Skip to content

mattermost job from mattermost/8.0.0

Github source: 9ef4532 or master branch

Properties

mattermost

AnalyticsSettings

MaxUsersForStatistics

Sets the maximum number of users on the server before statistics for total posts, total hashtag posts, total file posts, posts per day, and active users with posts per day are disabled.

Default
2500

AnnouncementSettings

AllowBannerDismissal

Allow users to dismiss the banner after they have read the announcement

Default
true
BannerColor

Color of the banner itself

Default
'#f2a93b'
BannerText

Text to display in the announcemnet banner

Default
""
BannerTextColor

Color of the banner text

Default
'#333333'
EnableBanner

Enable the announcement banner

Default
false

ClusterSettings

ClusterName

The cluster to join by name. Only nodes with the same cluster name will join together. This is to support Blue-Green deployments or staging pointing to the same database. The deployment name will be used by default.

GossipPort

port used for gossip protocol

Default
8074
IdleConnTimeoutMilliseconds

Number of milliseconds to leave an idle connection open between servers in the cluster.

Default
90000
MaxIdleConns

Maximum number of idle connections held open from one server to all others in the cluster.

Default
100
MaxIdleConnsPerHost

Maximum number of idle connections held open from one server to another server in the cluster.

Default
128
StreamingPort

port used for streaming protocol

Default
8075
UseExperimentalGossip

The server attempts to communicate via the gossip protocol over the gossip port. If false, use the streaming port and streaming protocol. NOTE, this port is used for health status no matter what.

Default
false
UseIpAddress

The cluster attempts to communicate using the IP Address, if false, hostname is used

Default
true

ComplianceSettings

Directory

(E20) Sets the directory where compliance reports are written.

Default
./data/
Enable

(E20) Compliance reporting is enabled in Mattermost. (true|false)

Default
false
EnableDaily

(E20) Mattermost generates a daily compliance report. (true|false)

Default
false

DataRetentionSettings

DeletionJobStartTime

Set the start time of the daily scheduled data retention job. Choose a time when fewer people are using your system. Must be a 24-hour time stamp in the form HH:MM.

Default
02:00
EnableFileDeletion

Delete Files after FileRetentionDays days

Default
false
EnableMessageDeletion

Delete messages after MessageRetentionDays days

Default
false
FileRetentionDays

how many days files are kept in Mattermost. The minimum time is one day.

Default
365
MessageRetentionDays

how many days messages are kept in Mattermost. The minimum time is one day.

Default
365

DisplaySettings

CustomUrlSchemes

To add a list of URL schemes that are used for autolinking in message text.

Default
'[]'
ExperimentalTimeZone

to allow selecting the timezone used for timestamps in the user interface and email notifications

Default
false

ElasticsearchSettings

AggregatePostsAfterDays

Elasticsearch indexes over the age specified by this setting will be aggregated during the daily scheduled job.

Default
365
BulkIndexingTimeWindowSeconds

set the maximum time window for a batch of posts being indexed by the Bulk Indexer

Default
3600
ConnectionUrl

Url for the elasticsearch server

EnableIndexing

Enables indexing on elasticsearch

Default
false
EnableSearching

Enables searching with Elasticsearch

Default
false
IndexPrefix

Prefix on the Elasticsearch index name. Enables the use of Mattermost Elasticsearch on a shared Elasticsearch cluster.

Default
""
LiveIndexingBatchSize

set how many new posts are batched together before they are added to the Elasticsearch index

Default
1
Password

password for ES access

Default
""
PostIndexReplicas

how many replicas to use for each post index

Default
1
PostIndexShards

how many shards to use for each post index

Default
1
PostsAggregatorJobStartTime

The start time of the daily scheduled aggregator job.

Default
03:00
RequestTimeoutSeconds

set the timeout in seconds for Elasticseaerch calls

Default
30
Sniff

Enables sniffing on the ES server

Default
true
Username

username for ES access

Default
""

EmailSettings

ConnectionSecurity

Email connection Security (“”|PLAIN|TLS|STARTTLS)

Default
""
EmailNotificationContentType

specify the amount of detail sent in email notification contents

Default
full
EnableEmailBatching

Users can select how often to receive email notifications, and multiple notifications within that timeframe will be combined into a single email.

Default
false
EnablePreviewModeBanner

Allows Preview Mode banner to be displayed so users are aware that email notifications are disabled.

