.menu
.search
CHECKING STATUS
I AM LISTENING TO
|
HOME / BLOG

Day 18: Rocket.Chat – Open-Source Communication Platform – 7 Days of Docker

11. March 2025
/ /
.SHARE

Table of Contents

Rocket.Chat is one of the leading open-source communication platforms for organizations that require high standards of data protection and customization capabilities. In this comprehensive guide, we’ll walk through how to deploy Rocket.Chat using Docker and Docker Compose, providing you with a robust, scalable, and secure chat solution that you can self-host.

I have been running it on multiple systems for years. Started with a local direct install and moved to Docker about 3 years ago. Running the latest release with MongoDB 6 at the moment, it had problems with MongoDB 7 last year and I am not switching yet. With Rocket.Chat 8.x, they will deprecate MongoDB 5.

Introduction to Rocket.Chat

Rocket.Chat is a fully customizable communications platform developed in JavaScript. It offers features like:

  • Real-time chat with individual and group messaging
  • File sharing and media embedding
  • Voice and video calls
  • Screen sharing
  • Integration with popular services and third-party applications
  • End-to-end encryption
  • Self-hosting options for complete data control

Unlike proprietary solutions, Rocket.Chat gives you full control over your data and allows for extensive customization to match your organization’s specific needs.

System Requirements

Before installing Rocket.Chat, ensure your server meets the minimum requirements. Requirements vary based on your expected usage:

For Small Teams (up to 50 concurrent users)

  • 2 vCPUs (minimum)
  • 2GB RAM (minimum)
  • 10GB of storage for MongoDB
  • 3GB minimum disk space for the Rocket.Chat application

For Medium Deployments (50-500 concurrent users)

  • 4 vCPUs
  • 8GB RAM
  • 40GB+ of storage for MongoDB
  • 5GB+ disk space for the Rocket.Chat application

For Large Deployments (500-5000 concurrent users)

  • 8+ vCPUs
  • 16GB+ RAM
  • 80GB+ of storage for MongoDB
  • 10GB+ disk space for the Rocket.Chat application

For Enterprise Deployments (5000+ concurrent users)

  • 16+ vCPUs
  • 32GB+ RAM
  • Custom MongoDB deployment with replication and sharding
  • Specialized server architecture

Note: For file storage in production environments, Rocket.Chat recommends using object storage services such as Amazon S3, Google Cloud Storage, or MinIO instead of GridFS.

Prerequisites

Before proceeding with the installation, ensure you have:

  1. A server running Linux (Ubuntu Server 22.04 LTS recommended)
  2. Docker Engine installed (version 20.10 or newer)
  3. Docker Compose installed (version 2.0 or newer)
  4. A domain name pointing to your server’s IP address
  5. Ports 80 and 443 open in your firewall for HTTP/HTTPS access

Installing Docker and Docker Compose

If you don’t have Docker already installed, you can install it with:

1
2
3
4
5
6
7
8
9
10
11
12
13
 
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
 
# Add your user to the docker group to run docker without sudo
sudo usermod -aG docker $USER
sudo newgrp docker
 
# Install Docker Compose
sudo apt update
sudo apt install docker-compose-plugin
 

Verify the installations:

1
2
3
4
 
docker --version
docker compose version
 

Installation Methods

There are several approaches to deploy Rocket.Chat with Docker:

  1. Using the official Docker image with a simple docker run command
  2. Using Docker Compose with a basic configuration
  3. Using Docker Compose with Traefik for reverse proxy and automatic SSL

This guide focuses on the Docker Compose approach as it provides the best balance of simplicity and flexibility.

Setting Up with Docker Compose

We’ll use Docker Compose to set up Rocket.Chat with MongoDB (required database) and Traefik as a reverse proxy for handling SSL certificates.

Step 1: Create Project Directory

First, create a directory for your Rocket.Chat deployment:

1
2
3
4
 
mkdir ~/rocketchat
cd ~/rocketchat
 

Step 2: Create Docker Networks

Create the necessary Docker networks:

1
2
3
4
 
docker network create traefik-network
docker network create rocketchat-network
 

Step 3: Create .env File

Create a .env file to store environment variables:

1
2
3
 
nano .env
 

Add the following content, making sure to replace the example values with your own:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
# Traefik Variables
TRAEFIK_IMAGE_TAG=traefik:3.2
# Set the log level (DEBUG, INFO, WARN, ERROR)
TRAEFIK_LOG_LEVEL=WARN
# The email address for Let's Encrypt certificate notifications
TRAEFIK_ACME_EMAIL=admin@yourdomain.com
# The hostname for the Traefik dashboard
TRAEFIK_HOSTNAME=traefik.chat.yourdomain.com
# Basic Authentication for Traefik Dashboard (username:hashed-password)
# Generate with htpasswd: htpasswd -nb admin secure_password
TRAEFIK_BASIC_AUTH=admin:$2y$10$sMzJfirKC75x/hVpiINeZOiSm.Jkity9cn4KwNkRvO7hSQVFc5FLO
 
