Merge pull request #9 from mafoo/Enhance-permissions

Enhance Permissions

debian/install.sh

@@ -1,29 +1,78 @@
 #!/bin/sh
 
+#Process command line options
+OPTS=`getopt -n 'install.sh' -o h -l help,use-freeswitch-source,use-freeswitch-package-all,use-freeswitch-master -- "$@"`
+eval set -- "$OPTS"
+
+if [ $? != 0 ] ; then echo "Failed parsing options." >&2 ; exit 1 ; fi
+
+USE_FREESWITCH_SOURCE=false
+USE_FREESWITCH_PACKAGE_ALL=false
+USE_FREESWITCH_MASTER=false
+HELP=false
+
+while true; do
+  case "$1" in
+    --use-freeswitch-source ) USE_FREESWITCH_SOURCE=true; shift ;;
+    --use-freeswitch-package-all ) USE_FREESWITCH_PACKAGE_ALL=true; shift ;;
+    --use-freeswitch-master ) USE_FREESWITCH_MASTER=true; shift ;;
+    -h | --help ) HELP=true; shift ;;
+    -- ) shift; break ;;
+    * ) break ;;
+  esac
+done
+
+if [ $HELP = true ]; then
+	echo "Debian installer script"
+	echo "	--use-freeswitch-source will use freeswitch from source rather than (default:packages)"
+	echo "	--use-freeswitch-package-all if using packages use the meta-all package"
+	echo "	--use-freeswitch-master will use master branch/packages instead of (default:stable)"
+	exit;
+fi
+
 #Update Debian
 echo "Update Debian"
 apt-get upgrade && apt-get update -y --force-yes
 
 #IPTables
-resources/./iptables.sh
+resources/iptables.sh
 
 #FusionPBX
-resources/./fusionpbx.sh
+resources/fusionpbx.sh
 
 #NGINX web server
-resources/./nginx.sh
+resources/nginx.sh
 
 #Fail2ban
-resources/./fail2ban.sh
+resources/fail2ban.sh
 
 #FreeSWITCH
-resources/switch/./package-release.sh
+if [ $USE_FREESWITCH_SOURCE = true ]; then
-#resources/switch/./package-master.sh
+	if [ $USE_FREESWITCH_MASTER = true ]; then
-#resources/switch/./source-release.sh
+		resources/switch/source-master.sh
-resources/switch/./package-permissions.sh
+	else
+		resources/switch/source-release.sh
+	fi
+	resources/switch/source-permissions.sh
+else
+	if [ $USE_FREESWITCH_MASER = true ]; then
+		if [ $USE_FREESWITCH_PACKAGE_ALL = true ]; then
+			resources/switch/package-master-all.sh
+		else
+			resources/switch/package-master.sh
+		fi
+	else
+		if [ $USE_FREESWITCH_PACKAGE_ALL = true ]; then
+			resources/switch/package-all.sh
+		else
+			resources/switch/package-release.sh
+		fi
+	fi
+	resources/switch/package-permissions.sh
+fi
 
 #Postgres
-resources/./postgres.sh
+resources/postgres.sh
 
 #set the ip address
 server_address=$(hostname -I)
@@ -32,10 +81,9 @@ server_address=$(hostname -I)
 /bin/systemctl daemon-reload
 /bin/systemctl try-restart freeswitch
 /bin/systemctl daemon-reload
+/bin/systemctl restart php-fpm
 /bin/systemctl restart nginx
 /bin/systemctl restart fail2ban
-#/usr/sbin/service nginx restart
-#/usr/sbin/service fail2ban restart
 
 #Show database password
 echo "Complete the install by by going to the IP address of this server ";

debian/resources/switch/package-all.sh

@@ -9,31 +9,7 @@ else
         echo "deb http://files.freeswitch.org/repo/deb/freeswitch-1.6/ jessie main" > /etc/apt/sources.list.d/freeswitch.list
         curl http://files.freeswitch.org/repo/deb/freeswitch-1.6/key.gpg | apt-key add -
 fi
-apt-get update && apt-get install -y --force-yes freeswitch-all freeswitch-all-dbg gdb
+apt-get update && apt-get install -y --force-yes freeswitch-meta-all freeswitch-all-dbg gdb
-#apt-get remove freeswitch-all freeswitch-all-dbg
-#rm /etc/apt/sources.list.d/freeswitch.list
 