Default
true
EnableSMTPAuth

support SMTP servers requiring no authentication

Default
true
EnableSignInWithEmail

Mattermost allows users to sign in using their email and password. (true|false)

Default
true
EnableSignInWithUsername

Mattermost allows users to sign in using their username and password. This setting is typically only used when email verification is disabled. (true|false)

Default
false
EnableSignUpWithEmail

Allow team creation and account signup using email and password. (true|false)

Default
true
FeedbackEmail

Address displayed on email account used when sending notification emails from Mattermost system.

Default
""
FeedbackName

Name displayed on email account used when sending notification emails from Mattermost system.

Default
""
FeedbackOrganization

Organization name and mailing address displayed in the footer of email notifications from Mattermost

Default
""
InviteSalt

32-character (to be randomly generated via System Console) salt added to signing of email invites.

Default
""
LoginButtonBorderColor

set the style of the email login button for white labelling purposes.

Default
""
LoginButtonColor

set the style of the email login button for white labelling purposes.

Default
""
LoginButtonText

SAML

Default
  (Optional) The text that appears in the login button on the login page. Defaults to
    SAML.
LoginButtonTextColor

set the style of the email login button for white labelling purposes.

Default
""
PushNotificationContents

Controlls how much detail is provided in push notifications. (generic|full) Generic only sends User and Channel

Default
generic
PushNotificationServer

Location of Mattermost Push Notification Service (MPNS), which re-sends push notifications from Mattermost to services like Apple Push Notification Service (APNS) and Google Cloud Messaging (GCM).

Default
https://push-test.mattermost.com
RequireEmailVerification

Require email verification after account creation prior to allowing login. (true|false)

Default
false
SMTPPassword

Obtain this credential from the administrator setting up your email server.

Default
""
SMTPPort

Port of SMTP email server.

Default
""
SMTPServer

Location of SMTP email server.

Default
""
SMTPUsername

Obtain this credential from the administrator setting up your email server.

Default
""
SendEmailNotifications

Enables sending of email notifications.

Default
false
SendPushNotifications

Your Mattermost server sends mobile push notifications to the server specified in PushNotificationServer.

Default
false
UseChannelInEmailNotifications

whether email notifications contain the channel name in the subject line

Default
false

ExperimentalSettings

ClientSideCertCheck

To control whether email and password are required following client-side certification.

Default
secondary
ClientSideCertEnable

To enable client-side certification for your Mattermost server.

Default
false
DisablePostMetadata

True: Disabling post metadata is only recommended if you are experiencing a significant decrease in performance around channel and post load times. False: Load channels with more accurate scroll positioning by loading post metadata.

Default
false
LinkMetadataTimeoutMilliseconds

Adds a configurable timeout for requests made to return link metadata. If the metadata is not returned before this timeout expires, the message will post without requiring metadata. This timeout covers the failure cases of broken URLs and bad content types on slow network connections.

Default
5000

FileSettings

AmazonS3AccessKeyId

Obtain this credential from your Amazon AWS administrator.

Default
""
AmazonS3Bucket

Name you selected for your S3 bucket in AWS.

Default
""
AmazonS3Endpoint

Endpoint to use for S3

Default
s3.amazonaws.com
AmazonS3Region

AWS region you selected for creating your S3 bucket.

Default
""
AmazonS3SSE

enable S3 Server Side Encryption for file uploads

Default
true
AmazonS3SSL

Enables only secure Amazon S3 Connections. (true|false)

Default
true
AmazonS3SecretAccessKey

Obtain this credential from your Amazon AWS administrator.

Default
""
AmazonS3SignV2

By default, Mattermost uses Signature V4 to sign API calls to AWS, but under some circumstances, V2 is required. For more information about when to use V2, see http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html

Default
false
AmazonS3Trace

Additional debugging information is included in the system logs. Typically set to false in production.

Default
false
Directory

Directory to which files are written.

Default
/var/vcap/store/mattermost/
DriverName

Storage system where files and image attachments are saved. (local|amazons3)

Default
local
EnableFileAttachments

When false, users cannot upload files and images by attaching them to messages.

Default
true
EnableMobileDownload

When false, disables file downloads on mobile apps. Users can still download files from a mobile web browser.

Default
true
EnableMobileUpload

When false, disables file uploads on mobile apps. All file and image uploads on messages are forbidden across clients and devices, including mobile.

