Adding steps for RHEL 6

3 files changed, 221 insertions, 2 deletions

diff --git a/doc/install/Production-RHEL6.md b/doc/install/Production-RHEL6.md
new file mode 100644
index 000000000..168aa96e1
--- /dev/null
+++ b/doc/install/Production-RHEL6.md
@@ -0,0 +1,219 @@
+# Production Installation on Red Hat Enterprise Linux 6.6+
+
+## Install Red Hat Enterprise Linux (x64) 6.6+
+1. Set up 3 machines with RHEL with 2GB of RAM or more.  The servers will be used for the Load Balancer, Mattermost (this must be x64 to use pre-built binaries), and Database.
+   - **Optional:** You can also use a single machine for all 3 components in this install guide, depending on the standards of your data center.
+2. Make sure the system is up to date with the most recent security patches.
+  * ``` sudo yum update```
+  * ``` sudo yum upgrade```
+
+## Set up Database Server
+1. For the purposes of this guide we will assume this server has an IP address of `10.10.10.1`
+  - **Optional:** if installing on the same machine substitute `10.10.10.1` with `127.0.0.1`
+1. Install PostgreSQL 9.4+ (or MySQL 5.6+)
+  * ``` sudo yum install http://yum.postgresql.org/9.4/redhat/rhel-6-x86_64/pgdg-redhat94-9.4-1.noarch.rpm```
+  * ``` sudo yum install postgresql94-server postgresql94-contrib```
+  * ``` sudo service postgresql-9.4 initdb```
+  * ``` sudo chkconfig postgresql-9.4 on```
+  * ``` sudo service postgresql-9.4 start```
+1. PostgreSQL created a user account called `postgres`.  You will need to log into that account with:
+  * ``` sudo -i -u postgres```
+1. You can get a PostgreSQL prompt by typing:
+  * ``` psql```
+1. Create the Mattermost database by typing:
+  * ```postgres=# CREATE DATABASE mattermost;```
+1. Create the Mattermost user by typing:
+  * ```postgres=# CREATE USER mmuser WITH PASSWORD 'mmuser_password';```
+1. Grant the user access to the Mattermost database by typing:
+  * ```postgres=# GRANT ALL PRIVILEGES ON DATABASE mattermost to mmuser;```
+1. You can exit out of PostgreSQL by typing:
+  * ```postgres=# \q```
+1. You can exit the Postgres account by typing:
+  * ``` exit```
+1. Allow Postgres to listen on all assigned IP Addresses:
+  * ```sudo vi /var/lib/pgsql/9.4/data/postgresql.conf```
+  * Uncomment 'listen_addresses' and change 'localhost' to '*'
+1. Alter `pg_hba.conf` to allow the Mattermost Server to talk to the Postgres database:
+  * ```sudo vi /var/lib/pgsql/9.4/data/pg_hba.conf```
+  * Add the following line to the 'IPv4 local connections':
+  * host    all             all             10.10.10.2/32         md5
+1. Reload Postgres database:
+  * ```sudo service postgresql-9.4 restart```
+1. Attempt to connect with the new created user to verify everything looks good:
+  * ```psql --host=10.10.10.1 --dbname=mattermost --username=mmuser --password```
+  * ```mattermost=> \q```
+
+
+## Set up Mattermost Server
+1. For the purposes of this guide we will assume this server has an IP address of `10.10.10.2`
+1. Download the latest Mattermost Server by typing:
+  * ``` wget https://github.com/mattermost/platform/releases/download/v1.3.0/mattermost.tar.gz```
+1. Install Mattermost under `/opt`
+   * Unzip the Mattermost Server by typing:
+   * ``` tar -xvzf mattermost.tar.gz```
+   * ``` sudo mv mattermost /opt```
+1. Create the storage directory for files.  We assume you will have attached a large drive for storage of images and files.  For this setup we will assume the directory is located at `/opt/mattermost/data`.
