Installing Rocket.Chat with Docker on AlmaLinux 8

Hello,

In this week’s feature highlight, we look at How to Install Orchard CMS with LEMP Stack on AlmaLinux 8

Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript for organizations with high standards of data protection. In this article, we are going to learn how to install Rocket.Chat on AlmaLinux 8. So, let’s get started.

Checkout the Rocket.Chat Project Here.

Try this wiki on our VPS. Starting at just $5/month with 24×7 In-house customer support.

Pre-requisites

  • A system with AlmaLinux 8 installed and running.
  • root access to the system.
  • Docker installed and running, for this, you can refer to one of our guides on installing Docker on AlmaLinux 8.

Once you’re all set, we’ll proceed with Rocket.Chat installation and configuration.

Install Nginx

Let’s begin with installing Nginx. Install using the below codes.

yum install nginx -y

Enable services

systemctl enable nginx

systemctl start nginx

systemctl status nginx

Enable Firewall

firewall-cmd --permanent --add-service=http

firewall-cmd --permanent --add-service=https

firewall-cmd --reload

Install Let’s Encrypt SSL Certificate

Let’s issue an SSL certificate for the domain. For this, we will need the EPEL repository and the mod_ssl package on AlmaLinux 8 operating system.

Update and install EPEL repository and the mod_ssl package on the system using the below command:

dnf install epel-release mod_ssl -y

Next, we will install the certbot client which is used to create Let’s Encrypt certificates:

dnf install python3-certbot-nginx -y

Install SSL Certificate

Use the certbot command to issue a Let’s Encrypt certificate. Replace dev.domainhere.info and dev@dev.domainhere.info with your domain name and email:

certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email dev@dev.domainhere.info -d dev.domainhere.info

SSL certificates are valid for 90 days. The renewal process is now automated, you do not have to renew this manually.

Restart Nginx

Restart apache to avoid getting error messages.

systemctl restart nginx

Configuring Nginx Server Blocks

Let’s configure nginx.conf with the following command:

nano /etc/nginx/nginx.conf

Replace the nginx.conf file with the below configuration.

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
}

Now, type Ctrl+O and type Ctrl+X to save and exit the file.

Create a new Nginx configuration file dev.conf for the domain with the following command:

vi /etc/nginx/conf.d/dev.conf

Add the following codes:

Replace dev.domainhere.info & 192.169.7.180 with Your Domain Name & IP and Change SSL Path according to your SSL Path.

upstream app {
    server 192.169.7.180:3000;
}

server {
listen 80 default_server;
server_name dev.domainhere.info;
return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl; # managed by Certbot
    # The host name to respond to
    server_name dev.domainhere.info;

    ssl_certificate /etc/letsencrypt/live/dev.domainhere.info/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/dev.domainhere.info/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location / {
    proxy_pass http://app;
    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Real-Port $server_port;
    proxy_set_header X-Real-Scheme $scheme;
    }
}

Now, press the Esc key, and type :wq! and press the Enter key to save and exit the file.

For SELinux enabled systems, enable loopback for your upstream in SELinux. Run the below command:

setsebool -P httpd_can_network_connect 1

Now, restart & check the Nginx with the following commands:

systemctl restart nginx

systemctl status nginx

Enable ports ( 3000,8000,8080,3002 )

To enable connection through the firewall, follow the commands:

firewall-cmd --zone=public --permanent --add-port 3000/tcp

firewall-cmd --zone=public --permanent --add-port 8000/tcp

firewall-cmd --zone=public --permanent --add-port 8080/tcp

firewall-cmd --zone=public --permanent --add-port 3002/tcp

firewall-cmd --reload

Install Rocket.Chat with Docker

The following instructions use the Docker service to install Rocket.Chat using the Rocket.Chat Docker Image. Let’s install Rocket.Chat with Docker using the below commands:

mkdir -p /var/www/rocket.chat/data/runtime/db

mkdir -p /var/www/rocket.chat/data/dump

cd /var/www/rocket.chat

Let’s configure docker-compose.yml with the following command:

nano docker-compose.yml

Add the following configuration:

Edit the ROOT_URL value to be your FQDN.

Edit the ROCKETCHAT_URL to be your Public IP address. Keep the port (3000) the same.

Edit ROCKETCHAT_USER, ROCKETCHAT_PASSWORD, and BOT_NAME.