Default
true

Allow users to generate public links to files and images for sharing outside the Mattermost system with a public URL.

Default
true
MaxFileSize

Maximum file size for message attachments entered in megabytes in the System Console UI. Converted to bytes in config.json at 1048576 bytes per megabyte. (Default of 52428800 is 50MB)

Default
5.24288e+07
PublicLinkSalt

32-character salt added to the URL of public links when public links are enabled.

Default
""

GitLabSettings

AuthEndpoint

The authorization endpoint.

Default
""
Enable

Enable GitLab authentication

Default
false
Id

The client application ID.

Default
""
Scope

The authorization scope.

Default
""
Secret

The client application secret.

Default
""
TokenEndpoint

The token endpoint.

Default
""
UserApiEndpoint

The user api endpoint.

Default
""

ImageProxySettings

Enable

When true, enables an image proxy for loading external images. The image proxy is used by the Mattermost apps to prevent them from connecting directly to remote servers. This anonymizes their connections and prevents them from accessing insecure content.

Default
true
ImageProxyType

The type of image proxy used by Mattermost. There are two options - 1) local - The Mattermost server itself acts as the image proxy. This is the default option. 2) atmos/camo - An external atmos/camo image proxy is used.

Default
local
RemoteImageProxySettings

The URL signing key passed to an atmos/camo image proxy. This setting is not needed when using the local image proxy.

Default
""
RemoteImageProxyURL

The URL of the atmos/camo proxy. This setting is not needed when using the local image proxy.

Default
""

JobSettings

RunJobs

enable running jobs on the job server

Default
true
RunScheduler

enable scheduling jobs on the job server

Default
true

LdapSettings

BaseDN

The Base Distinguished Name of the location where Mattermost should start its search for users in the AD/LDAP tree.

Default
""
BindPassword

Password of the user given in Bind Username. This field is required, and anonymous bind is not currently supported.

BindUsername

The username used to perform the AD/LDAP search.

ConnectionSecurity

The type of connection security Mattermost uses to connect to AD/LDAP. (“”|TLS|STARTTLS)

Default
""
EmailAttribute

The attribute in the AD/LDAP server that will be used to populate the email addresses of users in Mattermost.

Default
""
Enable

Mattermost allows login using AD/LDAP or Active Directory. (true|false)

Default
false
EnableSyncWithLdap

when true Mattermost periodically synchronizes SAML user attributes, including user deactivation and removal, with AD/LDAP

Default
false
FirstNameAttribute

(Optional) The attribute in the AD/LDAP server that will be used to populate the first name of users in Mattermost. When set, users will not be able to edit their First Name, since it is synchronized with the LDAP server. When blank, users can set their own First Name in Account Settings.

Default
""
GroupDisplayNameAttribute

(Optional) Enter an AD/LDAP Group Display name attribute used to populate Mattermost Group names.

Default
""
GroupFilter

(Optional) Enter an AD/LDAP Filter to use when searching for group objects (accepts general syntax). Only the groups selected by the query will be able accessible to Mattermost. This filter is defaulted to (|(objectClass=group)(objectClass=groupOfNames)(objectClass=groupOfUniqueNames)) when blank.

Default
""
GroupIdAttribute

(Required) Enter an AD/LDAP Group ID attribute to use as a unique identifier for Groups. This should be an AD/LDAP value that does not change.

Default
""
IdAttribute

The attribute in the AD/LDAP server that will be used as a unique identifier in Mattermost.

Default
""
LastNameAttribute

(Optional) The attribute in the AD/LDAP server that will be used to populate the last name of users in Mattermost. When set, users will not be able to edit their Last Name, since it is synchronized with the LDAP server. When blank, users can set their own Last Name in Account Settings.

Default
""
LdapPort

The port Mattermost will use to connect to the AD/LDAP server.

Default
389
LdapServer

The domain or IP address of the AD/LDAP server.

LoginButtonBorderColor

to set the style of the LDAP login button for white labelling purposes.

Default
""
LoginButtonColor

to set the style of the LDAP login button for white labelling purposes.

Default
""
LoginButtonTextColor

to set the style of the LDAP login button for white labelling purposes.

Default
""
LoginFieldName

The placeholder text that appears in the login field on the login page. Typically this would be whatever name is used to refer to AD/LDAP credentials in your company, so it is recognizable to your users. Defaults to AD/LDAP Username.

