Merge branch 'master' of https://git.oopen.de/install/mattermost

README.marktplatz-plugins

@@ -0,0 +1,10 @@
+# ====================
+# Mattermost Marketplace
+#
+# Extend and integrate with Mattermost Apps
+# ====================
+
+
+# i.e.: Video Calling and Screensharing
+#
+#     see: https://mattermost.com/marketplace-category/video-calling/

README.migrate-MySQL-to-PostgreSQL

@@ -0,0 +1,412 @@
+
+# see:
+#
+#  https://docs.mattermost.com/deploy/postgres-migration-assist-tool.html
+#  https://docs.mattermost.com/deploy/manual-postgres-migration.html
+#
+#  https://docs.mattermost.com/deploy/postgres-migration.html
+
+MATTERMOST_VERSION="v9.11.6"
+
+# Postgresql
+psql_db_host="10.0.3.147"
+psql_db_port="5432"
+psql_db_name="mattermost"
+psql_db_user="mattermost"
+psql_db_password='C5jzznfvn.-WV6J7-4rgT'
+
+POSTGRES_DSN="postgres://${psql_db_user}:${psql_db_password}@${psql_db_host}:${psql_db_port}/${psql_db_name}"
+
+# Mysql
+mysql_db_host="10.0.3.147"
+mysql_db_port="3306"
+mysql_db_name="mattermost"
+mysql_db_user="mattermost"
+mysql_db_password='C5jzznfvn%%WV6J7-4rgT'
+
+MYSQL_DSN="${mysql_db_user}:${mysql_db_password}@tcp(${mysql_db_host}:${mysql_db_port})/${mysql_db_name}"
+
+pgloader_bin='/usr/local/src/pgloader/pgloader/build/bin/pgloader'
+
+
+# ---
+# Compile/Install pgloader  from source
+# ---
+
+apt purge pgloader
+apt --purge autoremove
+mkdir -p "/usr/local/src/pgloader/"
+cd "/usr/local/src/pgloader/"
+git clone https://github.com/dimitri/pgloader.git
+apt-get install sbcl unzip libsqlite3-dev make curl gawk freetds-dev libzip-dev
+cd pgloader
+/build/bin/pgloader --help
+
+
+# ---
+# Completely deinstall postgresql
+#
+# ---
+
+DEBIAN_FRONTEND=noninteractive apt purge -y postgresql postgresql-*
+rm -rf /var/lib/postgresql
+rm -rf /etc/postgresql
+rm -rf /var/log/postgresql
+
+DEBIAN_FRONTEND=noninteractive apt install -y --allow-unauthenticated postgresql
+
+# Adjust files 
+#
+#     /etc/postgresql/15/main/pg_hba.conf
+#     /etc/postgresql/15/main/postgresql.conf
+#
+#
+#  /etc/postgresql/15/main/postgresql.conf
+#
+#    Find the following line: #listen_addresses = 'localhost'
+#    Uncomment the line and change localhost to *: listen_addresses = '*'
+#    Restart PostgreSQL for the change to take effect by running:
+#
+#
+#  /etc/postgresql/{version}/main/pg_hba.conf
+#
+#    Find the following lines:
+#
+#        local   all             all                        peer
+#
+#        host    all             all         ::1/128        ident
+#
+#    Change peer and ident to trust:
+#
+#        local   all             all                        trust
+#
+#        host    all             all         ::1/128        trust
+#
+#
+# Remote Database (separate server)
+#
+# If the Mattermost server and the database are on different machines:
+#
+#   /etc/postgresql/{version}/main/pg_hba.conf in a text editor as root user.
+#
+#     Add the following line to the end of the file, where {mattermost-server-IP} is the 
+#     IP address of the Mattermost server: 
+#
+#        host all all {mattermost-server-IP}/32 md5.
+#
+cp -a /etc/postgresql/15/main/pg_hba.conf /etc/postgresql/15/main/pg_hba.conf.ORIG
+cp /root/postgresql_15_main/pg_hba.conf /etc/postgresql/15/main/pg_hba.conf
+
+cp -a /etc/postgresql/15/main/postgresql.conf /etc/postgresql/15/main/postgresql.conf.ORIG
+cp /root/postgresql_15_main/postgresql.conf /etc/postgresql/15/main/postgresql.conf
+
+systemctl restart postgresql
+
+
+# Create PostgreSQL Database om mattermost server..
+#
+# seee: https://docs.mattermost.com/install/prepare-mattermost-database.html
+#
+#  sudo -u postgres psql
+#
+#     CREATE DATABASE mm;
+#
+#     \connect mm
+#
+#     CREATE USER mmuser WITH PASSWORD 'mmuser-password';
+#
+#
+#     If you're configuring PostgreSQL v15.x or later:
+#
+#        GRANT ALL PRIVILEGES ON DATABASE mattermost to mmuser;
+#
+#        ALTER DATABASE mattermost OWNER TO mmuser;
+#
+#        GRANT USAGE, CREATE ON SCHEMA PUBLIC TO mmuser;
+#
+#
+# Note:
+#    Error Occurred: could not check schema owner: the user "mmuser" is not owner of the "public" schema
+#
+#     Fix: on postreSQL monitor insert:
+#
+#        ALTER SCHEMA public OWNER TO mmuser;
+#        GRANT ALL ON SCHEMA public to mmuser;
+#
+cd /tmp
+sudo -u postgres psql -c "CREATE DATABASE ${psql_db_name};"
+
+sudo -u postgres psql ${psql_db_name} -c "CREATE USER ${psql_db_user} WITH PASSWORD '${psql_db_password}';"
+sudo -u postgres psql ${psql_db_name} -c "GRANT ALL PRIVILEGES ON DATABASE ${psql_db_name} to ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "ALTER DATABASE ${psql_db_name} OWNER TO ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "ALTER SCHEMA public OWNER TO ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "GRANT ALL ON SCHEMA public to ${psql_db_user};"
+
+systemctl stop postgresql
+systemctl start postgresql
+
+
+# ==============================
+#
+# Note: On mattermost Host in file my.cnf set:
+# ============================================
+#
+#     [mysqld]
+#     ...
+#     default-authentication-plugin = mysql_native_password
+#     
+# ==============================
+
+
+# ==============================
+# Automated PostgreSQL migration
+# ==============================
+
+# Step 1 - Check the MySQL database schema
+# ========================================
+#
+# run  the following command:
+#
+#     migration-assist mysql "<MYSQL_DSN>" --fix-artifacts --fix-unicode --fix-varchar
+#
+#
+# Example MySQ_ DSN: "user:password@tcp(address:3306)/db_name"
+#
+migration-assist mysql ${MYSQL_DSN} \
+   --fix-artifacts \
+   --fix-unicode \
+   --fix-varchar
+
+# Output was:
+#
+#     2024-12-25 12:59:01 pinging mysql...
+#     2024-12-25 12:59:01 connected to mysql successfully...
+#     2024-12-25 12:59:01 running checks for artifacts...
+#     2024-12-25 12:59:01 a fix is required for: schema_migrations
+#     2024-12-25 12:59:01 the fix query has been executed successfully.
+#     2024-12-25 12:59:01 4 checks been made, all good for artifacts
+#     2024-12-25 12:59:01 running checks for unicode...
+#     2024-12-25 12:59:02 11 checks been made, all good for unicode
+#     2024-12-25 12:59:02 running checks for varchar...
+#     2024-12-25 12:59:02 8 checks been made, all good for varchar
+#     2024-12-25 12:59:02 running checks for varchar-extended...
+#     2024-12-25 12:59:02 a fix is required for: linkmetadata.url
+#     2024-12-25 12:59:02 the fix query has been executed successfully.
+#     2024-12-25 12:59:02 12 checks been made, all good for varchar-extended
+#
+
+
+
+# Step 2 - Create the PostgreSQL database schema
+# ==============================================
+#
+# run the following command:
+#
+#     migration-assist postgres "<POSTGRES_DSN>" --run-migrations --mattermost-version="<MATTERMOST_VERSION>"
+#
+#
+# Example POSTGRES_DSN: "postgres://user:password@address:5432/db_name"
+#
+# Example MATTERMOST_VERSION: "v9.4.0"
+#
+#migration-assist postgres ${POSTGRES_DSN} --run-migrations --mattermost-version=${MATTERMOST_VERSION}
