Howto freepbx debian12: Difference between revisions

From Vidalinux Wiki
Jump to navigation Jump to search
 
(37 intermediate revisions by the same user not shown)
Line 2: Line 2:
download cloud image:
download cloud image:
  wget http://cdimage.debian.org/cdimage/cloud/bookworm/latest/debian-12-generic-amd64.qcow2
  wget http://cdimage.debian.org/cdimage/cloud/bookworm/latest/debian-12-generic-amd64.qcow2
copy image to another name:
cp debian-12-generic-amd64.qcow2 freepbx-latest-amd64-$(date +%F).qcow2
resize cloud image:
resize cloud image:
  qemu-img resize debian-12-generic-amd64.qcow2 +8GB
  qemu-img resize freepbx-latest-amd64-$(date +%F).qcow2 +8G
resize image:
virt-resize --expand /dev/sda1 debian-12-generic-amd64.qcow2 freepbx-latest-amd64-$(date +%F).qcow2
change root password to image:
change root password to image:
  virt-sysprep -a debian-12-generic-amd64.qcow2 -q --root-password password:livinglavidalinux
  virt-sysprep -a freepbx-latest-amd64-$(date +%F).qcow2 -q --root-password password:livinglavidalinux
 
= configure network =
= configure network =
boot with image and resize filesystem:
boot with image and resize filesystem:
  resize2fs /dev/vda1
  resize2fs /dev/vda1
add this parameters to grub configuration /etc/default/grub:
  GRUB_CMDLINE_LINUX="biosdevname=0 net.ifnames=0"
update grub configuration:
update-grub
configure network:
configure network:
  nano /etc/systemd/network/20-wired.network
  nano /etc/systemd/network/20-wired.network
add the following configuration:
for static ip address add the following configuration:
  [Match]
  [Match]
  Name=enp1s0
  Name=eth0
   
   
  [Network]
  [Network]
Line 20: Line 29:
  DNS=4.2.2.1
  DNS=4.2.2.1
  DNS=4.2.2.2
  DNS=4.2.2.2
for dhcp add the following configuration:
[Match]
Name=eth0
[Network]
DHCP=yes
enable networkd service:
enable networkd service:
  systemctl enable --now systemd-networkd
  systemctl enable systemd-networkd
start networkd service:
systemctl restart systemd-networkd
configure ssh service:
configure ssh service:
  dpkg-reconfigure openssh-server
  dpkg-reconfigure openssh-server
Line 29: Line 46:
restart sshd service:
restart sshd service:
  systemctl restart sshd
  systemctl restart sshd
= configure system =
 
