dbxe
/
fusionpbx-install.sh
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #8 from fusionpbx/master 

Merge last commits from base
This commit is contained in:
erxspin 2017-03-27 17:28:11 +06:00 committed by GitHub
parent 17635f2587 c38c63e193
commit 6a95af8a65
54 changed files with 1490 additions and 210 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
README.md
View File

@ -1,23 +1,22 @@
fusionpbx-install.sh
FusionPBX Install
--------------------------------------
A quick install guide for a FusionPBX install. It is recommended to start the install on a minimal install.
This install script that has been designed to be an fast, simple, and modular way to to install FusionPBX. Start with a minimal install of Debian 8 with SSH enabled. Run the following commands under root. It installs FusionPBX, FreeSWITCH release package and its dependencies, IPTables, Fail2ban, NGINX, PHP FPM, and PostgresQL.
```bash
wget https://raw.githubusercontent.com/fusionpbx/fusionpbx-install.sh/master/install.sh -O install.sh && sh install.sh
### Debian
Debian is the preferred operating system by the FreeSWITCH developers.
It supports the latest video dependencies. If you want to do video mixing use Debian.
```sh
wget -O - https://raw.githubusercontent.com/fusionpbx/fusionpbx-install.sh/master/pre-install.sh | sh
cd /usr/src/fusionpbx-install.sh/debian && ./install.sh
```
At the end of the install it will instruct you to go to the ip address of the server in your web browser to finish the install. It will also provide a random database password for you to use during the web based phase of the install. The install script builds the fusionpbx database so you will not need to use the create database username and password on the last page of the web based install.
### CentOS
This is the operating system is a requirement for some companies. This install may new and may need additional work.
After you have completed the install you can login with the username and password you chose during the install. After you login go to them menu then Advanced -> Upgrade select the checkbox for App defaults.
```bash
systemctl daemon-reload
systemctl restart freeswitch
```sh
wget -O - https://raw.githubusercontent.com/fusionpbx/fusionpbx-install.sh/master/pre-install.sh | sh
cd /usr/src/fusionpbx-install.sh/centos && ./install.sh
```
Then go to Status -> SIP Status and start the SIP profiles, after this, go to Advanced -> Modules and find the module Memcached and click start.
For additional information to get started go to http://docs.fusionpbx.com/en/latest/getting_started.html

0
centos/install.sh Normal file → Executable file
View File

0
centos/resources/arguments.sh Normal file → Executable file
View File

0
centos/resources/backup/fusionpbx-backup.sh Normal file → Executable file
View File

0
centos/resources/colors.sh Normal file → Executable file
View File

0
centos/resources/fail2ban.sh Normal file → Executable file
View File

0
centos/resources/finish.sh Normal file → Executable file
View File

0
centos/resources/firewalld.sh Normal file → Executable file
View File

0
centos/resources/fusionpbx.sh Normal file → Executable file
View File

0
centos/resources/nginx.sh Normal file → Executable file
View File

0
centos/resources/php.sh Normal file → Executable file
View File

0
centos/resources/postgres.sh Normal file → Executable file
View File

0
centos/resources/sslcert.sh Normal file → Executable file
View File

0
centos/resources/switch/conf-copy.sh Normal file → Executable file
View File

0
centos/resources/switch/package-permissions.sh Normal file → Executable file
View File

0
centos/resources/switch/package-release.sh Normal file → Executable file
View File

0
centos/resources/switch/package-systemd.sh Normal file → Executable file
View File

10
debian/resources/config.sh vendored
View File

@ -1,5 +1,7 @@
# FusionPBX Settings
system_username=admin # default username admin
system_password=random # random or as a pre-set value
system_branch=stable # master, stable
# FreeSWITCH Settings
@ -7,8 +9,10 @@ switch_branch=stable # master, stable
switch_source=false # true or false
switch_package=true # true or false
# General Settings
php_version=5 # PHP version 5 or 7
# Database Settings
database_password=random # random or as a pre-set value
database_repo=official # PostgresSQL official, system, 2ndquadrant
database_backup=false # true or false
web_server_name=nginx # nginx
# General Settings
php_version=5 # PHP version 5 or 7

