Changes

Jump to navigation Jump to search

Rocket Chat:Contrib (view source)

Revision as of 16:49, 15 November 2023

543 bytes removed ,  16:49, 15 November 2023
→‎Usage
Line 1: Line 1: −
'''[[Rocket_Chat#smeserver-rocketchat_contrib|Contrib]]''': [mailto:jcrisp@safeandsound.co.uk[[User:ReetP|John Crisp]]]
+
'''[[Rocket_Chat#smeserver-rocketchat_contrib|Contrib]]''': [mailto:jcrisp@safeandsound.co.uk][[User:ReetP|John Crisp]]
{{Note box|Please note that there is also a howto on installing Rocket.Chat manually [[Rocket_Chat|'''here''']]}}
+
{{Note box|Please note that there is also a howto on manually installing Rocket.Chat [[Rocket_Chat|'''here''' This is largely obsolete.]]}}
 +
 
 +
Later versions will need my newer smeserver-rocketchat-0.4.x contrib which uses docker.
 +
 
 
==smeserver-rocketchat contrib==
 
==smeserver-rocketchat contrib==
 
{{WIP box}}
 
{{WIP box}}
This contrib aims to reduce some of the setup for rocketchat and add some flexibility with settings
     −
{{Note box | This section will ONLY work up to Rocket Chat version 0.39 as they changed the required node version after that. To run version 0.40 and higher please see further down the page}}
+
===Version===
 +
{{ #smeversion: smeserver-rocketchat }}
 +
 
 +
 
 +
==Required repos==
    
Add repos:
 
Add repos:
    
* [[epel]]
 
* [[epel]]
* [[Centos-sclo-rh]]
+
* [[mongoDB]]
 +
* [[Docker]]
 
* [[User:ReetP|reetp]]  
 
