Introduction
Rocket.Chat is an open-source messaging app built with Meteor. It supports video conferencing, file sharing, voice messages, has a fully-featured API, and more. Rocket.Chat is great for those who prefer to have full control over their communications.
In this tutorial, we will be installing and configuring Rocket.Chat on a fresh Ubuntu server as well as setting up a reverse proxy via Nginx to boost security and make accessing Rocket.Chat much easier. Once we’re finished, you’ll have a functional instance of Rocket.Chat accessible from virtually anywhere.
Prerequisites
To follow this tutorial, you will need:
One Ubuntu 14.04 server with a recommended minimum of 1 GB of RAM
Non-root user with sudo privileges (Initial Server Setup with Ubuntu 14.04 explains how to set this up.)
A fully registered domain. You can purchase one on Namecheap or get one for free on Freenom.
Make sure your domain name is configured to point to your server. Check out this tutorial if you need help.
An SSL certificate. Generate a self-signed certificate, [obtain a free one from Let’s Encrypt] (https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04), or buy one from another provider.
Step 1 — Installing Dependencies
In this section, we’ll be installing some of Rocket.Chat’s dependencies such as MongoDB and NodeJS.
Let’s start with getting MongoDB up and running. First, we need to add a keyserver so we can access the packages.
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
Then we need to set the repo to use.
echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.0.list
Now, update the package lists.
sudo apt-get update
Now that that’s done, we can go ahead and install npm, mongodb-org, curl and graphicsmagick, which are all dependencies of Rocket.Chat:
sudo apt-get install npm mongodb-org curl graphicsmagick
We need to install a package using NPM to allow us to change the node version:
sudo npm install -g n
Use that package to change the node version to 0.10.40.
sudo n 0.10.40
Next, we’ll install Rocket.Chat itself and do a little bit of configuration.
Step 2 — Installing Rocket.Chat
To start off, download the latest stable version of Rocket.Chat using curl.
curl -L https://rocket.chat/releases/latest/download -o rocket.chat.tgz
Expand the archive we just downloaded using the tar command.
tar zxvf rocket.chat.tgz
This expands the entire archive into a directory named bundle. Let’s move the contents of the bundle directory into something easier to remember.
mv bundle Rocket.Chat
Change into the directory where we’ll install Rocket.Chat using NPM.
cd Rocket.Chat/programs/server
Install Rocket.Chat.
npm install
Move back into the parent Rocket.Chat directory.
cd ../..
We need to set up some environmental variables to help Rocket.Chat keep track of things like URLs, ports, and more.
First, set the ROOT_URL variable to your domain name. This must be in the form of a URL.
export ROOT_URL=https://example.com/
Set MongoDB’s URL under the MONGO_URL variable.
export MONGO_URL=mongodb://localhost:27017/rocketchat
Set the PORT variable to 3000.
export PORT=3000
Now you can run Rocket.Chat using the following command:
node main.js
If there aren’t any errors, it works! For now, though, stop Rocket.Chat using CTRL+C. Now that Rocket.Chat is installed, we need to set up Nginx to proxy all of its traffic using a reverse proxy, making accessing Rocket.Chat easier and encrypting all of your communications with your SSL certificate.
Step 3 — Setting up a Reverse Proxy with Nginx
To start off, install Nginx.
sudo apt-get install -y nginx
Move your certificate’s private key to /etc/nginx/certificate.key.
sudo cp /path/to/your/key /etc/nginx/certificate.key
For example, if you created a Let’s Encrypt certificate, you would use sudo cp /etc/letsencrypt/live/your_domain_name/privkey.pem /etc/nginx/certificate.key.
Modify the key’s permissions so unauthorized thieves can’t gain access.
sudo chmod 400 /etc/nginx/certificate.key
Copy the certificate itself to /etc/nginx/certificate.crt.
sudo cp /path/to/your/cert /etc/nginx/certificate.crt
If you created a Let’s Encrypt certificate, the command would be similar to sudo cp /etc/letsencrypt/live/your_domain_name/cert.pem /etc/nginx/certificate.crt.
We’re going to be creating an entirely new configuration for Rocket.Chat, so you can delete the default to make it a little easier.
sudo rm /etc/nginx/sites-enabled/default
If you need that file back for any reason in the future, it is still available at /etc/nginx/sites-available/default
Create a new /etc/nginx/sites-enabled/default with nano or your favorite text editor.
sudo nano /etc/nginx/sites-enabled/default
First, we’ll add an upstream block:
/etc/nginx/sites-enabled/default
# Upstreams
upstream backend {
server 127.0.0.1:3000;
}
Underneath that, let’s create a server block. The first part tells Nginx which port to listen for connections on, in this case :443. It also let’s it know what our hostname is. Don’t forget to replace example.com with your domain name.
