Howto freepbx debian12

From Vidalinux Wiki
Jump to navigation Jump to search

download cloud image

download cloud image:

wget http://cdimage.debian.org/cdimage/cloud/bookworm/latest/debian-12-generic-amd64.qcow2

resize cloud image:

qemu-img resize debian-12-generic-amd64.qcow2 +8GB

change root password to image:

virt-sysprep -a debian-12-generic-amd64.qcow2 -q --root-password password:livinglavidalinux

configure network

boot with image and resize filesystem:

resize2fs /dev/vda1

add this parameters to grub configuration /etc/default/grub:

 GRUB_CMDLINE_LINUX="biosdevname=0 net.ifnames=0"

update grub configuration:

update-grub

configure network:

nano /etc/systemd/network/20-wired.network

for static ip address add the following configuration:

[Match]
Name=eth0

[Network]
Address=192.168.75.25/24
Gateway=192.168.75.1
DNS=4.2.2.1
DNS=4.2.2.2

for dhcp add the following configuration:

[Match]
Name=eth0

[Network]
DHCP=yes

enable networkd service:

systemctl enable --now systemd-networkd

configure ssh service:

dpkg-reconfigure openssh-server

allow root user and password authentication:

sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config

restart sshd service:

systemctl restart sshd

configure system

update repo and upgrade system:

apt-get update && apt-get upgrade

install the following dev packages:

apt -y install build-essential git curl wget libnewt-dev libssl-dev libncurses5-dev subversion libsqlite3-dev libjansson-dev libxml2-dev uuid-dev default-libmysqlclient-dev htop sngrep lame ffmpeg mpg123 git vim curl wget libnewt-dev libssl-dev libncurses5-dev subversion libsqlite3-dev build-essential libjansson-dev libxml2-dev uuid-dev expect cron

for troubleshooting install the following tools:

apt-get -y install net-tools htop screen tshark vim sngrep

install lamp

install apache and php dependencies:

apt-get install -y build-essential linux-headers-`uname -r` openssh-server apache2 mariadb-server mariadb-client bison flex php8.2 php8.2-curl php8.2-cli php8.2-common php8.2-mysql php8.2-gd php8.2-mbstring  php8.2-intl php8.2-xml php-pear curl sox libncurses5-dev libssl-dev mpg123 libxml2-dev libnewt-dev sqlite3  libsqlite3-dev pkg-config automake libtool autoconf git unixodbc-dev uuid uuid-dev libasound2-dev libogg-dev libvorbis-dev libicu-dev libcurl4-openssl-dev odbc-mariadb libical-dev libneon27-dev libsrtp2-dev  libspandsp-dev sudo subversion libtool-bin python-dev-is-python3 unixodbc vim wget libjansson-dev software-properties-common nodejs npm ipset iptables fail2ban php-soap

install and configure asterisk

compile and install asterisk:

cd /usr/src
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-21-current.tar.gz
tar xvf asterisk-21-current.tar.gz
cd asterisk-21*/
contrib/scripts/get_mp3_source.sh
contrib/scripts/install_prereq install
./configure  --libdir=/usr/lib64 --with-pjproject-bundled --with-jansson-bundled
make menuselect
make
make install
make samples
make config
ldconfig

add group asterisk and set permissions:

groupadd asterisk
useradd -r -d /var/lib/asterisk -g asterisk asterisk
usermod -aG audio,dialout asterisk
chown -R asterisk:asterisk /etc/asterisk
chown -R asterisk:asterisk /var/{lib,log,spool}/asterisk
chown -R asterisk:asterisk /usr/lib64/asterisk    
sed -i 's|#AST_USER|AST_USER|' /etc/default/asterisk
sed -i 's|#AST_GROUP|AST_GROUP|' /etc/default/asterisk
sed -i 's|;runuser|runuser|' /etc/asterisk/asterisk.conf
sed -i 's|;rungroup|rungroup|' /etc/asterisk/asterisk.conf
echo "/usr/lib64" >> /etc/ld.so.conf.d/x86_64-linux-gnu.conf
ldconfig

configure apache server:

sed -i 's/\(^upload_max_filesize = \).*/\120M/' /etc/php/8.2/apache2/php.ini
sed -i 's/\(^memory_limit = \).*/\1256M/' /etc/php/8.2/apache2/php.ini
sed -i 's/^\(User\|Group\).*/\1 asterisk/' /etc/apache2/apache2.conf
sed -i 's/AllowOverride None/AllowOverride All/' /etc/apache2/apache2.conf
a2enmod rewrite
systemctl restart apache2
rm /var/www/html/index.html

configure mysql odbc:

cat <<EOF > /etc/odbcinst.ini
[MySQL]
Description = ODBC for MySQL (MariaDB)
Driver = /usr/lib/x86_64-linux-gnu/odbc/libmaodbc.so
FileUsage = 1
EOF
cat <<EOF > /etc/odbc.ini
[MySQL-asteriskcdrdb]
Description = MySQL connection to 'asteriskcdrdb' database
Driver = MySQL
Server = localhost
Database = asteriskcdrdb
Port = 3306
Socket = /var/run/mysqld/mysqld.sock
Option = 3
EOF

install and configure freepbx

cd /usr/local/src
wget http://mirror.freepbx.org/modules/packages/freepbx/freepbx-17.0-latest-EDGE.tgz
tar zxvf freepbx-17.0-latest-EDGE.tgz
cd /usr/local/src/freepbx/
./start_asterisk start
./install -n

install all modules:

fwconsole ma installall
fwconsole reload
fwconsole restart

setup freepbx systemd script:

cat <<EOF > /etc/systemd/system/freepbx.service
[Unit]
Description=FreePBX VoIP Server
After=mariadb.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/fwconsole start -q
ExecStop=/usr/sbin/fwconsole stop -q
[Install]
WantedBy=multi-user.target
EOF

reload and enable freepbx service:

systemctl daemon-reload
systemctl enable freepbx

enable ssl

create rsa key:

openssl genrsa -out server.key 3072

create certificate csr:

openssl req -new -key server.key -out server.csr

fill the following blanks:

Country Name (2 letter code) []: US
State or Province Name (full name) []: Puerto Rico
Locality Name (eg, city) []: San Juan
Organization Name (eg, company) []: Vidalinux.com Corp.
Organizational Unit Name (eg, section) []: Linux Consulting
Common Name (eg, your name or your server's hostname) []: freepbx.example.com
Email Address []: asterisk@example.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: just press enter
An optional company name []: just press enter

create the certificate:

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

edit /etc/apache2/sites-available/default-ssl.conf

ServerName freepbx.example.com
SSLCertificateFile      /etc/apache2/ssl/server.crt         
SSLCertificateKeyFile   /etc/apache2/ssl/server.key

enable ssh module:

a2enmod ssl

enable ssl site:

cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled

restart apache server:

systemctl restart apache2.service

troubleshooting

if asterisk doesn't start when running fwconsole start:

Unable to connect to Asterisk. Did it start?

make sure the user and password for AMI access are correct:

fwconsole setting --list |grep MGR

if result if like the following:

| AMPMGRPASS | amp111 | amp111 
| AMPMGRUSER | admin  | admin

you should have the following on /etc/asterisk/manager.conf:

[admin]
secret = amp111