Install Rocket Chat with Nginx on Ubuntu 18.04 – Google Cloud

Install Rocket.Chat with Nginx on Ubuntu 18.04 with Google Cloud Platform.

In this guide you are going to learn how to install Nodejs, MongoDB, Rocket.Chat and configure Nginx as a reverse proxy for your installation and finally we will secure the installation using Let’sEncrypt SSL.

This setup is tested on Google Cloud Platform, this can also be done on other cloud hosting services or any other VPS or Dedicated servers running Ubuntu.

Prerequisites

1. Your Compute Engine Instance running.
2. For setting up Compute Engine, see the Setting up Compute Engine Instance.
3. Initial Server Setup on Google Cloud.
4. Set up Cloud DNS, see the Setting up Google Cloud DNS for your domain.
5. Google Cloud SQL Setup, see Setup Cloud SQL and connect with Compute Engine.

Step 1: Update Server

Make sure your server is upto date.

sudo apt update
sudo apt upgrade

Step 2: Install Dependencies

Execute the below command to install the dependency packages for Mongo DB.

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4

echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list

Step 3: Install Node.js

To install Node.js version 8 run the below commands.

curl -sL https://deb.nodesource.com/setup_8.x | sudo bash -
sudo apt install -y nodejs

Step 4: Install Mongo DB and necessary packages

Now you can install MongoDB, Build Essential and Graphics Magic

sudo apt-get install -y build-essential mongodb-org graphicsmagick

Step 5: Using npm install inherits and n

Rocket Chat requires the node version and npm inherits.

sudo npm install -g inherits n && sudo n 8.11.4

Step 6: Download and Install Rocket.Chat

Once everything is installed, you can download the latest version of Rocket.Chat from the official release.

curl -L https://releases.rocket.chat/latest/download -o /tmp/rocket.chat.tgz

Extract it inside the tmp folder.

tar -xzf /tmp/rocket.chat.tgz -C /tmp

Install Rocket Chat.

cd /tmp/bundle/programs/server
npm install

Move Rocket Chat to custom ditectory.

sudo mv /tmp/bundle /opt/Rocket.Chat

Step 7: Configure Rocket.Chat Service

Create a new user rocketchat and setup permissions.

sudo useradd -M rocketchat
sudo usermod -L rocketchat

Setup correct permissions and create a service file.

sudo chown -R rocketchat:rocketchat /opt/Rocket.Chat

Create a rocketchat service.

sudo nano /lib/systemd/system/rocketchat.service

Paste the following configuration in the file.

[Unit]
Description=The Rocket.Chat server
After=network.target remote-fs.target nss-lookup.target nginx.target mongod.target
[Service]
ExecStart=/usr/local/bin/node /opt/Rocket.Chat/main.js
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=rocketchat
User=rocketchat
Environment=MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=rs01 MONGO_OPLOG_URL=mongodb://localhost:27017/local?replicaSet=rs01 ROOT_URL=https://domainname.com/ PORT=3000
[Install]
WantedBy=multi-user.target

Replace https://domainname.com/ with your domain name.

Step 8: Configure and Enable MongoDB

Setup storage engine and replication for MongoDB.

sudo sed -i "s/^#  engine:/  engine: mmapv1/"  /etc/mongod.conf
sudo sed -i "s/^#replication:/replication:\n  replSetName: rs01/" /etc/mongod.conf

sudo systemctl enable mongod && sudo systemctl start mongod

mongo --eval "printjson(rs.initiate())"

Enable Rocket.Chat service and start Rocket Chat.

sudo systemctl enable rocketchat
sudo systemctl start rocketchat

Install Nginx

Install Nginx with the following command.

sudo apt install nginx

This command will install Nginx on your VM instance.

Configure Nginx for Rocket.Chat

Now it’s time to configure Nginx as a reverse proxy for Rocket.Chat.

Remove the default Nginx configuration.

sudo rm -rf /etc/nginx/sites-available/default
sudo rm -rf /etc/nginx/sites-enabled/default

Create a new configuration for Rocket Chat

sudo nano /etc/nginx/sites-available/yourdomainname.conf

Configuration for Rocket.Chat

upstream backend {
    server 127.0.0.1:3000;
} 

server {
    listen [::]:80;
    listen 80;

    server_name yourdomainname.com;

    client_max_body_size 200M;

    error_log /var/log/nginx/rocketchat.access.log;

    location / {
         proxy_pass http://backend/;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
         proxy_set_header Host $http_host;
         
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forward-Proto http;
         proxy_set_header X-Nginx-Proxy true;

         proxy_redirect off;
    } 
}

Paste this new configuration setting and hit Ctrl+X followed by Y and Enter to save the file.

Install Free Let’s Encrypt SSL Certificate

HTTPS
HTTPS is a protocol for secure communication between a server (instance) and a client (web browser). Due to the introduction of Let’s Encrypt, which provides free SSL certificates, HTTPS are adopted by everyone and also provides trust to your audiences.

sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx

Now we have installed Certbot by Let’s Encrypt for Ubuntu 18.04, run this command to receive your certificates.

sudo certbot --nginx certonly

Enter your email and agree to the terms and conditions, then you will receive the list of domains you need to generate SSL certificate.

To select all domains simply hit Enter

The Certbot client will automatically generate the new certificate for your domain. Now we need to update the Nginx config.

Configure SSL

Once the SSL is installed, you can configure it in your Nginx file.

sudo nano /etc/nginx/sites-available/yourdomainname.com

upstream backend {
    server 127.0.0.1:3000;
} 

server {
     listen [::]:80;
     listen 80;
     server_name yourdomainname.com www.yourdomainname.com;
     return 301 https://yourdomainname.com$request_uri;
}

server {
    listen [::]:443;
    listen 443;

    server_name yourdomainname.com;

    client_max_body_size 200M;

    error_log /var/log/nginx/rocketchat.access.log;

    ssl_certificate /etc/letsencrypt/live/yourdomainname.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomainname.com/privkey.pem;

    location / {
         proxy_pass http://backend/;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
         proxy_set_header Host $http_host;
         
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forward-Proto http;
         proxy_set_header X-Nginx-Proxy true;

         proxy_redirect off;
    } 
}

Hit CTRL+X followed by Y to save the changes.

Check your configuration and restart Nginx for the changes to take effect.

sudo nginx -t
sudo service nginx restart

Renewing SSL Certificate

Certificates provided by Let’s Encrypt are valid for 90 days only, so you need to renew them often. Now you set up a cronjob to check for the certificate which is due to expire in next 30 days and renew it automatically.

sudo crontab -e

Add this line at the end of the file

0 0,12 * * * certbot renew >/dev/null 2>&1

Hit CTRL+X followed by Y to save the changes.

This cronjob will attempt to check for renewing the certificate twice daily.

That’s all now you can visit your domain name in your web browser. you can see your Rocket.Chat setup page with HTTPS.

Conclusion

In this tutorial you have installed Node.js, MongoDB, Nginx reverse proxy configuration for Rocket.Chat and installed SSL and secured the installation.