Installing Rocket.Chat on Ubuntu Xenial 16.04 via Snap

This is a simple tutorial to get Rocket.Chat running on a Ubuntu Xenial 16.04 server (You’ll likely be perfectly fine to run through the same process on a different Ubuntu version such as 18.04 if you’d prefer) In this case we’re installing this on a fresh server and we’ll be installing Rocket.Chat as a Snap and using Caddy as a reverse proxy. Caddy will also deal with issuing SSL certificates via Let’s Encrypt. With this you’ll be able to get Rocket.Chat up and running within ~10 minutes, from there you can go on and make further server configuration changes for security and so on, as well as configure Rocket.Chat in more depth – which won’t be covered within the scope of this tutorial.


Let’s first start with some updates.

apt-get update
apt-get upgrade


Basic UFW setup

Let’s setup a basic firewall using UFW. First install UFW if it’s not installed –

apt-get install ufw


Setup the default access rules –

ufw default deny incoming
ufw default allow outgoing


Setup the firewall rules that we’ll want –

ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp


Enable the firewall –

ufw enable


You can check the status of ufw with –

ufw status


If you add or remove rules you should reload ufw with –

ufw reload


If you need to disable ufw you can do so with –

ufw disable


Install Fail2Ban

apt-get install fail2ban


Install Rocket.Chat as a Snap

Install Snap if it’s not already installed –

apt-get install snapd


Install Rocket.Chat –

snap install rocketchat-server


At this point the Rocket.Chat service will have automatically started, you can check if it’s running with –

service snap.rocketchat-server.rocketchat-server status


Configure Caddy and SSL

Initial configuration-

snap set rocketchat-server caddy-url=https://<your-domain-name>
snap set rocketchat-server caddy=enable
snap set rocketchat-server https=enable
rocketchat-server.initcaddy


Assuming you didn’t have any errors, restart Rocket.Chat and Caddy –

systemctl restart snap.rocketchat-server.rocketchat-server.service
systemctl restart snap.rocketchat-server.rocketchat-caddy.service


You can check Caddy’s logs with the following command

journalctl -r | grep caddy | less


Redirect HTTP to HTTPS

Redirecting HTTP to HTTPS is handled in the Caddy configuration by ommitting the http or https prefix. For instance you should have something like this inside /var/snap/rocketchat-server/current/Caddyfile –

your-domain-name.com {
  proxy / localhost:3000 {
    websocket
    transparent
  }
}


Restart Caddy once again after saving your changes –

systemctl restart snap.rocketchat-server.rocketchat-caddy


Onto Rocket.Chat itself!

At this point you’ll have a working Rocket.Chat installation running. You can browse to https://yourserver.com and you should be presented with the Setup Wizard screen to create the first user whom will by the Admin by default.

Once logged in, you may get a pop-up stating something along the lines of – The setting Site URL is configured to http://localhost and you are accessing from https://yourserver.com - Do you want to change to https://yourserver.com ? – You’ll want to click YES.

At this stage you’ll want to setup Rocket.Chat itself, so please refer to their documentation here – https://rocket.chat/docs


~Extra~

You can install a Discord style dark theme using this here! https://github.com/0x0049/Rocket.Chat.Dark