Difference between revisions of "CentOS7Install"

From Request Tracker Wiki
Jump to navigation Jump to search
(Minor updates for new CentOS and warnings about RT-4.4.3)
Line 1: Line 1:
== RT 4.4.2 installation on CentOS 7.4.1708 ==
== RT 4.4.2 installation on CentOS 7.5.1804 ==

NOTE:  Original Document was for CentOS 7.2 and RT 4.4.1 with MySQL.  Updated for CentOS 7.5, RT 4.4.2 with PostgreSQL.
NOTE:  Original Document was for CentOS 7.2 and RT 4.4.1 with MySQL.  Updated for CentOS 7.5, RT 4.4.2 with PostgreSQL.

Revision as of 17:35, 22 October 2018

RT 4.4.2 installation on CentOS 7.5.1804

NOTE: Original Document was for CentOS 7.2 and RT 4.4.1 with MySQL. Updated for CentOS 7.5, RT 4.4.2 with PostgreSQL.

CAUTION: While this document has been upgraded for CentOS 7.5, you cannot use this method to install RT 4.4.3 directly - there is an issue with the web install on RT 4.4.3. I've asked Best Practical to look at the issue. It would appear that the PGP key for RT-4.4.3 is not certified, and the web install fails during attempts to follow the method below. I can confirm an upgrade to RT 4.4.3 is possible after following this install, but with the PGP key issue, I do not recommend the upgrade until Best Practical resolves the PGP certified key issue.

This document provides a quick methodology for installing RT 4.4.2 on CentOS/RHEL 7.5 for an internet-connected server. There is a separate CentOS 6.x install at https://rt-wiki.bestpractical.com/wiki/CentOS6Install.

  1. Assumptions
* Access to the internet and CentOS OS and update repositories is available.
* Installation testing was completed using CentOS 7.5.1804 minimal boot ISO.
* httpd (Apache) 2.4 and mod_fcgid Apache modules were used as the host environment.
* Testing was conducted in both KVM and vSphere environments.
* Note that the EPEL repository is not required for installation on CentOS 7.
  1. OS Installation and Initial Configuration
* (!) It is possible to automate the majority of this section using kickstart files.
    1. Install OS.
* Install the OS from ISO or PXE boot using your normal methodology.
    1. Install prerequisites for RT from OS repository.
yum install expat gd graphviz openssl expat-devel gd-devel graphviz-devel  openssl-devel perl perl-CPAN wget screen mod_fcgid postgresql-server postgresql-devel
yum groupinstall "Development Tools" "Web Server"
* NOTE: We use PostgreSQL as the DB which allows us to enable full text search. (This is a change from the previous version of the document which used MySQL/MariaDB.)
    1. Patch OS
yum update
    1. Disable selinux, by editing /etc/sysconfig/selinux:


* reboot the OS
    1. Initialize the database:
postgresql-setup initdb
    1. Adjust local services:
systemctl enable postgresql.service
systemctl enable httpd.service
systemctl start postgresql.service
systemctl stop httpd.service
* NOTE:  httpd service needs to be stopped to allow RT web based configuration later.
  1. Configure Supporting Software
    1. Configure postgres user password for postgresql, where 'xxx' is the 'password':
sudo -u postgres psql
  ALTER USER postgres PASSWORD 'xxx';
* NOTE:  This step configures the internal DB postgres password for the local instance of postgresql
    1. Reconfigure postgres local user access

Configure PostgreSQL to use md5 passwords (needed for RT). Edit /var/lib/pgsql/data/pg_hba.conf and modify the following line from peer to md5:

