Difference between revisions of "CentOS6Install"

From Request Tracker Wiki
Jump to navigation Jump to search
m
(Updated to reflect CentOS 6.10 - and correct MooX::Late to MooX::late)
 
(10 intermediate revisions by one other user not shown)
Line 1: Line 1:
== RT 4.4.2 installation on CentOS 6.9 ==
== RT 4.4.2 installation on CentOS 6.10 ==


NOTE:  Cloned from original document for CentOS 7 install.
NOTE:  Cloned from original document for CentOS 7 install.


This document provides a quick methodology for installing RT 4.4.2 on CentOS/RHEL 6.9 for an internet-connected server.
This document provides a quick methodology for installing RT 4.4.2 on CentOS/RHEL 6.10 for an internet-connected server.
 
CAUTION: While this document has been upgraded for CentOS 6.10, you cannot use this method to install RT 4.4.3 directly - there is an issue with the web install on RT 4.4.3. I've asked Best Practical to look at the issue. It would appear that the PGP key for RT-4.4.3 is not certified, and the web install fails during attempts to follow the method below. I can confirm an upgrade to RT 4.4.3 is possible after following this install, but with the PGP key issue, I do not recommend the upgrade until Best Practical resolves the PGP certified key issue.
 
Note: 


# Assumptions
# Assumptions
  * Access to the internet and CentOS OS and update repositories is available.
  * Access to the internet and CentOS OS, update and EPEL repositories is available.
  * Installation testing was completed using CentOS 6.9 minimal boot ISO.
  * Installation testing was completed using CentOS 6.10 minimal boot ISO.
  * httpd (Apache) 2.2 and mod_fcgid Apache modules were used as the host environment.
  * httpd (Apache) 2.2 and mod_fcgid Apache modules were used as the host environment.
  * mod_fcgid requires enabling the EPEL repository
  * mod_fcgid requires enabling the EPEL repository
Line 20: Line 24:
yum install expat gd graphviz openssl expat-devel gd-devel graphviz-devel  openssl-devel perl perl-CPAN wget screen mod_fcgid postgresql-server postgresql-devel
yum install expat gd graphviz openssl expat-devel gd-devel graphviz-devel  openssl-devel perl perl-CPAN wget screen mod_fcgid postgresql-server postgresql-devel
yum groupinstall "Development Tools" "Web Server"</pre>
yum groupinstall "Development Tools" "Web Server"</pre>
  * NOTES:  We use PostgreSQL as the DB which allows us to enable full text search.  We need to enable the EPEL repository to install mod_fcgid.
  * NOTES:  We use PostgreSQL as the DB which allows us to enable full text search.  We need to enable the EPEL repository to install mod_fcgid on CentOS 6.
## Patch OS
## Patch OS
<pre>yum update</pre>
<pre>yum update</pre>
* Reboot the OS.
* If you are continuing to next step immediately, you do not need to reboot.
## Disable selinux, by editing /etc/sysconfig/selinux:
## Disable selinux, by editing /etc/sysconfig/selinux:
<code>SELINUX=disabled</code>
<code>SELINUX=disabled</code>
## Reboot the OS
  * reboot the OS
  * reboot the OS
## Initialize the database:
## Initialize the database:
Line 43: Line 46:
  * NOTE:  This step configures the internal DB postgres password for the local instance of postgresql
  * NOTE:  This step configures the internal DB postgres password for the local instance of postgresql
## Reconfigure postgres local user access
## Reconfigure postgres local user access
Configure PostgreSQL to use md5 passwords (needed for RT).  Edit /var/lib/pgsql/data/pg_hba.conf and modify the following line from peer to md5:
* Configure PostgreSQL to use md5 passwords (needed for RT).  Edit <code>/var/lib/pgsql/data/pg_hba.conf</code> and modify the following line from peer to md5:
<code>local all all               md5</code>
<pre># "local" is for Unix domain socket connections only
#local   all        all                              ident
local  all         all                               md5</pre>
* Restart postgresql for the changed configuration
<pre>service postgresql restart</pre>
## Install CPAN minus.
## Install CPAN minus.
<pre>curl -L http://cpanmin.us | perl - --sudo App::cpanminus</pre>
<pre>curl -L http://cpanmin.us | perl - --sudo App::cpanminus</pre>
# RT Dependencies and Installation
# RT Dependencies and Installation
## Get RT
<pre>mkdir rt
cd rt
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz.asc</pre>
## Verify downloads
* NOTE:  Release notes are found at https://bestpractical.com/release-notes/rt/4.4.2
* extract the sha256sums from the release notes online and add them to a new <code>sha256sum.txt</code> file.
<pre>b2e366e18c8cb1dfd5bc6c46c116fd28cfa690a368b13fbf3131b21a0b9bbe68  rt-4.4.2.tar.gz
2185c2be31b352ad0a7605f9a4e4720b2c3607df75aae1c0cbace9eb9e6fcef8  rt-4.4.2.tar.gz.asc</pre>
* confirm the files:
<pre>sha256sum -c sha256sum.txt</pre>
## Get RT and extract to /tmp.
## Get RT and extract to /tmp.
<pre>wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz
<pre>tar xvzf rt-4.4.2.tar.gz -C /tmp
tar xvzf rt-4.4.2.tar.gz -C /tmp
cd /tmp/rt-4.4.2</pre>
cd /tmp/rt-4.4.2</pre>
## Configure RT:
## Configure RT:
Line 60: Line 78:
## Install the dependencies:
## Install the dependencies:
<pre>make fixdeps</pre>
<pre>make fixdeps</pre>
  * NOTE:  You may need to run the command more than once.  On RHEL/CentOS 6.9, you may need to manually force the addition of some perl module via <code>cpanm Module::SubModule --force</code>.
  * NOTE:  You may need to run the command more than once.  On RHEL/CentOS 6.10, you may need to manually force the installation of the <code>MooX::late</code> module, a dependency of <code>Gpg::Interface</code> and then rerun fixdeps.
<pre>cpanm MooX::late --force</pre>
## Confirm dependencies:
## Confirm dependencies:
<pre>make testdeps</pre>
<pre>make testdeps</pre>
Line 72: Line 91:
  * Access the server using a web browser to access the http port.
  * Access the server using a web browser to access the http port.
  * Configure the RT instance using the web interface.  Refer to the RT documentation.
  * Configure the RT instance using the web interface.  Refer to the RT documentation.
  * NOTE:  You will likely need to disable your firewall or open port 80.  <code>service iptables stop</code> will disable the firewall temporarily.
* With the local database instance, you will need to leave the Database Host and Database Port field empty on the Check Database Credentials page.
  * NOTE:  You will likely need to disable your firewall or open port 80 to access the web page remotely.  <code>service iptables stop</code> will disable the firewall temporarily.
## Shutdown the rt-server instance.
## Shutdown the rt-server instance.
  * When completed Ctrl-C the rt-server instance started above.
  * When completed Ctrl-C the rt-server instance started above.
Line 101: Line 121:
<Location /rt>
<Location /rt>
   # For Centos7/Apache 2.4 this line:
   # For Centos7/Apache 2.4 this line:
   Require all granted
   # Require all granted
   # For Centos6/Apache 2.2 these two lines:
   # For Centos6/Apache 2.2 these two lines:
   # Order allow,deny
   Order allow,deny
   # Allow from all
   Allow from all
   Options +ExecCGI
   Options +ExecCGI
   AddHandler fcgid-script fcgi
   AddHandler fcgid-script fcgi
Line 112: Line 132:
## Modify iptables
## Modify iptables
  * Complete your iptables configuration to suite your local requirements.
  * Complete your iptables configuration to suite your local requirements.
  * To open the firewall for port 80, edit the <code>/etc/sysconfig/iptables</code> file and add the following line:
  * To open the firewall for port 80, edit the <code>/etc/sysconfig/iptables</code> file and insert the following line after the SSH (dport 22) line:
   <pre>insert sample line here</pre>
   <pre>-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT</pre>
* Then restart iptables
  <pre>service iptables restart</pre>
## Reboot  
## Reboot  
  * conduct a reboot to confirm the web server restarts and enable provides access to RT.
  * conduct a reboot to confirm the web server restarts and enable provides access to RT.