* [[User:ReetP|reetp]]  
   −
yum install rh-python34-python rh-mongodb26-mongodb rh-mongodb26-mongodb-server nodejs010 GraphicsMagick --enablerepo=centos-sclo-rh,epel
+
===Installation===
   −
scl enable nodejs010 bash
+
There is now a smeserver-rocketchat contrib to install Rocket.Chat with docker.
npm install -g inherits
  −
npm install -g n
  −
n 0.10.40
  −
exit
     −
{{Note box | Please be careful to only install JUST the required packages in my repo. There are various testing packages in there that will BREAK YOUR SYSTEM ! }}
+
Install Mongo DB natively as per the wiki page https://wiki.koozali.org/MongoDB
   −
You should now be able to install the rocketchat bundle with:
+
Currently it is suggested to use Mongo 4.4
   −
yum --enablerepo=reetp install rocketchat
+
Mongo 5+ requires additional instructions in the CPU that older CPUs may not have. See teh wiki page for more.
   −
This may take a while on first install as it installs the npm modules for the first time.
+
Do not go further than initiating the replicaset. Users are not required.
   −
Now you should be able to install the rocketchat contrib:
+
Next install smeserver-docker following the wiki page https://wiki.koozali.org/Docker
   −
yum --enablerepo=reetp install smeserver-rocketchat
     −
db configuration setprop rocketchat status enabled
     −
signal-event post-upgrade;signal-event reboot
+
Settings
   −
DB settings
+
config set rocketchat service TCPPort 3000 mailPort 25 mailURL localhost access private status enabled SSLProxy yes Version 5.4.9 rootURL chat.domain.com
   −
rocketchat=service
  −
    TCPPort=3000
  −
    access=public
  −
    mailPort=25
  −
    mailURL=localhost
  −
    status=enabled
     −
  rh-mongodb26-mongod=service
+
  signal-event post-upgrade;signal-event reboot
    TCPPort=27017
  −
    access=private
  −
    mongoURL=localhost
  −
    status=enabled
     −
BEFORE we login for the first time we need to set up mail settings correctly:
     −
From bash:
+
System ➔ startup
 +
+----------------------------------------------------+
 +
|                  SERVER RUNNING                    |
 +
+----------------------------------------------------+
 +
|                                                    |
 +
|      Version: 0.xx.x                              |
 +
|  Process Port: 3000                                |
 +
|      Site URL: <nowiki>http://rocketchat.local.net:3000</nowiki>    |
 +
|        OpLog: Disabled                            |
 +
|                                                    |
 +
+----------------------------------------------------+
   −
mongo rocketchat --eval 'db.rocketchat_settings.update({"_id" : "SMTP_Host"}, {$set: {"value":"localhost"}});'
+
You should now be able to connect to your Rocket.Chat instance
mongo rocketchat --eval 'db.rocketchat_settings.update({"_id" : "From_Email"}, {$set: {"value":"admin@yourdomain.com"}});'
     −
We can check the individual values set like this:
+
http://rocketchat.local.net:3000
   −
mongo rocketchat --eval 'db.rocketchat_settings.find({"_id":"From_Email"}, {_id:0, value:1}).shellPrint();'
+
===Registering a new account===
mongo rocketchat --eval 'db.rocketchat_settings.find({"_id":"SMTP_Host"}, {_id:0, value: 1}).shellPrint();'
     −
All values per _id:
+
Because the SME mail server is fussy you may find it easier to force some settings in the Rocket.Chat DB before trying to register:
mongo rocketchat --eval 'db.rocketchat_settings.find({"_id" : "SMTP_Host"}).shellPrint();'
  −
mongo rocketchat --eval 'db.rocketchat_settings.find({"_id" : "From_Email"}).shellPrint();'
      +
You can set your SMTP host as localhost or mail.yourdomain.com
   −
Now restart rocketchat to reread the DB settings:
+
mongo
 +
use rocketchat
 +
db.rocketchat_settings.update({"_id" : "SMTP_Host"}, {$set: {"value":"mail.yourdomain.com"}})
 +
db.rocketchat_settings.update({"_id": "From_Email"}, {$set: {"value":"admin@yourdomain.com"}})
 +
      exit<
   −
service rocketchat restart
     −
Login at http://yourdomain:3000
+
===Reverse proxy===
   −
It will first get you to create an admin user.
+
Now we need to setup our subdomain for the reverse proxy
   −
If you have an issue with no email sent/received then login using the email address and password you just set
+
db domains set chat.mycompany.local domain Description RocketChat Nameservers internet \
 +
TemplatePath ProxyPassVirtualRocketchat ProxyPassTarget http://localhost:3000/
   −
===Updates===
+
It should look like this:
 +
chat.mycompany.local=domain
 +
  Nameservers=internet (can be localhost)
 +
  ProxyPassTarget=http://127.0.0.1:3000/
 +
  TemplatePath=ProxyPassVirtualRocketchat
 +
  letsencryptSSLcert=enabled (with letsencrypt support)
   −
If there is an update to Rocket.Chat I will add to my repo. You should just be able to run:
+
We need to set Rocket.Chat to listen on localhost now:
   −
  yum --enablerepo=reetp install rocketchat
+
  config setprop rocketchat rootURL chat.mycompany.domain SSLProxy yes
 +
signal-event smeserver-rocketchat-update
   −
You can also update the smeserver-rocketchat contrib in the same way
+
Now start the docker container (always run compose from the docker directory)
   −
  yum --enablerepo=reetp install smeserver-rocketchat
+
  cd /home/e-smith/files/docker/configs
 +
docker-compose up -d rocketchat
 +
docker logs -f rocketchat
   −
===SSL===
+
db accounts setprop Primary SSL enabled
 +
signal-event ibay-modify Primary
   −
{{Note box | This is still experimental and there may be issues with SSL only for the Primary iBay and Letsencrypt. You will need a minimum version of smeserver-rocketchat-0.1-5 }}
     −
{{Note box | I've realised I need to re-hack the web templates for this but still trying to work it out - please ask in the forums and I can give you some tips to get it working}}
+
==Bugs==
   −
It is recommended to add Letsencrypt support as detailed below.
+
Please raise bugs under the SME-Contribs section in {{BugzillaFileBug|product=|component=|title=bugzilla}}and select the smeserver-rocketchat component or use
 +
{{BugzillaFileBug|product=SME%20Contribs|component=smeserver-rocketchat |title=this link}}.
   −
We need some extra settings to enable SSL with ProxyPass.
     −
First install proxy pass rpm:
+
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |disablecache=1 |component=smeserver-rocketchat |noresultsmessage="No open bugs found."}}
   −
Add the FWS repo
     −
* [[Fws]]
+
==Mongo DB examples==
   −
yum --enablerepo=fws install mod_proxy_wstunnel
+
===Usage===
   −
Regenerate httpd.conf
+
Example using mongo itself:
   −
  signal-event remoteaccess-update
+
  mongo
   −
Now we need to setup our subdomain
+
use rocketchat
   −
db domains set chat.mycompany.local domain Description RocketChat Nameservers internet \
+
Show all collections in DB
  TemplatePath ProxyPassVirtualRocketchat ProxyPassTarget http://localhost:3000/
+
  show collections
   −
It should look like this:
+
Show all entries in a collection
 
