mattermost-docker
mattermost-docker copied to clipboard
mattermost
Deployment failures in a variety of configurations, including locally built and docker hub images
Hi,
I recognize this is open-source software. Much/all of it is built by volunteers. I would not submit this issue in most cases, but this is also an on-premises paid solution that I'm unable to even trial on my own server due to the difficulties I'm encountering with a bog-standard demo deploy. If the response to this ticket is "you're an idiot, you did this obvious thing wrong" or "fork and fix it yourself" so be it, I will accept that.
tl;dr I can't find any documentation for a docker-compose.yml that pulls the necessary images from docker hub. I'm having no end of problems building these images manually (see below details). Virtually every other docker-based application I run (which is in the dozens) has off-the-shelf images that I can just deploy without fiddling with Dockerfiles, filesystem permissions, etc, so I'm surprised enterprise-grade applications like this don't just work with a simple docker-compose deployment.
I've looked through several of the guides (many of which contradict each other or are deprecated), including the other issues in this repo.
I have reviewed the below and always get some variation of fatal error on deploy:
- The repo readme
- https://github.com/mattermost/mattermost-docker/issues/489#issuecomment-790277661 (which is for upgrades, not initial deployment)
- https://github.com/mattermost/mattermost-docker/issues/542
- https://github.com/mattermost/mattermost-docker/issues/399
- https://github.com/mattermost/mattermost-docker/issues/407
- https://docs.mattermost.com/install/prod-docker.html (fails, as written, with
ERROR: libressl3.3-libtls-3.3.3-r0: trying to overwrite usr/lib/libtls.so.20 owned by libretls-3.3.3-r0.on building the db image) - https://github.com/mattermost/mattermost-docker/issues/446 (marked as closed, but two others in addition to me report it's still happening)
- https://docs.mattermost.com/install/docker-local-machine.html (example docker run fails because there's no DB to connect to)
Thanks in advance for any feedback, suggestions, or ridicule at my incompetence.
The rest is some detail on the problems I'm encountering, but the above is the crux of the issue - it's very rare I need to futz around this much for a docker-based deploy of anything I run. Generally, I clone a repo (or even just copy/paste a docker-compose.yml sample), make a couple customizations for my use case, and docker-compose up -d and I'm done.
The key issue seems to be file permissions. When I run docker-compose as my regular non-root user, somehow it creates the volume directory as root? I'm no linux expert, but how is a non-root process creating a directory owned by root?
drwxr-xr-x 9 sulli sulli 4096 Jul 4 21:51 ./
drwxrwxr-x 45 sulli user 4096 Jul 4 21:17 ../
drwxr-xr-x 2 sulli sulli 4096 Jul 4 18:46 .circleci/
drwxr-xr-x 8 sulli sulli 4096 Jul 4 21:30 .git/
-rw-r--r-- 1 sulli sulli 134 Jul 4 18:46 .gitignore
-rw-r--r-- 1 sulli sulli 762 Jul 4 18:46 .travis.yml
-rwxr-xr-x 1 sulli sulli 609 Jul 4 18:46 CONTRIBUTING.md*
-rw-r--r-- 1 sulli sulli 10173 Jul 4 18:46 LICENSE
-rw-r--r-- 1 sulli sulli 2821 Jul 4 18:46 MAINTENANCE.md
-rw-r--r-- 1 sulli sulli 11127 Jul 4 18:46 README.md
drwxr-xr-x 2 sulli sulli 4096 Jul 4 21:33 app/
drwxr-xr-x 5 sulli sulli 4096 Jul 4 18:46 contrib/
drwxr-xr-x 2 sulli sulli 4096 Jul 4 21:35 db/
-rwxr-xr-x 1 sulli sulli 1239 Jul 4 21:49 docker-compose.yml*
**drwxr-xr-x 5 root root 4096 Jul 4 21:51 volumes/**
drwxr-xr-x 2 sulli sulli 4096 Jul 4 21:44 web/
resulting in...