Latest revision as of 17:34, 22 October 2018

RT 4.4.2 installation on CentOS 6.10

NOTE: Cloned from original document for CentOS 7 install.

This document provides a quick methodology for installing RT 4.4.2 on CentOS/RHEL 6.10 for an internet-connected server.

CAUTION: While this document has been upgraded for CentOS 6.10, you cannot use this method to install RT 4.4.3 directly - there is an issue with the web install on RT 4.4.3. I've asked Best Practical to look at the issue. It would appear that the PGP key for RT-4.4.3 is not certified, and the web install fails during attempts to follow the method below. I can confirm an upgrade to RT 4.4.3 is possible after following this install, but with the PGP key issue, I do not recommend the upgrade until Best Practical resolves the PGP certified key issue.

Note:

  1. Assumptions
* Access to the internet and CentOS OS, update and EPEL repositories is available.
* Installation testing was completed using CentOS 6.10 minimal boot ISO.
* httpd (Apache) 2.2 and mod_fcgid Apache modules were used as the host environment.
* mod_fcgid requires enabling the EPEL repository
* Testing was conducted in both KVM and vSphere environments.
  1. OS Installation and Initial Configuration
* (!) It is possible to automate the majority of this section using kickstart files.
    1. Install OS.
* Install the OS from ISO or PXE boot using your normal methodology.
    1. Install prerequisites for RT from OS repository.
yum install epel-release
yum install expat gd graphviz openssl expat-devel gd-devel graphviz-devel  openssl-devel perl perl-CPAN wget screen mod_fcgid postgresql-server postgresql-devel
yum groupinstall "Development Tools" "Web Server"
* NOTES:  We use PostgreSQL as the DB which allows us to enable full text search.  We need to enable the EPEL repository to install mod_fcgid on CentOS 6.
    1. Patch OS
yum update
    1. Disable selinux, by editing /etc/sysconfig/selinux:

SELINUX=disabled

    1. Reboot the OS
* reboot the OS
    1. Initialize the database:
service postgresql initdb
    1. Adjust local services:
chkconfig postgresql on
chkconfig httpd on
service postgresql start
service httpd stop
* NOTE:  httpd service needs to be stopped to allow RT web based configuration later.
  1. Configure Supporting Software
    1. Configure postgres user password for postgresql:
sudo -u postgres psql
  ALTER USER postgres PASSWORD 'xxx';
  \q
* NOTE:  This step configures the internal DB postgres password for the local instance of postgresql
    1. Reconfigure postgres local user access
* Configure PostgreSQL to use md5 passwords (needed for RT).  Edit /var/lib/pgsql/data/pg_hba.conf and modify the following line from peer to md5:
# "local" is for Unix domain socket connections only
#local   all         all                               ident
local   all         all                               md5
* Restart postgresql for the changed configuration
service postgresql restart
    1. Install CPAN minus.
curl -L http://cpanmin.us | perl - --sudo App::cpanminus
  1. RT Dependencies and Installation
    1. Get RT
mkdir rt
cd rt
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz.asc
    1. Verify downloads
* NOTE:  Release notes are found at https://bestpractical.com/release-notes/rt/4.4.2
* extract the sha256sums from the release notes online and add them to a new sha256sum.txt file.
b2e366e18c8cb1dfd5bc6c46c116fd28cfa690a368b13fbf3131b21a0b9bbe68  rt-4.4.2.tar.gz
2185c2be31b352ad0a7605f9a4e4720b2c3607df75aae1c0cbace9eb9e6fcef8  rt-4.4.2.tar.gz.asc
* confirm the files:
sha256sum -c sha256sum.txt
    1. Get RT and extract to /tmp.
tar xvzf rt-4.4.2.tar.gz -C /tmp
cd /tmp/rt-4.4.2
    1. Configure RT:
./configure --enable-graphviz --enable-gd --with-web-user=apache --with-web-group=apache --with-db-type=Pg
    1. Configure RT to use cpanm for fixdeps:
export RT_FIX_DEPS_CMD=/usr/local/bin/cpanm
    1. Test the dependencies:
make testdeps
    1. Install the dependencies:
make fixdeps
* NOTE:  You may need to run the command more than once.  On RHEL/CentOS 6.10, you may need to manually force the installation of the MooX::late module, a dependency of Gpg::Interface and then rerun fixdeps.
cpanm MooX::late --force
    1. Confirm dependencies:
make testdeps
    1. Install RT (default install is to the /opt/rt4 directory):
 make install
  1. RT Configuration using Web Interface
* (!) It is possible to complete this step by editing the RT files directly, and creating the database.  Refer to the RT documentation for manual steps.
    1. Start the first run installation instance:
/opt/rt4/sbin/rt-server
    1. Configure using the web interface.
* Access the server using a web browser to access the http port.
* Configure the RT instance using the web interface.  Refer to the RT documentation.
* With the local database instance, you will need to leave the Database Host and Database Port field empty on the Check Database Credentials page.
* NOTE:  You will likely need to disable your firewall or open port 80 to access the web page remotely.  service iptables stop will disable the firewall temporarily.
    1. Shutdown the rt-server instance.
* When completed Ctrl-C the rt-server instance started above.
  1. Configure RT:
* Modify RT to allow web access using a trailing /rt
* (!) This is a personal preference.  The web server example in the next section assumes /rt is used.
    1. Modify /opt/rt4/etc/RT_SiteConfig.pm. Add the following line:

Set( $WebPath, '/rt' );

  1. Configure web server
    1. Modify /etc/httpd/conf.d/fcgid.conf. Add:

FcgidMaxRequestLen 1073741824

    1. Create /etc/httpd/conf.d/rt.conf:
# RT4 configuration for Apache
### Optional apache logs for RT
# Ensure that your log rotation scripts know about these files
# ErrorLog /opt/rt4/var/log/apache2.error
# TransferLog /opt/rt4/var/log/apache2.access
# LogLevel debug

AddDefaultCharset UTF-8

Alias /rt/NoAuth/images /opt/rt4/share/html/NoAuth/images/

ScriptAlias /rt /opt/rt4/sbin/rt-server.fcgi/

DocumentRoot "/opt/rt4/share/html"

<Location /rt>
  # For Centos7/Apache 2.4 this line:
  # Require all granted
  # For Centos6/Apache 2.2 these two lines:
  Order allow,deny
  Allow from all
  Options +ExecCGI
  AddHandler fcgid-script fcgi
</Location>
    1. Start apache:
service httpd start
    1. Modify iptables
* Complete your iptables configuration to suite your local requirements.
* To open the firewall for port 80, edit the /etc/sysconfig/iptables file and insert the following line after the SSH (dport 22) line:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
* Then restart iptables
service iptables restart
    1. Reboot
* conduct a reboot to confirm the web server restarts and enable provides access to RT.
  1. Installation Complete
    1. Access RT
* Connect to RT using your web browser, login using the root user and start your site customization.