Configuring CloudFront to host Mattermost static assets#
Available on all plans
self-hosted deployments
Configuring CloudFront to host Mattermost’s static assets allows for improved caching performance and shorter load times for those members of your team geographically distributed throughout the world.
Create an S3 bucket using your desired domain. In our example it will be
mattermost.example.com
.Enable static hosting for your S3 bucket.
If your SiteURL is configured with a subpath (such as
https://example.com/company/mattermost
), your static assets must be rewritten before uploading. You can use the command below to rewrite the assets for the given subpath:mattermost config subpath --path /company/mattermost
From the Mattermost distribution, upload the
client
directory to S3 and rename it tostatic
. You can use the AWS CLI command below from within theclient
directory to upload all the files to S3. The files must be publicly readable with the permissionpublic-read
.aws s3 cp --acl public-read --recursive . s3://static.spinmint.com/static/
Set up your Mattermost app server and create a record from a subdomain of your desired domain to point directly to your app server. This is to bypass CloudFront to connect WebSockets. For our example, we will use the domain
ws.mattermost.example.com
. If you have multiple app servers, this domain should point to the load balancer/proxy such as ALB or NGINX.Create a Web CloudFront distribution with the following configuration.
Set Origin Domain Name to the S3 bucket you created above.
(Recommended) Set Redirect HTTP to
HTTPS
for Viewer Protocol Policy.Set allowed HTTP Methods to
GET, HEAD, OPTIONS, POST, PATCH, DELETE
.Set Forward Cookies to
All
.Set Query string forwarding and Caching to
Forward all, cache based on all
.Set your Alternate Domain Names to the domain you want Mattermost to be accessible from, e.g.
mattermost.example.com
.Select
Custom SSL Certificate
and set the certificate for your domain.Set Default Root Object to
/static/root.html
.
After creating your distribution, you need to add an additional origin. Select the origins tab and create an origin. Set the origin domain name to your Mattermost load balancer.
Next, create a behavior.
Set the Path Pattern to
/api/*
.Set the origin to your Mattermost app server or load balancer.
Set allowed HTTP Methods to
GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE
.Set Forward Cookies to All.
Set Query string forwarding and Caching to
Forward all, cache based on all
.
Next, set up some custom error responses under the Error Pages tab.
Set HTTP Error Code to
403
.Set Customize Error Response to
Yes
.Set response page path to
/static/root.html
.Set HTTP Response Code to
200
.Repeat the above steps for HTTP Error Code 404.
Now, you can set up the domain you want Mattermost to be served from to point to your CloudFront distribution. Setting up this domain is beyond the scope of this guide.
Finally, set these Mattermost
config.json
settings:SiteURL:
https://mattermost.example.com
WebsocketURL:
wss://ws.mattermost.example.com
AllowCorsFrom:
https://mattermost.example.com
AllowCookiesForSubdomains:
true
Upgrade Notes#
When you upgrade your Mattermost app servers, you will need to re-upload the new client to your S3 bucket (see steps 3 and 4 above).
You should also run a CloudFront invalidation for /static/root.html
. You can do this in the console under the invalidations tab.