Rocket.Chat是一个完整的团队沟通平台,是一个自我托管的Slack替代品。它由Meteor构建,提供各种功能,包括帮助台聊天,视频会议,文件共享,语音消息,API等。
在本教程中,我们将向您展示如何在使用Nginx SSL反向代理在CentOS 7服务器上部署Rocket.Chat。
需要准备的
1.CentOS 7 至少1G内存
2.使用root 或 sudo (本教程命令在root用户下允许,不是root的自己在前面加上sudo)
3.需要一个域名
4.SSL证书
安装基础环境
yum install epel-release curl GraphicsMagick gcc-c++ yum install nodejs npm nginx #安装Node.js npm install -g inherits n n 8.11.3
MongoDB是一个面向NoSQL文档的数据库,Rocket.Chat 建议使用 MongoDB 3.6。
我们使用yum 安装官方MongoDB存储库。
vim /etc/yum.repos.d/mongodb-org.repo #把下面的复制进去 [mongodb-org-3.6] name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.6/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-3.6.asc
保存使用 :wq
安装完之后设置开机启动
yum install mongodb-org systemctl start mongod systemctl enable mongod
创建新用户
创建一个新用户和组,使用rocket 运行 Rocket.Chat。
useradd -m -U -r -d /opt/rocket rocket
把 nginx用户添加到新用户组并更改/opt/rocket目录权限,以便Nginx可以访问它:
usermod -a -G rocket nginx chmod 750 /opt/rocket
安装Rocket.Chat
#切换到rocket 用户 su - rocket #下载最新稳定版的Rocket.Chat curl -L https://releases.rocket.chat/latest/download -o rocket.chat.tgz #解压并重名文件夹 tar zxf rocket.chat.tgz mv bundle Rocket.Chat #切换到Rocket.Chat/programs/server目录并安装所有必需的npm包 cd Rocket.Chat/programs/server npm install
在创建系统服务和使用Nginx反代之前,最好先测试安装是否成功。
首先要设置所需的环境变量
export PORT=3000 export ROOT_URL=http://example.com:3000/ export MONGO_URL=mongodb://localhost:27017/rocketchat
接下来,返回Rocket.Chat 目录并启动Rocket.Chat服务器
cd ../../ node main.js
如果没有错误,应该看到以下输出
➔ +---------------------------------------------+ ➔ | SERVER RUNNING | ➔ +---------------------------------------------+ ➔ | | ➔ | Rocket.Chat Version: 0.71.1 | ➔ | NodeJS Version: 8.11.3 - x64 | ➔ | Platform: linux | ➔ | Process Port: 3000 | ➔ | Site URL: http://0.0.0.0:3000/ | ➔ | ReplicaSet OpLog: Disabled | ➔ | Commit Hash: e73dc78ffd | ➔ | Commit Branch: HEAD | ➔ | | ➔ +---------------------------------------------+
此时,Rocket.Chat 已经安装在CentOS 7机器上。按下CTRL+C 停止Rocket.Chat服务器.
创建系统服务
vim /etc/systemd/system/rocketchat.service #把下面的复制进去 [Unit] Description=Rocket.Chat server After=network.target nss-lookup.target mongod.target [Service] StandardOutput=syslog StandardError=syslog SyslogIdentifier=rocketchat User=rocket Environment=MONGO_URL=mongodb://localhost:27017/rocketchat ROOT_URL=http://example.com:3000/ PORT=3000 ExecStart=/usr/local/bin/node /opt/rocket/Rocket.Chat/main.js [Install] WantedBy=multi-user.target
刷新系统服务,并启动Rocket.Chat
systemctl daemon-reload systemctl start rocketchat
检查是否启动成功
systemctl status rocketchat ● rocketchat.service - Rocket.Chat server Loaded: loaded (/etc/systemd/system/rocketchat.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2018-04-10 20:30:56 UTC; 8s ago Main PID: 32356 (node) CGroup: /system.slice/rocketchat.service └─32356 /usr/local/bin/node /opt/rocket/Rocket.Chat/main.js
如果没有错误, 可以设置开机自动启动
systemctl enable rocketchat
使用Nginx设置反向代理
vim /etc/nginx/conf.d/rocket.chat.conf upstream rocketchat_backend { server 127.0.0.1:3000; } server { listen 80; server_name example.com www.example.com; return 301 https://example.com$request_uri; } server { listen 443 ssl http2; server_name example.com; ssl_certificate /SSL/example.com.crt; ssl_certificate_key /SSL/example.com.key; #ssl_trusted_certificate /SSL/example.com.pfx; #ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; ssl_prefer_server_ciphers on; ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 30s; add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload"; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; access_log /var/log/nginx/example.com-access.log; error_log /var/log/nginx/example.com-error.log; location / { proxy_pass http://rocketchat_backend; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forward-For $proxy_add_x_forwarded_for; proxy_set_header X-Forward-Proto http; proxy_set_header X-Nginx-Proxy true; proxy_redirect off; } }
重新加载Nginx服务以使更改生效
systemctl reload nginx
配置Rocket.Chat
打开浏览器并输入: http://chat.example.com
假设安装成功,您将看到Rocket.Chat安装向导,它将指导您设置第一个管理员用户,配置账号信息.
配置完之后即可进入Rocket.Chat.
您现在可以开始使用Rocket.Chat与您的团队协作,共享文件和实时聊天。
How to deploy Rocket.Chat on CentOS 7
Secure Nginx with Let's Encrypt on CentOS 7 (配置SSL)