+
+migration-assist postgres ${POSTGRES_DSN} --run-migrations --mattermost-version ${MATTERMOST_VERSION}
+
+# Output was:
+#
+#     2024-12-25 13:14:41 pinging postgres...
+#     2024-12-25 13:14:41 connected to postgres successfully.
+#     2024-12-25 13:14:41 schema owner check passed.
+#     2024-12-25 13:14:41 checking if tables are empty...
+#     2024-12-25 13:14:41 cloning repository@9.11.1
+#     2024-12-25 13:14:41 git version: git version 2.39.5
+#     2024-12-25 13:14:42 checking out...
+#     2024-12-25 13:14:42 moving migration files into a better place..
+#     2024-12-25 13:14:42 running migrations..
+#     2024-12-25 13:14:43 migrations applied.
+#
+
+
+# Step 3 - Generate a pgloader configuration
+# ==========================================
+#
+# run the following command:
+#
+#     migration-assist pgloader --mysql="<MYSQL_DSN>" --postgres="<POSTGRES_DSN>" > migration.load
+#
+migration-assist pgloader  --mysql $MYSQL_DSN --postgres $POSTGRES_DSN | tee migration.load
+
+# Output was:
+#
+#     LOAD DATABASE
+#         FROM       mysql://mmuser:aiqu7oghae1eZai3@10.0.3.42:3306/mm
+#         INTO       pgsql://mmuser:aiqu7oghae1eZai3@10.0.3.42:5432/mm
+#
+#     WITH data only,
+#         workers = 8, concurrency = 1,
+#         multiple readers per thread, rows per range = 10000,
+#         prefetch rows = 10000, batch rows = 2500,
+#         create no tables, create no indexes,
+#         preserve index names
+#
+#     SET PostgreSQL PARAMETERS
+#         maintenance_work_mem to '128MB',
+#         work_mem to '12MB'
+#
+#     SET MySQL PARAMETERS
+#         net_read_timeout  = '120',
+#         net_write_timeout = '120'
+#
+#      CAST column Channels.Type to "channel_type" drop typemod,
+#         column Teams.Type to "team_type" drop typemod,
+#         column UploadSessions.Type to "upload_session_type" drop typemod,
+#         column ChannelBookmarks.Type to "channel_bookmark_type" drop typemod,
+#         column Drafts.Priority to text,
+#         type int when (= precision 11) to integer drop typemod,
+#         type bigint when (= precision 20) to bigint drop typemod,
+#         type text to varchar drop typemod using remove-null-characters,
+#         type tinyint when (<= precision 4) to boolean using tinyint-to-boolean,
+#         type json to jsonb drop typemod using remove-null-characters
+#
+#     EXCLUDING TABLE NAMES MATCHING ~<IR_>, ~<focalboard>, ~<calls>, 'schema_migrations', 'db_migrations', 'db_lock',
+#         'configurations', 'configurationfiles', 'db_config_migrations'
+#
+#     BEFORE LOAD DO
+#         $$ ALTER SCHEMA public RENAME TO mm; $$,
+#         $$ TRUNCATE TABLE mm.systems; $$,
+#         $$ DROP INDEX IF EXISTS mm.idx_posts_message_txt; $$,
+#         $$ DROP INDEX IF EXISTS mm.idx_fileinfo_content_txt; $$
+#
+#     AFTER LOAD DO
+#         $$ UPDATE mm.db_migrations set name='add_createat_to_teamembers' where version=92; $$,
+#         $$ ALTER SCHEMA mm RENAME TO public; $$,
+#         $$ SELECT pg_catalog.set_config('search_path', '"$user", "$user", public', false); $$,
+#         $$ ALTER USER mmuser SET SEARCH_PATH TO '"$user", public'; $$;
+
+
+# Step 3.1 - Add missing tables..
+# ===============================
+#
+# 
+#
+# At mttermost host
+#
+#     - Create sql file /root/bin/mattermost-migration.sql (includes miising tables/indexes/..)
+#
+#     - run: cd /tmp; sudo -u postgres psql mattermost < /root/bin/mattermost-migration.sql
+#
+cd /tmp; sudo -u postgres psql mattermost < /root/bin/mattermost-migration.sql
+
+
+# Step 4 - Run pgloader
+# =====================
+#
+# Run pgloader with the generated configuration file:
+#
+#     pgloader migration.load > migration.log
+#
+${pgloader_bin} migration.load | tee migration.log
+
+
+# Step 5 - Restore full-text indexes
+# ==================================
+#
+# Run the following command to create the full-text indexes for the Posts and FileInfo tables:
+#
+#     migration-assist postgres post-migrate "<POSTGRES_DSN>"
+#
+# This command creates the full-text indexes for the Posts and FileInfo tables. See the 
+# Restore full-text indexes documentation for more information.
+#
+migration-assist postgres post-migrate $POSTGRES_DSN | tee postgres-post-migrate.log
+
+
+# Step 6 - Complete plugin migrations
+# ===================================
+#
+# Generate migration configuration for collaborative playbooks, boards and calls:
+#
+#     migration-assist pgloader boards --mysql="<MYSQL_DSN>" --postgres="<POSTGRES_DSN>" > boards.load
+#     migration-assist pgloader playbooks --mysql="<MYSQL_DSN>" --postgres="<POSTGRES_DSN>" > playbooks.load
+#     migration-assist pgloader calls --mysql="<MYSQL_DSN>" --postgres="<POSTGRES_DSN>" > calls.load
+#
+# Then run pgloader with the generated configuration files:
+#
+#     pgloader boards.load > boards_migration.log
+#     pgloader playbooks.load > playbooks_migration.log
+#     pgloader calls.load > calls.log
+#
+# Note:
+# Carefully read the log file to analyze whether there were any errors during the migration process. 
+# See the Plugin migrations documentation 
+#     https://docs.mattermost.com/deploy/manual-postgres-migration.html#plugin-migrations)
+# for information on migrating Playbooks, Boards and Calls.
+#
+migration-assist pgloader boards --mysql="${MYSQL_DSN}" --postgres="${POSTGRES_DSN}" | tee  boards.load
+migration-assist pgloader playbooks --mysql="${MYSQL_DSN}" --postgres="${POSTGRES_DSN}" | tee playbooks.load
+migration-assist pgloader calls --mysql=""${MYSQL_DSN} --postgres=""${POSTGRES_DSN} | tee calls.load
+
+
+# Prepare boards.load
+#
+# Delte entries:
+#
+#     column focalboard_teams.settings to "json" drop typemod using remove-null-characters,
+#     ...
+#     $$ UPDATE mattermost2.focalboard_teams SET "settings" = '{}'::json WHERE "settings"::text = ''; $$,
+#
+sed -i '/focalboard_teams.settings/d' boards.load
+sed -i '/mattermost.focalboard_teams/d' boards.load
+
+${pgloader_bin}  boards.load | tee boards_migration.log
+
+${pgloader_bin}  playbooks.load | tee playbooks_migration.log
+
+${pgloader_bin}  calls.load | tee calls.log
+
+
+
+# Important on postgres monitor console (psql mattermost), the requests 
+#
+#     SHOW SEARCH_PATH;
+# snd
+#     SELECT CURRENT_SCHEMA();
+#
+# must response as shown:
+#
+#
+#     mattermost=# SHOW SEARCH_PATH;
+#        search_path
+#     -----------------
+#      "$user", public
+#     (1 row)
+#
+#     mattermost=# SELECT CURRENT_SCHEMA();
+#      current_schema
+#     ----------------
+#      public
+#     (1 row)
+
+mattermost=# SELECT pg_catalog.set_config('search_path', '"$user",public"', false);
+#
+#     -----------------
+#      "$user",public"
+#     (1 Zeile)
+
+mattermost=# ALTER USER mattermost SET SEARCH_PATH TO "$user",public;
+#
+#     ALTER ROLE
+#     mattermost=# SHOW SEARCH_PATH;
+#        search_path
+#     -----------------
+#      "$user",public"
+#     (1 Zeile)
+
+# EXIT postgresQL monitor
+#
+mattermost=# \q
+
+
+

