CentOS7Install

From Request Tracker Wiki
Jump to: navigation, search

RT 4.4.2 installation on CentOS 7.5.1804

NOTE: Original Document was for CentOS 7.2 and RT 4.4.1 with MySQL. Updated for CentOS 7.5, RT 4.4.2 with PostgreSQL.

CAUTION: While this document has been upgraded for CentOS 7.5, you cannot use this method to install RT 4.4.3 directly - there is an issue with the web install on RT 4.4.3. I've asked Best Practical to look at the issue. It would appear that the PGP key for RT-4.4.3 is not certified, and the web install fails during attempts to follow the method below. I can confirm an upgrade to RT 4.4.3 is possible after following this install, but with the PGP key issue, I do not recommend the upgrade until Best Practical resolves the PGP certified key issue.

This document provides a quick methodology for installing RT 4.4.2 on CentOS/RHEL 7.5 for an internet-connected server. There is a separate CentOS 6.x install at https://rt-wiki.bestpractical.com/wiki/CentOS6Install.

Assumptions

  • Access to the internet and CentOS OS and update repositories is available.
  • Installation testing was completed using CentOS 7.5.1804 minimal boot ISO.
  • httpd (Apache) 2.4 and mod_fcgid Apache modules were used as the host environment.
  • Testing was conducted in both KVM and vSphere environments.
  • Note that the EPEL repository is not required for installation on CentOS 7.

OS Installation and Initial Configuration

  • (!) It is possible to automate the majority of this section using kickstart files.

Install OS.

  • Install the OS from ISO or PXE boot using your normal methodology.

Install prerequisites for RT from OS repository.

yum install expat gd graphviz openssl expat-devel gd-devel graphviz-devel  openssl-devel perl perl-CPAN wget screen mod_fcgid postgresql-server postgresql-devel
yum groupinstall "Development Tools" "Web Server"
  • NOTE: We use PostgreSQL as the DB which allows us to enable full text search. (This is a change from the previous version of the document which used MySQL/MariaDB.)

Patch OS

yum update

Disable selinux, by editing /etc/sysconfig/selinux:

SELINUX=disabled

* reboot the OS

Initialize the database:

postgresql-setup initdb

Adjust local services:

systemctl enable postgresql.service
systemctl enable httpd.service
systemctl start postgresql.service
systemctl stop httpd.service
  • NOTE: httpd service needs to be stopped to allow RT web based configuration later.

Configure Supporting Software

Configure postgres user password for postgresql, where 'xxx' is the 'password':

sudo -u postgres psql
  ALTER USER postgres PASSWORD 'xxx';
  \q
  • NOTE: This step configures the internal DB postgres password for the local instance of postgresql

Reconfigure postgres local user access

Configure PostgreSQL to use md5 passwords (needed for RT). Edit /var/lib/pgsql/data/pg_hba.conf and modify the following line from peer to md5:

# "local" is for Unix domain socket connections only
#local   all         all                               ident
local   all         all                               md5

Restart postgres server

systemctl restart postgresql.service

Install CPAN minus.

curl -L http://cpanmin.us | perl - --sudo App::cpanminus

RT Dependencies and Installation

Get RT

mkdir rt
cd rt
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz
wget https://download.bestpractical.com/pub/rt/release/rt-4.4.2.tar.gz.asc

Verify downloads

b2e366e18c8cb1dfd5bc6c46c116fd28cfa690a368b13fbf3131b21a0b9bbe68  rt-4.4.2.tar.gz
2185c2be31b352ad0a7605f9a4e4720b2c3607df75aae1c0cbace9eb9e6fcef8  rt-4.4.2.tar.gz.asc
  • confirm the files:
sha256sum -c sha256sum.txt
  • Confirm the GPG key signatures
gpg rt-4.4.2.tar.gz.asc
gpg --keyserver pgpkeys.mit.edu --recv-key XXX
gpg rt-4.4.2.tar.gz.asc
  • NOTE: identify the RSA key ID from the first and replace XXX with the key (RSA key ID 31440520 as of 12 Apr 18)

Extract the files

tar xvzf rt-4.4.2.tar.gz -C /tmp
cd /tmp/rt-4.4.2

Configure RT:

./configure --enable-graphviz --enable-gd --with-web-user=apache --with-web-group=apache --with-db-type=Pg

Configure RT to use cpanm for fixdeps:

export RT_FIX_DEPS_CMD=/usr/local/bin/cpanm

Test the dependencies:

make testdeps

Install the dependencies:

make fixdeps
  • NOTE: You may need to run the command more than once.

