Rocket Chat, yes it's better than Teams.

Rocket Chat, yes it's better than Teams.

There are a fair few Rocket Chat blogs published over the last few weeks. So this post is going to show you how to install it and some cool things you can do with it.

Rocket.Chat - The Leading Communication Hub
Lead with a Communication Hub that allows total control of your data. All in one platform: team collaboration, omnichannel engagement, DevOps and ChatOps.

Before we start the question what is Rocket Chat?

If you have used Teams, Slack or another such communication's package over the last few years you'll be aware of this type of service which has Chat in groups or one on one, video and audo conferencing and works everywhere..

These applications are more than WhatsApp, Duo, iMessage in so much as they are designed for collaboration. For Teams/Groups of people.

Accessible via a web interface, desktop or mobile apps Rocket.Chat is well supported on whatever platform you choose to use it on.

It is also self hosted which is a plus as companies who make thier money by selling your data offer the above services becuase they want data from you. Being self hosted Rocket. Chat ensures you're in control of your own data.

How do you install it?

The quickest method of installation is using Docker

Docker Hub

First, start an instance of mongo and initiate replicaSet:

docker run --name db -d mongo:4.0 --smallfiles --replSet rs0 --oplogSize 128
docker exec -ti db mongo --eval "printjson(rs.initiate())"

Then install rocket chat

docker run --name rocketchat -p 80:3000 --link db --env ROOT_URL=http://localhost --env MONGO_OPLOG_URL=mongodb://db:27017/local -d rocket.chat

Then, access it via http://localhost in a browser. Replace localhost in ROOT_URL with your own domain name if you are hosting at your own domain.

Create your first (Admin) Account

When you access the server url for the first time, you'll be prompted to create the first account. This is the Admin account and I'd strongly suggest setting it up as an Admin account and not a user who will have admin access. You can give user accounts admin access later.

Once logged in you'll be taken to the standard "homepage" and are ready to start

How do you back it up?

Before you go any further, you'll notice that the docker images don't back up configs or anything to an external volume. All of the Rocket Chat data is held in the MongoDb container we created.

This will need backing up to do this i found a solution on StackOverview

Backup and restore Rocket.chat on docker with mongodb
I use this docker image : https://hub.docker.com/_/rocket.chat/ So here is the code i used : docker run --name db -d mongo:3.0 --smallfilesdocker run --name rocketchat --link db -d rocket.chat I

I have tested this by backing up, tearing down my whole server, rebuilding it on a different docker server and restoring the data and everything worked fine.

as root
mkdir /backups
cd /backups
docker run -it --rm --link db -v /backups:/backups mongo:4.0 mongodump -h db -o /backups/mongoBACKUP
tar czf mongoBACKUP.tar.gz mongoBACKUP/

This will create a backup file called mongoBACKUP.tar.gz

The restore is as simple as.

docker run --name db -d mongo:4.0 --smallfiles
cd /backups
tar xzf mongoBACKUP.tar.gz
docker run -it --rm --name mongorestore -v /backups/mongoBACKUP:/var/dump --link db:db mongo mongorestore --host db /var/dump
docker run --name rocketchat -p 80:3000 --link db --env ROOT_URL=http://localhost --env MONGO_OPLOG_URL=mongodb://db:27017/local -d rocket.chat

The backup portion of this can be run as a crontab job with a simple script.

Make it public

If you have a public IP address then making this public can be done using Nginx as a reverse proxy. This example uses chat.server.com as my public IP

Getting your external IP talking to your Nginx server is out of the scope of this blog post.
I'll be honest, this is a very high level section, doing this generally is a blog post of its own. You may need to google a bit for this bit to work on your system. I've made an assumption that you are already using Nginx and that you have ports 80/443 TCP available between your outside router and server.

As an example using nginx we can create a conf file

sudo nano /etc/nginx/sites-available/chat.server.com.conf

With the following to listen on port 80

server {

server_name chat.server.com;


    location / {
                 proxy_pass http://192.168.0.10/;
                 proxy_http_version 1.1;
                 proxy_set_header Upgrade $http_upgrade;
                 proxy_set_header Connection "upgrade";
                 proxy_set_header Host $http_host;
                 proxy_set_header X-Real-IP $remote_addr;
                 proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
                 proxy_set_header X-Forward-Proto http;
                 proxy_set_header X-Nginx-Proxy true;
                 proxy_redirect off;
               }

client_max_body_size 50m;


listen 80;


}

Link this to sites enabled

sudo ln -s /etc/nginx/sites-available/chat.server.com.conf /etc/nginx/sites-enabled/chat.server.com.conf

Test the config

sudo nginx -t

Fix any issues, once the test is successful restart nginx

sudo systemctl restart nginx

Test the access over port 80.