+
  db.rocketchat_avatars.chunks.find()
  chat.mycompany.local=domain
  −
    Nameservers=internet
  −
    ProxyPassTarget=http://127.0.0.1:3000/
  −
    TemplatePath=ProxyPassVirtualRocketchat
      +
db.rocketchat_settings.find({"_id" : "SMTP_Host"})
 +
db.rocketchat_settings.find({"_id" : "From_Email"})
   −
We need to set Rocket.Chat to listen on localhost now:
+
db.getCollection("rocketchat_settings").find({"name":"Joe Blogs"})
   −
  config setprop rocketchat rootURL localhost
+
  db.getCollection("rocketchat_settings").find({"_id":{$regex:"^LDAP"}})
signal-event remoteaccess-update
  −
service rocketchat restart
     −
If you can now successfully get to Rocketchat on your subdomain https://chat.mycompany.local you can disable default access on port 3000:
+
db.rocketchat_settings.findOne({_id : "From_Email"}, {_id:0, value: 1})
 +
db.rocketchat_settings.findOne({_id : "SMTP_Host"}, {_id:0, value: 1})
   −
  config setprop rocketchat access private
+
  db.rocketchat_settings.update({"_id":"From_Email"}, {$set: {"value":"admin@yourdomain.com"}})
  signal-event remoteaccess-update
+
  db.rocketchat_settings.update({"_id":"SMTP_Host"}, {$set: {"value":"mail.yourdomain.com"}})
   −
===Letsencrypt support===
     −
{{Note box | 26 Aug 2016 - This should now work for a subdomain}}
+
Remove all entries in a collection (CAREFUL!!!!!!)
 +
db.rocketchat_avatars.chunks.remove({})
   −
You can add letsencrypt should you wish - please see https://wiki.contribs.org/Letsencrypt
+
Help
 +
help
   −
You will need to add the domain key as follows, and add your letsencrypt certificates as per the wiki page:
+
Some more mongo commands for reference
   −
db domains setprop chat.mycompany.local letsencryptSSLcert enabled
+
https://github.com/RocketChat/Rocket.Chat/issues/15880#issuecomment-570070433
   −
Note that smeserver-rocketchat adds redirect on port 80 for the letsencrypt directory .well-known/acme-challenge
+
Directly check a specific user ID from bash:
 +
mongo rocketchat --eval "db.users.find({'username':'usernamehere'}).forEach( function(u) { print(u._id + \" ; \" + u.username); } )"
   −
You should be able to reach:
+
Log into rocketchat database:
 +
mongo rocketchat
   −
  http://chat.mycompany.local/.well-known/acme-challenge/
+
Check out all the user IDs in the database:
 +
  db.users.find().forEach( function(u) { print(u._id + ";" + u.username); } )
   −
This should redirect to:
+
Or just a specific user's ID:
 +
db.users.find({'username':'usernamehere'}).forEach( function(u) { print(u._id + \" ; \" + u.username); } )
   −
  https://chat.mycompany.local/.well-known/acme-challenge/
+
Replace specific user ID's password in the database:
 +
  db.users.update( {'_id': 'useridhere'}, {$set: {'services.password.bcrypt': 'bcryptedpasswordhere'}}, {multi:true} )
   −
Anything else going to chat.mycompany.local should get to Rocket.Chat
+
My only issue with above (only time I needed it for recovery purposes), was that I didn't know which tool to use to generate a bcrypted password. So in the hurry I copied the hash from one account I already knew (my own). If someone knows a good command for creating one directly in bash, I assume it would do.
   −
===Errors===
+
There are bcrypt password generators online, and various libraries you can use
   −
You may get an error on install of the rocketchat rpm as follows:
+
For listing out any passwords in the database I used:
   −
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
+
  db.users.find().forEach( function(u) { print(u.services.password.bcrypt + " ; " + u.username); } )
   −
This is due to the installed version of npm/node from SCL. Rocket.Chat should till work
+
If you have deactivated users it may fail so use this for individual accounts.
   −
==Rocketchat 0.40+==
+
However, you can get it for an individual user with:
   −
