├── README ├── Install-Munin-on-Ubuntu.sh ├── install-westany-prompts.sh ├── INSTALL-BALLISTIC-PBX-NOTES ├── install-vtiger.sh ├── install-opensbc-ubuntu.sh ├── install-dahdi-on-proxmox.sh ├── install-piaf-on-existing-centos-v1.04.sh ├── install-asterisk-freepbx-on-ubuntu.sh └── install-ballistic-pbx.sh /README: -------------------------------------------------------------------------------- 1 | A collection of useful scripts -------------------------------------------------------------------------------- /Install-Munin-on-Ubuntu.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | #install Munin for server monitoring 4 | apt-get -y install munin munin-node munin-plugins-extra libnet-netmask-perl libnet-telnet-perl python perl libcache-cache-perl 5 | 6 | 7 | ln -s /usr/share/munin/plugins/mysql_bytes /etc/munin/plugins/mysql_bytes 8 | ln -s /usr/share/munin/plugins/mysql_innodb /etc/munin/plugins/mysql_innodb 9 | ln -s /usr/share/munin/plugins/mysql_queries /etc/munin/plugins/mysql_queries 10 | ln -s /usr/share/munin/plugins/mysql_slowqueries /etc/munin/plugins/mysql_slowqueries 11 | ln -s /usr/share/munin/plugins/mysql_threads /etc/munin/plugins/mysql_threads 12 | 13 | 14 | echo ' 15 | Alias /munin /var/cache/munin/www 16 | 17 | 18 | DirectoryIndex index.html 19 | 20 | Options +FollowSymLinks 21 | AllowOverride None 22 | 23 | #order deny,allow 24 | #deny from all 25 | #allow from 127.0.0.0/255.0.0.0 ::1/128 26 | allow from all 27 | 28 | 29 | php_flag magic_quotes_gpc Off 30 | php_flag track_vars On 31 | php_flag register_globals Off 32 | 33 | 34 | 35 | ExpiresActive On 36 | ExpiresDefault M310 37 | 38 | 39 | 40 | AuthUserFile /etc/apache2/htpassword/.htpasswd_munin 41 | AuthGroupFile /dev/null 42 | AuthName "Password Protected Area" 43 | AuthType Basic 44 | 45 | 46 | require valid-user 47 | 48 | 49 | 50 | ' > /etc/munin/apache.conf 51 | 52 | mkdir /etc/apache2/htpassword/ 53 | echo "Please enter the password you want to use for the admin interface, the username is admin" 54 | htpasswd -c /etc/apache2/htpassword/.htpasswd_munin admin 55 | 56 | 57 | service munin-node restart 58 | service apache2 restart 59 | 60 | #funcmunin 61 | -------------------------------------------------------------------------------- /install-westany-prompts.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #Install Westany prompts on Asterisk 3 | #Copyright (C) 2010-11 Star2Billing S.L. jonathan@star2billing.com 4 | 5 | #This program is free software; you can redistribute it and/or 6 | #modify it under the terms of the GNU General Public License 7 | #as published by the Free Software Foundation; either version 2 8 | #of the License, or (at your option) any later version. 9 | 10 | #This program is distributed in the hope that it will be useful, 11 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | #GNU General Public License for more details. 14 | 15 | #You should have received a copy of the GNU General Public License 16 | #along with this program; if not, write to the Free Software 17 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 18 | 19 | 20 | 21 | 22 | #change this line to suit the location of your prompts. 23 | EXTRACTDIR=/tmp/prompts 24 | 25 | #Change the defaults below to suit your install 26 | ASTDIR=/var/lib/asterisk 27 | ASTERISKUSER=asterisk 28 | ASTERISKGROUP=asterisk 29 | 30 | TEMPDIR=/tmp/westany-prompts-xyz 31 | FILES=*.tar.gz 32 | 33 | 34 | cd $EXTRACTDIR 35 | mkdir $TEMPDIR 36 | 37 | for f in $FILES 38 | do 39 | echo "First extract of $f file..." 40 | tar zxfv "$f" 41 | mv "$f" $TEMPDIR 42 | done 43 | 44 | for f in $FILES 45 | do 46 | echo "Second extract of $f file..." 47 | tar zxfv "$f" 48 | rm "$f" 49 | done 50 | 51 | 52 | for d in $(find $EXTRACTDIR -name 'sounds.tar.gz') 53 | do 54 | echo "Move $d to asterisk directory and extract it" 55 | mv $d $ASTDIR/sounds.tar.gz 56 | cd $ASTDIR 57 | ls -al sounds.tar.gz 58 | tar zxfv sounds.tar.gz 59 | rm $ASTDIR/sounds.tar.gz 60 | done 61 | 62 | #Put everything back and clean up 63 | rm -rf $EXTRACTDIR/* 64 | mv $TEMPDIR/* $EXTRACTDIR 65 | rm -rf $TEMPDIR 66 | chown -R $ASTERISKUSER:$ASTERISKGROUP $ASTDIR/sounds/ 67 | -------------------------------------------------------------------------------- /INSTALL-BALLISTIC-PBX-NOTES: -------------------------------------------------------------------------------- 1 | Installing Asterisk 1.8, 10, 11 and FreePBX on Ubuntu 10.04 or 12.04 Server 2 | 3 | 1. Download Ubuntu 10.04 or 12.04 Server and burn it to a CD. 4 | 2. Put CD in drive of the machine you are going to load and boot to the CD. Please be aware that this installation will completely erase the hard drive on the target machine. Also make sure you have a valid Internet connection to the machine. The installation process will download a lot of files from the repositories. 5 | 3. Once it boots, choose your language. 6 | 4. Hit Return on “Install Ubuntu Server” (This will take a few seconds) 7 | 5. Select the installer language and hit enter. 8 | 6. Select your country and hit enter. 9 | 7. The next few screens are self explanatory. 10 | 8. You will eventually get to a screen that asks for the hostname. Enter the hostname you want to use for this machine and hit enter. 11 | 9. If you need to change your time zone, now is the time. 12 | 10. Choose your Partitioning method. I choose “Guided-use entire disk. I am not a LVM person. 13 | 11. Select the disk to Partition and hit enter. 14 | 12. Select yes to Partition the drive. This will wipe out all data and partitions on the drive!!!! This will partition the drive, format it and install the base operating system. 15 | 13. Enter the name for the login user. Ubuntu does not use root for a login user. 16 | 14. Enter the username for that user and then the password. 17 | 15. Select whether or not to encrypt the home directory and press enter. 18 | 16. If you use a proxy server to get to the Internet, enter it here and press enter. Most users will leave this blank. 19 | 17. Select how you want to handle updates and press enter. 20 | 18. Select the software you want to install. I choose OpenSSH here. Use your arrow keys to select and the spacebar to make. Hit enter when done. 21 | 19. If asked for a MySQL password, set the one you want, and remember it for use later in the script. ***The password must be set***. 22 | 20. Select type of mail server you are running and hit enter. I chose “Internet with smarthost” here. 23 | 21. Go have some coffee. This will take a while. 24 | 22. Since you formatted the entire drive earlier, select “Yes” when asked to install the GRUB boot loader... 25 | 23. When the CD is ejected, remove it and hit enter. The machine will reboot. 26 | 24. Log in with the username and password you entered earlier. 27 | 25. Enter the command “sudo su -” (without the quotes) at the command prompt and enter your password again. You are now in the superuser mode. 28 | 26. Change directory to /usr/src (cd /usr/src) 29 | 27. Use wget to get Joe Roper's installer script from the repository. Install-ballistic-pbx.sh 30 | 28. Use chmod to change the permissions on the installer to have executable permissions (chmod +x ) 31 | 29. Run the script. (./) or simply run bash 32 | 30. Press 1 to install the dependencies. 33 | 31. Answer the questions as asked. 34 | 32. When it is done, the script will appear. Select 2 to install asterisk, then choose the version of Asterisk you want and sit back and wait. 35 | 33. You will need to make some choices on what modules you want installed. As a minimum, install all the asterisk add-ons, except ooh323 and app_saycountpl, in resource modules, deselect res_config_ldap, and select the sound files you require from core sounds, music on hold and extra sounds. 36 | 34. Press 3 to install FreePBX. 37 | 35. Select any other modules you want, e.g. Ossec, SSL support, and so on. 38 | 36. When installed, FreePBX is to be found at http://IP-Of-PBX/admin/, you will be prompted for a username and password by apache, the default is vm and vmadmin, then enter a username and password to administer the system. You can now log in with the user and password you chose. First job is to change the vm user password in the administrator section. 39 | 40 | No free support is offered with the script, comments and bug fixes can be made via the issue tracker on github, and commercial help and development is available by emailing sales@star2billing.com 41 | 42 | -------------------------------------------------------------------------------- /install-vtiger.sh: -------------------------------------------------------------------------------- 1 | #/bin/sh 2 | #Install Vtiger on Ubuntu LTS 10 3 | #Copyright (C) 2010 Star2Billing S.L. jonathan@star2billing.com 4 | 5 | #This program is free software; you can redistribute it and/or 6 | #modify it under the terms of the GNU General Public License 7 | #as published by the Free Software Foundation; either version 2 8 | #of the License, or (at your option) any later version. 9 | 10 | #This program is distributed in the hope that it will be useful, 11 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | #GNU General Public License for more details. 14 | 15 | #You should have received a copy of the GNU General Public License 16 | #along with this program; if not, write to the Free Software 17 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 18 | 19 | #Variables 20 | #Change to suit installation 21 | WEBGROUP=www-data 22 | WEBUSER=www-data 23 | WEBROOT=/var/www 24 | #WEBGROUP=asterisk 25 | #WEBUSER=asterisk 26 | 27 | 28 | apt-get update 29 | apt-get -y upgrade 30 | apt-get -y remove sendmail fetchmail procmail 31 | apt-get -y install binutils cpp flex gcc libarchive-zip-perl libc6-dev libcompress-zlib-perl libpcre3 libpopt-dev lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev autoconf automake1.9 libtool bison autotools-dev gcc libpng12-dev libjpeg62-dev libfreetype6-dev libssl-dev libxml2-dev libxml2 g++ gawk postfix libsasl2-modules 32 | apt-get -y install apache2 php5 libapache2-mod-php5 33 | apt-get -y install mysql-server mysql-client php5-mysql php5-gd php5-imap 34 | 35 | cd $WEBROOT 36 | 37 | wget https://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.2.1/Core%20Product/vtigercrm-5.2.1.tar.gz/download 38 | mv download vtigercrm-5.2.1.tar.gz 39 | tar zxfv vtigercrm-5.2.1.tar.gz 40 | rm vtigercrm-5.2.1.tar.gz 41 | chown -R $WEBGROUP:$WEBUSER vtigercrm/ 42 | mv vtigercrm crm 43 | 44 | sed -i 's/display_errors = Off/display_errors = on/g' /etc/php5/apache2/php.ini 45 | sed -i 's/max_execution_time = 30/max_execution_time = 600/g' /etc/php5/apache2/php.ini 46 | sed -i 's/error_reporting = E_ALL & ~E_DEPRECATED/error_reporting = E_WARNING & ~E_NOTICE & ~E_DEPRECATED/g' /etc/php5/apache2/php.ini 47 | sed -i 's/allow_call_time_pass_reference = Off/allow_call_time_pass_reference = on/g' /etc/php5/apache2/php.ini 48 | sed -i 's/log_errors = On/log_errors = off/g' /etc/php5/apache2/php.ini 49 | 50 | mv $WEBROOT/crm/htaccess.txt $WEBROOT/crm/.htaccess 51 | 52 | /etc/init.d/apache2 restart 53 | /etc/init.d/mysql restart 54 | 55 | #done Vtiger 56 | 57 | #!/bin/bash 58 | #firewall script for VoIP 59 | echo ' 60 | 61 | #!/bin/bash 62 | #Goes in /etc/init.d/firewall 63 | #sudo /etc/init.d/firewall start 64 | #sudo /etc/init.d/firewall stop 65 | #sudo /etc/init.d/firewall restart 66 | #sudo /etc/init.d/firewall status 67 | #To make it run, sudo update-rc.d firewall defaults 68 | 69 | 70 | 71 | RETVAL=0 72 | 73 | # To start the firewall 74 | start() { 75 | echo -n "Iptables rules creation: " 76 | /etc/firewall.sh 77 | RETVAL=0 78 | } 79 | 80 | # To stop the firewall 81 | stop() { 82 | echo -n "Removing all iptables rules: " 83 | /etc/flush_iptables.sh 84 | RETVAL=0 85 | } 86 | 87 | case $1 in 88 | start) 89 | start 90 | ;; 91 | stop) 92 | stop 93 | ;; 94 | restart) 95 | stop 96 | start 97 | ;; 98 | status) 99 | /sbin/iptables -L 100 | /sbin/iptables -t nat -L 101 | RETVAL=0 102 | ;; 103 | *) 104 | echo "Usage: firewall {start|stop|restart|status}" 105 | RETVAL=1 106 | esac 107 | 108 | exit 109 | ' > /etc/init.d/firewall 110 | 111 | echo ' 112 | 113 | #!/bin/bash 114 | #Starts the default IP tables for A2Billing / FreePBX, edit this script to change behaviour 115 | #File location /etc/firewall.sh 116 | 117 | 118 | iptables -F 119 | iptables -X 120 | 121 | 122 | iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 123 | iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT 124 | iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT 125 | iptables -A INPUT -i lo -p all -j ACCEPT 126 | iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT 127 | iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 128 | iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT 129 | iptables -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT 130 | iptables -A INPUT -p udp -m udp --dport 123 -j ACCEPT 131 | iptables -A INPUT -p udp -m udp --dport 69 -j ACCEPT 132 | iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT 133 | iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT 134 | iptables -A INPUT -p all -s localhost -i eth0 -j DROP 135 | iptables -A INPUT -j REJECT 136 | iptables -A FORWARD -j REJECT 137 | 138 | iptables-save 139 | 140 | # End message 141 | echo " [End iptables rules setting]" 142 | 143 | ' > /etc/firewall.sh 144 | 145 | echo ' 146 | 147 | #!/bin/sh 148 | #Flush iptable rules, and open everything 149 | #File location - /etc/flush_iptables.bash 150 | 151 | 152 | # 153 | # Set the default policy 154 | # 155 | iptables -P INPUT ACCEPT 156 | iptables -P FORWARD ACCEPT 157 | iptables -P OUTPUT ACCEPT 158 | 159 | # 160 | # Set the default policy for the NAT table 161 | # 162 | iptables -t nat -P PREROUTING ACCEPT 163 | iptables -t nat -P POSTROUTING ACCEPT 164 | iptables -t nat -P OUTPUT ACCEPT 165 | 166 | # 167 | # Delete all rules 168 | # 169 | iptables -F 170 | iptables -t nat -F 171 | 172 | # 173 | # Delete all chains 174 | # 175 | 176 | iptables -X 177 | iptables -t nat -X 178 | 179 | # End message 180 | echo " [End of flush]" 181 | 182 | ' > /etc/flush_iptables.sh 183 | 184 | chmod +x /etc/flush_iptables.sh 185 | chmod +x /etc/firewall.sh 186 | chmod +x /etc/init.d/firewall 187 | update-rc.d firewall defaults 188 | 189 | /etc/init.d/firewall restart 190 | 191 | #Install OSSEC 192 | cd /usr/src 193 | rm -rf ossec* 194 | wget http://www.ossec.net/files/ossec-hids-2.5.1.tar.gz 195 | tar zxfv ossec-hids-*.tar.gz 196 | rm -rf ossec-hids*.tar.gz 197 | mv ossec-hids-* ossec-hids 198 | cd ossec-hids 199 | ./install.sh 200 | clear 201 | 202 | # Add some local rules 203 | 204 | /var/ossec/bin/ossec-control start 205 | 206 | #quieten down the logs 207 | echo 'unset SSHD_OOM_ADJUST' >> /etc/default/ssh 208 | 209 | if [ $INSTALLWEBMIN = 0 ]; then 210 | rm -rf webmin-1*.deb 211 | cd /usr/src 212 | wget http://sunet.dl.sourceforge.net/project/webadmin/webmin/1.520/webmin_1.520_all.deb 213 | dpkg --install webmin* 214 | apt-get -y -f install 215 | rm -rf webmin*.deb 216 | fi 217 | 218 | 219 | 220 | 221 | 222 | 223 | 224 | 225 | echo -e "Installation complete\n\n" 226 | 227 | IP=`/sbin/ifconfig eth0 | grep "inet addr" | awk -F' ' '{print $2}' | awk -F':' '{print $2}'` 228 | 229 | echo -e "Log into the Administrative interface at: http://$IP/crm/" 230 | echo -e "and complete the installation" 231 | # DONE 232 | 233 | -------------------------------------------------------------------------------- /install-opensbc-ubuntu.