diff options
| author | Irene Knapp <ireneista@internetsafetylabs.org> | 2025-06-10 15:25:01 -0700 |
|---|---|---|
| committer | Irene Knapp <ireneista@internetsafetylabs.org> | 2025-06-17 21:25:18 -0700 |
| commit | 0e041c74e846c75bea41314c9e2a18c6a7dc44e2 (patch) | |
| tree | 6958f03a531a32f91d85b7055cda2844e02b415b | |
| parent | aecfac7a404b86b26d28bfe2a3077d3b0a41eee4 (diff) | |
switch to using the upstream nixos mattermost module
this does start up correctly, creating its state directory and so on. it isn't yet world-visible, because we don't have the SSO set up yet. that's likely to make testing it difficult, which is unfortunate but necessary, since there's no way it's secure. Change-Id: I9f40c21c2d41f7e037299cc51a26fdee4d53d3af
| -rw-r--r-- | flake.nix | 2 | ||||
| -rw-r--r-- | services/mattermost.nix | 32 | ||||
| -rw-r--r-- | services/mattermost/config.json | 669 | ||||
| -rw-r--r-- | services/mattermost/default.nix | 60 |
4 files changed, 33 insertions, 730 deletions
diff --git a/flake.nix b/flake.nix index 5d92034..3d15290 100644 --- a/flake.nix +++ b/flake.nix @@ -16,7 +16,7 @@ nixosModules.default = { ... }: { imports = [ ./services/common/database.nix - ./services/mattermost/default.nix + ./services/mattermost.nix ]; }; diff --git a/services/mattermost.nix b/services/mattermost.nix new file mode 100644 index 0000000..52d2598 --- /dev/null +++ b/services/mattermost.nix @@ -0,0 +1,32 @@ +{ config, pkgs, lib, ... }: + +{ + services.mattermost = { + enable = true; + + # The defaults, here for easy reference. + host = "127.0.0.1"; + port = 8065; + + # This is a placeholder, since it's the one domain name that's actually + # mapped to this server right now. Under no circumstances should we ever + # expose Mattermost directly to traffic from the internet, it always needs + # to be behind our reverse proxy, so please don't actually open the port + # or anything like that. Use an ssh tunnel for experimenting with it, + # until then. + siteUrl = "https://experiments.internetsafetylabs.org"; + + # For the usual nix reasons, we prefer to disable Mattermost's in-band + # configuration and do all config through nix. + preferNixConfig = true; + + telemetry = { + enableDiagnostics = false; + enableSecurityAlerts = false; + }; + + database.peerAuth = true; + }; + + services.postgresqlBackup.databases = [ "mattermost" ]; +} diff --git a/services/mattermost/config.json b/services/mattermost/config.json deleted file mode 100644 index cae32ae..0000000 --- a/services/mattermost/config.json +++ /dev/null @@ -1,669 +0,0 @@ -{ - "ServiceSettings": { - "SiteURL": "", - "WebsocketURL": "", - "LicenseFileLocation": "", - "ListenAddress": ":8065", - "ConnectionSecurity": "", - "TLSCertFile": "", - "TLSKeyFile": "", - "TLSMinVer": "1.2", - "TLSStrictTransport": false, - "TLSStrictTransportMaxAge": 63072000, - "TLSOverwriteCiphers": [], - "UseLetsEncrypt": false, - "LetsEncryptCertificateCacheFile": "./config/letsencrypt.cache", - "Forward80To443": false, - "TrustedProxyIPHeader": [], - "ReadTimeout": 300, - "WriteTimeout": 300, - "IdleTimeout": 60, - "MaximumLoginAttempts": 10, - "GoroutineHealthThreshold": -1, - "EnableOAuthServiceProvider": true, - "EnableIncomingWebhooks": true, - "EnableOutgoingWebhooks": true, - "EnableOutgoingOAuthConnections": false, - "EnableCommands": true, - "OutgoingIntegrationRequestsTimeout": 