├── README.md └── sng_freepbx_debian_install.sh /README.md: -------------------------------------------------------------------------------- 1 | 2 | ``` 3 | ______ _____ ______ __ 4 | | ____| | __ \| _ \ \ / / 5 | | |__ _ __ ___ ___| |__) | |_) \ V / 6 | | __| '__/ _ \/ _ \ ___/| _ < > < 7 | | | | | | __/ __/ | | |_) / . \ 8 | |_| |_| \___|\___|_| |____/_/ \_\ 9 | Your Open Source Asterisk PBX GUI Solution 10 | ``` 11 | 12 | ### What? 13 | 14 | [FreePBX](http://www.freepbx.org/ "FreePBX Home Page") is an open source GUI (graphical user interface) that controls and manages [Asterisk©](http://www.asterisk.org/ "Asterisk Home Page") (PBX). FreePBX is licensed under GPL. 15 | 16 | This is a FreePBX 17 installation script. 17 | 18 | This script is to install FreePBX on the top of vanilla Debian 12.x OS. 19 | 20 | [FreePBX](http://www.freepbx.org/ "FreePBX Home Page") is a completely modular GUI for Asterisk written in PHP and Javascript. Meaning you can easily write any module you can think of and distribute it free of cost to your clients so that they can take advantage of beneficial features in [Asterisk](http://www.asterisk.org/ "Asterisk Home Page") 21 | 22 | ### Setting up a FreePBX system 23 | 24 | [See our WIKI](https://sangomakb.atlassian.net/wiki/spaces/FP/pages/9732130/Install+FreePBX) 25 | 26 | ### License 27 | 28 | [This modules code is licensed as GPLv3+](https://www.gnu.org/licenses/gpl-3.0.txt) 29 | 30 | ### Contributing 31 | 32 | To contribute code or modules back into the [FreePBX](http://www.freepbx.org/ "FreePBX Home Page") ecosystem you must fully read our Code License Agreement. We are not able to look at or accept patches or code of any kind until this document is filled out. To view and sign the contributor license agreement you can visit . Signing this contributor license agreement once allows you to contribute to all open source projects from Sangoma, including FreePBX. Please take a look at [https://sangomakb.atlassian.net/wiki/spaces/FP/pages/10682663/Code+License+Agreement](https://sangomakb.atlassian.net/wiki/spaces/FP/pages/10682663/Code+License+Agreement) for more information 33 | 34 | ### Issues 35 | 36 | Please file bug reports at 37 | 38 | ### How to execute the script 39 | 40 | Steps - 41 | 42 | 1) ssh to the Debian system as 'root' 43 | 44 | 2) Download the file using `wget`: 45 | 46 | ```bash 47 | wget https://github.com/FreePBX/sng_freepbx_debian_install/raw/master/sng_freepbx_debian_install.sh -O /tmp/sng_freepbx_debian_install.sh 48 | ``` 49 | 50 | 3) Execute the script: 51 | 52 | ```bash 53 | bash /tmp/sng_freepbx_debian_install.sh 54 | ``` 55 | 56 | The script will install the necessary dependencies for FreePBX, followed by the FreePBX software itself. 57 | 58 | The installation duration may vary depending on your internet bandwidth and system capacity. 59 | 60 | You can find detailed installation logs at `/var/log/pbx/freepbx17-install.log`. 61 | -------------------------------------------------------------------------------- /sng_freepbx_debian_install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ##################################################################################### 3 | # * Copyright 2024 by Sangoma Technologies 4 | # This program is free software; you can redistribute it and/or 5 | # modify it under the terms of the GNU General Public License 6 | # as published by the Free Software Foundation; either version 3.0 7 | # of the License, or (at your option) any later version. 8 | # 9 | # This program is distributed in the hope that it will be useful, 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 | # GNU General Public License for more details. 13 | # 14 | # @author kgupta@sangoma.com 15 | # 16 | # This FreePBX install script and all concepts are property of 17 | # Sangoma Technologies. 18 | # This install script is free to use for installing FreePBX 19 | # along with dependent packages only but carries no guarantee on performance 20 | # and is used at your own risk. This script carries NO WARRANTY. 21 | ##################################################################################### 22 | # FreePBX 17 # 23 | ##################################################################################### 24 | set -e 25 | SCRIPTVER="1.14" 26 | ASTVERSION=22 27 | PHPVERSION="8.2" 28 | LOG_FOLDER="/var/log/pbx" 29 | LOG_FILE="${LOG_FOLDER}/freepbx17-install-$(date '+%Y.%m.%d-%H.%M.%S').log" 30 | log=$LOG_FILE 31 | SANE_PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 32 | DEBIAN_MIRROR="http://ftp.debian.org/debian" 33 | NPM_MIRROR="" 34 | 35 | # Check for root privileges 36 | if [[ $EUID -ne 0 ]]; then 37 | echo "This script must be run as root" 38 | exit 1 39 | fi 40 | 41 | 42 | # Setup a sane PATH for script execution as root 43 | export PATH=$SANE_PATH 44 | 45 | while [[ $# -gt 0 ]]; do 46 | case $1 in 47 | --dev) 48 | dev=true 49 | shift # past argument 50 | ;; 51 | --testing) 52 | testrepo=true 53 | shift # past argument 54 | ;; 55 | --nofreepbx) 56 | nofpbx=true 57 | shift # past argument 58 | ;; 59 | --noasterisk) 60 | noast=true 61 | shift # past argument 62 | ;; 63 | --opensourceonly) 64 | opensourceonly=true 65 | shift # past argument 66 | ;; 67 | --noaac) 68 | noaac=true 69 | shift # past argument 70 | ;; 71 | --skipversion) 72 | skipversion=true 73 | shift # past argument 74 | ;; 75 | --dahdi) 76 | dahdi=true 77 | shift # past argument 78 | ;; 79 | --dahdi-only) 80 | nofpbx=true 81 | noast=true 82 | noaac=true 83 | dahdi=true 84 | shift # past argument 85 | ;; 86 | --nochrony) 87 | nochrony=true 88 | shift # past argument 89 | ;; 90 | --debianmirror) 91 | DEBIAN_MIRROR=$2 92 | shift; shift # past argument 93 | ;; 94 | --npmmirror) 95 | NPM_MIRROR=$2 96 | shift; shift # past argument 97 | ;; 98 | -*) 99 | echo "Unknown option $1" 100 | exit 1 101 | ;; 102 | *) 103 | echo "Unknown argument \"$1\"" 104 | exit 1 105 | ;; 106 | esac 107 | done 108 | 109 | # Create the log file 110 | mkdir -p "${LOG_FOLDER}" 111 | touch "${LOG_FILE}" 112 | 113 | # Redirect stderr to the log file 114 | exec 2>>"${LOG_FILE}" 115 | 116 | #Comparing version 117 | compare_version() { 118 | if dpkg --compare-versions "$1" "gt" "$2"; then 119 | result=0 120 | elif dpkg --compare-versions "$1" "lt" "$2"; then 121 | result=1 122 | else 123 | result=2 124 | fi 125 | } 126 | 127 | check_version() { 128 | # Fetching latest version and checksum 129 | REPO_URL="https://github.com/FreePBX/sng_freepbx_debian_install/raw/master" 130 | wget -O /tmp/sng_freepbx_debian_install_latest_from_github.sh "$REPO_URL/sng_freepbx_debian_install.sh" >> "$log" 131 | 132 | latest_version=$(grep '^SCRIPTVER="' /tmp/sng_freepbx_debian_install_latest_from_github.sh | awk -F'"' '{print $2}') 133 | latest_checksum=$(sha256sum /tmp/sng_freepbx_debian_install_latest_from_github.sh | awk '{print $1}') 134 | 135 | # Cleaning up downloaded file 136 | rm -f /tmp/sng_freepbx_debian_install_latest_from_github.sh 137 | 138 | compare_version $SCRIPTVER "$latest_version" 139 | 140 | case $result in 141 | 0) 142 | echo "Your version ($SCRIPTVER) of installation script is ahead of the latest version ($latest_version) as present on the GitHub. We recommend you to Download the version present in the GitHub." 143 | echo "Use '$0 --skipversion' to skip the version check" 144 | exit 1 145 | ;; 146 | 147 | 1) 148 | echo "A newer version ($latest_version) of installation script is available on GitHub. We recommend you to update it or use the latest one from the GitHub." 149 | echo "Use '$0 --skipversion' to skip the version check." 150 | exit 0 151 | ;; 152 | 153 | 2) 154 | local_checksum=$(sha256sum "$0" | awk '{print $1}') 155 | if [[ "$latest_checksum" != "$local_checksum" ]]; then 156 | echo "Changes are detected between the local installation script and the latest installation script as present on GitHub. We recommend you to please use the latest installation script as present on GitHub." 157 | echo "Use '$0 --skipversion' to skip the version check" 158 | exit 0 159 | else 160 | echo "Perfect! You're already running the latest version." 161 | fi 162 | ;; 163 | esac 164 | } 165 | 166 | # Function to log messages 167 | log() { 168 | echo "$(date +"%Y-%m-%d %T") - $*" >> "$LOG_FILE" 169 | } 170 | 171 | message() { 172 | echo "$(date +"%Y-%m-%d %T") - $*" 173 | log "$*" 174 | } 175 | 176 | #Function to record and display the current step 177 | setCurrentStep () { 178 | currentStep="$1" 179 | message "${currentStep}" 180 | } 181 | 182 | # Function to cleanup installation 183 | terminate() { 184 | # removing pid file 185 | message "Exiting script" 186 | rm -f "$pidfile" 187 | } 188 | 189 | #Function to log error and location 190 | errorHandler() { 191 | log "****** INSTALLATION FAILED *****" 192 | message "Installation failed at step ${currentStep}. Please check log ${LOG_FILE} for details." 193 | message "Error at line: $1 exiting with code $2 (last command was: $3)" 194 | exit "$2" 195 | } 196 | 197 | # Checking if the package is already installed or not 198 | isinstalled() { 199 | PKG_OK=$(dpkg-query -W --showformat='${Status}\n' "$@" 2>/dev/null|grep "install ok installed") 200 | if [ "" = "$PKG_OK" ]; then 201 | false 202 | else 203 | true 204 | fi 205 | } 206 | 207 | # Function to install the package 208 | pkg_install() { 209 | log "############################### " 210 | PKG=("$@") # Assign arguments as an array 211 | if isinstalled "${PKG[@]}"; then 212 | log "${PKG[*]} already present ...." # Use * to join the array into a string 213 | else 214 | message "Installing ${PKG[*]} ...." 215 | apt-get -y --ignore-missing -o DPkg::Options::="--force-confnew" -o Dpkg::Options::="--force-overwrite" install "${PKG[@]}" >> "$log" 216 | if isinstalled "${PKG[@]}"; then 217 | message "${PKG[*]} installed successfully...." 218 | else 219 | message "${PKG[*]} failed to install ...." 220 | message "Exiting the installation process as dependent ${PKG[*]} failed to install ...." 221 | terminate 222 | fi 223 | fi 224 | log "############################### " 225 | } 226 | 227 | # Function to install the asterisk and dependent packages 228 | install_asterisk() { 229 | astver=$1 230 | ASTPKGS=("addons" 231 | "addons-bluetooth" 232 | "addons-core" 233 | "addons-mysql" 234 | "addons-ooh323" 235 | "core" 236 | "curl" 237 | "dahdi" 238 | "doc" 239 | "odbc" 240 | "ogg" 241 | "flite" 242 | "g729" 243 | "resample" 244 | "snmp" 245 | "speex" 246 | "sqlite3" 247 | "res-digium-phone" 248 | "voicemail" 249 | ) 250 | 251 | # creating directories 252 | mkdir -p /var/lib/asterisk/moh 253 | pkg_install asterisk"$astver" 254 | 255 | for i in "${!ASTPKGS[@]}"; do 256 | pkg_install asterisk"$astver"-"${ASTPKGS[$i]}" 257 | done 258 | 259 | pkg_install asterisk"$astver".0-freepbx-asterisk-modules 260 | pkg_install asterisk-version-switch 261 | pkg_install asterisk-sounds-* 262 | } 263 | 264 | setup_repositories() { 265 | apt-key del "9641 7C6E 0423 6E0A 986B 69EF DE82 7447 3C8D 0E52" >> "$log" 266 | 267 | wget -O - http://deb.freepbx.org/gpg/aptly-pubkey.asc | gpg --dearmor --yes -o /etc/apt/trusted.gpg.d/freepbx.gpg >> "$log" 268 | 269 | # Setting our default repo server 270 | if [ "$testrepo" ] ; then 271 | add-apt-repository -y -S "deb [ arch=amd64 ] http://deb.freepbx.org/freepbx17-dev bookworm main" >> "$log" 272 | add-apt-repository -y -S "deb [ arch=amd64 ] http://deb.freepbx.org/freepbx17-dev bookworm main" >> "$log" 273 | else 274 | add-apt-repository -y -S "deb [ arch=amd64 ] http://deb.freepbx.org/freepbx17-prod bookworm main" >> "$log" 275 | add-apt-repository -y -S "deb [ arch=amd64 ] http://deb.freepbx.org/freepbx17-prod bookworm main" >> "$log" 276 | fi 277 | 278 | if [ ! "$noaac" ] ; then 279 | add-apt-repository -y -S "deb $DEBIAN_MIRROR stable main non-free non-free-firmware" >> "$log" 280 | fi 281 | 282 | setCurrentStep "Setting up Sangoma repository" 283 | local aptpref="/etc/apt/preferences.d/99sangoma-fpbx-repository" 284 | cat < $aptpref 285 | Package: * 286 | Pin: origin deb.freepbx.org 287 | Pin-Priority: ${MIRROR_PRIO} 288 | EOF 289 | if [ "$noaac" ]; then 290 | cat <> $aptpref 291 | 292 | Package: ffmpeg 293 | Pin: origin deb.freepbx.org 294 | Pin-Priority: 1 295 | EOF 296 | fi 297 | } 298 | 299 | #create post apt run script to run and check everything apt command is finished executing 300 | create_post_apt_script() { 301 | #checking post-apt-run script 302 | if [ -e "/usr/bin/post-apt-run" ]; then 303 | rm -f /usr/bin/post-apt-run 304 | fi 305 | 306 | message "Creating script to run post every apt command is finished executing" 307 | { 308 | echo "#!/bin/bash" 309 | echo "" 310 | echo "if pidof -x 'asterisk-version-switch' > /dev/null; then" 311 | echo "echo \"Asterisk version switch process is running, skipping post-apt script.\"" 312 | echo "exit 0" 313 | echo "fi" 314 | echo "" 315 | echo "dahdi_pres=\$(dpkg -l | grep dahdi-linux | wc -l)" 316 | echo "" 317 | echo "if [[ \$dahdi_pres -gt 0 ]]; then" 318 | echo " kernel_idx=\$(grep -v '^#' /etc/default/grub | grep GRUB_DEFAULT | cut -d '=' -f2 | tr -d '\"')" 319 | echo "" 320 | echo " # Check if it contains '>'" 321 | echo " if [[ \"\$kernel_idx\" == *\">\"* ]]; then" 322 | echo " # Extract the value after '>'" 323 | echo " selected_idx=\"\${kernel_idx#*>}\"" 324 | echo " submenu_format=true" 325 | echo " else" 326 | echo " # It's a numeric index, use it directly" 327 | echo " selected_idx=\"\$kernel_idx\"" 328 | echo " submenu_format=false" 329 | echo " fi" 330 | echo "" 331 | echo " kernel_pres=\$(grep -oP \"menuentry '.*?Linux \K[0-9.-]+(?=-amd64)\" /boot/grub/grub.cfg)" 332 | echo " kernel_count=\$(echo \"\$kernel_pres\" | wc -l)" 333 | echo "" 334 | echo " if [[ \"\$selected_idx\" -ge \"\$kernel_count\" ]]; then" 335 | echo " if \$submenu_format; then" 336 | echo " echo \"ERROR: GRUB_DEFAULT is set to '\$kernel_idx' (submenu index: \$selected_idx), but only \$kernel_count kernel entries are available.\"" 337 | echo " echo \" This likely refers to a non-existent kernel inside a submenu (e.g., 'Advanced options for Debian GNU/Linux').\"" 338 | echo " echo \" Please update /etc/default/grub to a valid submenu index between 0 and \$((kernel_count - 1)), then run: update-grub\"" 339 | echo " else" 340 | echo " echo \"ERROR: GRUB_DEFAULT is set to '\$selected_idx', but only \$kernel_count kernel entries were found.\"" 341 | echo " echo \" Valid indices are between 0 and \$((kernel_count - 1)).\"" 342 | echo " echo \" Please update /etc/default/grub and run: update-grub\"" 343 | echo " fi" 344 | echo " exit 1" 345 | echo " fi" 346 | echo "" 347 | echo " idx=0" 348 | echo " for kernel in \$kernel_pres; do" 349 | echo " if [[ \$idx -ne \$selected_idx ]]; then" 350 | echo " idx=\$((idx+1))" 351 | echo " continue" 352 | echo " fi" 353 | echo "" 354 | echo " logger \"Checking kernel modules for dahdi and wanpipe for kernel image \$kernel\"" 355 | echo "" 356 | echo " #check if dahdi is installed or not of respective kernel version" 357 | echo " dahdi_kmod_pres=\$(dpkg -l | grep dahdi-linux-kmod | grep \$kernel | wc -l)" 358 | echo " wanpipe_kmod_pres=\$(dpkg -l | grep kmod-wanpipe | grep \$kernel | wc -l)" 359 | echo "" 360 | echo " if [[ \$dahdi_kmod_pres -eq 0 ]] && [[ \$wanpipe_kmod_pres -eq 0 ]]; then" 361 | echo " logger \"Upgrading dahdi-linux-kmod-\$kernel and kmod-wanpipe-\$kernel\"" 362 | echo " echo \"Please wait for approx 2 min once apt command execution is completed as dahdi-linux-kmod-\$kernel kmod-wanpipe-\$kernel update in progress\"" 363 | echo " apt -y upgrade dahdi-linux-kmod-\$kernel kmod-wanpipe-\$kernel > /dev/null 2>&1 | at now +1 minute&" 364 | echo " elif [[ \$dahdi_kmod_pres -eq 0 ]]; then" 365 | echo " logger \"Upgrading dahdi-linux-kmod-\$kernel\"" 366 | echo " echo \"Please wait for approx 2 min once apt command execution is completed as dahdi-linux-kmod-\$kernel update in progress\"" 367 | echo " apt -y upgrade dahdi-linux-kmod-\$kernel > /dev/null 2>&1 | at now +1 minute&" 368 | echo " elif [[ \$wanpipe_kmod_pres -eq 0 ]];then" 369 | echo " logger \"Upgrading kmod-wanpipe-\$kernel\"" 370 | echo " echo \"Please wait for approx 2 min once apt command execution is completed as kmod-wanpipe-\$kernel update in progress\"" 371 | echo " apt -y upgrade kmod-wanpipe-\$kernel > /dev/null 2>&1 | at now +1 minute&" 372 | echo " fi" 373 | echo "" 374 | echo " break" 375 | echo " done" 376 | echo "else" 377 | echo " logger \"Dahdi / wanpipe is not present therefore, not checking for dahdi / wanpipe kmod upgrade\"" 378 | echo "fi" 379 | echo "" 380 | echo "if [ -e "/var/www/html/index.html" ]; then" 381 | echo " rm -f /var/www/html/index.html" 382 | echo "fi" 383 | } >> /usr/bin/post-apt-run 384 | 385 | #Changing file permission to run script 386 | chmod 755 /usr/bin/post-apt-run 387 | 388 | #Adding Post Invoke for Update to run kernel-check 389 | if [ -e "/etc/apt/apt.conf.d/80postaptcmd" ]; then 390 | rm -f /etc/apt/apt.conf.d/80postaptcmd 391 | fi 392 | 393 | echo "DPkg::Post-Invoke {\"/usr/bin/post-apt-run\";};" >> /etc/apt/apt.conf.d/80postaptcmd 394 | chmod 644 /etc/apt/apt.conf.d/80postaptcmd 395 | } 396 | 397 | check_kernel_compatibility() { 398 | local latest_dahdi_supported_version=$(apt-cache search dahdi | grep -E "^dahdi-linux-kmod-[0-9]" | awk '{print $1}' | awk -F'-' '{print $4"-"$5}' | sort -n | tail -1) 399 | local latest_wanpipe_supported_version=$(apt-cache search wanpipe | grep -E "^kmod-wanpipe-[0-9]" | awk '{print $1}' | awk -F'-' '{print $3"-"$4}' | sort -n | tail -1) 400 | local curr_kernel_version=$1 401 | 402 | if dpkg --compare-versions "$latest_dahdi_supported_version" "eq" "$latest_wanpipe_supported_version"; then 403 | local supported_kernel_version=$latest_dahdi_supported_version 404 | else 405 | local supported_kernel_version="6.1.0.22" 406 | fi 407 | 408 | if dpkg --compare-versions "$curr_kernel_version" "gt" "$supported_kernel_version"; then 409 | message "Aborting freepbx installation as detected kernel version $curr_kernel_version is not supported by freepbx dahdi module $supported_kernel_version" 410 | exit 411 | fi 412 | 413 | if [ -e "/usr/bin/kernel-check" ]; then 414 | rm -f /usr/bin/kernel-check 415 | fi 416 | 417 | if [ "$testrepo" ]; then 418 | message "Skipping Kernel Check. As Kernel Check is not required for testing repo....." 419 | return 420 | fi 421 | 422 | message "Creating kernel check script to allow proper kernel upgrades" 423 | { 424 | echo "#!/bin/bash" 425 | echo "" 426 | echo "curr_kernel_version=\"\"" 427 | echo "supported_kernel_version=\"\"" 428 | echo "" 429 | 430 | echo "set_supported_kernel_version() {" 431 | echo " local latest_dahdi_supported_version=\$(apt-cache search dahdi | grep -E \"^dahdi-linux-kmod-[0-9]\" | awk '{print \$1}' | awk -F'-' '{print \$4,-\$5}' | sed 's/[[:space:]]//g' | sort -n | tail -1)" 432 | echo " local latest_wanpipe_supported_version=\$(apt-cache search wanpipe | grep -E \"^kmod-wanpipe-[0-9]\" | awk '{print \$1}' | awk -F'-' '{print \$3,-\$4}' | sed 's/[[:space:]]//g' | sort -n | tail -1)" 433 | echo " curr_kernel_version=\$(uname -r | cut -d'-' -f1-2)" 434 | echo "" 435 | echo " if dpkg --compare-versions \"\$latest_dahdi_supported_version\" \"eq\" \"\$latest_wanpipe_supported_version\"; then" 436 | echo " supported_kernel_version=\$latest_dahdi_supported_version" 437 | echo " else" 438 | echo " supported_kernel_version=\"6.1.0-21\"" 439 | echo " fi" 440 | echo "}" 441 | echo "" 442 | 443 | echo "check_and_unblock_kernel() {" 444 | echo " local kernel_packages=\$(apt-mark showhold | grep -E ^linux-image-[0-9] | awk '{print \$1}')" 445 | echo "" 446 | echo " if [[ \"w\$1\" != \"w\" ]]; then" 447 | echo " # Compare the version with the current supported kernel version" 448 | echo " if dpkg --compare-versions \"\$1\" \"le\" \"\$supported_kernel_version\"; then" 449 | echo " local is_on_hold=\$(apt-mark showhold | grep -E ^linux-image-[0-9] | awk '{print \$1}' | grep -w \"\$1\" | wc -l )" 450 | echo "" 451 | echo " if [[ \$is_on_hold -gt 0 ]]; then" 452 | echo " logger \"Un-Holding kernel version \$version to allow automatic updates.\"" 453 | echo " apt-mark unhold \"\$version\" >> /dev/null 2>&1" 454 | echo " fi" 455 | echo " fi" 456 | echo " return" 457 | echo " fi" 458 | echo "" 459 | echo " for package in \$kernel_packages; do" 460 | echo " # Extract the version from the package name" 461 | echo " local version=\$(echo \"\$package\" | awk -F'-' '{print \$3,-\$4}' | sed 's/[[:space:]]//g' | sort -n)" 462 | echo "" 463 | echo " # Compare the version with the current supported kernel version" 464 | echo " if dpkg --compare-versions \"\$version\" \"le\" \"\$supported_kernel_version\"; then" 465 | echo " logger \"Un-Holding kernel version \$version to allow automatic updates.\"" 466 | echo " apt-mark unhold \"\$version\" >> /dev/null 2>&1" 467 | echo " fi" 468 | echo " done" 469 | echo "}" 470 | 471 | echo "" 472 | echo "check_and_block_kernel() {" 473 | echo " if dpkg --compare-versions \"\$curr_kernel_version\" \"gt\" \"\$supported_kernel_version\"; then" 474 | echo " logger \"Aborting as detected kernel version is not supported by freepbx dahdi module\"" 475 | echo " fi" 476 | echo "" 477 | 478 | echo " local kernel_packages=\$( apt-cache search linux-image | grep -E "^linux-image-[0-9]" | awk '{print \$1}')" 479 | echo " for package in \$kernel_packages; do" 480 | echo " # Extract the version from the package name" 481 | echo " local version=\$(echo \"\$package\" | awk -F'-' '{print \$3,-\$4}' | sed 's/[[:space:]]//g' | sort -n)" 482 | echo "" 483 | 484 | echo " # Compare the version with the current supported kernel version" 485 | echo " if dpkg --compare-versions \"\$version\" \"gt\" \"\$supported_kernel_version\"; then" 486 | echo " logger \"Holding kernel version \$version to prevent automatic updates.\"" 487 | echo " apt-mark hold \"\$version\" >> /dev/null 2>&1" 488 | echo " else" 489 | echo " check_and_unblock_kernel \$version" 490 | echo " fi" 491 | echo " done" 492 | echo "}" 493 | 494 | echo "" 495 | echo "case \$1 in" 496 | echo " --hold)" 497 | echo " hold=true" 498 | echo " ;;" 499 | echo "" 500 | echo " --unhold)" 501 | echo " unhold=true" 502 | echo " ;;" 503 | echo "" 504 | echo " *)" 505 | echo " logger \"Unknown / Invalid option \$1\"" 506 | echo " exit 1" 507 | echo " ;;" 508 | echo "esac" 509 | echo "" 510 | echo "set_supported_kernel_version" 511 | echo "" 512 | echo "if [[ \$hold ]]; then" 513 | echo " check_and_block_kernel" 514 | echo "elif [[ \$unhold ]]; then" 515 | echo " check_and_unblock_kernel" 516 | echo "fi" 517 | } >> /usr/bin/kernel-check 518 | 519 | #Changing file permission to run script 520 | chmod 755 /usr/bin/kernel-check 521 | 522 | #Adding Post Invoke for Update to run kernel-check 523 | if [ -e "/etc/apt/apt.conf.d/05checkkernel" ]; then 524 | rm -f /etc/apt/apt.conf.d/05checkkernel 525 | fi 526 | echo "APT::Update::Post-Invoke {\"/usr/bin/kernel-check --hold\"}" >> /etc/apt/apt.conf.d/05checkkernel 527 | chmod 644 /etc/apt/apt.conf.d/05checkkernel 528 | } 529 | 530 | refresh_signatures() { 531 | fwconsole ma refreshsignatures >> "$log" 532 | } 533 | 534 | check_services() { 535 | services=("fail2ban" "iptables") 536 | for service in "${services[@]}"; do 537 | service_status=$(systemctl is-active "$service") 538 | if [[ "$service_status" != "active" ]]; then 539 | message "Service $service is not active. Please ensure it is running." 540 | fi 541 | done 542 | 543 | apache2_status=$(systemctl is-active apache2) 544 | if [[ "$apache2_status" == "active" ]]; then 545 | apache_process=$(netstat -anp | awk '$4 ~ /:80$/ {sub(/.*\//,"",$7); print $7}') 546 | if [ "$apache_process" == "apache2" ]; then 547 | message "Apache2 service is running on port 80." 548 | else 549 | message "Apache2 is not running in port 80." 550 | fi 551 | else 552 | message "The Apache2 service is not active. Please activate the service" 553 | fi 554 | } 555 | 556 | check_php_version() { 557 | php_version=$(php -v | grep built: | awk '{print $2}') 558 | if [[ "${php_version:0:3}" == "8.2" ]]; then 559 | message "Installed PHP version $php_version is compatible with FreePBX." 560 | else 561 | message "Installed PHP version $php_version is not compatible with FreePBX. Please install PHP version '8.2.x'" 562 | fi 563 | 564 | # Checking whether enabled PHP modules are of PHP 8.2 version 565 | php_module_version=$(a2query -m | grep php | awk '{print $1}') 566 | 567 | if [[ "$php_module_version" == "php8.2" ]]; then 568 | log "The PHP module version $php_module_version is compatible with FreePBX. Proceeding with the script." 569 | else 570 | log "The installed PHP module version $php_module_version is not compatible with FreePBX. Please install PHP version '8.2'." 571 | exit 1 572 | fi 573 | } 574 | 575 | verify_module_status() { 576 | modules_list=$(fwconsole ma list | grep -Ewv "Enabled|----|Module|No repos") 577 | if [ -z "$modules_list" ]; then 578 | message "All Modules are Enabled." 579 | else 580 | message "List of modules which are not Enabled:" 581 | message "$modules_list" 582 | fi 583 | } 584 | 585 | # Function to check assigned ports for services 586 | inspect_network_ports() { 587 | # Array of port and service pairs 588 | local ports_services=( 589 | 82 restapps 590 | 83 restapi 591 | 81 ucp 592 | 80 acp 593 | 84 hpro 594 | "" leport 595 | "" sslrestapps 596 | "" sslrestapi 597 | "" sslucp 598 | "" sslacp 599 | "" sslhpro 600 | "" sslsngphone 601 | ) 602 | 603 | for (( i=0; i<${#ports_services[@]}; i+=2 )); do 604 | port="${ports_services[i]}" 605 | service="${ports_services[i+1]}" 606 | port_set=$(fwconsole sa ports | grep "$service" | cut -d'|' -f 2 | tr -d '[:space:]') 607 | 608 | if [ "$port_set" == "$port" ]; then 609 | message "$service module is assigned to its default port." 610 | else 611 | message "$service module is expected to have port $port assigned instead of $port_set" 612 | fi 613 | done 614 | } 615 | 616 | inspect_running_processes() { 617 | processes=$(fwconsole pm2 --list | grep -Ewv "online|----|Process") 618 | if [ -z "$processes" ]; then 619 | message "No Offline Processes found." 620 | else 621 | message "List of Offline processes:" 622 | message "$processes" 623 | fi 624 | } 625 | 626 | check_freepbx() { 627 | # Check if FreePBX is installed 628 | if ! dpkg -l | grep -q 'freepbx'; then 629 | message "FreePBX is not installed. Please install FreePBX to proceed." 630 | else 631 | verify_module_status 632 | if [ ! "$opensourceonly" ] ; then 633 | inspect_network_ports 634 | fi 635 | inspect_running_processes 636 | inspect_job_status=$(fwconsole job --list) 637 | message "Job list : $inspect_job_status" 638 | fi 639 | } 640 | 641 | check_digium_phones_version() { 642 | installed_version=$(asterisk -rx 'digium_phones show version' | awk '/Version/{print $NF}' 2>/dev/null) 643 | if [[ -n "$installed_version" ]]; then 644 | required_version="21.0_3.6.8" 645 | present_version=$(echo "$installed_version" | sed 's/_/./g') 646 | required_version=$(echo "$required_version" | sed 's/_/./g') 647 | if dpkg --compare-versions "$present_version" "lt" "$required_version"; then 648 | message "A newer version of Digium Phones module is available." 649 | else 650 | message "Installed Digium Phones module version: ($installed_version)" 651 | fi 652 | else 653 | message "Failed to check Digium Phones module version." 654 | fi 655 | } 656 | 657 | check_asterisk() { 658 | if ! dpkg -l | grep -q 'asterisk'; then 659 | message "Asterisk is not installed. Please install Asterisk to proceed." 660 | else 661 | check_asterisk_version=$(asterisk -V) 662 | message "$check_asterisk_version" 663 | if asterisk -rx "module show" | grep -q "res_digium_phone.so"; then 664 | check_digium_phones_version 665 | else 666 | message "Digium Phones module is not loaded. Please make sure it is installed and loaded correctly." 667 | fi 668 | fi 669 | } 670 | 671 | hold_packages() { 672 | # List of package names to hold 673 | local packages=("sangoma-pbx17" "nodejs" "node-*") 674 | if [ ! "$nofpbx" ] ; then 675 | packages+=("freepbx17") 676 | fi 677 | 678 | # Loop through each package and hold it 679 | for pkg in "${packages[@]}"; do 680 | apt-mark hold "$pkg" >> "$log" 681 | done 682 | } 683 | 684 | ################################################################################################################ 685 | MIRROR_PRIO=600 686 | kernel=$(uname -a) 687 | host=$(hostname) 688 | fqdn="$(hostname -f)" || true 689 | 690 | # Install wget which is required for version check 691 | pkg_install wget 692 | 693 | # Script version check 694 | if [[ $skipversion ]]; then 695 | message "Skipping version check..." 696 | else 697 | # Perform version check if --skipversion is not provided 698 | message "Performing version check..." 699 | check_version 700 | fi 701 | 702 | # Check if running in a Container 703 | if systemd-detect-virt --container &> /dev/null; then 704 | message "Running in a Container. Skipping Chrony installation." 705 | nochrony=true 706 | fi 707 | 708 | # Check if we are running on a 64-bit system 709 | ARCH=$(dpkg --print-architecture) 710 | if [ "$ARCH" != "amd64" ]; then 711 | message "FreePBX 17 installation can only be made on a 64-bit (amd64) system!" 712 | message "Current System's Architecture: $ARCH" 713 | exit 1 714 | fi 715 | 716 | # Check if hostname command succeeded and FQDN is not empty 717 | if [ -z "$fqdn" ]; then 718 | echo "Fully qualified domain name (FQDN) is not set correctly." 719 | echo "Please set the FQDN for this system and re-run the script." 720 | echo "To set the FQDN, update the /etc/hostname and /etc/hosts files." 721 | exit 1 722 | fi 723 | 724 | #Ensure the script is not running 725 | pidfile='/var/run/freepbx17_installer.pid' 726 | 727 | if [ -f "$pidfile" ]; then 728 | old_pid=$(cat "$pidfile") 729 | if ps -p "$old_pid" > /dev/null; then 730 | message "FreePBX 17 installation process is already going on (PID=$old_pid), hence not starting new process" 731 | exit 1 732 | else 733 | log "Removing stale PID file" 734 | rm -f "${pidfile}" 735 | fi 736 | fi 737 | echo "$$" > "$pidfile" 738 | 739 | setCurrentStep "Starting installation." 740 | trap 'errorHandler "$LINENO" "$?" "$BASH_COMMAND"' ERR 741 | trap "terminate" EXIT 742 | 743 | start=$(date +%s) 744 | message " Starting FreePBX 17 installation process for $host $kernel" 745 | message " Please refer to the $log to know the process..." 746 | log " Executing script v$SCRIPTVER ..." 747 | 748 | setCurrentStep "Making sure installation is sane" 749 | # Fixing broken install 750 | apt-get -y --fix-broken install >> "$log" 751 | apt-get autoremove -y >> "$log" 752 | 753 | # Check if the CD-ROM repository is present in the sources.list file 754 | if grep -q "^deb cdrom" /etc/apt/sources.list; then 755 | # Comment out the CD-ROM repository line in the sources.list file 756 | sed -i '/^deb cdrom/s/^/#/' /etc/apt/sources.list 757 | message "Commented out CD-ROM repository in sources.list" 758 | fi 759 | 760 | apt-get update >> "$log" 761 | 762 | # Adding iptables and postfix inputs so "iptables-persistent" and postfix will not ask for the input 763 | setCurrentStep "Setting up default configuration" 764 | debconf-set-selections <> "$log" 794 | 795 | # log the apt-cache policy 796 | apt-cache policy >> "$log" 797 | 798 | # Don't start the tftp & chrony daemons automatically, as we need to change their configuration 799 | systemctl mask tftpd-hpa.service 800 | if [ "$nochrony" != true ]; then 801 | systemctl mask chrony.service 802 | fi 803 | 804 | # Install dependent packages 805 | setCurrentStep "Installing required packages" 806 | DEPPRODPKGS=( 807 | "redis-server" 808 | "ghostscript" 809 | "libtiff-tools" 810 | "iptables-persistent" 811 | "net-tools" 812 | "rsyslog" 813 | "libavahi-client3" 814 | "nmap" 815 | "apache2" 816 | "zip" 817 | "incron" 818 | "wget" 819 | "vim" 820 | "openssh-server" 821 | "rsync" 822 | "mariadb-server" 823 | "mariadb-client" 824 | "bison" 825 | "flex" 826 | "flite" 827 | "php${PHPVERSION}" 828 | "php${PHPVERSION}-curl" 829 | "php${PHPVERSION}-zip" 830 | "php${PHPVERSION}-redis" 831 | "php${PHPVERSION}-curl" 832 | "php${PHPVERSION}-cli" 833 | "php${PHPVERSION}-common" 834 | "php${PHPVERSION}-mysql" 835 | "php${PHPVERSION}-gd" 836 | "php${PHPVERSION}-mbstring" 837 | "php${PHPVERSION}-intl" 838 | "php${PHPVERSION}-xml" 839 | "php${PHPVERSION}-bz2" 840 | "php${PHPVERSION}-ldap" 841 | "php${PHPVERSION}-sqlite3" 842 | "php${PHPVERSION}-bcmath" 843 | "php${PHPVERSION}-soap" 844 | "php${PHPVERSION}-ssh2" 845 | "php-pear" 846 | "curl" 847 | "sox" 848 | "mpg123" 849 | "sqlite3" 850 | "git" 851 | "uuid" 852 | "odbc-mariadb" 853 | "sudo" 854 | "subversion" 855 | "unixodbc" 856 | "nodejs" 857 | "npm" 858 | "ipset" 859 | "iptables" 860 | "fail2ban" 861 | "htop" 862 | "postfix" 863 | "tcpdump" 864 | "sngrep" 865 | "tftpd-hpa" 866 | "xinetd" 867 | "lame" 868 | "haproxy" 869 | "screen" 870 | "easy-rsa" 871 | "openvpn" 872 | "sysstat" 873 | "apt-transport-https" 874 | "lsb-release" 875 | "ca-certificates" 876 | "cron" 877 | "python3-mysqldb" 878 | "at" 879 | "avahi-daemon" 880 | "avahi-utils" 881 | "libnss-mdns" 882 | "mailutils" 883 | # Asterisk package 884 | "liburiparser1" 885 | # ffmpeg package 886 | "libavdevice59" 887 | # System Admin module 888 | "python3-mysqldb" 889 | "python-is-python3" 890 | # User Control Panel module 891 | "pkgconf" 892 | "libicu-dev" 893 | "libsrtp2-1" 894 | "libspandsp2" 895 | "libncurses5" 896 | "autoconf" 897 | "libical3" 898 | "libneon27" 899 | "libsnmp40" 900 | "libtonezone" 901 | "libbluetooth3" 902 | "libunbound8" 903 | "libsybdb5" 904 | "libspeexdsp1" 905 | "libiksemel3" 906 | "libresample1" 907 | "libgmime-3.0-0" 908 | "libc-client2007e" 909 | "imagemagick" 910 | ) 911 | DEPDEVPKGS=( 912 | "libsnmp-dev" 913 | "libtonezone-dev" 914 | "libpq-dev" 915 | "liblua5.2-dev" 916 | "libpri-dev" 917 | "libbluetooth-dev" 918 | "libunbound-dev" 919 | "libspeexdsp-dev" 920 | "libiksemel-dev" 921 | "libresample1-dev" 922 | "libgmime-3.0-dev" 923 | "libc-client2007e-dev" 924 | "libncurses-dev" 925 | "libssl-dev" 926 | "libxml2-dev" 927 | "libnewt-dev" 928 | "libsqlite3-dev" 929 | "unixodbc-dev" 930 | "uuid-dev" 931 | "libasound2-dev" 932 | "libogg-dev" 933 | "libvorbis-dev" 934 | "libcurl4-openssl-dev" 935 | "libical-dev" 936 | "libneon27-dev" 937 | "libsrtp2-dev" 938 | "libspandsp-dev" 939 | "libjansson-dev" 940 | "liburiparser-dev" 941 | "libavdevice-dev" 942 | "python-dev-is-python3" 943 | "default-libmysqlclient-dev" 944 | "dpkg-dev" 945 | "build-essential" 946 | "automake" 947 | "autoconf" 948 | "libtool-bin" 949 | "bison" 950 | "flex" 951 | ) 952 | if [ $dev ]; then 953 | DEPPKGS=("${DEPPRODPKGS[@]}" "${DEPDEVPKGS[@]}") 954 | else 955 | DEPPKGS=("${DEPPRODPKGS[@]}") 956 | fi 957 | if [ "$nochrony" != true ]; then 958 | DEPPKGS+=("chrony") 959 | fi 960 | for i in "${!DEPPKGS[@]}"; do 961 | pkg_install "${DEPPKGS[$i]}" 962 | done 963 | 964 | if dpkg -l | grep -q 'postfix'; then 965 | warning_message="# WARNING: Changing the inet_interfaces to an IP other than 127.0.0.1 may expose Postfix to external network connections.\n# Only modify this setting if you understand the implications and have specific network requirements." 966 | 967 | if ! grep -q "WARNING: Changing the inet_interfaces" /etc/postfix/main.cf; then 968 | # Add the warning message above the inet_interfaces configuration 969 | sed -i "/^inet_interfaces\s*=/i $warning_message" /etc/postfix/main.cf 970 | fi 971 | 972 | sed -i "s/^inet_interfaces\s*=.*/inet_interfaces = 127.0.0.1/" /etc/postfix/main.cf 973 | 974 | systemctl restart postfix 975 | fi 976 | 977 | # OpenVPN EasyRSA configuration 978 | if [ ! -d "/etc/openvpn/easyrsa3" ]; then 979 | make-cadir /etc/openvpn/easyrsa3 980 | fi 981 | #Remove below files which will be generated by sysadmin later 982 | rm -f /etc/openvpn/easyrsa3/pki/vars || true 983 | rm -f /etc/openvpn/easyrsa3/vars 984 | 985 | # Install Dahdi card support if --dahdi option is provided 986 | if [ "$dahdi" ]; then 987 | message "Installing DAHDI card support..." 988 | DAHDIPKGS=("asterisk${ASTVERSION}-dahdi" 989 | "dahdi-firmware" 990 | "dahdi-linux" 991 | "dahdi-linux-devel" 992 | "dahdi-tools" 993 | "libpri" 994 | "libpri-devel" 995 | "wanpipe" 996 | "wanpipe-devel" 997 | "dahdi-linux-kmod-${kernel_version}" 998 | "kmod-wanpipe-${kernel_version}" 999 | ) 1000 | 1001 | for i in "${!DAHDIPKGS[@]}"; do 1002 | pkg_install "${DAHDIPKGS[$i]}" 1003 | done 1004 | fi 1005 | 1006 | # Install libfdk-aac2 1007 | if [ "$noaac" ] ; then 1008 | message "Skipping libfdk-aac2 installation due to noaac option" 1009 | else 1010 | pkg_install libfdk-aac2 1011 | fi 1012 | 1013 | setCurrentStep "Removing unnecessary packages" 1014 | apt-get autoremove -y >> "$log" 1015 | 1016 | execution_time="$(($(date +%s) - start))" 1017 | message "Execution time to install all the dependent packages : $execution_time s" 1018 | 1019 | 1020 | 1021 | 1022 | setCurrentStep "Setting up folders and asterisk config" 1023 | groupExists="$(getent group asterisk || echo '')" 1024 | if [ "${groupExists}" = "" ]; then 1025 | groupadd -r asterisk 1026 | fi 1027 | 1028 | userExists="$(getent passwd asterisk || echo '')" 1029 | if [ "${userExists}" = "" ]; then 1030 | useradd -r -g asterisk -d /home/asterisk -M -s /bin/bash asterisk 1031 | fi 1032 | 1033 | # Adding asterisk to the sudoers list 1034 | #echo "%asterisk ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers 1035 | 1036 | # Creating /tftpboot directory 1037 | mkdir -p /tftpboot 1038 | chown -R asterisk:asterisk /tftpboot 1039 | # Changing the tftp process path to tftpboot 1040 | sed -i -e "s|^TFTP_DIRECTORY=\"/srv\/tftp\"$|TFTP_DIRECTORY=\"/tftpboot\"|" /etc/default/tftpd-hpa 1041 | # Change the tftp & chrony options when IPv6 is not available, to allow successful execution 1042 | if [ ! -f /proc/net/if_inet6 ]; then 1043 | sed -i -e "s|^TFTP_OPTIONS=\"--secure\"$|TFTP_OPTIONS=\"--secure --ipv4\"|" /etc/default/tftpd-hpa 1044 | if [ "$nochrony" != true ]; then 1045 | sed -i -e "s|^DAEMON_OPTS=\"-F 1\"$|DAEMON_OPTS=\"-F 1 -4\"|" /etc/default/chrony 1046 | fi 1047 | fi 1048 | # Start the tftp & chrony daemons 1049 | systemctl unmask tftpd-hpa.service 1050 | systemctl start tftpd-hpa.service 1051 | if [ "$nochrony" != true ]; then 1052 | systemctl unmask chrony.service 1053 | systemctl start chrony.service 1054 | fi 1055 | 1056 | # Creating asterisk sound directory 1057 | mkdir -p /var/lib/asterisk/sounds 1058 | chown -R asterisk:asterisk /var/lib/asterisk 1059 | 1060 | # Changing openssl to make it compatible with the katana 1061 | sed -i -e 's/^openssl_conf = openssl_init$/openssl_conf = default_conf/' /etc/ssl/openssl.cnf 1062 | 1063 | isSSLConfigAdapted=$(grep "FreePBX 17 changes" /etc/ssl/openssl.cnf |wc -l) 1064 | if [ "0" = "${isSSLConfigAdapted}" ]; then 1065 | cat <> /etc/ssl/openssl.cnf 1066 | # FreePBX 17 changes - begin 1067 | [ default_conf ] 1068 | ssl_conf = ssl_sect 1069 | [ssl_sect] 1070 | system_default = system_default_sect 1071 | [system_default_sect] 1072 | MinProtocol = TLSv1.2 1073 | CipherString = DEFAULT:@SECLEVEL=1 1074 | # FreePBX 17 changes - end 1075 | EOF 1076 | fi 1077 | 1078 | #Setting higher precedence value to IPv4 1079 | sed -i 's/^#\s*precedence ::ffff:0:0\/96 100/precedence ::ffff:0:0\/96 100/' /etc/gai.conf 1080 | 1081 | # Setting screen configuration 1082 | isScreenRcAdapted=$(grep "FreePBX 17 changes" /root/.screenrc |wc -l) 1083 | if [ "0" = "${isScreenRcAdapted}" ]; then 1084 | cat <> /root/.screenrc 1085 | # FreePBX 17 changes - begin 1086 | hardstatus alwayslastline 1087 | hardstatus string '%{= kG}[ %{G}%H %{g}][%= %{=kw}%?%-Lw%?%{r}(%{W}%n*%f%t%?(%u)%?%{r})%{w}%?%+Lw%?%?%= %{g}][%{B}%Y-%m-%d %{W}%c %{g}]' 1088 | # FreePBX 17 changes - end 1089 | EOF 1090 | fi 1091 | 1092 | 1093 | # Setting VIM configuration for mouse copy paste 1094 | isVimRcAdapted=$(grep "FreePBX 17 changes" /etc/vim/vimrc.local |wc -l) 1095 | if [ "0" = "${isVimRcAdapted}" ]; then 1096 | cat <> /etc/vim/vimrc.local 1097 | " FreePBX 17 changes - begin 1098 | " This file loads the default vim options at the beginning and prevents 1099 | " that they are being loaded again later. All other options that will be set, 1100 | " are added, or overwrite the default settings. Add as many options as you 1101 | " whish at the end of this file. 1102 | 1103 | " Load the defaults 1104 | source \$VIMRUNTIME/defaults.vim 1105 | 1106 | " Prevent the defaults from being loaded again later, if the user doesn't 1107 | " have a local vimrc (~/.vimrc) 1108 | let skip_defaults_vim = 1 1109 | 1110 | 1111 | " Set more options (overwrites settings from /usr/share/vim/vim80/defaults.vim) 1112 | " Add as many options as you whish 1113 | 1114 | " Set the mouse mode to 'r' 1115 | if has('mouse') 1116 | set mouse=r 1117 | endif 1118 | " FreePBX 17 changes - end 1119 | EOF 1120 | fi 1121 | 1122 | 1123 | # Setting apt configuration to always DO NOT overwrite existing configurations 1124 | aptNoOverwrite=$(grep "DPkg::options { \"--force-confdef\"; \"--force-confold\"; }" /etc/apt/apt.conf.d/00freepbx |wc -l) 1125 | if [ "0" = "${aptNoOverwrite}" ]; then 1126 | cat <> /etc/apt/apt.conf.d/00freepbx 1127 | DPkg::options { "--force-confdef"; "--force-confold"; } 1128 | EOF 1129 | fi 1130 | 1131 | 1132 | #chown -R asterisk:asterisk /etc/ssl 1133 | 1134 | # Install Asterisk 1135 | if [ "$noast" ] ; then 1136 | message "Skipping Asterisk installation due to noasterisk option" 1137 | else 1138 | # TODO Need to check if asterisk installed already then remove that and install new ones. 1139 | # Install Asterisk 1140 | setCurrentStep "Installing Asterisk packages." 1141 | install_asterisk $ASTVERSION 1142 | fi 1143 | 1144 | # Install PBX dependent packages 1145 | setCurrentStep "Installing FreePBX packages" 1146 | 1147 | FPBXPKGS=("sysadmin17" 1148 | "sangoma-pbx17" 1149 | "ffmpeg" 1150 | ) 1151 | for i in "${!FPBXPKGS[@]}"; do 1152 | pkg_install "${FPBXPKGS[$i]}" 1153 | done 1154 | 1155 | 1156 | #Enabling freepbx.ini file 1157 | setCurrentStep "Enabling modules." 