Installing OTRS on Ubuntu Server | Information Technology from Valdemar

This article is written for those who were searching for a detailed and simple for the understanding guide on how to install OTRS on Ubuntu Server.

OTRS Community Edition is a free, open-source service management system often used by IT services, customer service, and corporate security services to structure their communications and tasks.

Minimum system requirements for the OTRS server:

  • Processor: x64, 3GHz Xeon
  • RAM: 8GB
  • Storage: 256GB

In this guide, we will consider the case when you already have a server with the Ubuntu Server 18.04 LTS operating system installed on it.

You can read more about how to install Ubuntu Server 18.04 LTS in my guide «Installing Ubuntu Server 18.04 LTS».

In addition, OpenSSH must be installed on the server, and port 22 must be open in order to be able to connect to the server using the SSH protocol.

To install OpenSSH on the server, you can use the command:

sudo apt-get install openssh-server

If you plan to connect to the server using the Windows operating system, you can use PuTTY, a freeware client for various remote access protocols, including SSH, Telnet, rlogin.

This guide covers connecting to a server using the iTerm2 terminal emulator installed on the macOS operating system.

Please note that you will need to open the following TCP ports to access your server:

  • 80 – to receive a free cryptographic certificate through the Let’s Encrypt certificate authority.
  • 443 – to access the Bitwarden control panel.
  • 993 (SSL) – for receiving an email.
  • 465 (SSL) or 587 (TLS / STARTTLS) – to send email.

Connect to the server on which it is planned to install OTRS.

Next, you need to confirm that we trust the server to which we are connecting.

Enter “yes” and press the “Enter” button.

To obtain and subsequently renew a free SSL certificate, we will use the Let’s Encrypt Certificate Authority, as well as the Certbot software client, which is designed to simplify the receipt and renewal of the certificate through the Let’s Encrypt Certificate Authority.

Add the Certbot repository using the command:

sudo add-apt-repository ppa:certbot/certbot

Press the “Enter” button to confirm the addition of a new repository.

Now install the packages necessary for OTRS to work using the command:

sudo apt-get install -y mysql-server apache2 zip unzip build-essential bash-completion certbot python-certbot-apache libapache2-mod-perl2 libdbd-mysql-perl libtimedate-perl libnet-dns-perl libnet-ldap-perl libio-socket-ssl-perl libpdf-api2-perl libdbd-mysql-perl libsoap-lite-perl libtext-csv-xs-perl libjson-xs-perl libapache-dbi-perl libxml-libxml-perl libxml-libxslt-perl libyaml-perl libarchive-zip-perl libcrypt-eksblowfish-perl libencode-hanextra-perl libmail-imapclient-perl libtemplate-perl libdigest-md5-perl libcrypt-ssleay-perl libdatetime-perl libauthen-ntlm-perl

Please note that in this guide, MySQL will be used as the database management system, and Apache will be used as the webserver.

Now we will configure MySQL for further work with OTRS.

First, you need to run the script “mysql_secure_installation”, which is designed to provide a basic level of MySQL security.

Run the script using the command:

sudo mysql_secure_installation

Next, you need to answer a few questions to ensure the basic level of MySQL security.

The first question is whether you want to use the plugin to check the password strength, which will need to be set later for the root user, who has administrator rights in MySQL.

Press the “y” button, then “Enter”.

At the next stage, you need to select the password complexity check level, which will need to be set later for the “root” user with administrator rights in MySQL.

In this guide, we will look at the highest level of password strength checking for the root user.

Press the “2” button, then “Enter”.

The next step is to specify a strong password for the user “root”, who has administrator rights in MySQL.

Specify a strong password for the user “root” and press the “Enter” button.

Next, specify the password for the “root” user again and press the “Enter” button.

The next question is whether you want to go to the next step to configure the basic MySQL security level with the received password strength value.

Please note that if the password you specify is set to “Estimated strength of the password” less than 100, it means that the password you specified earlier for the user “root” is not strong enough, and you need to specify a more reliable password.

In this manual, the value of “Estimated strength of the password” is 100, which indicates that the password specified earlier is strong enough.

Press the “y” button, then “Enter”.

The next question is whether you want to remove anonymous users.

Press the “y” button, then “Enter”.

The next question is whether you want to disable the ability to remotely connect to MySQL for the root user.

Press the “y” button, then “Enter”.

The next question is whether you want to delete the test databases.

Press the “y” button, then “Enter”.

Now you need to apply the changes.

Press the “y” button, then “Enter”.

Now you need to create a database, which OTRS will use in the future, as well as a user with the necessary rights to this database.

Connect to the MySQL management console using the command:

sudo mysql -u root -p

Specify the password for the “root” account, set earlier, and press the “Enter” button.

In this manual, otrsdb will be used as the database name for OTRS.

Create a database that OTRS will use in the future using the command:

CREATE DATABASE otrsdb CHARACTER SET utf8;

In this manual, “otrsdbuser” with the password “j +> ^ 9.7? 36mZ / 6Z8e2} 9” will be used as the user name that has the rights to the database for OTRS operation.

Create the user, assign him a password and issue the rights to the previously created database to the new user using the command:

GRANT ALL PRIVILEGES ON otrsdb.* TO 'otrsdbuser'@'localhost' IDENTIFIED BY 'j+>^9,7?36mZ/6Z8e2}9';

Apply the changes using the command:

FLUSH PRIVILEGES;

Disconnect from the MySQL management console using the command:

quit

Now you need to make changes to the MySQL configuration file to ensure OTRS works correctly.

Open the MySQL configuration file in a text editor using the command:

sudo vim /etc/mysql/mysql.conf.d/mysqld.cnf

Press the “i” button to enter the editing mode, find the “max_allowed_packet” parameter and change its value to “64M”.

Next, find the query_cache_size parameter and change its value to 32M.

Next, at the end of the file, specify additional parameters:

innodb_log_file_size = 256M
collation-server = utf8_unicode_ci
init-connect=’SET NAMES utf8′
character-set-server = utf8

Now press the “Esc” button to exit the editing mode, and then enter “: x” and press the “Enter” button to save the changes and exit the editor.

Restart MySQL to apply the changes using the command:

sudo systemctl restart mysql

Verify that MySQL started successfully using the command:

sudo systemctl status mysql

Now download the otrs-latest.tar.gz archive containing the files for OTRS to work using the command:

sudo wget https://ftp.otrs.org/pub/otrs/otrs-latest.tar.gz

Please note that the archive named “latest” will always contain the latest version of OTRS.

Unzip the downloaded archive “otrs-latest.tar.gz” using the command:

tar xzf otrs-latest.tar.gz

Now delete the previously downloaded otrs-latest.tar.gz archive containing the files for OTRS to work using the command:

sudo rm -f otrs-latest.tar.gz

Move and rename the directory with the files for OTRS operation, obtained from the archive, using the command:

sudo mv otrs-* /opt/otrs

Now create the user “otrs”, which will be used to start OTRS, using the command:

sudo useradd -d /opt/otrs -c 'OTRS user' otrs

Next, add a new user to the “www-data” group using the command:

sudo usermod -G www-data otrs

Prepare the OTRS configuration file using the command:

sudo cp /opt/otrs/Kernel/Config.pm.dist /opt/otrs/Kernel/Config.pm

Now you need to verify that all Perl modules required for OTRS are installed and do not need to be updated.

Check the Perl modules necessary for OTRS to work using the command:

sudo /opt/otrs/bin/otrs.CheckModules.pl

Further, you may need to update some Perl modules when you receive a warning.

In this case, a warning was received about the need to update the modules “ID::Socket::SSL” and “Net::SMTP”.

Update the module “ID::Socket::SSL” to the new version using the command:

sudo cpan upgrade IO::Socket::SSL

The next question is whether you want to use the automatic configuration function “CPAN.pm”.

Press the “Enter” button.

Update the module “Net::SMTP” to the new version using the command:

sudo cpan upgrade Net::SMTP

Again, check the Perl modules necessary for OTRS to work using the command:

sudo /opt/otrs/bin/otrs.CheckModules.pl

All Perl modules required for OTRS are installed and do not need to be updated.

Next, you need to do a few more checks for missing dependencies and Perl modules.

Perform the first check for missing dependencies and Perl modules using the command:

sudo perl -cw /opt/otrs/bin/cgi-bin/index.pl

The first check for missing dependencies and Perl modules was successful.

Perform a second check for missing dependencies and Perl modules using the command:

sudo perl -cw /opt/otrs/bin/cgi-bin/customer.pl

The second check for missing dependencies and Perl modules was successful.

Perform the third check for missing dependencies and Perl modules using the command:

sudo perl -cw /opt/otrs/bin/otrs.Console.pl

The third check for missing dependencies and Perl modules was successful.

Now we will configure Apache for later work with the Multicraft control panel.

Enable the Apache webserver module called “headers” with the command:

sudo a2enmod headers

Note that the headers module can be used to add more specific Cache-Control parameters.

Enable the Apache webserver module called “rewrite” with the command:

sudo a2enmod rewrite

Please note that the “rewrite” module is one of the most commonly used Apache webserver modules and provides a flexible and powerful way to manipulate URLs.

Please note that for OTRS to work correctly, Apache modules such as “perl”, “deflate” and “filter” will still be required. These modules should be enabled by default, but you can verify this using the commands:

sudo a2enmod perl

sudo a2enmod deflate

sudo a2enmod filter

Now you need to create four virtual host files (called block in Nginx), with which OTRS will continue to work.

Two virtual host files are required to provide access to OTRS via HTTPS, as well as to redirect agents from the otrs.heyvaldemar.net subdomain to the address for the agents to work https://otrs.heyvaldemar.net/otrs/index.pl.

Два других файла виртуальных хостов потребуются для обеспечения доступа к OTRS по HTTPS, а также для перенаправления клиентов с субдомена support.heyvaldemar.net на адрес для работы клиентов https://otrs.heyvaldemar.net/otrs/customer.pl.

In this guide, the otrs.heyvaldemar.net subdomain will be used for agents to access the OTRS web interface from the Internet, and the support.heyvaldemar.net subdomain will be used for client access. You will need to specify your domains or subdomains by which OTRS will be available from the Internet for agents and clients.

Create the first virtual host file using a text editor using the command:

sudo vim /etc/apache2/sites-available/otrs.heyvaldemar.net.conf

Press the “i” button to enter the editing mode, then insert the following configuration for the webserver to work:

In this manual, for accessing agents to the OTRS web interface from the Internet, the otrs.heyvaldemar.net subdomain will be used, from which agents will be redirected to https://otrs.heyvaldemar.net/otrs/index.pl. You will need to specify your domain or subdomain by which OTRS will be available from the Internet for agents.

Now press the “Esc” button to exit the editing mode, and then enter “: x” and press the “Enter” button to save the changes and exit the editor.

Create a second virtual host file using a text editor using the command:

sudo vim /etc/apache2/sites-available/otrs.heyvaldemar.net-ssl.conf

Press the “i” button to enter the editing mode, then insert the following configuration for the webserver to work:

In this manual, for accessing agents to the OTRS web interface from the Internet, the otrs.heyvaldemar.net subdomain will be used, from which agents will be redirected to https://otrs.heyvaldemar.net/otrs/index.pl. You will need to specify your domain or subdomain by which OTRS will be available from the Internet for agents.

Now press the “Esc” button to exit the editing mode, and then enter “: x” and press the “Enter” button to save the changes and exit the editor.

Create a third virtual host file using a text editor using the command:

sudo vim /etc/apache2/sites-available/support.heyvaldemar.net.conf

Press the “i” button to enter the editing mode, then insert the following configuration for the webserver to work:

In this guide, for accessing clients to the OTRS web interface from the Internet, the support.heyvaldemar.net subdomain will be used, from which clients will be redirected to https://otrs.heyvaldemar.net/otrs/customer.pl. You will need to specify your domain or subdomain by which OTRS will be available from the Internet for customers.

Now press the “Esc” button to exit the editing mode, and then enter “: x” and press the “Enter” button to save the changes and exit the editor.

Create the fourth virtual host file using a text editor using the command:

sudo vim /etc/apache2/sites-available/support.heyvaldemar.net-ssl.conf

Press the “i” button to enter the editing mode, then insert the following configuration for the webserver to work:

In this guide, for accessing clients to the OTRS web interface from the Internet, the support.heyvaldemar.net subdomain will be used, from which clients will be redirected to https://otrs.heyvaldemar.net/otrs/customer.pl. You will need to specify your domain or subdomain by which OTRS will be available from the Internet for customers.

Now press the “Esc” button to exit the editing mode, and then enter “: x” and press the “Enter” button to save the changes and exit the editor.

Activate the first virtual host using the command:

sudo a2ensite otrs.heyvaldemar.net.conf

Activate the second virtual host using the command:

sudo a2ensite otrs.heyvaldemar.net-ssl.conf

Activate the third virtual host using the command:

sudo a2ensite support.heyvaldemar.net.conf

Activate the fourth virtual host using the command:

sudo a2ensite support.heyvaldemar.net-ssl.conf

Now you need to activate the virtual host for OTRS, which must be loaded after all other settings. To do this, you can use the symbolic link with the prefix “zzz”.

Activate the virtual host for OTRS using the command:

sudo ln -s /opt/otrs/scripts/apache2-httpd.include.conf /etc/apache2/sites-enabled/zzz_otrs.conf

Deactivate the default virtual host using the command:

sudo a2dissite 000-default.conf

Make sure that there are no errors in the syntax of the new Apache configuration file using the command:

sudo apache2ctl configtest

Restart Apache to apply the changes using the command:

sudo systemctl restart apache2

Verify that Apache started successfully using the command:

sudo systemctl status apache2

Now you need to assign the correct permissions to files and directories for the correct operation of OTRS. To do this, use a special script.

Go to the otrs folder using the command:

cd /opt/otrs

Assign the correct permissions to files and directories for the correct operation of OTRS using the command:

sudo bin/otrs.SetPermissions.pl

Now, to increase the security level of the webserver, it is necessary to obtain a cryptographic certificate for the domain or subdomain, through which the OTRS web interface will be accessible from the Internet.

To obtain and subsequently renew a free SSL certificate, we will use the Let’s Encrypt Certificate Authority, as well as the Certbot software client, which is designed to simplify the receipt and renewal of the certificate through the Let’s Encrypt Certificate Authority.

In this guide, the otrs.heyvaldemar.net subdomain will be used for agents to access the OTRS web interface from the Internet, and the support.heyvaldemar.net subdomain for client access. You will need to specify your domains or subdomains by which OTRS will be available from the Internet for agents and clients.

Request a cryptographic certificate using the command:

sudo certbot --apache -d otrs.heyvaldemar.net -d support.heyvaldemar.net

Next, specify the email address to which Let’s Encrypt will send notifications about the expiration of the cryptographic certificate and press the “Enter” button.

The next step is to read and accept the terms of use of the services provided.

Press the “a” button, then “Enter” if you agree to the terms of use of the services provided.

At the next stage, you must choose: do you want to share the email address indicated above with the Electronic Frontier Foundation to receive newsletters.

Press the “n” button, then “Enter”.

The next step is to choose: do you want the parameters to automatically redirect HTTP traffic to HTTPS be automatically added to the Apache configuration file.

Press the button “1”, then “Enter”.

Please note that the cryptographic certificates received through the Let’s Encrypt Certificate Authority are valid for ninety days. Certbot automatically adds a script to renew the certificate in the task scheduler, and the script runs twice a day, automatically updating any cryptographic certificate that expires in thirty days.

You can check the operability of the cryptographic certificate renewal process using the command:

sudo certbot renew --dry-run

To continue the process of installing the OTRS, you must go from workstation to the link https://otrs.heyvaldemar.net/otrs/installer.pl, где otrs.heyvaldemar.net is the name of my server. Accordingly, you need to specify the name or IP address of your server with the OTRS installed.

Click on the “Next” button.

The next step is to accept the license terms.

Click on the “Next” button if you agree with the OTRS license agreement.

Next, you need to specify a database management system that will be used to work with OTRS.

In the “Type” field, select “MySQL”.

In the “Install Type” section, select “Use an existing database for OTRS”.

Click on the “Next” button.

In the next step, you must specify the data to connect to the previously created database.

In this manual, “otrsdbuser” is used as the user name that has the rights to the database for OTRS operation.

In the “User” field specify “otrsdbuser”.

In the “Password” field specify the password assigned to the user “otrsdbuser”.

In the “Host” field specify “127.0.0.1”.

In this manual, “otrsdb” is used as the database name for OTRS.

In the “Database name” field specify “otrsdb”.

Click on the “Check database settings” button.

A database connection successfully established.

Click on the “Next” button.

The database has been successfully prepared for working with OTRS.

Click on the “Next” button.

In the next step, you need to specify some more parameters for the OTRS operation.

In the “SystemID” field, select the desired number, which will serve as the identifier of the OTRS system. This identifier will be part of the number for all applications in OTRS.

In the “System FQDN” field, specify the domain or subdomain by which OTRS is accessible from the Internet.

In this manual, the otrs.heyvaldemar.net subdomain will be used to access the OTRS web interface from the Internet. You will need to specify your domain or subdomain by which OTRS will be accessible from the Internet.

In the “AdminEmail” field specify the current email address of the OTRS administrator.

In the “Organization” field specify the name of your organization.

In the “LogModule” field specify “Syslog”.

In the “Default Language” field specify the language for your OTRS system.

In the “ChechMXRecord” field specify “Yes” to check MX records for the email addresses specified in OTRS.

Click on the “Next” button.

In the next step, you can specify the data that OTRS will use to send and receive emails. These settings are discussed in the OTRS configuration guide, and at this stage, it is better to skip them.

For details on how to configure OTRS, you can read in my guide “Configuring OTRS”.

Click on the “Skip this step” button.

In the next step, you will receive the username and password of an account that has OTRS administrator rights.

Save this data in a safe place.

Now you need to start the OTRS daemon.

Return to the terminal emulator and start the OTRS daemon using the command:

sudo su - otrs -c "/opt/otrs/bin/otrs.Daemon.pl start"

Please note, the daemon will be launched as user “otrs”.

Now you need to activate two files that will be used by the cron task scheduler to verify that the OTRS daemon is running.

Go to the cron folder with the command:

cd /opt/otrs/var/cron

Activate the first file for the cron task scheduler using the command:

sudo cp aaa_base.dist aaa_base

Activate the second file for the cron task scheduler using the command:

sudo cp otrs_daemon.dist otrs_daemon

Now, to schedule tasks in the cron task scheduler, you need to use the “Cron.sh” script with the command:

sudo su - otrs -c "/opt/otrs/bin/Cron.sh start"

Please note that scheduled tasks will be performed under the user “otrs”.

OTRS installation completed successfully.

Now you need to make changes to your OTRS configuration to ensure that all internal links in OTRS use HTTPS.

Go from workstation to the link https://otrs.heyvaldemar.net/otrs/installer.pl, где otrs.heyvaldemar.net is the name of my server. Accordingly, you need to specify the name or IP address of your server with the OTRS installed.

Specify the username and password of an account with OTRS administrator rights, and click on the “Login” button.

Welcome to the web interface for OTRS agents.

Click on the “Admin” button.

Now in the “Administration” section, select “System Configuration”.

In the search bar, specify “HttpType” and in the presented search result, select “HttpType”.

In the “HttpType” section, specify “https”.

Click on the checkbox to the right of the changed parameter to save the changes.

Changes made are saved. Now they need to be applied.

Click on the notification “You have undeployed settings, would you like to deploy it them?”

In the “Changes Overview” section, select the change that you want to apply, and click on the “Deploy selected changes” button.

Click on the “Deploy now” button to confirm the application of previously made changes.

Now you need to change the time zone for the OTRS administrator account.

Click on the notification “Please select a time zone in your preferences and confirm it by clicking save button”.

In the “Time Zone” field, select the appropriate time zone.

Click on the checkbox to the right of the changed parameter to save the changes.

Then click on the image of the house in the upper left corner of the screen to return to the OTRS main page for agents.

For details on how to configure OTRS, you can read in my guide “Configuring OTRS”.

Author

Hi, I’m Vladimir Mikhalev, but my friends call me Valdemar. I have a lot of experience in the design and maintenance of various information systems. On my website, you will find detailed and clear guides for setting up IT solutions. Dive into the ocean, full of positive and technology! For cooperation: callvaldemar@gmail.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.