30, - "EnablePostUsernameOverride": false, - "EnablePostIconOverride": false, - "GoogleDeveloperKey": "", - "EnableLinkPreviews": true, - "EnablePermalinkPreviews": true, - "RestrictLinkPreviews": "", - "EnableTesting": false, - "EnableDeveloper": false, - "DeveloperFlags": "", - "EnableClientPerformanceDebugging": false, - "EnableOpenTracing": false, - "EnableSecurityFixAlert": true, - "EnableInsecureOutgoingConnections": false, - "AllowedUntrustedInternalConnections": "", - "EnableMultifactorAuthentication": false, - "EnforceMultifactorAuthentication": false, - "EnableUserAccessTokens": false, - "AllowCorsFrom": "", - "CorsExposedHeaders": "", - "CorsAllowCredentials": false, - "CorsDebug": false, - "AllowCookiesForSubdomains": false, - "ExtendSessionLengthWithActivity": true, - "TerminateSessionsOnPasswordChange": true, - "SessionLengthWebInDays": 30, - "SessionLengthWebInHours": 720, - "SessionLengthMobileInDays": 30, - "SessionLengthMobileInHours": 720, - "SessionLengthSSOInDays": 30, - "SessionLengthSSOInHours": 720, - "SessionCacheInMinutes": 10, - "SessionIdleTimeoutInMinutes": 43200, - "WebsocketSecurePort": 443, - "WebsocketPort": 80, - "WebserverMode": "gzip", - "EnableGifPicker": true, - "GiphySdkKey": "", - "EnableCustomEmoji": true, - "EnableEmojiPicker": true, - "PostEditTimeLimit": -1, - "TimeBetweenUserTypingUpdatesMilliseconds": 5000, - "EnablePostSearch": true, - "EnableFileSearch": true, - "MinimumHashtagLength": 3, - "EnableUserTypingMessages": true, - "EnableChannelViewedMessages": true, - "EnableUserStatuses": true, - "ExperimentalEnableAuthenticationTransfer": true, - "ClusterLogTimeoutMilliseconds": 2000, - "EnableTutorial": true, - "EnableOnboardingFlow": true, - "ExperimentalEnableDefaultChannelLeaveJoinMessages": true, - "ExperimentalGroupUnreadChannels": "disabled", - "EnableAPITeamDeletion": false, - "EnableAPITriggerAdminNotifications": false, - "EnableAPIUserDeletion": false, - "EnableAPIPostDeletion": false, - "EnableDesktopLandingPage": true, - "ExperimentalEnableHardenedMode": false, - "ExperimentalStrictCSRFEnforcement": false, - "EnableEmailInvitations": false, - "DisableBotsWhenOwnerIsDeactivated": true, - "EnableBotAccountCreation": false, - "EnableSVGs": false, - "EnableLatex": false, - "EnableInlineLatex": true, - "PostPriority": true, - "AllowPersistentNotifications": true, - "AllowPersistentNotificationsForGuests": false, - "PersistentNotificationIntervalMinutes": 5, - "PersistentNotificationMaxCount": 6, - "PersistentNotificationMaxRecipients": 5, - "EnableAPIChannelDeletion": false, - "EnableLocalMode": false, - "LocalModeSocketLocation": "/var/tmp/mattermost_local.socket", - "EnableAWSMetering": false, - "SplitKey": "", - "FeatureFlagSyncIntervalSeconds": 30, - "DebugSplit": false, - "ThreadAutoFollow": true, - "CollapsedThreads": "always_on", - "ManagedResourcePaths": "", - "EnableCustomGroups": true, - "AllowSyncedDrafts": true, - "UniqueEmojiReactionLimitPerPost": 50, - "RefreshPostStatsRunTime": "00:00", - "MaximumPayloadSizeBytes": 300000, - "MaximumURLLength": 2048, - "ScheduledPosts": true, - "EnableWebHubChannelIteration": false - }, - "TeamSettings": { - "SiteName": "ISL Mattermost", - "MaxUsersPerTeam": 