Diff: RequestTrackerOnCentos5

Differences between version 16 and predecessor to the previous major change of RequestTrackerOnCentos5.

Other diffs: Previous Revision, Previous Author

version 16

RequestTracker on CentOS 5

I recently assisted a friend in installing and configuring the latest Request Tracker issue tracking system. There didn't seem to be good instructions about this on the web so I've written up my notes as a walkthrough here. These notes are specific to installing RT on a CentOS 5 GoDaddy VPS running over SSL but there should be enough generic info to cover any RT install on a modern linux system.

Initial Download and Configuration

Run yum update beforehand to ensure you have the latest versions of all the system packages.

Get the RT source from bestpractical. I followed these initial instructions although they are geared towards the older RT 3.

Next download needed perl updates via CPAN. Start the cpan shell with sudo perl -MCPAN -e shell. Set cpan to auto-follow dependencies by entering this in the cpan shell:

o conf prerequisites_policy follow
o conf commit

Then install Bundle::CPAN to get all your perl dependencies current. reload cpan and reload index so your perl install is all current.

It seems to not matter if you use fastcgi or mod_perl.

I used mod_perl since it was already installed on the system, along with Apache 2.2. The default version of perl is the old 5.8.8 but upgrading looks too painful.

Untar the rt source package and configure it:

$ tar zxvf rt.tar.gz
$ cd rt-4.0.1
$ ./configure

I just used the defaults for all the configure settings.

$ cd rt-4.0.1
$ make fixdeps
$ make testdeps

If make testdeps still complains, try running make fixdeps again.

Finally run sudo make install to actually install rt under /opt/rt4.

RT-Specific Setup, Mail Setup

Edit /opt/rt4/etc/RT_SiteConfig.pm to configure your site-specific settings. Here's what I used:

Set($rtname , "example.com");
Set($Organization , "example");
Set($MinimumPasswordLength , "5");
Set($Timezone , 'US/Pacific');

Set($DatabaseType , 'mysql');
Set($DatabaseHost   , 'localhost');
Set($DatabaseRTHost , 'localhost');
Set($DatabasePort , '');
Set($DatabaseUser , 'XXXXXXXX');
Set($DatabasePassword , 'YYYYYYYY);
Set($WebPath , "/rt");
#Set($WebDomain, "example.com");

Set($WebPort , 443);
Set($WebBaseURL , "https://example.com");
Set($WebURL , $WebBaseURL . $WebPath . "/");
Set($DatabaseName , 'rt4');

Set($RTAddressRegexp , '^rt(-\S+|-\S+-comment)?\@(www\.)?example.com$');
Set($CorrespondAddress , 'no-reply@example.com');
Set($CommentAddress , 'no-reply@example.com');

Set up your mysql database with sudo make initialize-database. Enter password YYYYYYYY from above when prompted and the mysql database will be completely autoconfigured.

Next set up the root crontabs with sudo crontab -e:

0 0 * * * /opt/rt4/sbin/rt-email-digest -m daily
0 0 * * 0 /opt/rt4/sbin/rt-email-digest -m weekly
0 * * * * /opt/rt4/sbin/rt-email-dashboards

Edit /etc/aliases and add:

rt:         "|/opt/rt4/bin/rt-mailgate --queue general --action correspond --url https://rt.example.com/rt"
rt-comment: "|/opt/rt4/bin/rt-mailgate --queue general --action comment --url https://rt.example.com/rt"

then run sudo newaliases to regenerate the aliases database.

I had to fix up /etc/postfix/main.cf because the stupid godaddy vps blocks outgoing port 25. GoDaddy sucks, use a different VPS service.

Assuming that your host is the authoritative mail sever for the domain, and the only server in your domain (no relaying), your main.cf should look something like this:

myhostname = www.example.com
mydomain = example.com
myorigin=$mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks_style = host
# brackets to disable mx lookups!
relayhost = [s2smtpout.secureserver.net]

Now it's time to fix up the host spamassassin configuration, by default it runs as user nobody and generates errors in logs because user nobody has homedir /.

first fix /etc/sysconfig/spamassin:

SPAMDOPTIONS="-d -c -m5 -u spamd -H /var/log/spamassassin -x"

then create a spamd user:

$ sudo /usr/sbin/groupadd spamd
$ sudo /usr/sbin/useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd

After that you need to restart spamassassin with /etc/init.d/spamd restart

With that mail should be flowing through spamassassin correctly. Check /var/log/maillog to confirm.

Don't forget to open port 25 to incoming mail in your firewall:

/sbin/iptables -I INPUT 5 -i eth0 -p tcp -m tcp --dport 25 -j ACCEPT

Add that to /etc/sysconfig/iptables to make it permanent:

-A INPUT -i eth0 -p tcp -m tcp --dport 25 -j ACCEPT

Create /etc/httpd/conf.d/rt4.conf with following contents:

# RequestTracker
<Location /rt>
  Order allow,deny
  Allow from all

  SetHandler modperl
  PerlResponseHandler Plack::Handler::Apache2
  PerlSetVar psgi_app /opt/rt4/sbin/rt-server
</Location>
<Perl>
  use Plack::Handler::Apache2;
  Plack::Handler::Apache2->preload("/opt/rt4/sbin/rt-server");
</Perl>

# force rt over https always
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} rt
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

To test, point your web browser at http://example.com/rt. You should see the location bar url magically turn into https.

Initial Login and User Setup

For your first login through the RT web interface, use username root, password password. Change it immediately!

Next in the RT web interface, create a real admin user through tools->configuration->users->create:

• username: user

• email: user@yahoo.com

  • email address should be the users's real email address somewhere else.
• real name: Some User
• check Let This User Access RT
• check Let This User Be Granted Rights
• enter root's password
• enter new password twice for this user
• click save changes

Next make this user a super-user via tools->configuration->global->user rights.

• enter new user in user name field on left
• click on rights for administrators tab
• check Do Anything and Everything
• click save changes

Then you need to make a corresponding user on the system:

• log on to server

• sudo /usr/sbin/useradd -c "Real Name" username

  • (username must match RT username)

• sudo /usr/bin/passwd usename

  • set user password to match RT password

• edit username/.forward

  • add line pointing to user's real external email address

Creating A New Queue

You will probably want to create one or more ticket queues to use, although you can if you want skip this step and just use the default general queue for everything.

Log in as root and go to tools->configuration->queues->create. Create a queue as follows:

• queue name: Customer1
• description: Test Queue for Customer 1
• reply address: rt-customer1@example.com
• comment address: rt-customer1-comment@example.com

Allow anyone to create new tickets in the queue via email, tools->configuration->queues->select.

• choose Customer1 queue
• click user rights tab
• go to everyone->general rights->create tickets
• click save changes

Create mail addresses for your new queue:

Edit /etc/aliases and add:
<verbatim>
rt-customer1:         "|/opt/rt4/bin/rt-mailgate --queue Customer1 --action correspond --url https://rt.example.com/rt"
rt-cuystomer1-comment: "|/opt/rt4/bin/rt-mailgate --queue Customer1 --action comment --url https://rt.example.com/rt"

then run sudo newaliases to regenerate the aliases database. </verbatim>

Obviously manually creating email aliases for every queue can be cumbersome. Various people have put together mechanisms to automate that step using procmail and such. Google it if you're interested as I can't find my link.

Conclusion

Ok there you have it - a complete RT setup on CentOS 5, over SSL, with a user and a couple queues. Should be enough to get you started. Please let me know if I missed anything in this guide.