12
debian/resources/finish.sh vendored
View File

@ -12,7 +12,9 @@ cd "$(dirname "$0")"
database_host=127.0.0.1
database_port=5432
database_username=fusionpbx
database_password=$(dd if=/dev/urandom bs=1 count=20 2>/dev/null | base64 | sed 's/[=\+//]//g')
if [ .$database_password = .'random' ]; then
database_password=$(dd if=/dev/urandom bs=1 count=20 2>/dev/null | base64 | sed 's/[=\+//]//g')
fi
#allow the script to use the new password
export PGPASSWORD=$database_password
@ -49,8 +51,12 @@ cd /var/www/fusionpbx && php /var/www/fusionpbx/core/upgrade/upgrade_domains.php
#add the user
user_uuid=$(/usr/bin/php /var/www/fusionpbx/resources/uuid.php);
user_salt=$(/usr/bin/php /var/www/fusionpbx/resources/uuid.php);
user_name=admin
user_password=$(dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 | sed 's/[=\+//]//g')
user_name=$system_username
if [ .$system_password = .'random' ]; then
user_password=$(dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 | sed 's/[=\+//]//g')
else
user_password=$system_password
fi
password_hash=$(php -r "echo md5('$user_salt$user_password');");
psql --host=$database_host --port=$database_port --username=$database_username -t -c "insert into v_users (user_uuid, domain_uuid, username, password, salt, user_enabled) values('$user_uuid', '$domain_uuid', '$user_name', '$password_hash', '$user_salt', 'true');"

3
debian/resources/iptables.sh vendored
View File

@ -34,6 +34,9 @@ iptables -A INPUT -p udp --dport 5080:5081 -j ACCEPT
iptables -A INPUT -p udp --dport 16384:32768 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p udp --dport 1194 -j ACCEPT
iptables -t mangle -A OUTPUT -p udp -m udp --sport 16384:32768 -j DSCP --set-dscp 46
iptables -t mangle -A OUTPUT -p udp -m udp --sport 5060:5081 -j DSCP --set-dscp 26
iptables -t mangle -A OUTPUT -p tcp -m tcp --sport 5060:5081 -j DSCP --set-dscp 26
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

0
debian/resources/sngrep.sh vendored Normal file → Executable file
View File

53
freebsd/install.sh Executable file
View File

@ -0,0 +1,53 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#includes
. ./resources/config.sh
. ./resources/colors.sh
. ./resources/environment.sh
# removes the cd img from the /etc/apt/sources.list file (not needed after base install)
#sed -i '/cdrom:/d' /etc/apt/sources.list
#Update to latest packages
verbose "Update installed packages"
pkg upgrade
#PF - Packet Filter
resources/pf.sh
#FusionPBX
resources/fusionpbx.sh
#NGINX web server
resources/nginx.sh
#PHP
resources/php.sh
#Fail2ban
#resources/fail2ban.sh
#FreeSWITCH
resources/switch.sh
#Postgres
resources/postgres.sh
#set the ip address
server_address=$(hostname -I)
#restart services
if [ ."$php_version" = ."5" ]; then
service php5-fpm restart
fi
if [ ."$php_version" = ."7" ]; then
service php7.0-fpm restart
fi
service nginx restart
service fail2ban restart
#add the database schema, user and groups
resources/finish.sh

27
freebsd/resources/backup/fusionpbx-backup.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/sh
export PGPASSWORD="zzz"
db_host=127.0.0.1
db_port=5432
now=$(date +%Y-%m-%d)
mkdir -p /var/backups/fusionpbx/postgresql
echo "Backup Started"
#delete postgres backups
find /var/backups/fusionpbx/postgresql/fusionpbx_pgsql* -mtime +4 -exec rm {} \;
#delete the main backup
find /var/backups/fusionpbx/*.tgz -mtime +2 -exec rm {} \;
#backup the database
pg_dump --verbose -Fc --host=$db_host --port=$db_port -U fusionpbx fusionpbx --schema=public -f /var/backups/fusionpbx/postgresql/fusionpbx_pgsql_$now.sql
#package
tar -zvcf /var/backups/fusionpbx/backup_$now.tgz /var/backups/fusionpbx/postgresql/fusionpbx_pgsql_$now.sql /var/www/fusionpbx /usr/share/freeswitch/scripts /var/lib/freeswitch/storage /var/lib/freeswitch/recordings /etc/fusionpbx /etc/freeswitch
#source
#tar -zvcf /var/backups/fusionpbx/backup_$now.tgz /var/backups/fusionpbx/postgresql/fusionpbx_pgsql_$now.sql /var/www/fusionpbx /usr/local/freeswitch/scripts /usr/local/freeswitch/storage /usr/local/freeswitch/recordings /etc/fusionpbx /usr/local/freeswitch/conf
echo "Backup Completed"

25
freebsd/resources/colors.sh Executable file
View File

@ -0,0 +1,25 @@
#!/bin/sh
verbose () {
echo "${green}$1${normal}"
}
error () {
echo "${red}$1${normal}"
}
warning () {
echo "${yellow}$1${normal}"
}
# check for color support
if test -t 1; then
# see if it supports colors...
ncolors=$(tput colors)
if test -n "$ncolors" && test $ncolors -ge 8; then
normal="$(tput sgr0)"
red="$(tput setaf 1)"
green="$(tput setaf 2)"
yellow="$(tput setaf 3)"
fi
fi

17
freebsd/resources/config.sh Executable file
View File

@ -0,0 +1,17 @@
# FusionPBX Settings
system_username=admin # default username admin
system_password=random # random or as a pre-set value
system_branch=stable # master, stable
# FreeSWITCH Settings
switch_branch=stable # master, stable
switch_source=true # true
# Database Settings
database_password=random # random or as a pre-set value
database_version=9.6 # Postgres 9.6, 9.5, or 9.4
database_backup=false # true or false
# General Settings
php_version=7 # PHP version 5 or 7

10
freebsd/resources/environment.sh Executable file
View File

@ -0,0 +1,10 @@
#!/bin/sh
#operating system details
os_name=$(freebsd-version -u)
os_mode='unknown'
#cpu details
cpu_name=$(uname -m)
cpu_architecture='unknown'
cpu_mode='unknown'

35
freebsd/resources/fail2ban.sh Executable file
View File

@ -0,0 +1,35 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#includes
. ./config.sh
. ./colors.sh
#send a message
verbose "Installing Fail2ban"
#add the dependencies
pkg install --yes py27-fail2ban
#enable fail2ban service
echo 'fail2ban_enable="YES"' >> /etc/rc.conf
#move the filters
cp fail2ban/freeswitch-dos.conf /usr/local/etc/fail2ban/filter.d/freeswitch-dos.conf
cp fail2ban/freeswitch-ip.conf /usr/local/etc/fail2ban/filter.d/freeswitch-ip.conf
cp fail2ban/freeswitch-404.conf /usr/local/etc/fail2ban/filter.d/freeswitch-404.conf
cp fail2ban/freeswitch.conf /usr/local/etc/fail2ban/filter.d/freeswitch.conf
cp fail2ban/fusionpbx.conf /usr/local/etc/fail2ban/filter.d/fusionpbx.conf
cp fail2ban/nginx-404.conf /usr/local/etc/fail2ban/filter.d/nginx-404.conf
cp fail2ban/nginx-dos.conf /usr/local/etc/fail2ban/filter.d/nginx-dos.conf
cp fail2ban/jail.local /usr/local/etc/fail2ban/jail.local
#update config if source is being used
if [ .$switch_source = .true ]; then
sed -i' ' -e 's#var/log/freeswitch#usr/local/freeswitch/log#g' /etc/fail2ban/jail.local
fi
#restart fail2ban
service fail2ban restart

27
freebsd/resources/fail2ban/freeswitch-404.conf Executable file
View File

@ -0,0 +1,27 @@
# Fail2Ban configuration file
# inbound route - 404 not found
[Definition]
# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
#failregex = [hostname] FusionPBX: \[<HOST>\] authentication failed
#[hostname] variable doesn't seem to work in every case. Do this instead:
failregex = 404 not found <HOST>
#EXECUTE sofia/external/8888888888888@example.fusionpbx.com log([inbound routes] 404 not found 82.68.115.62)
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