50, - "EnableJoinLeaveMessageByDefault": true, - "EnableUserCreation": true, - "EnableOpenServer": false, - "EnableUserDeactivation": false, - "RestrictCreationToDomains": "", - "EnableCustomUserStatuses": true, - "EnableCustomBrand": false, - "CustomBrandText": "", - "CustomDescriptionText": "", - "RestrictDirectMessage": "any", - "EnableLastActiveTime": true, - "UserStatusAwayTimeout": 300, - "MaxChannelsPerTeam": 2000, - "MaxNotificationsPerChannel": 1000, - "EnableConfirmNotificationsToChannel": true, - "TeammateNameDisplay": "username", - "ExperimentalViewArchivedChannels": true, - "ExperimentalEnableAutomaticReplies": false, - "LockTeammateNameDisplay": false, - "ExperimentalPrimaryTeam": "", - "ExperimentalDefaultChannels": [] - }, - "ClientRequirements": { - "AndroidLatestVersion": "", - "AndroidMinVersion": "", - "IosLatestVersion": "", - "IosMinVersion": "" - }, - "SqlSettings": { - "DriverName": "postgres", - "DataSource": "postgres://mmuser:mostest@localhost/mattermost_test?sslmode=disable\u0026connect_timeout=10\u0026binary_parameters=yes", - "DataSourceReplicas": [], - "DataSourceSearchReplicas": [], - "MaxIdleConns": 20, - "ConnMaxLifetimeMilliseconds": 3600000, - "ConnMaxIdleTimeMilliseconds": 300000, - "MaxOpenConns": 300, - "Trace": false, - "AtRestEncryptKey": "955gsbx8x1y8o1qrfcerkwxdq9dmoboq", - "QueryTimeout": 30, - "DisableDatabaseSearch": false, - "MigrationsStatementTimeoutSeconds": 100000, - "ReplicaLagSettings": [], - "ReplicaMonitorIntervalSeconds": 5 - }, - "LogSettings": { - "EnableConsole": true, - "ConsoleLevel": "DEBUG", - "ConsoleJson": true, - "EnableColor": false, - "EnableFile": true, - "FileLevel": "INFO", - "FileJson": true, - "FileLocation": "", - "EnableWebhookDebugging": true, - "EnableDiagnostics": true, - "VerboseDiagnostics": false, - "EnableSentry": true, - "AdvancedLoggingJSON": {}, - "MaxFieldSize": 2048 - }, - "ExperimentalAuditSettings": { - "FileEnabled": false, - "FileName": "", - "FileMaxSizeMB": 100, - "FileMaxAgeDays": 0, - "FileMaxBackups": 0, - "FileCompress": false, - "FileMaxQueueSize": 1000, - "AdvancedLoggingJSON": {} - }, - "NotificationLogSettings": { - "EnableConsole": true, - "ConsoleLevel": "DEBUG", - "ConsoleJson": true, - "EnableColor": false, - "EnableFile": true, - "FileLevel": "INFO", - "FileJson": true, - "FileLocation": "", - "AdvancedLoggingJSON": {} - }, - "PasswordSettings": { - "MinimumLength": 8, - "Lowercase": false, - "Number": false, - "Uppercase": false, - "Symbol": false, - "EnableForgotLink": true - }, - "FileSettings": { - "EnableFileAttachments": true, - "EnableMobileUpload": true, - "EnableMobileDownload": true, - "MaxFileSize": 104857600, - "MaxImageResolution": 33177600, - "MaxImageDecoderConcurrency": -1, - "DriverName": "local", - "Directory": "./data/", - "EnablePublicLink": false, - "ExtractContent": true, - "ArchiveRecursion": false, - "PublicLinkSalt": "34raygudchr9bpehj4pyu8z4if1oymy9", - "InitialFont": "nunito-bold.ttf", - "AmazonS3AccessKeyId": "", - "AmazonS3SecretAccessKey": "", - "AmazonS3Bucket": "", - "AmazonS3PathPrefix": "", - "AmazonS3Region": "", - "AmazonS3Endpoint": "s3.amazonaws.com", - "AmazonS3SSL": true, - "AmazonS3SignV2": false, - "AmazonS3SSE": false, - "AmazonS3Trace": false, - "AmazonS3RequestTimeoutMilliseconds": 30000, - "AmazonS3UploadPartSizeBytes": 