README.postgresql

@@ -0,0 +1,48 @@
+
+# see:
+#  https://docs.mattermost.com/install/prepare-mattermost-database.html
+
+# Postgresql
+psql_db_host="localhost"
+psql_db_port="5432"
+psql_db_name="mattermost"
+psql_db_user="mmuser"
+psql_db_password='YK-m-yoi9T-p.7fm'
+
+POSTGRES_DSN="postgres://${psql_db_user}:${psql_db_password}@${psql_db_host}:${psql_db_port}/${psql_db_name}?sslmode=disable\u0026connect_timeout=10"
+
+pg_hba_file="/etc/postgresql/15/main/pg_hba.conf"
+
+
+DEBIAN_FRONTEND=noninteractive apt install -y --allow-unauthenticated postgresql
+
+systemctl stop postgresql
+
+if ! $(grep -Eq "\s*^local\s+all\s+all\s+trust" "${pg_hba_file}"  2> /dev/null) ; then
+   perl -i.ORIG -n -p -e "s/\s*^((local\s+all\s+all\s+)\S+)/#\1\n\2trust/" "${pg_hba_file}"
+fi
+
+if ! $(grep -Eq "\s*^host\s+all\s+all\s+127\.[^[:space:]]+\s+md5" "${pg_hba_file}"  2> /dev/null) ; then
+   perl -i -n -p -e "s/\s*^((host\s+all\s+all\s+127\.\S+\s+)\S+)/#\1\n\2md5/" "${pg_hba_file}"
+fi
+
+if ! $(grep -Eq "\s*^host\s+all\s+all\s+::1[^[:space:]]+\s+md5" "${pg_hba_file}"  2> /dev/null) ; then
+   perl -i -n -p -e "s/\s*^((host\s+all\s+all\s+::1\S+\s+)\S+)/#\1\n\2md5/" "${pg_hba_file}"
+fi
+
+systemctl start postgresql
+systemctl enable postgresql
+
+
+echo ""
+
+cd /tmp
+sudo -u postgres psql -c "CREATE DATABASE ${psql_db_name};"
+sudo -u postgres psql ${psql_db_name} -c "CREATE USER ${psql_db_user} WITH PASSWORD '${psql_db_password}';"
+sudo -u postgres psql ${psql_db_name} -c "GRANT ALL PRIVILEGES ON DATABASE ${psql_db_name} to ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "ALTER DATABASE ${psql_db_name} OWNER TO ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${psql_db_user};"
+
+echo ""
+exit 0
+

README.upgrade

@@ -99,7 +99,7 @@
 # local storage directory: /opt/mattermost/data
 # ===========================================
 
-MM_NEW_VERSION=9.5.6
+MM_NEW_VERSION=10.5.5
 MM_BASE_INSTALL_PATH=/opt
 MM_DATA_DIR=/opt/mattermost/data
 

conf/mattermost.conf.sample

@@ -42,6 +42,17 @@ FQHN_HOSTNAME=""
 #MATTERMOST_BASE_INSTALL_PATH="/opt"
 
 
+# DB_TYPE
+#
+# Type of Mattermost database
+#
+# Possible values are 'pgsql' (PostgeSQL) or 'mysql' (MySQL)
+#
+# Defaults to POSTFIX_DB_TYPE="pgsql"
+#
+# DB_TYPE="pgsql"
+
+
 # MYSQL_CREDENTIAL_ARGS
 #
 # Giving password on command line is insecure an sind mysql 5.5

install-mattermost.sh

@@ -205,6 +205,8 @@ DEFAULT_MATTERMOST_USER="mattermost"
 DEFAULT_DB_NAME="mattermost"
 DEFAULT_DB_USER="mattermost"
 
+DEFAULT_DB_TYPE="pgsql"
+
 # generate random password
 regexp_digit="([23456789].*){2}"
 regexp_special_char="([-_%+].*){2}"
@@ -242,6 +244,20 @@ fi
 
 [[ -n "$FQHN_HOSTNAME" ]] && DEFAULT_FQHN_HOSTNAME="$FQHN_HOSTNAME"
 
+if [[ -n "$DB_TYPE" ]] ; then
+   if [[ "${DB_TYPE,,}" = "postgres" ]] || [[ "${DB_TYPE,,}" = "postgresql" ]] || [[ "${DB_TYPE,,}" = "pgsql" ]] || [[ "${DB_TYPE,,}" = "psql" ]] ; then
+
+      DEFAULT_DB_TYPE=pgsql
+
+   elif [[ "${DB_TYPE,,}" = "mysql" ]] ; then
+
+      DEFAULT_DB_TYPE=mysql
+
+   else
+      fatal "Wrong or empty Database Type (DB_TYPE) - must be 'mysql' or 'pgsql'."
+   fi
+fi
+
 [[ -n "$DB_NAME" ]] && DEFAULT_DB_NAME="$DB_NAME"
 [[ -n "$DB_USER" ]] && DEFAULT_DB_NAME="$DB_USER"
 [[ -n "$DB_PASS" ]] &&  DEFAULT_DB_PASS="$DB_PASS"
@@ -344,6 +360,45 @@ do
 done
 
 
+DB_TYPE=""
+echo ""
+echo -e "\033[32m--\033[m"
+echo ""
+echo "Choose Database Type"
+echo ""
+if [[ "$DEFAULT_DB_TYPE" = "mysql" ]]; then
+   echo -e "\033[3G\033[37m\033[1m[1] MySQL\033[m"
+else
+   echo -e "\033[3G[1] MySQL"
+fi
+if [[ "$DEFAULT_DB_TYPE" = "pgsql" ]] ; then
+   echo -e "\033[3G[2] \033[37m\033[1mPostgeSQL\033[m"
+else
+   echo -e "\033[3G[2] PostgeSQL"
+fi
+echo ""
+echo "Type a number or press <RETURN> to choose highlighted value"
+echo ""
+echononl "Eingabe: "
+while [ "$DB_TYPE" != "mysql" -a "$DB_TYPE" != "pgsql" ]; do
+   read OPTION
+   case $OPTION in
+      1)
+         DB_TYPE="mysql"
+         ;;
+      2)
+         DB_TYPE="pgsql"
+         ;;
+     '') DB_TYPE=$DEFAULT_DB_TYPE
+         ;;
+      *)
+         echo ""
+         echo -e "\033[3GFalsche Eingabe ! [ 1 = MySQL ; 2 = PostgreSQL ] or type <RETURN>"
+         echo ""
+         echononl "Eingabe: "
+         ;;
+   esac
+done
 
