Install with docker and without nginx

farhaadn · February 26, 2023, 1:21pm

Hi,
I want to deploy mattermost with docker compose, I have nginx proxy manager with ssh ready
what should I do?
can I change the listening port to 443?
I must change “Connection Security” to TLS? or it handled by npm?
Can you please help me to run the service?

agriesser · February 27, 2023, 7:04am

Hi @farhaadn ,

If you want to use an external nginx, you can do so by using the following yml files to start the Mattermost docker environment:

docker-compose -f docker-compose.yml -f docker-compose.without-nginx.yml up -d

The listening port should be left untouched, the application will listen on port 8065 then and it will be unencrypted.
The nginx proxy manager then needs to connect to the Mattermost backend, which should then be available on http://localhost:8065 and by accessing the service through your nginx proxy manager, you will then also have the encryption and public IP active.

farhaadn · February 27, 2023, 8:02am

Thank you for your reply,
How can use HTTPS and what is the port?
look at the below picture pls, this is what I configure in NPM

172.16.3.5 is the host IP that the container runs on it, how can I forward it to HTTPS?

farhaadn · February 27, 2023, 8:04am

and this
When I switched Scheme to http, and I enter chat.test.net everything is ok, but when switched to https, not working

agriesser · February 27, 2023, 8:13am

nginx proxy manager does the SSL, the Mattermost backend does not need https, so change the scheme to http and you’re all good.
The connection looks like this then:

internet user → nginx proxy manager (on port 443, ssl encrypted) → mattermost container (on port 8065, no encryption)

farhaadn · February 27, 2023, 8:18am

So, why browser tell me the website is not secure?

agriesser · February 27, 2023, 9:00am

Most likely because your MM_SERVICESETTINGS_SITEURL in the docker deployment’s .env file points to the http URL. You need to make sure that the SiteUrl Mattermost sees (it uses it for generating links to static resources, f.ex.) points to the URL the users access, so although the Mattermost application server is not running on https://chat.test.net but on http://localhost:8065, the SiteUrl needs to be set to https://chat.test.net.

farhaadn · February 27, 2023, 9:07am

In .env file I have these:
DOMAIN=chat.test.net
MM_SERVICESETTINGS_SITEURL=https://${DOMAIN}

farhaadn · February 27, 2023, 9:12am

oh it was my fault, site not redirect to https, so I put https in the first and everything is good now

so how can I enable “Forward port 80 to 443:” with these configurations you mentioned above? or another way to redirect http to https

agriesser · February 27, 2023, 9:24am

You would do the redirect from 80 to 443 in your nginx proxy manager but I think you already found that out now

farhaadn · February 27, 2023, 9:28am

Yes, I found it
Thank you so much

Topic		Replies	Views
Installing in docker, can't activate TLS. Help Troubleshooting	8	1082	October 24, 2020
How to change http to https url in docker Troubleshooting	4	6357	February 9, 2017
Mattermost Docker Web Container Troubleshooting	2	1058	August 29, 2019
Configuring Mattermost Server for Secure Connection (HTTPS) in Docker Environment Troubleshooting	3	1080	September 7, 2023
New Docker Install, have self-signed cert, need help Troubleshooting	8	437	July 2, 2023

Install with docker and without nginx

Related Topics