Hi guys,
has anybody set up Mattermost on a Hestia CP controlled server?
Mattermost is an opensource Slack alternative using websockets. For testing I installed it on an ISPconfig server and it worked but due to some incomprehensible reasons I don’t get it done with Hestia.
Indeed Mattermost is running, I can reach it on browser and I can log in but then a very strange behaviour begins which I don’t want to explain further here because it might not be connected with Hestia.
But for debugging process I would please you to have a look at my Nginx site config to ensure that it’s not a problem of websockets, Nginx or php.
What I have done:
I created a subdomain with Hestia panel as user “user” with webtemplate: default and backend template PHP-FPM:default, and activated SSL support.
Since adding the necessary config with a simple nginx.hsts.conf* file didn’t work I deleted most parts in the original nginx.conf and added the Mattermost recommended code.
So, my /home/user/conf/web/mattermost.mydomain.com/nginx.conf looks like that:
upstream backend {
server 127.0.0.1:8065;
keepalive 32;
}
proxy_cache_path /var/cache/nginx/mattermost levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;
server {
listen 45.157.xxx.xxx:80;
server_name mattermost.mydomain.com ;
return 301 https://$server_name$request_uri;
}
server {
listen 45.157.xxx.xxx:443 ssl http2;
server_name mattermost.mydomain.com ;
ssl_certificate /home/user/conf/web/mattermost.mydomain.com/ssl/mattermost.mydomain.com.pem;
ssl_certificate_key /home/user/conf/web/mattermost.mydomain.com/ssl/mattermost.mydomain.com.key;
ssl_stapling on;
ssl_stapling_verify on;
location ~ /api/v[0-9]+/(users/)?websocket$ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
client_max_body_size 50M;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
client_body_timeout 60;
send_timeout 300;
lingering_timeout 5;
proxy_connect_timeout 90;
proxy_send_timeout 300;
proxy_read_timeout 90s;
proxy_pass http://backend;
}
location / {
client_max_body_size 50M;
proxy_set_header Connection "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
proxy_read_timeout 600s;
proxy_cache mattermost_cache;
proxy_cache_revalidate on;
proxy_cache_min_uses 2;
proxy_cache_use_stale timeout;
proxy_cache_lock on;
proxy_http_version 1.1;
proxy_pass http://backend;
}
}
I guess most of the original “location” directives and logging directories are not necessary, but I am a bit unsure about this “fastcgi” parameter from the original config:
fastcgi_pass unix:/run/php/php7.3-fpm-mattermost.mydomain.com.sock;
Is it needed to run the site properly? Did I forget something important?
Thanks a lot.
Nifoco
Hestia 1.1.1
Nginx with FPM (no Apache installed)
MySQL
Debian 10.3