# "local" is for Unix domain socket connections only
#local   all         all                               ident
local   all         all                               md5
    1. Restart postgres server
systemctl restart postgresql.service
    1. Install CPAN minus.
curl -L http://cpanmin.us | perl - --sudo App::cpanminus
  1. RT Dependencies and Installation
    1. Get RT
mkdir rt
cd rt
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz.asc
    1. Verify downloads
* NOTE: Release notes are found at https://bestpractical.com/release-notes/rt/4.4.2
* extract the sha256sums from the release notes online and add them to a new sha256sum.txt file.
b2e366e18c8cb1dfd5bc6c46c116fd28cfa690a368b13fbf3131b21a0b9bbe68  rt-4.4.2.tar.gz
2185c2be31b352ad0a7605f9a4e4720b2c3607df75aae1c0cbace9eb9e6fcef8  rt-4.4.2.tar.gz.asc
* confirm the files:
sha256sum -c sha256sum.txt
* Confirm the GPG key signatures
gpg rt-4.4.2.tar.gz.asc
gpg --keyserver pgpkeys.mit.edu --recv-key XXX
gpg rt-4.4.2.tar.gz.asc
* NOTE: identify the RSA key ID from the first and replace XXX with the key (RSA key ID 31440520 as of 12 Apr 18)
    1. Extract the files
tar xvzf rt-4.4.2.tar.gz -C /tmp
cd /tmp/rt-4.4.2
    1. Configure RT:
./configure --enable-graphviz --enable-gd --with-web-user=apache --with-web-group=apache --with-db-type=Pg
    1. Configure RT to use cpanm for fixdeps:
export RT_FIX_DEPS_CMD=/usr/local/bin/cpanm
    1. Test the dependencies:
make testdeps
    1. Install the dependencies:
make fixdeps
* NOTE:  You may need to run the command more than once.
    1. Confirm dependencies:
make testdeps
    1. Install RT (default install is to the /opt/rt4 directory):
 make install
  1. RT Configuration using Web Interface
* (!) It is possible to complete this step by editing the RT files directly, and creating the database.  Refer to the RT documentation for manual steps.
    1. Configure firewalld to open port 80
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
* Note:  This is an example only, which provides full access to the http port..  Configure your firewall as per site policies.
    1. Start the first run installation instance:
    1. Configure using the web interface.
* Access the server using a web browser to access the http port.
* Configure the RT instance using the web interface.  Refer to the RT documentation.
    1. Shutdown the rt-server instance.
* When completed Ctrl-C the rt-server instance started above.
  1. Configure web server
    1. Modify /etc/httpd/conf.d/fcgid.conf. Add:

FcgidMaxRequestLen 1073741824

    1. Create /etc/httpd/conf.d/rt.conf:
# RT4 configuration for Apache
# With minor changes, this configuration is based on the original documentation:
# https://docs.bestpractical.com/rt/4.4.2/web_deployment.html
### Optional apache logs for RT
# Ensure that your log rotation scripts know about these files
# ErrorLog /opt/rt4/var/log/apache2.error
# TransferLog /opt/rt4/var/log/apache2.access
# LogLevel debug

AddDefaultCharset UTF-8

ScriptAlias / /opt/rt4/sbin/rt-server.fcgi/

DocumentRoot "/opt/rt4/share/html"

<Location />
  # For Centos7/Apache 2.4 use this line:
  Require all granted

  # For Centos6/Apache 2.2 use these two lines:
  # Order allow,deny
  # Allow from all

  Options +ExecCGI
  AddHandler fcgid-script fcgi
    1. Start apache:
systemctl start httpd.service
  1. Further RT Customization
* These steps are not mandatory, and can be skipped if not desired.
    1. Enable Full Text Indexing
* This command modifies the database to enable full text indexing
* Run:
/opt/rt4/sbin/rt-setup-fulltext-index --no-attachments --dba-password XXX
  * NOTE:  XXX is the postgres DB user password
  * DB Table:     AttachmentsIndex
  * Column Name:  ContentIndex
  * Index:        GIN
* As the last command will leave the postgres DB password in the command history, clear the relevant history record:
history -d <number>
  * NOTE:   reflects the line number with the --dba-password statement
    1. Prepare for Offline Attachments
* This enables the migration of embedded attachments from the database to a local filesystem
* Create the directory to store attached files
mkdir /opt/rt4-atts
    1. Modify Site Configuration for fulltext indexing and offline attachments
* Modify /opt/rt4/etc/RT_SiteConfig.pm, inserting the following above the final 1; line.
# enable FullTextSearch
Set( %FullTextSearch,
    Enable     => 1,
    Indexed    => 1,
    Column     => 'ContentIndex',
    Table      => 'AttachmentsIndex',
# enable external file storage
    Type => 'Disk',
    Path => '/opt/rt4-atts',
    1. Create RT crontab entry
* Create /etc/cron.d/rt file:
# Request Tracker cron.d/rt file

# For details see man 3 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name command to be executed

# Request Tracker crontab entries
  # attachments - daily moving of large attachments from DB to file system
  0 0 * * * root /opt/rt4/sbin/rt-externalize-attachments
  # indexer - daily indexing of db for fulltext search      
  0 0 * * * root /opt/rt4/sbin/rt-fulltext-indexer --quiet
  # email digests - RT4 email digest processes
  0 0 * * * root /opt/rt4/sbin/rt-email-digest -m daily
  0 0 * * 0 root /opt/rt4/sbin/rt-email-digest -m weekly
  0 * * * * root /opt/rt4/sbin/rt-email-dashboards
  # clean sessions - once a day blow away any open sessions 
  0 0 * * * root /opt/rt4/sbin/rt-clean-sessions 6H
  1. Installation Complete
    1. Reboot server to confirm service restart
* It is recommended that you reboot the server to confirm all services restart and provide RT.
    1. Access RT
* Connect to RT using your web browser and start your site customization.