The CentOS6/RT4 blog post has generated terrific feedback, so I figure an Ubuntu (and Debian) distribution port is essential.
The core components used for this tutorial:
1. Operating System
Our solution will be using Ubuntu Server 13.10 (Saucy Salamander), but this tutorial can also be used with Debian (tested with Debian 7.2 "wheezy") with some minor alterations. Debian notes are included to point out the distinction. I will omit the Ubuntu Server installation process as it's beyond the scope of the tutorial. As a point of reference, my Ubuntu Server installation only includes the OpenSSH server package group.
Commands will be run as a standard user, but sudo will be used when privilege escalation is required.
# 1.1 Updates
Make sure to update the system before we get things started.
# 1.2 hosts file
It's recommended a hostname entry (FQDN and short), of the local computer, is set in the hosts file. The entry should've been added during the installation but let's verify.
# 1.3 Network Time Protocol (NTP)
NTP is a protocol used to help synchronize your Linux system’s clock with an accurate time source. In my specific configuration, I will have my request tracker server sync with a local Active Directory domain controller (which holds the PDC emulator FSMO role) on my private network. We will need to install the ntp package, then modify the ntp.conf configuration file. Notice that I "comment out" the default public *.ubuntu.pool.ntp.org virtual cluster servers and the Ubuntu fallback entry. You may want to leave these enabled if you don't have a particular time source to sync with.
Install the ntp package.
Edit the NTP configuration file.
Restart the NTP daemon for the changes to take effect.
We can verify the status of NTP by running the following command:
For correct synchronization, the delay and offset values should be non-zero and the jitter value should be under 100.
# 1.4 Firewall
We will need to enable the firewall and add rules for Secure Shell (SSH), Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS).
Debian: The ufw package will need to be installed (apt-get install ufw).
Enable the firewall.
Get current configuration.
Create a rule to allow inbound SSH.
Create a rule to allow inbound HTTP.
Create a rule to allow inbound HTTPS.
Verify rules have been successfully added.
A verbose method to list all rules with the ACCEPT jump target.
2. Database
Our solution will use MySQL for the RT data store. At the date of this post, version 5.5.32 is available in the default package repository.
# 2.1 MySQL install
Install MySQL and related components. Set a MySQL root password when prompted.
# 2.2 MySQL performance and security
Double the innodb_buffer_pool_size attribute value from the default 128M to 256M. Ideally, you want to set this value to ~50% of the server's physical memory size.
Now run the mysql_secure_installation script. The execution of the script is highly recommended to make MySQL production-ready from a security perspective.
Restart MySQL.
3. Web Server
We will be using the tried-and-true Apache HTTP Server as the web server component for our solution.
# 3.1 Download and install
Download and install apache2 and other RT dependency packages.
Debian: Substitute the libgd-dev package with the libgd2-xpm-dev package.
4. Request Tracker (RT)
We are now at the stage of the process to get Request Tracker installed with a base configuration.
# 4.1 Users and group
Create the rt system user and group.
Add the www-data (Apache) user to the rt group.
# 4.2 Stage RT build environment
Download the latest RT 4 compressed tarball, unpack and navigate into the directory.
# 4.3 RT Configure script
We will be running the configure script with a number of default and explicit options. Since we haven't defined it otherwise, our install path location will be /opt/rt4.
# 4.4 Perl CPAN.pm
The installation of RT requires we enter the Perl CPAN.pm shell before running the RT dependency checker. Within the shell, we will set the configuration to automate the majority of the module installs.
# 4.5 RT Perl dependencies
For the few times you may be prompted for an install, select the default choice. Iterate the make fixdeps command until you reach the output statement All dependencies have been found. It may take more than a single pass to successfully get and install all the modules.
Verify.
# 4.6 Install RT and initialize RT database
After we have verified the Perl dependencies for RT have been met, we can start the install.
Let's now run the following command to create the RT database and user. Enter the MySQL root password when prompted.
# 4.7 Configure Apache for RT
Set HTTP to HTTPS redirect for all incoming HTTP requests.
Debian: The 000-default.conf file is named default.
Create the rt site configuration file.
