How to deploy Rocket.Chat on AWS – Part II

By
Giuseppe Molica
Rocket.Chat on AWS

Introduction

This is the second part of the tutorial on how to deploy Rocket.Chat on AWS (Amazon Web Services). In part one we saw how to configure an instance, get a SSL certificate and configure Route 53. Now, it’s time to set up NGINX, Docker and finally Rocket.Chat.

Install and configure NGINX

On the EC2 instance, install NGINX, which is available in the Ubuntu repositories:

# apt install nginx

Then configure it. To do this, first make a backup of the default configuration files:

# cd /etc/nginx/sites-available
# mv default default.backup

Next, create a new one:

# $EDITOR /etc/nginx/sites-available/default

In that, paste the following content:



server {

   listen 443 ssl;

   <strong>server_name mydomain.com;</strong>

<strong>   ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;

   ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;

</strong>   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

   ssl_prefer_server_ciphers on;

   ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

   root /usr/share/nginx/html;

   index index.html index.htm;

   # Make site accessible from http://localhost/

   server_name localhost;

   location / {

     proxy_pass http://localhost:3000/;

     proxy_http_version 1.1;

     proxy_set_header Upgrade $http_upgrade;

     proxy_set_header Connection "upgrade";

     proxy_set_header Host $http_host;

     proxy_set_header X-Real-IP $remote_addr;

     proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;

     proxy_set_header X-Forward-Proto http;

     proxy_set_header X-Nginx-Proxy true;

     proxy_redirect off;

   }

 }

 server {

   listen 80;

   <strong>server_name mydomain.com;

</strong>   return 301 https://$host$request_uri;

 }

This removes the listening on port 80, and the traffic is redirected on port 443, with SSL offering a secure connection. Lines 4 and 5 are the paths to the certificate and certificate key generated in the previous part of this tutorial.

In the 

 location

 section,  NGINX is configured as reverse proxy to forward to port 3000, which is the one used by Rocket.Chat.

Save, exit and stop NGINX:

# service nginx stop

Test NGINX with:

# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok 
nginx: configuration file /etc/nginx/nginx.conf test is successful

Now it’s time to start the web server:

# service nginx start

Go with a web browser to mydomain.com. A page displaying a 502 Bad Gateway will appear, this is ok! The important part is to check in the address bar if there is a lock, which means that the connection is correctly secured by Let’s Encrypt Authority X1. The certificate will expire in 90 days, so remember to renew it.

Install Docker

On the instance, install Docker and its dependencies by executing the following command:

# sudo wget -qO- https://get.docker.com/ | sh

Next, to use Docker as the non-root user, add the ubuntu user to the docker group:

# usermod -aG docker ubuntu

Next, install Docker Compose:

# curl -L https://github.com/docker/compose/releases/download/1.4.2/docker-compose-Linux-x86_64 > /usr/local/bin/docker-compose
# chmod +x /usr/local/bin/docker-compose

Set up containers

First of all, create the following directories:

# mkdir -p /var/www/rocket.chat/data/runtime/db
# mkdir -p /var/www/rocket.chat/data/dump

Next, create a new compose configuration file:

# $EDITOR /var/www/rocket.chat/docker-compose.yml

In that file, paste the following content:



db:

  image: mongo:3.0

  volumes:

    - ./data/runtime/db:/data/db

    - ./data/dump:/dump

  command: mongod --smallfiles



rocketchat:

  image: rocketchat/rocket.chat:latest

  environment:

    - MONGO_URL=mongodb://db:27017/rocketchat

    - <strong>ROOT_URL=https://mydomain.com</strong>

  links:

    - db:db

  ports:

    - 3000:3000

Configure Upstart

Let’s use Upstart to manage MongoDB and Rocket.Chat start and restart services. Create a new file for MongoDB:

# $EDITOR /etc/init/rocket_chat_mongo.conf

In it, paste:



description "MongoDB service for Rocket.Chat"



# Start MongoDB after docker is running

start on (started docker)

stop on runlevel [!2345]



# Automatically Respawn with finite limits

respawn

respawn limit 99 5



# Path to our app

chdir /var/www/rocket.chat



script

   # Showtime

   exec /usr/local/bin/docker-compose up db

end script

Save, exit, and make the same for Rocket.Chat:

# $EDITOR /etc/init/rocket_chat.conf

Pasting there:



description "Rocket.Chat service manager"



# Start Rocket.Chat only after mongo job is running

start on (started rocketchat_mongo)

stop on runlevel [!2345]



# Automatically Respawn with finite limits

respawn

respawn limit 99 5



# Path to our app

<strong>chdir /var/www/rocket.chat</strong>



script

   # Bring up Rocket.Chat app

   exec /usr/local/bin/docker-compose up rocketchat

end script

Save and exit.

Conclusion

Restart the server; after the new logging in. Docker should download and set up images. After a few minutes, these can be seen with the following command:

# docker ps -a

Or, looking at the Upstart jobs log files:

# cat /var/log/upstart/rocket_chat_mongo.log
# cat /var/log/upstart/rocket_chat.log

From here you can use any web browser to go to mydomain.com, create a new admin user and start using Rocket.Chat.