[42] How to configure RT5 & E-mail.

Posted on by Hend Grow

—Guide Start Here–

Configure mail account

Navigate to Outlook.com and login or create a new account.

Once logged in, enable the account to use POP.

Settings -> Email -> Sync email. Set “Let devices and apps use POP” to yes.

You will also need to provision an Application Password.

Select My Account

Then Security -> Update

Advanced security options -> Get Started

App passwords -> Create a new app password

Copy your app password that was generated we will use this later in postfix and fetchmail

Install and configure Postfix

Now that the Outlook.com portion is sorted lets login to our RT5 server

ssh to your RT server

ssh hendgrow@172.16.52.6

Install Postfix

sudo apt-get install postfix

Select “Internet with smarthost”

Enter the SMTP server for Outlook.com = smtp.office365.com

We now need to edit a few things for Postfix to work as expected by editing the main.cf file and add the below

Our config used during this how-to can be found here – > HendGrow_Sample_Main.cf

sudo vi /etc/postfix/main.cf

smtp_sasl_password_maps = static:hendgrow@outlook.com:pbjxdgxauybypskz

smtp_sasl_auth_enable = yes

smtp_tls_security_level = may

smtp_sasl_security_options = noanonymous

relayhost = [smtp.office365.com]:587

Restart Postfix for the changes to take

sudo service postfix restart

RT user creation and assign mail address.

Login to RT and Create a new user for use with this email address. We will create user HendGrow that will be used to respond to support requests.

Login to your RT instance and create the support user /user as shown below

Admin -> Users -> Create

Under “E-Mail” capture the email address you wish to use. in our case it is hendgrow@outlook.com

Grant permissions to General queue for the new support user.

Admin -> Queues-> Select

Select the General queue

Select User Rights

Select the user and assign the required permissions.

Apply changes by clicking Save Changes

Testing outgoing mail

login as the support user you created in the previous step. Send a test mail to confirm postfix is working with office365.com by creating a new ticket.

On the RT server check the /var/log/mail.log log file for any issues. You should get a response as below. we looking for the status=sent

tail -20f /var/log/mail.log

Installing and configuring Fetchmail

To enable RT to fetch mail from our mailbox and generate tickets we need to install fetchmail.

ssh to your RT server

ssh hendgrow@172.16.52.6

Install Fetchmail

sudo apt-get install fetchmail

Ensure that fetchamail is not running and create the fethcmailrc file.

sudo service fetchmail stop

sudo vi /etc/fetchmailrc

Our config used during this how-to can be found here – > fetchmailrc

Navigate back to RT and set create permissions for “Everyone” on the General Queue.

Admin -> Queues -> Select

Select General

Grant Everyone “Create Tickets” rights.

Testing incoming mail and ticket generation.

Send an email to the mailbox so fetchmail has content it can fetch. (We sent a mail from support@hendgrow.com to our mailbox hendgrow@outlook.com)

Set permissions and run fetchmail manually for the test.

sudo chmod 0700 /etc/fetchmailrc 

sudo fetchmail -f /etc/fetchmailrc

Login to RT and verify a new ticket has been created for the incoming email.

Edit the crontab to ensure fetchmail checks for new mail in the mailbox every 5min.

sudo crontab -e

Add the following line

*/5 * * * * fetchmail  -f /etc/fetchmailrc

Your RT5 ticket system should now have the capability of sending and receiving emails for ticket creation and correspondence.

—Guide End Here–

[23] How to Install RT 5. Robust, High Volume Ticketing System! Ubuntu 20.04 with MariaDB and Apache2!

Posted on by Hend Grow

This walk-through guides you through the process of Installing the world class, industry tested ticket system known as Request Tracker or RT. We start with a solid Ubuntu 20.04 base as the server combined with Perl, MariaDB for the Database and Apache2 as the web server.

To setup Request Tracker with email

—Install Guide Starts Here—

ssh to the Ubuntu server you have provisioned. Ubuntu 20.04 was used for this walkthrough.

ssh username@your_servers_ip

  1. Installing the some system base packages. 

1.1 Ensure the system is up to date. 

sudo apt-get update 

1.2 Install some system base packages 

sudo apt install build-essential apache2 libapache2-mod-fcgid libssl-dev libexpat1-dev libmysqlclient-dev libcrypt-ssleay-perl liblwp-protocol-https-perl mariadb-server mariadb-client 

1.3 Installing some Perl modules

sudo /usr/bin/perl -MCPAN -e shell

1.3.1 When prompted with the below, input yes then q to quit

1.3.2 Installing the required Perl modules

sudo cpan install HTML::FormatText HTML::TreeBuilder HTML::FormatText::WithLinks HTML::FormatText::WithLinks::AndTables DBD::mysql LWP::Protocol::https