-#set the file permissions
+#make sure that postgresql is started before starting freeswitch
-chown -R freeswitch:freeswitch /var/lib/freeswitch
+sed -i /lib/systemd/system/freeswitch.service -e s:'local-fs.target:local-fs.target postgresql.service:'
-chmod -R g+s /var/lib/freeswitch
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /var/lib/freeswitch
-setfacl -R -d -m u:www-data:rwx,g:www-data:rwx /var/lib/freeswitch
-
-chown -R freeswitch:freeswitch /usr/share/freeswitch
-chmod -R g+s /usr/share/freeswitch
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /usr/share/freeswitch
-setfacl -R -d -m u:www-data:rwx,g:www-data:rwx /usr/share/freeswitch
-
-chown -R freeswitch:freeswitch /etc/freeswitch
-chmod -R g+s /etc/freeswitch
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /etc/freeswitch
-setfacl -R -d -m u:www-data:rwx,g:www-data:rwx /etc/freeswitch
-
-chown -R freeswitch:freeswitch /var/log/freeswitch
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /var/log/freeswitch
-setfacl -R -d -m u:www-data:rwx,g:www-data:rwx /var/log/freeswitch
-
-chown -R freeswitch:freeswitch /usr/share/freeswitch/sounds
-chmod -R g+s /usr/share/freeswitch/sounds
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /usr/share/freeswitch/sounds
-setfacl -R -d -m u:www-data:rwx,g:www-data:rwx /usr/share/freeswitch/sounds

debian/resources/switch/package-master-all.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+apt-get update && apt-get install -y --force-yes curl memcached haveged
+curl https://files.freeswitch.org/repo/deb/debian/freeswitch_archive_g0.pub | apt-key add -
+echo "deb http://files.freeswitch.org/repo/deb/freeswitch-1.6/ jessie main" > /etc/apt/sources.list.d/freeswitch.list
+echo "deb http://files.freeswitch.org/repo/deb/debian-unstable/ jessie main" >> /etc/apt/sources.list.d/freeswitch.list
+apt-get update && apt-get install -y --force-yes freeswitch-meta-all freeswitch-all-dbg gdb
+
+#make sure that postgresql is started before starting freeswitch
+sed -i /lib/systemd/system/freeswitch.service -e s:'local-fs.target:local-fs.target postgresql.service:'