# Rocket.Chat Variables
ROCKETCHAT_MONGODB_IMAGE_TAG=bitnami/mongodb:6.0
ROCKETCHAT_IMAGE_TAG=rocket.chat:6.10
ROCKETCHAT_URL=https://chat.yourdomain.com
ROCKETCHAT_HOSTNAME=chat.yourdomain.com
 

Step 4: Create Docker Compose File

Create a docker-compose.yml file:

1
2
3
 
nano docker-compose.yml
 

Add the following content:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
 
networks:
  rocketchat-network:
    external: true
  traefik-network:
    external: true
 
volumes:
  rocketchat-uploads:
  rocketchat-mongodb:
  traefik-certificates:
 
services:
  mongodb:
    image: ${ROCKETCHAT_MONGODB_IMAGE_TAG}
    volumes:
      - rocketchat-mongodb:/bitnami/mongodb
    environment:
      MONGODB_REPLICA_SET_MODE: primary
      MONGODB_REPLICA_SET_NAME: rs0
      MONGODB_PORT_NUMBER: 27017
      MONGODB_INITIAL_PRIMARY_HOST: mongodb
      MONGODB_INITIAL_PRIMARY_PORT_NUMBER: 27017
      MONGODB_ADVERTISED_HOSTNAME: mongodb
      MONGODB_ENABLE_JOURNAL: 'true'
      ALLOW_EMPTY_PASSWORD: 'yes'
    networks:
      - rocketchat-network
    healthcheck:
      test: ["CMD", "mongosh", "--eval", "db.adminCommand('ping')"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 60s
    restart: unless-stopped
 
  rocketchat:
    image: ${ROCKETCHAT_IMAGE_TAG}
    volumes:
      - rocketchat-uploads:/app/uploads
    environment:
      PORT: 3000
      ROOT_URL: ${ROCKETCHAT_URL}
      MONGO_URL: mongodb://mongodb:27017/rocketchat?replicaSet=rs0
      MONGO_OPLOG_URL: mongodb://mongodb:27017/local?replicaSet=rs0
      DEPLOY_METHOD: docker
      Accounts_UseDNSDomainCheck: 'false'
    networks:
      - rocketchat-network
      - traefik-network
    healthcheck:
      test: >
        /usr/local/bin/node -e 'const http = require("http");const options = {host: "localhost",port: 3000,path: "/api/info",timeout: 2000};const healthCheck = http.request(options, (res) => {console.log(`HEALTHCHECK STATUS: ${res.statusCode}`);if (res.statusCode == 200) {process.exit(0);} else {process.exit(1);}});healthCheck.on("error", function (err) {console.error("ERROR");process.exit(1);});healthCheck.end();'
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: a120s
    labels:
      # Enable Traefik for this container
      - "traefik.enable=true"
      # Match incoming requests on a specific hostname
      - "traefik.http.routers.rocketchat.rule=Host(`${ROCKETCHAT_HOSTNAME}`)"
      # Assign the router to a named Traefik service
      - "traefik.http.routers.rocketchat.service=rocketchat"
      # Use the 'websecure' (HTTPS) entry point
      - "traefik.http.routers.rocketchat.entrypoints=websecure"
      # Define the internal container port for routing
      - "traefik.http.services.rocketchat.loadbalancer.server.port=3000"
      # Enable TLS on this router
      - "traefik.http.routers.rocketchat.tls=true"
      # Use Let's Encrypt for certificate management
      - "traefik.http.routers.rocketchat.tls.certresolver=letsencrypt"
      # Pass the original Host header to the container
      - "traefik.http.services.rocketchat.loadbalancer.passhostheader=true"
      # Apply a compression middleware
      - "traefik.http.routers.rocketchat.middlewares=compresstraefik"
      # Define settings for the compression middleware
      - "traefik.http.middlewares.compresstraefik.compress=true"
      # Specify which Docker network Traefik should use for routing
      - "traefik.docker.network=traefik-network"
    restart: unless-stopped
    depends_on:
      mongodb:
        condition: service_healthy
      traefik:
        condition: service_healthy
 