The next step is to add a LetsEncrypt Cert and have the external site more secure.

From the server you run nginx on install certbot

Certbot - All Instructions
Automatically enable HTTPS on your website with EFF’s Certbot, deploying Let’s Encrypt certificates.

Run certbox on the Neginx server

sudo certbot --nginx -d chat.safewebbox.com

Answer the questions, and accept the redirect from http to https

This will generate a certificate and change the nginx config created earlier to look like this

server {

    server_name chat.server.com;


        location / {
                     proxy_pass http://192.168.0.10/;
                     proxy_http_version 1.1;
                     proxy_set_header Upgrade $http_upgrade;
                     proxy_set_header Connection "upgrade";
                     proxy_set_header Host $http_host;
                     proxy_set_header X-Real-IP $remote_addr;
                     proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
                     proxy_set_header X-Forward-Proto http;
                     proxy_set_header X-Nginx-Proxy true;
                     proxy_redirect off;
                   }

client_max_body_size 50m;


listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/chat.server.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/chat.server.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}



server {
    if ($host = chat.server.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot



server_name chat.server.com;
    listen 80;
return 404; # managed by Certbot
}

Certbot restarts Nginx so as long as port 443 is open on your router setup the url

https://chat.server.com 

Should work publically

Connect to rocket.cloud

Rocket.Chat Cloud Connect allows you to connect your self-hosted Rocket.Chat Workspace to services we provide in our Cloud.
Services like:
  • Mobile push notifications gateway
  • Livechat omnichannel proxy
  • OAuth proxy for social network
  • Apps Marketplace
In addition you will be able to manage licenses, billing and support from the Rocket.Chat Cloud Console.

The fresh install will prompt you to link to the Rocket Chat Cloud. this is to provide access to things like Workspaces and mobile notifications. Doing this is up to you. This is managed under Administration -> Connectivity Services

Connect to a mail server

Setting up a connection to mail server helps with registration and getting messages out to users.

Head to Administration -> Email -> SMTP

Complete the form with the information for your mail service (I've tested gmail, office365 SMTP servers and they work well)

Adding Users

Out of the box the login page has a Register New Account option

Clicking on this provides a Register A New Account page

This means that anyone who has access to the server from the internet can register to join your chat server.

you may want this? You however may now and want to restrict the users who can access your server

One method of doing this is setting a secret registration URL

Using an administrator account head to Administration -> Accounts

Scroll down this page and find Registration form

Choose Secret URL from the dropdown form and provide a random string (no symbols) under Registration Form Secret URL

This then provides using our example above a url of

https://chat.server.com/register/dmdjksklls0dkdkdi

Which you can provide people to gain access to your server.

Its also possible instead of having a registration line to change the Registration form Link Replacement Text to something informative.

When users login they will be sent a mail to confirm the mail account they use with a link to login.

Other Authentication methods

Being a well thought application however registration is not limited to this method and from an enterprise perspective its possible to link Rocket chat to SSO options, Google Workspace OAuth, Active Directory and the like.

If you want to turn off Registration, under Administraton -> Users it is possible to click on Invite to invite new users directly.

Creating Channels

Channels are chat rooms which you can setup to be private, public or associated with content (i'll explain more below on that last one)

Anyone can create a channel and add whomever they want, be the owner, moderator or user of a channel.

There is a good explaination here of Rocket Chat Channels

Rocket.Chat Documentation - Channels
Rocket.Chat user, admin, API, integration, plugin and contributing documentation.

Video Calls

Under Administraton - Video Conferencing there is the out of the box option to connect Rocket Chat to either BigBlueButton or Jitsi Meet.

BigBlueButton needs you to self host the system to integrate it into RocketChat (something well worth doing, its a great system for hosting meetings)

Jitsi Meet however

Out of the box Jitsi Meet supports the public meet.jit.si server which means from Mobile App, webpage or however you consume Rocket Chat, you can click on the phone button and start a call with an individual, channel or all users..

Its possible to host Jitsi Meet yourself, just like Rocket chat so you could host your own Jitsi Server as well..

Testing the public Jitsi servers through rocket chat it works well over 4G and over a VPN too.. little delay.

Extending Functionality

Out of the box (so to speak) Rocket chat is simple to get working, its built secure, getting some features to enhance that security is easy and it offers a far simpler setup experience to some other similar setups i've used in the past.

There are a few things i've been experimenting with which extend this functionality its worth sharing.

Zapier | The easiest way to automate your work

Zapier is a service designed to take the output from one service and do something with it at another service. IFTTT is another similar service.

Zapier has Rocket Chat functionality built in as well as a LOT of other services

So lets take a couple of Examples

I'd like the Daily comics i find amusing to show up in a channel on Rocket Chat

I know my source is

Comics RSS

In the Zapier interface I create a link between RSS and Rocket Chat

Under RSS choose multiple feeds

Add the Comic book RSS feeds you'd like to see and leave the recommeneded "what triggers the new feed item"

Zapier will test the items then we move over to the Rocket Chat side

Rocket chat is linked to your server, and the proposed outcome of Sending a Channel Message

Then the Message is formatted and the Channel chosen

This is tested in Zapier and let free..

The result is Daily comics being pushed straight into a rocket Chat Channel

The resulting Zap is shared here.

RSS by Zapier → Rocket.Chat
Anytime a multi feed is created in RSS by Zapier, send channel message in Rocket.Chat.

I've setup Zaps to also do Tech news rss feeds and linked Ghost CMS and Red Chat so each time i push a new blog post it shows up in Rocket Chat.

Market Place

Earlier in this post I covered linking your standalone Rocket Chat with the Rocket Chat Cloud, one of the reasons to do this is access to the MarketPlace.

These addons are controlled by Rocket chat and add functionality, there are (at time of writing) a lot of Atlassian plugins and Dev focussed addons here. The one which is useful is the Giphy plugin

This does what it says on the tin, and enables Meme Gifs from the Desktop or Mobile chats.

OmniChannel

Omnichannel Customer Engagement - Rocket.Chat
Omnichannel Customer Engagement: Let customers and partners talk to your team on the channel they prefer: website, email, SMS, social networks with chatbots.

This is an interesting bit of fuctionality which pulls chat feeds from places like Facebook Chat, Slack etc and provides your team with a single point or reply. So instead of needing to have an eye on each of the various chat apps, they have a single pane of glass available to watch instead.

What are the alternatives?

I've setup a couple of servers over the last year looking at solving the "Something better than teams" problem and now Slack is a Salesforce property its possible that they could go to the darkside too.

I found Mattermost to be very functional but it needs a bit more in the back end to get it running.

Setting up a locked down Mattermost Server
The following instructions will take you through installing a locked down,docker driven Mattermost server which uses AD Authentication and denies loggedon AD users access to peer to peer or group chats. So all chat is visible to allusers. Why bother? This was a personal requirement to have the …

Matrix/Riot (now Element.io) is another setup which gets mentioned a lot and again out of the box at the time i tried it it was far less intuative to set this up than Rocket chat has been.

Using a Homelab Riot.IM/Matrix server with WhatsApp
I’ve previously written a post on getting riot and matrix working on a homelabenvironment. The point of the post was a starting ground for creating a centralhub for bringing in the different chat apps into a single interface. Previous PostSelf Hosting your own Riot.im server using DockerIntrodu…

Is it secure?

You'd be hard pressed to release such software these days and not have security be the top priority.

Secure Communication With Rocket.Chat
Rocket.Chat keeps your data secure and private in SaaS or Self Managed installs. Compliant with global standards: GDPR, HIPAA, CCPA.

There is the sites own web page which covers the thoughts they have with security and  There is a good explaintaion in the Docs section on reporting bugs and security issues

Security

There is (at time of writing) a beta End to End (E2E) Encryption offering where each persons chats are further encrypted with an individual key. I'll be honest i found this not to work when I tested it on my Chromebook using the web interface, save the encryption key, and then tried over the Android app. The key wasn't recognised.

End to End Encryption Guide

Final Thoughts

What can i say about this software?

I prefer it to Slack and Teams, I like that it uses Jitsi Meet for conferencing, as i've personally found Jitsi to be far better than anythin else i've used and seems from the reading to be more secure as well.

I like that its eacy to setup, its seems light on the server as well and it was qucik to get 20 or so users onboarded and using.

I think there is scope for further enhancements by which i mean little things, a few papercuts nothing show stopping.

So far this is the best option i've used.


Share Tweet Send
0 Comments
Loading...