Debian: The default-ssl.conf file is named default-ssl, and also remove the .conf extension for the rt.conf filename (e.g. rt.conf -> rt).
Edit the rt site configuration file.
Debian: Take note of the Location container in regards to Apache version differences. Modify accordingly.
Enable the ssl and fcgid modules. Note the fcgid module may already be enabled.
Enable the rt site.
Verify the Apache configuration.
Restart Apache.
# 4.8 RT_SiteConfig.pm file
Request Tracker is very customizable, but the following base configuration settings should get you started.
Restart Apache.
# 4.9 Moment of truth
Open a web browser and enter http://rt.corp.example.com (or https://rt.corp.example.com) into the web address field, then press the enter key to establish a secure connection to the RT server. If everything has been installed and configured correctly, you should be presented with the RT Login page.
The default administrative credentials are:
5. Post-Install
At this point, we should have a basic RT server up and running, but we still need to perform some additional post-install tasks for Request Tracker.
# 5.1 MySQL
We need to set a password for the RT database user (rt_user). The task requires that we add the password to the RT configuration file and also set it in MySQL.
Add the $DatabasePassword key and corresponding value in the RT_SiteConfig.pm file.
And now in MySQL.
Restart MySQL.
# 5.2 mod_fcgid
As per RT documentation:
WARNING: Before mod_fcgid 2.3.6, the maximum request size was 1GB. Starting in 2.3.6, this is now 128Kb. This is unlikely to be large enough for any RT install that handles attachments.
Restart Apache.
The core components used for this tutorial:
1. Operating System
Our solution will be using Ubuntu Server 13.10 (Saucy Salamander), but this tutorial can also be used with Debian (tested with Debian 7.2 "wheezy") with some minor alterations. Debian notes are included to point out the distinction. I will omit the Ubuntu Server installation process as it's beyond the scope of the tutorial. As a point of reference, my Ubuntu Server installation only includes the OpenSSH server package group.
Commands will be run as a standard user, but sudo will be used when privilege escalation is required.
$ id
uid=1000(marc) gid=1000(marc) groups=1000(marc),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),111(lpadmin),112(sambashare)
# 1.1 Updates
Make sure to update the system before we get things started.
$ sudo apt-get update && sudo apt-get dist-upgrade
# 1.2 hosts file
It's recommended a hostname entry (FQDN and short), of the local computer, is set in the hosts file. The entry should've been added during the installation but let's verify.
$ cat /etc/hosts
127.0.0.1 localhost
192.168.116.22 rt.corp.example.com rt
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
# 1.3 Network Time Protocol (NTP)
NTP is a protocol used to help synchronize your Linux system’s clock with an accurate time source. In my specific configuration, I will have my request tracker server sync with a local Active Directory domain controller (which holds the PDC emulator FSMO role) on my private network. We will need to install the ntp package, then modify the ntp.conf configuration file. Notice that I "comment out" the default public *.ubuntu.pool.ntp.org virtual cluster servers and the Ubuntu fallback entry. You may want to leave these enabled if you don't have a particular time source to sync with.
Install the ntp package.
$ sudo apt-get install ntp
Edit the NTP configuration file.
$ sudo vi /etc/ntp.conf
...
# Specify one or more NTP servers.
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
# more information.
#server 0.ubuntu.pool.ntp.org
#server 1.ubuntu.pool.ntp.org
#server 2.ubuntu.pool.ntp.org
#server 3.ubuntu.pool.ntp.org
# Use Ubuntu's ntp server as a fallback.
#server ntp.ubuntu.com
# Use internal NTP server (AD/DC01)
server 192.168.116.11 iburst
...
Restart the NTP daemon for the changes to take effect.
$ sudo service ntp restart
* Stopping NTP server ntpd [ OK ]
* Starting NTP server ntpd [ OK ]
We can verify the status of NTP by running the following command:
$ ntpq -pn
remote refid st t when poll reach delay offset jitter
==============================================================================
*192.168.116.11 206.209.110.2 2 u 38 64 7 0.329 5.795 4.726
For correct synchronization, the delay and offset values should be non-zero and the jitter value should be under 100.