Confirm dependencies:

make testdeps

Install RT (default install is to the /opt/rt4 directory):

 make install

RT Configuration using Web Interface

  • (!) It is possible to complete this step by editing the RT files directly, and creating the database. Refer to the RT documentation for manual steps.

Configure firewalld to open port 80

firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
  • Note: This is an example only, which provides full access to the http port.. Configure your firewall as per site policies.

Start the first run installation instance:

/opt/rt4/sbin/rt-server

Configure using the web interface.

  • Access the server using a web browser to access the http port.
  • Configure the RT instance using the web interface. Refer to the RT documentation.

Shutdown the rt-server instance.

  • When completed Ctrl-C the rt-server instance started above.

Configure web server

Modify /etc/httpd/conf.d/fcgid.conf. Add:

FcgidMaxRequestLen 1073741824

Create /etc/httpd/conf.d/rt.conf:

# RT4 configuration for Apache
#
# With minor changes, this configuration is based on the original documentation:
# https://docs.bestpractical.com/rt/4.4.2/web_deployment.html
#
### Optional apache logs for RT
# Ensure that your log rotation scripts know about these files
# ErrorLog /opt/rt4/var/log/apache2.error
# TransferLog /opt/rt4/var/log/apache2.access
# LogLevel debug

AddDefaultCharset UTF-8

ScriptAlias / /opt/rt4/sbin/rt-server.fcgi/

DocumentRoot "/opt/rt4/share/html"

<Location />
  # For Centos7/Apache 2.4 use this line:
  Require all granted

  # For Centos6/Apache 2.2 use these two lines:
  # Order allow,deny
  # Allow from all

  Options +ExecCGI
  AddHandler fcgid-script fcgi
</Location>

Start apache:

systemctl start httpd.service

Further RT Customization

  • These steps are not mandatory, and can be skipped if not desired.

Enable Full Text Indexing

  • This command modifies the database to enable full text indexing
  • Run:
/opt/rt4/sbin/rt-setup-fulltext-index --no-attachments --dba-password XXX
  • NOTE: XXX is the postgres DB user password
  • DB Table: AttachmentsIndex
  • Column Name: ContentIndex
  • Index: GIN
    • As the last command will leave the postgres DB password in the command history, clear the relevant history record:
history
history -d <number>
  • NOTE: reflects the line number with the --dba-password statement

Prepare for Offline Attachments

  • This enables the migration of embedded attachments from the database to a local filesystem
  • Create the directory to store attached files
mkdir /opt/rt4-atts

Modify Site Configuration for fulltext indexing and offline attachments

  • Modify /opt/rt4/etc/RT_SiteConfig.pm, inserting the following above the final 1; line.
# enable FullTextSearch
Set( %FullTextSearch,
    Enable     => 1,
    Indexed    => 1,
    Column     => 'ContentIndex',
    Table      => 'AttachmentsIndex',
);
# enable external file storage
Set(%ExternalStorage,
    Type => 'Disk',
    Path => '/opt/rt4-atts',
);

Create RT crontab entry

  • Create /etc/cron.d/rt file:
# Request Tracker cron.d/rt file

# For details see man 3 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name command to be executed

# Request Tracker crontab entries
  # attachments - daily moving of large attachments from DB to file system
  0 0 * * * root /opt/rt4/sbin/rt-externalize-attachments
  # indexer - daily indexing of db for fulltext search      
  0 0 * * * root /opt/rt4/sbin/rt-fulltext-indexer --quiet
  # email digests - RT4 email digest processes
  0 0 * * * root /opt/rt4/sbin/rt-email-digest -m daily
  0 0 * * 0 root /opt/rt4/sbin/rt-email-digest -m weekly
  0 * * * * root /opt/rt4/sbin/rt-email-dashboards
  # clean sessions - once a day blow away any open sessions 
  0 0 * * * root /opt/rt4/sbin/rt-clean-sessions 6H

Installation Complete

Reboot server to confirm service restart

  • It is recommended that you reboot the server to confirm all services restart and provide RT.

Access RT

  • Connect to RT using your web browser and start your site customization.