I set up a mattermost chat server at my last job, but half the team was on board with it. I thought it would be fun to set up a chat server for fun.
After a little bit of troubleshooting on my home network, it was going too slow for my liking and I think Comcast really does filter traffic and the last time the Comcast guy was there to upgrade something, we got a new modem and it’s on a 10.0.0.0/24 network and then plugs into a router which is a 192.168.1.0/24 network, which creates a double-NAT situation. I thought I could work around this, and I did, but the page would resolve really slowly.
So the first thing I ran in to was I only had certbot set up for the domain miles-smith.info and www.miles-smith.info. I tried to modify it so it would create a certificate for chat.miles-smith.info, but it didn’t work. After a little bit of digging and thinking about it, I realized I should have created a wildcard DNS certificate, so I issued this command and it generated them to the appropriate folder:
./certbot-auto certonly --manual --preferred-challenges=dns [[EMAIL]] --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.miles-smith.info
I should have screenshot what it asked for, but I had to create a DNS record that they asked for with a generated TXT field to verify that I did indeed have that domain but here’s a screenshot of my Route53 settings that I added.
I did have a little bit of trouble getting the certificate and key loaded into the mattermost configuration because I was editing it through their server GUI, but after some digging I just edited the mattermost.conf file directly and pointed the ssl certificate and key to what I had generated. I also didn’t have the permissions set properly on them so I had to change them as well.
It was a bit more involved than that, but I’m leaving out the searching and digging and Comcast issues. I also looked for a place to host it, but lightsail seemed as good as place as any.