debian/resources/switch/package-master.sh

@@ -3,31 +3,17 @@ apt-get update && apt-get install -y --force-yes curl memcached haveged
 curl https://files.freeswitch.org/repo/deb/debian/freeswitch_archive_g0.pub | apt-key add -
 echo "deb http://files.freeswitch.org/repo/deb/freeswitch-1.6/ jessie main" > /etc/apt/sources.list.d/freeswitch.list
 echo "deb http://files.freeswitch.org/repo/deb/debian-unstable/ jessie main" >> /etc/apt/sources.list.d/freeswitch.list
-apt-get update && apt-get install -y --force-yes freeswitch-all freeswitch-all-dbg gdb
+apt-get update
-#apt-get remove freeswitch-all freeswitch-all-dbg
+apt-get install -y --force-yes gdb
-#rm /etc/apt/sources.list.d/freeswitch.list
+apt-get install -y --force-yes freeswitch-meta-bare freeswitch-conf-vanilla freeswitch-systemd freeswitch-mod-commands freeswitch-meta-codecs freeswitch-mod-console freeswitch-mod-logfile freeswitch-mod-distributor
-
+apt-get install -y --force-yes freeswitch-lang-en freeswitch-mod-say-en freeswitch-sounds-en-us-callie freeswitch-music-default
-#set the file permissions
+apt-get install -y --force-yes freeswitch-mod-enum freeswitch-mod-cdr-csv freeswitch-mod-event-socket freeswitch-mod-sofia freeswitch-mod-sofia-dbg freeswitch-mod-loopback
-chown -R freeswitch:freeswitch /var/lib/freeswitch
+apt-get install -y --force-yes freeswitch-mod-conference freeswitch-mod-db freeswitch-mod-dptools freeswitch-mod-expr freeswitch-mod-fifo libyuv-dev freeswitch-mod-httapi
-chmod -R g+s /var/lib/freeswitch
+apt-get install -y --force-yes freeswitch-mod-hash freeswitch-mod-esl freeswitch-mod-esf freeswitch-mod-fsv freeswitch-mod-valet-parking freeswitch-mod-dialplan-xml freeswitch-dbg
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /var/lib/freeswitch
+apt-get install -y --force-yes freeswitch-mod-sndfile freeswitch-mod-native-file freeswitch-mod-local-stream freeswitch-mod-tone-stream freeswitch-mod-lua freeswitch-meta-mod-say
-setfacl -R -m d:u:www-data:rwx,d:g:www-data:rwx /var/lib/freeswitch
+apt-get install -y --force-yes freeswitch-mod-xml-cdr freeswitch-mod-verto freeswitch-mod-callcenter freeswitch-mod-rtc freeswitch-mod-png freeswitch-mod-json-cdr freeswitch-mod-shout
-
+apt-get install -y --force-yes freeswitch-mod-skypopen freeswitch-mod-skypopen-dbg freeswitch-mod-sms freeswitch-mod-sms-dbg freeswitch-mod-cidlookup freeswitch-mod-memcache
-chown -R freeswitch:freeswitch /usr/share/freeswitch
+apt-get install -y --force-yes freeswitch-mod-imagick freeswitch-mod-tts-commandline freeswitch-mod-directory freeswitch-mod-flite
-chmod -R g+s /usr/share/freeswitch
+
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /usr/share/freeswitch
+#make sure that postgresql is started before starting freeswitch
-setfacl -R -m d:u:www-data:rwx,d:g:www-data:rwx /usr/share/freeswitch
+sed -i /lib/systemd/system/freeswitch.service -e s:'local-fs.target:local-fs.target postgresql.service:'
-
-chown -R freeswitch:freeswitch /etc/freeswitch
-chmod -R g+s /etc/freeswitch
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /etc/freeswitch
-setfacl -R -m d:u:www-data:rwx,d:g:www-data:rwx /etc/freeswitch
-
-chown -R freeswitch:freeswitch /var/log/freeswitch
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /var/log/freeswitch
-setfacl -R -m d:u:www-data:rwx,d:g:www-data:rwx /var/log/freeswitch
-
-chown -R freeswitch:freeswitch /usr/share/freeswitch/sounds
-chmod -R g+s /usr/share/freeswitch/sounds
-setfacl -R -m u:www-data:rwx,g:www-data:rwx /usr/share/freeswitch/sounds
-setfacl -R -m d:u:www-data:rwx,d:g:www-data:rwx /usr/share/freeswitch/sounds

debian/resources/switch/package-permissions.sh

@@ -4,19 +4,18 @@ usermod -a -G www-data freeswitch
 
 #setup owner and group, permissions and sticky
 chown -R freeswitch:freeswitch /var/lib/freeswitch
-chmod -R 770 /var/lib/freeswitch
+chmod -R ug+rw /var/lib/freeswitch
-chmod -R g+s /var/lib/freeswitch
+find /var/lib/freeswitch -type d -exec chmod 2770 {} \;
 
+mkdir /usr/share/freeswitch/scripts
 chown -R freeswitch:freeswitch /usr/share/freeswitch
-chmod -R 770 /usr/share/freeswitch
+chmod -R ug+rw /var/share/freeswitch
-#chmod -R 770 /usr/share/freeswitch/scripts
+find /var/share/freeswitch -type d -exec chmod 2770 {} \;
-#chmod -R 770 /usr/share/freeswitch/lang
-chmod -R g+s /usr/share/freeswitch
 
 chown -R freeswitch:freeswitch /etc/freeswitch
-chmod -R 770 /etc/freeswitch
+chmod -R ug+rw /etc/freeswitch
-chmod -R g+s /etc/freeswitch
+find /etc/freeswitch -type d -exec chmod 2770 {} \;
 
 chown -R freeswitch:freeswitch /var/log/freeswitch
-chmod -R 770 /var/log/freeswitch
+chmod -R ug+rw /var/log/freeswitch
-chmod -R g+s /var/log/freeswitch
+find /var/log/freeswitch -type d -exec chmod 2770 {} \;

debian/resources/switch/package-release.sh

@@ -23,7 +23,3 @@ apt-get install -y --force-yes freeswitch-mod-imagick freeswitch-mod-tts-command
 