 
 DB_NAME=
@@ -418,7 +473,7 @@ else
    done
 fi
 
-
+if [[ "$DB_TYPE" = "mysql" ]] ; then
    if [[ -n "$MYSQL_CREDENTIAL_ARGS" ]] ; then
       if ! $(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e 'quit' > /dev/null 2>&1) ; then
          fatal "Parameter MYSQL_CREDENTIAL_ARGS is given, but a connection to MySQL Service failed.!"
@@ -453,7 +508,7 @@ else
          fi
       done
    fi
-
+fi
 
 
 echo ""
@@ -469,12 +524,20 @@ echo -e "\tMattermost user..........: $MATTERMOST_USER"
 echo -e "\tMattermost group.........: $MATTERMOST_GROUP"
 echo ""
 echo ""
+if [[ "${DB_TYPE}" = "pgsql" ]] ; then
+   echo -e "\tDatabase Type............: PostgreSQL"
+else
+   echo -e "\tDatabase Type............: MySQL"
+fi
+echo ""
+if [[ "${DB_TYPE}" = "mysql" ]]; then
    if $USE_MYSQL_CREDENTIAL_ARGS ; then
       echo -e "\tMYSQL_CREDENTIAL_ARGS....: $MYSQL_CREDENTIAL_ARGS"
    else
       echo -e "\tRoot password MySQL......: **"
    fi
    echo ""
+fi
 echo -e "\tDatabase Name............: $DB_NAME"
 echo -e "\tDatabase User............: $DB_USER"
 echo -e "\tDatabase Password........: $DB_PASS"
@@ -519,19 +582,60 @@ if $nginx_installed ; then
    echo -e "\033[85G[ \033[32mYES\033[m ]"
 else
    echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
+
+   echo ""
+   echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+   read OK
+   while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+      echononl "Wrong entry! - repeat [yes/nno]: "
+      read OK
+   done
+   [[ $OK = "yes" ]] || fatal "Abbruch durch User"
 fi
 
 _failed=false
+if [[ "${DB_TYPE}" = "mysql" ]]; then
    echononl "Check if MySQL Database Service is installed.."
    if $(dpkg -s mysql-server > "$log_file" 2>&1) ; then
-   mysql_server_installed=true
+      database_service_installed=true
    else
-   mysql_server_installed=false
+      database_service_installed=false
    fi
-if $mysql_server_installed ; then
+   if $database_service_installed ; then
       echo -e "\033[85G[ \033[32mYES\033[m ]"
    else
       echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
+
+      echo ""
+      echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+      read OK
+      while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+         echononl "Wrong entry! - repeat [yes/nno]: "
+         read OK
+      done
+      [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+   fi
+else
+   echononl "Check if PostgreSQL Database Service is installed.."
+   if $(dpkg -s postgresql > "$log_file" 2>&1) ; then
+      database_service_installed=true
+   else
+      database_service_installed=false
+   fi
+   if $database_service_installed ; then
+      echo -e "\033[85G[ \033[32mYES\033[m ]"
+   else
+      echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
+
+      echo ""
+      echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+      read OK
+      while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+         echononl "Wrong entry! - repeat [yes/nno]: "
+         read OK
+      done
+      [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+   fi
 fi
 
 
@@ -552,12 +656,12 @@ else
    echo -e "\033[85G[ \033[1;31mNOT present\033[m ]"
 fi
 
-if ! $nginx_installed || ! $mysql_server_installed ; then
+if ! $nginx_installed || ! $database_service_installed ; then
 
-   if ! $cert_present ; then
+   if ! $nginx_installed ; then
 
       fatal "Prerequisites are a correct installation of the NGINX Web Service as well
-             as a correct installation of the MySQL database service. 
+             as a correct installation of the $DB_TYPE database service.
 
              It's also highly recommended to have a valid certificate for your
              FQHN Hostname '${FQHN_HOSTNAME}'."
@@ -565,7 +669,7 @@ if ! $nginx_installed || ! $mysql_server_installed ; then
    else
 
       fatal "Prerequisites are a correct installation of the NGINX Web Service as well
-             as a correct installation of the MySQL database service."
+             as a correct installation of the $DB_TYPE database service."
    fi
 
 elif ! $cert_present ; then
@@ -603,7 +707,9 @@ fi
 
 blank_line
 
-echononl "Create Database User '${DB_USER}' with Password '${DB_PASS}'.."
+
+if [[ "${DB_TYPE}" = "mysql" ]] ; then
+   echononl "Create MySQL Database User '${DB_USER}' with Password '${DB_PASS}'.."
    if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS  -N -s -e \
             "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = '$DB_USER')" 2>/dev/null)" = 1 ]]; then
       echo_skipped
@@ -618,7 +724,7 @@ else
       fi
    fi
 
-echononl "Create Database '${DB_NAME}'.."
+   echononl "Create MySQL Database '${DB_NAME}'.."
    if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS  -N -s -e \
             "SHOW DATABASES LIKE '${DB_NAME}'" 2>/dev/null)" = "${DB_NAME}" ]]; then
 
