Last updated 2017-08-26
These are barebones instructions for how to set up a Rocket.Chat server on OpenSUSE Leap 42.2 using nginx as a reverse proxy. These will help you set up a system you can experiment with. THEY ARE NOT INTENDED FOR SETUP OF A PRODUCTION SYSTEM! They are oriented on using a VM from AWS, but should work for any Leap 42.2 system.
You will install and configure:
- Node.js
- MongoDB
- Let's Encrypt SSL certificates
- nginx
- Rocket.Chat and its dependencies
To do this, you will:
- Acquire a VM to install on
- Install all the packages you'll need
- Start and configure MongoDB
- Install Let's Encrypt SSL certificates
- Configure and start nginx
- Install and start Rocket.Chat
Things you'll need to do afterwards on your own, especially if you want a production-worthy system:
- Create a
systemctl
script to restart Rocket.Chat if the server is rebooted - Configure email on the server (so Rocket can request account validation)
- Secure the server (e.g. get rid of the default user on a VM, etc.)
- Monitor the server so you can respond if it goes down ** Rocket.Chat availability ** MongoDB availability ** nginx availability
- Configure MongoDB for production use ** Use an XFS volume ** Use persistent (e.g. non-local) storage if you're using a VM ** Configure replica sets ** Consider setting /sys/kernel/mm/transparent_hugepage/enabled to "never" as recommended by Mongo at startup
- Set up periodic updates for the system
I like to use AWS spot instances as a very cheap way to experiment with things. I find I can usually get an m3.medium (1 vCPU, 3.75GB RAM) for ~$0.01/hour, or ~$7/month if run continuously. Pick the right region and you'll rarely if ever be shut down.
There's a spot_instance.json
below that I generally use to set up an instance. I already have a few security groups to lock down all but the ports I need, an IAMS profile to allow just the privileges I want, and an SSH keypair generated; I'm not going to tackle those here, so if you want to do this, you probably should do some quick research and set those up yourself.
I also use the aws CLI, so it's preconfigured for my favorite region, credentials, etc. If you don't have that set up, you'll want to.
When you've got those set, getting an instance is really straightforward:
aws ec2 request-spot-instances --cli-input-json file://spot_instance.json
Note: if you get an error saying that you must subscribe to the AMI before using it, copy the URL in the error message and open it in a browser. The "subscription" costs $0.00/hour, so it's just a formality.
The default user in the Leap 42.2 image is ec2-user
. You'll ssh into the box using that user, and immediately become root.
> ssh ec2-user@IP-OR-HOSTNAME-FOR-YOUR-BOX
> sudo su -
- Add the repo for MongoDB
- Refresh metadata for all repos
- Update all the packages on the box
- Install the new packages we need
zypper addrepo http://download.opensuse.org/repositories/server:database/openSUSE_Leap_42.2/server:database.repo
zypper refresh
zypper -n update
zypper -n install mongodb nodejs4 npm4 nginx GraphicsMagick gcc-c++
- Enable and start MongoDB
- Create the admin user
- Create the DB and user for Rocket.Chat
In a shell:
systemctl enable mongodb
systemctl start mongodb
Now start a MongoDB shell and add the admin user:
> mongo
use admin
db.createUser({
user: "root",
pwd: "fl!bb3rtyJ!bb3tt",
roles: [ "root" ]
})
exit
Now re-open a MongoDB shell as your admin user and create the Rocket.Chat db and admin user. You'll use these later to tell Rocket how to access its DB.
Note: Don't use :
or @
in this user's password or you'll need to URL escape them later. It's easier to avoid those characters.
> mongo --authenticationDatabase admin -u root -p
use rocketchat
db.createUser({
user: "rocket",
pwd: "4rgl3b4rgl3",
roles: [ "readWrite", "dbAdmin" ]
})
exit
This is so crazy easy. Remember when this was hard, and when it cost $20-$200 per year? Please consider using one of the donation links given afterwards as a way to support continued development of CertBot.
Replace YOUR.SERVER.NAME
below with the hostname your server will be accessed from, e.g. chat.example.com
, and replace YOUR@EMAIL.ADDRESS
with your email address, e.g. admin@example.com
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
cd /opt/letsencrypt && ./letsencrypt-auto certonly --standalone --email YOUR@EMAIL.ADDRESS -d YOUR.SERVER.NAME
cd /etc/nginx
mkdir sites-enabled sites-available
# Replace contents of nginx.conf with nginx.conf in this gist
# Copy contents of rocket_chat.conf below into sites-available/rocket_chat.conf
cd sites-enabled
ln -s ../sites-available/rocket_chat.conf .
systemctl enable nginx
systemctl start nginx
- Add a
rocket
user and group - Download the latest Rocket.Chat
- Install all the node.js dependencies for Rocket.Chat using
npm
- Set the required environment variables
- Start the Rocket.Chat server
Replace YOUR.SERVER.NAME
below with the hostname your server will be accessed from, e.g. chat.example.com
groupadd -g 2000 rocket
useradd -g rocket -u 2000 rocket
cd /opt
curl -L https://rocket.chat/releases/latest/download -o rocket.chat.tgz
tar zxvf rocket.chat.tgz
mv bundle Rocket.Chat
chown -R rocket:rocket /opt/Rocket.Chat
su - rocket
cd /opt/Rocket.Chat/programs/server
npm install
cd ../..
# TODO: Make a script for this for systemctl
export ROOT_URL=http://YOUR.SERVER.NAME/
export MONGO_URL=mongodb://rocket:4rgl3b4rgl3@localhost:27017/rocketchat
export PORT=3000
node main.js
... and that's Rocket.Chat all set. Direct a browser to https://YOUR.SERVER.NAME and register a yourself as new user. The first user you register will be made the server admin.
https://en.opensuse.org/MongoDB
https://rocket.chat/docs/installation/manual-installation/ubuntu