Installing Rocket.Chat on Ubuntu Xenial 16.04 via Snap
This is a simple tutorial to get Rocket.Chat running on a Ubuntu Xenial 16.04 server.(You’ll likely be perfectly fine to run through the same process on a different Ubuntu version such as 18.04 if you’d prefer). In this case we’re installing this on a fresh server and we’ll be installing Rocket.Chat as a Snap and using Caddy as a reverse proxy. Caddy will also deal with issuing SSL certificates via Let’s Encrypt. With this you’ll be able to get Rocket.Chat up and running within ~10 minutes, from there you can go on and make further server configuration changes for security and so on, as well as configure Rocket.Chat in more depth - which won’t be covered within the scope of this tutorial.
Initial updates
- Let’s first start with some updates.
apt-get update; apt-get upgrade
Basic UFW setup
Let’s setup a basic firewall using UFW. First install UFW if it’s not installed:
apt-get install ufw
Setup the default access rules:
ufw default deny incoming ufw default allow outgoing
Setup the firewall rules that we’ll want:
ufw allow 22/tcp ufw allow 80/tcp ufw allow 443/tcp
Enable the firewall:
ufw enable
You can check the status of ufw with:
ufw status
If you add or remove rules you should reload ufw with:
ufw reload
If you need to disable ufw you can do so with:
ufw disable
Fail2Ban
- Install Fail2Ban
apt-get install fail2ban
Install Rocket.Chat as a Snap
Install Snap if it’s not already installed:
apt-get install snapd
Install Rocket.Chat
snap install rocketchat-server
At this point the Rocket.Chat service will have automatically started, you can check if it’s running with:
service snap.rocketchat-server.rocketchat-server status
Configure Caddy and SSL
Setup the initial caddy config
snap set rocketchat-server caddy-url=https://<your-domain-name> snap set rocketchat-server caddy=enable snap set rocketchat-server https=enable rocketchat-server.initcaddy
Assuming you didn’t have any errors, restart Rocket.Chat and Caddy:
systemctl restart snap.rocketchat-server.rocketchat-server.service systemctl restart snap.rocketchat-server.rocketchat-caddy.service
You can check Caddy’s logs with the following command
journalctl -r | grep caddy | less
Redirect HTTP to HTTPS
Redirecting HTTP to HTTPS is handled in the Caddy configuration by ommitting the
http
orhttps
prefix. For instance you should have something like this inside/var/snap/rocketchat-server/current/Caddyfile
:your-domain-name.com { proxy / localhost:3000 { websocket transparent } }
Restart Caddy once again after saving your changes:
systemctl restart snap.rocketchat-server.rocketchat-caddy
Onto Rocket.Chat itself!
At this point you’ll have a working Rocket.Chat installation running. You can browse to https://yourserver.com and you should be presented with the Setup Wizard screen to create the first user whom will by the Admin by default.
Once logged in, you may get a pop-up stating something along the lines of - The setting Site URL is configured to http://localhost and you are accessing from https://yourserver.com - Do you want to change to https://yourserver.com ? - You’ll want to click YES.
At this stage you’ll want to setup Rocket.Chat itself, so please refer to their documentation here - https://rocket.chat/docs
Extra
You can install a Discord style dark theme using this here!