  traefik:
    image: ${TRAEFIK_IMAGE_TAG}
    command:
      # Set the log level (DEBUG, INFO, WARN, ERROR)
      - "--log.level=${TRAEFIK_LOG_LEVEL}"
      # Enable the built-in API and web-based dashboard
      - "--api.dashboard=true"
      # Enable the /ping endpoint so we can health-check Traefik
      - "--ping=true"
      # Assign the /ping endpoint to a dedicated entry point on port 8082
      - "--ping.entrypoint=ping"
      - "--entrypoints.ping.address=:8082"
      # Define the primary HTTP entry point on port 80
      - "--entrypoints.web.address=:80"
      # Define the secure (HTTPS) entry point on port 443
      - "--entrypoints.websecure.address=:443"
      # Enable the Docker provider to detect containers and their labels
      - "--providers.docker=true"
      # Point Traefik to the Docker socket
      - "--providers.docker.endpoint=unix:///var/run/docker.sock"
      # Prevent automatic exposure of all containers; only expose containers with "traefik.enable=true"
      - "--providers.docker.exposedbydefault=false"
      # Use ACME (Let's Encrypt) to generate/renew certificates via TLS challenge
      - "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
      # The email address used by Let's Encrypt for renewal notices
      - "--certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_ACME_EMAIL}"
      # The file where ACME certificates are stored inside the container
      - "--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme/acme.json"
      # Enable Prometheus metrics
      - "--metrics.prometheus=true"
      # Configure Prometheus histogram buckets
      - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
      # Check for newer Traefik versions and optionally log that info
      - "--global.checknewversion=true"
      # Disable sending anonymous usage data to the Traefik maintainers
      - "--global.sendanonymoususage=false"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - traefik-certificates:/etc/traefik/acme
    networks:
      - traefik-network
    ports:
      - "80:80"
      - "443:443"
    healthcheck:
      test: ["CMD", "wget", "http://localhost:8082/ping","--spider"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 5s
    labels:
      # Enable Traefik for this container
      - "traefik.enable=true"
      # A router to expose the Traefik dashboard
      - "traefik.http.routers.dashboard.rule=Host(`${TRAEFIK_HOSTNAME}`)"
      - "traefik.http.routers.dashboard.entrypoints=websecure"
      - "traefik.http.routers.dashboard.tls=true"
      - "traefik.http.routers.dashboard.tls.certresolver=letsencrypt"
      - "traefik.http.routers.dashboard.service=api@internal"
      # Basic Authentication for the Traefik dashboard
      - "traefik.http.routers.dashboard.middlewares=authtraefik"
      - "traefik.http.middlewares.authtraefik.basicauth.users=${TRAEFIK_BASIC_AUTH}"
      # Specify the internal server port to the dashboard service
      - "traefik.http.services.dashboard.loadbalancer.server.port=8080"
      # Pass the original Host header to the backend
      - "traefik.http.services.dashboard.loadbalancer.passhostheader=true"
      # HTTP -> HTTPS redirect for all hosts
      - "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
      - "traefik.http.routers.http-catchall.entrypoints=web"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
    restart: unless-stopped
 

Step 5: Deploy Rocket.Chat

Start the deployment with Docker Compose:

1
2
3
 
docker compose up -d
 

This command will:

  1. Pull the required Docker images
  2. Create necessary volumes
  3. Set up MongoDB with a replica set for Rocket.Chat
  4. Configure Traefik for HTTPS and reverse proxy
  5. Start the Rocket.Chat service

Step 6: Verify the Deployment

Check if the containers are running:

1
2
3
 
docker ps
 

You should see three containers running:

  • MongoDB
  • Rocket.Chat
  • Traefik

Check the logs for any errors:

1
2
3
 
docker logs rocketchat_rocketchat_1
 

Post-Installation Steps

Setting Up the Admin Account

  1. Open your browser and navigate to your Rocket.Chat URL (https://chat.yourdomain.com)
  2. Follow the on-screen instructions to set up your admin account
  3. Create your organization profile
  4. Register your server (optional, but recommended for notifications)

Configuring SMTP for Email Notifications

To enable email notifications in Rocket.Chat:

  1. Log in with your admin account
  2. Go to Administration > Email > SMTP
  3. Fill in your SMTP server details:
    • Protocol: SMTP (or SMTPS if required)
    • Host: your.smtp-server.com
    • Port: 587 (or as required by your SMTP provider)
    • Username & Password: Your SMTP credentials
    • From Email: noreply@yourdomain.com (or your preferred sending address)
  4. Save the settings and send a test email

Maintenance and Backups

Backing Up Rocket.Chat

Regularly back up your Rocket.Chat instance:

  1. MongoDB data (the most critical component)
  2. Uploaded files
  3. Custom configurations

Here’s a simple backup script you can adapt:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
 
#!/bin/bash
BACKUP_DIR="/path/to/backup/dir/$(date +%Y%m%d)"
mkdir -p $BACKUP_DIR
 
