Compare commits
10 Commits
backups
...
2.2.0+10.1
| Author | SHA1 | Date | |
|---|---|---|---|
| 9f1e6b3fc4 | |||
| 1ffea485ff | |||
| a7ffa1b072 | |||
| c4d2fd1db2 | |||
| 9fcf98eb0d | |||
| 81b09e4fe0 | |||
| 5f9d7c7172 | |||
| a86f3f5072 | |||
| 4a06fb29ee | |||
| 86189220c1 |
@ -87,5 +87,8 @@ This is how to configure your Mattermost server to accept logins from your Authe
|
||||
- `abra app deploy YOURAPPNAME`
|
||||
|
||||
|
||||
# Technical Notes
|
||||
This recipe inserts a statically-compiled busybox binary from `busybox:1.25-uclibc` into the distroless container, to allow running the custom entrypoint shell script which configures Mattermost.
|
||||
|
||||
[`abra`]: https://git.coopcloud.tech/coop-cloud/abra
|
||||
[`coop-cloud/traefik`]: https://git.coopcloud.tech/coop-cloud/traefik
|
||||
|
||||
5
abra.sh
5
abra.sh
@ -1,7 +1,6 @@
|
||||
export ENTRYPOINT_VERSION=v1
|
||||
export ENTRYPOINT_VERSION=v3
|
||||
export MATTERMOST_CONFIG_VERSION=v1
|
||||
export BACKUP_MATTERMOST_VERSION=v1
|
||||
export BACKUP_POSTGRES_VERSION=v1
|
||||
export SHELL_VERSION=v1
|
||||
|
||||
reset_config() {
|
||||
cp /config-to-copy.json /mattermost/config/config.json && touch /mattermost/config/CoopCloudManaged
|
||||
|
||||
@ -1,21 +0,0 @@
|
||||
if [ "$1" == "pre-backup" ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$1" == "pre-backup" ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$1" == "pre-restore" ]; then
|
||||
# kill the running plugins that need to be overwritten
|
||||
pkill -f '.*plugins'
|
||||
sleep 40
|
||||
pkill -f '.*plugins'
|
||||
sleep 40
|
||||
pkill -f '.*plugins'
|
||||
fi
|
||||
|
||||
if [ "$1" == "post-restore" ]; then
|
||||
# kill mattermost so that the container restarts
|
||||
pkill -f mattermost
|
||||
fi
|
||||
@ -1,19 +0,0 @@
|
||||
if [ "$1" == "pre-backup" ]; then
|
||||
# Remove any existing db dump and then create a new one
|
||||
rm -rf /var/lib/postgresql/data/postgres-backup
|
||||
PGPASSWORD=$(cat ${POSTGRES_PASSWORD_FILE}) pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} --format=directory -f /var/lib/postgresql/data/postgres-backup
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$1" == "post-backup" ]; then
|
||||
rm -rf /var/lib/postgresql/data/postgres-backup
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$1" == "pre-restore" ]; then
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$1" == "post-restore" ]; then
|
||||
pg_restore -U $POSTGRES_USER -d $POSTGRES_DB -c /var/lib/postgresql/data/postgres-backup
|
||||
fi
|
||||
BIN
bin/busybox
Executable file
BIN
bin/busybox
Executable file
Binary file not shown.