@@ -652,6 +758,149 @@ if [[ $? -ne 0 ]]; then
    else
       echo_ok
    fi
+else
+
+   # Check if PostgreSQL database '$DB_NAME' exists ..
+   #
+   count=$(su - postgres -c "psql -q -A -t -l" | grep -c -e "^$DB_NAME")
+   if [[ $count -eq 0 ]];then
+      database_exists=false
+   else
+      database_exists=true
+   fi
+
+#   sudo -u postgres psql -c "CREATE DATABASE ${DB_NAME};" > $log_file 2>&1
+#   sudo -u postgres psql -c "CREATE USER ${DB_USER} WITH PASSWORD '${DB_PASS}';" > $log_file 2>&1
+#   sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE ${DB_NAME} to ${DB_USER};" > $log_file 2>&1
+#   sudo -u postgres psql -c "ALTER DATABASE ${DB_NAME} OWNER TO ${DB_USER};" > $log_file 2>&1
+#   sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${DB_USER};" > $log_file 2>&1
+
+   echononl "Create PostgreSQL database '${DB_NAME}'.."
+   if $database_exists ; then
+      echo_skipped
+   else
+      sudo -u postgres psql -c "CREATE DATABASE ${DB_NAME};" > $log_file 2>&1
+
+      if [[ $? -ne 0 ]] ; then
+         echo_failed
+         error "$(cat "$log_file")"
+
+         echo ""
+         echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+         read OK
+         while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+            echononl "Wrong entry! - repeat [yes/nno]: "
+            read OK
+         done
+         [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+
+      else
+         echo_ok
+      fi
+      
+   fi
+
+   echononl "Create PostgreSQL database user ${DB_USER}.."
+   if $database_exists ; then
+      echo_skipped
+   else
+
+      sudo -u postgres psql -c "CREATE USER ${DB_USER} WITH PASSWORD '${DB_PASS}';"  > $log_file 2>&1
+
+      if [[ $? -ne 0 ]] ; then
+         echo_failed
+         error "$(cat "$log_file")"
+
+         echo ""
+         echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+         read OK
+         while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+            echononl "Wrong entry! - repeat [yes/nno]: "
+            read OK
+         done
+         [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+
+      else
+         echo_ok
+      fi
+   fi
+
+   echononl "Grant the user access to the Mattermost database.."
+   if $database_exists ; then
+      echo_skipped
+   else
+
+      sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE ${DB_NAME} to ${DB_USER};" > $log_file 2>&1
+
+      if [[ $? -ne 0 ]] ; then
+         echo_failed
+         error "$(cat "$log_file")"
+
+         echo ""
+         echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+         read OK
+         while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+            echononl "Wrong entry! - repeat [yes/nno]: "
+            read OK
+         done
+         [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+
+      else
+         echo_ok
+      fi
+   fi
+
+   echononl "Change the owner of database '${DB_NAME}' to '${DB_USER}'.."
+   if $database_exists ; then
+      echo_skipped
+   else
+
+      sudo -u postgres psql -c "ALTER DATABASE ${DB_NAME} OWNER TO ${DB_USER};" > $log_file 2>&1
+
+      if [[ $? -ne 0 ]] ; then
+         echo_failed
+         error "$(cat "$log_file")"
+
+         echo ""
+         echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+         read OK
+         while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+            echononl "Wrong entry! - repeat [yes/nno]: "
+            read OK
+         done
+         [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+
+      else
+         echo_ok
+      fi
+   fi
+
+   echononl "Grant access to objects contained in the specified schema.."
+   if $database_exists ; then
+      echo_skipped
+   else
+
+      sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${DB_USER};" > $log_file 2>&1
+
+      if [[ $? -ne 0 ]] ; then
+         echo_failed
+         error "$(cat "$log_file")"
+
+         echo ""
+         echononl "\033[1mcontinue anyway\033[m [yes/no]: "
+         read OK
+         while [[ "${OK,,}" != "yes" ]] && [[  "${OK,,}" != "no" ]] ; do
+            echononl "Wrong entry! - repeat [yes/nno]: "
+            read OK
+         done
+         [[ $OK = "yes" ]] || fatal "Abbruch durch User"
+
+      else
+         echo_ok
+      fi
+   fi
+
+fi
 
 
 echo
@@ -756,6 +1005,7 @@ echo -e "\033[37m\033[1mConfigure Mattermost - file '/opt/mattermost/config/conf
 echo
 
 echononl "Set up 'SqlSettings'.."
+if  [[ "${DB_TYPE}" = "mysql" ]] ; then
    if ! $(grep -q -E "^\s*\"DriverName\":\s+mysql" /opt/mattermost/config/config.json 2> "$log_file") ; then
 
       _found=false
@@ -799,9 +1049,56 @@ EOF
    else
       echo_skipped
    fi
+else
+   if ! $(grep -q -E "^\s*\"DriverName\":\s+postgres" /opt/mattermost/config/config.json 2> "$log_file") ; then
+
+      _found=false
+      :> ${LOCK_DIR}/config.json
+      :> $log_file
+
+      while IFS='' read -r _line || [[ -n $_line ]] ; do
+
+
+         if $_found && echo "$_line" | grep -iq -E "^\s*\"DriverName\":" 2> /dev/null ; then
+            cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
+      "DriverName": "postgres",
+EOF
+         elif $_found && echo "$_line" | grep -iq -E "^\s*\"DataSource\":" 2> /dev/null ; then
+            cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
+      "DataSource": "postgres://${DB_USER}:${DB_PASS}@localhost:5432/${DB_NAME}?sslmode=disable\\u0026connect_timeout=10",
+EOF
+         else
+            echo "$_line" >> ${LOCK_DIR}/config.json 2> "$log_file"
+         fi
+
+         if ! $_found && echo "$_line" | grep -iq -E "^\s*\"SqlSettings\"" 2> /dev/null ; then
+            _found=true
+         fi
+
+         if $_found && echo "$_line" | grep -iq -E "^\s*\}," 2> /dev/null ; then
+            _found=false
+         fi
+
+      done < "/opt/mattermost/config/config.json"
+
+      cp -a "${LOCK_DIR}/config.json" /opt/mattermost/config/config.json >> "$log_file" 2>&1
+
+      if [[ -s "$log_file" ]] ; then
+         echo_failed
+         error "$(cat "$log_file")"
+      else
+         echo_ok
+      fi
+
+   else
+      echo_skipped
+   fi
+   :
+fi
+
 
 echononl "Set up 'ServiceSettings'.."
-if ! $(grep -q -E "^\s*\"DriverName\":\s+mysql" /opt/mattermost/config/config.json 2> "$log_file") ; then 
+if ! $(grep -q -E "^\s*\"SiteURL\":\s+\"https://${FQHN_HOSTNAME}\"" /opt/mattermost/config/config.json 2> "$log_file") ; then
 
    _found=false
    :> ${LOCK_DIR}/config.json
@@ -861,6 +1158,7 @@ echo -e "\033[37m\033[1mSetup Mattermost to use systemd for starting and stoppin
 echo
 
 echononl "Create a systemd unit file.."
+if [[ "${DB_TYPE}" = "mysql" ]] ; then
    cat <<EOF > /etc/systemd/system//mattermost.service 2>"$log_file"
 [Unit]
 Description=Mattermost
@@ -872,6 +1170,7 @@ Requires=mysql.service
 Type=notify
 ExecStart=/opt/mattermost/bin/mattermost
 TimeoutStartSec=3600
+KillMode=mixed
 Restart=always
 RestartSec=10
 WorkingDirectory=/opt/mattermost
@@ -888,6 +1187,35 @@ if [[ -s "$log_file" ]] ; then
    else
       echo_ok
    fi
+else
+   cat <<EOF > /etc/systemd/system//mattermost.service 2>"$log_file"
+[Unit]
+Description=Mattermost
+After=network.target
+
+[Service]
+Type=notify
+ExecStart=/opt/mattermost/bin/mattermost
+TimeoutStartSec=3600
+KillMode=mixed
+Restart=always
+RestartSec=10
+WorkingDirectory=/opt/mattermost
+User=mattermost
+Group=mattermost
+LimitNOFILE=49152
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+   if [[ -s "$log_file" ]] ; then
+      echo_failed
+      error "$(cat "$log_file")"
+   else
+      echo_ok
+   fi
+fi
 
 
 echononl "Make systemd load the new unit.."
@@ -964,6 +1292,8 @@ server {
 
    server_name ${FQHN_HOSTNAME};
 
+   http2_push_preload on; # Enable HTTP/2 Server Push
+
    # Include location directive for Let's Encrypt ACME Challenge
    #
    # Needed for (automated) updating certificate
@@ -983,22 +1313,26 @@ server {
    #
    ssl_dhparam /etc/nginx/ssl/dhparam.pem;
 
-   # Eable session resumption to improve https performance
-   ssl_session_cache shared:SSL:50m;
-   ssl_session_timeout 10m;
-   ssl_session_tickets off;
-
-   #ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # omit SSLv3 because of POODLE
-   # omit SSLv3 because of POODLE
-   # omit  TLSv1 TLSv1.1
+   # Enable TLS versions (TLSv1.3 is required upcoming HTTP/3 QUIC).
    ssl_protocols TLSv1.2 TLSv1.3;
 
