预安装所需的软件包
安装EPEL储存库
yum -y install epel-release
yum clean all
yum -y update
安装MongoDB
cat < /etc/yum.repos.d/mongodb.repo
[mongodb]
name=MongoDB Repository
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
gpgcheck=0
enabled=1
EOF
yum -y install mongodb-org-server mongodb-org
systemctl enable mongod
systemctl start mongod
安装必要的软件包
yum install -y nodejs curl GraphicsMagick npm gcc-c++ nginx
Nginx设置
聊天本身在回送接口127.0.0.1的端口3000上运行。我们建议使用nginx设置捆绑软件。
创建自签名证书
mkdir /etc/nginx/cert
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 \
-keyout /etc/nginx/cert/rocket.key -out /etc/nginx/cert/rocket.crt \
-subj ‘/C=RU/ST=Moscow/L=Moscow/CN=server.local’
主要的Nginx配置文件
cat << EOF > /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main ‘\$remote_addr – \$remote_user [\$time_local] “\$request” ‘
‘\$status $body_bytes_sent “\$http_referer” ‘
‘”\$http_user_agent” “\$http_x_forwarded_for”‘;
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
include /etc/nginx/conf.d/rocket.conf;
}
EOF
服务器文件
cat << EOF > /etc/nginx/conf.d/rocket.conf
upstream rocketbackend {
server 127.0.0.1:3000;
}
server {
listen 80 default;
server_name server.local ;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default;
server_name server.local ;
ssl on;
ssl_certificate /etc/nginx/cert/rocket.crt;
ssl_certificate_key /etc/nginx/cert/rocket.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://rocketbackend/;
proxy_http_version 1.1;
proxy_set_header Connection “upgrade”;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
EOF
配置Nginx守护程序
systemctl enable nginx
systemctl start nginx
安装Rocket.Chat
cd /opt
curl -L https://releases.rocket.chat/latest/download -o rocket.chat.tgz
tar zxvf rocket.chat.tgz
mv bundle Rocket.Chat
cd Rocket.Chat/programs/server
npm install
cd ../..
首次推出Rocket.Chat
export ROOT_URL=http://server.local/
export MONGO_URL=mongodb://127.0.0.1:27017/rocketchat
export PORT=3000
export ADMIN_USERNAME=admin
export ADMIN_PASS=PASSWORD
export ADMIN_EMAIL=EMAIL
其中:
密码-管理员密码
EMAIL-有效的邮寄地址
1个
node main.js
守护程序设置
cat << EOF > /usr/lib/systemd/system/rocketchat.service
[Unit]
Description=The Rocket.Chat server
After=network.target remote-fs.target nss-lookup.target nginx.target mongod.target
[Service]
ExecStart=/usr/local/bin/node /opt/Rocket.Chat/main.js
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=rocketchat
User=root
Environment=MONGO_URL=mongodb://127.0.0.1:27017/rocketchat ROOT_URL=https://server.local/ PORT=3000
[Install]
WantedBy=multi-user.target
EOF
启动Rocket.Chat
systemctl enable rocketchat
systemctl start rocketchat
防火墙设定
firewall-offline-cmd –zone=public –add-service=http
firewall-offline-cmd –zone=public –add-service=https
firewall-offline-cmd –zone=public –add-service=ssh
firewall-offline-cmd –zone=public –add-port=3000/tcp