Default
""
LoginIdAttribute

To add an attribute in the AD/LDAP server used to log in to Mattermost.

Default
""
MaxPageSize

The maximum number of users the Mattermost server will request from the AD/LDAP server at one time. Use this setting if your AD/LDAP server limits the number of users that can be requested at once. 0 is unlimited.

Default
0
NicknameAttribute

(Optional) The attribute in the AD/LDAP server that will be used to populate the nickname of users in Mattermost. When set, users will not be able to edit their Nickname, since it is synchronized with the LDAP server. When blank, users can set their own Nickname in Account Settings.

Default
""
PositionAttribute

(Optional) The attribute in the AD/LDAP server that will be used to populate the position field in Mattermost (typically used to describe a person’s job title or role at the company). When set, users will not be able to edit their position, since it is synchronized with the LDAP server. When blank, users can set their own Position in Account Settings.

Default
""
QueryTimeout

The timeout value for queries to the AD/LDAP server.

Default
60
SkipCertificateVerification

Skips the certificate verification step for TLS or STARTTLS connections.

Default
false
SyncIntervalMinutes

Set how often Mattermost accounts synchronize attributes with AD/LDAP, in minutes.

Default
60
UserFilter

(Optional) Enter an AD/LDAP Filter to use when searching for user objects.

Default
""
UsernameAttribute

The attribute in the AD/LDAP server that will be used to populate the username field in Mattermost user interface.

Default
""

License

Enterprise Edition license file contents. EE features will not be available unless this is set.

Default
""

LogSettings

ConsoleJson

When true, logged events are written in a machine readable JSON format. When false, logged events are written in plain text.

Default
true
ConsoleLevel

Level of detail at which log events are written to the console when EnableConsole = true. (DEBUG|ERROR|INFO)

Default
INFO
EnableConsole

Output log messages to the console based on ConsoleLevel option. The server writes messages to the standard output stream (stdout).

Default
true
EnableDiagnostics

To improve the quality and performance of future Mattermost updates, this option sends error reporting and diagnostic information to Mattermost, Inc. (true|false)

Default
true
EnableFile

Typically set to true in production. When true, logged events are written to the mattermost.log file in the directory specified by the FileLocation setting.

Default
true
EnableWebhookDebugging

Contents of incoming webhooks are printed to log files for debugging. (true|false)

Default
true
FileJson

When true, logged events are written in a machine readable JSON format. When false, logged events are written in plain text.

Default
true
FileLevel

Level of detail at which log events are written to log files when EnableFile = true. (true|false)

Default
true
FileLocation

The location of the log files. The path that you set must exist and Mattermost must have write permissions in it.

Default
/var/vcap/sys/log/mattermost/

MessageExportSettings

BatchSize

to set how many new posts are batched together to a compliance export file

Default
10000
CustomerType

to allow selecting the type of Global Relay customer account the user’s organization has.

Default
A9
DailyRunTime

to set the time for the daily export job.

Default
01:00
EmailAddress

The email address your Global Relay server monitors for incoming compliance exports.

Default
""
EnableExport

to enable message export.

Default
false
ExportFromTimestamp

to set the timestamp for which posts to include in the message export.

Default
0
FileLocation

to set the message export location.

Default
export

MetricsSettings

BlockProfileRate

Value that controls the fraction of goroutine blocking events reported in the blocking profile.

Default
0
Enable

Mattermost enables performance monitoring collection and profiling.

Default
false
ListenAddress

The address the Mattermost server will listen on to expose performance metrics.

Default
:8067

NativeAppSettings

Configurable link to download the Android app.

Default
https://about.mattermost.com/mattermost-android-app/

Configurable link to a download page for Mattermost Apps.

Default
https://about.mattermost.com/downloads/

Configurable link to download the iOS app.

Default
https://about.mattermost.com/mattermost-ios-app/

PasswordSettings

Lowercase

At least one required

Default
false
MinimumLength

(E10 and higher) Minimum number of characters required for a valid password. (5-64)

Default
5
Number

At least one required

Default
false
Symbol

At least one required Valid symbols include: !“#$%&‘()*+,-./:;<=>?@[]^_`|~

Default
false
Uppercase

At least one required

Default
false

PluginSettings

Enable

If true, plugins are enabled on this server

Default
true
EnableUploads

Allows system administrators to upload new plugins. Set to false unless you are uploading a plugin

Default
false
PluginStates

set whether an installed plugin is active or not

Default
{}

Plugins

Jira
Enabled

You can configure JIRA webhooks to post message in Mattermost. To help combat phishing attacks, all posts are labelled by a BOT tag.