2. General RT5 Installation

2.1 Download and unpack the RT5 tar file to a temporary location.

Check for the latest version here – https://download.bestpractical.com/pub/rt/release/

wget https://download.bestpractical.com/pub/rt/release/rt-5.0.1.tar.gz

2.2 Extract / unpack the file to /tmp and run the ./configure script provided.

tar xzvf rt-5.0.1.tar.gz -C /tmp

cd /tmp/rt-5.0.1/ 

sudo ./configure

2.3 Ensure the required Perl and system libraries are installed with the command below.

sudo make testdeps

2.2.1 If the script reports any missing dependencies as shown image Image-1 below run the fixdeps command.

sudo make fixdeps

Image-1

2.2.3 During our demo install we were promoted with the following three questions as shown in Image-3 while running the fixdeps script. We opted to answer yes.

Image-2

Once the fixdeps script is complete, validate all dependencies are present by running the testdeps script to confirm. If successful you should see similar out put as Image-3 below

sudo make testdeps

Image-3

2.3 Run the make install with appropriate permissions to install RT5

sudo make install

3 Initialise the Database for RT5

sudo make initialize-database

It will prompt you for a password. just press return/enter key.

Note: Only if the initialization fails run make dropdb and then re-run make initialize-database.

Once completed successfully you should see same result as shown in Image-4

Image-4

3.1.1 Change the default password for the RT database user. (We recommend for production systems to also change the user.)

sudo mysql -u root -p

It will prompt you for a password. just press return/enter key.

ALTER USER 'rt_user'@'localhost' IDENTIFIED BY 'your_new_rt_pass';

commit; 

quit;

Although not covered in this guide, we recommend securing your MariaDB. Start with running the below script to setup up a min baseline.

sudo mysql_secure_installation

3.1.2 Update the RT_Config.pm config to reflect our password change we did for the RT database user rt_user.

sudo vi /opt/rt5/etc/RT_Config.pm 

Edit the section as shown in Image-6 below

Image-6

3.2 Confirm we have a working RT instance running with the standalone rt-server.

sudo /opt/rt5/sbin/rt-server --port 8080

3.2.1 Open your web browser and navigate to your servers ip or FQDN and port 8080. For our demo server it is http://135.181.98.216:8080/. You should see the login page.

4. Configure RT5 to work with the Apache2 web server 

4.1 Create a RT5 sites-available configuration file. 

sudo vi /etc/apache2/sites-available/rt5.conf

4.2 Populate the file you just created with the information below or pull it from: https://hendgrow.com/gitp/RT5/rt5.conf

rt5.conf

4.3 Edit the apache2.conf file and add information as shown in apache2.conf or pull it from: https://hendgrow.com/gitp/RT5/RT5_apache2.conf_add.txt

sudo vi /etc/apache2/apache2.conf

apache2.conf

5. Enable the RT5 site 

5.1 Enable the RT5 site

sudo a2ensite rt5

5.2 Disable the default site 

sudo a2dissite 000-default 

5.3 Restart Apache 

sudo systemctl restart apache2 

5.4 Open your web browser and navigate to your servers ip or FQDN. For our demo server it is http://135.181.98.216. You should see the login page. You should see the login page as shown in Image-7.

Image-7

NOTE: The default credentials for RT5 are: User: root | Password: password Your first step once logged in is to change the root password! It is a SECURITY risk! The next step should be to setup https for this site using letsencrypt for example.

—End—

Other Topics added from YouTube comments and support@hendgrow.com

How to remove the “Possible cross-site request forgery” RT message when creating tickets or making changes via the WUI etc.

Possible Cross-site request forgery message RT5

Edit the RT_SiteConfig.pm add an additional line to indicate your Webdomain either IP or FQDN.

Example below:

sudo vi /opt/rt5/etc/RT_SiteConfig.pm 

Set( $WebDomain, 'your-servers-ip' );

Restart Apache

sudo systemctl restart apache2 

There still allot to do, like configuring an RT email gateway, task scheduler, full text search and general system security etc. That’s potentially for a future guide should there be demand. This guide does not cover server / application hardening and security as it is a broad topic and not the aim of this guide. You should always harden your servers by default! Some useful links:

Secure your MariaDB installation – https://mariadb.com/kb/en/mysql_secure_installation/

Apache2 Security Tips – https://httpd.apache.org/docs/2.4/misc/security_tips.html

Ubuntu Security and Server hardening – https://ubuntu.com/security

Consider subscribing if you found this valuable! youtube.com/HendGrow