Rocket.Chat: Difference between revisions

From Bitpost wiki
(15 intermediate revisions by the same user not shown)
Line 13: Line 13:
* To update:
* To update:
  ssh jaws
  ssh jaws
  sudo apt snap refresh
  cd ~/apps/Rocket.Chat.github-source
  sudo service snap.rocketchat-server.rocketchat-server restart
  sudo service rocketchat stop
This supposedly happens "automagically"...? Also, snap updates lag behind release updates. Whatevs.
git pull
  meteor npm install
  sudo service rocketchat start


=== Server installation ===
=== Server installation ===
* Install.
Snap install is a clusterfuck of imperfection... DO NOT SEEK THE TREASURE!
What a clusterfuck of imperfect options...
 
Snaps are probably the best bet, but out of the gate you will be set to a fucking ANCIENT channel! Set to the more recent 3.x/stable channel and you should be OK for getting ~monthly stable updates.  See [https://forums.rocket.chat/t/introducing-snap-tracks/5890 this tracks announcement].
sudo snap install rocketchat-server
sudo snap info rocketchat-server
GOD DAMN IT, v2.4?  REALLY?  KEEP GOING...
sudo snap switch rocketchat-server --channel=3.x/stable
# not needed: sudo snap refresh rocketchat-server
IT'S STILL FUCKED.  After the switch/update, fuckgin stpiud ubutni apparmour gets in the way once again.  FUCK OFF UBUNTUT.  [https://github.com/RocketChat/Rocket.Chat/issues/14562#issuecomment-498321790 Go here] to fix:
 
# So I have a workaround for this:
sudo emacs /var/lib/snapd/apparmor/profiles/snap.rocketchat-server.rocketchat-mongo
go to the "Miscellaneous accesses" line
# Add in the following two lines:
@{PROC}/@{pid}/net/snmp r,
@{PROC}/@{pid}/net/netstat r,
# Then reload the profile
sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap.rocketchat-server.rocketchat-mongo


* From source, never succeeded at this...
==== From source ====
The source install was full of problems building node-gyp due to c++14 requirements, node-sass and other packages being stale, etc.etc....
  sudo apt-get install -y git build-essential mongodb nodejs graphicsmagick
  sudo apt-get install -y git build-essential mongodb nodejs graphicsmagick
  cd ~/apps
  cd ~/apps
Line 49: Line 30:
  meteor npm install
  meteor npm install
  meteor npm start
  meteor npm start
Make sure that gets going.  Once it does, there are two more optional steps.


===== Install system mongo =====
If you want to use a full system mongo installation instead of the dummy one that comes embedded in meteor, you'll need to tell meteor how to find it.  It should be configured as a replicaset (even though it's one node):
# install system mongo
# use a startup script like this:
  cd ~/apps/Rocket.Chat.github-source
  MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=rs01 MONGO_OPLOG_URL=mongodb://localhost:27017/local?replicaSet=rs01 ROOT_URL=http://localhost:3000/ PORT=3000 meteor npm start
===== Set up a systemd service =====
# Uninstall snap if needed
sudo snap remove rocketchat-server
* Create a service file in your config folder, and stow it into /etc/systemd/system.  jaws example:
💉 m@jaws  [~] cat config/etc/systemd/system/rocketchat.service
[Unit]
Description=Jaws rocketchat server
After=network.target
[Service]
WorkingDirectory=/home/m/apps/Rocket.Chat.github-source
Environment=MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=rs01
Environment=MONGO_OPLOG_URL=mongodb://localhost:27017/local?replicaSet=rs01
Environment=ROOT_URL=http://localhost:3000/
Environment=PORT=3000
User=m
Type=simple
ExecStart=meteor npm start
[Install]
WantedBy=multi-user.target
* Install it
sudo systemctl daemon-reload
sudo systemctl start rocketchat
# Give it a GOOD 5 MINUTES to start up, sigh... once it does:
sudo systemctl enable rocketchat
==== Now FINISH UP ====
* Browse to admin panel at http://yourserver:3000
* Browse to admin panel at http://yourserver:3000
* Register with rocket.chat (I think you have to to get mobile updates???)
* Register with rocket.chat (I think you have to to get mobile updates???)
Line 79: Line 97:
Holy hell, it worked!
Holy hell, it worked!


