Install Rocket.Chat on Ubuntu 16.04 with Nginx and Letsencrypt

Hello good people. This guide aims at taking you through the steps to install Rocket.Chat on Ubuntu 16.04. Rocket.Chat is an open-source messaging application built with Meteor web framework.

Rocket.Chat has the following features:

• Video conferencing
• Voice messages
• File sharing
• Fully-featured API

Rocket.Chat is an alternative to Hipchat and Slack Chat platforms for people who prefer to have full control over their communications – voice, video and file sharing.

Install Rocket.Chat on Ubuntu 16.04

Our installation of Rocket.Chat will be proxied with Nginx web server and SSL provided by Letsencrypt. So we’ll first install the dependencies before we set up Rocket.Chat.

Install Nginx and certbot-auto on Ubuntu 16.04

Let’s install Nginx and certbot client which we’ll use to host Rocket.Chat. We’ll also use ufw firewall to secure our application

$ sudo apt-get install nginx ufw g++ build-essential

Install certbot-auto using the following commands.

# wget https://dl.eff.org/certbot-auto -P /usr/local/bin
# chmod a+x /usr/local/bin/certbot-auto

I assume you have a subdomain that you’ll use on your Nginx to serve Rocket.Chat application with a valid DNS record.

Request for Letsencrypt SSL certificate to use with Rocket.Chat.

To get Letsencrypt certificate, we use the command.

# export DOMAIN="chat.domain.com"
# export EMAIL_ALERT="[email protected]"
# /usr/local/bin/certbot-auto certonly --standalone -d $DOMAIN  \
--preferred-challenges http --agree-tos -n -m  $EMAIL_ALERT --keep-until-expiring

Remember to replace chat.domain.com with a valid domain/sub-domain for Rocket.Chat and [email protected] with an email address to receive alerts when SSL is about to expire.

A successful ssl generation should result in a message like below:

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/chat.domain.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/chat.domain.com/privkey.pem
Your cert will expire on 2018-07-04. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew *all* of your certificates, run
"certbot-auto renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

Where chat.domain.com is your real domain or sub-domain.

Install MongoDB on Ubuntu 16.04

Rocket.Chat uses MongoDB to store its data. Install it on Ubuntu using the following command.

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5
echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu precise/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
sudo apt-get update
sudo apt-get install -y mongodb-org curl

Setup MongoDB Replica Set

Rocket.Chat uses the MongoDB replica set OPTIONALLY to improve performance via Meteor Oplog tailing. Edit the file /etc/mongod.conf using Using YAML syntax.

replication:
   replSetName: "001-rs"

You need to restart MongoDB service:

# systemctl restart mongod
# systemctl enable mongod

Start the MongoDB shell and initiate the replica set:

# mongo
> rs.initiate()

You should get output like below:

{
        "info2" : "no configuration specified. Using a default configuration for the set",
        "me" : "127.0.0.1:27017",
        "ok" : 1,
        "operationTime" : Timestamp(1522961588, 1),
        "$clusterTime" : {
                "clusterTime" : Timestamp(1522961588, 1),
                "signature" : {
                        "hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
                        "keyId" : NumberLong(0)
                }
        }
}

Note the “ok” value should be 1. Any other value, i.e. 93, means something is wrong

Add the following environment variable for Rocket.Chat to ~/.bashrc

export MONGO_OPLOG_URL=mongodb://localhost:27017/local?replicaSet=001-rs

Now source the file:

# source ~/.bashrc

Install graphicsmagick on Ubuntu 16.04

GraphicsMagick is a robust collection of tools and libraries to read, write, and manipulate an image in any of the more popular image formats including GIF, JPEG, PNG, PDF, and WebP.

$ sudo apt-get install graphicsmagick

Install Node.js on Ubuntu 16.04

Use the following guide to install Node.js on Ubuntu 16.04:

Install Node.js on CentOS 7 / Ubuntu 16.04 / Arch Linux / macOS

Installing Rocket.Chat

Now download Stable version of Rocket.Chat:

# curl -L https://releases.rocket.chat/latest/download -o rocket.chat.tgz

Then untar the binary release:

# tar zxvf rocket.chat.tgz

This will expand everything into a bundle directory. Next, make sure MongoDB server is already up and running. Then, set environment variables and run the Rocket.Chat server:

mv bundle Rocket.Chat
cd Rocket.Chat/programs/server
npm install
cd ../..
export ROOT_URL=http://localhost:3000/
export PORT=3000
export MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=001-rs

Now you can run Rocket.Chat using the following command:

$ sudo node main.js

Configure Nginx with SSL

We now need to configure Nginx for Rocket.Chat service. Add the following content to the file /etc/nginx/conf.d/rocker-chat.conf

# Upstream definition

upstream backend {
    server 127.0.0.1:3000;
}

# http to https redirection
server {
  listen 80;
  server_name chat.domain.com;
  rewrite ^ https://$server_name$request_uri? permanent;
}

# HTTPS Server
server {
    listen 443;
    server_name chat.domain.com;
    error_log /var/log/nginx/rocket-chat.access.log;
    ssl on;
    ssl_certificate /etc/letsencrypt/live/chat.domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/chat.domain.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE

    location / {
        proxy_pass http://backend/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forward-Proto http;
        proxy_set_header X-Nginx-Proxy true;

        proxy_redirect off;
    }
}

Configuring Rocket.Chat as a Service with forever

To make Rocker.Chat start on server boot up, we need to configure it using forever. forever npm package provides forever-service which automatically generate init scripts for node apps such as Rocket.Chat.

Install forever using the command:

$ sudo npm install -g forever

Then, install forever-service.

$ sudo npm install -g forever-service

Now create a service using forever-service:

# forever-service install -s main.js -e "ROOT_URL=https://localhost/ \
MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=001-rs PORT=3000" rocket-chat

-s specifies script name, which in this case is main.js
-e is followed by environment variables we’re using
rocket-chat is the name of service we’re creating

You should get output like this:

Platform - Ubuntu 16.04 LTS
rocket-chat provisioned successfully

Commands to interact with service rocket-chat
Start   - "sudo service rocket-chat start"
Stop    - "sudo service rocket-chat stop"
Status  - "sudo service rocket-chat status"
Restart - "sudo service rocket-chat restart"

Now we can start Rocket.Chat. This will initialize the rocket-chat service created by forever-service.

$ sudo service rocket-chat start

To check the status, use:

$ sudo service rocket-chat status