5242880, - "AmazonS3StorageClass": "", - "DedicatedExportStore": false, - "ExportDriverName": "local", - "ExportDirectory": "./data/", - "ExportAmazonS3AccessKeyId": "", - "ExportAmazonS3SecretAccessKey": "", - "ExportAmazonS3Bucket": "", - "ExportAmazonS3PathPrefix": "", - "ExportAmazonS3Region": "", - "ExportAmazonS3Endpoint": "s3.amazonaws.com", - "ExportAmazonS3SSL": true, - "ExportAmazonS3SignV2": false, - "ExportAmazonS3SSE": false, - "ExportAmazonS3Trace": false, - "ExportAmazonS3RequestTimeoutMilliseconds": 30000, - "ExportAmazonS3PresignExpiresSeconds": 21600, - "ExportAmazonS3UploadPartSizeBytes": 104857600, - "ExportAmazonS3StorageClass": "" - }, - "EmailSettings": { - "EnableSignUpWithEmail": true, - "EnableSignInWithEmail": true, - "EnableSignInWithUsername": true, - "SendEmailNotifications": true, - "UseChannelInEmailNotifications": false, - "RequireEmailVerification": false, - "FeedbackName": "", - "FeedbackEmail": "test@example.com", - "ReplyToAddress": "test@example.com", - "FeedbackOrganization": "", - "EnableSMTPAuth": false, - "SMTPUsername": "", - "SMTPPassword": "", - "SMTPServer": "localhost", - "SMTPPort": "10025", - "SMTPServerTimeout": 10, - "ConnectionSecurity": "", - "SendPushNotifications": true, - "PushNotificationServer": "https://push-test.mattermost.com", - "PushNotificationContents": "full", - "PushNotificationBuffer": 1000, - "EnableEmailBatching": false, - "EmailBatchingBufferSize": 256, - "EmailBatchingInterval": 30, - "EnablePreviewModeBanner": true, - "SkipServerCertificateVerification": false, - "EmailNotificationContentsType": "full", - "LoginButtonColor": "#0000", - "LoginButtonBorderColor": "#2389D7", - "LoginButtonTextColor": "#2389D7" - }, - "RateLimitSettings": { - "Enable": false, - "PerSec": 10, - "MaxBurst": 100, - "MemoryStoreSize": 10000, - "VaryByRemoteAddr": true, - "VaryByUser": false, - "VaryByHeader": "" - }, - "PrivacySettings": { - "ShowEmailAddress": true, - "ShowFullName": true - }, - "SupportSettings": { - "TermsOfServiceLink": "https://mattermost.com/pl/terms-of-use/", - "PrivacyPolicyLink": "https://mattermost.com/pl/privacy-policy/", - "AboutLink": "https://mattermost.com/pl/about-mattermost", - "HelpLink": "https://mattermost.com/pl/help/", - "ReportAProblemLink": "https://mattermost.com/pl/report-a-bug", - "ForgotPasswordLink": "", - "SupportEmail": "", - "CustomTermsOfServiceEnabled": false, - "CustomTermsOfServiceReAcceptancePeriod": 365, - "EnableAskCommunityLink": true - }, - "AnnouncementSettings": { - "EnableBanner": false, - "BannerText": "", - "BannerColor": "#f2a93b", - "BannerTextColor": "#333333", - "AllowBannerDismissal": true, - "AdminNoticesEnabled": true, - "UserNoticesEnabled": true, - "NoticesURL": "https://notices.mattermost.com/", - "NoticesFetchFrequency": 3600, - "NoticesSkipCache": false - }, - "ThemeSettings": { - "EnableThemeSelection": true, - "DefaultTheme": "default", - "AllowCustomThemes": true, - "AllowedThemes": [] - }, - "GitLabSettings": { - "Enable": false, - "Secret": "", - "Id": "", - "Scope": "", - "AuthEndpoint": "", - "TokenEndpoint": "", - "UserAPIEndpoint": "", - "DiscoveryEndpoint": "", - "ButtonText": "", - "ButtonColor": "" - }, - "GoogleSettings": { - "Enable": false, - "Secret": "", - "Id": "", - "Scope": "profile