# 1.4 Firewall
We will need to enable the firewall and add rules for Secure Shell (SSH), Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS).
Debian: The ufw package will need to be installed (apt-get install ufw).
Enable the firewall.
$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
Get current configuration.
$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
Create a rule to allow inbound SSH.
$ sudo ufw allow 22/tcp
Rule added
Rule added (v6)
Create a rule to allow inbound HTTP.
$ sudo ufw allow 80/tcp
Rule added
Rule added (v6)
Create a rule to allow inbound HTTPS.
$ sudo ufw allow 443/tcp
Rule added
Rule added (v6)
Verify rules have been successfully added.
$ sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 80/tcp ALLOW IN Anywhere
[ 2] 22/tcp ALLOW IN Anywhere
[ 3] 443/tcp ALLOW IN Anywhere
[ 4] 80/tcp ALLOW IN Anywhere (v6)
[ 5] 22/tcp ALLOW IN Anywhere (v6)
[ 6] 443/tcp ALLOW IN Anywhere (v6)
A verbose method to list all rules with the ACCEPT jump target.
$ sudo iptables -S | grep -i '\-j.accept'
-A ufw-before-input -i lo -j ACCEPT
-A ufw-before-input -m state --state RELATED,ESTABLISHED -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 12 -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A ufw-before-input -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A ufw-before-input -d 224.0.0.251/32 -p udp -m udp --dport 5353 -j ACCEPT
-A ufw-before-input -d 239.255.255.250/32 -p udp -m udp --dport 1900 -j ACCEPT
-A ufw-before-output -o lo -j ACCEPT
-A ufw-before-output -m state --state RELATED,ESTABLISHED -j ACCEPT
-A ufw-skip-to-policy-output -j ACCEPT
-A ufw-track-output -p tcp -m state --state NEW -j ACCEPT
-A ufw-track-output -p udp -m state --state NEW -j ACCEPT
-A ufw-user-input -p tcp -m tcp --dport 22 -j ACCEPT
-A ufw-user-input -p tcp -m tcp --dport 80 -j ACCEPT
-A ufw-user-input -p tcp -m tcp --dport 443 -j ACCEPT
-A ufw-user-limit-accept -j ACCEPT
2. Database
Our solution will use MySQL for the RT data store. At the date of this post, version 5.5.32 is available in the default package repository.
# 2.1 MySQL install
Install MySQL and related components. Set a MySQL root password when prompted.
$ sudo apt-get install mysql-server mysql-client libmysqlclient-dev
# 2.2 MySQL performance and security
Double the innodb_buffer_pool_size attribute value from the default 128M to 256M. Ideally, you want to set this value to ~50% of the server's physical memory size.
$ sudo vi /etc/mysql/my.cnf
...
[mysqld]
#
# * Basic Settings
#
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
skip-external-locking
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address = 127.0.0.1
#
# * Fine Tuning
#
key_buffer = 16M
max_allowed_packet = 16M
thread_stack = 192K
thread_cache_size = 8
innodb_buffer_pool_size = 256M
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
...
Now run the mysql_secure_installation script. The execution of the script is highly recommended to make MySQL production-ready from a security perspective.
$ sudo mysql_secure_installation
Restart MySQL.
$ sudo service mysql restart
mysql stop/waiting
mysql start/running, process 1844
3. Web Server
We will be using the tried-and-true Apache HTTP Server as the web server component for our solution.
# 3.1 Download and install
Download and install apache2 and other RT dependency packages.
Debian: Substitute the libgd-dev package with the libgd2-xpm-dev package.
$ sudo apt-get install make apache2 libapache2-mod-fcgid libssl-dev libyaml-perl libgd-dev libgd-gd2-perl libgraphviz-perl
4. Request Tracker (RT)
We are now at the stage of the process to get Request Tracker installed with a base configuration.
# 4.1 Users and group
Create the rt system user and group.
$ sudo adduser --system --group rt
Adding system user `rt' (UID 108) ...
Adding new group `rt' (GID 116) ...
Adding new user `rt' (UID 108) with group `rt' ...
Creating home directory `/home/rt' ...
Add the www-data (Apache) user to the rt group.
$ sudo usermod -aG rt www-data
# 4.2 Stage RT build environment
Download the latest RT 4 compressed tarball, unpack and navigate into the directory.
$ cd
$ wget http://download.bestpractical.com/pub/rt/release/rt.tar.gz
$ tar xf rt.tar.gz -C /tmp
$ cd /tmp/rt-*
# 4.3 RT Configure script
We will be running the configure script with a number of default and explicit options. Since we haven't defined it otherwise, our install path location will be /opt/rt4.
$ ./configure --with-web-user=www-data --with-web-group=www-data --enable-graphviz --enable-gd
# 4.4 Perl CPAN.pm
The installation of RT requires we enter the Perl CPAN.pm shell before running the RT dependency checker. Within the shell, we will set the configuration to automate the majority of the module installs.
$ sudo cpan
CPAN.pm requires configuration, but most of it can be done automatically.
If you answer 'no' below, you will enter an interactive dialog for each
configuration option instead.
Would you like to configure as much as possible automatically? [yes] <enter>
...
Would you like me to automatically choose some CPAN mirror
sites for you? (This means connecting to the Internet) [yes] <enter>
...
cpan[1]> o conf prerequisites_policy follow
cpan[2]> o conf build_requires_install_policy yes
cpan[3]> o conf commit
cpan[4]> q
# 4.5 RT Perl dependencies
For the few times you may be prompted for an install, select the default choice. Iterate the make fixdeps command until you reach the output statement All dependencies have been found. It may take more than a single pass to successfully get and install all the modules.
$ make testdeps
$ sudo make fixdeps
Verify.
$ make testdeps
/usr/bin/perl ./sbin/rt-test-dependencies --verbose --with-mysql --with-fastcgi
perl:
>=5.10.1(5.14.2) ...found
users:
rt group (rt) ...found
bin owner (root) ...found
libs owner (root) ...found
libs group (bin) ...found
web owner (www-data) ...found
web group (www-data) ...found
CLI dependencies:
Text::ParseWords ...found
Term::ReadKey ...found
Getopt::Long >= 2.24 ...found
HTTP::Request::Common ...found
Term::ReadLine ...found
LWP ...found
CORE dependencies:
Storable >= 2.08 ...found
Encode >= 2.39 ...found
Crypt::Eksblowfish ...found
Module::Versions::Report >= 1.05 ...found
List::MoreUtils ...found
Errno ...found
DBI >= 1.37 ...found
Devel::StackTrace >= 1.19 ...found
HTTP::Message >= 6.0 ...found
Text::Password::Pronounceable ...found
Devel::GlobalDestruction ...found
Time::ParseDate ...found
IPC::Run3 ...found
Tree::Simple >= 1.04 ...found
HTML::Scrubber >= 0.08 ...found
HTML::Quoted ...found
Sys::Syslog >= 0.16 ...found
Mail::Mailer >= 1.57 ...found
Data::GUID ...found
HTML::Mason >= 1.43 ...found
HTML::Entities ...found
LWP::Simple ...found
Symbol::Global::Name >= 0.04 ...found
DateTime::Format::Natural >= 0.67 ...found
Plack >= 1.0002 ...found
File::Glob ...found
Class::Accessor >= 0.34 ...found
Text::Wrapper ...found
Regexp::Common::net::CIDR ...found
Log::Dispatch >= 2.30 ...found
HTML::FormatText::WithLinks::AndTables ...found
DateTime >= 0.44 ...found
CGI::Emulate::PSGI ...found
Text::Quoted >= 2.07 ...found
Regexp::IPv6 ...found
CGI >= 3.38 ...found
CSS::Squish >= 0.06 ...found
DateTime::Locale >= 0.40 ...found
CGI::PSGI >= 0.12 ...found
Apache::Session >= 1.53 ...found
Date::Extract >= 0.02 ...found
Digest::SHA ...found
HTML::Mason::PSGIHandler >= 0.52 ...found
MIME::Entity >= 5.504 ...found
Locale::Maketext::Lexicon >= 0.32 ...found
Module::Refresh >= 0.03 ...found
Role::Basic >= 0.12 ...found
Digest::base ...found
File::Temp >= 0.19 ...found
Date::Manip ...found
Locale::Maketext >= 1.06 ...found
HTML::RewriteAttributes >= 0.05 ...found
Text::Template >= 1.44 ...found
CGI::Cookie >= 1.20 ...found
Scalar::Util ...found
XML::RSS >= 1.05 ...found
Text::WikiFormat >= 0.76 ...found
File::Spec >= 0.8 ...found
DBIx::SearchBuilder >= 1.65 ...found
File::ShareDir ...found
Regexp::Common ...found
Digest::MD5 >= 2.27 ...found
HTML::FormatText::WithLinks >= 0.14 ...found
Mail::Header >= 2.12 ...found
Locale::Maketext::Fuzzy >= 0.11 ...found
Time::HiRes ...found
Email::Address::List ...found
Net::CIDR ...found
JSON ...found
UNIVERSAL::require ...found
Email::Address >= 1.897 ...found
Plack::Handler::Starlet ...found
DASHBOARDS dependencies:
URI::QueryParam ...found
URI >= 1.59 ...found
MIME::Types ...found
FASTCGI dependencies:
FCGI::ProcManager ...found
FCGI >= 0.74 ...found
GD dependencies:
GD::Text ...found
GD ...found
GD::Graph >= 1.47 ...found
GPG dependencies:
File::Which ...found
PerlIO::eol ...found
GnuPG::Interface ...found
GRAPHVIZ dependencies:
IPC::Run >= 0.90 ...found
GraphViz ...found
ICAL dependencies:
Data::ICal ...found
MAILGATE dependencies:
Pod::Usage ...found
LWP::UserAgent >= 6.0 ...found
Crypt::SSLeay ...found
Getopt::Long ...found
Net::SSL ...found
LWP::Protocol::https ...found
Mozilla::CA ...found
MYSQL dependencies:
DBD::mysql >= 2.1018 ...found
SMIME dependencies:
String::ShellQuote ...found
File::Which ...found
Crypt::X509 ...found
USERLOGO dependencies:
Convert::Color ...found
All dependencies have been found.
# 4.6 Install RT and initialize RT database
After we have verified the Perl dependencies for RT have been met, we can start the install.
$ sudo make install
...
Congratulations. RT is now installed.
You must now configure RT by editing /opt/rt4/etc/RT_SiteConfig.pm.
(You will definitely need to set RT's database password in
/opt/rt4/etc/RT_SiteConfig.pm before continuing. Not doing so could be
very dangerous. Note that you do not have to manually add a
database user or set up a database for RT. These actions will be
taken care of in the next step.)
After that, you need to initialize RT's database by running
'make initialize-database'
Let's now run the following command to create the RT database and user. Enter the MySQL root password when prompted.
$ sudo make initialize-database
/usr/bin/perl -I/opt/rt4/local/lib -I/opt/rt4/lib sbin/rt-setup-database --action init --prompt-for-dba-password
In order to create or update your RT database, this script needs to connect to your mysql instance on localhost (port '') as root
Please specify that user's database password below. If the user has no database
password, just press return.
Password: <your_MySQL_root_password>
Working with:
Type: mysql
Host: localhost
Port:
Name: rt4
User: rt_user
DBA: root
Now creating a mysql database rt4 for RT.
Done.
Now populating database schema.
Done.
Now inserting database ACLs.
Granting access to rt_user@'localhost' on rt4.
Done.
Now inserting RT core system objects.
Done.
Now inserting data.
Done inserting data.
Done.
# 4.7 Configure Apache for RT
Set HTTP to HTTPS redirect for all incoming HTTP requests.
Debian: The 000-default.conf file is named default.
$ sudo vi /etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName rt.corp.example.com:80
Redirect / https://rt.corp.example.com/
#ServerAdmin webmaster@localhost
#DocumentRoot /var/www
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
...
Create the rt site configuration file.
Debian: The default-ssl.conf file is named default-ssl, and also remove the .conf extension for the rt.conf filename (e.g. rt.conf -> rt).
$ sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/rt.conf
Edit the rt site configuration file.
Debian: Take note of the Location container in regards to Apache version differences. Modify accordingly.
$ sudo vi /etc/apache2/sites-available/rt.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
# Request Tracker
ServerName rt.corp.example.com:443
AddDefaultCharset UTF-8
DocumentRoot /opt/rt4/share/html
Alias /NoAuth/images/ /opt/rt4/share/html/NoAuth/images/
ScriptAlias / /opt/rt4/sbin/rt-server.fcgi/
<Location />
## Apache version < 2.4 (e.g. Debian 7.2)
#Order allow,deny
#Allow from all
## Apache 2.4
Require all granted
</Location>
<Directory "/opt/rt4/sbin">
SSLOptions +StdEnvVars
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
...
Enable the ssl and fcgid modules. Note the fcgid module may already be enabled.
$ sudo a2enmod ssl fcgid
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
Module fcgid already enabled
To activate the new configuration, you need to run:
service apache2 restart
Enable the rt site.
$ sudo a2ensite rt
Enabling site rt.
To activate the new configuration, you need to run:
service apache2 reload
Verify the Apache configuration.
$ sudo apachectl configtest
Syntax OK
Restart Apache.
$ sudo service apache2 restart
* Restarting web server apache2 [ OK ]
# 4.8 RT_SiteConfig.pm file
Request Tracker is very customizable, but the following base configuration settings should get you started.
$ sudo vi /opt/rt4/etc/RT_SiteConfig.pm
...
# You must restart your webserver after making changes to this file.
Set( $rtname, 'example.com');
Set( $Organization, 'corp.example.com');
Set( $Timezone, 'US/Pacific');
Set( $WebDomain, 'rt.corp.example.com');
Set( $WebPort, 443);
Set( $WebPath, '');
# You must install Plugins on your own, this is only an example
...
Restart Apache.
$ sudo service apache2 restart
* Restarting web server apache2 [ OK ]
# 4.9 Moment of truth
Open a web browser and enter http://rt.corp.example.com (or https://rt.corp.example.com) into the web address field, then press the enter key to establish a secure connection to the RT server. If everything has been installed and configured correctly, you should be presented with the RT Login page.
The default administrative credentials are:
- Username: root
- Password: password
At this point, we should have a basic RT server up and running, but we still need to perform some additional post-install tasks for Request Tracker.
# 5.1 MySQL
We need to set a password for the RT database user (rt_user). The task requires that we add the password to the RT configuration file and also set it in MySQL.
Add the $DatabasePassword key and corresponding value in the RT_SiteConfig.pm file.
$ sudo vi /opt/rt4/etc/RT_SiteConfig.pm
...
Set( $rtname, 'example.com');
Set( $Organization, 'corp.example.com');
Set( $Timezone, 'US/Pacific');
Set( $WebDomain, 'rt.corp.example.com');
Set( $WebPort, 443);
Set( $WebPath, '');
Set( $DatabasePassword, 'Pa$$w0rD!');
...
And now in MySQL.
$ mysql -u root -p
Enter password: <your_MySQL_root_password>
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 46
Server version: 5.5.34-0ubuntu0.13.10.1 (Ubuntu)
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SET PASSWORD FOR 'rt_user'@'localhost' = PASSWORD('Pa$$w0rD!');
Query OK, 0 rows affected (0.00 sec)
mysql> \q
Bye
Restart MySQL.
$ sudo service mysql restart
mysql stop/waiting
mysql start/running, process 1844
# 5.2 mod_fcgid
As per RT documentation:
WARNING: Before mod_fcgid 2.3.6, the maximum request size was 1GB. Starting in 2.3.6, this is now 128Kb. This is unlikely to be large enough for any RT install that handles attachments.
$ sudo vi /etc/apache2/mods-available/fcgid.conf
<IfModule mod_fcgid.c>
FcgidConnectTimeout 20
# Request Tracker
FcgidMaxRequestLen 1073741824
<IfModule mod_mime.c>
AddHandler fcgid-script .fcgi
</IfModule>
</IfModule>
Restart Apache.
$ sudo service apache2 restart
* Restarting web server apache2 [ OK ]