+  * Create the directory by typing:
+  * ``` sudo mkdir -p /opt/mattermost/data```
+1. Create a system user and group called mattermost that will run this service:
+   * ``` sudo useradd -r mattermost -U```
+   * Set the Mattermost account as the directory owner by typing:
+   * ``` sudo chown -R mattermost:mattermost /opt/mattermost```
+   * ``` sudo chmod -R g+w /opt/mattermost```
+   * Add yourself to the mattermost group to ensure you can edit these files:
+   * ``` sudo usermod -a -G mattermost USERNAME```
+1. Configure Mattermost Server by editing the `config.json` file at `/opt/mattermost/config`
+  * ``` cd /opt/mattermost/config```
+  * Edit the file by typing:
+  * ``` sudo vi config.json```
+  * replace `DriverName": "mysql"` with `DriverName": "postgres"`
+  * replace `"DataSource": "mmuser:mostest@tcp(dockerhost:3306)/mattermost_test?charset=utf8mb4,utf8"` with `"DataSource": "postgres://mmuser:mmuser_password@10.10.10.1:5432/mattermost?sslmode=disable&connect_timeout=10"`
+  * Optionally you may continue to edit configuration settings in `config.json` or use the System Console described in a later section to finish the configuration.
+1. Test the Mattermost Server
+  * ``` cd /opt/mattermost/bin```
+  * Run the Mattermost Server by typing:
+  * ``` sudo su mattermost```
+  * ``` ./platform```
+  * You should see a console log like `Server is listening on :8065` letting you know the service is running.
+  * Stop the server for now by typing `Ctrl-C`
+1. Setup Mattermost to use the Upstart daemon which handles supervision of the Mattermost process.
+  * ``` sudo touch /etc/init/mattermost.conf```
+  * ``` sudo vi /etc/init/mattermost.conf```
+  * Copy the following lines into `/etc/init/mattermost.conf`
+```
+start on runlevel [2345]
+stop on runlevel [016]
+respawn
+chdir /opt/mattermost
+exec bin/platform
+```
+  * You can manage the process by typing:
+  * ``` sudo start mattermost```
+  * Verify the service is running by typing:
+  * ``` curl http://10.10.10.2:8065```
+  * You should see a page titles *Mattermost - Signup*
+  * You can also stop the process by running the command ` sudo stop mattermost`, but we will skip this step for now.
+
+## Set up Nginx Server
+1. For the purposes of this guide we will assume this server has an IP address of `10.10.10.3`
+1. We use Nginx for proxying request to the Mattermost Server.  The main benefits are:
+  * SSL termination
+  * HTTP to HTTPS redirect
+  * Port mapping :80 to :8065
+  * Standard request logs
+1. Install Nginx on RHEL with
+  * ``` sudo vi /etc/yum.repos.d/nginx.repo```
+  * Copy the below into the file
+```
+[nginx]
+name=nginx repo
+baseurl=http://nginx.org/packages/rhel/6/$basearch/
+gpgcheck=0
+enabled=1
+```
+  * ``` sudo yum install nginx.x86_64```
+  * ``` sudo service nginx start```
+  * ``` sudo chkconfig nginx on```
+1. Verify Nginx is running
+  * ``` curl http://10.10.10.3```
+  * You should see a *Welcome to nginx!* page
+1. Map a FQDN (fully qualified domain name) like **mattermost.example.com** to point to the Nginx server.
+1. Configure Nginx to proxy connections from the internet to the Mattermost Server
+  * Create a configuration for Mattermost
+  * ``` sudo touch /etc/nginx/conf.d/mattermost.conf```
+  * Below is a sample configuration with the minimum settings required to configure Mattermost
+```
+   server {
+    server_name mattermost.example.com;
+      location / {
+      client_max_body_size 50M;
+      proxy_set_header Upgrade $http_upgrade;
+          proxy_set_header Connection "upgrade";
+      proxy_set_header Host $http_host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header   X-Frame-Options   SAMEORIGIN;
+          proxy_pass http://10.10.10.2:8065;
+      }
+    }
+```
+  * Remove the existing file with:
+  * ``` sudo mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak```
+  * Restart Nginx by typing:
+  * ``` sudo service nginx restart```
+  * Verify you can see Mattermost thru the proxy by typing:
+  * ``` curl http://localhost```
+  * You should see a page titles *Mattermost - Signup*
+  * Not seeing the page?  Look for errors with ``` sudo cat /var/log/audit/audit.log | grep nginx | grep denied```  
+  * **Optional** if you're running on the same server as the Mattermost server and see 502 errors you may need to run `sudo setsebool -P httpd_can_network_connect true` because SELinux is preventing the connection
+
+## Set up Nginx with SSL (Recommended)
+1. You will need a SSL cert from a certificate authority.
+1. For simplicity we will generate a test certificate.