Default
false
Secret

The secret used to authenticate to Mattermost. Regenerating the secret for the webhook URL endpoint invalidates your existing JIRA integrations.

UserName

Select the username that this integration is attached to.

PrivacySettings

ShowEmailAddress

Show email address of all users. (true|false)

Default
true
ShowFullName

Show full name of all users. (true|false)

Default
true

RateLimitSettings

Enable

APIs are throttled at the rate specified by PerSec.

Default
false
MaxBurst

Maximum number of requests allowed beyond the per second query limit.

Default
100
MemoryStoreSize

Maximum number of user sessions connected to the system as determined by VaryByRemoteAddr and VaryByHeader variables.

Default
10000
PerSec

Throttle API at this number of requests per second if rate limiting is enabled.

Default
10
VaryByHeader

Vary rate limiting by HTTP header field specified (“”|X-Real-IP|X-Forwarded-For|anything you want)

Default
""
VaryByRemoteAddr

Rate limit API access by IP address.

Default
true
VaryByUser

user-based rate limiting, to rate limit on token and on userID.

Default
false

ServiceSettings

AllowCorsFrom

Enable HTTP cross-origin requests from specific domains separated by spaces. Type * to allow CORS from any domain or leave it blank to disable it.

Default
""
AllowEditPost

Set the time limit that users have to edit their messages after posting. (always|never|timelimit)

Default
always
AllowedUntrustedInternalConnections

see https://docs.mattermost.com/administration/config-settings.html#allow-untrusted-internal-connections-to

Default
""
CloseUnusedDirectMessages

If true Direct message conversations with no activity for 7 days will be hidden from the sidebar.

Default
false
ConnectionSecurity

Controls whether MM itself does TLS termination (set to “TLS” to get SSL termination) NOTE: TLSCertFile and TLSKeyFile must be set if this setting is “TLS”

Default
""
CorsAllowCredentials

Allows requests that pass validation to include the Access-Control-Allow-Credentials header.

Default
false
CorsDebug

Provides ability to print messages to the logs to help when developing an integration that uses CORS.

Default
false
CorsExposedHeaders

Allows you to add a whitelist of headers that will be accessible to the requester.

Default
""
DisableLegacyMFA

True - Disables the legacy checkMfa endpoint, which is only required for Mattermost Mobile Apps on version 1.16 or earlier when using multi-factor authentication (MFA). Recommended to set to true for additional security hardening. False - Keeps the legacy checkMfa endpoint enabled to support mobile versions 1.16 and earlier. Keeping the endpoint enabld creates an information disclosure about whether a user has set up MFA.

Default
false
EnableAPITeamDeletion

When true, the api/v4/teams/{teamid}?permanent=true API endpoint can be called by Team and System Admins to permanently delete a team.

Default
false
EnableAPIv3

Set to false to disable all version 3 endpoints of the REST API. Integrations that rely on API v3 will fail and can then be identified for migration to API v4. API v3 is deprecated and will be removed in the near future. See https://api.mattermost.com for details.

Default
true
EnableChannelViewedMessages

This setting determines whether channel_viewed WebSocket events are sent, which synchronize unread notifications across clients and devices. Disabling the setting in larger deployments may improve server performance.

Default
true
EnableCommands

Slash commands send events to external integrations that send a response back to Mattermost.

Default
false
EnableCustomEmoji

Enables a Custom Emoji option in the Main Menu, where users can go to create customized emoji.

Default
false
EnableDeveloper

Javascript errors are shown in a purple bar at the top of the user interface. Not recommended for use in production.

Default
false
EnableEmailInvitations

To disable email invitations on the system.

Default
false
EnableEmojiPicker

Enables an emoji picker that allows users to select emoji to add as reactions or use in messages. Enabling the emoji picker with a large number of custom emoji may slow down performance.

Default
true
EnableGifPicker

To enable a built-in GIF integration with Gfycat.

Default
false
EnableIncomingWebhooks

Developers building integrations can create webhook URLs for public channels and private channels.

