How to Install Mattermost on a Gandi Cloud Server

Mattermost is an opensource self-hosting chat service. Mattermost servers are designed as an internal chat platform for organizations and businesses.

This guide will show you how to install Mattermost and make it available quickly.


This installation was carried out with the following tools:

  • Debian 10.3

  • Postgresql

  • Mattermost 5.21

  • Nginx 1.14.2

Depending on your versions used, the different steps may vary.

Step 1 : Install dependencies and prepare the server

We assume here that you’ve already created your Cloud server.

Connect to your server via SSH:

$ ssh admin@

Switch to the root user, and ensure your system packages are up-to-date:

$ su
# apt update
# apt upgrade

Then install postgresql, postgresql-contrib, sudo, and nginx, which will be necessary for a successful Mattermost install:

# apt-get install postgresql postgresql-contrib sudo nginx

It is also recommended to create a dedicated user to run Mattermost:

# /sbin/useradd --system --user-group mattermost

The server is now configured, so let’s move on to creating the database.

Step 2 : Preparing the database

We will use Postgresql in this tutorial, however it is also possible to use MySQL or Postgresql.

Connect to the postgres user and launch psql :

# sudo --login --user postgres
$ psql

Then create a database mattermost, with the user mmuser, and the password mmuser-password, to be adapted according to your needs.

postgres=# CREATE DATABASE mattermost;
postgres=# CREATE USER mmuser WITH PASSWORD 'mmuser-password';
postgres=# GRANT ALL PRIVILEGES ON DATABASE mattermost to mmuser;
postgres=# \q
postgres=# exit

Now that the database is ready, you only need to install Mattermost, and make it accessible via your domain or sub-domain.

Step 3 : Install Mattermost

Download the latest version of Mattermost:

# wget

Then proceed to extract the contents of the archive in the /opt/ directory:

# tar -xvzf mattermost-5.21.0-linux-amd64.tar.gz
# mv mattermost /opt

Create the /opt/mattermost/data directory and give rights to the mattermost system user that we created earlier:

# mkdir /opt/mattermost/data
# chown -R mattermost:mattermost /opt/mattermost

Modify the configuration file located at /opt/mattermost/config/config.json to take into account the database that we created previously.

Replace this:

"DriverName": "mysql",

With this:

"DriverName": "postgres",

And replace this:

"DataSource": "mmuser:mostest@tcp(localhost:3306)/mattermost_test?charset=utf8mb4,utf8\u0026readTimeout=30s\u0026writeTimeout=30s",

With this:

"DataSource": "postgres://mmuser:<mmuser-password>@<host-name-or-IP>:5432/mattermost?sslmode=disable&connect_timeout=10",

Go to the /opt/mattermost directory and test the launch of Mattermost:

# cd /opt/mattermost
# sudo -u mattermost ./bin/mattermost

If everything is correct, you should see the following output:

{"level":"info","ts":1585299574.1884124,"caller":"app/server.go:538","msg":"Server is listening on [::]:8065","address":"[::]:8065"}

Mattermost is well launched and listening on port 8065.

We are now going to create a systemd service in order to be able to manage actions on Mattermost more easily:

# touch /lib/systemd/system/mattermost.service
# vim /lib/systemd/system/mattermost.service

Copy the following content into the file and save it:




Reload systemd and test this systemd unit:

# systemctl daemon-reload
# systemctl status mattermost.service
# systemctl start mattermost.service

Check that Mattermost is listening on port 8065:

# curl http://localhost:8065

If everything is ok, activate the Mattermost service, which will allow the service to be launched automatically when your server starts:

systemctl enable mattermost.service

Step 4 : Configuring Nginx

We assume here that you already have an SSL certificate, so now we’ll configure nginx so that Mattermost is accessible from your domain or sub-domain.

As root:

# vim /etc/nginx/sites-available/

Copy the following content into and change the values to your domain name, and the path to the SSL certificate:

upstream backend {
 keepalive 32;

 proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;

 server {
  listen 80 default_server;
  return 301 https://$server_name$request_uri;

 server {
   listen 443 ssl http2;

     ssl on;
     ssl_certificate /path/to/fullchain.cer;
     ssl_certificate_key /path/to/ ;
     ssl_dhparam /etc/ssl/certs/dhparam.pem;
     ssl_session_cache shared:SSL:10m;
     ssl_session_tickets off;
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_ecdh_curve sect571r1:secp521r1:brainpoolP512r1:secp384r1:prime256v1:X25519;
     ssl_prefer_server_ciphers on;
     ssl_session_timeout 1d;
     ssl_stapling on;
     ssl_stapling_verify on;
     add_header Strict-Transport-Security max-age=15768000;

 location ~ /api/v[0-9]+/(users/)?websocket$ {
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    client_max_body_size 50M;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Frame-Options SAMEORIGIN;
    proxy_buffers 256 16k;
    proxy_buffer_size 16k;
    client_body_timeout 60;
    send_timeout 300;
    lingering_timeout 5;
    proxy_connect_timeout 90;
    proxy_send_timeout 300;
    proxy_read_timeout 90s;
    proxy_pass http://backend;

 location / {
    client_max_body_size 50M;
    proxy_set_header Connection "";
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Frame-Options SAMEORIGIN;
    proxy_buffers 256 16k;
    proxy_buffer_size 16k;
    proxy_read_timeout 600s;
    proxy_cache mattermost_cache;
    proxy_cache_revalidate on;
    proxy_cache_min_uses 2;
    proxy_cache_use_stale timeout;
    proxy_cache_lock on;
    proxy_http_version 1.1;
    proxy_pass http://backend;

Now activate the site:

# ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled/

Verify the configuration is correct:

nginx -t

And restart Nginx:

# systemctl restart nginx

If all went well, your Mattermost server is available at the address you used. Your Mattermost install is now complete. The first time you visit you can create your first user in the system.