Howto freepbx debian12: Difference between revisions
Mandulete1 (talk | contribs) |
Mandulete1 (talk | contribs) |
||
Line 122: | Line 122: | ||
systemctl enable freepbx | systemctl enable freepbx | ||
= enable ssl = | = enable ssl = | ||
create rsa key: | |||
openssl genrsa -out server.key 3072 | |||
create certificate csr: | |||
openssl req -new -key server.key -out server.csr | |||
fill the following blanks: | |||
Country Name (2 letter code) []: '''US''' | |||
State or Province Name (full name) []: '''Puerto Rico''' | |||
Locality Name (eg, city) []: '''San Juan''' | |||
Organization Name (eg, company) []: '''Vidalinux.com Corp.''' | |||
Organizational Unit Name (eg, section) []: '''Linux Consulting''' | |||
Common Name (eg, your name or your server's hostname) []: '''freepbx.ovox.io''' | |||
Email Address []: '''asterisk@ovox.io''' | |||
Please enter the following 'extra' attributes | |||
to be sent with your certificate request | |||
A challenge password []: '''just press enter''' | |||
An optional company name []: '''just press enter''' | |||
create the certificate: | |||
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt | |||
edit /etc/apache2/sites-available/default-ssl.conf | edit /etc/apache2/sites-available/default-ssl.conf | ||
ServerName freepbx.example.com | ServerName freepbx.example.com | ||
Line 129: | Line 147: | ||
a2enmod ssl | a2enmod ssl | ||
enable ssl site: | enable ssl site: | ||
cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled | cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled | ||
restart apache server: | restart apache server: | ||
systemctl restart apache2.service | systemctl restart apache2.service |
Revision as of 19:25, 9 September 2024
download cloud image
download cloud image:
wget http://cdimage.debian.org/cdimage/cloud/bookworm/latest/debian-12-generic-amd64.qcow2
resize cloud image:
qemu-img resize debian-12-generic-amd64.qcow2 +8GB
change root password to image:
virt-sysprep -a debian-12-generic-amd64.qcow2 -q --root-password password:livinglavidalinux
configure network
boot with image and resize filesystem:
resize2fs /dev/vda1
configure network:
nano /etc/systemd/network/20-wired.network
add the following configuration:
[Match] Name=enp1s0 [Network] Address=192.168.75.25/24 Gateway=192.168.75.1 DNS=4.2.2.1 DNS=4.2.2.2
enable networkd service:
systemctl enable --now systemd-networkd
configure ssh service:
dpkg-reconfigure openssh-server
allow root user and password authentication:
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
restart sshd service:
systemctl restart sshd
configure system
update repo and upgrade system:
apt-get update && apt-get upgrade
install the following dev packages:
apt -y install build-essential git curl wget libnewt-dev libssl-dev libncurses5-dev subversion libsqlite3-dev libjansson-dev libxml2-dev uuid-dev default-libmysqlclient-dev htop sngrep lame ffmpeg mpg123 git vim curl wget libnewt-dev libssl-dev libncurses5-dev subversion libsqlite3-dev build-essential libjansson-dev libxml2-dev uuid-dev expect cron
for troubleshooting install the following tools:
apt-get -y install net-tools htop screen tshark vim sngrep
install lamp
install apache and php dependencies:
apt-get install -y build-essential linux-headers-`uname -r` openssh-server apache2 mariadb-server mariadb-client bison flex php8.2 php8.2-curl php8.2-cli php8.2-common php8.2-mysql php8.2-gd php8.2-mbstring php8.2-intl php8.2-xml php-pear curl sox libncurses5-dev libssl-dev mpg123 libxml2-dev libnewt-dev sqlite3 libsqlite3-dev pkg-config automake libtool autoconf git unixodbc-dev uuid uuid-dev libasound2-dev libogg-dev libvorbis-dev libicu-dev libcurl4-openssl-dev odbc-mariadb libical-dev libneon27-dev libsrtp2-dev libspandsp-dev sudo subversion libtool-bin python-dev-is-python3 unixodbc vim wget libjansson-dev software-properties-common nodejs npm ipset iptables fail2ban php-soap
install and configure asterisk
compile and install asterisk:
cd /usr/src wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-21-current.tar.gz tar xvf asterisk-21-current.tar.gz cd asterisk-21*/ contrib/scripts/get_mp3_source.sh contrib/scripts/install_prereq install ./configure --libdir=/usr/lib64 --with-pjproject-bundled --with-jansson-bundled make menuselect make make install make samples make config ldconfig
add group asterisk and set permissions:
groupadd asterisk useradd -r -d /var/lib/asterisk -g asterisk asterisk usermod -aG audio,dialout asterisk chown -R asterisk:asterisk /etc/asterisk chown -R asterisk:asterisk /var/{lib,log,spool}/asterisk chown -R asterisk:asterisk /usr/lib64/asterisk sed -i 's|#AST_USER|AST_USER|' /etc/default/asterisk sed -i 's|#AST_GROUP|AST_GROUP|' /etc/default/asterisk sed -i 's|;runuser|runuser|' /etc/asterisk/asterisk.conf sed -i 's|;rungroup|rungroup|' /etc/asterisk/asterisk.conf echo "/usr/lib64" >> /etc/ld.so.conf.d/x86_64-linux-gnu.conf ldconfig
configure apache server:
sed -i 's/\(^upload_max_filesize = \).*/\120M/' /etc/php/8.2/apache2/php.ini sed -i 's/\(^memory_limit = \).*/\1256M/' /etc/php/8.2/apache2/php.ini sed -i 's/^\(User\|Group\).*/\1 asterisk/' /etc/apache2/apache2.conf sed -i 's/AllowOverride None/AllowOverride All/' /etc/apache2/apache2.conf a2enmod rewrite systemctl restart apache2 rm /var/www/html/index.html
configure mysql odbc:
cat <<EOF > /etc/odbcinst.ini [MySQL] Description = ODBC for MySQL (MariaDB) Driver = /usr/lib/x86_64-linux-gnu/odbc/libmaodbc.so FileUsage = 1 EOF
cat <<EOF > /etc/odbc.ini [MySQL-asteriskcdrdb] Description = MySQL connection to 'asteriskcdrdb' database Driver = MySQL Server = localhost Database = asteriskcdrdb Port = 3306 Socket = /var/run/mysqld/mysqld.sock Option = 3 EOF
install and configure freepbx
cd /usr/local/src wget http://mirror.freepbx.org/modules/packages/freepbx/freepbx-17.0-latest-EDGE.tgz tar zxvf freepbx-17.0-latest-EDGE.tgz cd /usr/local/src/freepbx/ ./start_asterisk start ./install -n
install all modules:
fwconsole ma installall fwconsole reload fwconsole restart
setup freepbx systemd script:
cat <<EOF > /etc/systemd/system/freepbx.service [Unit] Description=FreePBX VoIP Server After=mariadb.service [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/sbin/fwconsole start -q ExecStop=/usr/sbin/fwconsole stop -q [Install] WantedBy=multi-user.target EOF
reload and enable freepbx service:
systemctl daemon-reload systemctl enable freepbx
enable ssl
create rsa key:
openssl genrsa -out server.key 3072
create certificate csr:
openssl req -new -key server.key -out server.csr
fill the following blanks:
Country Name (2 letter code) []: US State or Province Name (full name) []: Puerto Rico Locality Name (eg, city) []: San Juan Organization Name (eg, company) []: Vidalinux.com Corp. Organizational Unit Name (eg, section) []: Linux Consulting Common Name (eg, your name or your server's hostname) []: freepbx.ovox.io Email Address []: asterisk@ovox.io Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: just press enter An optional company name []: just press enter
create the certificate:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
edit /etc/apache2/sites-available/default-ssl.conf
ServerName freepbx.example.com SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key
enable ssh module:
a2enmod ssl
enable ssl site:
cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled
restart apache server:
systemctl restart apache2.service