Now that the app can receive push notifications, we need to make sure that the Mattermost Push Notification Service is able to send the notification to the device. This guide will focus on installing and configuring the push notification service.
For the sake of making this guide simple we located the files at /home/ubuntu/mattermost-push-proxy
. We’ve also elected to run the Push Notification Service as the ubuntu
account for simplicity. We recommend setting up
and running the service under a mattermost-push-proxy
user account with limited permissions.
Download the Mattermost Push Notification Service (any version):
wget https://github.com/mattermost/mattermost-push-proxy/releases/download/vX.X.X/mattermost-push-proxy-X.X.X.tar.gz
in the previous command vX.X.X
refers to the release version you want to download, see Mattermost Push Notification Service releases.
If you are upgrading a previous version of the Mattermost Push Notification Service make sure to backup your mattermost-push-proxy.json
file before continuing.
Unzip the downloaded Mattermost Push Notification Service by typing:
tar -xvzf mattermost-push-proxy-X.X.X.tar.gz
Configure the Mattermost Push Notification service by editing the mattermost-push-proxy.json
file at /home/ubuntu/mattermost-push-proxy/config
. Follow the steps in the Android
and iOS sections to replace the values in the config file.
Create a systemd unit file to manage the Mattermost Push Notification Services with systemd and log all output of the service to /var/log/syslog
by running this command as root.
echo "[Unit]
Description=Mattermost Push Notification Service
[Service]
Type=oneshot
ExecStart=/bin/sh -c '/home/ubuntu/mattermost-push-proxy/bin/mattermost-push-proxy | logger'
WorkingDirectory=/home/ubuntu/mattermost-push-proxy
[Install]
WantedBy=multi-user.target" >> /etc/systemd/system/mattermost-push-proxy.service
To route the traffic through a separate proxy server, add Environment="HTTP_PROXY=<http://server>"
under the [Service]
section of the file. If you have an HTTPS server, then use HTTPS_PROXY
. If you set both then HTTPS_PROXY
will take higher priority than HTTP_PROXY
.
Start the service with sudo systemctl start mattermost-push-proxy
or restart with sudo systemctl restart mattermost-push-proxy
. Use sudo systemctl enable mattermost-push-proxy
to have systemd start the service on boot.
Go to the Firebase Console and select the project you’ve created. Once in the dashboard, go to the project settings and select CLOUD MESSAGING.
Look for the value of the Server key and copy it.
Open the mattermost-push-proxy.json file in the mattermost-push-proxy/config
directory and look for the “AndroidApiKey” entry. Paste the Server key as its value.
"AndroidApiKey": "your Server key"
Double click the Distribution Certificate generated while Setup Push Notifications for iOS to add it to your Keychain Access. Go to Keychain Access, select the login keychain and My Certificates from the side menu.
Find the certificate you imported and then right click to export it as a .p12 file
Enter a name for the filename and click Save
Leave the password blank and then click OK
Convert the downloaded certificate to .pem
\$ openssl x509 -in aps.cer -inform DER -out aps_production.pem
Extract the private key from the certificate you exported ..
\$ openssl pkcs12 -in Certificates.p12 -out aps_production_priv.pem -nodes -clcerts -passin pass:
Verify the certificate works with apple
\$ openssl s_client -connect gateway.push.apple.com:2195 -cert aps_production.pem -key aps_production_priv.pem
Copy the private key file aps_production_priv.pem
into your mattermost-push-proxy/config
directory
Open the mattermost-push-proxy.json file under the mattermost-push-proxy/config
directory and add the path to the private key file as the value for “ApplePushCertPrivate” and the value for “ApplePushTopic” with your Bundle Identifier
curl http://127.0.0.1:8066/api/v1/send_push -X POST -H "Content-Type: application/json" -d '{"type": "message", "message": "test", "badge": 1, "platform": "PLATFORM", "server_id": "MATTERMOST_DIAG_ID", "device_id": "DEVICE_ID", "channel_id": "CHANNEL_ID"}'
MATTERMOST_DIAG_ID
with the value found by running the SQL query:SELECT * FROM Systems WHERE Name = 'DiagnosticId';
DEVICE_ID
with your device ID, which can be found using (where your_email@example.com
is the email address of the user you are logged in as):SELECT
Email, DeviceId
FROM
Sessions,
Users
WHERE
Sessions.UserId = Users.Id
AND DeviceId != ''
AND Email = 'your_email@example.com';
CHANNEL_ID
with the Town Square channel ID, which can be found using:SELECT Id FROM Channels WHERE DisplayName = 'Town Square';
To view the log file, use:
$ sudo tail -n 1000 /var/log/upstart/mattermost-push-proxy.log
2018/04/13 12:39:24 CRIT Failed to load the apple pem cert err=failed to parse PKCS1 private key for type=apple_rn
panic: Failed to load the apple pem cert err=failed to parse PKCS1 private key for type=apple_rn
aps_production.cer
openssl x509 -in aps.cer -inform DER -out aps_production.pem
aps_production.cer
to install it into the keychain toolopenssl pkcs12 -in Certificates.p12 -out intermediate.pem -nodes -clcerts
openssl rsa -in intermediate.pem -out intermediate_rsa_priv.pem
sed -i '/^-----BEGIN PRIVATE KEY-----$/,$d' intermediate.pem
cat intermediate.pem intermediate_rsa_priv.pem >> aps_production_priv.pem && rm intermediate.pem intermediate_rsa_priv.pem
openssl s_client -connect gateway.push.apple.com:2195 -cert aps_production.pem -key aps_production_priv.pem
For issues with repro steps, please report to https://github.com/mattermost/mattermost-server/issues