Error: failed to load configuration: failed to create store: unable to load on store creation: failed to persist: failed to write file: open /mattermost/config/config.json: permission denied
Alright, so I tried using @mahenzon's container which attempts to set the permissions correctly and appears to do so. Now I run into this issue https://github.com/mattermost/mattermost-docker/issues/399 which I'm unable to work around.
2021/07/04 22:17:56 [error] 10#10: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://172.29.0.4:8000/", host: "localhost:8080"
I'd be overjoyed to hear "you're an idiot, you didn't read (x) right", but I feel I've done quite a bit of due diligence to resolve this on my own before reporting.
My current docker-compose.yml is:
version: "3"
services:
db:
image: postgres
restart: unless-stopped
volumes:
- ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=tJRkF6TsLF
- POSTGRES_DB=mattermost
app:
image: mahenzon/mattermost-enterprise
restart: unless-stopped
volumes:
- ./volumes/app/mattermost/config:/mattermost/config:rw
- ./volumes/app/mattermost/data:/mattermost/data:rw
- ./volumes/app/mattermost/logs:/mattermost/logs:rw
- ./volumes/app/mattermost/plugins:/mattermost/plugins:rw
- ./volumes/app/mattermost/client-plugins:/mattermost/client/plugins:rw
- /etc/localtime:/etc/localtime:ro
environment:
- MM_USERNAME=mmuser
- MM_PASSWORD=tJRkF6TsLF
- MM_DBNAME=mattermost
- MM_SQLSETTINGS_DATASOURCE=postgres://mmuser:tJRkF6TsLF@db:5432/mattermost?sslmode=disable&connect_timeout=10
web:
build: web
ports:
- "13531:8080"
read_only: true
restart: unless-stopped
volumes:
- ./volumes/web/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
cap_drop:
- ALL
I think I may finally have it working, though requiring a fair bit of deviation from documentation:
- git clone https://github.com/mattermost/mattermost-docker.git
- Modify the docker-compose to pull postgres from docker hub, rather than building it locally from the mattermost repo
- Run
mkdir -pv ./volumes/app/mattermost/{data,logs,config,plugins,client-plugins} - Run
sudo chown -R 1000:1000 ./volumes/app/mattermost/(change 1001 to your uid/gid if different) - docker-compose up --build
- Once it's up and accessible, shut it down
- Modify the config.json in volumes/app/mattermost/config with a siteurl and smtp, if needed
- docker-compose up -d
My current docker file (with some items obfuscated)
version: "3"
services:
db:
image: postgres
restart: unless-stopped
volumes:
- ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=password
- POSTGRES_DB=mattermost
app:
build:
context: app
args:
- PUID=1001
- PGID=1001
restart: unless-stopped
volumes:
- ./volumes/app/mattermost/config:/mattermost/config:rw
- ./volumes/app/mattermost/data:/mattermost/data:rw
- ./volumes/app/mattermost/logs:/mattermost/logs:rw
- ./volumes/app/mattermost/plugins:/mattermost/plugins:rw
- ./volumes/app/mattermost/client-plugins:/mattermost/client/plugins:rw
- /etc/localtime:/etc/localtime:ro
environment:
- MM_USERNAME=mmuser
- MM_PASSWORD=password
- MM_DBNAME=mattermost
- MM_SQLSETTINGS_DATASOURCE=postgres://mmuser:password@db:5432/mattermost?sslmode=disable&connect_timeout=10
web:
build: web
ports:
- "13531:8080"
read_only: true
restart: unless-stopped
volumes:
# This directory must have cert files if you want to enable SSL
- ./volumes/web/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
cap_drop:
- ALL
All that said, I'm not closing the issue, because if the above is an acceptable way to run Mattermost according to the maintainers, it should be documented somewhere.
It's also very problematic that things like siteurl seemingly can't be configured as environment variables in the docker-compose file. The deploy fails with numerous errors if I define a MM_SERVICESETTINGS_SITEURL in docker-compose.
Hey there, we have something in this repo that we use in production: https://github.com/btcpayserver/btcpayserver-infra