@ -2,4 +2,4 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: mattermost/mattermost-enterprise-edition:10.5.0
|
||||
image: mattermost/mattermost-enterprise-edition:10.11
|
||||
|
||||
38
compose.yml
38
compose.yml
@ -2,7 +2,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: mattermost/mattermost-team-edition:10.5.0
|
||||
image: mattermost/mattermost-team-edition:10.11
|
||||
environment:
|
||||
- TZ
|
||||
- MM_SQLSETTINGS_DRIVERNAME=postgres
|
||||
@ -28,22 +28,17 @@ services:
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.1.0+10.5.0"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.2.0+10.11"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
- "backupbot.backup=true"
|
||||
- "backupbot.backup.path=/mattermost,/etc/ssl"
|
||||
- "backupbot.restore.pre-hook=/backup.sh pre-restore"
|
||||
- "backupbot.restore.post-hook=/backup.sh post-restore"
|
||||
configs:
|
||||
- source: busybox
|
||||
target: /bin/busybox
|
||||
mode: 0555
|
||||
- source: abra_mattermost_entrypoint
|
||||
target: /abra-mattermost-entrypoint.sh
|
||||
mode: 0555
|
||||
- source: backup-mattermost
|
||||
target: /backup.sh
|
||||
mode: 0777
|
||||
- source: mattermost-config
|
||||
target: /config-to-copy.json
|
||||
mode: 0555
|
||||
secrets:
|
||||
- postgres_password
|
||||
entrypoint: /abra-mattermost-entrypoint.sh
|
||||
@ -57,10 +52,6 @@ services:
|
||||
- POSTGRES_USER=mattermost
|
||||
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
|
||||
- POSTGRES_DB=mattermost
|
||||
configs:
|
||||
- source: backup-postgres
|
||||
target: /backup.sh
|
||||
mode: 0777
|
||||
secrets:
|
||||
- postgres_password
|
||||
networks:
|
||||
@ -68,10 +59,9 @@ services:
|
||||
deploy:
|
||||
labels:
|
||||
backupbot.backup: "true"
|
||||
backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/postgres-backup.sql"
|
||||
backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/postgres-backup.sql"
|
||||
backupbot.backup.path: "/var/lib/postgresql/data/"
|
||||
backupbot.backup.pre-hook: "/backup.sh pre-backup"
|
||||
backupbot.backup.post-hook: "/backup.sh post-backup"
|
||||
backupbot.restore.post-hook: "/backup.sh post-restore"
|
||||
|
||||
secrets:
|
||||
postgres_password:
|
||||
@ -82,16 +72,10 @@ configs:
|
||||
abra_mattermost_entrypoint:
|
||||
name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION}
|
||||
file: ./entrypoint.sh
|
||||
backup-mattermost:
|
||||
name: ${STACK_NAME}_backup-mattermost_${BACKUP_MATTERMOST_VERSION}
|
||||
file: ./backup-mattermost.sh
|
||||
backup-postgres:
|
||||
name: ${STACK_NAME}_backup-postgres_${BACKUP_POSTGRES_VERSION}
|
||||
file: ./backup-postgres.sh
|
||||
mattermost-config:
|
||||
name: ${STACK_NAME}_mattermost_config_${MATTERMOST_CONFIG_VERSION}
|
||||
file: ./config.json.tmpl
|
||||
template_driver: golang
|
||||
busybox:
|
||||
name: ${STACK_NAME}_busybox_${SHELL_VERSION}
|
||||
file: ./bin/busybox
|
||||
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
|
||||
@ -1,4 +1,13 @@
|
||||
#!/bin/sh
|
||||
#!/bin/busybox sh
|
||||
/bin/busybox mkdir /tmp/bin
|
||||
export PATH=$PATH:/tmp/bin
|
||||
/bin/busybox ln -s /bin/busybox /tmp/bin/ln
|
||||
ln -s /bin/busybox /tmp/bin/cat
|
||||
ln -s /bin/busybox /tmp/bin/echo
|
||||
ln -s /bin/busybox /tmp/bin/cp
|
||||
ln -s /bin/busybox /tmp/bin/touch
|
||||
ln -s /bin/busybox /tmp/bin/rm
|
||||
|
||||
set -e
|
||||
if test -f "/run/secrets/postgres_password"; then
|
||||
pwd=`cat /run/secrets/postgres_password`
|
||||
@ -21,5 +30,7 @@ if ! test -f "/mattermost/config/CoopCloudManaged"; then
|
||||
cp /config-to-copy.json /mattermost/config/config.json && touch /mattermost/config/CoopCloudManaged
|
||||
fi
|
||||
|
||||
# https://github.com/mattermost/mattermost-server/blob/master/build/Dockerfile
|
||||
/entrypoint.sh "mattermost"
|
||||
rm -rf /tmp/bin
|
||||
|
||||
# https://github.com/mattermost/mattermost/blob/master/server/build/Dockerfile
|
||||
/mattermost/bin/mattermost
|
||||
12
gitlab_config_patch.json.tmpl
Normal file
12
gitlab_config_patch.json.tmpl
Normal file
@ -0,0 +1,12 @@
|
||||
{
|
||||
"Enable": true,
|
||||
"Secret": "${MATTERMOST_SSO_SECRET}",
|
||||
"Id": "${SSO_ID}",
|
||||
"Scope": "",
|
||||
"AuthEndpoint": "https://${SSO_DOMAIN}/application/o/authorize/",
|
||||
"TokenEndpoint": "https://${SSO_DOMAIN}/application/o/token/",
|
||||
"UserAPIEndpoint": "https://${SSO_DOMAIN}/application/o/userinfo/",
|
||||
"DiscoveryEndpoint": "https://${SSO_DOMAIN}/application/o/${SSO_APP}/.well-known/openid-configuration",
|
||||
"ButtonText": "${ORG_NAME}",
|
||||
"ButtonColor": "#ff0000"
|
||||
}
|
||||
Reference in New Issue
Block a user