You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: source/administration/backup.rst
+50-1Lines changed: 50 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -28,7 +28,7 @@ To backup your Mattermost server:
28
28
To restore a Mattermost instance from backup, restore your database, ``config.json`` file and optionally locally stored user files into the locations from which they were backed up.
29
29
30
30
Disaster Recovery
31
-
-----------------
31
+
---------------------------
32
32
33
33
An appropriate disaster recovery plan weighs the benefits of mitigating specific risks against the cost and complexity of setting up disaster recovery infrastructure and automation.
34
34
@@ -59,3 +59,52 @@ A properly deployed high availability setup automatically switches over to a red
59
59
60
60
A "complete" disaster recovery solution would protect against both real-time hardware failures using high availability, data corruption failures using automated, and failures of the primary data center by offering both offsite backup and offsite redundant infrastructure. Because the complexity of a full disaster recovery solution is high, it is common for customers to consider trade-offs in cost and complexity relative to the anticipated risks and target recovery times.
61
61
62
+
Failover from single sign-in outage
63
+
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
64
+
65
+
When using single sign-on with Mattermost Enterprise Edition an outage to your SSO provider can cause a partial outage on your Mattermost instance.
66
+
67
+
**What happens during an SSO outage?**
68
+
69
+
_Most people can still log in_ - By default, when a user logs in to Mattermost they receive a session token lasting 30 days (the duration can be configured in the System Console). During an SSO outage, users with valid session tokens can continue to using Mattermost uninterrupted.
70
+
71
+
_Some people can't log in_ - During an SSO outage, there are two situations under which a user cannot log in:
72
+
73
+
a) Users whose session token expires during the outage
74
+
75
+
b) Users trying to log in to new devices
76
+
77
+
In each case, the user cannot reach the SSO provider, and cannot log in. In this case, there are several potential mitigations:
78
+
79
+
1) Configure your SSO provider for high availability
80
+
81
+
If you're using a self-hosted single sign-on provider, several options are available for `high availability configurations that protect your system from unplanned outages. <https://docs.microsoft.com/en-us/microsoft-identity-manager/pam/high-availability-disaster-recovery-considerations-bastion-environment>`_
82
+
83
+
For SaaS-based authentication providers, while you still have a dependency on service uptime, you can set up redundancy in source systems from which data is being pulled. For example, with the OneLogin SaaS-based authentication service, you can set up `high availability LDAP connectivity <https://support.onelogin.com/hc/en-us/articles/204262680-High-Availability-for-LDAP>`_ to further reduce the chances of an outage.
84
+
85
+
2) Set up your own IDP to provide an automated or manual SSO failover option
86
+
87
+
Create a custom Identity Provider for SAML authentication that connects to both an active and a standby authentication option, that can be manually or automatically switched in case of an outage.
88
+
89
+
In this configuration, security should be carefully reviewed to prevent the standby SSO option from weakening your authentication protocols.
90
+
91
+
3) Set up a manual failover plan for SSO outages
92
+
93
+
When users are unable to reach your organization's SSO provider during an outage, an error message informing the users to contact your support link (defined in your System Console settings) is displayed.
94
+
95
+
Once IT is contacted about an SSO outage issue, they can temporarily change a user's account from SSO to email-password using the System Console, and the end user can use password to claim the account, until the SSO outage is over and the account can be converted back to SSO.
96
+
97
+
If the administrator is unable to log into the System Console because of the SSO outage, they can switch their authentication method to email-password to gain access using the `command line tool <https://docs.mattermost.com/administration/command-line-tools.html>`_.
98
+
99
+
It is highly important after the outage to switch everyone back to SSO from email-password to maintain consistency and security.
Copy file name to clipboardExpand all lines: source/administration/config-settings.rst
+8-6Lines changed: 8 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -66,7 +66,7 @@ Connection Security
66
66
**TLS**: Encrypts the communication between Mattermost and your server. See [documentation](https://docs.mattermost.com/install/setup-tls.html) for more details.
Enter ``https://<your-gitlab-url>/oauth/authorize`` (example: ``https://example.com:3000/api/v3/user``). Use HTTP or HTTPS depending on how your server is configured.
591
+
Enter ``https://<your-gitlab-url>/api/v3/user`` (example: ``https://example.com:3000/api/v3/user``). Use HTTP or HTTPS depending on how your server is configured.
Enter ``https://<your-gitlab-url>/oauth/authorize`` (example: ``https://example.com:3000/oauth/token``). Use HTTP or HTTPS depending on how your server is configured.
607
+
Enter ``https://<your-gitlab-url>/oauth/token`` (example: ``https://example.com:3000/oauth/token``). Use HTTP or HTTPS depending on how your server is configured.
Vary rate limiting by HTTP header field specified (e.g. when configuring Ngnix set to "X-Real-IP", when configuring AmazonELB set to "X-Forwarded-For").
