mattermost #0

Supports: xenial
Add to new model


From the Mattermost website:

As an alternative to proprietary SaaS messaging, Mattermost brings all your team communication into one place, making it searchable and accessible anywhere.

Mattermost is:

  • Slack-compatible, not Slack-limited – Mattermost features rival Slack features, and support a superset of Slack’s incoming and outgoing webhook integrations, including compatibility with existing Slack integrations. From your existing Slack teams, you can import users, public channel history and even theme setting colors into Mattermost. Mattermost mobile experience with comment threads and file sharing
  • Accessible on web, desktop, phone and tablet – Use Mattermost from your iOS or Android phones and tablets or with installed apps on Windows, Linux and Mac. Easy to deploy, manage, upgrade and extend– Mattermost is written in Golang and React and runs as a single Linux binary with either MySQL or Postgres. Every month on the 16th a new compiled version is released under an MIT license.
  • Supported by a vibrant community – Use Mattermost with dozens of community integrations and applications, including Jira, IRC, XMPP, Hubot, Giphy, Jenkins, GitLab, Trac, Redmine, SVN, RSS/Atom and many others. Build and share your own apps using Mattermost APIs and drivers.

Software & terms:

Juju reactive charm layer for Mattermost


In this directory:

charm build


TLS Options

Deployment requires agreement to ISRG terms of service, because Let's Encrypt is the primary and recommended method for setting up TLS.

Secured with Let's Encrypt in public clouds

Deploy to a public cloud and expose it.

juju deploy cs:~cmars/mattermost
juju deploy postgresql
juju add-relation mattermost postgresql:db
juju expose mattermost

Acquire a DNS name for the instance. Then set fqdn to the DNS name.

juju config mattermost

Let's Encrypt will do the rest. When the workload state becomes active, your Mattermost instance is ready to set up.

If registration fails, check:

  • That you've exposed mattermost. Let's Encrypt needs to connect to ports 80 and 443 as part of the registration process.
  • That the DNS name has had time to propagate and cached entries have expired.
  • That the DNS name is allowed by Let's Encrypt. Some names, like the dynamic ones given to EC2 instances, may not be allowed.

Reverse-proxied by a front-end

With fqdn unset, relate mattermost to a reverse proxy.

juju deploy cs:~cmars/mattermost
juju deploy postgresql
juju deploy haproxy
juju add-relation postgresql:db mattermost:db
juju add-relation haproxy mattermost

Alternative binary distributions

To deploy with your own Mattermost binary distribution:

juju deploy cs:~cmars/mattermost --resource bdist=/path/to/mattermost.tar.gz

Note that Mattermost releases prior to 2.1.0 have not been tested.


Copyright 2016 Casey Marshall.

The copyright file contains the software license for this charm.

Mattermost is a trademark of Mattermost, Inc.


This charm automates installation, configuration and management of a Mattermost server based on publicly documented best practices. This charm is not a part of the Mattermost product, is not endorsed by, and does not represent Mattermost, Inc. in any way.

See the Mattermost website for more information about the licenses and trademarks applicable to the software installed by this charm.


Email: charmed at

IRC: cmars on FreeNode

Mattermost: Join the Juju team on


(string) Contact email for Let's Encrypt
(string) Space separated list of extra deb packages to install.
(string) FQDN of mattermost server to use. For example, ''.
(string) listen address
(string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
(string) List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
(string) The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".
(int) NGINX listen port
(string) Name of service shown in login screens and UI.