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #OpenSBC Debian 3 | 4 | #/bin/sh 5 | #Install OpenSBC - CentOS edition 6 | #Copyright (C) 2010 Star2Billing S.L. 7 | #Author Jonathan Roper jonathan@star2billing.com 8 | 9 | #This program is free software; you can redistribute it and/or 10 | #modify it under the terms of the GNU General Public License 11 | #as published by the Free Software Foundation; either version 2 12 | #of the License, or (at your option) any later version. 13 | 14 | #This program is distributed in the hope that it will be useful, 15 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | #GNU General Public License for more details. 18 | 19 | #You should have received a copy of the GNU General Public License 20 | #along with this program; if not, write to the Free Software 21 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 22 | 23 | #================================================================================================== 24 | #This script will install OpenSBC on an existing asterisk server, and will be available on port 5061 25 | #It will provide upwards registration, and RTP proxy services. 26 | #No configuration in Asterisk is required. 27 | #Simply point your phone at <>:5061 28 | #If this is installed behind NAT, forward UDP 5061 and 10,000 > 20,000 29 | #================================================================================================== 30 | 31 | apt-get update 32 | 33 | apt-get install -y mc autoconf automake cvs flex expat libexpat1-dev libtool build-essential libxml2 libxml2-dev libtiff4 libtiff4-dev libssl-dev libncurses5-dev bison libaudiofile-dev subversion libnewt-dev libcurl3-dev libnet-ssleay-perl openssl ssl-cert libauthen-pam-perl libio-pty-perl libcrypt-passwdmd5-perl libdigest-md5-perl libpg-perl libdbd-pg-perl openssl ssl-cert flex bison build-essential libxml2 libxml2-dev expat libexpat1-dev libspeex-dev speex 34 | 35 | 36 | cd /usr/src 37 | 38 | echo "================================================================================" 39 | echo "When prompted for a CVS password, just press enter" 40 | echo "================================================================================" 41 | 42 | 43 | cvs -d:pserver:anonymous@opensipstack.cvs.sourceforge.net:/cvsroot/opensipstack login 44 | cvs -z3 -d:pserver:anonymous@opensipstack.cvs.sourceforge.net:/cvsroot/opensipstack co -P opensipstack 45 | cvs -z3 -d:pserver:anonymous@opensipstack.cvs.sourceforge.net:/cvsroot/opensipstack co -P opensbc 46 | 47 | cd /usr/src/opensipstack/ 48 | chmod +x ./configure 49 | ./configure --enable-localspeex --enable-gpllibs 50 | make bothnoshared 51 | cd ../opensbc 52 | chmod +x ./configure 53 | ./configure --enable-gpllibs 54 | make bothnoshared 55 | make distrib 56 | 57 | 58 | cp /usr/src/opensbc/distrib/* /usr/local/bin/ 59 | echo "/usr/local/bin/opensbc -d -p /var/run/opensbc.pid -H 65536 -C 1024000" > /usr/local/bin/startup.sh 60 | echo "/usr/local/bin/opensbc -u root -k -p /var/run/opensbc.pid" > /usr/local/bin/shutdown.sh 61 | 62 | echo "/usr/local/bin/startup.sh" >> /etc/rc.local 63 | 64 | mkdir /root/OpenSIPStack 65 | mkdir /root/OpenSIPStack/OpenSBC_data 66 | 67 | 68 | echo " 69 | [OpenSBC-General-Parameters] 70 | SIP-Log-Level=1 71 | PTRACE-Log-Level=1 72 | Log-File-Prefix=b2bua 73 | SBC-Application-Mode=B2BUpperReg Mode 74 | Enable-Trunk-Port=True 75 | Enable-Calea-Port=True 76 | RTP-Min-Port=10000 77 | RTP-Max-Port=20000 78 | NAT-Keep-Alive-Interval=15 79 | Send-OPTIONS-NAT-Keep-Alive=True 80 | Send-Responses-Using-New-Socket=False 81 | Enable-Local-Refer=False 82 | Disable-Refer-Optimization=True 83 | Max-Forwards=70 84 | Encryption-Mode=XOR 85 | Encryption-Key=GS 86 | Alerting-Timeout=30000 87 | Seize-Timeout=60000 88 | SIP-Timer-B=Default 89 | SIP-Timer-H=Default 90 | Session-Keep-Alive=1800 91 | Session-Max-Life-Span=10800 92 | Max-Concurrent-Session=100 93 | Max-Call-Rate-Per-Second=10 94 | 95 | [SIP-Transports] 96 | Main-Interface-Address Array Size=1 97 | Main-Interface-Address 1=sip:*:5061 98 | Backdoor-Interface-Address=sip:*:5062 99 | Trunk-Interface-Address=sip:*:5064 100 | Media-Server-Interface-Address=sip:*:5066 101 | CALEA-Interface-Address=sip:*:5068 102 | Auxiliary-Interface-Address=sip:*:5070 103 | Interface-Route-List Array Size=0 104 | 105 | [RTP-Proxy] 106 | Proxy-On-Private-Contact=True 107 | Proxy-On-via-received-vs-signaling-address=True 108 | Proxy-On-Private-Via=True 109 | Proxy-On-Different-RPORT=True 110 | Proxy-All-Media=False 111 | 112 | [Trusted-Domains] 113 | Accept-All-Calls=True 114 | Trusted-Domain-List Array Size=0 115 | X-Remote-Info-List Array Size=0 116 | 117 | [Host-Access-List] 118 | Trust-All-Hosts=True 119 | Trusted-Host-List Array Size=0 120 | Enable-Selective-Banning=True 121 | Banned-Host-List Array Size=0 122 | 123 | [Upper-Registration] 124 | All-Reg-As-Upper-Reg=True 125 | Enable-Stateful-Reg=False 126 | Rewrite-TO-Domain=True 127 | Rewrite-FROM-Domain=True 128 | Route-List Array Size=1 129 | Route-List 1=[sip:*] sip:127.0.0.1:5060 130 | 131 | [B2BUA-Routes] 132 | Route-List Array Size=1 133 | Route-List 1=[sip:*] sip:127.0.0.1:5060 134 | Insert-Route-Header=True 135 | Rewrite-TO-URI=True 136 | Prepend-ISUP-OLI=False 137 | Route-By-Request-URI=False 138 | Route-By-To-URI=False 139 | Drop-Routes-On-Ping-Timeout=False 140 | Use-External-XML=False 141 | External-XML-File=b2bua-route.xml 142 | 143 | " > /root/OpenSIPStack/OpenSBC_data/OpenSBC.ini 144 | 145 | 146 | echo "================================================================================" 147 | echo "The web interface for this is on <:9999" 148 | echo "By default it has no password on it" 149 | echo "After reboot, please go to the website and configure a username and password" 150 | echo "================================================================================" 151 | echo "Please reboot" 152 | echo "================================================================================" 153 | 154 | 155 | echo " 156 | 1. http://11.22.33.44:9999/Internal-DNS-Mapping 157 | 158 | This is where we create the DNS entries for the internal IP addresses, this not compulsory, but it does make admin easier. 159 | 160 | So assuming you have pbx.yourdomain.com on 192.168.1.101, 161 | 162 | Create a DNS entry on your DNS server for pbx.yourdomain.com = 11.22.33.44 163 | Now add the internal DNS mapping with [sip:pbx.yourdomain.com] sip:192.168.1.101:5060 164 | Click the update button. 165 | Repeat as necessary for all PBX systems. 166 | 167 | 2. http://11.22.33.44:9999/Upper-Registration 168 | 169 | Next we need to deal with the registration aspect, so that when you create an extension on a PBX, OpenSBC checks to see that it is valid. 170 | 171 | Edit Route list, and add entries for each of your PBX systems. 172 | [sip:*@pbx.yourdomain.com:*] sip:pbx.yourdomain.com:5060 173 | 174 | or if you have not bothered with Step one - [sip:*@pbx.yourdomain.com:*] sip:192.168.1.101:5060 175 | 176 | Then click the update button 177 | 178 | So registrations that are sent to pbx.yourdomain.com will be forwarded to the internal PBX, and if the username and password is correct, OpenSBC will allow the endpoint to register. Note that the endpoint must be configured with the hostname, e.g. pbx.yourdomain.com, NOT 11.22.33.44 179 | 180 | Repeat as necessary for all PBX systems. 181 | 182 | 3. http://11.22.33.44:9999/B2BUA-Routes 183 | 184 | This is how the call is actually routed when someone picks up the phone and makes a call. 185 | 186 | The syntax here is the same as in step 2 for upper registration, e.g.Edit Route list, and add entries for each of your PBX systems. 187 | 188 | [sip:*@pbx.yourdomain.com:*] sip:pbx.yourdomain.com:5060 189 | 190 | or if you have not bothered with Step one - [sip:*@pbx.yourdomain.com:*] sip:192.168.1.101:5060 191 | 192 | Then click the update button. 193 | 194 | 195 | 4. Register your endpoint 196 | 197 | Now attempt to register a phone to your extension@pbx.yourdomain.com and make a call. 198 | 199 | 5. DID forwarding 200 | 201 | To forward DID to your systems from your DID provider or A2Billing system, simply forward the DID to sip/DID-Number@pbx.yourdomain.com 202 | 203 | 204 | Please test and test again, particularly in respect of MWI lights, extension to extension calls and check that it does what you need it do. 205 | " > /root/OpenSIPStack/README -------------------------------------------------------------------------------- /install-dahdi-on-proxmox.sh: -------------------------------------------------------------------------------- 1 | #/bin/sh 2 | #Install Dahdi on Proxmox version 1.3 3 | #Copyright (C) 2009-2011 Jonathan Roper joe.roper@gmail.com 4 | 5 | #This program is free software; you can redistribute it and/or 6 | #modify it under the terms of the GNU General Public License 7 | #as published by the Free Software Foundation; either version 2 8 | #of the License, or (at your option) any later version. 9 | 10 | #This program is distributed in the hope that it will be useful, 11 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | #GNU General Public License for more details. 14 | 15 | #You should have received a copy of the GNU General Public License 16 | #along with this program; if not, write to the Free Software 17 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 18 | 19 | 20 | apt-get -y update 21 | apt-get -y upgrade 22 | dpkg-reconfigure locales 23 | 24 | 25 | #install asterisk dependencies 26 | apt-get -y --fix-missing install build-essential make libncurses5-dev libcurl4-openssl-dev pve-headers-`uname -r` 27 | 28 | 29 | 30 | echo "Please reboot and re-run this script" 31 | echo "CTRL-C to exit or Enter to continue" 32 | read TEMP 33 | 34 | 35 | cd /usr/src/ 36 | 37 | wget http://downloads.digium.com/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz 38 | 39 | tar zxfv dahdi-linux-complete-current.tar.gz 40 | 41 | 42 | rm -rf *.tar.gz 43 | rm -rf dahdi-linux-complete 44 | 45 | mv dahdi-linux-complete* dahdi-linux-complete 46 | 47 | 48 | #Install Dahdi 49 | 50 | cd dahdi-linux-complete 51 | make all 52 | make install 53 | make config 54 | 55 | #fix startup problems 56 | sed -i 's/modprobe dahdi/modprobe -f dahdi/g' /etc/init.d/dahdi 57 | /etc/init.d/dahdi restart 58 | 59 | 60 | touch /usr/local/sbin/pabx-enable-conference 61 | echo ' 62 | #/bin/sh 63 | #Enable conference on Proxmox version 1.3 - Dahdi Version 64 | #Copyright (C) 2009 Jonathan Roper joe.roper@gmail.com 65 | 66 | #This program is free software; you can redistribute it and/or 67 | #modify it under the terms of the GNU General Public License 68 | #as published by the Free Software Foundation; either version 2 69 | #of the License, or (at your option) any later version. 70 | 71 | #This program is distributed in the hope that it will be useful, 72 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 73 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 74 | #GNU General Public License for more details. 75 | 76 | #You should have received a copy of the GNU General Public License 77 | #along with this program; if not, write to the Free Software 78 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 79 | 80 | clear 81 | echo "This script enables call conferencing in the VE" 82 | echo "please enter the VE number" 83 | read VENUMBER 84 | vzctl set $VENUMBER --devnodes dahdi/pseudo:rw --save 85 | vzctl exec $VENUMBER chown -R asterisk /dev/dahdi /lib/udev/devices/dahdi 86 | vzctl exec $VENUMBER chgrp -R asterisk /dev/dahdi /lib/udev/devices/dahdi 87 | 88 | echo "Job Done - Now reload asterisk in VE-"$VENUMBER 89 | ' > /usr/local/sbin/pabx-enable-conference 90 | chmod +x /usr/local/sbin/pabx-enable-conference 91 | 92 | 93 | #Create Template script 94 | touch /usr/local/sbin/pabx-create-template 95 | echo ' 96 | #/bin/sh 97 | #Creates template. 98 | #Copyright (C) 2009-2011 Jonathan Roper joe.roper@gmail.com 99 | 100 | #This program is free software; you can redistribute it and/or 101 | #modify it under the terms of the GNU General Public License 102 | #as published by the Free Software Foundation; either version 2 103 | #of the License, or (at your option) any later version. 104 | 105 | #This program is distributed in the hope that it will be useful, 106 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 107 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 108 | #GNU General Public License for more details. 109 | 110 | #You should have received a copy of the GNU General Public License 111 | #along with this program; if not, write to the Free Software 112 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 113 | 114 | #!/bin/bash 115 | #Create Template script - Joe Roper 2009-2011 116 | clear 117 | echo "Creates a template" 118 | echo "please enter the VE number" 119 | read VENUMBER 120 | vzctl stop $VENUMBER 121 | vzctl set $VENUMBER --ipdel all --save 122 | echo "Create a name for your template" 123 | echo "This must be in form OS-version-ASINGLEWORD_Vers_arch" 124 | echo "eg centos-5-pabx-1_x86 or centos-5-pabx-1_amd64" 125 | read TEMPLATENAME 126 | cd /var/lib/vz/private/$VENUMBER 127 | echo > "" /etc/resolv.conf 128 | echo > "" /root/.bash-history 129 | tar czfv /var/lib/vz/template/cache/$TEMPLATENAME.tar.gz * 130 | echo "Job Done - Now install from the GUI" 131 | ' > /usr/local/sbin/pabx-create-template 132 | chmod +x /usr/local/sbin/pabx-create-template 133 | 134 | /etc/init.d/dahdi restart 135 | 136 | 137 | #Add Eth0 for G729 and asterisk registrations. 138 | 139 | 140 | 141 | touch /usr/local/sbin/pabx-create-eth0 142 | echo ' 143 | #/bin/sh 144 | #Creates Eth0 for Digium registration. 145 | #Copyright (C) 2009-2011 Jonathan Roper joe.roper@gmail.com 146 | 147 | #This program is free software; you can redistribute it and/or 148 | #modify it under the terms of the GNU General Public License 149 | #as published by the Free Software Foundation; either version 2 150 | #of the License, or (at your option) any later version. 151 | 152 | #This program is distributed in the hope that it will be useful, 153 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 154 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 155 | #GNU General Public License for more details. 156 | 157 | #You should have received a copy of the GNU General Public License 158 | #along with this program; if not, write to the Free Software 159 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 160 | 161 | #!/bin/bash 162 | #Create Eth0 script - Joe Roper 2009 163 | clear 164 | echo "Creates an eth0 on the container - Do not run this more than once" 165 | echo "please enter the VE number" 166 | read VENUMBER 167 | vzctl set $VENUMBER --netif_add eth0 --save 168 | " 169 | echo "Please restart container $VENUMBER" 170 | ' > /usr/local/sbin/pabx-create-eth0 171 | 172 | chmod +x /usr/local/sbin/pabx-create-eth0 173 | 174 | 175 | #Allow IPtables to work on the VE 176 | sed -i 's|ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length|ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp|' /etc/vz/vz.conf 177 | 178 | /etc/init.d/vz restart 179 | echo "Now correct /usr/local/sbin/pabx-create-eth0" 180 | echo " There may be other problems to correct 181 | #If you get this error: 182 | #FATAL: Error inserting dahdi (/lib/modules/2.6.18.8-linode19/dahdi/dahdi.ko): Invalid module format 183 | #FATAL: Error inserting dahdi (/ lib/modules/2.6.18.8-linode19/dahdi/dahdi.ko): Invalid module format 184 | #Tenemos que modificar el script del arranque de DAHDI 185 | #We have to modify the startup script DAHDI 186 | #nano /etc/init.d/dahdi 187 | #nano / etc / init.d / dahdi 188 | #modificar estas dos l�neas: 189 | #modify these two lines: 190 | #modprobe dahdi 191 | #modprobe dahdi 192 | #modprobe dahdi_dummy 2> /dev/null 193 | #dahdi_dummy modprobe 2> / dev / null 194 | #para que queden 195 | #to make them 196 | #modprobe �f dahdi 197 | #modprobe-f dahdi 198 | #modprobe �f dahdi_dummy 2> /dev/null 199 | #dahdi_dummy modprobe-f 2> / dev / null 200 | #Volvemos a arrancar DAHDI 201 | #Restart DAHDI 202 | #/etc/init.d/dahdi start 203 | #/ etc / init.d / dahdi start" 204 | 205 | INSTALLWEBMIN=2 206 | until [ $INSTALLWEBMIN -lt 2 ] ; do 207 | clear 208 | echo "Do you want to install Webmin Y/n" 209 | echo "Press 0 for Yes or 1 for No" 210 | read INSTALLWEBMIN < /dev/tty 211 | echo $INSTALLWEBMIN 212 | done 213 | 214 | if [ $INSTALLWEBMIN = 0 ]; then 215 | rm -rf webmin-1*.deb 216 | cd /usr/src 217 | apt-get -y install libio-pty-perl libmd5-perl libnet-ssleay-perl libauthen-pam-perl 218 | wget http://www.webmin.com/download/deb/webmin-current.deb 219 | dpkg --install webmin* 220 | rm -rf webmin-1*.deb 221 | fi -------------------------------------------------------------------------------- /install-piaf-on-existing-centos-v1.04.sh: -------------------------------------------------------------------------------- 1 | #/bin/sh 2 | #Install PIAF on existing copy of CentOS Version 1.02 32 or 64 bit Operating system only 3 | #Copyright (C) 2010 Star2Billing S.L, sales@star2billing.com 4 | 5 | #This program is free software; you can redistribute it and/or 6 | #modify it under the terms of the GNU General Public License 7 | #as published by the Free Software Foundation; either version 2 8 | #of the License, or (at your option) any later version. 9 | 10 | #This program is distributed in the hope that it will be useful, 11 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | #GNU General Public License for more details. 14 | 15 | #You should have received a copy of the GNU General Public License 16 | #along with this program; if not, write to the Free Software 17 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 18 | 19 | #CHANGELOG 20 | #6th Septempber 2010 v1.01 21 | #Change php-pear-DB from php-pear-db 22 | #16th November 2010 v1.02 23 | #Rewrite to support PiaF 1.7.5.5.3 and 64 bit 24 | #This script was sponsored by Sheldon Steele of the ITS Group, http://www.itsgroup.org/ 25 | #recreate yum install list for 32bit install to include dialog 26 | #Change php-pear-DB from php-pear-db v1.04 27 | 28 | 29 | #Variables 30 | KERNELARCH=$(uname -p) 31 | PIAFLOC64=http://ignum2.dl.sourceforge.net/project/pbxinaflash/PIAF-1.7.5.5.3-CentOS-5.5-64bit/pbxinaflash-x86_64-17553.iso 32 | PIAFLOC32=http://mesh.dl.sourceforge.net/project/pbxinaflash/PIAF-1.7.5.5.3-CentOS-5.5-32bit/pbxinaflash-17553.iso 33 | PIAFVERS=1.7.5.5.3 34 | 35 | 36 | clear 37 | echo "Install PBX in a Flash on existing installation of CentOS bit" 38 | echo "" 39 | echo "Author, Joe Roper, sales@star2billing.com" 40 | echo "" 41 | echo "Released under the GPL." 42 | echo "" 43 | echo "" 44 | echo "This is for CentOS 64 bit and 32 bit installs" 45 | echo "Press CTRL C to exit or enter to continue" 46 | read TEMP 47 | clear 48 | 49 | #Set up the time and date so we don't get any issues with Zap / dahdi compiling. 50 | yum -y install ntp 51 | service ntpd start 52 | /usr/sbin/ntpdate -su pool.ntp.org 53 | service ntpd stop 54 | ntpdate pool.ntp.org 55 | service ntpd start 56 | hwclock --systohc 57 | chkconfig ntpd on 58 | 59 | #Disable SELINUX 60 | sed -i 's/=enforcing/=disabled/g' /etc/sysconfig/selinux 61 | 62 | #The list of packages to install is created by doing a PiaF install as far as the ISO, but not 63 | #going on to install PBX in a Flash. You can then install 64 | #yum-utils (yum install yum-utils) then type yum list installed > yumlist.txt 65 | #Then import this file into Excel, and copy column A. Paste it into a new sheet, 66 | #with Paste special, transpose. 67 | #Save it as an MSDOS CSV file, then open in Notepad, then find and replace all commas with spaces. 68 | #Copy this line below, and the script is updated. 69 | 70 | if [ $KERNELARCH = "x86_64" ]; then 71 | # Install the 64 bit PIAF Dependencies. 72 | yum -y install GConf2.x86_64 MAKEDEV.x86_64 NetworkManager.x86_64 NetworkManager-glib.x86_64 ORBit2.x86_64 SDL.x86_64 SysVinit.x86_64 acpid.x86_64 alsa-lib.x86_64 alsa-lib-devel.x86_64 alsa-utils.x86_64 amtu.x86_64 anacron.x86_64 apr.x86_64 apr-util.x86_64 arts.x86_64 arts-devel.x86_64 aspell.x86_64 aspell-en.x86_64 at.x86_64 atk.x86_64 atk-devel.x86_64 attr.x86_64 audiofile.x86_64 audiofile-devel.x86_64 audit.x86_64 audit-libs.x86_64 audit-libs-python.x86_64 authconfig.x86_64 authconfig-gtk.x86_64 autoconf.noarch autofs.x86_64 automake.noarch automake14.noarch automake15.noarch automake16.noarch automake17.noarch avahi.x86_64 avahi-compat-libdns_sd.x86_64 avahi-glib.x86_64 basesystem.noarch bash.x86_64 bc.x86_64 bind.x86_64 bind-libs.x86_64 bind-utils.x86_64 binutils.x86_64 bison.x86_64 bitstream-vera-fonts.noarch bluez-gnome.x86_64 bluez-libs.x86_64 bluez-utils.x86_64 bzip2.x86_64 bzip2-libs.x86_64 cairo.x86_64 ccid.x86_64 centos-release.x86_64 centos-release-notes.x86_64 chkconfig.x86_64 chkfontpath.x86_64 comps-extras.noarch conman.x86_64 coolkey.x86_64 coreutils.x86_64 cpio.x86_64 cpp.x86_64 cpuspeed.x86_64 cracklib.x86_64 cracklib-dicts.x86_64 crash.x86_64 crontabs.noarch cryptsetup-luks.x86_64 cups.x86_64 cups-libs.x86_64 curl.x86_64 curl-devel.x86_64 cvs.x86_64 cyrus-sasl.x86_64 cyrus-sasl-lib.x86_64 cyrus-sasl-plain.x86_64 db4.x86_64 dbus.x86_64 dbus-glib.x86_64 dbus-libs.x86_64 dbus-python.x86_64 dejavu-lgc-fonts.noarch desktop-backgrounds-basic.noarch desktop-file-utils.x86_64 device-mapper.x86_64 device-mapper-event.x86_64 device-mapper-multipath.x86_64 dhclient.x86_64 dhcp.x86_64 dhcpv6-client.x86_64 dialog.x86_64 diffutils.x86_64 dmidecode.x86_64 dmraid.x86_64 docbook-dtds.noarch dos2unix.x86_64 dosfstools.x86_64 dump.x86_64 e2fsprogs.x86_64 e2fsprogs-devel.x86_64 e2fsprogs-libs.x86_64 ed.x86_64 eject.x86_64 elfutils.x86_64 elfutils-libelf.x86_64 elfutils-libs.x86_64 esound.x86_64 esound-devel.x86_64 ethtool.x86_64 expat.x86_64 fbset.x86_64 file.x86_64 filesystem.x86_64 findutils.x86_64 finger.x86_64 fipscheck.x86_64 fipscheck-lib.x86_64 firstboot.x86_64 firstboot-tui.x86_64 flex.x86_64 flite.x86_64 flite-devel.x86_64 fontconfig.x86_64 freetype.x86_64 freetype-devel.x86_64 ftp.x86_64 gamin.x86_64 gamin-python.x86_64 gawk.x86_64 gcc.x86_64 gcc-c++.x86_64 gd.x86_64 gdbm.x86_64 gettext.x86_64 glib2.x86_64 glib2-devel.x86_64 glibc.i686 glibc.x86_64 glibc-common.x86_64 glibc-devel.x86_64 glibc-headers.x86_64 gmp.x86_64 gnome-doc-utils.noarch gnome-keyring.x86_64 gnome-mime-data.x86_64 gnome-mount.x86_64 gnome-python2.x86_64 gnome-python2-bonobo.x86_64 gnome-python2-canvas.x86_64 gnome-python2-gconf.x86_64 gnome-python2-gnomevfs.x86_64 gnome-vfs2.x86_64 gnupg.x86_64 gnutls.x86_64 gpm.x86_64 grep.x86_64 groff.x86_64 grub.x86_64 gtk2.x86_64 gtk2-devel.x86_64 gtk2-engines.x86_64 gzip.x86_64 hal.x86_64 hesiod.x86_64 hicolor-icon-theme.noarch htmlview.noarch httpd.x86_64 hwdata.noarch ifd-egate.x86_64 imake.x86_64 info.x86_64 initscripts.x86_64 iproute.x86_64 ipsec-tools.x86_64 iptables.x86_64 iptables-ipv6.x86_64 iptstate.x86_64 iputils.x86_64 irda-utils.x86_64 irqbalance.x86_64 jack-audio-connection-kit.x86_64 joe.x86_64 jwhois.x86_64 kbd.x86_64 kernel.x86_64 kernel-devel.x86_64 kernel-headers.x86_64 keyutils-libs.x86_64 keyutils-libs-devel.x86_64 kpartx.x86_64 krb5-devel.x86_64 krb5-libs.x86_64 krb5-workstation.x86_64 ksh.x86_64 kudzu.x86_64 lcms.x86_64 less.x86_64 lftp.x86_64 libFS.x86_64 libICE.x86_64 libIDL.x86_64 libSM.x86_64 libX11.x86_64 libX11-devel.x86_64 libXTrap.x86_64 libXau.x86_64 libXaw.x86_64 libXcursor.x86_64 libXdmcp.x86_64 libXext.x86_64 libXfixes.x86_64 libXfont.x86_64 libXfontcache.x86_64 libXft.x86_64 libXi.x86_64 libXinerama.x86_64 libXmu.x86_64 libXpm.x86_64 libXrandr.x86_64 libXrender.x86_64 libXres.x86_64 libXt.x86_64 libXtst.x86_64 libXv.x86_64 libXxf86dga.x86_64 libXxf86misc.x86_64 libXxf86vm.x86_64 libacl.x86_64 libaio.x86_64 libart_lgpl.x86_64 libart_lgpl-devel.x86_64 libattr.x86_64 libbonobo.x86_64 libbonoboui.x86_64 libcap.x86_64 libdaemon.x86_64 libdmx.x86_64 libdrm.x86_64 libevent.x86_64 libfontenc.x86_64 libgcc.x86_64 libgcrypt.x86_64 libglade2.x86_64 libgnome.x86_64 libgnomecanvas.x86_64 libgnomeui.x86_64 libgomp.x86_64 libgpg-error.x86_64 libgssapi.x86_64 libhugetlbfs.x86_64 libidn.x86_64 libidn-devel.x86_64 libjpeg.x86_64 libmng.x86_64 libnotify.x86_64 libogg.x86_64 libogg-devel.x86_64 libpcap.x86_64 libpng.x86_64 libselinux.x86_64 libselinux-devel.x86_64 libselinux-python.x86_64 libsemanage.x86_64 libsepol.x86_64 libsepol-devel.x86_64 libstdc++.x86_64 libstdc++-devel.x86_64 libsysfs.x86_64 libtermcap.x86_64 libtermcap-devel.x86_64 libtiff.x86_64 libtiff-devel.x86_64 libtool-ltdl.x86_64 libtool-ltdl-devel.x86_64 libusb.x86_64 libusb-devel.x86_64 libuser.x86_64 libutempter.x86_64 libvolume_id.x86_64 libvorbis.x86_64 libvorbis-devel.x86_64 libwnck.x86_64 libxkbfile.x86_64 libxml2.x86_64 libxml2-devel.x86_64 libxml2-python.x86_64 libxslt.x86_64 lm_sensors.x86_64 lockdev.x86_64 lockdev-devel.x86_64 logrotate.x86_64 logwatch.noarch lsof.x86_64 lvm2.x86_64 m2crypto.x86_64 m4.x86_64 mailcap.noarch mailx.x86_64 make.x86_64 man.x86_64 man-pages.noarch mc.x86_64 mcelog.x86_64 mcstrans.x86_64 mdadm.x86_64 mesa-libGL.x86_64 mesa-libGL-devel.x86_64 metacity.x86_64 mgetty.x86_64 microcode_ctl.x86_64 mingetty.x86_64 mkbootdisk.x86_64 mkinitrd.x86_64 mkisofs.x86_64 mktemp.x86_64 mlocate.x86_64 module-init-tools.x86_64 mtools.x86_64 mtr.x86_64 mysql.x86_64 mysql-devel.x86_64 mysql-server.x86_64 nano.x86_64 nas.x86_64 nash.x86_64 nc.x86_64 ncurses.x86_64 ncurses-devel.x86_64 neon.x86_64 net-tools.x86_64 newt.x86_64 newt-devel.x86_64 nfs-utils.x86_64 nfs-utils-lib.x86_64 notification-daemon.x86_64 notify-python.x86_64 nscd.x86_64 nspr.x86_64 nss.x86_64 nss-tools.x86_64 nss_db.x86_64 nss_ldap.x86_64 ntp.x86_64 ntsysv.x86_64 numactl.x86_64 oddjob.x86_64 oddjob-libs.x86_64 openjade.x86_64 openldap.x86_64 openldap-devel.x86_64 opensp.x86_64 openssh.x86_64 openssh-clients.x86_64 openssh-server.x86_64 openssl.x86_64 openssl-devel.x86_64 pam.x86_64 pam_ccreds.x86_64 pam_krb5.x86_64 pam_passwdqc.x86_64 pam_pkcs11.x86_64 pam_smb.x86_64 pango.x86_64 paps.x86_64 parted.x86_64 passwd.x86_64 patch.x86_64 pax.x86_64 pciutils.x86_64 pcmciautils.x86_64 pcre.x86_64 pcsc-lite.x86_64 pcsc-lite-libs.x86_64 perl.x86_64 perl-Compress-Zlib.x86_64 perl-DBD-MySQL.x86_64 perl-DBI.x86_64 perl-DateManip.noarch perl-Digest-HMAC.noarch perl-Digest-SHA1.x86_64 perl-HTML-Parser.x86_64 perl-HTML-Tagset.noarch perl-Net-DNS.x86_64 perl-Net-IP.noarch perl-String-CRC32.x86_64 perl-URI.noarch perl-XML-Parser.x86_64 perl-libwww-perl.noarch perl-suidperl.x86_64 pfmon.x86_64 php.x86_64 php-cli.x86_64 php-common.x86_64 php-devel.x86_64 php-gd.x86_64 php-ldap.x86_64 php-mbstring.x86_64 php-mysql.x86_64 php-pdo.x86_64 php-pear.noarch php-pear-DB.noarch piafdl.noarch piafxtras.noarch pinfo.x86_64 pirut.noarch pkgconfig.x86_64 pkinit-nss.x86_64 pm-utils.x86_64 policycoreutils.x86_64 popt.x86_64 portmap.x86_64 postgresql-libs.x86_64 ppp.x86_64 procmail.x86_64 procps.x86_64 psacct.x86_64 psmisc.x86_64 pulseaudio-libs.x86_64 pycairo.x86_64 pygobject2.x86_64 pygtk2.x86_64 pygtk2-libglade.x86_64 pyorbit.x86_64 python.x86_64 python-elementtree.x86_64 python-iniparse.noarch python-numeric.x86_64 python-sqlite.x86_64 python-urlgrabber.noarch pyxf86config.x86_64 qt.x86_64 quota.x86_64 rdate.x86_64 rdist.x86_64 readahead.x86_64 readline.x86_64 readline-devel.x86_64 redhat-artwork.x86_64 redhat-logos.noarch redhat-lsb.x86_64 redhat-menus.noarch rhpl.x86_64 rhpxl.x86_64 rmt.x86_64 rng-utils.x86_64 rootfiles.noarch rp-pppoe.x86_64 rpm.x86_64 rpm-build.x86_64 rpm-libs.x86_64 rpm-python.x86_64 rsh.x86_64 rsync.x86_64 scrollkeeper.x86_64 sed.x86_64 selinux-policy.noarch sendmail.x86_64 setarch.x86_64 setup.noarch setuptool.x86_64 sgml-common.noarch shadow-utils.x86_64 shared-mime-info.x86_64 slang.x86_64 slang-devel.x86_64 smartmontools.x86_64 sos.noarch sox.x86_64 specspo.noarch sqlite.x86_64 startup-notification.x86_64 stunnel.x86_64 subversion.x86_64 sudo.x86_64 symlinks.x86_64 sysfsutils.x86_64 sysklogd.x86_64 syslinux.x86_64 system-config-date.noarch system-config-network.noarch system-config-network-tui.noarch system-config-securitylevel-tui.x86_64 talk.x86_64 tar.x86_64 tcp_wrappers.x86_64 tcpdump.x86_64 tcsh.x86_64 telnet.x86_64 termcap.noarch tftp-server.x86_64 time.x86_64 tmpwatch.x86_64 traceroute.x86_64 tree.x86_64 ttmkfdir.x86_64 tzdata.x86_64 udev.x86_64 unix2dos.x86_64 unixODBC.x86_64 unzip.x86_64 usbutils.x86_64 usermode.x86_64 usermode-gtk.x86_64 util-linux.x86_64 vconfig.x86_64 vim-minimal.x86_64 vixie-cron.x86_64 webmin.noarch wget.x86_64 which.x86_64 wireless-tools.x86_64 words.noarch wpa_supplicant.x86_64 xinetd.x86_64 xml-common.noarch xorg-x11-drv-evdev.x86_64 xorg-x11-drv-keyboard.x86_64 xorg-x11-drv-mouse.x86_64 xorg-x11-drv-vesa.x86_64 xorg-x11-drv-void.x86_64 xorg-x11-filesystem.noarch xorg-x11-font-utils.x86_64 xorg-x11-fonts-base.noarch xorg-x11-server-Xorg.x86_64 xorg-x11-server-utils.x86_64 xorg-x11-twm.x86_64 xorg-x11-utils.x86_64 xorg-x11-xauth.x86_64 xorg-x11-xfs.x86_64 xorg-x11-xinit.x86_64 xorg-x11-xkb-utils.x86_64 xulrunner.x86_64 yelp.x86_64 yp-tools.x86_64 ypbind.x86_64 yum.noarch yum-metadata-parser.x86_64 yum-updatesd.noarch yum-utils.noarch zip.x86_64 zlib.x86_64 zlib-devel.x86_64 73 | else 74 | # Install the 32 bit PIAF Dependencies. 75 | yum -y install GConf2.i386 MAKEDEV.i386 NetworkManager.i386 NetworkManager-glib.i386 ORBit2.i386 OpenIPMI.i386 OpenIPMI-libs.i386 SDL.i386 SysVinit.i386 acpid.i386 alsa-lib.i386 alsa-lib-devel.i386 alsa-utils.i386 amtu.i386 anacron.i386 apmd.i386 apr.i386 apr-util.i386 arts.i386 arts-devel.i386 aspell.i386 aspell-en.i386 at.i386 atk.i386 atk-devel.i386 attr.i386 audiofile.i386 audiofile-devel.i386 audit.i386 audit-libs.i386 audit-libs-python.i386 authconfig.i386 authconfig-gtk.i386 autoconf.noarch autofs.i386 automake.noarch avahi.i386 avahi-compat-libdns_sd.i386 avahi-glib.i386 basesystem.noarch bash.i386 bc.i386 bind.i386 bind-libs.i386 bind-utils.i386 binutils.i386 bison.i386 bitstream-vera-fonts.noarch bluez-gnome.i386 bluez-libs.i386 bluez-utils.i386 bzip2.i386 bzip2-libs.i386 cairo.i386 cairo-devel.i386 ccid.i386 centos-release.i386 centos-release-notes.i386 chkconfig.i386 chkfontpath.i386 comps-extras.noarch conman.i386 coolkey.i386 coreutils.i386 cpio.i386 cpp.i386 cpuspeed.i386 cracklib.i386 cracklib-dicts.i386 crash.i386 crontabs.noarch cryptsetup-luks.i386 cups.i386 cups-libs.i386 curl.i386 curl-devel.i386 cvs.i386 cyrus-sasl.i386 cyrus-sasl-lib.i386 cyrus-sasl-plain.i386 db4.i386 dbus.i386 dbus-glib.i386 dbus-libs.i386 dbus-python.i386 dejavu-lgc-fonts.noarch desktop-backgrounds-basic.noarch desktop-file-utils.i386 device-mapper.i386 device-mapper-event.i386 device-mapper-multipath.i386 dhclient.i386 dhcp.i386 dhcpv6-client.i386 dialog.i386 diffutils.i386 dmidecode.i386 dmraid.i386 dmraid-events.i386 dnsmasq.i386 docbook-dtds.noarch dos2unix.i386 dosfstools.i386 dump.i386 e2fsprogs.i386 e2fsprogs-devel.i386 e2fsprogs-libs.i386 ed.i386 eject.i386 elfutils.i386 elfutils-libelf.i386 elfutils-libs.i386 esound.i386 esound-devel.i386 ethtool.i386 expat.i386 fbset.i386 file.i386 filesystem.i386 findutils.i386 finger.i386 fipscheck.i386 fipscheck-lib.i386 firstboot.i386 firstboot-tui.i386 flex.i386 flite.i386 flite-devel.i386 fontconfig.i386 fontconfig-devel.i386 freetype.i386 freetype-devel.i386 ftp.i386 gamin.i386 gamin-python.i386 gawk.i386 gcc.i386 gcc-c++.i386 gd.i386 gdbm.i386 gettext.i386 glib2.i386 glib2-devel.i386 glibc.i686 glibc-common.i386 glibc-devel.i386 glibc-headers.i386 gmp.i386 gnome-doc-utils.noarch gnome-keyring.i386 gnome-mime-data.i386 gnome-mount.i386 gnome-python2.i386 gnome-python2-bonobo.i386 gnome-python2-canvas.i386 gnome-python2-gconf.i386 gnome-python2-gnomevfs.i386 gnome-vfs2.i386 gnupg.i386 gnutls.i386 gpm.i386 grep.i386 groff.i386 grub.i386 gtk2.i386 gtk2-devel.i386 gtk2-engines.i386 gzip.i386 hal.i386 hesiod.i386 hicolor-icon-theme.noarch hmaccalc.i386 htmlview.noarch httpd.i386 hwdata.noarch ibmasm.i386 ifd-egate.i386 imake.i386 info.i386 initscripts.i386 iproute.i386 ipsec-tools.i386 iptables.i386 iptables-ipv6.i386 iptstate.i386 iputils.i386 irda-utils.i386 irqbalance.i386 jack-audio-connection-kit.i386 joe.i386 jwhois.i386 kbd.i386 kernel.i686 kernel-devel.i686 kernel-headers.i386 keyutils-libs.i386 keyutils-libs-devel.i386 kpartx.i386 krb5-devel.i386 krb5-libs.i386 krb5-workstation.i386 ksh.i386 kudzu.i386 lcms.i386 less.i386 lftp.i386 libFS.i386 libICE.i386 libIDL.i386 libSM.i386 libX11.i386 libX11-devel.i386 libXTrap.i386 libXau.i386 libXau-devel.i386 libXaw.i386 libXcursor.i386 libXcursor-devel.i386 libXdmcp.i386 libXdmcp-devel.i386 libXext.i386 libXext-devel.i386 libXfixes.i386 libXfixes-devel.i386 libXfont.i386 libXfontcache.i386 libXft.i386 libXft-devel.i386 libXi.i386 libXi-devel.i386 libXinerama.i386 libXinerama-devel.i386 libXmu.i386 libXpm.i386 libXrandr.i386 libXrandr-devel.i386 libXrender.i386 libXrender-devel.i386 libXres.i386 libXt.i386 libXtst.i386 libXv.i386 libXxf86dga.i386 libXxf86misc.i386 libXxf86vm.i386 libacl.i386 libaio.i386 libart_lgpl.i386 libart_lgpl-devel.i386 libattr.i386 libbonobo.i386 libbonoboui.i386 libcap.i386 libdaemon.i386 libdmx.i386 libdrm.i386 libfontenc.i386 libgcc.i386 libgcrypt.i386 libglade2.i386 libgnome.i386 libgnomecanvas.i386 libgnomeui.i386 libgomp.i386 libgpg-error.i386 libidn.i386 libidn-devel.i386 libjpeg.i386 libmng.i386 libnotify.i386 libogg.i386 libogg-devel.i386 libpcap.i386 libpng.i386 libpng-devel.i386 libselinux.i386 libselinux-devel.i386 libselinux-python.i386 libselinux-utils.i386 libsemanage.i386 libsepol.i386 libsepol-devel.i386 libstdc++.i386 libstdc++-devel.i386 libsysfs.i386 libtermcap.i386 libtermcap-devel.i386 libtiff.i386 libtiff-devel.i386 libtool-ltdl.i386 libtool-ltdl-devel.i386 libusb.i386 libusb-devel.i386 libuser.i386 libutempter.i386 libvolume_id.i386 libvorbis.i386 libvorbis-devel.i386 libwnck.i386 libxkbfile.i386 libxml2.i386 libxml2-devel.i386 libxml2-python.i386 libxslt.i386 lm_sensors.i386 logrotate.i386 logwatch.noarch lsof.i386 lvm2.i386 m2crypto.i386 m4.i386 mailcap.noarch mailx.i386 make.i386 man.i386 man-pages.noarch mc.i386 mcstrans.i386 mdadm.i386 mesa-libGL.i386 mesa-libGL-devel.i386 metacity.i386 mgetty.i386 microcode_ctl.i386 mingetty.i386 mkbootdisk.i386 mkinitrd.i386 mkisofs.i386 mktemp.i386 mlocate.i386 mod_perl.i386 module-init-tools.i386 mtools.i386 mtr.i386 mysql.i386 mysql-devel.i386 mysql-server.i386 nano.i386 nas.i386 nash.i386 nc.i386 ncurses.i386 ncurses-devel.i386 neon.i386 net-snmp-libs.i386 net-tools.i386 newt.i386 newt-devel.i386 nmap.i386 notification-daemon.i386 notify-python.i386 nscd.i386 nspr.i386 nss.i386 nss-tools.i386 nss_db.i386 nss_ldap.i386 ntp.i386 ntsysv.i386 numactl.i386 oddjob.i386 oddjob-libs.i386 openjade.i386 openldap.i386 opensp.i386 openssh.i386 openssh-clients.i386 openssh-server.i386 openssl.i686 openssl-devel.i386 pam.i386 pam_ccreds.i386 pam_krb5.i386 pam_passwdqc.i386 pam_pkcs11.i386 pam_smb.i386 pango.i386 pango-devel.i386 paps.i386 parted.i386 passwd.i386 patch.i386 pax.i386 pciutils.i386 pcmciautils.i386 pcre.i386 pcsc-lite.i386 pcsc-lite-libs.i386 perl.i386 perl-BSD-Resource.i386 perl-Compress-Zlib.i386 perl-Convert-ASN1.noarch perl-DBD-mysql.i386 perl-DBI.i386 perl-DateManip.noarch perl-Digest-HMAC.noarch perl-Digest-SHA1.i386 perl-HTML-Parser.i386 perl-HTML-Tagset.noarch perl-Net-DNS.i386 perl-String-CRC32.i386 perl-URI.noarch perl-XML-Parser.i386 perl-libwww-perl.noarch perl-suidperl.i386 php.i386 php-cli.i386 php-common.i386 php-devel.i386 php-gd.i386 php-mbstring.i386 php-mysql.i386 php-pdo.i386 php-pear.noarch php-pear-DB.noarch piafdl.noarch piafxtras.noarch pinfo.i386 pirut.noarch pkgconfig.i386 pkinit-nss.i386 pm-utils.i386 policycoreutils.i386 popt.i386 portmap.i386 postgresql-libs.i386 ppp.i386 prelink.i386 procmail.i386 procps.i386 psacct.i386 psmisc.i386 pulseaudio-libs.i386 pycairo.i386 pygobject2.i386 pygtk2.i386 pygtk2-libglade.i386 pyorbit.i386 python.i386 python-elementtree.i386 python-iniparse.noarch python-numeric.i386 python-sqlite.i386 python-urlgrabber.noarch pyxf86config.i386 qt.i386 quota.i386 rdate.i386 rdist.i386 readahead.i386 readline.i386 redhat-artwork.i386 redhat-logos.noarch redhat-lsb.i386 redhat-menus.noarch redhat-rpm-config.noarch rhpl.i386 rhpxl.i386 rmt.i386 rng-utils.i386 rp-pppoe.i386 rpm.i386 rpm-build.i386 rpm-libs.i386 rpm-python.i386 rsh.i386 rsync.i386 samba.i386 screen.i386 scrollkeeper.i386 sed.i386 selinux-policy.noarch selinux-policy-targeted.noarch sendmail.i386 sendmail-cf.i386 setarch.i386 setup.noarch setuptool.i386 sgml-common.noarch sgpio.i386 shadow-utils.i386 shared-mime-info.i386 slang.i386 slang-devel.i386 smartmontools.i386 sos.noarch sox.i386 specspo.noarch sqlite.i386 startup-notification.i386 stunnel.i386 subversion.i386 sudo.i386 symlinks.i386 sysfsutils.i386 sysklogd.i386 syslinux.i386 system-config-date.noarch system-config-display.noarch system-config-keyboard.noarch system-config-language.noarch system-config-network.noarch system-config-network-tui.noarch system-config-securitylevel.i386 system-config-securitylevel-tui.i386 system-config-soundcard.noarch system-config-users.noarch talk.i386 tar.i386 tcl.i386 tcp_wrappers.i386 tcpdump.i386 tcsh.i386 telnet.i386 termcap.noarch tftp-server.i386 time.i386 tmpwatch.i386 traceroute.i386 tree.i386 ttmkfdir.i386 tzdata.i386 udev.i386 unix2dos.i386 unixODBC.i386 unzip.i386 usbutils.i386 usermode.i386 usermode-gtk.i386 util-linux.i386 vconfig.i386 vim-minimal.i386 vixie-cron.i386 vsftpd.i386 webmin.noarch wget.i386 which.i386 wireless-tools.i386 words.noarch wpa_supplicant.i386 xinetd.i386 xkeyboard-config.noarch xml-common.noarch xorg-x11-apps.i386 xorg-x11-drivers.i386 xorg-x11-drv-acecad.i386 xorg-x11-drv-aiptek.i386 xorg-x11-drv-apm.i386 xorg-x11-drv-ark.i386 xorg-x11-drv-ast.i386 xorg-x11-drv-ati.i386 xorg-x11-drv-calcomp.i386 xorg-x11-drv-chips.i386 xorg-x11-drv-cirrus.i386 xorg-x11-drv-citron.i386 xorg-x11-drv-cyrix.i386 xorg-x11-drv-digitaledge.i386 xorg-x11-drv-dmc.i386 xorg-x11-drv-dummy.i386 xorg-x11-drv-dynapro.i386 xorg-x11-drv-elo2300.i386 xorg-x11-drv-elographics.i386 xorg-x11-drv-evdev.i386 xorg-x11-drv-fbdev.i386 xorg-x11-drv-fpit.i386 xorg-x11-drv-glint.i386 xorg-x11-drv-hyperpen.i386 xorg-x11-drv-i128.i386 xorg-x11-drv-i740.i386 xorg-x11-drv-i810.i386 xorg-x11-drv-jamstudio.i386 xorg-x11-drv-joystick.i386 xorg-x11-drv-keyboard.i386 xorg-x11-drv-magellan.i386 xorg-x11-drv-magictouch.i386 xorg-x11-drv-mga.i386 xorg-x11-drv-microtouch.i386 xorg-x11-drv-mouse.i386 xorg-x11-drv-mutouch.i386 xorg-x11-drv-neomagic.i386 xorg-x11-drv-nsc.i386 xorg-x11-drv-nv.i386 xorg-x11-drv-palmax.i386 xorg-x11-drv-penmount.i386 xorg-x11-drv-rendition.i386 xorg-x11-drv-s3.i386 xorg-x11-drv-s3virge.i386 xorg-x11-drv-savage.i386 xorg-x11-drv-siliconmotion.i386 xorg-x11-drv-sis.i386 xorg-x11-drv-sisusb.i386 xorg-x11-drv-spaceorb.i386 xorg-x11-drv-summa.i386 xorg-x11-drv-tdfx.i386 xorg-x11-drv-tek4957.i386 xorg-x11-drv-trident.i386 xorg-x11-drv-tseng.i386 xorg-x11-drv-ur98.i386 xorg-x11-drv-v4l.i386 xorg-x11-drv-vesa.i386 xorg-x11-drv-vga.i386 xorg-x11-drv-via.i386 xorg-x11-drv-vmmouse.i386 xorg-x11-drv-vmware.i386 xorg-x11-drv-void.i386 xorg-x11-drv-voodoo.i386 xorg-x11-filesystem.noarch xorg-x11-font-utils.i386 xorg-x11-fonts-ISO8859-1-75dpi.noarch xorg-x11-fonts-Type1.noarch xorg-x11-fonts-base.noarch xorg-x11-proto-devel.i386 xorg-x11-server-Xorg.i386 xorg-x11-server-utils.i386 xorg-x11-utils.i386 xorg-x11-xauth.i386 xorg-x11-xfs.i386 xorg-x11-xinit.i386 xorg-x11-xkb-utils.i386 xsri.i386 xulrunner.i386 yelp.i386 yp-tools.i386 ypbind.i386 yum.noarch yum-fastestmirror.noarch yum-metadata-parser.i386 yum-updatesd.noarch zip.i386 zlib.i386 zlib-devel.i386 76 | fi 77 | 78 | #Update it 79 | yum -y update 80 | 81 | #Make the ISO look like a PiaF, but don't start the install on reboot 82 | 83 | mkdir -p /etc/pbx 84 | date --iso-8601=minutes > /etc/pbx/install-date 85 | echo "ISO=$PIAFVERS" > /etc/pbx/ISO-Version 86 | echo "method=pbx=$PIAFVERS ks - from existing CentOS install" > /etc/pbx/install-method 87 | 88 | 89 | #Note this step does not work on OpenVZ as we cannot mount - consider an update using fuseiso. 90 | #Alternatively, PiaF dev team could put these files up for download, and adjust this script" 91 | clear 92 | echo "================================================================================" 93 | echo "This next step will download the PiaF ISO and install" 94 | echo "the dependencies that are included on the ISO but" 95 | echo "but are not available in the CentOS repository." 96 | echo "================================================================================" 97 | echo "If this is an OpenVZ (e.g. Proxmox install) then the" 98 | echo "following steps will fail, and you will have to install the" 99 | echo "following pachages manually from your copy of the ISO in the " 100 | echo "/pbx directory of the PIAF ISO." 101 | echo "" 102 | echo "================================================================================" 103 | echo "The packages to upload and install are:-" 104 | echo "flite flite-devel jack-audio-connection-kit nas piafdl piafxtras pulseaudio-libs webmin pfmon" 105 | echo "================================================================================" 106 | echo "NB. you can exit now, and install the above manually and save some bandwidth," 107 | echo "================================================================================" 108 | echo "After reboot execute piafdl" 109 | echo "Press CTRL C to exit or enter to continue" 110 | read TEMP 111 | clear 112 | 113 | 114 | #Download appropriate ISO. 115 | cd /tmp 116 | 117 | rm -rf pbxinaflash*.iso 118 | 119 | if [ $KERNELARCH = "x86_64" ]; then 120 | wget $PIAFLOC64 121 | else 122 | wget $PIAFLOC32 123 | fi 124 | 125 | #Mount it 126 | mkdir /mnt/piaf 127 | mount -o loop /tmp/pbxinaflash*.iso /mnt/piaf/ 128 | 129 | #Install the dependencies 130 | cd /mnt/piaf/pbx/ 131 | yum --nogpgcheck --skip-broken localinstall flite-1*.rpm flite-devel*.rpm jack-audio-connection-kit*.rpm nas*.rpm piafdl*.rpm piafxtras*.rpm pulseaudio-libs*.rpm webmin*.rpm 132 | 133 | #Don't install automatically, because you won't see the screen! 134 | #echo "/usr/local/sbin/piafdl" >> /etc/rc.d/rc3.d/S99local 135 | 136 | #now clean up 137 | 138 | cd ~ 139 | umount /mnt/piaf/ 140 | rm -rf /mnt/pbx/ 141 | rm -rf /tmp/pbxinaflash*.iso 142 | 143 | #May as well check we have an up-to-date system, again. 144 | yum -y update 145 | 146 | #Now put in the piaf-extras menu 147 | cp -f /usr/src/piafxtras/preinstallmenu/piafxtras-menu /usr/local/sbin/piafxtras-menu 148 | chmod +x /usr/local/sbin/piafxtras-menu 149 | cat /usr/src/piafxtras/preinstallmenu/motd.tmp >/etc/motd 150 | 151 | echo "" 152 | echo "" 153 | echo "" 154 | echo "Reboot the server, then type piafdl to continue the installation." 155 | echo "Press CTRL C to exit or enter to reboot" 156 | read TEMP 157 | 158 | reboot 159 | -------------------------------------------------------------------------------- /install-asterisk-freepbx-on-ubuntu.sh: -------------------------------------------------------------------------------- 1 | #/bin/sh 2 | #Install Asterisk and FreePBX on Ubuntu LTS 10 3 | #Copyright (C) 2010-11 Star2Billing S.L. jonathan@star2billing.com 4 | 5 | #This program is free software; you can redistribute it and/or 6 | #modify it under the terms of the GNU General Public License 7 | #as published by the Free Software Foundation; either version 2 8 | #of the License, or (at your option) any later version. 9 | 10 | #This program is distributed in the hope that it will be useful, 11 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | #GNU General Public License for more details. 14 | 15 | #You should have received a copy of the GNU General Public License 16 | #along with this program; if not, write to the Free Software 17 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 18 | 19 | ####### This script is deprecated ########### 20 | ####### Please use install-ballistic-pbx.sh ########## 21 | 22 | 23 | # -------- preparation ------------ 24 | 25 | 26 | # ---------------------- Asterisk ------------------------ 27 | function funcasterisk() 28 | { 29 | 30 | #Asterisk Versions. 31 | ASTERISK18VER=asterisk-1.8-current.tar.gz 32 | ASTERISK10VER=asterisk-10-current.tar.gz 33 | 34 | 35 | #Add Asterisk group and user 36 | grep -c "^asterisk:" /etc/group &> /dev/null 37 | if [ $? = 1 ]; then 38 | /usr/sbin/groupadd -r -f asterisk 39 | else 40 | echo "group asterisk already present" 41 | fi 42 | 43 | grep -c "^asterisk:" /etc/passwd &> /dev/null 44 | if [ $? = 1 ]; then 45 | echo "adding user asterisk..." 46 | /usr/sbin/useradd -c "Asterisk" -g asterisk \ 47 | -r -s /bin/bash -m -d /var/lib/asterisk \ 48 | asterisk 49 | else 50 | echo "user asterisk already present" 51 | fi 52 | 53 | #Select Asterisk version 54 | 55 | cd /usr/src 56 | 57 | 58 | ASTVER=4 59 | until [ $ASTVER -lt 4 ] ; do 60 | clear 61 | echo "Select Asterisk Version to install" 62 | echo "Press 1 for Asterisk 1.6 or Asterisk 1.4" 63 | echo "2 for 1.8" 64 | echo "3 for Asterisk 10" 65 | read ASTVER < /dev/tty 66 | echo $ASTVER 67 | done 68 | 69 | rm -rf asterisk*.tar.gz 70 | 71 | case $ASTVER in 72 | 1) 73 | echo "Enter Asterisk Version, e.g. 1.6.2.20 or 1.4.42)" 74 | read ASTVERSION 75 | if [ -z "$ASTVERSION" ]; then 76 | ASTVERSION="1.4.42" 77 | fi 78 | echo "Enter Asterisk Addons Version, e.g. 1.6.2.4 or 1.4.13)" 79 | read ASTADDONSVERSION 80 | if [ -z "$ASTADDONSVERSION" ]; then 81 | ASTADDONSVERSION="1.4.13" 82 | fi 83 | wget http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-$ASTVERSION.tar.gz 84 | wget http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-addons-$ASTADDONSVERSION.tar.gz 85 | tar zxf asterisk-$ASTVERSION.tar.gz 86 | tar zxf asterisk-addons-$ASTADDONSVERSION.tar.gz 87 | ;; 88 | 2) 89 | wget http://downloads.asterisk.org/pub/telephony/asterisk/$ASTERISK18VER 90 | tar zxf $ASTERISK18VER 91 | ;; 92 | 3) 93 | wget http://downloads.asterisk.org/pub/telephony/asterisk/$ASTERISK10VER 94 | tar zxf $ASTERISK10VER 95 | ;; 96 | esac 97 | 98 | 99 | rm -rf libpri*.tar.gz 100 | rm -rf dahdi*.tar.gz 101 | wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-1.4-current.tar.gz 102 | wget http://downloads.digium.com/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz 103 | 104 | tar zxf libpri-1.4-current.tar.gz 105 | tar zxf dahdi-linux-complete-current.tar.gz 106 | 107 | 108 | rm -rf *.tar.gz 109 | 110 | mv libpri* libpri 111 | mv asterisk-1* asterisk 112 | mv asterisk-addons* asterisk-addons 113 | mv dahdi-linux-complete* dahdi-linux-complete 114 | 115 | 116 | #Install Asterisk 117 | 118 | 119 | cd /usr/src/libpri 120 | make clean 121 | make 122 | make install 123 | cd /usr/src 124 | 125 | 126 | #Create directory and file to get meetme working 127 | mkdir /usr/include/dahdi/ 128 | cp /usr/src/dahdi-linux-complete/linux/include/dahdi/user.h /usr/include/dahdi/user.h 129 | 130 | cd /usr/src/dahdi-linux-complete 131 | make all 132 | make install 133 | make config 134 | cd /usr/src 135 | 136 | /etc/init.d/dahdi start 137 | 138 | 139 | #install Asterisk 140 | cd /usr/src/asterisk 141 | make clean 142 | ./configure 143 | make menuselect 144 | if [ $ASTVER -ge 2 ] 145 | then 146 | /usr/src/asterisk/contrib/scripts/get_mp3_source.sh 147 | fi 148 | make 149 | make install 150 | make samples 151 | #make progdocs 152 | 153 | 154 | 155 | #create /var/run/asterisk for asterisk to run in and set permissions 156 | mkdir /var/run/asterisk/ 157 | 158 | 159 | 160 | 161 | 162 | #Set directory for MOH 163 | mkdir /var/lib/asterisk/mohmp3/ 164 | 165 | 166 | touch /etc/asterisk/chan_dahdi.conf 167 | 168 | #Set permissions to run asterisk as asterisk user 169 | chown -R asterisk:asterisk /var/log/asterisk/ /etc/asterisk/ /var/lib/asterisk/ /var/run/asterisk 170 | 171 | #Add include for Dahdi channels 172 | echo "#include dahdi-channels.conf" >> /etc/asterisk/chan_dahdi.conf 173 | dahdi_genconf -F 174 | 175 | #bit of a bodge here, just incase this script gets run twice 176 | sed -i 's/\/var\/run\/asterisk/\/var\/run/g' /etc/asterisk/asterisk.conf 177 | sed -i 's/\/var\/run/\/var\/run\/asterisk/g' /etc/asterisk/asterisk.conf 178 | 179 | #The others should be OK not duplicate 180 | sed -i 's/;runuser/runuser/g' /etc/asterisk/asterisk.conf 181 | sed -i 's/;rungroup/rungroup/g' /etc/asterisk/asterisk.conf 182 | sed -i 's/;dahdichanname/dahdichanname/g' /etc/asterisk/asterisk.conf 183 | sed -i 's/;dahdichanname/dahdichanname/g' /etc/asterisk/asterisk.conf 184 | sed -i 's/(!)/ /g' /etc/asterisk/asterisk.conf 185 | sed -i 's/ASTARGS=""/ASTARGS="-U asterisk"/g' /usr/sbin/safe_asterisk 186 | 187 | make config 188 | 189 | #Install Asterisk Addons 190 | if [ $ASTVER -lt 2 ] 191 | then 192 | cd /usr/src/asterisk-addons 193 | make clean 194 | ./configure 195 | make menuselect 196 | make 197 | make install 198 | make samples 199 | fi 200 | 201 | 202 | 203 | #Setup log rotation 204 | 205 | touch /etc/logrotate.d/asterisk 206 | echo ' 207 | 208 | /var/log/asterisk/*log { 209 | missingok 210 | rotate 5 211 | weekly 212 | create 0640 asterisk asterisk 213 | postrotate 214 | /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null 215 | endscript 216 | } 217 | 218 | /var/log/asterisk/full { 219 | missingok 220 | rotate 5 221 | daily 222 | create 0640 asterisk asterisk 223 | postrotate 224 | /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null 225 | endscript 226 | } 227 | 228 | /var/log/asterisk/messages { 229 | missingok 230 | rotate 5 231 | daily 232 | create 0640 asterisk asterisk 233 | postrotate 234 | /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null 235 | endscript 236 | } 237 | 238 | /var/log/asterisk/cdr-csv/*csv { 239 | missingok 240 | rotate 5 241 | monthly 242 | create 0640 asterisk asterisk 243 | } 244 | 245 | ' > /etc/logrotate.d/asterisk 246 | 247 | 248 | chown -R asterisk:asterisk /var/log/asterisk/ /etc/asterisk/ /var/lib/asterisk/ /var/run/asterisk /var/spool/asterisk 249 | 250 | if [ -d /tftpboot ]; then 251 | chown -R asterisk:asterisk /tftpboot 252 | fi 253 | 254 | #Now Asterisk should start 255 | #Disable TTY9 for OpenVZ 256 | sed -i 's/TTY=9/#TTY=9/g' /usr/sbin/safe_asterisk 257 | /etc/init.d/asterisk restart 258 | 259 | sleep 15 260 | 261 | 262 | echo "fxotune -s" >> /etc/rc.local 263 | touch /etc/fxotune.conf 264 | 265 | #funcasterisk 266 | } 267 | 268 | 269 | # ---------------------- Freepbx ------------------------ 270 | function funcfreepbx () 271 | { 272 | 273 | #check asterisk is running, before FreePBX is installed. 274 | 275 | 276 | if test -f /var/run/asterisk/asterisk.pid; then 277 | 278 | #Set Apache to run as asterisk 279 | sed -i 's/www-data/asterisk/g' /etc/apache2/envvars 280 | /etc/init.d/apache2 restart 281 | mysqladmin -u root password 'passw0rd' 282 | 283 | 284 | 285 | # Get FreePBX - Unzip and modify 286 | cd /usr/src 287 | rm -rf freepbx*.tar.gz 288 | wget http://mirror.freepbx.org/freepbx-2.8.0.tar.gz 289 | tar zxfv freepbx*.tar.gz 290 | rm -rf freepbx*.tar.gz 291 | mv freepbx-2* freepbx 292 | mkdir /usr/share/freepbx /var/lib/asterisk/bin 293 | 294 | cd /usr/src/freepbx 295 | 296 | #make some changes to FreePBX 297 | sed -i 's/AUTHTYPE=none/AUTHTYPE=database/g' amportal.conf 298 | sed -i 's/SERVERINTITLE=false/SERVERINTITLE=true/g' amportal.conf 299 | sed -i 's/\/var\/www\/html/\/usr\/share\/freepbx/g' amportal.conf 300 | sed -i 's/# ZAP2DAHDICOMPAT=true|false/ZAP2DAHDICOMPAT=true/g' amportal.conf 301 | #sed -i 's/FOPRUN=true/FOPRUN=false/g' amportal.conf 302 | 303 | #create the MySQL databases 304 | mysqladmin -uroot -ppassw0rd create asterisk 305 | mysqladmin -uroot -ppassw0rd create asteriskcdrdb 306 | mysql -uroot -ppassw0rd asterisk < SQL/newinstall.sql 307 | mysql -uroot -ppassw0rd asteriskcdrdb < SQL/cdr_mysql_table.sql 308 | mysql -uroot -ppassw0rd -e "GRANT ALL PRIVILEGES ON asterisk.* TO asteriskuser@localhost IDENTIFIED BY 'amp109'" 309 | mysql -uroot -ppassw0rd -e "GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO asteriskuser@localhost IDENTIFIED BY 'amp109'" 310 | 311 | cp amportal.conf /etc/amportal.conf 312 | chown -R asterisk:asterisk /etc/amportal.conf 313 | ./install_amp --username=asteriskuser --password=amp109 314 | 315 | 316 | 317 | chown -R asterisk:asterisk /etc/asterisk 318 | chown -R asterisk:asterisk /usr/share/freepbx 319 | chown -R asterisk:asterisk /var/lib/asterisk 320 | 321 | 322 | 323 | #Bring modules upto date and get useful modules 324 | /var/lib/asterisk/bin/module_admin upgradeall 325 | 326 | /var/lib/asterisk/bin/module_admin download asterisk-cli 327 | /var/lib/asterisk/bin/module_admin download asteriskinfo 328 | /var/lib/asterisk/bin/module_admin download backup 329 | /var/lib/asterisk/bin/module_admin download fw_ari 330 | /var/lib/asterisk/bin/module_admin download fw_fop 331 | /var/lib/asterisk/bin/module_admin download iaxsettings 332 | /var/lib/asterisk/bin/module_admin download javassh 333 | /var/lib/asterisk/bin/module_admin download languages 334 | /var/lib/asterisk/bin/module_admin download logfiles 335 | /var/lib/asterisk/bin/module_admin download phpinfo 336 | /var/lib/asterisk/bin/module_admin download sipsettings 337 | /var/lib/asterisk/bin/module_admin download weakpasswords 338 | /var/lib/asterisk/bin/module_admin download fw_langpacks 339 | 340 | /var/lib/asterisk/bin/module_admin install asterisk-cli 341 | /var/lib/asterisk/bin/module_admin install asteriskinfo 342 | /var/lib/asterisk/bin/module_admin install backup 343 | /var/lib/asterisk/bin/module_admin install fw_ari 344 | /var/lib/asterisk/bin/module_admin install fw_fop 345 | /var/lib/asterisk/bin/module_admin install iaxsettings 346 | /var/lib/asterisk/bin/module_admin install javassh 347 | /var/lib/asterisk/bin/module_admin install languages 348 | /var/lib/asterisk/bin/module_admin install logfiles 349 | /var/lib/asterisk/bin/module_admin install phpinfo 350 | /var/lib/asterisk/bin/module_admin install sipsettings 351 | /var/lib/asterisk/bin/module_admin install weakpasswords 352 | /var/lib/asterisk/bin/module_admin install fw_langpacks 353 | 354 | /var/lib/asterisk/bin/module_admin reload 355 | 356 | #Setup FreePBX web pages. 357 | touch /etc/apache2/sites-available/freepbx.conf 358 | echo ' 359 | 360 | Alias /pbx /usr/share/freepbx/ 361 | 362 | DocumentRoot /usr/share/freepbx 363 | 364 | 365 | AllowOverride all 366 | Options Indexes FollowSymLinks 367 | order allow,deny 368 | allow from all 369 | AuthName "PBX Administrator" 370 | AuthType Basic 371 | AuthUserFile /dev/null 372 | AuthBasicAuthoritative off 373 | Auth_MySQL on 374 | Auth_MySQL_Authoritative on 375 | Auth_MySQL_Username asteriskuser 376 | Auth_MySQL_Password amp109 377 | Auth_MySQL_DB asterisk 378 | Auth_MySQL_Password_Table ampusers 379 | Auth_MySQL_Username_Field username 380 | Auth_MySQL_Password_Field password_sha1 381 | Auth_MySQL_Empty_Passwords off 382 | Auth_MySQL_Encryption_Types SHA1Sum 383 | Require valid-user 384 | 385 | 386 | 387 | AllowOverride all 388 | Options Indexes FollowSymLinks 389 | order allow,deny 390 | allow from all 391 | AuthName "Operator Panel" 392 | AuthType Basic 393 | AuthUserFile /dev/null 394 | AuthBasicAuthoritative off 395 | Auth_MySQL on 396 | Auth_MySQL_Authoritative on 397 | Auth_MySQL_Username asteriskuser 398 | Auth_MySQL_Password amp109 399 | Auth_MySQL_DB asterisk 400 | Auth_MySQL_Password_Table ampusers 401 | Auth_MySQL_Username_Field username 402 | Auth_MySQL_Password_Field password_sha1 403 | Auth_MySQL_Empty_Passwords off 404 | Auth_MySQL_Encryption_Types SHA1Sum 405 | Require valid-user 406 | 407 | 408 | 409 | php_flag magic_quotes_gpc Off 410 | php_flag track_vars On 411 | php_flag register_globals Off 412 | php_value upload_max_filesize 100M 413 | php_value memory_limit 100M 414 | php_value magic_quotes_gpc off 415 | 416 | 417 | 418 | 419 | ' > /etc/apache2/sites-available/freepbx.conf 420 | 421 | ln -s /etc/apache2/sites-available/freepbx.conf /etc/apache2/sites-enabled/freepbx.conf 422 | 423 | 424 | echo " 425 | Options -Indexes 426 | 427 | deny from all 428 | 429 | " > /usr/share/freepbx/admin/modules/.htaccess 430 | 431 | 432 | #Set the AMI to only listen on 127.0.0.1 433 | sed -i 's/bindaddr = 0.0.0.0/bindaddr = 127.0.0.1/g' /etc/asterisk/manager.conf 434 | 435 | 436 | #Get FreePBX to start automatically on boot. 437 | 438 | echo '#!/bin/bash' > /etc/init.d/amportal-start 439 | echo '/usr/local/sbin/amportal start' >> /etc/init.d/amportal-start 440 | chmod +x /etc/init.d/amportal-start 441 | update-rc.d amportal-start start 99 2 3 4 5 . 442 | 443 | 444 | echo '#!/bin/bash' > /etc/init.d/amportal-stop 445 | echo '/usr/local/sbin/amportal stop' >> /etc/init.d/amportal-stop 446 | chmod +x /etc/init.d/amportal-stop 447 | update-rc.d amportal-stop stop 10 0 1 6 . 448 | 449 | /etc/init.d/asterisk stop 450 | update-rc.d -f asterisk remove 451 | 452 | /etc/init.d/apache2 restart 453 | amportal kill 454 | dahdi_genconf -F 455 | /etc/init.d/dahdi restart 456 | amportal start 457 | 458 | else 459 | clear 460 | echo "asterisk is not running" 461 | echo "please correct this before installing FreePBX" 462 | echo "Press enter to return to the install menu." 463 | read temp 464 | fi 465 | 466 | 467 | #funcfreepbx 468 | } 469 | 470 | 471 | 472 | 473 | # ----------------------IP Tables ------------------------ 474 | function funciptables () 475 | { 476 | #firewall script for VoIP 477 | #To add a range of IP Addresses - use the following syntax 478 | #iptables -A INPUT -p tcp --destination-port 22 -m iprange --src-range 192.168.1.100-192.168.1.200 -j ACCEPT 479 | #Or single IP Address - for VoIP 480 | #iptables -A INPUT -p udp -s 10.10.10.10 --dport 5060 -j ACCEPT 481 | echo ' 482 | 483 | #!/bin/bash 484 | #Goes in /etc/init.d/firewall 485 | #sudo /etc/init.d/firewall start 486 | #sudo /etc/init.d/firewall stop 487 | #sudo /etc/init.d/firewall restart 488 | #sudo /etc/init.d/firewall status 489 | #To make it run, sudo update-rc.d firewall defaults 490 | 491 | 492 | 493 | RETVAL=0 494 | 495 | # To start the firewall 496 | start() { 497 | echo -n "Iptables rules creation: " 498 | /etc/firewall.sh 499 | RETVAL=0 500 | } 501 | 502 | # To stop the firewall 503 | stop() { 504 | echo -n "Removing all iptables rules: " 505 | /etc/flush_iptables.sh 506 | RETVAL=0 507 | } 508 | 509 | case $1 in 510 | start) 511 | start 512 | ;; 513 | stop) 514 | stop 515 | ;; 516 | restart) 517 | stop 518 | start 519 | ;; 520 | status) 521 | /sbin/iptables -L 522 | /sbin/iptables -t nat -L 523 | RETVAL=0 524 | ;; 525 | *) 526 | echo "Usage: firewall {start|stop|restart|status}" 527 | RETVAL=1 528 | esac 529 | 530 | exit 531 | ' > /etc/init.d/firewall 532 | 533 | echo ' 534 | 535 | #!/bin/bash 536 | #Starts the default IP tables for A2Billing / FreePBX, edit this script to change behaviour 537 | #File location /etc/firewall.sh 538 | 539 | 540 | iptables -F 541 | iptables -X 542 | 543 | 544 | iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 545 | iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT 546 | iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT 547 | iptables -A INPUT -i lo -p all -j ACCEPT 548 | iptables -A INPUT -p udp -m udp --dport 69 -j ACCEPT 549 | iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT 550 | iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 551 | iptables -A INPUT -p tcp -m tcp --dport 4445 -j ACCEPT 552 | iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT 553 | iptables -A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT 554 | iptables -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT 555 | iptables -A INPUT -p udp -m udp --dport 4520 -j ACCEPT 556 | iptables -A INPUT -p udp -m udp --dport 4569 -j ACCEPT 557 | iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT 558 | iptables -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT 559 | iptables -A INPUT -p udp -m udp --dport 4000:4999 -j ACCEPT 560 | iptables -A INPUT -p udp -m udp --dport 123 -j ACCEPT 561 | iptables -A INPUT -p udp -m udp --dport 69 -j ACCEPT 562 | iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT 563 | iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT 564 | iptables -A INPUT -p all -s localhost -i eth0 -j DROP 565 | iptables -A INPUT -j REJECT 566 | iptables -A FORWARD -j REJECT 567 | 568 | iptables-save 569 | 570 | # End message 571 | echo " [End iptables rules setting]" 572 | 573 | ' > /etc/firewall.sh 574 | 575 | echo ' 576 | 577 | #!/bin/sh 578 | #Flush iptable rules, and open everything 579 | #File location - /etc/flush_iptables.bash 580 | 581 | 582 | # 583 | # Set the default policy 584 | # 585 | iptables -P INPUT ACCEPT 586 | iptables -P FORWARD ACCEPT 587 | iptables -P OUTPUT ACCEPT 588 | 589 | # 590 | # Set the default policy for the NAT table 591 | # 592 | iptables -t nat -P PREROUTING ACCEPT 593 | iptables -t nat -P POSTROUTING ACCEPT 594 | iptables -t nat -P OUTPUT ACCEPT 595 | 596 | # 597 | # Delete all rules 598 | # 599 | iptables -F 600 | iptables -t nat -F 601 | 602 | # 603 | # Delete all chains 604 | # 605 | 606 | iptables -X 607 | iptables -t nat -X 608 | 609 | # End message 610 | echo " [End of flush]" 611 | 612 | ' > /etc/flush_iptables.sh 613 | 614 | chmod +x /etc/flush_iptables.sh 615 | chmod +x /etc/firewall.sh 616 | chmod +x /etc/init.d/firewall 617 | update-rc.d firewall defaults 618 | 619 | /etc/init.d/firewall restart 620 | 621 | #funciptables 622 | } 623 | 624 | 625 | # ---------------------- Ossec ------------------------ 626 | function funcossec () 627 | { 628 | 629 | cd /usr/src 630 | rm -rf ossec* 631 | wget http://www.ossec.net/files/ossec-hids-2.6.tar.gz 632 | tar zxfv ossec-hids-*.tar.gz 633 | rm -rf ossec-hids*.tar.gz 634 | mv ossec-hids-* ossec-hids 635 | cd ossec-hids 636 | clear 637 | 638 | echo "==================" 639 | echo "OSSEC INSTALLATION" 640 | echo "==================" 641 | echo "When prompted, please chose local as the installation type" 642 | echo "Unless you have previously set up an OSSEC server for" 643 | echo "receiving Ossec notifications." 644 | echo "" 645 | echo "Answer no to the following question" 646 | echo "" 647 | echo "- We found your SMTP server as: smtp.somemailserver.com." 648 | echo "- Do you want to use it? y/n y: n" 649 | echo "When prompted type localhost as your mail server." 650 | echo "" 651 | echo "" 652 | echo "Press any key to continue" 653 | read any 654 | ./install.sh 655 | clear 656 | 657 | # Add some local rules 658 | 659 | echo ' 672 | 673 | 674 | 675 | 676 | 677 | 678 | 683 | 684 | 5711 685 | 1.1.1.1 686 | Example of rule that will ignore sshd 687 | failed logins from IP 1.1.1.1. 688 | 689 | 690 | 691 | 693 | 701 | 702 | 703 | 704 | 710 | 711 | 712 | 713 | 714 | 715 | 716 | 717 | 718 | 30109 719 | Attempt to login using a non-existent user. 720 | invalid_login, 721 | 722 | 723 | 724 | 100300 725 | user \S+ not found 726 | Attempt to login using a non-existent user. 727 | invalid_login, 728 | 729 | 730 | 731 | 31106 732 | phpmyadmin 733 | Ignoring phpMyAdmin events. 734 | 735 | 736 | 737 | 31103 738 | phpmyadmin 739 | Ignoring phpMyAdmin events. 740 | 741 | 742 | 743 | 744 | 31151 745 | phpmyadmin 746 | Ignoring phpMyAdmin events. 747 | 748 | 749 | 750 | 31151 751 | logout 752 | Ignoring FreePBX logout events. 753 | 754 | 755 | logout 756 | 757 | 758 | 759 | 760 | 761 | 762 | ' > /var/ossec/rules/local_rules.xml 763 | 764 | 765 | #add some asterisk rules 766 | sed -i '/ossec_rules/ i\ asterisk_rules.xml' /var/ossec/etc/ossec.conf 767 | 768 | #Get asterisk to write to syslog 769 | echo 'messages => notice,warning,error' >> /etc/asterisk/logger.conf 770 | asterisk -rx 'module reload' 771 | sed -i 's/ossec:x:500:asterisk/ossec:x:500:/g' /etc/group 772 | sed -i 's/ossec:x:500:/ossec:x:500:asterisk/g' /etc/group 773 | 774 | sed -i '/<\/ossec_config>/d' /var/ossec/etc/ossec.conf 775 | echo ' 776 | 777 | syslog 778 | /var/log/asterisk/messages 779 | 780 | 781 | ' >> /var/ossec/etc/ossec.conf 782 | 783 | 784 | 785 | 786 | /var/ossec/bin/ossec-control start 787 | 788 | #quieten down the logs 789 | echo 'unset SSHD_OOM_ADJUST' >> /etc/default/ssh 790 | 791 | #funcossec 792 | } 793 | 794 | # ---------------------- Splash page ------------------------ 795 | function funcsplash () 796 | { 797 | #install Gui 798 | 799 | 800 | cd /var/www/ 801 | rm index.html 802 | cp -R /var/a2b-payload/webrootindex/* /var/www/ 803 | chown -R asterisk:asterisk /var/www/ 804 | 805 | 806 | #funcsplash 807 | } 808 | 809 | # ---------------------- Reboot ------------------------ 810 | function funcreboot () 811 | { 812 | # reboot 813 | 814 | reboot 815 | 816 | #funcreboot 817 | } 818 | 819 | 820 | # ---------------------- Install Dependencies ------------------------ 821 | 822 | function funcdependencies(){ 823 | #Install Dependencies 824 | clear 825 | echo "This script is deprecated, please use install-ballistic-pbx.sh" 826 | echo "Press CTRL-C to exit" 827 | read TEMP 828 | 829 | KERNELARCH=$(uname -p) 830 | 831 | apt-get -y autoremove 832 | apt-get -f install 833 | 834 | 835 | apt-get -y update 836 | 837 | 838 | 839 | apt-get -y remove sendmail 840 | 841 | apt-get -y upgrade 842 | 843 | echo "" 844 | echo "" 845 | echo "" 846 | echo "If the Kernel has been updated, we advise you to reboot your server and run again the install script!" 847 | echo "If you are not sure whether the kernel has been updated, reboot and start again (once only!)" 848 | echo "" 849 | echo "Press CTRL C to exit and reboot, or enter to continue" 850 | read TEMP 851 | 852 | apt-get install openssh-server 853 | 854 | #check timezone 855 | dpkg-reconfigure tzdata 856 | 857 | #install dependencies 858 | 859 | #for asterisk 10 860 | apt-get -y install libsqlite3-dev sqlite3 861 | 862 | apt-get -y install mysql-server 863 | apt-get -y install mysql-client libmysqlclient-dev build-essential sysvinit-utils libxml2 libxml2-dev libncurses5-dev libcurl4-openssl-dev libvorbis-dev libspeex-dev unixodbc unixodbc-dev libiksemel-dev wget iptables php5 php5-cli php-pear php5-mysql php-db libapache2-mod-php5 php5-gd php5-curl sqlite libnewt-dev libusb-dev zlib1g-dev libsqlite0-dev libapache2-mod-auth-mysql sox mpg123 postfix flite php5-mcrypt python-setuptools python-mysqldb python-psycopg2 python-sqlalchemy ntp 864 | 865 | #extras 866 | apt-get -y install wget iptables vim subversion flex bison libtiff-tools ghostscript autoconf gcc g++ automake libtool patch 867 | 868 | 869 | 870 | apt-get -y install linux-headers-$(uname -r) 871 | 872 | #remove the following packages for security. 873 | apt-get -y remove nfs-common portmap 874 | 875 | mkfifo /var/spool/postfix/public/pickup 876 | 877 | #Enable Mod_Auth_MySQL 878 | ln -s /etc/apache2/mods-available/auth_mysql.load /etc/apache2/mods-enabled/auth_mysql.load 879 | 880 | #Set MySQL to start automatically 881 | update-rc.d mysql remove 882 | update-rc.d mysql defaults 883 | 884 | 885 | 886 | 887 | INSTALLWEBMIN=2 888 | until [ $INSTALLWEBMIN -lt 2 ] ; do 889 | clear 890 | echo "Do you want to install Webmin Y/n" 891 | echo "Press 0 for Yes or 1 for No" 892 | read INSTALLWEBMIN < /dev/tty 893 | echo $INSTALLWEBMIN 894 | done 895 | 896 | if [ $INSTALLWEBMIN = 0 ]; then 897 | rm -rf webmin*.deb 898 | cd /usr/src 899 | wget http://www.webmin.com/download/deb/webmin-current.deb 900 | dpkg --install webmin* 901 | apt-get -y -f install 902 | rm -rf webmin*.deb 903 | fi 904 | 905 | 906 | INSTALLTFTP=2 907 | until [ $INSTALLTFTP -lt 2 ] ; do 908 | clear 909 | echo "Do you want to install a TFTP server Y/n" 910 | echo "Press 0 for Yes or 1 for No" 911 | read INSTALLTFTP < /dev/tty 912 | echo $INSTALLTFTP 913 | done 914 | 915 | #Install a TFTP server 916 | if [ $INSTALLTFTP = 0 ]; then 917 | apt-get install xinetd tftpd tftp -y 918 | echo ' 919 | service tftp 920 | { 921 | protocol = udp 922 | port = 69 923 | socket_type = dgram 924 | wait = yes 925 | user = nobody 926 | server = /usr/sbin/in.tftpd 927 | server_args = /tftpboot 928 | disable = no 929 | } 930 | ' > /etc/xinetd.d/tftp 931 | mkdir /tftpboot 932 | chmod -R 777 /tftpboot 933 | echo 'includedir /etc/xinetd.d' >> /etc/xinetd.conf 934 | /etc/init.d/xinetd start 935 | fi 936 | 937 | 938 | 939 | #funcdependencies 940 | } 941 | 942 | # ---------------------- Set Clock ------------------------ 943 | 944 | 945 | function funcsetclock(){ 946 | #Set the time and date 947 | apt-get -y install ntp ntpdate 948 | /usr/sbin/ntpdate -su pool.ntp.org 949 | hwclock --systohc 950 | #funcsetclock} 951 | } 952 | 953 | # ---------------------- Start Services ------------------------ 954 | 955 | function funcsetservices(){ 956 | #Set some services to start automatically and open them up 957 | 958 | #chkconfig httpd on 959 | #chkconfig mysqld on 960 | 961 | 962 | # Start MySQL & APACHE 963 | #service mysqld start 964 | #service httpd start 965 | 966 | #Set password to passw0rd 967 | mysqladmin -u root password 'passw0rd' 968 | 969 | mkdir /etc/pbx 970 | echo "" > /etc/pbx/runonce.sh 971 | echo "" > /etc/motd 972 | 973 | #funcsetservices 974 | } 975 | 976 | # ---------------------- Install Public Keys ------------------------ 977 | 978 | function funcpublickey(){ 979 | #add public key to root user. 980 | mkdir /root/.ssh 981 | touch /root/.ssh/authorized_keys 982 | echo ' 983 | 984 | ' >> /root/.ssh/authorized_keys 985 | chmod 700 /root/.ssh 986 | chmod 600 /root/.ssh/authorized_keys 987 | #funcpublickey 988 | } 989 | 990 | # ---------------------- Menu ------------------------ 991 | 992 | 993 | show_menu_pabx() { 994 | clear 995 | echo " > Asterisk/FreePBX Installation Menu (Ubuntu)" 996 | echo "================================" 997 | echo " 1) Install all" 998 | echo " 2) Install dependencies" 999 | echo " 3) Asterisk" 1000 | echo " 4) FreePBX" 1001 | echo " 5) IP-Tables" 1002 | echo " 6) Ossec Security" 1003 | echo " 7) Splash page" 1004 | echo " 8) Reboot" 1005 | echo " 9) Add public key" 1006 | echo " 0) Quit" 1007 | echo -n "(0-9) : " 1008 | read OPTION < /dev/tty 1009 | } 1010 | 1011 | 1012 | ExitFinish=0 1013 | 1014 | while [ $ExitFinish -eq 0 ]; do 1015 | 1016 | # Show menu with Installation items 1017 | show_menu_pabx 1018 | 1019 | case $OPTION in 1020 | 1) 1021 | funcdependencies 1022 | funcsetclock 1023 | funcsetservices 1024 | funcasterisk 1025 | funcfreepbx 1026 | funciptables 1027 | funcossec 1028 | funcsplash 1029 | echo "done" 1030 | ;; 1031 | 2) 1032 | funcdependencies 1033 | funcsetclock 1034 | funcsetservices 1035 | ;; 1036 | 3) 1037 | funcasterisk 1038 | ;; 1039 | 4) 1040 | funcfreepbx 1041 | ;; 1042 | 5) 1043 | funciptables 1044 | ;; 1045 | 6) 1046 | funcossec 1047 | ;; 1048 | 7) 1049 | funcsplash 1050 | ;; 1051 | 8) 1052 | funcreboot 1053 | ;; 1054 | 9) 1055 | funcpublickey 1056 | ;; 1057 | 0) 1058 | ExitFinish=1 1059 | ;; 1060 | *) 1061 | esac 1062 | 1063 | done 1064 | 1065 | -------------------------------------------------------------------------------- /install-ballistic-pbx.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | #Install Asterisk and FreePBX on Ubuntu LTS 12.04 3 | #Copyright (C) 2010-13 Star2Billing S.L. jonathan@star2billing.com 4 | 5 | #This program is free software; you can redistribute it and/or 6 | #modify it under the terms of the GNU General Public License 7 | #as published by the Free Software Foundation; either version 2 8 | #of the License, or (at your option) any later version. 9 | 10 | #This program is distributed in the hope that it will be useful, 11 | #but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | #GNU General Public License for more details. 14 | 15 | #You should have received a copy of the GNU General Public License 16 | #along with this program; if not, write to the Free Software 17 | #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 18 | 19 | #Purpose 20 | ######## 21 | # To install asterisk 1.8, 10 or 11 on Ubuntu with FreePBX. 22 | # Includes OSSEC iptables and extra apache security on FreePBX, in addition to it's own security. 23 | 24 | 25 | #Notes 26 | #------ 27 | # The admin password in FreePBX is set on the first login, however we add apache authentication 28 | # Therefore enter vm / vmadmin as the first login, which allows restricted access past apache auth. 29 | # This can be changed later in FreePBX administrators screen. 30 | # You need a password such as this with limited access for users to access the ARI, which 31 | # is also protected by Apache authentication. 32 | 33 | 34 | 35 | # ---------------------- Asterisk ------------------------ 36 | function funcasterisk() 37 | { 38 | 39 | #Asterisk Versions. 40 | ASTERISK18VER=asterisk-1.8-current.tar.gz 41 | ASTERISK10VER=asterisk-10-current.tar.gz 42 | ASTERISK11VER=asterisk-11-current.tar.gz 43 | 44 | #Add Asterisk group and user 45 | grep -c "^asterisk:" /etc/group &> /dev/null 46 | if [ $? = 1 ]; then 47 | /usr/sbin/groupadd -r -f asterisk 48 | else 49 | echo "group asterisk already present" 50 | fi 51 | 52 | grep -c "^asterisk:" /etc/passwd &> /dev/null 53 | if [ $? = 1 ]; then 54 | echo "adding user asterisk..." 55 | /usr/sbin/useradd -c "Asterisk" -g asterisk \ 56 | -r -s /bin/bash -m -d /var/lib/asterisk \ 57 | asterisk 58 | else 59 | echo "user asterisk already present" 60 | fi 61 | 62 | #Select Asterisk version 63 | 64 | cd /usr/src 65 | 66 | 67 | MAXASTVER=4 68 | ASTVER=4 69 | until [ $ASTVER -lt $MAXASTVER ] ; do 70 | clear 71 | echo "Select Asterisk Version to install" 72 | echo "1 for 1.8" 73 | echo "2 for Asterisk 10" 74 | echo "3 for Asterisk 11" 75 | read ASTVER < /dev/tty 76 | echo $ASTVER 77 | done 78 | 79 | rm -rf asterisk*.tar.gz 80 | 81 | case $ASTVER in 82 | 1) 83 | wget http://downloads.asterisk.org/pub/telephony/asterisk/$ASTERISK18VER 84 | tar zxf $ASTERISK18VER 85 | ;; 86 | 2) 87 | wget http://downloads.asterisk.org/pub/telephony/asterisk/$ASTERISK10VER 88 | tar zxf $ASTERISK10VER 89 | ;; 90 | 3) 91 | wget http://downloads.asterisk.org/pub/telephony/asterisk/$ASTERISK11VER 92 | tar zxf $ASTERISK11VER 93 | ;; 94 | esac 95 | 96 | 97 | rm -rf libpri*.tar.gz 98 | rm -rf dahdi*.tar.gz 99 | wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-1.4-current.tar.gz 100 | wget http://downloads.digium.com/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz 101 | 102 | tar zxf libpri-1.4-current.tar.gz 103 | tar zxf dahdi-linux-complete-current.tar.gz 104 | 105 | 106 | rm -rf *.tar.gz 107 | 108 | mv libpri* libpri 109 | mv asterisk-1* asterisk 110 | mv asterisk-addons* asterisk-addons 111 | mv dahdi-linux-complete* dahdi-linux-complete 112 | 113 | 114 | #Install Dahdi 115 | cd /usr/src/dahdi-linux-complete 116 | make all 117 | make install 118 | make config 119 | cd /usr/src 120 | 121 | /etc/init.d/dahdi start 122 | 123 | #Install Libpri 124 | cd /usr/src/libpri 125 | make clean 126 | make 127 | make install 128 | cd /usr/src 129 | 130 | #install Asterisk 131 | cd /usr/src/asterisk 132 | make clean 133 | ./configure 134 | make menuselect 135 | /usr/src/asterisk/contrib/scripts/get_mp3_source.sh 136 | make 137 | make install 138 | make samples 139 | make config 140 | 141 | #create /var/run/asterisk for asterisk to run in and set permissions 142 | mkdir /var/run/asterisk/ 143 | 144 | #Set directory for MOH 145 | mkdir /var/lib/asterisk/mohmp3/ 146 | ln -s /var/lib/asterisk/moh/* /var/lib/asterisk/mohmp3/ 147 | 148 | 149 | touch /etc/asterisk/chan_dahdi.conf 150 | 151 | #Set permissions to run asterisk as asterisk user 152 | chown -R asterisk:asterisk /var/log/asterisk/ /etc/asterisk/ /var/lib/asterisk/ /var/run/asterisk 153 | 154 | #Add include for Dahdi channels 155 | echo "#include dahdi-channels.conf" >> /etc/asterisk/chan_dahdi.conf 156 | dahdi_genconf -F 157 | 158 | #bit of a bodge here, just incase this script gets run twice 159 | sed -i 's/\/var\/run\/asterisk/\/var\/run/g' /etc/asterisk/asterisk.conf 160 | sed -i 's/\/var\/run/\/var\/run\/asterisk/g' /etc/asterisk/asterisk.conf 161 | 162 | #The others should be OK not duplicate 163 | sed -i 's/;runuser/runuser/g' /etc/asterisk/asterisk.conf 164 | sed -i 's/;rungroup/rungroup/g' /etc/asterisk/asterisk.conf 165 | sed -i 's/;dahdichanname/dahdichanname/g' /etc/asterisk/asterisk.conf 166 | sed -i 's/;dahdichanname/dahdichanname/g' /etc/asterisk/asterisk.conf 167 | sed -i 's/(!)/ /g' /etc/asterisk/asterisk.conf 168 | sed -i 's/ASTARGS=""/ASTARGS="-U asterisk"/g' /usr/sbin/safe_asterisk 169 | 170 | #Setup log rotation 171 | touch /etc/logrotate.d/asterisk 172 | echo ' 173 | 174 | /var/log/asterisk/*log { 175 | missingok 176 | rotate 5 177 | weekly 178 | create 0640 asterisk asterisk 179 | postrotate 180 | /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null 181 | endscript 182 | } 183 | 184 | /var/log/asterisk/full { 185 | missingok 186 | rotate 5 187 | daily 188 | create 0640 asterisk asterisk 189 | postrotate 190 | /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null 191 | endscript 192 | } 193 | 194 | /var/log/asterisk/messages { 195 | missingok 196 | rotate 5 197 | daily 198 | create 0640 asterisk asterisk 199 | postrotate 200 | /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null 201 | endscript 202 | } 203 | 204 | /var/log/asterisk/cdr-csv/*csv { 205 | missingok 206 | rotate 5 207 | monthly 208 | create 0640 asterisk asterisk 209 | } 210 | 211 | ' > /etc/logrotate.d/asterisk 212 | 213 | 214 | chown -R asterisk:asterisk /var/log/asterisk/ /etc/asterisk/ /var/lib/asterisk/ /var/run/asterisk /var/spool/asterisk 215 | 216 | if [ -d /tftpboot ]; then 217 | chown -R asterisk:asterisk /tftpboot 218 | fi 219 | 220 | #Now Asterisk should start 221 | #Disable TTY9 for OpenVZ 222 | sed -i 's/TTY=9/#TTY=9/g' /usr/sbin/safe_asterisk 223 | /etc/init.d/asterisk restart 224 | 225 | sleep 15 226 | 227 | asterisk -x "core show version" >> /etc/ballistic/info.txt 228 | echo "fxotune -s" >> /etc/rc.local 229 | touch /etc/fxotune.conf 230 | 231 | #funcasterisk 232 | } 233 | 234 | 235 | 236 | # ---------------------- Freepbx11 ------------------------ 237 | function funcfreepbx () 238 | { 239 | 240 | #check asterisk is running, before FreePBX is installed. 241 | if test -f /var/run/asterisk/asterisk.pid; 242 | then 243 | clear 244 | #Don't allow progress until access confirmed to database 245 | #Check root password set, if not, ask for it 246 | if [ -z "${MYSQLROOTPASSWD+xxx}" ]; then read -p "Enter MySQL root password " MYSQLROOTPASSWD; fi 247 | if [ -z "$MYSQLROOTPASSWD" ] && [ "${MYSQLROOTPASSWD+xxx}" = "xxx" ]; then read -p "Enter MySQL root password " MYSQLROOTPASSWD; fi 248 | echo "Please enter the MySQL root password" 249 | until mysql -uroot -p$MYSQLROOTPASSWD -e ";" ; do 250 | clear 251 | echo "Please enter the MySQL root password" 252 | read MYSQLROOTPASSWD 253 | echo "password incorrect" 254 | done 255 | 256 | #Write FreePBX info 257 | echo "MySQL Root Password = $MYSQLROOTPASS" >> /etc/ballistic/info.txt 258 | 259 | #Set Apache to run as asterisk 260 | sed -i 's/www-data/asterisk/g' /etc/apache2/envvars 261 | chown -R asterisk:asterisk /var/lock/apache2 262 | /etc/init.d/apache2 restart 263 | 264 | # Get FreePBX - Unzip and modify 265 | cd /usr/src 266 | rm -rf freepbx*.tgz 267 | rm -rf freepbx 268 | wget http://mirror.freepbx.org/freepbx-2.11.0.40.tgz 269 | tar zxfv freepbx*.tgz 270 | rm -rf freepbx*.tgz 271 | #mv freepbx-2* freepbx 272 | mkdir /var/www/html /var/lib/asterisk/bin 273 | 274 | cd /usr/src/freepbx 275 | 276 | if [ ! -f /etc/amportal.conf ]; 277 | then 278 | #Prepare Amportal and copy it into location. 279 | 280 | #Generate random password for FreePBX database user 281 | funcrandpass 10 0 282 | FREEPBXPASSW=$RANDOMPASSW 283 | 284 | #Generate random password for the AMI 285 | funcrandpass 10 0 286 | AMIPASSW=$RANDOMPASSW 287 | 288 | #make some changes to Amportal 289 | sed -i 's/AUTHTYPE=none/AUTHTYPE=database/g' amportal.conf 290 | 291 | #write out the new database user and password 292 | echo " 293 | AMPDBUSER=asteriskuser 294 | AMPDBPASS=$FREEPBXPASSW 295 | " >> amportal.conf 296 | sed -i "s/AMPMGRPASS=amp111/AMPMGRPASS=$AMIPASSW/g" amportal.conf 297 | 298 | #Set the ARI password 299 | funcrandpass 10 0 300 | ARIPASSW=$RANDOMPASSW 301 | sed -i "s/ARI_ADMIN_PASSWORD=ari_password/ARI_ADMIN_PASSWORD=$ARIPASSW/g" amportal.conf 302 | 303 | cp amportal.conf /etc/amportal.conf 304 | 305 | else 306 | #Amportal already prepared, just go on to installation. 307 | echo "Amportal already setup, go straight to installation" 308 | fi 309 | source /etc/amportal.conf 310 | #create the MySQL databases 311 | mysqladmin -uroot -p$MYSQLROOTPASSWD create asterisk 312 | mysqladmin -uroot -p$MYSQLROOTPASSWD create asteriskcdrdb 313 | mysql -uroot -p$MYSQLROOTPASSWD asterisk < SQL/newinstall.sql 314 | mysql -uroot -p$MYSQLROOTPASSWD asteriskcdrdb < SQL/cdr_mysql_table.sql 315 | mysql -uroot -p$MYSQLROOTPASSWD -e "GRANT ALL PRIVILEGES ON asterisk.* TO asteriskuser@localhost IDENTIFIED BY '$AMPDBPASS'" 316 | mysql -uroot -p$MYSQLROOTPASSWD -e "GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO asteriskuser@localhost IDENTIFIED BY '$AMPDBPASS'" 317 | ./install_amp --username=$AMPDBUSER --password=$AMPDBPASS 318 | 319 | chown -R asterisk:asterisk /etc/asterisk 320 | chown -R asterisk:asterisk /var/www/html/ 321 | chown -R asterisk:asterisk /var/lib/asterisk 322 | 323 | #Remove files, and re - symlink 324 | rm /etc/asterisk/cel.conf 325 | rm /etc/asterisk/cel_odbc.conf 326 | rm /etc/asterisk/logger.conf 327 | rm /etc/asterisk/extensions.conf 328 | rm /etc/asterisk/iax.conf 329 | rm /etc/asterisk/sip_notify.conf 330 | rm /etc/asterisk/features.conf 331 | rm /etc/asterisk/sip.conf 332 | rm /etc/asterisk/confbridge.conf 333 | rm /etc/asterisk/ccss.conf 334 | rm /etc/asterisk/udptl.conf 335 | /var/lib/asterisk/bin/retrieve_conf 336 | 337 | #Bring modules upto date and get useful modules 338 | /var/lib/asterisk/bin/module_admin upgradeall 339 | 340 | /var/lib/asterisk/bin/module_admin download asterisk-cli 341 | /var/lib/asterisk/bin/module_admin download asteriskinfo 342 | /var/lib/asterisk/bin/module_admin download backup 343 | /var/lib/asterisk/bin/module_admin download fw_ari 344 | /var/lib/asterisk/bin/module_admin download iaxsettings 345 | /var/lib/asterisk/bin/module_admin download javassh 346 | /var/lib/asterisk/bin/module_admin download languages 347 | /var/lib/asterisk/bin/module_admin download logfiles 348 | /var/lib/asterisk/bin/module_admin download phpinfo 349 | /var/lib/asterisk/bin/module_admin download sipsettings 350 | /var/lib/asterisk/bin/module_admin download weakpasswords 351 | /var/lib/asterisk/bin/module_admin download fw_langpacks 352 | 353 | /var/lib/asterisk/bin/module_admin install asterisk-cli 354 | /var/lib/asterisk/bin/module_admin install asteriskinfo 355 | /var/lib/asterisk/bin/module_admin install backup 356 | /var/lib/asterisk/bin/module_admin install fw_ari 357 | /var/lib/asterisk/bin/module_admin install iaxsettings 358 | /var/lib/asterisk/bin/module_admin install javassh 359 | /var/lib/asterisk/bin/module_admin install languages 360 | /var/lib/asterisk/bin/module_admin install logfiles 361 | /var/lib/asterisk/bin/module_admin install phpinfo 362 | /var/lib/asterisk/bin/module_admin install sipsettings 363 | /var/lib/asterisk/bin/module_admin install weakpasswords 364 | /var/lib/asterisk/bin/module_admin install fw_langpacks 365 | 366 | /var/lib/asterisk/bin/module_admin reload 367 | 368 | #Protect the Admin pages with Apache authentication. 369 | funcunifiedlogin admin /var/www/html/admin 370 | 371 | #Protect the ARI with Apache authentication. 372 | funcunifiedlogin recordings /var/www/html/recordings 373 | 374 | # Stop the ability to type the URL of the module and bypass security 375 | echo " 376 | Options -Indexes 377 | 378 | deny from all 379 | 380 | " > /var/www/html/admin/modules/.htaccess 381 | 382 | 383 | #Set the AMI to only listen on 127.0.0.1 384 | sed -i 's/bindaddr = 0.0.0.0/bindaddr = 127.0.0.1/g' /etc/asterisk/manager.conf 385 | 386 | 387 | #Get FreePBX to start automatically on boot. 388 | 389 | echo '#!/bin/bash' > /etc/init.d/amportal-start 390 | echo '/usr/local/sbin/amportal start' >> /etc/init.d/amportal-start 391 | chmod +x /etc/init.d/amportal-start 392 | update-rc.d amportal-start start 99 2 3 4 5 . 393 | 394 | 395 | echo '#!/bin/bash' > /etc/init.d/amportal-stop 396 | echo '/usr/local/sbin/amportal stop' >> /etc/init.d/amportal-stop 397 | chmod +x /etc/init.d/amportal-stop 398 | update-rc.d amportal-stop stop 10 0 1 6 . 399 | 400 | /etc/init.d/asterisk stop 401 | update-rc.d -f asterisk remove 402 | 403 | /etc/init.d/apache2 restart 404 | amportal kill 405 | dahdi_genconf -F 406 | /etc/init.d/dahdi restart 407 | amportal start 408 | 409 | #Insert admin / admin user into FreePBX 410 | mysql -uroot -p$MYSQLROOTPASSWD asterisk -e "INSERT INTO ampusers (username,password_sha1,extension_low,extension_high,deptname,sections) VALUES ('vm', '3559095f228e3d157f2e10971a9283b28d86395c', '', '', '', '');" 411 | 412 | clear 413 | echo "Log into the FreePBX interface for the first time with:" 414 | echo "username = vm" 415 | echo "password = vmadmin" 416 | echo "This can be changed via the FreePBX administrator interface later." 417 | echo "Press Enter to continue" 418 | read TEMP 419 | 420 | 421 | else 422 | clear 423 | echo "asterisk is not running" 424 | echo "please correct this before installing FreePBX" 425 | echo "Press enter to return to the install menu." 426 | read temp 427 | fi 428 | 429 | #Write FreePBX info 430 | echo "MySQL Root Password = $MYSQLROOTPASS" >> /etc/ballistic/info.txt 431 | 432 | #funcfreepbx 433 | } 434 | 435 | 436 | 437 | # ----------------------IP Tables ------------------------ 438 | function funciptables () 439 | { 440 | #firewall script for VoIP 441 | #To add a range of IP Addresses - use the following syntax 442 | #iptables -A INPUT -p tcp --destination-port 22 -m iprange --src-range 192.168.1.100-192.168.1.200 -j ACCEPT 443 | #Or single IP Address - for VoIP 444 | #iptables -A INPUT -p udp -s 10.10.10.10 --dport 5060 -j ACCEPT 445 | echo ' 446 | 447 | #!/bin/bash 448 | #Goes in /etc/init.d/firewall 449 | #sudo /etc/init.d/firewall start 450 | #sudo /etc/init.d/firewall stop 451 | #sudo /etc/init.d/firewall restart 452 | #sudo /etc/init.d/firewall status 453 | #To make it run, sudo update-rc.d firewall defaults 454 | 455 | 456 | 457 | RETVAL=0 458 | 459 | # To start the firewall 460 | start() { 461 | echo -n "Iptables rules creation: " 462 | /etc/firewall.sh 463 | RETVAL=0 464 | } 465 | 466 | # To stop the firewall 467 | stop() { 468 | echo -n "Removing all iptables rules: " 469 | /etc/flush_iptables.sh 470 | RETVAL=0 471 | } 472 | 473 | case $1 in 474 | start) 475 | start 476 | ;; 477 | stop) 478 | stop 479 | ;; 480 | restart) 481 | stop 482 | start 483 | ;; 484 | status) 485 | /sbin/iptables -L 486 | /sbin/iptables -t nat -L 487 | RETVAL=0 488 | ;; 489 | *) 490 | echo "Usage: firewall {start|stop|restart|status}" 491 | RETVAL=1 492 | esac 493 | 494 | exit 495 | ' > /etc/init.d/firewall 496 | 497 | echo ' 498 | 499 | #!/bin/bash 500 | #Starts the default IP tables for A2Billing / FreePBX, edit this script to change behaviour 501 | #File location /etc/firewall.sh 502 | 503 | 504 | iptables -F 505 | iptables -X 506 | 507 | 508 | iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 509 | iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT 510 | iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT 511 | iptables -A INPUT -i lo -p all -j ACCEPT 512 | #drop sipvicious attacks 513 | iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "friendly-scanner" --algo bm 514 | iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "VaxSIPUserAgent" --algo bm 515 | iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "sundayddr" --algo bm 516 | iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "sipsak" --algo bm 517 | iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "sipvicious" --algo bm 518 | iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "iWar" --algo bm 519 | iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "sip-scan" --algo bm 520 | #windows command name client sipcli used to scan as well. 521 | iptables -I INPUT -j DROP -p udp --dport 5060 -m string --string "sipcli" --algo bm 522 | iptables -A INPUT -p udp -m udp --dport 69 -j ACCEPT 523 | iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT 524 | iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 525 | iptables -A INPUT -p tcp -m tcp --dport 4445 -j ACCEPT 526 | iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT 527 | iptables -A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT 528 | iptables -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT 529 | iptables -A INPUT -p udp -m udp --dport 4520 -j ACCEPT 530 | iptables -A INPUT -p udp -m udp --dport 4569 -j ACCEPT 531 | iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT 532 | iptables -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT 533 | iptables -A INPUT -p udp -m udp --dport 4000:4999 -j ACCEPT 534 | iptables -A INPUT -p udp -m udp --dport 123 -j ACCEPT 535 | iptables -A INPUT -p udp -m udp --dport 69 -j ACCEPT 536 | iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT 537 | iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT 538 | iptables -A INPUT -p all -s localhost -i eth0 -j DROP 539 | iptables -A INPUT -j REJECT 540 | iptables -A FORWARD -j REJECT 541 | 542 | iptables-save 543 | 544 | # End message 545 | echo " [End iptables rules setting]" 546 | 547 | ' > /etc/firewall.sh 548 | 549 | echo ' 550 | 551 | #!/bin/sh 552 | #Flush iptable rules, and open everything 553 | #File location - /etc/flush_iptables.bash 554 | 555 | 556 | # 557 | # Set the default policy 558 | # 559 | iptables -P INPUT ACCEPT 560 | iptables -P FORWARD ACCEPT 561 | iptables -P OUTPUT ACCEPT 562 | 563 | # 564 | # Set the default policy for the NAT table 565 | # 566 | iptables -t nat -P PREROUTING ACCEPT 567 | iptables -t nat -P POSTROUTING ACCEPT 568 | iptables -t nat -P OUTPUT ACCEPT 569 | 570 | # 571 | # Delete all rules 572 | # 573 | iptables -F 574 | iptables -t nat -F 575 | 576 | # 577 | # Delete all chains 578 | # 579 | 580 | iptables -X 581 | iptables -t nat -X 582 | 583 | # End message 584 | echo " [End of flush]" 585 | 586 | ' > /etc/flush_iptables.sh 587 | 588 | chmod +x /etc/flush_iptables.sh 589 | chmod +x /etc/firewall.sh 590 | chmod +x /etc/init.d/firewall 591 | update-rc.d firewall defaults 592 | 593 | /etc/init.d/firewall restart 594 | 595 | #funciptables 596 | } 597 | 598 | 599 | # ---------------------- Ossec ------------------------ 600 | function funcossec () 601 | { 602 | 603 | cd /usr/src 604 | rm -rf ossec* 605 | curl -O http://www.ossec.net/files/ossec-hids-2.8.1.tar.gz 606 | tar zxfv ossec-hids-*.tar.gz 607 | rm -rf ossec-hids*.tar.gz 608 | mv ossec-hids-* ossec-hids 609 | cd ossec-hids 610 | clear 611 | 612 | ./install.sh 613 | clear 614 | 615 | # Add some local rules 616 | 617 | echo ' 630 | 631 | 632 | 633 | 634 | 635 | 636 | 641 | 642 | 5711 643 | 1.1.1.1 644 | Example of rule that will ignore sshd 645 | failed logins from IP 1.1.1.1. 646 | 647 | 648 | 649 | 651 | 659 | 660 | 661 | 662 | 668 | 669 | 670 | 671 | 672 | 673 | 674 | 675 | 676 | 30109 677 | Attempt to login using a non-existent user. 678 | invalid_login, 679 | 680 | 681 | 682 | 100300 683 | user \S+ not found 684 | Attempt to login using a non-existent user. 685 | invalid_login, 686 | 687 | 688 | 689 | 31106 690 | phpmyadmin 691 | Ignoring phpMyAdmin events. 692 | 693 | 694 | 695 | 31103 696 | phpmyadmin 697 | Ignoring phpMyAdmin events. 698 | 699 | 700 | 701 | 702 | 31151 703 | phpmyadmin 704 | Ignoring phpMyAdmin events. 705 | 706 | 707 | 708 | 31151 709 | logout 710 | Ignoring FreePBX logout events. 711 | 712 | 713 | 714 | 31151 715 | admin/config.php? 716 | Ignoring FreePBX 400 events. 717 | 718 | 719 | 720 | 721 | 722 | 723 | ' > /var/ossec/rules/local_rules.xml 724 | 725 | 726 | #add some asterisk rules 727 | sed -i '/ossec_rules/ i\ asterisk_rules.xml' /var/ossec/etc/ossec.conf 728 | 729 | #Get asterisk to write to syslog 730 | echo 'messages => notice,warning,error' >> /etc/asterisk/logger.conf 731 | asterisk -rx 'module reload' 732 | sed -i 's/ossec:x:500:asterisk/ossec:x:500:/g' /etc/group 733 | sed -i 's/ossec:x:500:/ossec:x:500:asterisk/g' /etc/group 734 | 735 | sed -i '/<\/ossec_config>/d' /var/ossec/etc/ossec.conf 736 | echo ' 737 | 738 | syslog 739 | /var/log/asterisk/messages 740 | 741 | 742 | ' >> /var/ossec/etc/ossec.conf 743 | 744 | 745 | 746 | 747 | /var/ossec/bin/ossec-control start 748 | 749 | #quieten down the logs 750 | echo 'unset SSHD_OOM_ADJUST' >> /etc/default/ssh 751 | 752 | #funcossec 753 | } 754 | 755 | # ---------------------- Ossec UI ------------------------ 756 | function funcossecui () 757 | { 758 | clear 759 | while true; do 760 | read -p "Do you wish to install The Ossec UI? " yn 761 | case $yn in 762 | [Yy]* ) 763 | cd /usr/share 764 | curl -O http://www.ossec.net/files/ossec-wui-0.3.tar.gz 765 | tar zxfv ossec-wui-0.3.tar.gz 766 | rm -rf ossec-wui-0.3.tar.gz 767 | mv ossec-wui* ossecui 768 | cd ossecui 769 | 770 | #Set up .htaccess 771 | echo ' 772 | 773 | deny from all 774 | 775 | 776 | 777 | deny from all 778 | 779 | 780 | 781 | deny from all 782 | 783 | ' > /usr/share/ossecui/.htaccess 784 | 785 | echo ' 786 | deny from all 787 | ' > /usr/share/ossecui/site/.htaccess 788 | 789 | echo ' 790 | deny from all 791 | ' > /usr/share/ossecui/lib/.htaccess 792 | 793 | usermod -a -G ossec asterisk 794 | 795 | #Fix OSSEC UI 796 | sed -i "s/\"SEEK_SET\"/SEEK_SET/g" /usr/share/ossecui/lib/os_lib_alerts.php 797 | 798 | funcunifiedlogin ossecui /usr/share/ossecui 799 | break;; 800 | 801 | 802 | [Nn]* ) break;; 803 | * ) echo "Please answer yes or no.";; 804 | esac 805 | done 806 | #funcossecui 807 | } 808 | 809 | # ---------------------- Reboot ------------------------ 810 | function funcreboot () 811 | { 812 | # reboot 813 | 814 | reboot 815 | 816 | #funcreboot 817 | } 818 | 819 | 820 | # ---------------------- Install Dependencies ------------------------ 821 | 822 | function funcdependencies(){ 823 | #Install Dependencies 824 | 825 | KERNELARCH=$(uname -p) 826 | 827 | apt-get -y autoremove 828 | apt-get -f install 829 | 830 | 831 | apt-get -y update 832 | 833 | 834 | 835 | apt-get -y remove sendmail 836 | 837 | apt-get -y upgrade 838 | 839 | echo "" 840 | echo "" 841 | echo "" 842 | echo "If the Kernel has been updated, we advise you to reboot your server and re-run the install script!" 843 | echo "If you are not sure whether the kernel has been updated, reboot and start again" 844 | echo "" 845 | echo "Press CTRL C to exit and reboot, or enter to continue" 846 | [ -f /var/run/reboot-required ] && echo "*** System restart required ***" || echo "*** System restart NOT required ***" 847 | read TEMP 848 | 849 | apt-get install openssh-server 850 | 851 | 852 | #check timezone 853 | dpkg-reconfigure tzdata 854 | 855 | #install dependencies 856 | 857 | #for asterisk 10 & 11 858 | apt-get -y install libsqlite3-dev sqlite3 uuid-dev 859 | 860 | apt-get -y install mysql-server 861 | apt-get -y install mysql-client libmysqlclient-dev build-essential sysvinit-utils libxml2 libxml2-dev libncurses5-dev libcurl4-openssl-dev libvorbis-dev libspeex-dev unixodbc unixodbc-dev libiksemel-dev wget iptables php5 php5-cli php-pear php5-mysql php-db libapache2-mod-php5 php5-gd php5-curl sqlite libnewt-dev libusb-dev zlib1g-dev libsqlite0-dev libapache2-mod-auth-mysql sox mpg123 postfix flite php5-mcrypt python-setuptools python-mysqldb python-psycopg2 python-sqlalchemy ntp 862 | 863 | #extras 864 | apt-get -y install curl wget sudo iptables vim subversion flex bison libtiff-tools ghostscript autoconf gcc g++ automake libtool patch 865 | 866 | 867 | 868 | apt-get -y install linux-headers-$(uname -r) 869 | 870 | #remove the following packages for security. 871 | apt-get -y remove nfs-common portmap 872 | 873 | mkfifo /var/spool/postfix/public/pickup 874 | 875 | #Enable Mod_Auth_MySQL 876 | ln -s /etc/apache2/mods-available/auth_mysql.load /etc/apache2/mods-enabled/auth_mysql.load 877 | 878 | #Set MySQL to start automatically 879 | update-rc.d mysql remove 880 | update-rc.d mysql defaults 881 | 882 | 883 | 884 | 885 | INSTALLWEBMIN=2 886 | until [ $INSTALLWEBMIN -lt 2 ] ; do 887 | clear 888 | echo "Do you want to install Webmin Y/n" 889 | echo "Press 0 for Yes or 1 for No" 890 | read INSTALLWEBMIN < /dev/tty 891 | echo $INSTALLWEBMIN 892 | done 893 | 894 | if [ $INSTALLWEBMIN = 0 ]; then 895 | rm -rf webmin*.deb 896 | cd /usr/src 897 | wget http://www.webmin.com/download/deb/webmin-current.deb 898 | dpkg --install webmin* 899 | apt-get -y -f install 900 | rm -rf webmin*.deb 901 | fi 902 | 903 | 904 | INSTALLTFTP=2 905 | until [ $INSTALLTFTP -lt 2 ] ; do 906 | clear 907 | echo "Do you want to install a TFTP server Y/n" 908 | echo "Press 0 for Yes or 1 for No" 909 | read INSTALLTFTP < /dev/tty 910 | echo $INSTALLTFTP 911 | done 912 | 913 | #Install a TFTP server 914 | if [ $INSTALLTFTP = 0 ]; then 915 | apt-get install xinetd tftpd tftp -y 916 | echo ' 917 | service tftp 918 | { 919 | protocol = udp 920 | port = 69 921 | socket_type = dgram 922 | wait = yes 923 | user = nobody 924 | server = /usr/sbin/in.tftpd 925 | server_args = /tftpboot 926 | disable = no 927 | } 928 | ' > /etc/xinetd.d/tftp 929 | mkdir /tftpboot 930 | chmod -R 777 /tftpboot 931 | echo 'includedir /etc/xinetd.d' >> /etc/xinetd.conf 932 | /etc/init.d/xinetd start 933 | fi 934 | 935 | 936 | 937 | #funcdependencies 938 | } 939 | 940 | 941 | # ---------------------- Unified Login ------------------------ 942 | #Script called with funcunifiedlogin <> <> e.g. funcunifiedlogin phpsysinfo . $1 will be replaced with phpsysinfo. $2 replaced with usr/share/phpsysinfo 943 | 944 | funcunifiedlogin () { 945 | 946 | #Check we have the credentials stored in memory if not, prompt. 947 | until mysql -uasteriskuser -p$AMPDBPASS -e ";" ; do 948 | clear 949 | echo "MySQL FreePBX password?" 950 | read AMPDBPASS 951 | echo "Credentials incorrect" 952 | done 953 | echo " 954 | Alias /$1 $2 955 | DocumentRoot $2/ 956 | 957 | AllowOverride all 958 | Options Indexes FollowSymLinks 959 | order allow,deny 960 | allow from all 961 | AuthName \"PBX Access\" 962 | AuthType Basic 963 | AuthUserFile /dev/null 964 | AuthBasicAuthoritative off 965 | Auth_MySQL on 966 | Auth_MySQL_Authoritative off 967 | Auth_MySQL_Username asteriskuser 968 | Auth_MySQL_Password $AMPDBPASS 969 | Auth_MySQL_DB asterisk 970 | Auth_MySQL_Password_Table ampusers 971 | Auth_MySQL_Username_Field username 972 | Auth_MySQL_Password_Field password_sha1 973 | Auth_MySQL_Empty_Passwords off 974 | Auth_MySQL_Encryption_Types SHA1Sum 975 | Require valid-user 976 | 977 | 978 | 979 | php_flag magic_quotes_gpc Off 980 | php_flag track_vars On 981 | php_flag register_globals Off 982 | 983 | 984 | 985 | 986 | " > /etc/apache2/sites-available/$1.conf 987 | 988 | ln -s /etc/apache2/sites-available/$1.conf /etc/apache2/sites-enabled/$1.conf 989 | service apache2 restart 990 | } 991 | 992 | 993 | # ---------------------- Set Clock ------------------------ 994 | 995 | 996 | function funcsetclock(){ 997 | #Set the time and date 998 | apt-get -y install ntp ntpdate 999 | /usr/sbin/ntpdate -su pool.ntp.org 1000 | hwclock --systohc 1001 | #funcsetclock} 1002 | } 1003 | 1004 | # ---------------------- Start Services ------------------------ 1005 | 1006 | function funcsetservices(){ 1007 | #Set some services to start automatically and open them up 1008 | 1009 | #chkconfig httpd on 1010 | #chkconfig mysqld on 1011 | 1012 | 1013 | # Start MySQL & APACHE 1014 | #service mysqld start 1015 | #service httpd start 1016 | 1017 | clear 1018 | #Don't allow progress until access confirmed to database 1019 | #Check root password set, if not, ask for it 1020 | if [ -z "${MYSQLROOTPASSWD+xxx}" ]; then read -p "Enter MySQL root password " MYSQLROOTPASSWD; fi 1021 | if [ -z "$MYSQLROOTPASSWD" ] && [ "${MYSQLROOTPASSWD+xxx}" = "xxx" ]; then read -p "Enter MySQL root password " MYSQLROOTPASSWD; fi 1022 | echo "Please enter the MySQL root password" 1023 | until mysql -uroot -p$MYSQLROOTPASSWD -e ";" ; do 1024 | clear 1025 | echo "Please enter the MySQL root password" 1026 | read MYSQLROOTPASSWD 1027 | echo "password incorrect" 1028 | done 1029 | 1030 | #funcsetservices 1031 | } 1032 | 1033 | # ---------------------- Install Public Keys ------------------------ 1034 | 1035 | function funcpublickey(){ 1036 | #add public key to root user. 1037 | mkdir /root/.ssh 1038 | touch /root/.ssh/authorized_keys 1039 | echo ' 1040 | #Delete this line, and replace with your public keys. 1041 | ' >> /root/.ssh/authorized_keys 1042 | chmod 700 /root/.ssh 1043 | chmod 600 /root/.ssh/authorized_keys 1044 | #funcpublickey 1045 | } 1046 | 1047 | 1048 | # ---------------------- Generate Random Password ------------------- 1049 | # $2 = include special characters; 1 = yes, 0 = no; defaults to 1 1050 | function funcrandpass() { 1051 | [ "$2" == "0" ] && CHAR="[:alnum:]" || CHAR="[:graph:]" 1052 | RANDOMPASSW=`cat /dev/urandom | tr -cd "$CHAR" | head -c ${1:-32}` 1053 | } 1054 | 1055 | # ---------------------- Configure HTTPS / SSL Security ------------ 1056 | function funcssl() { 1057 | #enable SSL on the server 1058 | a2enmod ssl 1059 | 1060 | #enable rewrite on the server 1061 | a2enmod rewrite 1062 | 1063 | #Enable SSL 1064 | ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/000-default-ssl.conf 1065 | 1066 | 1067 | # SSL for Web pages 1068 | 1069 | echo ' 1070 | 1071 | 1072 | # Redirect administration interface to https 1073 | RewriteEngine On 1074 | RewriteCond %{HTTPS} off 1075 | RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}/admin 1076 | 1077 | ' > /etc/apache2/sites-available/freepbx_ssl.conf 1078 | 1079 | ln -s /etc/apache2/sites-available/freepbx_ssl.conf /etc/apache2/sites-enabled/freepbx_ssl.conf 1080 | 1081 | 1082 | service apache2 restart 1083 | 1084 | #End funcssl 1085 | } 1086 | 1087 | 1088 | # ---------------------- Add installation info ------------ 1089 | function funcinfo () 1090 | { 1091 | 1092 | mkdir /etc/ballistic/ 1093 | touch /etc/ballistic/info.txt 1094 | echo "installation date $(date)" >> /etc/ballistic/info.txt 1095 | ifconfig | awk '/eth/ { print "MAC Address = " $5 }' >> /etc/ballistic/info.txt 1096 | ifconfig | awk '/inet addr/ { print "IPV4 = " $2 }'>> /etc/ballistic/info.txt 1097 | ifconfig | awk '/inet6 addr/ { print "IPV6 = " $3 }' >> /etc/ballistic/info.txt 1098 | 1099 | #funcinfo 1100 | } 1101 | 1102 | 1103 | # ---------------------- Menu ------------------------ 1104 | 1105 | 1106 | show_menu_pabx() { 1107 | clear 1108 | echo " > Asterisk/FreePBX Installation Menu (Ubuntu)" 1109 | echo "================================" 1110 | echo " 1) Install all" 1111 | echo " 2) Install dependencies" 1112 | echo " 3) Asterisk" 1113 | echo " 4) FreePBX" 1114 | echo " 5) IP-Tables" 1115 | echo " 6) Ossec Security" 1116 | echo " 7) HTTPS / SSL Security" 1117 | echo " 8) Reboot" 1118 | echo " 9) Add public key" 1119 | echo " 0) Quit" 1120 | echo -n "(0-8) : " 1121 | read OPTION < /dev/tty 1122 | } 1123 | 1124 | 1125 | ExitFinish=0 1126 | 1127 | while [ $ExitFinish -eq 0 ]; do 1128 | 1129 | # Show menu with Installation items 1130 | show_menu_pabx 1131 | 1132 | case $OPTION in 1133 | 1) 1134 | funcdependencies 1135 | funcinfo 1136 | funcsetclock 1137 | funcsetservices 1138 | funcasterisk 1139 | funcfreepbx 1140 | funcssl 1141 | funciptables 1142 | funcossec 1143 | funcossecui 1144 | echo "done" 1145 | ;; 1146 | 2) 1147 | funcdependencies 1148 | funcsetclock 1149 | funcsetservices 1150 | funcinfo 1151 | 1152 | ;; 1153 | 3) 1154 | funcasterisk 1155 | ;; 1156 | 4) 1157 | funcfreepbx 1158 | ;; 1159 | 5) 1160 | funciptables 1161 | ;; 1162 | 6) 1163 | funcossec 1164 | funcossecui 1165 | ;; 1166 | 7) 1167 | funcssl 1168 | ;; 1169 | 8) 1170 | funcreboot 1171 | ;; 1172 | 9) 1173 | funcpublickey 1174 | ;; 1175 | 0) 1176 | ExitFinish=1 1177 | ;; 1178 | *) 1179 | esac 1180 | 1181 | done 1182 | 1183 | --------------------------------------------------------------------------------