From Rocketchat 0.40 onwards you require a higher version of node than the one in the EPEL repos.
+
db.users.find({'username':'SomeUserName'}).forEach( function(u) { print(u.services.password.bcrypt + " ; " + u.username); } )
   −
===Setup===
+
Set a user config item:
   −
Add the following repos:
+
db.users.update( {'username': 'SomeUserName'}, {$set: {'settings.preferences.showMessageInMainThread': 'true'}} )
   −
/sbin/e-smith/db yum_repositories set epel repository \
+
Find a single user:
Name 'Epel - EL6' \
  −
BaseURL 'http://download.fedoraproject.org/pub/epel/6/$basearch' \
  −
MirrorList 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-6&arch=$basearch' \
  −
EnableGroups no \
  −
GPGCheck yes \
  −
GPGKey http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL \
  −
Exclude perl-Razor-Agent \
  −
Visible no \
  −
status disabled
     −
  /sbin/e-smith/db yum_repositories set reetp repository \
+
  db.getCollection('users').find( {'username':'SomeUserName'} )
BaseURL http://www.reetspetit.com/smeserver/\$releasever \
  −
EnableGroups no \
  −
GPGCheck no \
  −
Name "ReetP Repo" \
  −
GPGKey http://www.reetspetit.com/RPM-GPG-KEY \
  −
Visible yes status disabled
     −
/sbin/e-smith/db yum_repositories set centos-sclo-rh \
+
Get limited information:
repository Name 'Centos-RH Software collections' \
  −
BaseURL 'http://mirror.centos.org/centos/$releasever/sclo/$basearch/rh/' \
  −
EnableGroups no Visible yes status disabled
     −
  /sbin/e-smith/db yum_repositories set nodejs \
+
  db.getCollection('users').find({}, {"username":1, "settings.preferences.showMessageInMainThread":1})
repository Name 'Node JS 4' \
  −
BaseURL https://rpm.nodesource.com/pub_4.x/el/6/x86_64 \
  −
EnableGroups no GPGCheck no Visible yes status disabled
     −
signal-event yum-modify
+
Reset 2FA nonsense:
   −
  yum --enablerepo=nodejs install nodejs nodejs-devel
+
  db.users.update({'username': 'SomeUserName'}, {$unset: {'services.totp': 1}});
 +
db.users.update({'username': 'SomeUserName'}, {$unset: {'services.email2fa': 1}});
   −
yum --enablerepo=centos-sclo-rh,epel install scl-utils rh-python34-python rh-mongodb26-mongodb rh-mongodb26-mongodb-server \
+
===Database Backup===
GraphicsMagick
     −
You should be able to install the smeserver-rocketchat RPM now
+
You can dump the tables to a directory of your choice:
   −
  yum --enablerepo=reetp install smeserver-rocketchat
+
  mongodump --dumpDbUsersAndRoles -d rocketchat -o /root/rocketchatmongo
   −
config set rocketchat service TCPPort 3000 mailPort 25 mailURL localhost access public status enabled
+
===Database Restore===
config set rh-mongodb26-mongod service TCPPort 27017 mongoURL localhost access private status enabled
     −
signal-event post-upgrade;signal-event reboot
+
You can restore you database as follows:
    +
mongorestore --restoreDbUsersAndRoles -d rocketchat -dir  /root/rocketchatmongo/rocketchat --quiet
   −
===RocketChat run checks===
+
===Database Fix tables===
   −
Check /var/log/rocketchat.log
+
To remove user data file links a variation on this link
 +
https://github.com/RocketChat/feature-requests/issues/718
   −
  System ➔ startup
+
  mongo
  +--------------------------------------------------+
+
  use rocketchat
|                  SERVER RUNNING                  |
+
  db.rocketchat_user_data_files.remove( { } )
+--------------------------------------------------+
+
  db.runCommand({ compact: 'rocketchat_user_data_files', force: true });
  |                                                  |
+
  quit;
|      Version: 0.xx.x                            |
  −
  |  Process Port: 3000                              |
  −
|      Site URL: http://rocketchat.local.net:3000  |
  −
|        OpLog: Disabled                          |
  −
|                                                  |
  −
  +--------------------------------------------------+
     −
