centos7下部署rocketchat软件

在使用 RocketChat 之前，公司内部一直使用微信和 QQ 进行沟通和交流，安全性，开放性，易用性都不足。 RocketChat 的出现，提供了 Slack 的基础功能、开放的 API、与 GitLab 的良好集成，我们可以自己部署，作为内部聊天软件，保证公司业务安全性与易用性。

1.添加epel扩展源。

rpm -Uvh http://download.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

2.安装mongdb

vim /etc/yum.repos.d/mongodb-org.repo[mongodb-org-3.4]name=MongoDB Repositorybaseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.4/x86_64/gpgcheck=1enabled=1gpgkey=https://www.mongodb.org/static/pgp/server-3.4.asc

yum -y install mongodb-orgsystemctl start mongodsystemctl enable mongod

3.安装node.js

wget https://nodejs.org/dist/v0.10.40/node-v0.10.40-linux-x64.tar.gzsudo tar -C /usr/local --strip-components 1 -zxvf node-v0.10.40-linux-x64.tar.gzyum -y install nodejs npmnpm install -g inherits nn 4.5yum -y install curl GraphicsMagick gcc-c++

4.安装rocketchat

cd /optcurl -L https://rocket.chat/releases/latest/download -o rocket.chat.tgztar zxvf rocket.chat.tgzmv bundle Rocket.Chatcd Rocket.Chat/programs/server npm installcd /opt/Rocket.Chatexport ROOT_URL=https://your-domain.com/export MONGO_URL=mongodb://localhost:27017/rocketchatexport PORT=3000node main.js（需要什么可以通过 npm install ***）

5.配置开机自启动

[Unit]Description=The Rocket.Chat serverAfter=network.target remote-fs.target nss-lookup.target mongod.target[Service]Type=simpleExecStart=/usr/local/bin/node /opt/Rocket.Chat/main.jsRestart=alwaysStandardOutput=syslogStandardError=syslogSyslogIdentifier=rocketchatUser=rootEnvironment=MONGO_URL=mongodb://localhost:27017/rocketchat ROOT_URL=http://yourdomain.com PORT=3000[Install] WantedBy=multi-user.target

systemctl start rocketchatsystemctl enable rocketchat

（6）音、视频服务强制要求 SSL。推荐 Lets Encrypt 免费证书配合http或者Nginx实现HTTPS访问·。
a apache与let’s encrypt

yum -y install httpd mod_sslsystemctl start httpdsystemctl enable httpd

vim /etc/httpd/conf.d/yourdomain.com.conf<VirtualHost *:80>ServerName chat.owfox.comRedirect permanent / https://chat.owfox.com/TransferLog /var/log/httpd/chat.owfox.com_access.logErrorLog /var/log/httpd/chat.owfox.com_error.log</VirtualHost><VirtualHost *:443>ServerName chat.owfox.comServerAdmin me@liptanbiswas.comSSLEngine OnSSLCertificateFile /etc/letsencrypt/live/chat.owfox.com/fullchain.pemSSLCertificateKeyFile /etc/letsencrypt/live/chat.owfox.com/privkey.pemProxyPreserveHost OnProxyPassMatch ^/sockjs/(.*)/websocket ws://192.168.16.8:3000/sockjs/$1/websocketProxyPass / http://192.168.16.8:3000/ProxyPassReverse / http://192.168.16.8:3000/TransferLog /var/log/httpd/chat.owfox.com_ssl_access.logErrorLog /var/log/httpd/chat.owfox.com_ssl_error.log</VirtualHost>

systemctl restart httpd

使用浏览器或者客户端通过https://yourdomain.com访问
B Nginx与let’s encrypt

yum install nginx 

vim /etc/nginx/nginx.conf#user  nobody;worker_processes  1;#error_log  logs/error.log;#error_log  logs/error.log  notice;#error_log  logs/error.log  info;#pid        logs/nginx.pid;events {    worker_connections  1024;}http {    include       mime.types;    default_type  application/octet-stream;    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '    #                  '$status $body_bytes_sent "$http_referer" '    #                  '"$http_user_agent" "$http_x_forwarded_for"';    #access_log  logs/access.log  main;    sendfile        on;    #tcp_nopush     on;    #keepalive_timeout  0;    keepalive_timeout  65;    #gzip  on;    upstream chat {       server 192.168.16.8:3000;       }    server {        listen       80 default;        server_name  chat.owfox.com;        rewrite ^ https://$server_name$request_uri? permanent;        #charset koi8-r;        #access_log  logs/host.access.log  main;        location / {            root   html;            index  index.html index.htm;        }        #error_page  404              /404.html;        # redirect server error pages to the static page /50x.html        #        error_page   500 502 503 504  /50x.html;        location = /50x.html {            root   html;        }        # proxy the PHP scripts to Apache listening on 127.0.0.1:80        #        #location ~ \.php$ {        #    proxy_pass   http://127.0.0.1;        #}   # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000        #        #location ~ \.php$ {        #    root           html;        #    fastcgi_pass   127.0.0.1:9000;        #    fastcgi_index  index.php;        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;        #    include        fastcgi_params;        #}        # deny access to .htaccess files, if Apache's document root        # concurs with nginx's one        #        #location ~ /\.ht {        #    deny  all;        #}    }    # another virtual host using mix of IP-, name-, and port-based configuration    #    #server {    #    listen       8000;    #    listen       somename:8080;    #    server_name  somename  alias  another.alias;    #    location / {    #        root   html;    #        index  index.html index.htm;    #    }    #}    # HTTPS server    #    server {        listen       443 ssl;        server_name  chat.owfox.com;        ssl_certificate      /etc/letsencrypt/live/chat.owfox.com/fullchain.pem;        ssl_certificate_key  /etc/letsencrypt/live/chat.owfox.com/privkey.pem;        ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;        ssl_prefer_server_ciphers on;        ssl_session_cache shared:SSL:10m;    location / {        proxy_pass http://chat;        proxy_set_header Host $http_host;        proxy_http_version 1.1;        proxy_set_header Upgrade $http_upgrade;        proxy_set_header Connection "upgrade";        }    }    #    ssl_session_cache    shared:SSL:1m;    #    ssl_session_timeout  5m;    #    ssl_ciphers  HIGH:!aNULL:!MD5;    #    ssl_prefer_server_ciphers  on;    #    location / {    #        root   html;    #        index  index.html index.htm;    #    }    #}    }