Default
true
EnableInsecureOutgoingConnections

Outgoing HTTPS requests can accept unverified, self-signed certificates.

Default
false
EnableLinkPreviews

Enables users to display a preview of website content below the message, if available.

Default
false
EnableMultifactorAuthentication

(E10 or higher) When true, users with LDAP and email authentication will be given the option to require a phone-based passcode, in addition to their password-based authentication, to sign-in to the Mattermost server.

Default
false
EnableOAuthServiceProvider

Mattermost acts as an OAuth 2.0 service provider allowing Mattermost to authorize API requests from external applications.

Default
false
EnableOnlyAdminIntegrations

Webhooks and slash commands can only be created, edited and viewed by Team and System Admins, and OAuth 2.0 applications by System Admins.

Default
true
EnableOutgoingWebhooks

Developers building integrations can create webhook tokens for public channels.

Default
true
EnablePostIconOverride

Webhooks, slash commands and other integrations, such as Zapier, will be allowed to change the profile picture they post with.

Default
false
EnablePostUsernameOverride

Webhooks, slash commands, OAuth 2.0 apps, and other integrations such as Zapier, will be allowed to change the username they are posting as. If no username is present, the username for the post is the same as it would be for a setting of False.

Default
false
EnablePreviewFeatures

Enable the pre-release features menue in the account settings menu

Default
true
EnableSecurityFixAlert

Enable System Admins to be notified by email if a relevant security fix alert is announced. (true|false)

Default
true
EnableTesting

/loadtest slash command is enabled to load test accounts and test data.

Default
false
EnableTutorial

tutorial is shown to end users after account creation. This setting is experimental and may be replaced or removed in a future release.

Default
true
EnableUserAccessTokens

enable personal access tokens for integrations to authenticate against the REST API

Default
false
EnforceMultifactorAuthentication

(E10 or higher) Require MFA for all users.

Default
false
ExperimentalEnableAuthenticationTransfer

Users can change their sign-in method to any that is enabled on the server

Default
true
ExperimentalEnableDefaultChannelLeaveJoinMessages

allows disabling of leave/join messages in the default channel, usually Town Square.

Default
true
ExperimentalEnableHardenedMode

Enables a hardened mode for Mattermost that makes user experience trade-offs in the interest of security.

Default
false
ExperimentalGroupUnreadChannels

show an unread channel section in the webapp sidebar. The setting must first be enabled by the System Admin, by replacing disabled with either default_off or default_on

Default
disabled
Forward80To443

Determines if traffic on 80 is forwarded to 443. When using a proxy such as NGINX in front of Mattermost this setting is unnecessary and should be set to false.

Default
false
GfycatApiKey

Enter the client ID you receive via email to this field. When blank, uses the default API key provided by Gfycat.

Default
2_KtH_W5
GfycatApiSecret

The API secret generated by Gfycat for your API key. When blank, uses the default API secret provided by Gfycat.

Default
3wLVZPiswc3DnaiaFoLkDvB4X0IV6CpMkj4tf2inJRsBY6-FnkT08zGmppWFgeof
GoogleDeveloperKey

Google API developer key if request rate is too high. See https://docs.mattermost.com/administration/config-settings.html#google-api-key

Default
""
GoroutineHealthThreshold

set a threshold for number of goroutines (-1 is unlimited?? maybe)

Default
-1
ListenAddress

The address and port to which to bind and listen. Specifying “:8065” will bind to all network interfaces. Specifying 127.0.0.1:8065 will only bind to the network interface having that IP address.

Default
:8605
MaximumLoginAttempts

Failed login attempts allowed before a user is locked out and required to reset their password via email.

Default
10
PostEditTimeLimit

How many seconds does a user have to edit a message after posting it.

Default
300
RestrictCustomEmojiCreation

(E10 and greater) Determines who is allowed to create custom emoji (all|admin|system_admin)

Default
all
RestrictPostDelete

Restrict the permission level required to delete messages. Team Admins and System Admins can delete messages only in channels where they are members. Messages can be deleted anytime. (all|team_admin|system_admin)

Default
all
SessionCacheInMinutes

Set the number of minutes to cache a session in memory.