# Back up MongoDB
docker exec rocketchat_mongodb_1 mongodump --archive --gzip > $BACKUP_DIR/mongodb.archive.gz
 
# Back up uploads
docker cp rocketchat_rocketchat_1:/app/uploads $BACKUP_DIR/uploads
 
# Back up compose files
cp ~/rocketchat/.env $BACKUP_DIR/
cp ~/rocketchat/docker-compose.yml $BACKUP_DIR/
 

Updating Rocket.Chat

To update to a newer version:

  1. Update the image tag in your .env file to the desired version
  2. Run the following commands:
1
2
3
4
5
6
 
cd ~/rocketchat
docker compose pull
docker compose down
docker compose up -d
 

Troubleshooting

Common Issues and Solutions

  1. MongoDB Connection Errors
    • Check MongoDB container logs: docker logs rocketchat_mongodb_1
    • Verify replica set is properly initialized
    • Check network connectivity between containers
  2. Rocket.Chat Can’t Start
    • Verify MongoDB is healthy: docker ps (should show status as “healthy”)
    • Check Rocket.Chat logs: docker logs rocketchat_rocketchat_1
    • Ensure environment variables are correctly set
  3. SSL Certificate Issues
    • Verify DNS records point to your server
    • Check Traefik logs: docker logs rocketchat_traefik_1
    • Make sure ports 80 and 443 are open on your firewall
  4. High Resource Usage
    • MongoDB may require tuning for larger deployments
    • Consider scaling vertically (larger server) or horizontally (multiple instances)
    • Use monitoring tools to identify bottlenecks

Thoughts

You’ve now successfully deployed Rocket.Chat using Docker and Docker Compose with a proper reverse proxy setup for HTTPS. This setup provides:

  • A secure communication platform with SSL encryption
  • Automatic certificate management with Let’s Encrypt
  • Efficient containerization with Docker
  • Proper database setup with MongoDB
  • Easy maintenance and updates

For more advanced configurations and optimizations, refer to the official Rocket.Chat documentation.

Additional Resources

Let’s Talk!

Looking for a reliable partner to bring your project to the next level? Whether it’s development, design, security, or ongoing support—I’d love to chat and see how I can help.

Get in touch,
and let’s create something amazing together!

RELATED POSTS

READ ABOUT IT

Day 21: ChangeDetection.io – The Ultimate Website Change Monitoring Tool – 7 Days of Docker

/ /

In today’s fast-paced digital world, staying on top of website changes can be crucial for various reasons—whether you’re hunting for product restocks, monitoring pricing changes, tracking competitors, or keeping an eye on regulatory updates. Enter ChangeDetection.io, an open-source solution that makes website change monitoring accessible, efficient, and incredibly powerful. What is ChangeDetection.io? ChangeDetection.io is a […]

READ ABOUT IT

Are JavaScript Polyfills Still Relevant in 2025?

/

Are JavaScript polyfills still relevant in today’s development landscape? It’s a question I get asked frequently in consultations and tech discussions, especially as browsers have become more standardized. Let me break this down for you with some real-world perspective. What Are JavaScript Polyfills (And Why We Used to Need Them) If you’ve been in web […]

READ ABOUT IT

Day 20: Watchtower – Automatic Docker Container Updates – 7 Days of Docker

/ /

Maintaining up-to-date Docker containers is critical for security and functionality, but manually updating containers across all your deployments can be tedious and error-prone. This is where Watchtower comes in – a powerful tool that automates the process of keeping your Docker containers fresh and updated. “I am actively using it locally and externally on my […]

Alexander

I am a full-stack developer. My expertise include:

  • Server, Network and Hosting Environments
  • Data Modeling / Import / Export
  • Business Logic
  • API Layer / Action layer / MVC
  • User Interfaces
  • User Experience
  • Understand what the customer and the business needs


I have a deep passion for programming, design, and server architecture—each of these fuels my creativity, and I wouldn’t feel complete without them.

With a broad range of interests, I’m always exploring new technologies and expanding my knowledge wherever needed. The tech world evolves rapidly, and I love staying ahead by embracing the latest innovations.

Beyond technology, I value peace and surround myself with like-minded individuals.

I firmly believe in the principle: Help others, and help will find its way back to you when you need it.

DISCOVER.

.PROJECTS - LEAD
.PROJECTS - I LOVE

.highlights

portalZINE® NMN
Alexander Gräf
Stettiner Str. Nord 20
D-49624 Löningen

© 2002-2025 portalZINE® NMN. All rights reserved.

.highlights

.PROJECTS - LEAD
.PROJECTS - I LOVE

PORTALZINE® NMN
Alexander Gräf
Stettiner Str. Nord 20
DE-49624 Löningen

PUSH THE BOUNDARIES OF YOUR PROJECT.