If you have issues make sure you stop the rocket chat service
+
==Node usage==
   −
service rocketchat stop
+
* This should go to a new Node page for reference
   −
Check your node versions:
+
Use n, an extremely simple Node version manager that can be installed via npm (See http://stackoverflow.com/questions/7718313/how-to-change-to-an-older-version-of-node-js)
   −
[root@test Rocket.Chat]# node -v
+
Say you want Node.js v0.10.x to build Atom.
v4.5.0
  −
[root@test Rocket.Chat]# npm -v
  −
3.10.8
     −
Modify with
+
npm install -g n  # Install n globally
 +
n 0.10.33          # Install and use v0.10.33 local only
   −
  n 0.4.6
+
Usage:
 +
  n                           # Output versions installed
 +
n latest                    # Install or activate the latest node release
 +
n stable                    # Install or activate the latest stable node release
 +
n <version>                  # Install node <version>
 +
n use <version> [args ...]  # Execute node <version> with [args ...]
 +
n bin <version>              # Output bin path for <version>
 +
n rm <version ...>          # Remove the given version(s)
 +
n --latest                  # Output the latest node version available
 +
n --stable                  # Output the latest stable node version available
 +
n ls                        # Output the versions of node available
   −
Try running main.js
  −
/opt/Rocket.Chat
  −
node main.js
     −
===Manual config of templates===
+
==NPM Usage==
expand-template /etc/rc.d/init.d/rocketchat
  −
expand-template /etc/profile.d/scls-rh-mongodb26.sh
  −
expand-template /etc/profile.d/scls-rh-python34.sh
  −
expand-template /etc/profile.d/scls-rh-java-common.sh
  −
expand-template /etc/opt/rh/rh-mongodb26/mongod.conf
     −
/etc/rc.d/init.d/rocketchat start
+
To update your version of npm run the following
/etc/rc.d/init.d/rh-mongodb26-mongos start
      +
npm install -g npm
    +
Or for a specific version:
   −
===Proxy Pass===
+
npm install -g npm@3.10.9
   −
The contrib will sort out the templates. You just need some settings as follows:
+
==DB settings==
   −
[root@test e-smith]# db domains show
+
Typical standard setup:
  chat.reetspetit.info=domain
+
  rocketchat=service
     Description=RocketChat
+
     TCPPort=3000
     Nameservers=internet
+
     access=public
     ProxyPassTarget=http://127.0.0.1:3000/
+
     mailPort=25
     TemplatePath=ProxyPassVirtualRocketchat
+
     mailURL=localhost
     letsencryptSSLcert=enabled
+
     status=enabled
    +
Typical proxy subdomain setup:
 +
rocketchat=service
 +
    SSLProxy=yes
 +
    TCPPort=3000
 +
    access=private
 +
    mailPort=25
 +
    mailURL=localhost
 +
    rootURL=chat.mydomain.co.uk
 +
    status=enabled
   −
===SSL===
  −
{{Note box|This is still experimental and there may be issues with SSL only for the Primary iBay and Letsencrypt. You will need a minimum version of smeserver-rocketchat-0.1-5 }}
        −
It is recommended to add Letsencrypt support as detailed below.
+
==Koozali SME v10==
   −
We need some extra settings to enable SSL with ProxyPass.
+
I am starting to look at running this under docker on v10
   −
First install proxy pass rpm:
+
Some quick notes.
yum --enablerepo=fws install mod_proxy_wstunnel
     −
Regenerate httpd.conf
+
You will need
signal-event remoteaccess-update
     −
Now we need to setup our subdomain
+
Docker
 +
https://wiki.contribs.org/Docker
   −
  db domains set chat.mycompany.local domain Description RocketChat Nameservers internet \
+
Docker Compose (because it makes it easier to template)
TemplatePath ProxyPassVirtualRocketchat ProxyPassTarget http://localhost:3000/
+
https://github.com/docker/compose/releases
   −
It should look like this:
+
Docker environment settings to disable 2FA
chat.mycompany.local=domain
  −
  Nameservers=internet
  −
  ProxyPassTarget=http://127.0.0.1:3000/
  −
  TemplatePath=ProxyPassVirtualRocketchat
  −
 
