Add mattermost service

containers/traefik/tasks.yml

@@ -38,6 +38,15 @@
         to_port: 443
         rule: allow
 
+    - name: Permit traffic from any IP to mattermost port
+      become: true
+      community.general.ufw:
+        direction: in
+        from_ip: any
+        proto: udp
+        to_port: 8443
+        rule: allow
+
     - name: Pull traefik image
       become_user: containers
       become: true
@@ -88,6 +97,7 @@
         - traefik-gitea
         - traefik-collabora
         - traefik-heimdall
+        - traefik-mattermost
 
     - name: Create traefik instance
       become_user: containers
@@ -99,6 +109,7 @@
         publish:
           - "80:80"
           - "443:443"
+          - "8443:8443"
         security_opt:
           - label=type:container_runtime_t
         volume:
@@ -111,6 +122,7 @@
           - traefik-gitea
           - traefik-collabora
           - traefik-heimdall
+          - traefik-mattermost
         cap_add:
           - NET_ADMIN
         label:
@@ -118,7 +130,7 @@
           traefik.enable: "true"
           traefik.http.middlewares.traefik-auth.basicauth.users: "{{ vault_traefik_basic_auth }}"
           traefik.http.routers.traefik.entrypoints: "https"
-          traefik.http.routers.traefik.rule: "Host(`{{ vault_domain }}`) && (PathPrefix(`/api`) || Path(`/dashboard`))"
+          traefik.http.routers.traefik.rule: "Host(`{{ vault_domain }}`) && (PathPrefix(`/api/`) || Path(`/api`) || PathPrefix(`/dashboard/`) || Path(`/dashboard`))"
           traefik.http.routers.traefik.middlewares: "traefik-auth@docker"
           traefik.http.routers.traefik.tls: "true"
           traefik.http.routers.traefik.tls.certresolver: "wildcard"

containers/traefik/templates/traefik.yml.j2

@@ -21,6 +21,8 @@ entryPoints:
           permanent: true
   https:
     address: ":443"
+  mmcalls:
+    address: ":8443/udp"
 
 providers:
   docker: