Install from package¶
Note
sudo
is
not used.Prerequisites¶
Additional software dependencies¶
In addition to already mentioned Package dependencies, some operating systems may require additional packages if not already installed.
$ apt install curl apt-transport-https gnupg
The openSUSE Enterprise 15 variant requires additional repositories to be activated. To do so, run the following commands.
$ SUSEConnect --product sle-module-desktop-applications/$(. /etc/os-release; echo $VERSION_ID)/$(uname -i)
$ SUSEConnect --product PackageHub/$(. /etc/os-release; echo $VERSION_ID)/$(uname -i)
$ yum install wget epel-release
Setup Elasticsearch¶
Elasticsearch is a dependency of Zammad and needs to be provided before installing Zammad. Please take a look at the following page: Set up Elasticsearch.
Ensure correct locale¶
For Zammad to function correctly, your system has to use the correct locales.
List your current locale settings.
$ locale |grep "LANG="
If above does not return <lang_code>.utf8
you can correct this issue as follows.
$ apt install locales
$ locale-gen en_US.UTF-8
$ echo "LANG=en_US.UTF-8" > /etc/default/locale
List your current locale settings.
$ locale |grep "LANG="
If above does not return <lang_code>.utf8
you can correct this issue as follows.
$ localectl set-locale LANG=en_US.utf8
List your current locale settings.
$ localectl status |grep "LC_CTYPE"
If above does not return <lang_code>.utf8
you can correct this issue as follows.
$ localectl set-locale LC_CTYPE=en_US.UTF-8
Hint
By default OpenSUSE uses POSIX
as LANG
value for the root
user. Learn more about this within the OpenSUSE documentation.
This does not affect other users and thus can be ignored.
Add Repository and install Zammad¶
- Add Repository
- Install Repository Key
$ curl -fsSL https://dl.packager.io/srv/zammad/zammad/key | \ gpg --dearmor | tee /etc/apt/trusted.gpg.d/pkgr-zammad.gpg> /dev/null
- Ubuntu 20.04
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/ubuntu 20.04 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Ubuntu 22.04
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/ubuntu 22.04 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Install Repository Key
$ curl -fsSL https://dl.packager.io/srv/zammad/zammad/key | \ gpg --dearmor | tee /etc/apt/trusted.gpg.d/pkgr-zammad.gpg> /dev/null
- Debian 11
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/debian 11 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Debian 12
$ echo "deb [signed-by=/etc/apt/trusted.gpg.d/pkgr-zammad.gpg] https://dl.packager.io/srv/deb/zammad/zammad/stable/debian 12 main"| \ tee /etc/apt/sources.list.d/zammad.list > /dev/null
- Install Repository Key
$ rpm --import https://dl.packager.io/srv/zammad/zammad/key
- RHEL 8 / CentOS 8
$ wget -O /etc/yum.repos.d/zammad.repo \ https://dl.packager.io/srv/zammad/zammad/stable/installer/el/8.repo
- Install Repository Key
$ rpm --import https://dl.packager.io/srv/zammad/zammad/key
- SLES 15 / openSUSE 15.x
$ wget -O /etc/zypp/repos.d/zammad.repo \ https://dl.packager.io/srv/zammad/zammad/stable/installer/sles/15.repo
- Install Zammad
$ apt update $ apt install zammad
# general $ yum install zammad
Due to an issue with packager.io on CentOS 8 you’ll need to correct file permissions for public files.
chmod -R 755 /opt/zammad/public/
$ zypper ref $ zypper install zammad
Firewall & SELinux¶
Some parts of these steps may not apply to you, feel free to skip them!
SELinux¶
$ # Allow nginx or apache to access public files of Zammad and communicate
$ chcon -Rv --type=httpd_sys_content_t /opt/zammad/public/
$ setsebool httpd_can_network_connect on -P
$ semanage fcontext -a -t httpd_sys_content_t /opt/zammad/public/
$ restorecon -Rv /opt/zammad/public/
$ chmod -R a+r /opt/zammad/public/
See the documentation for more input if you wish to continue.
Firewall¶
Note
Below only covers the distribution’s default firewall. It may not cover your case.
$ # Open Port 80 and 443 on your Firewall
$ ufw allow 80
$ ufw allow 443
$ ufw reload
Warning
We’re covering nftables
in this part - iptables is discouraged
starting from Debian 10 (Buster).
Our example uses the input
chain, yours may be a different one!
Add the following lines to /etc/nftables.conf
or your specific rule
file. Ensure to add these lines to your input-chain.
# Open Port 80 and 443 for Zammad
tcp dport { http, https } accept
udp dport { http, https } accept
The result should look like the following. Keep in mind that your enviroment could require different / more rules.
#!/usr/local/sbin/nft -f
flush ruleset
table inet filter {
chain input {
type filter hook input priority 0; policy drop;
ct state established,related accept
tcp dport ssh log accept
tcp dport { http, https } accept
udp dport { http, https } accept
}
chain forward {
type filter hook forward priority 0; policy accept;
}
chain output {
type filter hook output priority 0; policy accept;
}
}
To load your new rules, simply run systemctl reload nftables
.
$ # Open Port 80 and 443 on your Firewall
$ firewall-cmd --zone=public --add-service=http --permanent
$ firewall-cmd --zone=public --add-service=https --permanent
$ firewall-cmd --reload
If your system does not yet know webserver rules, you can add a new one
for your firewall by creating the file
/etc/sysconfig/SuSEfirewall2.d/services/webserver
with this content:
## Name: Webserver
## Description: Open ports for HTTP and HTTPs
# space separated list of allowed TCP ports
TCP="http https"
# space separated list of allowed UDP ports
UDP="http https"
After that locate FW_CONFIGURATIONS_EXT
within
/etc/sysconfig/SuSEfirewall2
and add the option webserver
to the
list. The list is seperated by spaces.
You may require a different zone, above covers the external zone.
Now ensure to restart the firewall service.
systemctl restart SuSEfirewall2
If we didn’t cover your distribution or firewall in question, ensure to
open ports 80
and 443
(TCP & UDP) beside of the ports you need.
Manage services of Zammad¶
In general Zammad uses three services - these can be (re)started & stopped
with the parent zammad
.
$ # Zammad service to start all services at once
$ systemctl (status|start|stop|restart) zammad
$ # Zammads internal puma server (relevant for displaying the web app)
$ systemctl (status|start|stop|restart) zammad-web
$ # Zammads background worker - relevant for all delayed- and background jobs
$ systemctl (status|start|stop|restart) zammad-worker
$ # Zammads websocket server for session related information
$ systemctl (status|start|stop|restart) zammad-websocket
Next steps¶
With this Zammad technically is ready to go. However, you’ll need to follow the following further steps to access Zammads Web-UI and getting started with it.
You may also find Zammads Console commands useful
If you expect usage with 5 agents or more you may also want to consider the following pages.