  −
We need to set Rocket.Chat to listen on localhost now:
     −
config setprop rocketchat rootURL localhost
+
  - OVERWRITE_SETTING_Accounts_TwoFactorAuthentication_Enforce_Password_Fallback=false
signal-event remoteaccess-update
+
  - OVERWRITE_SETTING_Accounts_TwoFactorAuthentication_Enabled=false
service rocketchat restart
     −
If you can now successfully get to Rocketchat on your subdomain https://chat.mycompany.local you can disable default access on port 3000:
+
Mongo (I prefer to run a full instance rather than a docker one)
 +
https://wiki.contribs.org/MongoDB
   −
config setprop rocketchat access private
+
Make sure you add replicaset support in Mongo and set it up:
signal-event remoteaccess-update
     −
===Bugs===
+
mongo --eval "printjson(rs.initiate())"
Look for bugs :-) As the contrib is not in CVS please report them in the forum and I will try and keep an eye out.
     −
==Mongo DB examples==
     −
Example using mongo itself:
+
I'll add more later, and try and make a full contrib in due course
   −
mongo
+
FAQ
   −
use rocketchat
+
https://handbook.rocket.chat/company/tools/rocket.chat
   −
db.rocketchat_settings.find({"_id" : "SMTP_Host"})
+
==Bugs==
db.rocketchat_settings.find({"_id" : "From_Email"})
     −
db.rocketchat_settings.findOne({_id : "From_Email"}, {_id:0, value: 1})
+
Please raise bugs under the SME-Contribs section in {{BugzillaFileBug|product=|component=|title=bugzilla}}and select the smeserver-rocketchat component or use
  db.rocketchat_settings.findOne({_id : "SMTP_Host"}, {_id:0, value: 1})
+
  {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-rocketchat |title=this link}}.
      −
db.rocketchat_settings.update({"_id" : "From_Email"}, {$set: {"value":"admin@yourdomain.com"}})
+
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |disablecache=1 |component=smeserver-rocketchat |noresultsmessage="No open bugs found."}}
db.rocketchat_settings.update({"_id" : "SMTP_Host"}, {$set: {"value":"mail.yourdomain.com"}})
 
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/32290...42399"

Navigation menu