Installing Rocket.Chat on Ubuntu Xenial 16.04 via Snap

This is a simple tutorial to get Rocket.Chat running on a Ubuntu Xenial 16.04 server (You’ll likely be perfectly fine to run through the same process on a different Ubuntu version such as 18.04 if you’d prefer) In this case we’re installing this on a fresh server and we’ll be installing Rocket.Chat as a Snap and using Caddy as a reverse proxy. Caddy will also deal with issuing SSL certificates via Let’s Encrypt. With this you’ll be able to get Rocket.Chat up and running within ~10 minutes, from there you can go on and make further server configuration changes for security and so on, as well as configure Rocket.Chat in more depth – which won’t be covered within the scope of this tutorial.


Let’s first start with some updates.

sudo apt-get upgrade
sudo apt-get update


Basic UFW setup

Let’s setup a basic firewall using UFW. First install UFW if it’s not installed –

´╗┐sudo apt-get install ufw


Setup the default access rules –

sudo ufw default deny incoming
sudo ufw default allow outgoing


Setup the firewall rules that we’ll want –

sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp


Enable the firewall –

sudo ufw enable


You can check the status of ufw with –

sudo ufw status


If you add or remove rules you should reload ufw with –

sudo ufw reload


If you need to disable ufw you can do so with –

sudo ufw disable


Install Fail2Ban

sudo apt-get install fail2ban


Install Rocket.Chat as a Snap

Install Snap if it’s not already installed –

sudo apt-get install snapd


Install Rocket.Chat –

sudo snap install rocketchat-server


At this point the Rocket.Chat service will have automatically started, you can check if it’s running with –

sudo service snap.rocketchat-server.rocketchat-server status


Configure Caddy and SSL

Initial configuration-

sudo snap set rocketchat-server caddy-url=https://<your-domain-name>
sudo snap set rocketchat-server caddy=enable
sudo snap set rocketchat-server https=enable
sudo rocketchat-server.initcaddy


Assuming you didn’t have any errors, restart Rocket.Chat and Caddy –

sudo systemctl restart snap.rocketchat-server.rocketchat-server.service
sudo systemctl restart snap.rocketchat-server.rocketchat-caddy.service


You can check Caddy’s logs with the following command

journalctl -r | grep caddy | less


Redirect HTTP to HTTPS

Redirecting HTTP to HTTPS is handled in the Caddy configuration by ommitting the http or https prefix. For instance you should have something like this inside /var/snap/rocketchat-server/current/Caddyfile –

your-domain-name.com {
  proxy / localhost:3000 {
    websocket
    transparent
  }
}


Restart Caddy once again after saving your changes –

sudo systemctl restart snap.rocketchat-server.rocketchat-caddy


Onto Rocket.Chat itself!

At this point you’ll have a working Rocket.Chat installation running. You can browse to https://yourserver.com and you should be presented with the Setup Wizard screen to create the first user whom will by the Admin by default.

Once logged in, you may get a pop-up stating something along the lines of – The setting Site URL is configured to http://localhost and you are accessing from https://yourserver.com - Do you want to change to https://yourserver.com ? – You’ll want to click YES.

At this stage you’ll want to setup Rocket.Chat itself, so please refer to their documentation here – https://rocket.chat/docs


~Extra~

You can install a Discord style dark theme using this here! https://github.com/0x0049/Rocket.Chat.Dark