Use nginx-proxy and v3.7.1 (Docker)

Frequently Asked Questions Installation
1

Just want to describe my setup to run Mattermost using the Docker setup together with nginx-proxy in front of Mattermost. Since v3.7.1 the Mattermost Docker setup creates it’s own network for communication between containers. nginx-proxy needs to know about this network. That means you need to find the network and connect it to nginx-proxy:

docker network ls
# Grep the name of your Mattermost network like "mymattermost_default".
docker network connect mymattermost_default nginx-proxy

Now restart the Mattermost app container (or web if using it) to get nginx-proxy configured correctly:

docker-compose stop app
docker-compose start app

BTW: With nginx-proxy there is no need to run the web container. My docker-compose.yml looks like this:

version: "2"

services:

  db:
    build: db
    restart: unless-stopped
    volumes:
      - ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
      - /etc/localtime:/etc/localtime:ro
    environment:
      - POSTGRES_USER=mmuser
      - POSTGRES_PASSWORD=mmuser_password
      - POSTGRES_DB=mattermost
    # uncomment the following to enable backup
    #  - AWS_ACCESS_KEY_ID=XXXX
    #  - AWS_SECRET_ACCESS_KEY=XXXX
    #  - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
    #  - AWS_REGION=us-east-1
    #  in case your config is not in default location
    #  - MM_CONFIG=/mattermost/config/config.jso

  app:
    build:
      context: app
      # comment out for team edition
      #dockerfile: Dockerfile-enterprise
    restart: unless-stopped
    volumes:
      - ./volumes/app/mattermost/config:/mattermost/config:rw
      - ./volumes/app/mattermost/data:/mattermost/data:rw
      - ./volumes/app/mattermost/logs:/mattermost/logs:rw
      - /etc/localtime:/etc/localtime:ro
    environment:
      # set same as db credentials and dbname
      - MM_USERNAME=mmuser
      - MM_PASSWORD=mmuser_password
      - MM_DBNAME=mattermost
      - VIRTUAL_HOST=mymattermost.tld
      - LETSENCRYPT_HOST=mymattermost.tld
      - LETSENCRYPT_EMAIL=me@mymattermost.tld
    expose:
     - "80"
    depends_on:
      - db

Notes:

  • Important changes are the VIRTUAL_HOST environment variable and the expose directive which tells nginx-proxy where to connect to the Mattermost backend.
  • I’m using the LetsEncrypt companion container for nginx-proxy for automatic Let’s Encrypt certs.
  • You may customize the nginx-proxy settings as described at their Github page (can not post the link because as new user to this forum I’m not allowed to post mor than 2 links). For instance the Mattermost nginx is configured with client_max_body_size 50M;.
  • The network needs to be connected manually this way. To automatize this you may create a independent network before and use it together with nginx-proxy. See docker-compose documentation regarding using external networks.
1 Like
2

Thanks @fuerst for the tips. Since you are changing the docker-compose file, would you replace the web container image with your nginx-proxy so that you don’t need the steps to figure out the network. Also if you want, you can also use custom network, for which you can use your own network name (https://docs.docker.com/compose/networking/#specifying-custom-networks). Then connect nginx-proxy to the known network.

1 Like
3

The nginx-proxy is playing proxy for many containers at the host so I don’t want tight coupling to Mattermost. I rather look for an option to let the nginx-proxy container know: Hey, there is a mattermost container starting. Please use its network to connect to it.

4

This was super helpful for me to get things up and running.

I had to make one minor addition to get HTTPS to work, which was to expose port 443 as well. So my docker-compose.yml looks like this:

version: "2"

services:

  db:
    build: db
    restart: unless-stopped
    volumes:
      - ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
      - /etc/localtime:/etc/localtime:ro
    environment:
      - POSTGRES_USER=mmuser
      - POSTGRES_PASSWORD= mmuser_password
      - POSTGRES_DB=mattermost
    # uncomment the following to enable backup
    #  - AWS_ACCESS_KEY_ID=XXXX
    #  - AWS_SECRET_ACCESS_KEY=XXXX
    #  - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
    #  - AWS_REGION=us-east-1

  app:
    build:
      context: app
      # comment out for team edition
      # dockerfile: Dockerfile-enterprise
    restart: unless-stopped
    volumes:
      - ./volumes/app/mattermost/config:/mattermost/config:rw
      - ./volumes/app/mattermost/data:/mattermost/data:rw
      - ./volumes/app/mattermost/logs:/mattermost/logs:rw
      - /etc/localtime:/etc/localtime:ro
    environment:
      # set same as db credentials and dbname
      - MM_USERNAME=mmuser
      - MM_PASSWORD= mmuser_password
      - MM_DBNAME=mattermost
      - VIRTUAL_HOST=mymattermost.tld
      - LETSENCRYPT_HOST=mymattermost.tld
      - LETSENCRYPT_EMAIL=me@mymattermost.tld
    expose:
      - "80"
      - "443"
    links:
      - db:db
5

for anyone follow to this post, if you’re using team edition, you have to expose ‘8000’ in app block.