Skip to content

Chatwoot Server Deployment Overview

Prerequisites

The following system parameters and network settings are required for the application to function correctly:

  • Operating System: Ubuntu or Debian.

  • Access: Superuser (root) privileges for package installation and Docker management.

  • Ports:

  • 80 (HTTP) — for initial requests and redirection to HTTPS.

  • 443 (HTTPS) — primary port for application operation via SSL.

  • 3000 (internal) — used by the Rails container.

FQDN of the final panel on hostkey.in domain

A dynamic subdomain is used to access the application, following this pattern:

Parameter Value
Prefix chatwoot
Domain hostkey.in
Full Template chatwoot{Server_ID_from_Invapi}.hostkey.in

File and Directory Structure

All core application components and configuration files are located in the following directory:

  • /opt/chatwoot — root application directory containing the Docker Compose file and environment variables.

  • /etc/nginx/sites-available/ — location of Nginx reverse proxy configurations.

  • /etc/letsencrypt/live/ — directory containing SSL certificates (Certbot).

Application Installation Process

Deployment is performed by configuring the Docker environment and launching containers via docker compose.

The process includes:

  1. Installing necessary system utilities (curl, git, wget).

  2. Configuring the Docker Engine repository.

  3. Creating the /opt/chatwoot directory and downloading the .env template.

  4. Generating a unique SECRET_KEY_BASE to ensure session security.

  5. Initializing the database using the command: docker compose run --rm rails bundle exec rails db:chatwoot_prepare

Access Rights and Security

  • Firewall: Ports 80 and 443 must be open.

  • Data Security:

  • All passwords for databases (PostgreSQL, Redis) are defined in the .env file.

  • Forced HTTPS redirection is enabled (FORCE_SSL=true).

  • Database and internal service ports are bound only to 127.0.0.1, restricting access from outside the server.

Databases

The application uses two databases running in isolated containers:

DB Type Image Hostname (Docker Network) Default Password
PostgreSQL pgvector/pgvector:pg16 postgres chatwoot
Redis redis:alpine redis chatwoot

Database data is stored in Docker named volumes (postgres_data and redis_data).

Docker Containers and Execution

The application is deployed using multiple containers. All containers have the always restart policy.

Service Name Image Ports (host:container) Volumes Environment Variables / Features
rails chatwoot/chatwoot:latest 127.0.0.1:3000:3000 storage_data:/app/storage RAILS_ENV=production, NODE_ENV=production
sidekiq chatwoot/chatwoot:latest Not exposed storage_data:/app/storage Background jobs, production mode
postgres pgvector/pgvector:pg16 127.0.0.1:5432:5432 postgres_data:/var/lib/postgresql/data Configured chatwoot DB
redis redis:alpine 127.0.0.1:6379:6379 redis_data:/data Started with password via command

Application Update Instructions

Updates are performed by pulling new image versions and restarting containers:

docker compose pull && docker compose up -d

Permissions Settings

  • The /opt/chatwoot directory has 0755 access permissions.

  • Configuration files in the application directory have 0644 permissions.

Location of Configuration Files and Data

Type Path / Name
Main environment config /opt/chatwoot/.env
Docker Compose file /opt/chatwoot/docker-compose.yml
Nginx configuration /etc/nginx/sites-available/{prefix}{server_id}.{zone}

Available Connection Ports

Only the following ports are available to external users:

  • 80/TCP (HTTP)

  • 443/TCP (HTTPS)

All other ports (3000, 5432, 6379) are accessible only locally on the server itself.

Starting and Stopping the Application

Container lifecycle management is performed from the /opt/chatwoot directory:

  • Start all services:

    docker compose up -d
    

  • Stop the application:

    docker compose down
    

  • Restart individual components (e.g., Rails):

    docker compose restart rails sidekiq
    

Proxy Servers

Nginx is used as the reverse proxy server.

  • SSL: Certificates are issued via Certbot (Let's Encrypt). Automatic HTTP to HTTPS redirection is configured.

  • Configuration: Nginx acts as a Reverse Proxy, forwarding traffic from ports 80/443 to the internal Rails container port (127.0.0.1:3000).

  • Features: The configuration includes support for Upgrade and Connection headers for correct WebSocket operation (via proxy_set_header Upgrade $http_upgrade;).

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×