+   # Enable TLSv1.3's 0-RTT. Use \$ssl_early_data when reverse proxying to
+   # prevent replay attacks.
+   #
+   # @see: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data
+   ssl_early_data on;
+
    # ECDHE better than DHE (faster)  ECDHE & DHE GCM better than CBC (attacks on AES)
    # Everything better than SHA1 (deprecated)
    #
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
    ssl_prefer_server_ciphers on;
 
+   # Eable session resumption to improve https performance
+   ssl_session_cache shared:SSL:50m;
+   ssl_session_timeout 10m;
+   ssl_session_tickets off;
+
    # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
    #
    add_header Strict-Transport-Security max-age=15768000;
@@ -1008,11 +1342,13 @@ server {
    ssl_stapling on;
    ssl_stapling_verify on;
 
-   location ~ /api/v[0-9]+/(users/)?websocket$ {
+   add_header X-Early-Data \$tls1_3_early_data;
+
+   location ~ /api/v[0-9]+/(users/)?websocket\$ {
       proxy_set_header Upgrade \$http_upgrade;
       proxy_set_header Connection "upgrade";
       client_max_body_size 50M;
-      proxy_set_header Host \$http_host;
+      proxy_set_header Host \$host;
       proxy_set_header X-Real-IP \$remote_addr;
       proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto \$scheme;
@@ -1020,18 +1356,19 @@ server {
       proxy_buffers 256 16k;
       proxy_buffer_size 16k;
       client_body_timeout 60;
-      send_timeout 300;
+      send_timeout 300s;
       lingering_timeout 5;
-      proxy_connect_timeout 90;
-      proxy_send_timeout 300;
+      proxy_connect_timeout 90s;
+      proxy_send_timeout 300s;
       proxy_read_timeout 90s;
+      proxy_http_version 1.1;
       proxy_pass http://mm_backend;
    }
 
    location / {
-      client_max_body_size 50M;
+      client_max_body_size 100M;
       proxy_set_header Connection "";
-      proxy_set_header Host \$http_host;
+      proxy_set_header Host \$host;
       proxy_set_header X-Real-IP \$remote_addr;
       proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto \$scheme;
@@ -1049,6 +1386,14 @@ server {
    }
 }
 
+# This block is useful for debugging TLS v1.3. Please feel free to remove this
+# and use the '\$ssl_early_data' variable exposed by NGINX directly should you
+# wish to do so.
+map \$ssl_early_data \$tls1_3_early_data {
+  "~." \$ssl_early_data;
+  default "";
+}
+
 EOF
 if [[ $? -ne 0 ]]; then
    echo_failed
@@ -1203,6 +1548,41 @@ EOF
 fi
 
 
+_key="DB_TYPE"
+_val="$DB_TYPE"
+echononl "Update Parameter '$_key'.."
+if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
+   echo_skipped
+elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
+   perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
+   if [[ $? -ne 0 ]]; then
+      echo_failed
+      error "$(cat "$log_file")"
+   else
+      echo_ok
+   fi
+elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
+   perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
+   if [[ $? -ne 0 ]]; then
+      echo_failed
+      error "$(cat "$log_file")"
+   else
+      echo_ok
+   fi
+else
+   cat <<EOF >> "$conf_file" 2> "$log_file"
+
+${_key}=${_val}
+EOF
+   if [[ $? -ne 0 ]]; then
+      echo_failed
+      error "$(cat "$log_file")"
+   else
+      echo_ok
+   fi
+fi
+
+
 _key="DB_NAME"
 _val="$DB_NAME"
 echononl "Update Parameter '$_key'.."