==== Move from snap to source ====
==== SMTP ====
  💉 m@jaws  [~] sudo service snap.rocketchat-server.rocketchat-server stop
* Create a google APP password
  sudo service snap.rocketchat-server.rocketchat-mongo status|grep Active
  google > account > create App password > Mail/custom > jaws.bitpost.com > put pw in private
   Active
* Set up Admin > Email > SMTP settings to allow outbound email
  sudo snap run rocketchat-server.backupdb
  protocol: smtps
  [*] Creating backup file...
host: smtp.gmail.com
  [+] A backup of your data can be found at /var/snap/rocketchat-server/common/backup/rocketchat_backup_20210530.2327.tar.gz
port: [] (default)
[ ] Ignore TLS
[X] Pool
username: thedigitalmachine
password: (see private)
from email: m@bitpost.com
 
==== 2fa hell ====
If 2fa is on and SMTP doesn't work for any reason, it can really fuck you trying to get any settings changed to fix the problem. Catch-22 loop of hell.
 
I tried adding some bullshit hack ENV vars to the rocketchat service with no luck:
 
  sudo service rocketchat stop
emacs ~/config/etc/systemd/system/rocketchat.service
   Environment=SHA_256_HASH_OF_API_USER_PASSWORD=047c5647b586286f839377306252cf99e7f1bbddb93c2f84a6a7377ef2dd6122
  Environment=Accounts_TwoFactorAuthentication_Enforce_Password_Fallback=false
  sudo systemctl daemon-reload
sudo service rocketchat start
 
Didn't seem to do shit.
 
Try turning 2fa settings off via shell... THIS DID IT.
ssh jaws
mongo
use rocketchat
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_Enabled"},{$set:{"packageValue":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_Enabled"},{$set:{"value":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_By_Email_Enabled"},{$set:{"packageValue":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_By_Email_Enabled"},{$set:{"value":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_Enforce_Password_Fallback"},{$set:{"packageValue":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_Enforce_Password_Fallback"},{$set:{"value":false}});
Then I could go in and manage my SMPT settings and get them working. Whew. I'm not turning 2fa back on for now, fuck that hardship.

Revision as of 02:06, 4 August 2021

Server is running, ask Mikey to get you registered at the "secret" registration url.

Clients

The Linux and android clients are tested and working out of the box. How nice.

Docs

Server maintenance

  • To update:
ssh jaws
cd ~/apps/Rocket.Chat.github-source
sudo service rocketchat stop
git pull
meteor npm install
sudo service rocketchat start

Server installation

Snap install is a clusterfuck of imperfection... DO NOT SEEK THE TREASURE!

From source

sudo apt-get install -y git build-essential mongodb nodejs graphicsmagick
cd ~/apps
git clone https://github.com/RocketChat/Rocket.Chat.git
cd Rocket.Chat
curl https://install.meteor.com/ | sh
meteor npm install
meteor npm start

Make sure that gets going. Once it does, there are two more optional steps.

Install system mongo

If you want to use a full system mongo installation instead of the dummy one that comes embedded in meteor, you'll need to tell meteor how to find it. It should be configured as a replicaset (even though it's one node):

# install system mongo
# use a startup script like this:
 cd ~/apps/Rocket.Chat.github-source
 MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=rs01 MONGO_OPLOG_URL=mongodb://localhost:27017/local?replicaSet=rs01 ROOT_URL=http://localhost:3000/ PORT=3000 meteor npm start
Set up a systemd service
# Uninstall snap if needed
sudo snap remove rocketchat-server
  • Create a service file in your config folder, and stow it into /etc/systemd/system. jaws example:
💉 m@jaws  [~] cat config/etc/systemd/system/rocketchat.service 
[Unit]
Description=Jaws rocketchat server
After=network.target
[Service]
WorkingDirectory=/home/m/apps/Rocket.Chat.github-source
Environment=MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=rs01
Environment=MONGO_OPLOG_URL=mongodb://localhost:27017/local?replicaSet=rs01
Environment=ROOT_URL=http://localhost:3000/
Environment=PORT=3000
User=m
Type=simple
ExecStart=meteor npm start
[Install]
WantedBy=multi-user.target
  • Install it
sudo systemctl daemon-reload
sudo systemctl start rocketchat
# Give it a GOOD 5 MINUTES to start up, sigh... once it does:
sudo systemctl enable rocketchat

