KAZ/KazV2
11
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

mattermost mostlymatter

Browse Source
This commit is contained in:
Fanch
2025-10-23 16:45:38 +02:00
parent b0b0059d47
commit 3bf2fc45de
2 changed files with 3 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
dockers/mattermost/Dockerfile
View File

@@ -1,87 +0,0 @@
# First stage - Ubuntu with document processing dependencies and curl for downloading
FROM ubuntu:noble-20250415.1@sha256:dc17125eaac86538c57da886e494a34489122fb6a3ebb6411153d742594c2ddc AS builder
# Setting bash as our shell, and enabling pipefail option
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Build Arguments
ARG PUID=2000
ARG PGID=2000
# MM_PACKAGE build arguments controls which version of mattermost to install, defaults to latest stable enterprise
# e.g. https://releases.mattermost.com/9.7.1/mattermost-9.7.1-linux-amd64.tar.gz
ARG MM_PACKAGE="https://latest.mattermost.com/mattermost-enterprise-linux"
# Install needed packages and indirect dependencies
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
ca-certificates \
curl \
media-types \
mailcap \
unrtf \
wv \
poppler-utils \
tidy \
tzdata \
&& rm -rf /var/lib/apt/lists/*
# Set mattermost group/user and download Mattermost
RUN mkdir -p /mattermost/data /mattermost/plugins /mattermost/client/plugins \
&& groupadd --gid ${PGID} mattermost \
&& useradd --uid ${PUID} --gid ${PGID} --comment "" --home-dir /mattermost mattermost \
&& curl -L $MM_PACKAGE | tar -xvz \
&& chown -R mattermost:mattermost /mattermost /mattermost/data /mattermost/plugins /mattermost/client/plugins
# Create PostgreSQL client SSL directory structure for ssl_mode=require
RUN mkdir -p /mattermost/.postgresql \
&& chmod 700 /mattermost/.postgresql
# Final stage using distroless for minimal attack surface
FROM gcr.io/distroless/base-debian12
# Some ENV variables
ENV PATH="/mattermost/bin:${PATH}"
ENV MM_SERVICESETTINGS_ENABLELOCALMODE="true"
# Copy over metadata files needed by runtime
COPY --from=builder /etc/mime.types /etc
# Copy CA certificates for SSL/TLS validation with proper ownership
COPY --from=builder --chown=2000:2000 /etc/ssl/certs /etc/ssl/certs
# Copy document processing utilities and necessary support files
COPY --from=builder /usr/bin/pdftotext /usr/bin/pdftotext
COPY --from=builder /usr/bin/wvText /usr/bin/wvText
COPY --from=builder /usr/bin/wvWare /usr/bin/wvWare
COPY --from=builder /usr/bin/unrtf /usr/bin/unrtf
COPY --from=builder /usr/bin/tidy /usr/bin/tidy
COPY --from=builder /usr/share/wv /usr/share/wv
# Copy necessary libraries for document processing utilities
COPY --from=builder /usr/lib/x86_64-linux-gnu/libpoppler.so* /usr/lib/
COPY --from=builder /usr/lib/x86_64-linux-gnu/libfreetype.so* /usr/lib/
COPY --from=builder /usr/lib/x86_64-linux-gnu/libpng16.so* /usr/lib/
COPY --from=builder /usr/lib/x86_64-linux-gnu/libwv-1.2.so* /usr/lib/
COPY --from=builder /usr/lib/x86_64-linux-gnu/libtidy.so* /usr/lib/
COPY --from=builder /usr/lib/x86_64-linux-gnu/libfontconfig.so* /usr/lib/
# Copy mattermost from builder stage
COPY --from=builder --chown=2000:2000 /mattermost /mattermost
# Copy passwd including mattermost user
COPY passwd /etc/passwd
# We should refrain from running as privileged user
USER mattermost
# Healthcheck to make sure container is ready - using mmctl instead of curl for distroless compatibility
HEALTHCHECK --interval=30s --timeout=10s \
CMD ["/mattermost/bin/mmctl", "system", "status", "--local"]
# Configure entrypoint and command with proper permissions
WORKDIR /mattermost
CMD ["/mattermost/bin/mattermost"]
EXPOSE 8065 8067 8074 8075
# Declare volumes for mount point directories
VOLUME ["/mattermost/data", "/mattermost/logs", "/mattermost/config", "/mattermost/plugins", "/mattermost/client/plugins"]

3
dockers/mattermost/docker-compose.yml
View File

@@ -1,3 +1,5 @@
# Mostlymatter from: https://framagit.org/framasoft/framateam/mostlymatter
# Don't forget to chmod +x
services: services:
app: app:
@@ -14,6 +16,7 @@ services:
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
- /etc/environment:/etc/environment:ro - /etc/environment:/etc/environment:ro
- ./mostlymatter-amd64-v11.0.2:/mattermost/bin/mattermost
env_file: env_file:
- ../../secret/env-${mattermostServName} - ../../secret/env-${mattermostServName}
environment: environment: