Install Rocket.Chat with Nginx on Ubuntu 18.04 with Google Cloud Platform.
In this guide you are going to learn how to install Nodejs, MongoDB, Rocket.Chat and configure Nginx as a reverse proxy for your installation and finally we will secure the installation using Let’sEncrypt SSL.
This setup is tested on Google Cloud Platform, this can also be done on other cloud hosting services or any other VPS or Dedicated servers running Ubuntu.
Prerequisites
- Your Compute Engine Instance running.
- For setting up Compute Engine, see the Setting up Compute Engine Instance.
- Initial Server Setup on Google Cloud.
- Set up Cloud DNS, see the Setting up Google Cloud DNS for your domain.
- Google Cloud SQL Setup, see Setup Cloud SQL and connect with Compute Engine.
Step 1: Update Server
Make sure your server is upto date.
sudo apt update sudo apt upgrade
Step 2: Install Dependencies
Execute the below command to install the dependency packages for Mongo DB.
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4 echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list
Step 3: Install Node.js
To install Node.js version 8 run the below commands.
curl -sL https://deb.nodesource.com/setup_8.x | sudo bash - sudo apt install -y nodejs
Step 4: Install Mongo DB and necessary packages
Now you can install MongoDB, Build Essential and Graphics Magic
sudo apt-get install -y build-essential mongodb-org graphicsmagick
Step 5: Using npm install inherits and n
Rocket Chat requires the node version and npm inherits.
sudo npm install -g inherits n && sudo n 8.11.4
Step 6: Download and Install Rocket.Chat
Once everything is installed, you can download the latest version of Rocket.Chat from the official release.
curl -L https://releases.rocket.chat/latest/download -o /tmp/rocket.chat.tgz
Extract it inside the tmp folder.
tar -xzf /tmp/rocket.chat.tgz -C /tmp
Install Rocket Chat.
cd /tmp/bundle/programs/server npm install
Move Rocket Chat to custom ditectory.
sudo mv /tmp/bundle /opt/Rocket.Chat
Step 7: Configure Rocket.Chat Service
Create a new user rocketchat and setup permissions.
sudo useradd -M rocketchat sudo usermod -L rocketchat
Setup correct permissions and create a service file.
sudo chown -R rocketchat:rocketchat /opt/Rocket.Chat
Create a rocketchat service.
sudo nano /lib/systemd/system/rocketchat.service
Paste the following configuration in the file.
[Unit]
Description=The Rocket.Chat server
After=network.target remote-fs.target nss-lookup.target nginx.target mongod.target
[Service]
ExecStart=/usr/local/bin/node /opt/Rocket.Chat/main.js
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=rocketchat
User=rocketchat
Environment=MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=rs01 MONGO_OPLOG_URL=mongodb://localhost:27017/local?replicaSet=rs01 ROOT_URL=https://domainname.com/ PORT=3000
[Install]
WantedBy=multi-user.target
Replace https://domainname.com/ with your domain name.
Step 8: Configure and Enable MongoDB
Setup storage engine and replication for MongoDB.
sudo sed -i "s/^# engine:/ engine: mmapv1/" /etc/mongod.conf sudo sed -i "s/^#replication:/replication:\n replSetName: rs01/" /etc/mongod.conf
sudo systemctl enable mongod && sudo systemctl start mongod
mongo --eval "printjson(rs.initiate())"
Enable Rocket.Chat service and start Rocket Chat.
sudo systemctl enable rocketchat sudo systemctl start rocketchat
Install Nginx
Install Nginx with the following command.
sudo apt install nginx
This command will install Nginx on your VM instance.
Configure Nginx for Rocket.Chat
Now it’s time to configure Nginx as a reverse proxy for Rocket.Chat.
Remove the default Nginx configuration.
sudo rm -rf /etc/nginx/sites-available/default sudo rm -rf /etc/nginx/sites-enabled/default
Create a new configuration for Rocket Chat
sudo nano /etc/nginx/sites-available/yourdomainname.conf
Configuration for Rocket.Chat
upstream backend {
server 127.0.0.1:3000;
}
server {
listen [::]:80;
listen 80;
server_name yourdomainname.com;
client_max_body_size 200M;
error_log /var/log/nginx/rocketchat.access.log;
location / {
proxy_pass http://backend/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
Paste this new configuration setting and hit Ctrl+X followed by Y and Enter to save the file.
Install Free Let’s Encrypt SSL Certificate
HTTPS
HTTPS is a protocol for secure communication between a server (instance) and a client (web browser). Due to the introduction of Let’s Encrypt, which provides free SSL certificates, HTTPS are adopted by everyone and also provides trust to your audiences.
sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install python-certbot-nginx
Now we have installed Certbot by Let’s Encrypt for Ubuntu 18.04, run this command to receive your certificates.
sudo certbot --nginx certonly
Enter your email and agree to the terms and conditions, then you will receive the list of domains you need to generate SSL certificate.
To select all domains simply hit Enter
The Certbot client will automatically generate the new certificate for your domain. Now we need to update the Nginx config.
Configure SSL
Once the SSL is installed, you can configure it in your Nginx file.
sudo nano /etc/nginx/sites-available/yourdomainname.com
upstream backend {
server 127.0.0.1:3000;
}
server {
listen [::]:80;
listen 80;
server_name yourdomainname.com www.yourdomainname.com;
return 301 https://yourdomainname.com$request_uri;
}
server {
listen [::]:443;
listen 443;
server_name yourdomainname.com;
client_max_body_size 200M;
error_log /var/log/nginx/rocketchat.access.log;
ssl_certificate /etc/letsencrypt/live/yourdomainname.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomainname.com/privkey.pem;
location / {
proxy_pass http://backend/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
Hit CTRL+X followed by Y to save the changes.
Check your configuration and restart Nginx for the changes to take effect.
sudo nginx -t sudo service nginx restart
Renewing SSL Certificate
Certificates provided by Let’s Encrypt are valid for 90 days only, so you need to renew them often. Now you set up a cronjob to check for the certificate which is due to expire in next 30 days and renew it automatically.
sudo crontab -e
Add this line at the end of the file
0 0,12 * * * certbot renew >/dev/null 2>&1
Hit CTRL+X followed by Y to save the changes.
This cronjob will attempt to check for renewing the certificate twice daily.
That’s all now you can visit your domain name in your web browser. you can see your Rocket.Chat setup page with HTTPS.
Conclusion
In this tutorial you have installed Node.js, MongoDB, Nginx reverse proxy configuration for Rocket.Chat and installed SSL and secured the installation.
Thanks for information write up on setup.
Question: Do you have documentation on federating rocket chat on two separate/isolated domains?
ex: chat.usa.com and chat.asia.com
adding srv records, txt records, etc and were you able to succesfully federate?