Now FINISH UP

  • Browse to admin panel at http://yourserver:3000
  • Register with rocket.chat (I think you have to to get mobile updates???)
  • Set up an admin account
  • Update haproxy and certbot to support a subdomain that is publicly available

Configuration

Once you log in as admin, you get a SHITTON of settings to manage. Important ones:

  • Admin > Settings > search > site > CHANGE THE SITE from http://localhost to your FQDN!
  • I updated my admin layout Content. It includes Home page text, TOS etc.
  • Admin > Accounts > Registration > Manually Approve New Users
  • Admin > Accounts > Registration > Registration Form > Secret URL (URL will be /register/(secret)/ )
  • Admin > Layout > User Interface > Allow Special Characters in Room Names > Toggle ON
  • Admin > Search > Default Provider > Global Search ON (to add a toggleable global search option)
  • Admin > Video Conference > Jitsu > Enable (NOTE desktop app doesn't find my camera, but chrome does)
  • Should I? Admin > Accounts > Registration > Use DNS Domain Check

Enable mobile push

This is not as simple as it should be...

  • Admin > Setup Wizard > Cloud Info > Cloud Service Agree Privacy > Toggle ON

YOU MUST restart server for setting to be applied! This apparently sets:

Admin > Settings > Push > Production read-only toggle ON

This is necessary for mobile chat notifications to work!

  • Register for cloud services
  • When creating an account, I did NOT get email confirmation. I had to use "Forgot password" to reset and get access.
  • Click Register Self-managed, and get the token.
  • Admin > Connectivity Services > Register > paste the token
  • Admin > Connectivity Services > Login to Rocket.Chat Cloud
  • Admin > Settings > Push > Send a test push

Holy hell, it worked!

SMTP

  • Create a google APP password
google > account > create App password > Mail/custom > jaws.bitpost.com > put pw in private
  • Set up Admin > Email > SMTP settings to allow outbound email
protocol: smtps
host: smtp.gmail.com
port: [] (default)
[ ] Ignore TLS
[X] Pool
username: thedigitalmachine
password: (see private)
from email: m@bitpost.com

2fa hell

If 2fa is on and SMTP doesn't work for any reason, it can really fuck you trying to get any settings changed to fix the problem. Catch-22 loop of hell.

I tried adding some bullshit hack ENV vars to the rocketchat service with no luck:

sudo service rocketchat stop
emacs ~/config/etc/systemd/system/rocketchat.service 
 Environment=SHA_256_HASH_OF_API_USER_PASSWORD=047c5647b586286f839377306252cf99e7f1bbddb93c2f84a6a7377ef2dd6122
 Environment=Accounts_TwoFactorAuthentication_Enforce_Password_Fallback=false
sudo systemctl daemon-reload
sudo service rocketchat start

Didn't seem to do shit.

Try turning 2fa settings off via shell... THIS DID IT.

ssh jaws
mongo
use rocketchat
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_Enabled"},{$set:{"packageValue":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_Enabled"},{$set:{"value":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_By_Email_Enabled"},{$set:{"packageValue":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_By_Email_Enabled"},{$set:{"value":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_Enforce_Password_Fallback"},{$set:{"packageValue":false}});
db.rocketchat_settings.update({"_id":"Accounts_TwoFactorAuthentication_Enforce_Password_Fallback"},{$set:{"value":false}});

Then I could go in and manage my SMPT settings and get them working. Whew. I'm not turning 2fa back on for now, fuck that hardship.