1158 | phpenmod freepbx 1159 | mkdir -p /var/lib/php/session 1160 | 1161 | #Creating default config files 1162 | mkdir -p /etc/asterisk 1163 | touch /etc/asterisk/extconfig_custom.conf 1164 | touch /etc/asterisk/extensions_override_freepbx.conf 1165 | touch /etc/asterisk/extensions_additional.conf 1166 | touch /etc/asterisk/extensions_custom.conf 1167 | chown -R asterisk:asterisk /etc/asterisk 1168 | 1169 | setCurrentStep "Restarting fail2ban" 1170 | systemctl restart fail2ban >> "$log" 1171 | 1172 | 1173 | if [ "$nofpbx" ] ; then 1174 | message "Skipping FreePBX 17 installation due to nofreepbx option" 1175 | else 1176 | setCurrentStep "Installing FreePBX 17" 1177 | pkg_install ioncube-loader-82 1178 | pkg_install freepbx17 1179 | 1180 | if [ -n "$NPM_MIRROR" ] ; then 1181 | setCurrentStep "Setting environment variable npm_config_registry=$NPM_MIRROR" 1182 | export npm_config_registry="$NPM_MIRROR" 1183 | fi 1184 | 1185 | # Check if only opensource required then remove the commercial modules 1186 | if [ "$opensourceonly" ]; then 1187 | setCurrentStep "Removing commercial modules" 1188 | fwconsole ma list | awk '/Commercial/ {print $2}' | xargs -I {} fwconsole ma -f remove {} >> "$log" 1189 | # Remove firewall module also because it depends on commercial sysadmin module 1190 | fwconsole ma -f remove firewall >> "$log" || true 1191 | fi 1192 | 1193 | if [ "$dahdi" ]; then 1194 | fwconsole ma downloadinstall dahdiconfig >> "$log" 1195 | echo 'export PERL5LIB=$PERL5LIB:/etc/wanpipe/wancfg_zaptel' | sudo tee -a /root/.bashrc 1196 | fi 1197 | 1198 | setCurrentStep "Installing all local modules" 1199 | fwconsole ma installlocal >> "$log" 1200 | 1201 | setCurrentStep "Upgrading FreePBX 17 modules" 1202 | fwconsole ma upgradeall >> "$log" 1203 | 1204 | setCurrentStep "Reloading and restarting FreePBX 17" 1205 | fwconsole reload >> "$log" 1206 | fwconsole restart >> "$log" 1207 | 1208 | if [ "$opensourceonly" ]; then 1209 | # Uninstall the sysadmin helper package for the sysadmin commercial module 1210 | message "Uninstalling sysadmin17" 1211 | apt-get purge -y sysadmin17 >> "$log" 1212 | # Uninstall ionCube loader required for commercial modules and to install the freepbx17 package 1213 | message "Uninstalling ioncube-loader-82" 1214 | apt-get purge -y ioncube-loader-82 >> "$log" 1215 | fi 1216 | fi 1217 | 1218 | setCurrentStep "Wrapping up the installation process" 1219 | systemctl daemon-reload >> "$log" 1220 | if [ ! "$nofpbx" ] ; then 1221 | systemctl enable freepbx >> "$log" 1222 | fi 1223 | 1224 | #delete apache2 index.html as we do not need that file 1225 | rm -f /var/www/html/index.html 1226 | 1227 | #enable apache mod ssl 1228 | a2enmod ssl >> "$log" 1229 | 1230 | #enable apache mod expires 1231 | a2enmod expires >> "$log" 1232 | 1233 | #enable apache 1234 | a2enmod rewrite >> "$log" 1235 | 1236 | #Enabling freepbx apache configuration 1237 | if [ ! "$nofpbx" ] ; then 1238 | a2ensite freepbx.conf >> "$log" 1239 | a2ensite default-ssl >> "$log" 1240 | fi 1241 | 1242 | #Setting postfix size to 100MB 1243 | postconf -e message_size_limit=102400000 1244 | 1245 | # Disable expose_php for provide less information to attacker 1246 | sed -i 's/\(^expose_php = \).*/\1Off/' /etc/php/${PHPVERSION}/apache2/php.ini 1247 | 1248 | # Setting max_input_vars to 2000 1249 | sed -i 's/;max_input_vars = 1000/max_input_vars = 2000/' /etc/php/${PHPVERSION}/apache2/php.ini 1250 | 1251 | # Disable ServerTokens and ServerSignature for provide less information to attacker 1252 | sed -i 's/\(^ServerTokens \).*/\1Prod/' /etc/apache2/conf-available/security.conf 1253 | sed -i 's/\(^ServerSignature \).*/\1Off/' /etc/apache2/conf-available/security.conf 1254 | 1255 | # Setting pcre.jit to 0 1256 | sed -i 's/;pcre.jit=1/pcre.jit=0/' /etc/php/${PHPVERSION}/apache2/php.ini 1257 | 1258 | # Restart apache2 1259 | systemctl restart apache2 >> "$log" 1260 | 1261 | setCurrentStep "Holding Packages" 1262 | 1263 | hold_packages 1264 | 1265 | # Update logrotate configuration 1266 | if grep -q '^#dateext' /etc/logrotate.conf; then 1267 | message "Setting up logrotate.conf" 1268 | sed -i 's/^#dateext/dateext/' /etc/logrotate.conf 1269 | fi 1270 | 1271 | #setting permisions 1272 | chown -R asterisk:asterisk /var/www/html/ 1273 | 1274 | #Creating post apt scripts 1275 | create_post_apt_script 1276 | 1277 | # Refresh signatures 1278 | setCurrentStep "Refreshing modules signatures." 1279 | count=1 1280 | if [ ! "$nofpbx" ]; then 1281 | while [ $count -eq 1 ]; do 1282 | set +e 1283 | refresh_signatures 1284 | exit_status=$? 1285 | set -e 1286 | if [ $exit_status -eq 0 ]; then 1287 | break 1288 | else 1289 | log "Command 'fwconsole ma refreshsignatures' failed to execute with exit status $exit_status, running as a background job" 1290 | refresh_signatures & 1291 | log "Continuing the remaining script execution" 1292 | break 1293 | fi 1294 | done 1295 | fi 1296 | 1297 | 1298 | setCurrentStep "FreePBX 17 Installation finished successfully." 1299 | 1300 | 1301 | ############ POST INSTALL VALIDATION ############################################ 1302 | # Commands for post-installation validation 1303 | # Disable automatic script termination upon encountering non-zero exit code to prevent premature termination. 1304 | set +e 1305 | setCurrentStep "Post-installation validation" 1306 | 1307 | check_services 1308 | 1309 | check_php_version 1310 | 1311 | if [ ! "$nofpbx" ] ; then 1312 | check_freepbx 1313 | fi 1314 | 1315 | check_asterisk 1316 | 1317 | execution_time="$(($(date +%s) - start))" 1318 | message "Total script Execution Time: $execution_time" 1319 | message "Finished FreePBX 17 installation process for $host $kernel" 1320 | message "Join us on the FreePBX Community Forum: https://community.freepbx.org/ "; 1321 | 1322 | if [ ! "$nofpbx" ] ; then 1323 | fwconsole motd 1324 | fi 1325 | --------------------------------------------------------------------------------