update repo and upgrade system:
= install and configure freepbx =
  apt-get update && apt-get upgrade
download installation script:
install the following dev packages:
https://raw.githubusercontent.com/FreePBX/sng_freepbx_debian_install/refs/heads/master/sng_freepbx_debian_install.sh
  apt -y install build-essential git curl wget libnewt-dev libssl-dev libncurses5-dev subversion libsqlite3-dev libjansson-dev libxml2-dev uuid-dev default-libmysqlclient-dev htop sngrep lame ffmpeg mpg123 git vim curl wget libnewt-dev libssl-dev libncurses5-dev subversion libsqlite3-dev build-essential libjansson-dev libxml2-dev uuid-dev expect
change permissions:
= install lamp =
  chmod +x sng_freepbx_debian_install.sh
install apache and php dependencies:
execute script to begin installation:
  apt-get install -y build-essential linux-headers-`uname -r` openssh-server apache2 mariadb-server mariadb-client bison flex php8.2 php8.2-curl php8.2-cli php8.2-common php8.2-mysql php8.2-gd php8.2-mbstring php8.2-intl php8.2-xml php-pear curl sox libncurses5-dev libssl-dev mpg123 libxml2-dev libnewt-dev sqlite3 libsqlite3-dev pkg-config automake libtool autoconf git unixodbc-dev uuid uuid-dev libasound2-dev libogg-dev libvorbis-dev libicu-dev libcurl4-openssl-dev odbc-mariadb libical-dev libneon27-dev libsrtp2-dev libspandsp-dev sudo subversion libtool-bin python-dev-is-python3 unixodbc vim wget libjansson-dev software-properties-common nodejs npm ipset iptables fail2ban php-soap
  ./sng_freepbx_debian_install.sh
= asterisk configuration =
= create ssl certificates =
compile and install asterisk:
create directory to store certs:
  cd /usr/src
  mkdir /etc/apache2/ssl && cd /etc/apache2/ssl
  wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-21-current.tar.gz
create rsa key:
  tar xvf asterisk-21-current.tar.gz
openssl genrsa -out server.key 3072
  cd asterisk-21*/
create certificate csr:
contrib/scripts/get_mp3_source.sh
openssl req -new -key server.key -out server.csr
  contrib/scripts/install_prereq install
fill the following blanks:
  ./configure --libdir=/usr/lib64 --with-pjproject-bundled --with-jansson-bundled
Country Name (2 letter code) []: '''US'''
make menuselect
State or Province Name (full name) []: '''Puerto Rico'''
  make
Locality Name (eg, city) []: '''San Juan'''
  make install
Organization Name (eg, company) []: '''Vidalinux.com Corp.'''
  make samples
Organizational Unit Name (eg, section) []: '''Linux Consulting'''
  make config
  Common Name (eg, your name or your server's hostname) []: '''freepbx.example.com'''
  ldconfig
  Email Address []: '''asterisk@example.com'''
add group asterisk and set permissions:
  Please enter the following 'extra' attributes
  groupadd asterisk
to be sent with your certificate request
  useradd -r -d /var/lib/asterisk -g asterisk asterisk
A challenge password []: '''just press enter'''
  usermod -aG audio,dialout asterisk
  An optional company name []: '''just press enter'''
  chown -R asterisk:asterisk /etc/asterisk
create the certificate:
  chown -R asterisk:asterisk /var/{lib,log,spool}/asterisk
  openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
  chown -R asterisk:asterisk /usr/lib64/asterisk   
edit /etc/apache2/sites-available/default-ssl.conf
  sed -i 's|#AST_USER|AST_USER|' /etc/default/asterisk
  ServerName freepbx.example.com
  sed -i 's|#AST_GROUP|AST_GROUP|' /etc/default/asterisk
  SSLCertificateFile      /etc/apache2/ssl/server.crt       
  sed -i 's|;runuser|runuser|' /etc/asterisk/asterisk.conf
  SSLCertificateKeyFile  /etc/apache2/ssl/server.key
  sed -i 's|;rungroup|rungroup|' /etc/asterisk/asterisk.conf
restart apache server:
  echo "/usr/lib64" >> /etc/ld.so.conf.d/x86_64-linux-gnu.conf
  systemctl restart apache2.service
ldconfig
 
= email setup =
install packages:
  apt-get -y install postfix mailutils libsasl2-modules
configure postfix to relay email to another server:
  cat > /etc/postfix/main.cf << EOF
  compatibility_level = 3.6
  relayhost = smtp.gmail.com:587
  smtp_use_tls = yes
  smtp_sasl_auth_enable = yes
  smtp_sasl_security_options = noanonymous
  smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
  smtp_sasl_mechanism_filter = plain
  smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_security_level = encrypt
  maillog_file = /var/log/postfix.log
  EOF
create /etc/postfix/sasl_passwd:
  cat > /etc/postfix/sasl_passwd << EOF
smtp.gmail.com:587 your_email@example.com:your_password
EOF
set file permissions and execute postmap:
  chmod 600 /etc/postfix/sasl_passwd
  postmap /etc/postfix/sasl_passwd
restart postfix:
systemctl restart postfix
test configuration by sending email:
echo "This is a test email." | mail -s "Test Email" recipient@example.com
 
= troubleshooting =
if asterisk doesn't start when running fwconsole start:
Unable to connect to Asterisk. Did it start?
make sure the user and password for AMI access are correct:
  fwconsole setting --list |grep MGR
if output show the following:
| AMPMGRPASS | amp111 | amp111
| AMPMGRUSER | admin  | admin
then you should have the following on /etc/asterisk/manager.conf:
[admin]
  secret = amp111
= references =
* https://community.freepbx.org/t/freepbx-17-upgrades/93986/19
* https://sangomakb.atlassian.net/wiki/spaces/FP/pages/10420410/Version+17.0+Installation
* https://github.com/FreePBX/sng_freepbx_debian_install

Latest revision as of 00:21, 1 November 2024

download cloud image

download cloud image: 

wget http://cdimage.debian.org/cdimage/cloud/bookworm/latest/debian-12-generic-amd64.qcow2

copy image to another name: 

cp debian-12-generic-amd64.qcow2 freepbx-latest-amd64-$(date +%F).qcow2

resize cloud image: 

qemu-img resize freepbx-latest-amd64-$(date +%F).qcow2 +8G

resize image: 

virt-resize --expand /dev/sda1 debian-12-generic-amd64.qcow2 freepbx-latest-amd64-$(date +%F).qcow2

change root password to image: 

virt-sysprep -a freepbx-latest-amd64-$(date +%F).qcow2 -q --root-password password:livinglavidalinux

configure network

boot with image and resize filesystem: 

resize2fs /dev/vda1

add this parameters to grub configuration /etc/default/grub: 

 GRUB_CMDLINE_LINUX="biosdevname=0 net.ifnames=0"

update grub configuration: 

update-grub

configure network: 

nano /etc/systemd/network/20-wired.network

for static ip address add the following configuration: 

[Match]
Name=eth0

[Network]
Address=192.168.75.25/24
Gateway=192.168.75.1
DNS=4.2.2.1
DNS=4.2.2.2

for dhcp add the following configuration: 

[Match]
Name=eth0

[Network]
DHCP=yes

enable networkd service: 

systemctl enable systemd-networkd

start networkd service: 

systemctl restart systemd-networkd

configure ssh service: 

dpkg-reconfigure openssh-server

allow root user and password authentication: 

sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config

restart sshd service: 

systemctl restart sshd

install and configure freepbx

download installation script: 

https://raw.githubusercontent.com/FreePBX/sng_freepbx_debian_install/refs/heads/master/sng_freepbx_debian_install.sh

change permissions: 

chmod +x sng_freepbx_debian_install.sh

execute script to begin installation: 

./sng_freepbx_debian_install.sh

create ssl certificates

create directory to store certs: 

mkdir /etc/apache2/ssl && cd /etc/apache2/ssl

create rsa key: 

openssl genrsa -out server.key 3072

create certificate csr: 

openssl req -new -key server.key -out server.csr

fill the following blanks: 

Country Name (2 letter code) []: US
State or Province Name (full name) []: Puerto Rico
Locality Name (eg, city) []: San Juan
Organization Name (eg, company) []: Vidalinux.com Corp.
Organizational Unit Name (eg, section) []: Linux Consulting
Common Name (eg, your name or your server's hostname) []: freepbx.example.com
Email Address []: asterisk@example.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: just press enter
An optional company name []: just press enter

create the certificate: 

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

edit /etc/apache2/sites-available/default-ssl.conf 

ServerName freepbx.example.com
SSLCertificateFile      /etc/apache2/ssl/server.crt         
SSLCertificateKeyFile   /etc/apache2/ssl/server.key

restart apache server: 

systemctl restart apache2.service

email setup

install packages: 

apt-get -y install postfix mailutils libsasl2-modules

configure postfix to relay email to another server: 

cat > /etc/postfix/main.cf << EOF
compatibility_level = 3.6
relayhost = smtp.gmail.com:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_mechanism_filter = plain
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_security_level = encrypt
maillog_file = /var/log/postfix.log
EOF

create /etc/postfix/sasl_passwd: 

cat > /etc/postfix/sasl_passwd << EOF
smtp.gmail.com:587 your_email@example.com:your_password
EOF

set file permissions and execute postmap: 

chmod 600 /etc/postfix/sasl_passwd 
postmap /etc/postfix/sasl_passwd

restart postfix: 

systemctl restart postfix

test configuration by sending email: 

echo "This is a test email." | mail -s "Test Email" recipient@example.com

troubleshooting

if asterisk doesn't start when running fwconsole start: 

Unable to connect to Asterisk. Did it start?

make sure the user and password for AMI access are correct: 

fwconsole setting --list |grep MGR

if output show the following: 

| AMPMGRPASS | amp111 | amp111 
| AMPMGRUSER | admin  | admin

then you should have the following on /etc/asterisk/manager.conf: 

[admin]
secret = amp111

references

Retrieved from "https://wiki.vidalinux.org/index.php?title=Howto_freepbx_debian12&oldid=3713"