email", - "AuthEndpoint": "https://accounts.google.com/o/oauth2/v2/auth", - "TokenEndpoint": "https://www.googleapis.com/oauth2/v4/token", - "UserAPIEndpoint": "https://people.googleapis.com/v1/people/me?personFields=names,emailAddresses,nicknames,metadata", - "DiscoveryEndpoint": "", - "ButtonText": "", - "ButtonColor": "" - }, - "Office365Settings": { - "Enable": false, - "Secret": "", - "Id": "", - "Scope": "User.Read", - "AuthEndpoint": "https://login.microsoftonline.com/common/oauth2/v2.0/authorize", - "TokenEndpoint": "https://login.microsoftonline.com/common/oauth2/v2.0/token", - "UserAPIEndpoint": "https://graph.microsoft.com/v1.0/me", - "DiscoveryEndpoint": "", - "DirectoryId": "" - }, - "OpenIdSettings": { - "Enable": false, - "Secret": "", - "Id": "", - "Scope": "profile openid email", - "AuthEndpoint": "", - "TokenEndpoint": "", - "UserAPIEndpoint": "", - "DiscoveryEndpoint": "", - "ButtonText": "", - "ButtonColor": "#145DBF" - }, - "LdapSettings": { - "Enable": false, - "EnableSync": false, - "LdapServer": "", - "LdapPort": 389, - "ConnectionSecurity": "", - "BaseDN": "", - "BindUsername": "", - "BindPassword": "", - "MaximumLoginAttempts": 10, - "UserFilter": "", - "GroupFilter": "", - "GuestFilter": "", - "EnableAdminFilter": false, - "AdminFilter": "", - "GroupDisplayNameAttribute": "", - "GroupIdAttribute": "", - "FirstNameAttribute": "", - "LastNameAttribute": "", - "EmailAttribute": "", - "UsernameAttribute": "", - "NicknameAttribute": "", - "IdAttribute": "", - "PositionAttribute": "", - "LoginIdAttribute": "", - "PictureAttribute": "", - "SyncIntervalMinutes": 60, - "SkipCertificateVerification": false, - "PublicCertificateFile": "", - "PrivateKeyFile": "", - "QueryTimeout": 60, - "MaxPageSize": 0, - "LoginFieldName": "", - "LoginButtonColor": "#0000", - "LoginButtonBorderColor": "#2389D7", - "LoginButtonTextColor": "#2389D7" - }, - "ComplianceSettings": { - "Enable": false, - "Directory": "./data/", - "EnableDaily": false, - "BatchSize": 30000 - }, - "LocalizationSettings": { - "DefaultServerLocale": "en", - "DefaultClientLocale": "en", - "AvailableLocales": "", - "EnableExperimentalLocales": false - }, - "SamlSettings": { - "Enable": false, - "EnableSyncWithLdap": false, - "EnableSyncWithLdapIncludeAuth": false, - "IgnoreGuestsLdapSync": false, - "Verify": true, - "Encrypt": true, - "SignRequest": false, - "IdpURL": "", - "IdpDescriptorURL": "", - "IdpMetadataURL": "", - "ServiceProviderIdentifier": "", - "AssertionConsumerServiceURL": "", - "SignatureAlgorithm": "RSAwithSHA1", - "CanonicalAlgorithm": "Canonical1.0", - "ScopingIDPProviderId": "", - "ScopingIDPName": "", - "IdpCertificateFile": "", - "PublicCertificateFile": "", - "PrivateKeyFile": "", - "IdAttribute": "", - "GuestAttribute": "", - "EnableAdminAttribute": false, - "AdminAttribute": "", - "FirstNameAttribute": "", - "LastNameAttribute": "", - "EmailAttribute": "", - "UsernameAttribute": "", - "NicknameAttribute": "", - "LocaleAttribute": "", - "PositionAttribute": "", - "LoginButtonText": "SAML", - "LoginButtonColor": "#34a28b", - "LoginButtonBorderColor": "#2389D7", - "LoginButtonTextColor": "#ffffff" - }, - "NativeAppSettings": { - "AppCustomURLSchemes": [ - "mmauth://", - "mmauthbeta://" - ], - "AppDownloadLink": "https://mattermost.com/pl/download-apps", - "AndroidAppDownloadLink": "https://mattermost.com/pl/android-app/", - "IosAppDownloadLink": "https://mattermost.com/pl/ios-app/", - "MobileExternalBrowser": false - }, - "CacheSettings": { - "CacheType": "lru", - "RedisAddress": "", - "RedisPassword": "********************************", - "RedisDB": -1, - "DisableClientCache": false - }, - "ClusterSettings": { - "Enable": false, - "ClusterName": "", - "OverrideHostname": "", - "NetworkInterface": "", - "BindAddress": "", - "AdvertiseAddress": "", - "UseIPAddress": true, - "EnableGossipCompression": true, - "EnableExperimentalGossipEncryption": false, - "ReadOnlyConfig": true, - "GossipPort": 8074 - }, - "MetricsSettings": { - "Enable": false, - "BlockProfileRate": 0, - "ListenAddress": ":8067", - "EnableClientMetrics": true, - "EnableNotificationMetrics": true - }, - "ExperimentalSettings": { - "ClientSideCertEnable": false, - "ClientSideCertCheck": "secondary", - "LinkMetadataTimeoutMilliseconds": 5000, - "RestrictSystemAdmin": false, - "EnableSharedChannels": false, - "EnableRemoteClusterService": false, - "DisableAppBar": false, - "DisableRefetchingOnBrowserFocus": false, - "DelayChannelAutocomplete": false, - "DisableWakeUpReconnectHandler": false, - "UsersStatusAndProfileFetchingPollIntervalMilliseconds": 3000, - "YoutubeReferrerPolicy": false - }, - "AnalyticsSettings": { - "MaxUsersForStatistics": 2500 - }, - "ElasticsearchSettings": { - "ConnectionURL": "http://localhost:9200", - "Backend": "elasticsearch", - "Username": "elastic", - "Password": "changeme", - "EnableIndexing": false, - "EnableSearching": false, - "EnableAutocomplete": false, - "Sniff": true, - "PostIndexReplicas": 1, - "PostIndexShards": 1, - "ChannelIndexReplicas": 1, - "ChannelIndexShards": 1, - "UserIndexReplicas": 1, - "UserIndexShards": 1, - "AggregatePostsAfterDays": 365, - "PostsAggregatorJobStartTime": "03:00", - "IndexPrefix": "", - "LiveIndexingBatchSize": 10, - "BatchSize": 10000, - "RequestTimeoutSeconds": 30, - "SkipTLSVerification": false, - "CA": "", - "ClientCert": "", - "ClientKey": "", - "Trace": "", - "IgnoredPurgeIndexes": "" - }, - "BleveSettings": { - "IndexDir": "", - "EnableIndexing": false, - "EnableSearching": false, - "EnableAutocomplete": false, - "BatchSize": 10000 - }, - "DataRetentionSettings": { - "EnableMessageDeletion": false, - "EnableFileDeletion": false, - "EnableBoardsDeletion": false, - "MessageRetentionDays": 365, - "MessageRetentionHours": 0, - "FileRetentionDays": 365, - "FileRetentionHours": 0, - "BoardsRetentionDays": 365, - "DeletionJobStartTime": "02:00", - "BatchSize": 3000, - "TimeBetweenBatchesMilliseconds": 100, - "RetentionIdsBatchSize": 100 - }, - "MessageExportSettings": { - "EnableExport": false, - "ExportFormat": "actiance", - "DailyRunTime": "01:00", - "ExportFromTimestamp": 0, - "BatchSize": 10000, - "DownloadExportResults": false, - "ChannelBatchSize": 100, - "ChannelHistoryBatchSize": 10, - "GlobalRelaySettings": { - "CustomerType": "A9", - "SMTPUsername": "", - "SMTPPassword": "", - "EmailAddress": "", - "SMTPServerTimeout": 1800, - "CustomSMTPServerName": "", - "CustomSMTPPort": "25" - } - }, - "JobSettings": { - "RunJobs": true, - "RunScheduler": true, - "CleanupJobsThresholdDays": -1, - "CleanupConfigThresholdDays": -1 - }, - "PluginSettings": { - "Enable": true, - "EnableUploads": false, - "AllowInsecureDownloadURL": false, - "EnableHealthCheck": true, - "Directory": "./plugins", - "ClientDirectory": "./client/plugins", - "Plugins": {}, - "PluginStates": { - "com.mattermost.calls": { - "Enable": true - }, - "com.mattermost.nps": { - "Enable": true - }, - "mattermost-ai": { - "Enable": true - }, - "playbooks": { - "Enable": true - } - }, - "EnableMarketplace": true, - "EnableRemoteMarketplace": true, - "AutomaticPrepackagedPlugins": true, - "RequirePluginSignature": false, - "MarketplaceURL": "https://api.integrations.mattermost.com", - "SignaturePublicKeyFiles": [], - "ChimeraOAuthProxyURL": "" - }, - "DisplaySettings": { - "CustomURLSchemes": [], - "MaxMarkdownNodes": 0 - }, - "GuestAccountsSettings": { - "Enable": false, - "HideTags": false, - "AllowEmailAccounts": true, - "EnforceMultifactorAuthentication": false, - "RestrictCreationToDomains": "" - }, - "ImageProxySettings": { - "Enable": false, - "ImageProxyType": "local", - "RemoteImageProxyURL": "", - "RemoteImageProxyOptions": "" - }, - "CloudSettings": { - "CWSURL": "https://customers.mattermost.com", - "CWSAPIURL": "https://portal.internal.prod.cloud.mattermost.com", - "CWSMock": false, - "Disable": false - }, - "ImportSettings": { - "Directory": "./import", - "RetentionDays": 30 - }, - "ExportSettings": { - "Directory": "./export", - "RetentionDays": 30 - }, - "WranglerSettings": { - "PermittedWranglerRoles": [], - "AllowedEmailDomain": [], - "MoveThreadMaxCount": 100, - "MoveThreadToAnotherTeamEnable": false, - "MoveThreadFromPrivateChannelEnable": false, - "MoveThreadFromDirectMessageChannelEnable": false, - "MoveThreadFromGroupMessageChannelEnable": false - }, - "ConnectedWorkspacesSettings": { - "EnableSharedChannels": false, - "EnableRemoteClusterService": false, - "DisableSharedChannelsStatusSync": false, - "MaxPostsPerSync": 50 - } -} \ No newline at end of file diff --git a/services/mattermost/default.nix b/services/mattermost/default.nix deleted file mode 100644 index f16f721..0000000 --- a/services/mattermost/default.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ config, pkgs, lib, ... }: - -{ - systemd.services.mattermost = { - description = "Mattermost server"; - after = [ "network.target" "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - preStart = '' - mkdir -p /var/lib/mattermost/bin - mkdir -p /var/lib/mattermost/client - mkdir -p /var/lib/mattermost/config - mkdir -p /var/lib/mattermost/templates - cp -r ${pkgs.mattermost}/client/* /var/lib/mattermost/client/ - cp -r ${pkgs.mattermost}/bin/* /var/lib/mattermost/bin/ - cp -r ${pkgs.mattermost}/config/* /var/lib/mattermost/config/ - cp -r ${pkgs.mattermost}/templates/* /var/lib/mattermost/templates/ - chown -R mattermost:mattermost /var/lib/mattermost - ''; - - serviceConfig = { - User = "mattermost"; - Group = "mattermost"; - WorkingDirectory = "/var/lib/mattermost"; - ExecStart = "${pkgs.mattermost}/bin/mattermost"; - Environment = [ - "MM_SQLSETTINGS_DRIVERNAME=postgres" - "MM_SQLSETTINGS_DATASOURCE=postgres://mattermost@localhost:5432/mattermost?sslmode=disable&connect_timeout=10" - "MM_SERVICESETTINGS_SITEURL=http://islmm" - "MM_SERVICESETTINGS_LISTENADDRESS=:8065" - "MM_SERVICESETTINGS_ENABLEUSERCREATION=true" - "MM_SERVICESETTINGS_ALLOWCORSFROM=*" - ]; - Restart = "always"; - }; - }; - - users.users.mattermost = { - isSystemUser = true; - home = "/var/lib/mattermost"; - createHome = true; - group = "mattermost"; - }; - - users.groups.mattermost = { }; - - services.postgresql = { - enable = true; - - ensureDatabases = [ "mattermost" ]; - ensureUsers = [ - { - name = "mattermost"; - ensureDBOwnership = true; - } - ]; - }; - - services.postgresqlBackup.databases = [ "mattermost" ]; -} |