Default
10
SessionIdleTimeoutInMinutes

The number of minutes from the last time a user was active on the system to the expiry of the user’s session. Once expired, the user will need to log in to continue. Minimum is 5 minutes, and 0 is unlimited. NOTE: does not apply to mobile apps, In High Availability mode, enable IP hash load balancing for reliable timeout measurement. (consider AWS NLBs for this)

Default
0
SessionLengthMobileInDays

Set the number of days before native mobile sessions expire.

Default
30
SessionLengthSSOInDays

Set the number of days before SSO sessions expire. (gitlab)

Default
30
SessionLengthWebInDays

Set the number of days before web sessions expire and users will need to log in again.

Default
30
SiteURL

The URL, including port number and protocol, that users will use to access Mattermost. This field is required in Mattermost v3.8 and later. REQUIRED to be set

TLSCertFile

The path to the certificate file to use for TLS connection security.

Default
""
TLSKeyFile

The path to the TLS key file to use for TLS connection security.

Default
""
TLSMinVer

The minimum TLS version used by the Mattermost server. TLS v1.2 is default given insecurities for TLS 1.0 and 1.1. This setting only takes effect if you are using the built-in server binary directly, and not using a reverse proxy layer such as NGINX.

Default
"1.2"
TLSOverwriteCiphers

Set TLS ciphers overwrites to meet requirements from legacy clients which don’t support modern ciphers, or to limit the types of accepted ciphers. If none specified, the Mattermost server assumes a set of currently considered secure ciphers, and allows overwrites in the edge case. See the ServerTLSSupportedCiphers variable in /model/config.go for the list of ciphers considered secure. This setting only takes effect if you are using the built-in server binary directly, and not using a reverse proxy layer such as NGINX.

Default
[]
TLSStrictTransport

Adds the Strict Transport Security (HSTS) header to all responses, forcing the browser to request all resources via HTTPS.

Default
false
TLSStrictTransportMaxAge

The time in seconds that the browser remembers a site is only to be accessed using HTTPS. After this period, a site can be accessed using HTTP unless TLSStrictTransport is set to true. Defaults to two years.

Default
6.3072e+07
WebserverMode

gzip compression applies to the HTML, CSS, Javascript, and other static content files that make up the Mattermost web client. It is recommended to enable gzip to improve performance unless your environment has specific restrictions, such as a web proxy that distributes gzip files poorly. This setting requires a server restart to take effect. (gzip|Uncompressed|Disabled)

Default
gzip
WebsocketPort

This setting defines the port on which the unsecured WebSocket will listen using the ws protocol.

Default
80
WebsocketSecurePort

This setting defines the port on which the secured WebSocket will listen using the wss protocol.

Default
443

SqlSettings

AtRestEncryptKey

32-character (to be randomly generated via Admin Console) salt available to encrypt and decrypt sensitive fields in database.

Default
""
ConnMaxLifetimeMilliseconds

To configure the maximum lifetime for a connection to the database.

Default
3.6e+06
DataSource

This is the connection string to the master database.

DriverName

Either ‘postgres’ or ‘mysql’

MaxIdleConns

Maximum number of idle connections held open to the database.

Default
10
MaxOpenConns

Maximum number of open connections held open to the database.

Default
10
QueryTimeout

The number of seconds to wait for a response from the database after opening a connection and sending the query. Errors that you see in the UI or in the logs as a result of a query timeout can vary depending on the type of query.

Default
30
Trace

Executing SQL statements are written to the log for development.

Default
false

SupportSettings

Configurable link to an About page describing your organization may provide to end users.

Default
https://about.mattermost.com/default-about/

Configurable link to a Help page your organization may provide to end users.

Default
https://about.mattermost.com/default-help/

Configurable link to Privacy Policy your organization may provide to end users.

Default
https://about.mattermost.com/default-privacy-policy/

Set the link for the support website.

Default
https://about.mattermost.com/default-report-a-problem/
SupportEmail

Set an email for feedback or support requests.

Default

Configurable link to Terms of Service your organization may provide to end users.

Default
https://about.mattermost.com/default-terms/

TeamSettings

CustomBrandText

(E10 and greater) Custom text will be shown below custom brand image on left side of server login page.

Default
""
CustomDescriptionText

(E10 and greater) Description of service shown in login screens and UI.

Default
""
EnableConfirmNotificationsToChannel

Users will be prompted to confirm when posting @channel and @all in channels with over five members.

Default
true
EnableCustomBrand

(E10 and greater) Enables custom branding to show a JPG image some custom text on the server login page.