1953
+
Vary rate limiting by HTTP header field specified (e.g. when configuring Ngnix set to "X-Real-IP", when configuring AmazonELB set to "X-Forwarded-For"). Recommended to be set if you're using a proxy.
Copy file name to clipboardExpand all lines: source/administration/migrating.rst
+73-1Lines changed: 73 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -26,4 +26,76 @@ The following instructions migrate Mattermost from one server to another by back
26
26
Migrating from Slack
27
27
====================
28
28
29
-
You can import channels and users from Slack into Mattermost from Team Settings > Import. Please review our documentation on `Slack Import <https://docs.mattermost.com/help/settings/team-settings.html#import-from-slack-beta>`_ for more details.
29
+
.. note:: As a proprietary SaaS service, Slack is able to change its export format quickly and without notice. If you encounter issues not mentioned in the documentation below, please alert the product team by `filing an issue <https://www.mattermost.org/filing-issues/>`_.
30
+
31
+
The Slack Import feature in Mattermost is in "Beta" and focused on supporting migration of teams of less than 100 registered users.
32
+
33
+
This feature can be accessed through the `Mattermost Web App <https://docs.mattermost.com/administration/migrating.html#migrating-from-slack-using-the-mattermost-web-app>`_ or using the `CLI <https://docs.mattermost.com/administration/migrating.html#migrating-from-slack-using-the-mattermost-cli>`_.
34
+
35
+
.. warning:: **It is highly recommended that you test Slack import before applying it to an instance intended for production.**
36
+
37
+
If you use Docker, you can spin up a test instance in one line:
38
+
39
+
.. code:: bash
40
+
41
+
docker run --name mattermost-dev -d --publish 8065:80 mattermost/platform
42
+
43
+
If you don't use Docker, there are `step-by-step instructions <https://docs.mattermost.com/install/docker-local-machine.html>`_ to install Mattermost in preview mode in less than 5 minutes.
44
+
45
+
Supported Features
46
+
++++++++++++++++++
47
+
48
+
The following key features are supported when importing from Slack:
49
+
50
+
* User accounts with an email address set
51
+
52
+
* Public channels and the text messages posted in them
53
+
54
+
* Channel topic and purpose
55
+
56
+
* Imported users added automatically to their channels
57
+
58
+
Messages with file attachments are imported as a message containing a link to Slack's servers by default. The file attachments themselves can be imported to Mattermost by using the `Slack Advanced Exporter <https://github.com/grundleborg/slack-advanced-exporter>`_ tool to add them to your archive before importing it.
59
+
60
+
Bot and Integration messages are imported by default, but if you would like them to display with the appropriate username when imported, you should ensure that `Enable Integrations to Override Usernames <https://docs.mattermost.com/administration/config-settings.html#enable-integrations-to-override-usernames>`_ is set in **System Console > Integrations > Custom Integrations** *before* doing the import.
61
+
62
+
.. note:: Slack user accounts with the same email address as existing accounts on your Mattermost server will be merged into those accounts on import.
63
+
64
+
Limitations
65
+
+++++++++++
66
+
67
+
The following limitations are present when importing from Slack:
68
+
69
+
* The Markdown subset used by Slack's Posts 2.0 feature announced on September 28, 2015 is not yet supported.
70
+
71
+
* Direct Message and Private Groups cannot be imported. Slack does not include these messages when generating the export archive.
72
+
73
+
Migrating from Slack using the Mattermost Web App
74
+
+++++++++++++++++++++++++++++++++++++++++++++++++
75
+
76
+
.. note:: For larger imports, particularly those where you have used the `slack-advanced-exporter tool` to add Slack post attachments to the archive, it is recommended to import the Slack data using the `CLI <https://docs.mattermost.com/administration/migrating.html#migrating-from-slack-using-the-mattermost-cli>`_.
77
+
78
+
1. Generate a Slack "Export" file from **Slack > Team Settings > Import/Export Data > Export > Start Export**.
79
+
80
+
2. In Mattermost go to **Team Settings > Import > Import from Slack**. Team Admin or System Admin role is required to access this menu option.
81
+
82
+
3. Click **Select file** to upload Slack export file and click **Import**.
83
+
84
+
85
+
Migrating from Slack using the Mattermost CLI
86
+
+++++++++++++++++++++++++++++++++++++++++++++
87
+
88
+
1. Generate a Slack "Export" file from **Slack > Team Settings > Import/Export Data > Export > Start Export**.
89
+
90
+
2. Run the following Mattermost CLI command, with the name of a team you have already created:
* During the import process, the emails and usernames from Slack are used to create new Mattermost accounts.
98
+
99
+
* Slack users can activate their new Mattermost accounts by using Mattermost's Password Reset screen with their email addresses from Slack to set new passwords for their Mattermost accounts.
100
+
101
+
* Once logged in, Mattermost users will have access to previous Slack messages in the public channels imported from Slack.
0 commit comments