mattermost #1

Supports: xenial


Open source, private cloud Slack-alternative.

Workplace messaging for web, PCs and phones. MIT-licensed. Hundreds of contributors. 11 languages. Secure, configurable, and scalable from teams to enterprise.

Software & terms:


This Charm installs and manages Mattermost, an Open source, private cloud Slack-alternative.

  • Workplace messaging for web, PCs and phones.
  • MIT-licensed. Hundreds of contributors. 11 languages.
  • Secure, configurable, and scalable from teams to enterprise.

Mattermost screenshot

How to use

Basic insecure mattermost instance

Deploy and connect Mattermost and PostgreSQL for a basic Mattermost testing setup.

# Deploy mattermost and postgres
juju deploy cs:~tengu-team/mattermost
juju deploy postgresql
# Connect the two
juju add-relation mattermost postgresql:db
# Make mattermost publicly available
juju expose mattermost

Check the deployment status with watch -c juju status --color (press ctrl-c to exit).

Unit                  Workload  Agent  Machine  Public address  Ports                     Message
mattermost/2*         active    idle    0     80/tcp,443/tcp,8065/tcp   Ready ( [Insecure! Please set fqdn!])
postgresql/2*         active    idle    1     5432/tcp                  Live master (9.5.6)

This is a basic insecure mattermost setup ideal for testing. All your traffic can be sniffed so never use this in production. Surf to the url from the message to get started. The first thing you'll need to do is to create an account. This account will be the admin user of mattermost. After installation, Mattermost runs in "Preview mode". Email and push notifications will be disabled. Add email settings in the admin console to get mattermost out of preview mode.

Secure mattermost using Let's Encrypt

You need to have a DNS entry pointing to the mattermost unit to make it secure. The mattermost instance will request a Let's Encrypt https certificate to secure itself. Tell the mattermost instance its DNS name using the fqdn config option.

# Expose mattermost (this is needed for certificate request)
juju expose mattermost
# Tell mattermost what DNS name points to it.
juju config mattermost

This will give you a secure mattermost instance that is publicly available by surfing to If registration fails, check:

  • That you've exposed mattermost. Let's Encrypt needs to connect to ports 80 and 443 as part of the registration process.
  • That the DNS name has had time to propagate and cached entries have expired.
  • That the DNS name is allowed by Let's Encrypt. Some names, like the dynamic ones given to EC2 instances, may not be allowed.

Upgrade Mattermost

Upgrade mattermost by giving it the tarball of the new Mattermost release. You can find these tarballs here: Download the file to your laptop and send it to the Mattermost instance using juju attach.

juju attach charm-name bdist=/path/to/mattermost.tar.gz

The Mattermost config and userdata will not be overwritten during an upgrade. Previous mattermost versions will be saved on the Mattermost instance. You can revert to the previous version using juju run-action mattermost/0 revert-mattermost. Check the status of the revert using juju show-action-output <uid>.

How to import Slack History

Mattermost allows you to import your complete Slack history. You get your complete Slack history even if you are on a free plan. More information:

Advanced: Mattermost behind a reverse proxy

Mattermost exposes the http interface that can be used to connect other Charms to mattermost. Other Charms will always connect using the insecure http interface since the reverse proxy will also be the https endpoint in a typical deployment.

# Deploy Mattermost, Postgres and the HAProxy reverse proxy.
juju deploy cs:~tengu-team/mattermost
juju deploy postgresql
juju deploy haproxy
# Connect Mattermost to Postgres
juju add-relation mattermost postgresql:db
# Connect Mattermost to the reverse proxy.
juju add-relation haproxy mattermost
# Add ssl config to haproxy
# ...


  • Copyright 2016 Casey Marshall.
  • Copyright 2018 Ghent University.

The copyright file contains the software license for this charm (ALv2).

Mattermost is a trademark of Mattermost, Inc.


This charm automates installation, configuration and management of a Mattermost server based on publicly documented best practices. This charm is not a part of the Mattermost product, is not endorsed by, and does not represent Mattermost, Inc. in any way.

See the Mattermost website for more information about the licenses and trademarks applicable to the software installed by this charm.

Contact Information

This software was created in the IDLab research group of Ghent University in Belgium. This software is used in Tengu, a project that aims to make experimenting with data frameworks and tools as easy as possible.


(string) Contact email for Let's Encrypt
(string) Space separated list of extra deb packages to install.
(string) FQDN of mattermost server to use. For example, ''.
(string) listen address
(string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
(string) List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
(string) The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".
(int) NGINX listen port
(string) Name of service shown in login screens and UI.