Default
false
EnableOpenServer

Users can sign up to the server from the root page without an invite.

Default
false
EnableTeamCreation

True: Ability to create a new team is enabled for all users. False: Only System Administrators can create teams from the team selection page. The Create A New Team button is hidden in the main menu UI.

Default
true
EnableUserCreation

Ability to create new accounts is enabled via inviting new members or sharing the team invite link. (true|false)

Default
true
EnableXToLeaveChannelsFromLHS

Users can leave Public and Private Channels by clicking the “x” beside the channel name.

Default
false
ExperimentalDefaultChannels

Allow choosing the default channels every user is added to automatically after joining a new team.

Default
""
ExperimentalEnableAutomaticReplies

Allows users to enable Automatic Replies in Account Settings > Notifications. Users set a custom message that will be automatically sent in response to Direct Messages.

Default
false
ExperimentalHideTownSquareinLHS

To hide Town Square in the left-hand sidebar if there are no unread messages in the channel.

Default
false
ExperimentalPrimaryTeam

to set the primary team of the server. This setting is experimental and may be replaced or removed in a future release.

Default
""
ExperimentalTownSquareIsReadOnly

Only Administrators can post in Town Square.

Default
false
MaxChannelsPerTeam

Maximum number of channels per team, including both active and deleted channels.

Default
2000
MaxNotificationsPerChannel

Maximum total number of users in a channel before @all, @here, and @channel no longer send notifications to maximize performance.

Default
1000
MaxUsersPerTeam

Maximum number of users per team, including both active and inactive users.

Default
50
RestrictCreationToDomains

Teams and user accounts can only be created by a verified email from this list of comma-separated domains (e.g. “corp.mattermost.com, mattermost.org”).

Default
""
RestrictDirectMessage

Determines who a user can direct message. ‘any’ - anyone on the server, ‘team’ - only users that share at least one team.

Default
any
RestrictPrivateChannelCreation

Restrict the permission level required to create private channels. (all|team_admin|system_admin)

Default
all
RestrictPrivateChannelDeletion

Restrict the permission level required to delete private channels. (all|channel_admin|team_admin|system_admin)

Default
all
RestrictPrivateChannelManageMembers

Set policy on who can add and remove members from private channels. (all|channel_admin|team_admin|system_admin)

Default
all
RestrictPrivateChannelManagement

Restrict the permission level required to rename and set the header or purpose for private channels. (all|channel_admin|team_admin|system_admin)

Default
all
RestrictPublicChannelCreation

Restrict the permission level required to create public channels. (all|team_admin|system_admin)

Default
all
RestrictPublicChannelDeletion

Restrict the permission level required to delete public channels. (all|channel_admin|team_admin|system_admin)

Default
all
RestrictPublicChannelManagement

Restrict the permission level required to rename and set the header or purpose for public channels. (all|channel_admin|team_admin|system_admin)

Default
all
RestrictTeamInvite

(E10 and higher) Set policy on who can invite others to a team using the Send Email Invite, Get Team Invite Link, and Add Members to Team options on the main menu. Options: (all|team_admin|system_admin)

Default
all
SiteName

Site name; it’s not Slack, it is…

Default
Mattermost
TeammateNameDisplay

see https://docs.mattermost.com/administration/config-settings.html#teammate-name-display

Default
username
ViewArchivedChannels

Allows users to share permalinks and search for content of channels that have been archived.

Default
true

ThemeSettings

AllowCustomThemes

Enables the Display > Theme > Custom Theme section in Account Settings.

Default
true
AllowedThemes

Select the themes that can be chosen by users when “EnableThemeSelection” is set to true.

Default
'["default", "organization", "mattermostDark", "windows10"]'
DefaultTheme

Set a default theme that applies to all new users on the system.

EnableThemeSelection

Enables the Display > Theme tab in Account Settings so users can select their theme.

Default
true

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/mattermost/ directory (learn more).

  • bin/ctl (from bin/ctl)
  • bin/monit_debugger (from bin/monit_debugger)
  • bin/pre-start (from bin/pre-start)
  • config/initial-config.json (from config/initial-config.json.erb)
  • config/license (from config/license.erb)
  • data/properties.sh (from data/properties.sh.erb)
  • helpers/ctl_setup.sh (from helpers/ctl_setup.sh)
  • helpers/ctl_utils.sh (from helpers/ctl_utils.sh)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.