+  * ``` mkdir /top/mattermost/cert```
+  * ``` cd /top/mattermost/cert```
+  * ``` sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mattermost.key -out mattermost.crt```
+  * Input the following info 
+```
+    Country Name (2 letter code) [AU]:US
+    State or Province Name (full name) [Some-State]:California
+    Locality Name (eg, city) []:Palo Alto
+    Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example LLC
+    Organizational Unit Name (eg, section) []:
+    Common Name (e.g. server FQDN or YOUR name) []:mattermost.example.com
+    Email Address []:admin@mattermost.example.com
+```
+1. Modify the file at `/etc/nginx/conf.d/mattermost.conf` and add the following lines
+  * 
+```
+  server {
+       listen         80;
+       server_name    mattermost.example.com;
+       return         301 https://$server_name$request_uri;
+  }
+  
+  server {
+        listen 443 ssl;
+        server_name mattermost.example.com;
+    
+        ssl on;
+        ssl_certificate /opt/mattermost/cert/mattermost.crt;
+        ssl_certificate_key /opt/mattermost/cert/mattermost.key;
+        ssl_session_timeout 5m;
+        ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
+        ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
+        ssl_prefer_server_ciphers on;
+        ssl_session_cache shared:SSL:10m;
+
+    # add to location / above
+    location / {
+      gzip off;
+      proxy_set_header X-Forwarded-Ssl on;
+```
+
+## Finish Mattermost Server setup
+1. Navigate to `https://mattermost.example.com` and create a team and user.
+1. The first user in the system is automatically granted the `system_admin` role, which gives you access to the System Console.
+1. From the `town-square` channel click the dropdown and choose the `System Console` option
+1. Update Email Settings.  We recommend using an email sending service.  The example below assumes AmazonSES.
+  * Set *Send Email Notifications* to true
+  * Set *Require Email Verification* to true
+  * Set *Feedback Name* to `No-Reply`
+  * Set *Feedback Email* to `mattermost@example.com`
+  * Set *SMTP Username* to `AFIADTOVDKDLGERR`
+  * Set *SMTP Password* to `DFKJoiweklsjdflkjOIGHLSDFJewiskdjf`
+  * Set *SMTP Server* to `email-smtp.us-east-1.amazonaws.com`
+  * Set *SMTP Port* to `465`
+  * Set *Connection Security* to `TLS`
+  * Save the Settings
+1. Update File Settings:
+  * Change *Local Directory Location* from `./data/` to `/opt/mattermost/data`
+1. Update Log Settings:
+  * Set *Log to The Console* to `false`  
+1. Update Rate Limit Settings:
+  * Set *Vary By Remote Address* to false
+  * Set *Vary By HTTP Header* to X-Real-IP
+1. Feel free to modify other settings
+1. Restart the Mattermost Service by typing:
+  * ``` sudo restart mattermost```
diff --git a/doc/install/Production-RHEL.md b/doc/install/Production-RHEL7.md
index 7851350a9..f3a59d4a0 100644
--- a/doc/install/Production-RHEL.md
+++ b/doc/install/Production-RHEL7.md
@@ -153,7 +153,7 @@ enabled=1
   * ``` curl http://localhost```
   * You should see a page titles *Mattermost - Signup*
   * Not seeing the page?  Look for errors with ``` sudo cat /var/log/audit/audit.log | grep nginx | grep denied```  
-  * **Optional** if you're running on the same server as the Mattermost server and see 502 errors you may need to run `setsebool -P httpd_can_network_connect true` because SELinux is preventing the connection
+  * **Optional** if you're running on the same server as the Mattermost server and see 502 errors you may need to run `sudo setsebool -P httpd_can_network_connect true` because SELinux is preventing the connection
 
 ## Set up Nginx with SSL (Recommended)
 1. You will need a SSL cert from a certificate authority.
diff --git a/doc/install/Production-Ubuntu.md b/doc/install/Production-Ubuntu.md
index 5af5fd7c0..aa6dba119 100644
--- a/doc/install/Production-Ubuntu.md
+++ b/doc/install/Production-Ubuntu.md
@@ -65,7 +65,7 @@
   * ``` ./platform```
   * You should see a console log like `Server is listening on :8065` letting you know the service is running.
   * Stop the server for now by typing `ctrl-c`
-1. Setup Mattermost to use the Ubuntu Upstart daemon which handles supervision of the Mattermost process.
+1. Setup Mattermost to use the Upstart daemon which handles supervision of the Mattermost process.
   * ``` sudo touch /etc/init/mattermost.conf```
   * ``` sudo vi /etc/init/mattermost.conf```
   * Copy the following lines into `/etc/init/mattermost.conf`