From ad04ec37006003bed1322c833b66630c950fe9b6 Mon Sep 17 00:00:00 2001
From: thomasabishop <tactonbishop@gmail.com>
Date: Tue, 8 Apr 2025 18:18:03 +0100
Subject: [PATCH] feat (service): setup rocketchat

---
 proxy/nginx/conf.d/rocketchat.conf     | 36 +++++++++++++++++
 services/rocketchat/docker-compose.yml | 53 ++++++++++++++++++++++++++
 2 files changed, 89 insertions(+)
 create mode 100644 proxy/nginx/conf.d/rocketchat.conf
 create mode 100644 services/rocketchat/docker-compose.yml

diff --git a/proxy/nginx/conf.d/rocketchat.conf b/proxy/nginx/conf.d/rocketchat.conf
new file mode 100644
index 0000000..6dd2b3f
--- /dev/null
+++ b/proxy/nginx/conf.d/rocketchat.conf
@@ -0,0 +1,36 @@
+# HTTP configuration
+# -- Redirect all HTTP requests to HTTPS port
+server {
+	listen 80; # HTTP port
+	server_name rocketchat.systemsobscure.net;
+	location / {
+		return 301 https://$host$request_uri; # Variable is a placeholder for all requests to the server name
+	}
+}
+
+# HTTPS configuration 
+
+server {
+	listen 443 ssl;
+	server_name rocketchat.systemsobscure.net;
+
+	# SSL configuration
+	ssl_certificate /etc/letsencrypt/live/systemsobscure.net/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/systemsobscure.net/privkey.pem;
+
+	# Security headers
+  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    
+	# Proxy Configuration
+  location / {
+		proxy_pass http://rocketchat:3000; # Docker network address
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+  }
+		# WebSocket support
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+}
diff --git a/services/rocketchat/docker-compose.yml b/services/rocketchat/docker-compose.yml
new file mode 100644
index 0000000..53e2e65
--- /dev/null
+++ b/services/rocketchat/docker-compose.yml
@@ -0,0 +1,53 @@
+services:
+  mongo:
+    image: mongo:6.0
+    restart: always
+    container_name: rocketchat-mongodb
+    command: mongod --replSet rs0 --oplogSize 128
+    user: "1000:1000"
+    environment:
+      - MONGO_INITDB_ROOT_USERNAME=rocketchat
+      - MONGO_INITDB_ROOT_PASSWORD=${ROCKETCHAT_MONGO_PASSWORD}
+    volumes:
+      - /mnt/storagebox_alpha/rocketchat/mongo/db:/data/db
+    networks:
+      - rocketchat
+
+  mongo-init-replica:
+    image: mongo:6.0
+    restart: "no"
+    container_name: rocketchat-mongo-init
+    user: "1000:1000"
+    command: >
+      bash -c "sleep 10 && mongosh --host mongo --eval \"rs.initiate({ _id: 'rs0', members: [ { _id: 0, host: 'mongo:27017' } ]})\" && exit 0"
+    networks:
+      - rocketchat
+
+  rocketchat:
+    image: rocket.chat:latest
+    restart: always
+    container_name: rocketchat
+    environment:
+      - PORT=3000
+      - ROOT_URL=https://rocketchat.systemsobscure.net
+      - MONGO_URL=mongodb://rocketchat:${ROCKETCHAT_MONGO_PASSWORD}@mongo:27017/rocketchat?replicaSet=rs0&authSource=admin
+      - MONGO_OPLOG_URL=mongodb://rocketchat:${ROCKETCHAT_MONGO_PASSWORD}@mongo:27017/local?replicaSet=rs0&authSource=admin
+      - DEPLOY_METHOD=docker
+      - STATISTICS_COLLECTION=false
+      - UPDATE_CHECKING=false
+    volumes:
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    depends_on:
+      - mongo
+    ports:
+      - "8003:3000"
+    networks:
+      - rocketchat
+      - web
+
+networks:
+  rocketchat:
+    driver: bridge
+  web:
+    external: true