Install from package¶
Note
sudo
is
not used.Prerequisites¶
Additional software dependencies¶
In addition to already mentioned Package dependencies, some operating systems may require additional packages if not already installed.
$ apt install curl apt-transport-https gnupg
The openSUSE Enterprise 15 variant requires additional repositories to be activated. To do so, run the following commands.
$ SUSEConnect --product sle-module-desktop-applications/$(. /etc/os-release; echo $VERSION_ID)/$(uname -i)
$ SUSEConnect --product PackageHub/$(. /etc/os-release; echo $VERSION_ID)/$(uname -i)
$ yum install wget epel-release
# CentOS 7
$ yum install https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
Setup Elasticsearch¶
Elasticsearch is a dependency of Zammad and needs to be provided before installing Zammad. Please take a look at the following page: Set up Elasticsearch.
Ensure correct locale¶
For Zammad to function correctly, your system has to use the correct locales.
List your current locale settings.
$ locale |grep "LANG="
If above does not return <lang_code>.utf8
you can correct this issue as follows.
$ apt install locales
$ locale-gen en_US.UTF-8
$ echo "LANG=en_US.UTF-8" > /etc/default/locale
List your current locale settings.
$ locale |grep "LANG="
If above does not return <lang_code>.utf8
you can correct this issue as follows.
$ localectl set-locale LANG=en_US.utf8
List your current locale settings.
$ localectl status |grep "LC_CTYPE"
If above does not return <lang_code>.utf8
you can correct this issue as follows.
$ localectl set-locale LC_CTYPE=en_US.UTF-8
Hint
By default OpenSUSE uses POSIX
as LANG
value for the root
user. Learn more about this within the OpenSUSE documentation.
This does not affect other users and thus can be ignored.
Add Repository and install Zammad¶
- Add Repository
- Install Repository Key
$ curl -fsSL https://dl.packager.io/srv/zammad/zammad/key | \ gpg --dearmor | tee /etc/apt/trusted.gpg.d/pkgr-zammad.gpg> /dev/null
- Ubuntu 16.04
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/ubuntu 16.04 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Ubuntu 18.04
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/ubuntu 18.04 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Ubuntu 20.04
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/ubuntu 20.04 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Ubuntu 22.04
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/ubuntu 22.04 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Install Repository Key
$ curl -fsSL https://dl.packager.io/srv/zammad/zammad/key | \ gpg --dearmor | tee /etc/apt/trusted.gpg.d/pkgr-zammad.gpg> /dev/null
- Debian 10
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/debian 10 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Debian 11
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/debian 11 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Install Repository Key
$ rpm --import https://dl.packager.io/srv/zammad/zammad/key
- RHEL 7 / CentOS 7
$ wget -O /etc/yum.repos.d/zammad.repo \ https://dl.packager.io/srv/zammad/zammad/stable/installer/el/7.repo
- RHEL 8 / CentOS 8
$ wget -O /etc/yum.repos.d/zammad.repo \ https://dl.packager.io/srv/zammad/zammad/stable/installer/el/8.repo
- Remove obsolete Let’s Encrypt CA (SLES12 and openSUSE 42.x only)
$ rm /usr/share/pki/trust/DST_Root_CA_X3.pem $ update-ca-certificates
- Install Repository Key
$ rpm --import https://dl.packager.io/srv/zammad/zammad/key
- SLES 12 / openSUSE 42.x
$ wget -O /etc/zypp/repos.d/zammad.repo \ https://dl.packager.io/srv/zammad/zammad/stable/installer/sles/12.repo
- SLES 15 / openSUSE 15.x
$ wget -O /etc/zypp/repos.d/zammad.repo \ https://dl.packager.io/srv/zammad/zammad/stable/installer/sles/15.repo
- Install Zammad
$ apt update $ apt install zammad
# CentOS 7 $ yum install postgresql14-server $ postgresql-14-setup initdb $ systemctl start postgresql-14 $ systemctl enable postgresql-14 # general $ yum install zammad
Due to an issue with packager.io on CentOS 8 you’ll need to correct file permissions for public files.
chmod -R 755 /opt/zammad/public/
$ zypper ref $ zypper install zammad
Firewall & SELinux¶
Some parts of these steps may not apply to you, feel free to skip them!
SELinux¶
$ # Allow nginx or apache to access public files of Zammad and communicate
$ chcon -Rv --type=httpd_sys_content_t /opt/zammad/public/
$ setsebool httpd_can_network_connect on -P
$ semanage fcontext -a -t httpd_sys_content_t /opt/zammad/public/
$ restorecon -Rv /opt/zammad/public/
$ chmod -R a+r /opt/zammad/public/
SELinux support on SUSE seems to be in early state, at least for SLES 12 (and Leap 42.x). This is why we won’t cover it in this documentation.
See the documentation for more input if you still wish to continue.
Firewall¶
Note
Below only covers the distributions default firewall. It may not cover your case.
$ # Open Port 80 and 443 on your Firewall
$ ufw allow 80
$ ufw allow 443
$ ufw reload
Warning
We’re covering nftables
in this part - iptables is discouraged
starting from Debian 10 (Buster).
Our example uses the input
chain, yours may be a different one!
Add the following lines to /etc/nftables.conf
or your specific rule
file. Ensure to add these lines to your input-chain.
# Open Port 80 and 443 for Zammad
tcp dport { http, https } accept
udp dport { http, https } accept
The result should look like the following. Keep in mind that your enviroment could require different / more rules.
#!/usr/local/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0; policy drop;
ct state established,related accept
tcp dport ssh log accept
tcp dport { http, https } accept
udp dport { http, https } accept
}
chain forward {
type filter hook forward priority 0; policy accept;
}
chain output {
type filter hook output priority 0; policy accept;
}
}
To load your new rules, simply run systemctl reload nftables
.
$ # Open Port 80 and 443 on your Firewall
$ firewall-cmd --zone=public --add-service=http --permanent
$ firewall-cmd --zone=public --add-service=https --permanent
$ firewall-cmd --reload
If your system does not yet know webserver rules, you can add a new one
for your firewall by creating the file
/etc/sysconfig/SuSEfirewall2.d/services/webserver
with this content:
## Name: Webserver
## Description: Open ports for HTTP and HTTPs
# space separated list of allowed TCP ports
TCP="http https"
# space separated list of allowed UDP ports
UDP="http https"
After that locate FW_CONFIGURATIONS_EXT
within
/etc/sysconfig/SuSEfirewall2
and add the option webserver
to the
list. The list is seperated by spaces.
You may require a different zone, above covers the external zone.
Now ensure to restart the firewall service.
systemctl restart SuSEfirewall2
If we didn’t cover your distribution or firewall in question, ensure to
open ports 80
and 443
(TCP & UDP) beside of the ports you need.
Manage services of Zammad¶
In general Zammad uses three services - these can be (re)started & stopped
with the parent zammad
.
$ # Zammad service to start all services at once
$ systemctl (status|start|stop|restart) zammad
$ # Zammads internal puma server (relevant for displaying the web app)
$ systemctl (status|start|stop|restart) zammad-web
$ # Zammads background worker - relevant for all delayed- and background jobs
$ systemctl (status|start|stop|restart) zammad-worker
$ # Zammads websocket server for session related information
$ systemctl (status|start|stop|restart) zammad-websocket
Next steps¶
With this Zammad technically is ready to go. However, you’ll need to follow the following further steps to access Zammads Web-UI and getting started with it.
You may also find Zammads Console commands useful
If you expect usage with 5 agents or more you may also want to consider the following pages.