diff --git a/freebsd/resources/config.sh b/freebsd/resources/config.sh index 619aa4a..171f6f0 100755 --- a/freebsd/resources/config.sh +++ b/freebsd/resources/config.sh @@ -1,6 +1,6 @@ # FusionPBX Settings -domain_name=ip_address # hostname, ip_address or a custom value +domain_name=hostname # hostname, ip_address or a custom value system_username=admin # default username admin system_password=random # random or as a pre-set value system_branch=master # master, stable @@ -16,7 +16,7 @@ database_name=fusionpbx # Database name (safe characters A-Z, a-z, 0-9) database_username=fusionpbx # Database username (safe characters A-Z, a-z, 0-9) database_password=random # random or a custom value (safe characters A-Z, a-z, 0-9) database_enabled=true # true or false -database_version=13 # Postgres 14, 13, 12, 11, 10, 9.6 +database_version=15 # Postgres 15, 14, 13, 12, 11, 10, 9.6 database_host=127.0.0.1 # hostname or IP address database_port=5432 # port number database_backup=false # true or false diff --git a/freebsd/resources/fail2ban.sh b/freebsd/resources/fail2ban.sh index d54ae08..9a7dbf7 100755 --- a/freebsd/resources/fail2ban.sh +++ b/freebsd/resources/fail2ban.sh @@ -11,7 +11,7 @@ cd "$(dirname "$0")" verbose "Installing Fail2ban" #add the dependencies -pkg install --yes py38-fail2ban +pkg install --yes py39-fail2ban #enable fail2ban service echo 'fail2ban_enable="YES"' >> /etc/rc.conf @@ -25,6 +25,14 @@ cp fail2ban/fusionpbx.conf /usr/local/etc/fail2ban/filter.d/fusionpbx.conf cp fail2ban/nginx-404.conf /usr/local/etc/fail2ban/filter.d/nginx-404.conf cp fail2ban/nginx-dos.conf /usr/local/etc/fail2ban/filter.d/nginx-dos.conf cp fail2ban/jail.local /usr/local/etc/fail2ban/jail.local +cp fail2ban/sip-auth-challenge-ip.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge-ip.conf +cp fail2ban/sip-auth-challenge.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge.conf + +# Fix default setting for allowipv6 directive +mv /usr/local/etc/fail2ban/fail2ban.conf /usr/local/etc/fail2ban/fail2ban.conf.dist +cat /usr/local/etc/fail2ban/fail2ban.conf.dist | sed '/^#allowipv6/s//allowipv6/' > /usr/local/etc/fail2ban/fail2ban.conf +chown root:wheel /usr/local/etc/fail2ban/fail2ban.conf +chmod 0644 /usr/local/etc/fail2ban/fail2ban.conf #restart fail2ban service fail2ban start diff --git a/freebsd/resources/fail2ban/freeswitch-dos.conf b/freebsd/resources/fail2ban/freeswitch-dos.conf new file mode 100755 index 0000000..3407183 --- /dev/null +++ b/freebsd/resources/fail2ban/freeswitch-dos.conf @@ -0,0 +1,21 @@ +# Fail2Ban configuration file +# +# Author: soapee01 +# + +[Definition] + +# Option: failregex +# Notes.: regex to match the password failures messages in the logfile. The +# host must be matched by a group named "host". The tag "" can +# be used for standard IP/hostname matching and is only an alias for +# (?:::f{4,6}:)?(?P[\w\-.^_]+) +# Values: TEXT +# +failregex = \[WARNING\] sofia_reg.c:\d+ SIP auth challenge \(REGISTER\) on sofia profile \'\w+\' for \[.*\] from ip + +# Option: ignoreregex +# Notes.: regex to ignore. If this regex matches, the line is ignored. +# Values: TEXT +# +ignoreregex = diff --git a/freebsd/resources/postgresql.sh b/freebsd/resources/postgresql.sh index 79850b4..e1d8b2a 100755 --- a/freebsd/resources/postgresql.sh +++ b/freebsd/resources/postgresql.sh @@ -24,6 +24,14 @@ password=$(cat /dev/random | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 20) echo "Install PostgreSQL and create the database and users\n" #postgres install +if [ ."$database_version" = ."15" ]; then + pkg install --yes postgresql15-server + #cd /usr/ports/databases/postgresql15-server/ && make install clean BATCH=yes +fi +if [ ."$database_version" = ."14" ]; then + pkg install --yes postgresql14-server + #cd /usr/ports/databases/postgresql14-server/ && make install clean BATCH=yes +fi if [ ."$database_version" = ."13" ]; then pkg install --yes postgresql13-server #cd /usr/ports/databases/postgresql13-server/ && make install clean BATCH=yes @@ -64,6 +72,12 @@ echo 'postgresql_enable=true' >> /etc/rc.conf /usr/local/etc/rc.d/postgresql initdb #start postgresql +if [ ."$database_version" = ."15" ]; then + sudo -u postgres /usr/local/bin/pg_ctl -D /var/db/postgres/data15 start +fi +if [ ."$database_version" = ."14" ]; then + sudo -u postgres /usr/local/bin/pg_ctl -D /var/db/postgres/data14 start +fi if [ ."$database_version" = ."13" ]; then sudo -u postgres /usr/local/bin/pg_ctl -D /var/db/postgres/data13 start fi diff --git a/freebsd/resources/switch/package-release.sh b/freebsd/resources/switch/package-release.sh index 77f06e5..e411dff 100755 --- a/freebsd/resources/switch/package-release.sh +++ b/freebsd/resources/switch/package-release.sh @@ -7,7 +7,7 @@ cd "$(dirname "$0")" . ../config.sh #install dependencies -pkg install --yes tiff ghostscript9-base memcached sox +pkg install --yes tiff ghostscript10-10.02.1 memcached sox #set the current working directory cwd=$(pwd) @@ -35,8 +35,8 @@ cd $cwd echo 'memcached_enable="YES"' >> /etc/rc.conf echo 'freeswitch_enable="YES"' >> /etc/rc.conf echo 'freeswitch_flags="-nonat"' >> /etc/rc.conf -echo 'freeswitch_user="www"' >> /etc/rc.conf -echo 'freeswitch_group="www"' >> /etc/rc.conf +echo 'freeswitch_username="www"' >> /etc/rc.conf +echo 'freeswitch_groupname="www"' >> /etc/rc.conf #start the service service memcached start