Difference between revisions of "CentOS7Install"

From Request Tracker Wiki
Jump to navigation Jump to search
m
 
Line 81: Line 81:
  * NOTE:  You may need to run the command more than once.
  * NOTE:  You may need to run the command more than once.
  * You may need to force the install of a module to complete the install:
  * You may need to force the install of a module to complete the install:
   <pre>cpanm HTTP::Headers::Fast</pre>
   <pre>cpanm HTTP::Headers::Fast --force</pre>
## Confirm dependencies:
## Confirm dependencies:
<pre>make testdeps</pre>
<pre>make testdeps</pre>

Latest revision as of 18:26, 11 February 2019

RT 4.4.3 installation on CentOS 7.6.1810

NOTE: Original Document was for CentOS 7.2 and RT 4.4.1 with MySQL. Updated for CentOS 7.6, RT 4.4.3 with PostgreSQL.

CAUTION: Previous versions of this document has been stated that you cannot use this method to install RT 4.4.3 directly - this is corrected with a patch below. Best Practical will be fixing this issue in the 4.4.4 release.

This document provides a quick methodology for installing RT 4.4.3 on CentOS/RHEL 7.6 for an internet-connected server. There is a separate CentOS 6.x install at https://rt-wiki.bestpractical.com/wiki/CentOS6Install.

  1. Assumptions
* Access to the internet and CentOS OS and update repositories is available.
* Installation testing was completed using CentOS 7.6.1810 minimal boot ISO.
* httpd (Apache) 2.4 and mod_fcgid Apache modules were used as the host environment.
* Testing was conducted in both KVM and vSphere environments.
* Note that the EPEL repository is not required for installation on CentOS 7.
  1. OS Installation and Initial Configuration
* (!) It is possible to automate the majority of this section using kickstart files.
    1. Install OS.
* Install the OS from ISO or PXE boot using your normal methodology.
    1. Install prerequisites for RT from OS repository.
yum install expat gd graphviz openssl expat-devel gd-devel graphviz-devel  openssl-devel perl perl-CPAN wget screen mod_fcgid postgresql-server postgresql-devel
yum groupinstall "Development Tools" "Web Server"
* NOTE: We use PostgreSQL as the DB which allows us to enable full text search. (This is a change from the previous version of the document which used MySQL/MariaDB.)
    1. Patch OS
yum update
    1. Disable selinux, by editing /etc/sysconfig/selinux:

SELINUX=disabled

* reboot the OS
    1. Initialize the database:
postgresql-setup initdb
    1. Adjust local services:
systemctl enable postgresql.service
systemctl enable httpd.service
systemctl start postgresql.service
systemctl stop httpd.service
* NOTE:  httpd service needs to be stopped to allow RT web based configuration later.
  1. Configure Supporting Software
    1. Configure postgres user password for postgresql, where 'xxx' is the 'password':
sudo -u postgres psql
  ALTER USER postgres PASSWORD 'xxx';
  \q
* NOTE:  This step configures the internal DB postgres password for the local instance of postgresql
    1. Reconfigure postgres local user access

Configure PostgreSQL to use md5 passwords (needed for RT). Edit /var/lib/pgsql/data/pg_hba.conf and modify the following line from peer to md5:

# "local" is for Unix domain socket connections only
#local   all         all                               peer
local   all         all                               md5
    1. Restart postgres server
systemctl restart postgresql.service
    1. Install CPAN minus.
curl -L http://cpanmin.us | perl - --sudo App::cpanminus
  1. RT Dependencies and Installation
    1. Get RT
mkdir rt
cd rt
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.3.tar.gz
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.3.tar.gz.asc
    1. Verify downloads
* NOTE: Release notes are found at https://bestpractical.com/release-notes/rt/4.4.3
* extract the sha256sums from the release notes online and add them to a new sha256sum.txt file.
738ab43cac902420b3525459e288515d51130d85810659f6c8a7e223c77dadb1  rt-4.4.3.tar.gz
29e0f9c44e30fb8bb2d23448f1930593aef28e4b3faf5bd22619f52e53229c4f  rt-4.4.3.tar.gz.asc
* confirm the files:
sha256sum -c sha256sum.txt
* Confirm the GPG key signatures
gpg rt-4.4.3.tar.gz.asc
gpg --keyserver keyserver.ubuntu.com --recv-key XXX
gpg rt-4.4.3.tar.gz.asc
* NOTE: identify the RSA key ID from the first and replace XXX with the key (RSA key ID 0xFEAC80B2 as of 11 Feb 19)
    1. Extract the files
tar xvzf rt-4.4.3.tar.gz -C /tmp
cd /tmp/rt-4.4.3
    1. Configure RT:
./configure --enable-graphviz --enable-gd --with-web-user=apache --with-web-group=apache --with-db-type=Pg
    1. Configure RT to use cpanm for fixdeps:
export RT_FIX_DEPS_CMD=/usr/local/bin/cpanm
    1. Test the dependencies:
make testdeps
    1. Install the dependencies:
make fixdeps
* NOTE:  You may need to run the command more than once.
* You may need to force the install of a module to complete the install:
cpanm HTTP::Headers::Fast --force
    1. Confirm dependencies:
make testdeps
    1. Insert a missing dependency into lib/RT/Interface/Web/Handler.pm:
* REF:  https://github.com/bestpractical/rt/commit/e07af30477
* Edit the file and insert the RT::ObjectCustomFieldValues at line 61:
use RT::Interface::Web::Request;
use RT::ObjectCustomFieldValues;
use File::Path qw( rmtree );
    1. Install RT (default install is to the /opt/rt4 directory):
 make install
  1. RT Configuration using Web Interface
* (!) It is possible to complete this step by editing the RT files directly, and creating the database.  Refer to the RT documentation for manual steps.
    1. Configure firewalld to open port 80
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
* Note:  This is an example only, which provides full access to the http port..  Configure your firewall as per site policies.
    1. Start the first run installation instance:
/opt/rt4/sbin/rt-server
    1. Configure using the web interface.
* Access the server using a web browser to access the http port.
* Configure the RT instance using the web interface.  Refer to the RT documentation.
    1. Shutdown the rt-server instance.
* When completed Ctrl-C the rt-server instance started above.
  1. Configure web server
    1. Modify /etc/httpd/conf.d/fcgid.conf. Add:

FcgidMaxRequestLen 1073741824

    1. Create /etc/httpd/conf.d/rt.conf:
# RT4 configuration for Apache
#
# With minor changes, this configuration is based on the original documentation:
# https://docs.bestpractical.com/rt/4.4.2/web_deployment.html
#
### Optional apache logs for RT
# Ensure that your log rotation scripts know about these files
# ErrorLog /opt/rt4/var/log/apache2.error
# TransferLog /opt/rt4/var/log/apache2.access
# LogLevel debug

AddDefaultCharset UTF-8

ScriptAlias / /opt/rt4/sbin/rt-server.fcgi/

DocumentRoot "/opt/rt4/share/html"

<Location />
  # For Centos7/Apache 2.4 use this line:
  Require all granted

  # For Centos6/Apache 2.2 use these two lines:
  # Order allow,deny
  # Allow from all

  Options +ExecCGI
  AddHandler fcgid-script fcgi
</Location>
    1. Start apache:
systemctl start httpd.service
  1. Further RT Customization
* These steps are not mandatory, and can be skipped if not desired.
    1. Enable Full Text Indexing
* This command modifies the database to enable full text indexing
* Run:
/opt/rt4/sbin/rt-setup-fulltext-index --no-attachments --dba-password XXX
  * NOTE:  XXX is the postgres DB user password
  * DB Table:     AttachmentsIndex
  * Column Name:  ContentIndex
  * Index:        GIN
* As the last command will leave the postgres DB password in the command history, clear the relevant history record:
history
history -d <number>
  * NOTE:   reflects the line number with the --dba-password statement
    1. Prepare for Offline Attachments
* This enables the migration of embedded attachments from the database to a local filesystem
* Create the directory to store attached files
mkdir /opt/rt4-atts
    1. Modify Site Configuration for fulltext indexing and offline attachments
* Modify /opt/rt4/etc/RT_SiteConfig.pm, inserting the following above the final 1; line.
# enable FullTextSearch
Set( %FullTextSearch,
    Enable     => 1,
    Indexed    => 1,
    Column     => 'ContentIndex',
    Table      => 'AttachmentsIndex',
);
# enable external file storage
Set(%ExternalStorage,
    Type => 'Disk',
    Path => '/opt/rt4-atts',
);
    1. Create RT crontab entry
* 
* Create /etc/cron.d/rt file:
# Request Tracker cron.d/rt file

# For details see man 3 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name command to be executed

# Request Tracker crontab entries
  # attachments - daily moving of large attachments from DB to file system
  0 0 * * * root /opt/rt4/sbin/rt-externalize-attachments
  # indexer - daily indexing of db for fulltext search      
  0 0 * * * root /opt/rt4/sbin/rt-fulltext-indexer --quiet
  # email digests - RT4 email digest processes
  0 0 * * * root /opt/rt4/sbin/rt-email-digest -m daily
  0 0 * * 0 root /opt/rt4/sbin/rt-email-digest -m weekly
  0 * * * * root /opt/rt4/sbin/rt-email-dashboards
  # clean sessions - once a day blow away any open sessions 
  0 0 * * * root /opt/rt4/sbin/rt-clean-sessions 6H
  1. Installation Complete
    1. Reboot server to confirm service restart
* It is recommended that you reboot the server to confirm all services restart and provide RT.
    1. Access RT
* Connect to RT using your web browser and start your site customization.