Install Freeside v4.X

Preparing the base server

  • Install Debian 9 (stretch) server with SSH (Unselect Desktop Install, Select SSH server)
  • login as root
  • apt update && apt upgrade && apt-get autoremove && apt-get autoclean
  • apt install sudo
  • adduser username — add a system user
  • usermod -aG sudo username

Connect over ssh or through the terminal as your normal linux system user and continue with the install.

Configure Freeside repos

$ sudo vi /etc/apt/sources.list

Copy/Paste:

Debian 9 (stretch)

# Freeside Repos
deb [trusted=yes] http://pkg.freeside.biz/freeside-stretch/ ./
deb [trusted=yes] http://pkg.freeside.biz/freeside4-stretch-testing/ ./

Debian 10 (buster)

# Freeside Repos
deb [trusted=yes] http://pkg.freeside.biz/freeside-buster/ ./
deb [trusted=yes] http://pkg.freeside.biz/freeside4-stretch-testing/ ./

Update and Upgrade system

sudo apt update
sudo apt upgrade

Administrative package setup (non-Freeside)

I like to install a number of system system tools to make life a little easier:

sudo apt install exim4- exim4-base- exim4-config- exim4-daemon-light- \
                 locate nano nmap rsync screen strace telnet traceroute

Install Freeside Packages

Install Freeside and required packages while preventing recommended packages from being installed.

sudo apt install texlive-fonts-recommended-doc- texlive-latex-base-doc- texlive-latex-recommended-doc- \
                 texlive-latex-extra-doc- texlive-pictures-doc- texlive-pstricks-doc- libev-perl- \
                 liblocale-subcountry-perl=1.63-1 libparams-classify-perl=0.013-5.3 apache2-suexec-custom \
                 freeside freeside-lib freeside-webui

If you want to install a specific version of Freeside, view the list of all packages that have been generated and select a version. Adjust the line including the freeside package names accordingly.

freeside=3.93~git-2019062510 freeside-lib=3.93~git-2019062510 freeside-webui=3.93~git-2019062510 \

Place the Freeside and Freeside provided packages on “hold”. This prevents them from being upgraded when the system is upgraded while using apt or apt-get.

sudo apt-mark hold freeside freeside-lib freeside-webui liblocale-subcountry-perl libparams-classify-perl

Setup Postgres

Create the freeside user in PostgreSQL

sudo su postgres -c "createuser --createdb --no-createrole --no-superuser freeside"
  • Configure /usr/local/etc/freeside/secrets if necessary. This file contains three lines: DBI datasource, username and password
    • See the DBI manpage and the manpage for your DBD for the exact syntax of your DBI data source.

As the freeside user in PostgreSQL, create the freeside database

sudo su freeside -c "createdb -E UTF8 -T template0 freeside"

Bootstrap RT

Run these one at a time and enter your password during each one:

sudo su freeside -c '/opt/rt3/sbin/rt-setup-database --action schema'
sudo su freeside -c '/opt/rt3/sbin/rt-setup-database --action coredata'
sudo su freeside -c '/opt/rt3/sbin/rt-setup-database --action insert --datafile /opt/rt3/etc/initialdata'

Configure required settings for Request Tracker (RT)

Open /opt/rt3/etc/RT_SiteConfig.pm and update or insert the following lines:

  • Set rtname to your domain name (this is the same domain used with freeside-setup earlier)
  • Set Organization to your company name
  • Update Timezone
  • Set RT::URI::freeside::URL to your local URL for Freeside
  • Add the following lines:
Set($WebPort, 443);
Set($WebDomain, 'FQDN of their freeside server');

Bootstrap Freeside

  • If migrating then skip to the Setting up apache section
  • Replace $DOMAIN with the customers domain, sets up database and temp permissions
sudo su freeside -c "freeside-setup -d $DOMAIN"
  • Add default Freeside system users
sudo su freeside -c "freeside-adduser -g 1 fs_queue"
sudo su freeside -c "freeside-adduser -g 1 fs_daily"
sudo su freeside -c "freeside-adduser -g 1 fs_selfservice"
sudo su freeside -c "freeside-adduser -g 1 fs_api"
  • Add your user in
sudo su freeside -c "freeside-adduser -g 1 {freeside_username} {temp password}"

after you log in for the first time reset your password using a more secure one

Setup Apache

Enable freeside-base configuration (Debian 9 and newer only)

sudo a2enconf freeside-base2.4

Enable remaining Apache modules and configuration

sudo a2enconf freeside-rt
sudo a2dismod mpm_event
sudo a2enmod mpm_prefork
sudo a2enmod rewrite
sudo a2enmod perl
sudo a2enmod ssl
sudo chown freeside /var/lock/apache2

Make a backup of your original /etc/apache2/envvars file and modify user and group fields

sudo cp /etc/apache2/envvars /etc/apache2/envvars.$(date +%s)
sudo sed -i "s/www-data/freeside/g" /etc/apache2/envvars

Make a backup of your original /etc/apache2/site-available/000-default.conf file and make changes to the original file

sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/000-default.conf.$(date +%s)

Add the following to the end of the default config file just before the closing </VirtualHost> block.

sudo vi /etc/apache2/sites-available/000-default.conf

	<Directory />
                Options +FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/html>
                Options +Indexes +FollowSymLinks +MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>
# you only need the following if you plan to run the server in a dedicated HTTPS connection
# If you are not going to use HTTPS, you need to leave this part out of the config.
        RewriteEngine   on
        RewriteCond     %{SERVER_PORT} ^80$
        RewriteCond     %{REMOTE_ADDR} !^127.0.0.1$
        RewriteCond     %{REMOTE_ADDR} !^\:\:1$
        RewriteRule     ^/(.*)$ https://%{SERVER_NAME}/$1 [L,R]

Enable Default SSL site

sudo a2ensite default-ssl

Enable suexec module for Apache

sudo a2enmod suexec

Update Apache2 SSL config to execute https as the freeside system user. Add SuexecUserGroup freeside freeside inside the VirtualHost block.

sudo vi /etc/apache2/sites-available/default-ssl.conf

For an pre-built script that does all the above, copy/paste the following into a script on your freeside server and run it.

Finish installation

Converts templates to msg_template

sudo su freeside -c "freeside-upgrade freeside_username"

Start Apache/Freeside

sudo systemctl start freeside
sudo systemctl restart apache2

Login to the web interface, click on “Ticketing main”

Bootstrap your RT Login, replace freeside_username with your freeside account name created above

sudo su freeside -c psql
insert into acl ( principaltype, principalid, rightname, objecttype, objectid )
         values ( 'Group',
                 ( select id from groups where instance = ( select id from users where name = 'freeside_username' )
                                           and domain = 'ACLEquivalence' and type = 'UserEquiv'        ),
                  'SuperUser', 'RT::System', 1 );
\q

Change your password through the preferences link (you can change it to the same password)

If you are planning to only use HTTPS, verify that remote access to UI is via 443 only