Contributing
Getting Support
Installation
User guides
Administrator guides
- Authentication
  - CAS
  - Ldap
  - Oauth
  - SAML
  - WordPress
- Database-Migration
- Email
- File Upload
  - Amazon S3
  - Minio
- Hubot
- Import
  - CSV
  - HipChat
    - Cloud
    - Enterprise
  - Slack
    - SlackBridge
- Integrations
  - Zapier
  - Azure Alerts
  - BitBucket
  - Giphy
  - GitHub
  - GitLab`
  - Google-Calendar
  - Guggy
  - Jenkins
  - Jira
  - NewRelic
  - nixstats
  - Osticket
  - PagerDuty
  - Prometheus
  - ReplyGif
  - ReviewBoard
  - RunDeck
  - Sentry
  - Telegram
  - Travis CI
  - Trello
  - uptimerobot
- Internal Hubot
- Jitsi Video Bridge
- Livechat
  - Livechat Queues
- Notifications
  - Push Notifications
- Permissions
- Plug-ins
  - Drupal
  - Pidgin
- Create the First Admin
Developer guides
- Quick Start
- Branches and Releases
- Code Styleguide
  - less
- Iframe Integration
- Internationalization
- Livechat API
- Mobile Apps
- Realtime-API
- Rest API
  - Authentication
    - login
    - logout
    - me
  - Channels
    - addAll
    - addModerator
    - addOwner
    - archive
    - cleanHistory
    - close
    - create
    - getIntegrations
    - history
    - info
    - invite
    - kick
    - leave
    - list.joined
    - list
    - open
    - removeModerator
    - removeOwner
    - rename
    - setDescription
    - setJoinCode
    - setPurpose
    - setReadOnly
    - SetTopic
    - setType
    - unarchive
  - Chat
    - delete
    - getMessage
    - pinMessage
    - postMessage
    - react
    - starMessage
    - unPinMessage
    - unStarMessage
    - update
  - Groups
    - addAll
    - addModerator
    - addOwner
    - archive
    - close
    - create
    - getIntegrations
    - history
    - info
    - invite
    - kick
    - leave
    - list
    - open
    - removeModerator
    - removeOwner
    - rename
    - setDescription
    - setPurpose
    - setReadOnly
    - SetTopic
    - setType
    - unarchive
  - Im
    - close
    - history
    - list.everyone
    - list
    - messages.others
    - open
    - setTopic
  - Integration
    - create
    - list
    - remove
  - Livechat
  - Miscellaneous
    - info
  - Settings
    - get
    - update
  - Users
    - create
    - createToken
    - delete
    - getAvatar
    - getPresence
    - info
    - list
    - register
    - resetAvatar
    - setAvatar
    - update
  - Offset and Count and Sort Info
  - Query and Fields Info
- Schema Definition
- Testing
- Troubleshooting
- UI and Theming
  - Colors
  - Components
  - Themes
Community cookbook

Auto SSL with Snaps

We now include the option to enable Caddy in your snap. Caddy makes use of letsencrypt to automatically provide you SSL protection for your communications.

Enabling Caddy

The first step is to generate some default configuration by running:

sudo rocketchat-server.initcaddy

Alternatively if you are on Debian or another distro:

sudo snap run rocketchat-server.initcaddy

Then, edit the Caddyfile found at: /var/snap/rocketchat-server/current/Caddyfile

It’ll look like this out of the box:

http://:8080
proxy / localhost:3000 {
  websocket
  transparent
}

Replace http://:8080 with your site information. For instance, let’s say I have example-domain.com pointing at my server. To get secured communications, I can do:

example-domain.com
proxy / localhost:3000 {
  websocket
  transparent
}

Please note: using an IP address will not work for automatically enabling SSL. You must use a valid hostname (here’s why).

Now you can restart the Caddy service by running:

sudo systemctl restart snap.rocketchat-server.rocketchat-caddy

You can check that the Caddy service started correctly by running:

sudo systemctl status snap.rocketchat-server.rocketchat-caddy

If everything went well, the site will be accessible at https://example-domain.com.

Testing with an untrusted self-signed certificate

Simply add the tls self_signed directive to your Caddyfile like so:

https://example-domain.com
tls self_signed
proxy / localhost:3000 {
  websocket
  transparent
}

Remember to restart the Caddy service:

sudo systemctl restart snap.rocketchat-server.rocketchat-caddy

This will enable SSL with an untrusted, self-signed certificate for testing purposes.

For details on the Caddy TLS directive, visit https://caddyserver.com/docs/tls

Redirecting HTTP to HTTPS

Redirecting is handled automatically by caddy by omitting the http / https in front.

example-domain.com {
  proxy / localhost:3000 {
    websocket
    transparent
  }
}

Remember to restart the Caddy service:

sudo systemctl restart snap.rocketchat-server.rocketchat-caddy

Disabling SSL or listening on custom ports

This configuration will listen without SSL on the default port 80:

http://example-domain.com {
  proxy / localhost:3000 {
    websocket
    transparent
  }
}

This configuration will listen without SSL on port 8080:

http://example-domain.com:8080 {
  proxy / localhost:3000 {
    websocket
    transparent
  }
}

This configuration will listen with SSL on port 8080:

https://example-domain.com:8080 {
  proxy / localhost:3000 {
    websocket
    transparent
  }
}

Note that, without SSL, you can use an IP address:

http://192.168.1.1:8080 {
  proxy / localhost:3000 {
    websocket
    transparent
  }
}

Remember to restart the Caddy service:

sudo systemctl restart snap.rocketchat-server.rocketchat-caddy

Opening ports when running Rocket.Chat server from behind router

For Caddy to be able to work from behind a router, the following ports need to be opened between the internet and the server. This is usually achieved through router software or web-interface.

HTTP: port 80
HTTPS: port 443