/etc/nginx/sites-enabled/default
server {
listen 443;
server_name example.com;
Under that, we tell Nginx where to store Rocket.Chat’s access logs, and point it to the SSL certificate and key we placed in /etc/nginx/certificate.key and /etc/nginx/certificate.crt respectively.
/etc/nginx/sites-enabled/default
error_log /var/log/nginx/rocketchat.access.log;
ssl on;
ssl_certificate /etc/nginx/certificate.crt;
ssl_certificate_key /etc/nginx/certificate.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
And now we finish the configuration off with a location block:
location / {
proxy_pass http://example.com:3000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
Here’s the full file for reference:
/etc/nginx/sites-enabled/default
server {
listen 443;
server_name example.com;
error_log /var/log/nginx/rocketchat.access.log;
ssl on;
ssl_certificate /etc/nginx/certificate.crt;
ssl_certificate_key /etc/nginx/certificate.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
location / {
proxy_pass http://example.com:3000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
Save and exit the file. Finally, restart Nginx to finish the job.
sudo service nginx restart
Check if Nginx is running.
sudo service nginx status
If you see the following message, Nginx is up and running:
* nginx is running
If you see an error message, check the logs at /var/log/nginx/rocketchat.access.log and /var/log/nginx/access.log or the error logs at /var/log/nginx/error.log. You can also run nginx -t to verify your Nginx configuration file, which is where most errors show up.
Make sure you’re still in the Rocket.Chat folder.
cd ~/Rocket.Chat
Then run the following command to start Rocket.Chat back up again.
node main.js
Rocket.Chat should now be live at https://example.com. You can verify this by visiting that address in your favorite browser.
In the next section, we’ll configure Rocket.Chat to automatically run at boot using a node module called forever-service.
Step 4 — Configuring Rocket.Chat as a Service
forever-service automatically generates init scripts for node apps such as Rocket.Chat. To start off, we need to install forever itself, which forever-service depends on.
sudo npm install -g forever
Then, install forever-service.
sudo npm install -g forever-service
Create a service using forever-service:
sudo forever-service install -s main.js -e "ROOT_URL=https://example.com/ MONGO_URL=mongodb://localhost:27017/rocketchat PORT=3000" rocketchat
The -s flag followed by main.js tells forever-service our script is named main.js, not app.js, which is default.
The -e flag followed by "ROOT_URL=https://example.com/ MONGO_URL=mongodb://localhost:27017/rocketchat PORT=3000" passes our environmental variables to forever-service.
Finally, rocketchat tells forever-service what to name the service.
For more detailed information on forever-service’s syntax, run forever-service --help.
Now we can start Rocket.Chat. This will initialize the rocketchat service created by forever-service.
sudo start rocketchat
Rocket.Chat should now be live at the URL you set in Step 2. Make sure you’re using HTTPS here.
Rocket.Chat should be is ready to go. In the next section, we’ll add our first admin user to Rocket.Chat and take a tour around the interface.
Step 5 — Configuring and Using Rocket.Chat
Visit the URL we set Rocket.Chat up on earlier. You should see something like this:
Click on Register a new account, then enter the user information for your first admin.
Click Submit, and then choose a username for your new user:
After clicking Use this username, you will be taken to the homepage:
That’s all! You’ll see on the right, a #general channel has already been created for you. If you click on it, you’ll be taken to the chatroom. Feel free to play around a bit.
Now let’s take a tour of the interface. First, let’s go ahead and make a new channel by clicking the tiny plus button next to Channels:
Name it anything you’d like:
Now click Save, and you’ll be brought to your new channel.
To access the Administration interface, click the tiny arrow next to your username. It will pull down a menu:
Click on Administration. It will bring up a second menu:
Using this menu, we can configure and manage every aspect of our Rocket.Chat installation. In the Users section, we can manage the permissions of individual users, and even invite new ones. We can also add more features to our installation using the Integrations view.
Conclusion
Congratulations! You now have your very own chat solution for you and your team: Rocket.Chat, running on an Ubuntu 14.04 server. It is set to launch automatically at boot using forever-service and is fully equipped with SSL using an Nginx reverse proxy. You may now want to add more members, create more channels, or maybe check out the Integrations section of the Administration menu. Have fun!