mattermost-migration.sql

@@ -0,0 +1,265 @@
+
+--
+-- Name: ir_category; Type: TABLE; Schema: public; Owner: mattermost
+--
+
+CREATE TABLE IF NOT EXISTS public.ir_category (
+    id character varying(26) NOT NULL,
+    name character varying(512) NOT NULL,
+    teamid character varying(26) NOT NULL,
+    userid character varying(26) NOT NULL,
+    collapsed boolean DEFAULT false,
+    createat bigint NOT NULL,
+    updateat bigint DEFAULT 0 NOT NULL,
+    deleteat bigint DEFAULT 0 NOT NULL
+);
+ALTER TABLE public.ir_category OWNER TO mattermost;
+
+
+--
+-- Name: ir_category_item; Type: TABLE; Schema: public; Owner: mattermost
+--
+
+
+CREATE TABLE IF NOT EXISTS public.ir_category_item (
+    type character varying(1) NOT NULL,
+    categoryid character varying(26) NOT NULL,
+    itemid character varying(26) NOT NULL
+);
+ALTER TABLE public.ir_category_item OWNER TO mattermost;
+
+
+--
+-- Name: ir_channelaction; Type: TABLE; Schema: public; Owner: mattermost
+--
+
+CREATE TABLE IF NOT EXISTS public.ir_channelaction (
+    id character varying(26) NOT NULL,
+    channelid character varying(26),
+    enabled boolean DEFAULT false,
+    deleteat bigint DEFAULT '0'::bigint NOT NULL,
+    actiontype character varying(65536) NOT NULL,
+    triggertype character varying(65536) NOT NULL,
+    payload json NOT NULL
+);
+
+
+ALTER TABLE public.ir_channelaction OWNER TO mattermost;
+
+--
+-- Name: ir_incident; Type: TABLE; Schema: public; Owner: mattermost
+--
+
+CREATE TABLE public.ir_incident (
+    id character varying(26) NOT NULL,
+    name character varying(1024) NOT NULL,
+    description character varying(4096) NOT NULL,
+    isactive boolean NOT NULL,
+    commanderuserid character varying(26) NOT NULL,
+    teamid character varying(26) NOT NULL,
+    channelid character varying(26) NOT NULL,
+    createat bigint NOT NULL,
+    endat bigint DEFAULT '0'::bigint NOT NULL,
+    deleteat bigint DEFAULT '0'::bigint NOT NULL,
+    activestage bigint NOT NULL,
+    postid character varying(26) DEFAULT ''::character varying NOT NULL,
+    playbookid character varying(26) DEFAULT ''::character varying NOT NULL,
+    checklistsjson json NOT NULL,
+    activestagetitle character varying(1024) DEFAULT ''::character varying,
+    reminderpostid character varying(26),
+    broadcastchannelid character varying(26) DEFAULT ''::character varying,
+    previousreminder bigint DEFAULT '0'::bigint NOT NULL,
+    remindermessagetemplate character varying(65536) DEFAULT ''::text,
+    currentstatus character varying(1024) DEFAULT 'Active'::character varying NOT NULL,
+    reporteruserid character varying(26) DEFAULT ''::character varying NOT NULL,
+    concatenatedinviteduserids character varying(65536) DEFAULT ''::text,
+    defaultcommanderid character varying(26) DEFAULT ''::character varying,
+    announcementchannelid character varying(26) DEFAULT ''::character varying,
+    concatenatedwebhookoncreationurls character varying(65536) DEFAULT ''::text,
+    concatenatedinvitedgroupids character varying(65536) DEFAULT ''::text,
+    retrospective character varying(65536) DEFAULT ''::text,
+    messageonjoin character varying(65536) DEFAULT ''::text,
+    retrospectivepublishedat bigint DEFAULT '0'::bigint NOT NULL,
+    retrospectivereminderintervalseconds bigint DEFAULT '0'::bigint NOT NULL,
+    retrospectivewascanceled boolean DEFAULT false,
+    concatenatedwebhookonstatusupdateurls character varying(65536) DEFAULT ''::text,
+    laststatusupdateat bigint DEFAULT '0'::bigint,
+    exportchannelonfinishedenabled boolean DEFAULT false NOT NULL,
+    categorizechannelenabled boolean DEFAULT false,
+    categoryname character varying(65536) DEFAULT ''::text,
+    concatenatedbroadcastchannelids character varying(65536) DEFAULT ''::text,
+    channelidtorootid character varying(65536) DEFAULT ''::text,
+    remindertimerdefaultseconds bigint DEFAULT '0'::bigint NOT NULL,
+    statusupdateenabled boolean DEFAULT true,
+    retrospectiveenabled boolean DEFAULT true
+);
+
+
+ALTER TABLE public.ir_incident OWNER TO mattermost;
+
+
+--
+-- Name: focalboard_blocks; Type: TABLE; Schema: public; Owner: mattermost
+--
+
+CREATE TABLE IF NOT EXISTS public.focalboard_blocks (
+    id character varying(36) NOT NULL,
+    insert_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP NOT NULL,
+    parent_id character varying(36),
+    schema bigint,
+    type text,
+    title text,
+    fields json,
+    create_at bigint,
+    update_at bigint,
+    delete_at bigint,
+    root_id character varying(36),
+    modified_by character varying(36) NOT NULL,
+    workspace_id character varying(36) NOT NULL,
+    created_by character varying(36) NOT NULL
+);
+
+ALTER TABLE public.focalboard_blocks OWNER TO mattermost;
+
+
+--
+-- Name: focalboard_blocks_history; Type: TABLE; Schema: public; Owner: mattermost
+--
+
+CREATE TABLE IF NOT EXISTS public.focalboard_blocks_history (
+    id character varying(36) NOT NULL,
+    insert_at timestamp with time zone DEFAULT CURRENT_TIMESTAMP NOT NULL,
+    parent_id character varying(36),
+    schema bigint,
+    type text,
+    title text,
+    fields json,
+    create_at bigint,
+    update_at bigint,
+    delete_at bigint,
+    root_id character varying(36),
+    modified_by character varying(36),
+    workspace_id character varying(36),
+    created_by character varying(36)
+);
+
+ALTER TABLE public.focalboard_blocks_history OWNER TO mattermost;
+
+
+--
+-- Name: focalboard_sessions; Type: TABLE; Schema: public; Owner: mattermost
+--
+
+CREATE TABLE IF NOT EXISTS public.focalboard_sessions (
+    id character varying(100) NOT NULL,
+    token character varying(100),
+    user_id character varying(100),
+    props json,
+    create_at bigint,
+    update_at bigint,
+    auth_service character varying(20)
+);
+
+
+ALTER TABLE public.focalboard_sessions OWNER TO mattermost;
+
+
+--
+-- Name: focalboard_users; Type: TABLE; Schema: public; Owner: mattermost
+--
+
+CREATE TABLE IF NOT EXISTS public.focalboard_users (
+    id character varying(100) NOT NULL,
+    username character varying(100),
+    email character varying(255),
+    password character varying(100),
+    mfa_secret character varying(100),
+    auth_service character varying(20),
+    auth_data character varying(255),
+    props json,
+    create_at bigint,
+    update_at bigint,
+    delete_at bigint
+);
+
+ALTER TABLE public.focalboard_users OWNER TO mattermost;
+
+
+--
+-- Name: focalboard_blocks idx_25969_primary; Type: CONSTRAINT; Schema: public; Owner: mattermost
+--
+
+ALTER TABLE ONLY public.focalboard_blocks
+    ADD CONSTRAINT idx_25969_primary PRIMARY KEY (workspace_id, id);
+
+
+--
+-- Name: focalboard_blocks_history idx_25975_primary; Type: CONSTRAINT; Schema: public; Owner: mattermost
+--
+
+ALTER TABLE ONLY public.focalboard_blocks_history
+    ADD CONSTRAINT idx_25975_primary PRIMARY KEY (id, insert_at);
+
+
+--
+-- Name: focalboard_sessions idx_25987_primary; Type: CONSTRAINT; Schema: public; Owner: mattermost
+--
+
+ALTER TABLE ONLY public.focalboard_sessions
+    ADD CONSTRAINT idx_25987_primary PRIMARY KEY (id);
+
+
+--
+-- Name: focalboard_users idx_26003_primary; Type: CONSTRAINT; Schema: public; Owner: mattermost
+--
+
+ALTER TABLE ONLY public.focalboard_users
+    ADD CONSTRAINT idx_26003_primary PRIMARY KEY (id);
+
+
+--
+-- Name: ir_channelaction idx_26042_primary; Type: CONSTRAINT; Schema: public; Owner: mattermost
+--
+
+ALTER TABLE ONLY public.ir_channelaction
+    ADD CONSTRAINT idx_26042_primary PRIMARY KEY (id);
+
+
+--  
+-- Name: ir_incident idx_26049_primary; Type: CONSTRAINT; Schema: public; Owner: mattermost
+--
+
+ALTER TABLE ONLY public.ir_incident
+    ADD CONSTRAINT idx_26049_primary PRIMARY KEY (id);
+
+
+
+--
+-- Name: ir_category_item ir_category_item_pkey; Type: CONSTRAINT; Schema: public; Owner: mattermost
+--
+
+ALTER TABLE ONLY public.ir_category_item
+    ADD CONSTRAINT ir_category_item_pkey PRIMARY KEY (categoryid, itemid, type);
+
+
+--
+-- Name: ir_category ir_category_pkey; Type: CONSTRAINT; Schema: public; Owner: mattermost
+--
+
+ALTER TABLE ONLY public.ir_category
+    ADD CONSTRAINT ir_category_pkey PRIMARY KEY (id);
+
+
+--
+-- Name: ir_category_item_categoryid; Type: INDEX; Schema: public; Owner: mattermost
+--
+
+CREATE INDEX IF NOT EXISTS ir_category_item_categoryid ON public.ir_category_item USING btree (categoryid);
+
+
+--
+-- Name: ir_category_teamid_userid; Type: INDEX; Schema: public; Owner: mattermost
+--
+
+CREATE INDEX IF NOT EXISTS ir_category_teamid_userid ON public.ir_category USING btree (teamid, userid);
+

