Skip to content

Instantly share code, notes, and snippets.

@kiview

kiview/description.md

Last active March 1, 2024 15:28
Show Gist options
  • Save kiview/4714eda0eb31ff84c05a4ea8cd6356df to your computer and use it in GitHub Desktop.
Save kiview/4714eda0eb31ff84c05a4ea8cd6356df to your computer and use it in GitHub Desktop.
Download ZIP
rocket.chat with docker-compose
Raw
description.md

Rocket.Chat Over HTTPS with Docker Compose

Instructions about how to setup a Rocket.Chat server including a HTTPS reverse proxy with docker-compose.

docker-compose.yaml

mongo:
  image: mongo
  volumes:
    - ./data/runtime/db:/data/db
    - ./data/dump:/dump
  command: mongod --smallfiles --oplogSize 128

rocketchat:
  image: rocketchat/rocket.chat:latest
  volumes:
    - ./uploads:/app/uploads
  environment:
    - PORT=3000
    - ROOT_URL=http://host.example.com:8066
    - MONGO_URL=mongodb://mongo:27017/rocketchat
  links:
    - mongo:mongo
    - smtp:smtp

# hubot, the popular chatbot (add the bot user first and change the password before starting this image)
hubot:
  image: rocketchat/hubot-rocketchat:v0.1.4
  environment:
    - ROCKETCHAT_URL=rocketchat:3000
    - ROCKETCHAT_ROOM=
    - ROCKETCHAT_USER=rocket.cat
    - ROCKETCHAT_PASSWORD=password
    - LISTEN_ON_ALL_PUBLIC=true
    - BOT_NAME=bot
    - RESPOND_TO_EDITED=true
    - RESPOND_TO_DM=true
# you can add more scripts as you'd like here, they need to be installable by npm
    - EXTERNAL_SCRIPTS=hubot-help,hubot-seen,hubot-links,hubot-diagnostics
  links:
    - rocketchat:rocketchat
# this is used to expose the hubot port for notifications on the host on port 3001, e.g. for hubot-jenkins-notifier
  ports:
    - 3001:8080

smtp:
  image: namshi/smtp
  environment:
    - RELAY_DOMAINS=:example.com:example.de

nginx:
  image: nginx:1.10.1-alpine
  volumes:
    - ./certs/cert.crt:/etc/nginx/cert.crt
    - ./certs/cert.key:/etc/nginx/cert.key
    - ./nginx/nginx.conf:/etc/nginx/nginx.conf
  links:
    - rocketchat:rocketchat
  ports:
    - 8066:443

nginx.conf

events {
  worker_connections  1024;
}

http {
  server {

    listen 443;
    server_name host.example.com;

    ssl_certificate           /etc/nginx/cert.crt;
    ssl_certificate_key       /etc/nginx/cert.key;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    access_log            /var/log/nginx/rocketchat.access.log;

    location / {

      proxy_set_header        Host $host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto $scheme;

      # Fix the “It appears that your reverse proxy set up is broken" error.
      proxy_pass          http://rocketchat:3000;
      proxy_read_timeout  90;

      proxy_redirect      http://rocketchat:3000 https://host.example.com;
    }
  }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment