ b/.env.sample
@ -33,4 +33,7 @@ ORG_NAME="My Organization"
 #SSO_DOMAIN=accounts.example.com
 #SSO_APP=mattermost
 #SSO_ID=
-#SECRET_MATTERMOST_SSO_SECRET_VERSION=v1
+#SECRET_MATTERMOST_SSO_SECRET_VERSION=v1
+
+## Enable enterprise version (requires a valid license)
+#COMPOSE_FILE="$COMPOSE_FILE:compose.license.yml"
--- a/README.md
+++ b/README.md
@ -79,6 +79,16 @@ This is how to configure your Mattermost server to accept logins from your Authe
 - Go to https://YOURAPPNAME/admin_console/authentication/email
 - Set **Enable sign-in with email** and **Enable sign-in with username** to `false`

+## Use a Mattermost Enterprise License
+**NOTE: This deploys non-FOSS code and requires you to pay Mattermost for a license to enable features. Not recommended unless you know what you're doing.**
+- `abra app config YOURAPPNAME`
+- Uncomment the section which starts with `## Enable enterprise version`
+- `abra app undeploy YOURAPPNAME`
+- `abra app deploy YOURAPPNAME`
+
+
+# Technical Notes
+This recipe inserts a statically-compiled busybox binary from `busybox:1.25-uclibc` into the distroless container, to allow running the custom entrypoint shell script which configures Mattermost.

 [`abra`]: https://git.coopcloud.tech/coop-cloud/abra
 [`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik
--- a/abra.sh
+++ b/abra.sh
@ -1,5 +1,6 @@
-export ENTRYPOINT_VERSION=v1
+export ENTRYPOINT_VERSION=v3
 export MATTERMOST_CONFIG_VERSION=v1
+export SHELL_VERSION=v1

 reset_config() {
    cp /config-to-copy.json /mattermost/config/config.json && touch /mattermost/config/CoopCloudManaged
--- a/bin/busybox
+++ b/bin/busybox
--- a/compose.license.yml
+++ b/compose.license.yml
@ -0,0 +1,5 @@
+version: "3.8"
+
+services:
+  app:
+    image: mattermost/mattermost-enterprise-edition:10.11
--- a/compose.yml
+++ b/compose.yml
@ -2,7 +2,7 @@ version: "3.8"

 services:
  app:
-    image: mattermost/mattermost-team-edition:10.5.0
+    image: mattermost/mattermost-team-edition:10.11
    environment:
      - TZ
      - MM_SQLSETTINGS_DRIVERNAME=postgres
@ -26,13 +26,16 @@ services:
        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
-        - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.scheme=https"
-        - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectscheme.permanent=true"
-        - "coop-cloud.${STACK_NAME}.version=1.5.3+9.11.8"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
+        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
+        - "coop-cloud.${STACK_NAME}.version=2.2.0+10.11"
        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
        - "backupbot.backup=true"
        - "backupbot.backup.path=/mattermost,/etc/ssl"
    configs:
+      - source: busybox
+        target: /bin/busybox
+        mode: 0555
      - source: abra_mattermost_entrypoint
        target: /abra-mattermost-entrypoint.sh
        mode: 0555
@ -69,6 +72,9 @@ configs:
  abra_mattermost_entrypoint:
    name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION}
    file: ./entrypoint.sh
+  busybox:
+    name: ${STACK_NAME}_busybox_${SHELL_VERSION}
+    file: ./bin/busybox


 networks:
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -1,4 +1,13 @@
-#!/bin/sh
+#!/bin/busybox sh
+/bin/busybox mkdir /tmp/bin
+export PATH=$PATH:/tmp/bin
+/bin/busybox ln -s /bin/busybox /tmp/bin/ln
+ln -s /bin/busybox /tmp/bin/cat
+ln -s /bin/busybox /tmp/bin/echo
+ln -s /bin/busybox /tmp/bin/cp
+ln -s /bin/busybox /tmp/bin/touch
+ln -s /bin/busybox /tmp/bin/rm
+
 set -e
 if test -f "/run/secrets/postgres_password"; then
    pwd=`cat /run/secrets/postgres_password`
@ -21,5 +30,7 @@ if ! test -f "/mattermost/config/CoopCloudManaged"; then
    cp /config-to-copy.json /mattermost/config/config.json && touch /mattermost/config/CoopCloudManaged
 fi

-# https://github.com/mattermost/mattermost-server/blob/master/build/Dockerfile
-/entrypoint.sh "mattermost"
+rm -rf /tmp/bin
+
+# https://github.com/mattermost/mattermost/blob/master/server/build/Dockerfile
+/mattermost/bin/mattermost
Author	SHA1	Message	Date
marlon	9f1e6b3fc4	update to 10.11	2025-12-18 10:57:36 -05:00
marlon	1ffea485ff	Merge pull request 'insert busybox into distroless container' (#7 ) from build-test into main Reviewed-on: coop-cloud/mattermost#7	2025-12-18 15:52:56 +00:00
marlon	a7ffa1b072	cleanup	2025-12-15 20:16:47 -05:00
marlon	c4d2fd1db2	document distroless busybox workaround	2025-12-15 20:11:58 -05:00
marlon	9fcf98eb0d	add busybox rm to cleanup	2025-12-15 20:08:32 -05:00
marlon	81b09e4fe0	working	2025-12-15 19:48:27 -05:00
marlon	5f9d7c7172	10.5.14 update	2025-12-10 20:30:10 -05:00
marlon	a86f3f5072	updated to 10.5.14 instead of most recent to avoid distroless image	2025-12-10 16:51:08 -05:00
marlon	4a06fb29ee	update custom entrypoint launch command	2025-12-10 14:36:59 -05:00
marlon	86189220c1	update to 10.11	2025-12-10 14:19:45 -05:00
marlon	5f0295b98a	chore: publish 2.1.0+10.5.0 release	2025-04-16 12:45:26 -04:00
marlon	6268af51ff	Merge pull request 'Add support for enterprise license' (#4 ) from license-support into main Reviewed-on: coop-cloud/mattermost#4	2025-04-16 15:49:43 +00:00
marlon	e3268bc404	Add support for enterprise license	2025-04-11 11:14:24 -04:00