reinstall_postgresql.sh

@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+
+MATTERMOST_VERSION="9.11.6"
+
+# Postgresql
+psql_db_host="10.0.3.147"
+psql_db_port="5432"
+psql_db_name="mattermost"
+psql_db_user="mattermost"
+psql_db_password='C5jzznfvn.-WV6J7-4rgT'
+
+POSTGRES_DSN="postgres://${psql_db_user}:${psql_db_password}@${psql_db_host}:${psql_db_port}/${psql_db_name}"
+
+# Mysql
+mysql_db_host="10.0.3.147"
+mysql_db_port="3306"
+mysql_db_name="mattermost"
+mysql_db_user="mattermost"
+mysql_db_password='C5jzznfvn%%WV6J7-4rgT'
+
+pgloader_bin='/usr/local/src/pgloader/pgloader/build/bin/pgloader'
+
+MYSQL_DSN="${mysql_db_user}:${mysql_db_password}@tcp(${mysql_db_host}:${mysql_db_port})/${mysql_db_name}"
+
+
+echo ""
+
+scho -e "\n\tapt purge -y postgresql postgresql-*"
+DEBIAN_FRONTEND=noninteractive apt purge -y postgresql postgresql-*
+
+echo -e "\n\trm -rf /var/lib/postgresql"
+rm -rf /var/lib/postgresql
+
+echo -e "\n\trm -rf /etc/postgresql"
+rm -rf /etc/postgresql
+
+echo -e "\n\trm -rf /var/log/postgresql"
+rm -rf /var/log/postgresql
+
+echo -e "\n\tDEBIAN_FRONTEND=noninteractive apt install -y --allow-unauthenticated postgresql"
+DEBIAN_FRONTEND=noninteractive apt install -y --allow-unauthenticated postgresql
+
+
+echo -e "\n\t"cp -a /etc/postgresql/15/main/pg_hba.conf /etc/postgresql/15/main/pg_hba.conf.ORIG
+cp -a /etc/postgresql/15/main/pg_hba.conf /etc/postgresql/15/main/pg_hba.conf.ORIG
+echo -e "\n\t"cp /root/postgresql_15_main/pg_hba.conf /etc/postgresql/15/main/pg_hba.conf
+cp /root/postgresql_15_main/pg_hba.conf /etc/postgresql/15/main/pg_hba.conf
+
+echo -e "\n\t"etc/postgresql/15/main/postgresql.conf /etc/postgresql/15/main/postgresql.conf.ORIG
+cp -a /etc/postgresql/15/main/postgresql.conf /etc/postgresql/15/main/postgresql.conf.ORIG
+echo -e "\n\t"p /root/postgresql_15_main/postgresql.conf /etc/postgresql/15/main/postgresql.conf
+cp /root/postgresql_15_main/postgresql.conf /etc/postgresql/15/main/postgresql.conf
+
+echo ""
+
+cd /tmp
+sudo -u postgres psql -c "CREATE DATABASE ${psql_db_name};"
+sudo -u postgres psql ${psql_db_name} -c "CREATE USER ${psql_db_user} WITH PASSWORD '${psql_db_password}';"
+sudo -u postgres psql ${psql_db_name} -c "GRANT ALL PRIVILEGES ON DATABASE ${psql_db_name} to ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "ALTER DATABASE ${psql_db_name} OWNER TO ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "ALTER SCHEMA public OWNER TO ${psql_db_user};"
+sudo -u postgres psql ${psql_db_name} -c "GRANT ALL ON SCHEMA public to ${psql_db_user};"
+
+echo -e "\n\tsystemctl stop postgresql"
+systemctl stop postgresql
+
+echo -e "\n\tsystemctl start postgresql"
+systemctl start postgresql
+
+echo ""
+exit 0
+

upgrade-mattermost.sh

@@ -218,6 +218,8 @@ DEFAULT_FQHN_HOSTNAME="$(hostname -f)"
 DEFAULT_MATTERMOST_USER="mattermost"
 DEFAULT_MATTERMOST_GROUP="mattermost"
 
+DEFAULT_DB_TYPE="pgsql"
+
 DEFAULT_MATTERMOST_BASE_INSTALL_PATH="/opt"
 DEFAULT_MATTERMOST_TMP_DIR="/tmp"
 
@@ -231,6 +233,9 @@ fi
 
 [[ -n "$FQHN_HOSTNAME" ]] && DEFAULT_FQHN_HOSTNAME="$FQHN_HOSTNAME"
 
+if [[ -z "$DB_TYPE" ]] ; then
+   fatal "Missing database type (DB_TYPE)!"
+fi
 if [[ -z "$DB_NAME" ]] ; then
    fatal "Missing database name (DB_NAME)!"
 fi
@@ -308,7 +313,8 @@ else
    done
 fi
 
-MATTERMOST_CURRENT_VERSION="$(${MATTERMOST_BASE_INSTALL_PATH}/mattermost/bin/mattermost version 2> /dev/null | grep -E "^Build Number:" | cut -d' ' -f3)"
+MATTERMOST_CURRENT_VERSION="$(${MATTERMOST_BASE_INSTALL_PATH}/mattermost/bin/mattermost version 2> /dev/null | grep -E "^Version:" | cut -d' ' -f2)"
+MATTERMOST_CURRENT_BUILD_NUMBER="$(${MATTERMOST_BASE_INSTALL_PATH}/mattermost/bin/mattermost version 2> /dev/null | grep -E "^Build Number:" | cut -d' ' -f3)"
 
 
 
@@ -404,6 +410,7 @@ do
 done
 
 
+if [[ "$DB_TYPE" = "mysql" ]] ; then
    if [[ -n "$MYSQL_CREDENTIAL_ARGS" ]] ; then
       if ! $(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e 'quit' > /dev/null 2>&1) ; then
          fatal "Parameter MYSQL_CREDENTIAL_ARGS is given, but a connection to MySQL Service failed.!"
@@ -438,6 +445,7 @@ else
          fi
       done
    fi
+fi
 
 
 
@@ -446,6 +454,7 @@ blank_line
 echo -e "\033[32mStart upgrade script for Mattermost Server with the following parameters\033[m"
 echo ""
 echo -e "   Mattermost current Server Version.: $MATTERMOST_CURRENT_VERSION"
+echo -e "   Mattermost current Build Number...: $MATTERMOST_CURRENT_BUILD_NUMBER"
 echo ""
 echo -e "   Mattermost New Server Version.....: \033[33m\033[1m$MM_NEW_VERSION\033[m"
 echo ""
@@ -460,11 +469,19 @@ echo -e "   Mattermost user...................: $MATTERMOST_USER"
 echo -e "   Mattermost group..................: $MATTERMOST_GROUP"
 echo ""
 echo ""
+if [[ "${DB_TYPE}" = "pgsql" ]] ; then
+   echo -e "   Database Type.....................: PostgreSQL"
+else
+   echo -e "   Database Type.....................: MySQL"
+fi
+echo ""
+if [[ "${DB_TYPE}" = "mysql" ]]; then
    if $USE_MYSQL_CREDENTIAL_ARGS ; then
       echo -e "   MYSQL_CREDENTIAL_ARGS.............: $MYSQL_CREDENTIAL_ARGS"
    else
       echo -e "   Root password MySQL...............: **"
    fi
+fi
 echo ""
 echo -e "   Database Name.....................: $DB_NAME"
 echo -e "   Database User.....................: $DB_USER"
@@ -586,6 +603,7 @@ else
 fi
 
 echononl "Backup mattermost database.."
+if [[ "${DB_TYPE}" = "mysql" ]]; then
    mysqldump --login-path=local --opt $DB_NAME \
       > ${MATTERMOST_BASE_INSTALL_PATH}/${DB_NAME}-${backup_date}.sql 2> $log_file
    if [[ $? -ne 0 ]]; then
@@ -603,6 +621,24 @@ if [[ $? -ne 0 ]]; then
    else
       echo_ok
    fi
+else
+   pg_dump -U ${DB_USER} -F p -c ${DB_NAME} -f ${MATTERMOST_BASE_INSTALL_PATH}/${DB_NAME}-${backup_date}.sql 2> $log_file
+   if [[ $? -ne 0 ]]; then
+      echo_failed
+      error "$(cat "$log_file")"
+
+      echononl "continue anyway [yes/no]: "
+      read OK
+      OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')"
+      while [[ "$OK" != "yes" ]] && [[  "$OK" != "no" ]] ; do
+         echononl "Wrong entry! - repeat [yes/no]: "
+         read OK
+      done
+      [[ $OK = "yes" ]] || fatal "Stopped by user"
+   else
+      echo_ok
+   fi
+fi
 
 echononl "Backup mattermost installation directory.."
 cp -ra ${MATTERMOST_BASE_INSTALL_PATH}/mattermost/ \