Skip to content

Instantly share code, notes, and snippets.

@misje misje/mattermost.conf
Last active May 3, 2018

Embed
What would you like to do?
Mattermost Apache config example
<VirtualHost *:80>
ServerName mattermost.example.org
ServerAdmin webmaster@example.org
ErrorLog ${APACHE_LOG_DIR}/mattermost-error.log
CustomLog ${APACHE_LOG_DIR}/mattermost-access.log combined
# Enforce HTTPS:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
ServerName mattermost.example.org
ServerAdmin webmaster@example.org
ErrorLog ${APACHE_LOG_DIR}/mattermost-error.log
CustomLog ${APACHE_LOG_DIR}mattermost-access.log combined
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/api/v[0-9]+/(users/)?websocket [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* ws://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
RequestHeader set X-Forwarded-Proto "https"
RequestHeader unset If-Modified-Since
RequestHeader unset If-None-Match
<LocationMatch "/api/(?<version>v[0-9]+)/(?<users>users/)?websocket$">
Require all granted
ProxyPassReverse ws://127.0.0.1:8065/api/v%{env:MATCH_VERSION}/%{env:MATCH_USERS}websocket
ProxyPassReverseCookieDomain 127.0.0.1 mattermost.example.org
</LocationMatch>
<Location />
Require all granted
ProxyPassReverse http://127.0.0.1:8065/
ProxyPassReverseCookieDomain 127.0.0.1 mattermost.example.org
</Location>
ProxyPreserveHost On
ProxyRequests Off
</VirtualHost>
@julian-weinert

This comment has been minimized.

Copy link

commented Jan 9, 2017

I'm getting apaches 500 error page an nothing in the logs except:

[proxy:warn] AH01144: No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
@bertiebaggio

This comment has been minimized.

Copy link

commented Jan 29, 2017

I'm sure Julian has fixed his issue, but in case anyone else is wondering, "proxy submodules" is the critical phrase here. On Debian Jessie, activating module proxy_http was sufficient.

sudo a2enmod proxy_http should do the trick for those in a similar situation.

@misje

This comment has been minimized.

Copy link
Owner Author

commented Jun 13, 2017

rewrite, proxy, proxy_http and proxy_wstunnel are needed (a2enmod).

@misje

This comment has been minimized.

Copy link
Owner Author

commented Jul 19, 2017

New LocationMatch directive should now support newer protocol versions .

@lkraav

This comment has been minimized.

Copy link

commented Jul 23, 2017

Documentation got recently posted at mattermost/docs#1114 (comment)

@kent1D

This comment has been minimized.

Copy link

commented Jul 24, 2017

gitlab is now shipped with Mattermost v4 and just changing api urls doesn't seem to be enough.

I get this king of error :

  [2017/07/24 14:30:11 CEST] [EROR] websocket connect err: websocket: origin not allowed
  [2017/07/24 14:30:11 CEST] [EROR] /api/v4/websocket:connect code=500 rid=u9g35wy34b8xb86j3def4smejy uid=7ppr67oe6ibk7pwgkcagbtyg3o ip=https, XX.XX.XX.XX Failed to upgrade websocket connection [details: ]
@kent1D

This comment has been minimized.

Copy link

commented Jul 25, 2017

Sorry it's perfect

I had a header directive which broke everything

@githubkoma

This comment has been minimized.

Copy link

commented Jul 31, 2017

is there any specific reason for the Api Version in line "RewriteCond %{REQUEST_URI} ^/api/v1/websocket [NC,OR]" ?
Why not v3, or v4 or a RegEx?
Should i change this manually from version to version of mattermost?

@misje

This comment has been minimized.

Copy link
Owner Author

commented May 3, 2018

is there any specific reason for the Api Version in line "RewriteCond %{REQUEST_URI} ^/api/v1/websocket [NC,OR]" ?
Why not v3, or v4 or a RegEx?
Should i change this manually from version to version of mattermost?

It always worked for me. I updated the regex with a numeric match to any version anyway. The ProxyPassReverse path also lacked a "v" before the version number, but this never seemed to be a problem.

This config now closely resembles the unofficial apache config in the Mattermost docs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.