Asterisk Freepbx Install Guide (CentOS v6, Asterisk v13, Freepbx v12)

This guide covers the installation of Asterisk® V12 from source on CentOS. 







Assumptions:

Console text mode (init 3)
Installation done as root user (#)

Install Prerequisites

Ensure all required packages are installed. 
yum -y update && yum -y groupinstall core && yum -y groupinstall base && yum -y install epel-release
yum -y install automake gcc gcc-c++ ncurses-devel openssl-devel libxml2-devel unixODBC-devel libcurl-devel libogg-devel libvorbis-devel speex-devel spandsp-devel freetds-devel net-snmp-devel iksemel-devel corosynclib-devel newt-devel popt-devel libtool-ltdl-devel lua-devel sqlite-devel radiusclient-ng-devel portaudio-devel libresample-devel neon-devel libical-devel openldap-devel gmime-devel mysql-devel bluez-libs-devel jack-audio-connection-kit-devel gsm-devel libedit-devel libuuid-devel jansson-devel libsrtp-devel git subversion libxslt-devel kernel-devel audiofile-devel gtk2-devel libtiff-devel libtermcap-devel bison php php-mysql php-process php-pear php-mbstring php-xml php-gd tftp-server httpd sox tzdata mysql-connector-odbc mysql-server fail2ban

Disable firewall

The following commands save any running firewall rules,  flush the rules from running memory, and prevent rules from loading on boot.
service iptables save
service iptables stop
chkconfig iptables off
After completing the entire procedure we can load the firewall rules again by running service iptables startand have them load on boot by running chkconfig iptables on .

Disable Selinux

Check status
sestatus
If not disabled edit /etc/selinux/config and reboot
SELINUX=disabled

Reboot

To ensure any changes/additions up until now such as updated kernel, selinux disable, email etc. are active.
reboot

Set Timezone

Enable ntpd to syncronize time with public time servers so that it is always exactly correct.
chkconfig ntpd on
​service ntpd start
Copy timezone from this link or use tzselect.
tzselect
Example:
ln -sf /usr/share/zoneinfo/America/Vancouver /etc/localtime
nano /etc/sysconfig/clock
ZONE="America/Vancouver"
UTC=false
ARC=false

Download and install source files

DAHDI

Only required if using a physical server and installing telecom hardware.
cd /usr/src
wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz
tar zxvf dahdi-linux-complete*
cd /usr/src/dahdi-linux-complete*/
make && make install && make config
service dahdi start

PJSIP

cd /usr/src
wget http://www.pjsip.org/release/2.4.5/pjproject-2.4.5.tar.bz2
tar -xjvf pjproject-2.4.5*
cd /usr/src/pjproject-2.4.5*/

#If this is a new source install the following command won't do anything
make distclean

# libdir will be automatically selected
# /usr/lib for 32bit OS 
# /usr/lib64 for 64bit OS

ARCH=$(getconf LONG_BIT | grep "64")
./configure --prefix=/usr --libdir=/usr/lib${ARCH} --enable-shared --disable-sound --disable-resample \
--disable-video --disable-opencore-amr CFLAGS='-O2 -DNDEBUG'
make uninstall && make dep && make && make install && ldconfig
To verify type ldconfig -p | grep pj which should show several linked *.so files in /usr/lib or /usr/lib64 depending on OS architecture.

Asterisk

cd /usr/src
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-13-current.tar.gz
tar zxvf asterisk-13-current.tar.gz
cd /usr/src/asterisk-13*/
make distclean
ARCH=$(getconf LONG_BIT | grep "64")
./configure --libdir=/usr/lib${ARCH}
To verify type nano -v config.log.
cd /usr/src/asterisk-13*/
make menuselect.makeopts

#To select compile options manually run make menuselect instead of the following command
#To list command line options run menuselect/menuselect --list-options
#If Asterisk fails to run on a virtual machine try add "--disable BUILD_NATIVE"
#To add asterisk realtime for applications such as A2billing add "--enable res_config_mysql"

menuselect/menuselect --enable cdr_mysql --enable EXTRA-SOUNDS-EN-GSM menuselect.makeopts
Create Asterisk user, compile, install, and set ownership.
adduser asterisk -M -d /var/lib/asterisk -s /sbin/nologin -c "Asterisk User"
make && make install && chown -R asterisk. /var/lib/asterisk

Freepbx GUI

pear install db-1.7.14
VERSION=12.0
USERNAME=asteriskuser
PASSWORD=amp109

service mysqld start
mysqladmin create asterisk
mysqladmin create asteriskcdrdb
mysql -e "GRANT ALL PRIVILEGES ON asterisk.* TO $USERNAME@localhost IDENTIFIED BY '$PASSWORD';"
mysql -e "GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO $USERNAME@localhost IDENTIFIED BY '$PASSWORD';"
mysql -e "flush privileges;"

cd /usr/src
git clone -b release/$VERSION https://github.com/FreePBX/framework.git freepbx

cd /usr/src/freepbx
./start_asterisk start
mv /var/www/html /var/www/html_orig
./install_amp --installdb --skip-module-install --username $USERNAME --password $PASSWORD
​# Press ENTER for all the questions including the incorrect IP address.
Do not be concerned by the warning messages.
# Minimal module install
amportal a ma upgrade framework
amportal a ma upgrade core
amportal a ma upgrade voicemail
amportal a ma upgrade sipsettings
amportal a ma upgrade infoservices
amportal a ma upgrade featurecodeadmin
amportal a ma upgrade logfiles
amportal a ma upgrade callrecording
amportal a ma upgrade cdr
amportal a ma upgrade dashboard

# Optionally install all standard modules
amportal a ma upgrade manager
amportal a ma installall
amportal restart
amportal a reload
amportal chown
If the GUI complains about problems with the framework module or a missing /usr/sbin/amportal file tryamportal a ma delete framework followed by amportal a ma upgrade framework.
Post install tasks are mandatory.

Post-install tasks

Setting a mysql root password is recommended.  
MYSQL_ROOT_PW=abcdef
mysqladmin -u root password "$MYSQL_ROOT_PW"
You will need to provide this password for any further mysql configuration.   So instead of usingmysql and mysqladmin use  mysql -p and mysqladmin -p.
Change webserver default user and group from apache to asterisk.
sed -i 's/User apache/User asterisk/' /etc/httpd/conf/httpd.conf
sed -i 's/Group apache/Group asterisk/' /etc/httpd/conf/httpd.conf
Enable .htaccess files to protect sensitive webserver directories.
sed -i ':a;N;$!ba;s/AllowOverride None/AllowOverride All/2' /etc/httpd/conf/httpd.conf
Prevent external MySQL access.
sed -i '2i bind-address=127.0.0.1' /etc/my.cnf
Set mysql and http servers to start on boot.
chkconfig mysqld on
chkconfig httpd on
Change default “upload_max_filesize” to 20M to allow larger music on hold files.
sed -i 's/upload_max_filesize = .*/upload_max_filesize = 20M/' /etc/php.ini
Set Freepbx to start on boot.
echo '/usr/local/sbin/amportal start' >> /etc/rc.local
Finally reboot for all changes to take effect.
reboot

Optional

Log File Rotation

If this is not done the log files will keep growing indefinitely.
nano /etc/logrotate.d/asterisk
/var/log/asterisk/queue_log
/var/spool/mail/asterisk
/var/log/asterisk/freepbx_debug.log
/var/log/asterisk/messages
/var/log/asterisk/event_log
/var/log/asterisk/full
/var/log/asterisk/dtmf
/var/log/asterisk/fail2ban {
        weekly
        missingok
        rotate 5
        #compress
        notifempty
        sharedscripts
        create 0640 asterisk asterisk
        postrotate
        /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null || true
        endscript
}

TFTP

If you plan to use hardware SIP phones you will probably want to set up the tftpboot directory and enable the tftp server.
yum -y install tftp-server
nano /etc/xinetd.d/tftp
change server_args = -s /var/lib/tftpboot
to server_args = -s /tftpboot
change disable=yes
to disable=no
mkdir /tftpboot
chmod 777 /tftpboot
service xinetd restart

MPG123

This is used in combination with sox to convert uploaded mp3 music on hold files to Asterisk compatible wav files.
cd /usr/src
wget http://ufpr.dl.sourceforge.net/project/mpg123/mpg123/1.21.0/mpg123-1.21.0.tar.bz2
tar -xjvf mpg123*

cd mpg123*/
ARCH=$(getconf LONG_BIT | grep "64")
./configure --prefix=/usr --libdir=/usr/lib${ARCH} && make && make install && ldconfig

Digum addons

To register digium® licenses.  Although there is a freepbx module for this it did not appear to be working properly at the time this procedure was written.
cd /usr/src
wget http://downloads.digium.com/pub/register/linux/register
chmod +x register
./register
To install the individual addons refer to the README files and ignore the register instructions.

Password protect http access

A simple way to block scanners looking for exploits on apache web servers.  This assumes the GUI does not need anonymous access.  Also prevents any added load on the server as a result of scanning.
mkdir -p /usr/local/apache/passwd
htpasswd -c /usr/local/apache/passwd/wwwpasswd someusername
htpasswd -c /usr/local/apache/passwd/wwwpasswd someotherusername

nano /var/www/html/.htaccess
# .htaccess files require AllowOverride On in /etc/httpd/conf/httpd.conf
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /usr/local/apache/passwd/wwwpasswd
Require user someusername someotherusername
Alternatively, the above can be added in /etc/httpd/conf/httpd.conf as follows.
<Directory /var/www/html>
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /usr/local/apache/passwd/wwwpasswd
Require user someusername someotherusername
</Directory>

Whitelist protect http access

If http access is only required from certain IP addresses.
nano /etc/httpd/conf.d/whitelist.conf
<Location />
Order Deny,Allow
Deny from all
#
Allow from x.x.x.x
Allow from x.x.x.x x.x.x.x x.x.x.x
Allow from somedomain.com
Allow from x.x
Allow from x.x.x.0/255.255.255.0
#
#See http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html for more examples
#
</Location>

Comments

Post a Comment

Popular posts from this blog

odbcinst: SQLGetPrivateProfileString failed with

Image
odbcinst: SQLGetPrivateProfileString failed with . This is an error that I received while setting up Asterisk with MySQL. The error occurs when I type in the command: sudo odbcinst -q -d The reason for the error is 1 of 2 things. * To find your local path for odbcinst run the following from terminal: sudo odbcinst -j 1. You are missing environment profiles Run the following in terminal to check your environment profiles for ODBC: env | grep 'ODBC' You should see the following returned: LD_LIBRARY_PATH=/usr/local/unixODBC/lib:/usr/local/lib: ODBCSYSINI=/usr/local/etc ODBCINI=/usr/local/etc/odbc.ini If not then this is your first problem. You are missing the environment variables to unixODBC. To add the environment variables run the following in terminal (no sudo): export LD_LIBRARY_PATH=/usr/local/unixODBC/lib:/usr/local/lib: export ODBCSYSINI=/usr/local/etc export ODBCINI=/usr/local/etc/odbc.ini * Please note that the paths are where your odbc files sit. So ple...
Read more

How to install Asterisk and A2billing on Ubuntu Server 12.04LTS

This installation was carried out on Ubuntu 12.04 LTS on 64bit We need to upgrade apt-get #apt-get upgrade #apt-get update Configure your timezone: #dpkg-reconfigure tzdata Install some pre-requisites: #apt-get install libapache2-mod-php5 php5 php5-common #apt-get install php5-cli php5-mysql mysql-server apache2 php5-gd (note the password for mysql, we will need it later) #apt-get install php5-mcrypt #apt-get install build-essential wget libssl-dev libncurses5-dev libnewt-dev  libxml2-dev linux-headers-$(uname -r) libsqlite3-dev uuid-dev Add jansson and install Asterisk 12.1.1 #apt-get install python-software-properties -y #apt-key adv --keyserver pgp.mit.edu --recv-keys 175E41DF #http://www.digip.org/jansson/releases/jansson-2.4.tar.gz #tar -zxf jansson-2.4.tar.gz #cd jansson-2.4/ #./configure --prefix=/usr/ && make clean && make && make install asterisk-1.8.27.0-rc1.tar.gz #add-apt-repository "deb http://packages.asterisk.o...
Read more

PHPMixBill V5 mikrotik Billing Solutions

Image
New Features: =================================================== – New Coding (ORM & Smarty) – New Design (responsive) – NEW API Mikrotik (PEAR2_Net_RouterOS) – Multi Router Mikrotik – Hotspot & PPPOE – Easy Installation – Multi Language and many more… STEPS: Installation =================================================== Auto Installer: 1. Unzip the contents of the zip file to a folder on your computer. 2. Upload the Entire phpmixbill_v5.0 folder to your website / server 3. Next you can rename the folder to whatever you like (billing, finance, manage etc..) 4. Now visit the uploaded location using your web browser to run the installer process. 5. Follow the instructions on screen to install PHPMixBill v5.0. 6. For security, Delete the install directory inside system folder. 7. If you see blank page after installation, it might be your compiled folder permissoon is not writable. Please make permission 755 compiled directory inside ui folder to s...
Read more