 #make sure that postgresql is started before starting freeswitch
 sed -i /lib/systemd/system/freeswitch.service -e s:'local-fs.target:local-fs.target postgresql.service:'
-
-#set the file permissions
-mkdir /usr/share/freeswitch/scripts
-chmod g+ws /usr/share/freeswitch/scripts

debian/resources/switch/source-permissions.sh

@@ -0,0 +1,8 @@
+#add users to the groups
+usermod -a -G freeswitch www-data
+usermod -a -G www-data freeswitch
+
+#setup owner and group, permissions and sticky
+chown -R freeswitch:freeswitch /usr/local/freeswitch
+chmod -R ug+rw /usr/local/freeswitch
+find /usr/local/freeswitch -type d -exec chmod 2770 {} \;

debian/resources/switch/source-release.sh

@@ -1,37 +1,36 @@
-#!/bin/sh
+#!/bin/sh
-echo "Installing the FreeSWITCH source"
+echo "Installing the FreeSWITCH source"
-DEBIAN_FRONTEND=none APT_LISTCHANGES_FRONTEND=none apt-get install -y --force-yes  ntpdate libapache2-mod-log-sql-ssl libfreetype6-dev git-buildpackage doxygen yasm nasm gdb git build-essential automake autoconf 'libtool-bin|libtool' python uuid-dev zlib1g-dev 'libjpeg8-dev|libjpeg62-turbo-dev' libncurses5-dev libssl-dev libpcre3-dev libcurl4-openssl-dev libldns-dev libedit-dev libspeexdsp-dev libspeexdsp-dev libsqlite3-dev perl libgdbm-dev libdb-dev bison libvlc-dev libvlccore-dev vlc-nox pkg-config ccache libpng-dev libvpx-dev libyuv-dev libopenal-dev libbroadvoice-dev libcodec2-dev libflite-dev libg7221-dev libilbc-dev libmongoc-dev libsilk-dev libsoundtouch-dev libmagickcore-dev liblua5.2-dev libopus-dev libsndfile-dev libopencv-dev libavformat-dev libx264-dev erlang-dev libldap2-dev libmemcached-dev libperl-dev portaudio19-dev python-dev libsnmp-dev libyaml-dev libmp4v2-dev
+DEBIAN_FRONTEND=none APT_LISTCHANGES_FRONTEND=none apt-get install -y --force-yes  ntpdate libapache2-mod-log-sql-ssl libfreetype6-dev git-buildpackage doxygen yasm nasm gdb git build-essential automake autoconf 'libtool-bin|libtool' python uuid-dev zlib1g-dev 'libjpeg8-dev|libjpeg62-turbo-dev' libncurses5-dev libssl-dev libpcre3-dev libcurl4-openssl-dev libldns-dev libedit-dev libspeexdsp-dev libspeexdsp-dev libsqlite3-dev perl libgdbm-dev libdb-dev bison libvlc-dev libvlccore-dev vlc-nox pkg-config ccache libpng-dev libvpx-dev libyuv-dev libopenal-dev libbroadvoice-dev libcodec2-dev libflite-dev libg7221-dev libilbc-dev libmongoc-dev libsilk-dev libsoundtouch-dev libmagickcore-dev liblua5.2-dev libopus-dev libsndfile-dev libopencv-dev libavformat-dev libx264-dev erlang-dev libldap2-dev libmemcached-dev libperl-dev portaudio19-dev python-dev libsnmp-dev libyaml-dev libmp4v2-dev
-apt-get install -y --force-yes unzip libpq-dev memcached libshout3-dev libvpx-dev libmpg123-dev libmp3lame-dev
+apt-get install -y --force-yes unzip libpq-dev memcached libshout3-dev libvpx-dev libmpg123-dev libmp3lame-dev
-
+
-apt-get update && apt-get install -y --force-yes curl haveged
+apt-get update && apt-get install -y --force-yes curl haveged
-curl https://files.freeswitch.org/repo/deb/debian/freeswitch_archive_g0.pub | apt-key add -
+curl https://files.freeswitch.org/repo/deb/debian/freeswitch_archive_g0.pub | apt-key add -
-echo "deb http://files.freeswitch.org/repo/deb/freeswitch-1.6/ jessie main" > /etc/apt/sources.list.d/freeswitch.list
+echo "deb http://files.freeswitch.org/repo/deb/freeswitch-1.6/ jessie main" > /etc/apt/sources.list.d/freeswitch.list
-apt-get update && apt-get upgrade
+apt-get update && apt-get upgrade
-apt-get install -y --force-yes freeswitch-video-deps-most
+apt-get install -y --force-yes freeswitch-video-deps-most
-
+
-#git clone https://freeswitch.org/stash/scm/fs/freeswitch.git /usr/src/freeswitch
+#git clone https://freeswitch.org/stash/scm/fs/freeswitch.git /usr/src/freeswitch
-#git clone -b v1.6 https://freeswitch.org/stash/scm/fs/freeswitch.git /usr/src/freeswitch
+#git clone -b v1.6 https://freeswitch.org/stash/scm/fs/freeswitch.git /usr/src/freeswitch
-cd /usr/src && wget http://files.freeswitch.org/freeswitch-releases/freeswitch-1.6.7.zip
+cd /usr/src && wget http://files.freeswitch.org/freeswitch-releases/freeswitch-1.6.7.zip
-unzip freeswitch-1.6.7.zip
+unzip freeswitch-1.6.7.zip
-rm -R freeswitch
+rm -R freeswitch
-cp -R freeswitch-1.6.7 freeswitch
+cp -R freeswitch-1.6.7 freeswitch
-cd freeswitch
+cd freeswitch
-
+
-#./bootstrap.sh -j
+#./bootstrap.sh -j
-sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_avmd:applications/mod_avmd:'
+sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_avmd:applications/mod_avmd:'
-sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_callcenter:applications/mod_callcenter:'
+sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_callcenter:applications/mod_callcenter:'
-sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_cidlookup:applications/mod_cidlookup:'
+sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_cidlookup:applications/mod_cidlookup:'
-sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_memcache:applications/mod_memcache:'
+sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_memcache:applications/mod_memcache:'
-sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_curl:applications/mod_curl:'
+sed -i /usr/src/freeswitch/modules.conf -e s:'#applications/mod_curl:applications/mod_curl:'
-sed -i /usr/src/freeswitch/modules.conf -e s:'#formats/mod_shout:formats/mod_shout:'
+sed -i /usr/src/freeswitch/modules.conf -e s:'#formats/mod_shout:formats/mod_shout:'
-#./configure --help
+#./configure --help
-#./configure --prefix=/usr/local/freeswitch --enable-core-pgsql-support --enable-system-lua --disable-fhs
+#./configure --prefix=/usr/local/freeswitch --enable-core-pgsql-support --enable-system-lua --disable-fhs
-./configure --prefix=/usr/local/freeswitch --enable-core-pgsql-support --disable-fhs
+./configure --prefix=/usr/local/freeswitch --enable-core-pgsql-support --disable-fhs
-#make mod_shout-install
+#make mod_shout-install
-make
+make
-rm -rf /usr/local/freeswitch/{lib,mod,bin}/*
+rm -rf /usr/local/freeswitch/{lib,mod,bin}/*
-make install
+make install
-make sounds-install moh-install
+make sounds-install moh-install
-make hd-sounds-install hd-moh-install
+make hd-sounds-install hd-moh-install
-make cd-sounds-install cd-moh-install
+make cd-sounds-install cd-moh-install
-chown -R www-data:www-data /usr/local/freeswitch