Howto freepbx debian12

From Vidalinux Wiki
Jump to navigation Jump to search

download cloud image

download cloud image: 

wget http://cdimage.debian.org/cdimage/cloud/bookworm/latest/debian-12-generic-amd64.qcow2

copy image to another name: 

cp debian-12-generic-amd64.qcow2 freepbx-latest-amd64-$(date +%F).qcow2

resize cloud image: 

qemu-img resize freepbx-latest-amd64-$(date +%F).qcow2 +8G

resize image: 

virt-resize --expand /dev/sda1 debian-12-generic-amd64.qcow2 freepbx-latest-amd64-$(date +%F).qcow2

change root password to image: 

virt-sysprep -a freepbx-latest-amd64-$(date +%F).qcow2 -q --root-password password:livinglavidalinux

configure network

boot with image and resize filesystem: 

resize2fs /dev/vda1

add this parameters to grub configuration /etc/default/grub: 

 GRUB_CMDLINE_LINUX="biosdevname=0 net.ifnames=0"

update grub configuration: 

update-grub

configure network: 

nano /etc/systemd/network/20-wired.network

for static ip address add the following configuration: 

[Match]
Name=eth0

[Network]
Address=192.168.75.25/24
Gateway=192.168.75.1
DNS=4.2.2.1
DNS=4.2.2.2

for dhcp add the following configuration: 

[Match]
Name=eth0

[Network]
DHCP=yes

enable networkd service: 

systemctl enable systemd-networkd

start networkd service: 

systemctl restart systemd-networkd

configure ssh service: 

dpkg-reconfigure openssh-server

allow root user and password authentication: 

sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config

restart sshd service: 

systemctl restart sshd

install and configure freepbx

download installation script: 

https://raw.githubusercontent.com/FreePBX/sng_freepbx_debian_install/refs/heads/master/sng_freepbx_debian_install.sh

change permissions: 

chmod +x sng_freepbx_debian_install.sh

execute script to begin installation: 

./sng_freepbx_debian_install.sh

create ssl certificates

create directory to store certs: 

mkdir /etc/apache2/ssl && cd /etc/apache2/ssl

create rsa key: 

openssl genrsa -out server.key 3072

create certificate csr: 

openssl req -new -key server.key -out server.csr

fill the following blanks: 

Country Name (2 letter code) []: US
State or Province Name (full name) []: Puerto Rico
Locality Name (eg, city) []: San Juan
Organization Name (eg, company) []: Vidalinux.com Corp.
Organizational Unit Name (eg, section) []: Linux Consulting
Common Name (eg, your name or your server's hostname) []: freepbx.example.com
Email Address []: asterisk@example.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: just press enter
An optional company name []: just press enter

create the certificate: 

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

edit /etc/apache2/sites-available/default-ssl.conf 

ServerName freepbx.example.com
SSLCertificateFile      /etc/apache2/ssl/server.crt         
SSLCertificateKeyFile   /etc/apache2/ssl/server.key

restart apache server: 

systemctl restart apache2.service

email setup

install packages: 

apt-get -y install postfix mailutils libsasl2-modules

configure postfix to relay email to another server: 

cat > /etc/postfix/main.cf << EOF
compatibility_level = 3.6
relayhost = smtp.gmail.com:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_mechanism_filter = plain
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_security_level = encrypt
maillog_file = /var/log/postfix.log
EOF

create /etc/postfix/sasl_passwd: 

cat > /etc/postfix/sasl_passwd << EOF
smtp.gmail.com:587 your_email@example.com:your_password
EOF

set file permissions and execute postmap: 

chmod 600 /etc/postfix/sasl_passwd 
postmap /etc/postfix/sasl_passwd

restart postfix: 

systemctl restart postfix

test configuration by sending email: 

echo "This is a test email." | mail -s "Test Email" recipient@example.com

troubleshooting

if asterisk doesn't start when running fwconsole start: 

Unable to connect to Asterisk. Did it start?

make sure the user and password for AMI access are correct: 

fwconsole setting --list |grep MGR

if output show the following: 

| AMPMGRPASS | amp111 | amp111 
| AMPMGRUSER | admin  | admin

then you should have the following on /etc/asterisk/manager.conf: 

[admin]
secret = amp111

references

Retrieved from "https://wiki.vidalinux.org/index.php?title=Howto_freepbx_debian12&oldid=3713"