#CrownCloud
version: '2'

services:
  rocketchat:
    image: registry.rocket.chat/rocketchat/rocket.chat:latest
    command: >
      bash -c
        "for i in `seq 1 30`; do
          node main.js &&
          s=$$? && break || s=$$?;
          echo \"Tried $$i times. Waiting 5 secs...\";
          sleep 5;
        done; (exit $$s)"
    restart: unless-stopped
    volumes:
      - ./uploads:/app/uploads
    environment:
      - PORT=3000
      - ROOT_URL=https://dev.domainhere.info
      - MONGO_URL=mongodb://mongo:27017/rocketchat
      - MONGO_OPLOG_URL=mongodb://mongo:27017/local
      - REG_TOKEN=${REG_TOKEN}
      - Accounts_UseDNSDomainCheck=false
#       - MAIL_URL=smtp://smtp.email
#       - HTTP_PROXY=http://proxy.domain.com
#       - HTTPS_PROXY=http://proxy.domain.com
depends_on:
- mongo
ports:
- 3000:3000
labels:
- "traefik.backend=rocketchat"
- "traefik.frontend.rule=Host: your.domain.tld"

mongo:
image: mongo:4.0
restart: unless-stopped
volumes:
- ./data/db:/data/db
#- ./data/dump:/dump
command: mongod --smallfiles --oplogSize 128 --replSet rs0 --storageEngine=mmapv1
labels:
- "traefik.enable=false"

# this container's job is just run the command to initialize the replica set.
# it will run the command and remove himself (it will not stay running)
mongo-init-replica:
image: mongo:4.0
command: >
bash -c
"for i in `seq 1 30`; do
      mongo mongo/rocketchat --eval \"
        rs.initiate({
          _id: 'rs0',
          members: [ { _id: 0, host: 'localhost:27017' } ]})\" &&
      s=$$? && break || s=$$?;
      echo \"Tried $$i times. Waiting 5 secs...\";
      sleep 5;
    done; (exit $$s)"
depends_on:
- mongo

# hubot, the popular chatbot (add the bot user first and change the password before starting this image)
hubot:
image: rocketchat/hubot-rocketchat:latest
restart: unless-stopped
environment:
- ROCKETCHAT_URL=192.169.7.180:3000
- ROCKETCHAT_ROOM=GENERAL
- ROCKETCHAT_USER=crowncloud
- ROCKETCHAT_PASSWORD=crowncloud_password
- BOT_NAME=crowncloud
# you can add more scripts as you'd like here, they need to be installable by npm
- EXTERNAL_SCRIPTS=hubot-help,hubot-seen,hubot-links,hubot-diagnostics
depends_on:
- rocketchat
labels:
- "traefik.enable=false"
volumes:
- ./scripts:/home/hubot/scripts
# this is used to expose the hubot port for notifications on the host on port 3001, e.g. for hubot-jenkins-notifier
ports:
- 3002:8080

#CrownCloud

Now, type Ctrl+O and type Ctrl+X to save and exit the file.

Start the installation process using the below command:

docker-compose up -d

The installation process will start now. It may take 5-10 mins to complete.

If you have a registration token to automatically register the workspace you can provide it with:

REG_TOKEN={your token here} docker-compose up -d

Optionally, if you want a bot, so you don’t have to talk to yourself, after you’ve created an admin user and also a bot user, edit the file docker-compose.yml again to change the variables ROCKETCHAT_USER and ROCKETCHAT_PASSWORD in the hubot section and then start up hubot:

docker-compose up -d hubot

To update the rocketchat docker image to the latest version, you can use the following commands. Your data should not be affected by this, since it’s located in the mongo image.

docker pull registry.rocket.chat/rocketchat/rocket.chat:latest

docker-compose stop rocketchat

docker-compose rm rocketchat

docker-compose up -d rocketchat

Automatic Startup & Crash Recovery

Let’s enable automatic startup & crash recovery to Rocket.Chat, for that create below config files:

Create the upstart job for MongoDB

nano /etc/init/rocketchat_mongo.conf

Add the following configuration:

description "MongoDB service manager for rocketchat"

# Start MongoDB after docker is running
start on (started docker)
stop on runlevel [!2345]

# Automatically Respawn with finite limits
respawn
respawn limit 99 5

# Path to our app
chdir /var/www/rocket.chat

script
    # Showtime
    exec /usr/local/bin/docker-compose up mongo
end script

Now, type Ctrl+O and type Ctrl+X to save and exit the file.

Create the upstart job for Rocket.Chat

nano /etc/init/rocketchat_app.conf

Add the following configuration:

description "Rocketchat service manager"

# Start Rocketchat only after mongo job is running
start on (started rocketchat_mongo)
stop on runlevel [!2345]

# Automatically Respawn with finite limits
respawn
respawn limit 99 5

# Path to our app
chdir /var/www/rocket.chat

script
    # Bring up rocketchat app and hubot
    exec /usr/local/bin/docker-compose up rocketchat hubot
end script

Now, type Ctrl+O and type Ctrl+X to save and exit the file.

( Optional ) Registering & Configuring Hubot, the chat bot: Click Here

Accessing Rocket.Chat

Now open the IP address or Domain name from your browser, this will redirect you to the Rocket.Chat.

https://dev.domainhere.info

Replace the dev.domainhere.info with the actual IP or domain configured on the server.

Follow the below steps:

Now you have successfully installed Rocket.Chat with Docker on AlmaLinux 8.

(Visited 215 times, 1 visits today)