21
freebsd/resources/fail2ban/freeswitch-dos.conf Executable file
View File

@ -0,0 +1,21 @@
# Fail2Ban configuration file
#
# Author: soapee01
#
[Definition]
# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
failregex = \[WARNING\] sofia_reg.c:\d+ SIP auth challenge \(REGISTER\) on sofia profile \'\w+\' for \[.*\] from ip <HOST>
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

20
freebsd/resources/fail2ban/freeswitch-ip.conf Executable file
View File

@ -0,0 +1,20 @@
# Fail2Ban configuration file
#
[Definition]
# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
#2014-12-01 00:47:54.331821 [WARNING] sofia_reg.c:2752 Can't find user [1000@xxx.xxx.xxx.xxx] from 62.210.151.162
failregex = \[WARNING\] sofia_reg.c:\d+ Can't find user \[.*@\d+.\d+.\d+.\d+\] from <HOST>
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

18
freebsd/resources/fail2ban/freeswitch.conf Executable file
View File

@ -0,0 +1,18 @@
[Definition]
# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
failregex = \[WARNING\] sofia_reg.c:\d+ SIP auth failure \(REGISTER\) on sofia profile \'\w+\' for \[.*\] from ip <HOST>
\[WARNING\] sofia_reg.c:\d+ SIP auth failure \(INVITE\) on sofia profile \'\w+\' for \[.*\] from ip <HOST>
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

25
freebsd/resources/fail2ban/fusionpbx.conf Executable file
View File

@ -0,0 +1,25 @@
# Fail2Ban configuration file
#
# Author: soapee01
#
[Definition]
# Option: failregex
# Notes.: regex to match the password failures messages in the logfile. The
# host must be matched by a group named "host". The tag "<HOST>" can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values: TEXT
#
#failregex = [hostname] FusionPBX: \[<HOST>\] authentication failed
#[hostname] variable doesn't seem to work in every case. Do this instead:
failregex = .* FusionPBX: \[<HOST>\] authentication failed for
= .* FusionPBX: \[<HOST>\] provision attempt bad password for
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

113
freebsd/resources/fail2ban/jail.local Executable file
View File

@ -0,0 +1,113 @@
[freeswitch-udp]
enabled = true
port = 5060,5061,5080,5081
protocol = all
filter = freeswitch
logpath = /var/log/freeswitch/freeswitch.log
action = iptables-multiport[name=freeswitch-udp, port="5060,5061,5080,5081", protocol=udp]
maxretry = 5
findtime = 600
bantime = 600
# sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed
[freeswitch-tcp]
enabled = true
port = 5060,5061,5080,5081
protocol = all
filter = freeswitch
logpath = /var/log/freeswitch/freeswitch.log
action = iptables-multiport[name=freeswitch-tcp, port="5060,5061,5080,5081", protocol=tcp]
maxretry = 5
findtime = 600
bantime = 600
# sendmail-whois[name=FreeSwitch, dest=root, sender=fail2ban@example.org] #no smtp server installed
#[freeswitch-ip-tcp]
#enabled = true
#port = 5060,5061,5080,5081
#protocol = all
#filter = freeswitch-ip
#logpath = /var/log/freeswitch/freeswitch.log
#action = iptables-multiport[name=freeswitch-ip-tcp, port="5060,5061,5080,5081", protocol=tcp]
#maxretry = 1
#findtime = 30
#bantime = 86400
#[freeswitch-ip-udp]
#enabled = true
#port = 5060,5061,5080,5081
#protocol = all
#filter = freeswitch-ip
#logpath = /var/log/freeswitch/freeswitch.log
#action = iptables-multiport[name=freeswitch-ip-udp, port="5060,5061,5080,5081", protocol=udp]
#maxretry = 1
#findtime = 30
#bantime = 86400
[freeswitch-dos-udp]
enabled = true
port = 5060,5061,5080,5081
protocol = all
filter = freeswitch-dos
logpath = /var/log/freeswitch/freeswitch.log
action = iptables-multiport[name=freeswitch-dos-udp, port="5060,5061,5080,5081", protocol=udp]
maxretry = 50
findtime = 30
bantime = 6000
[freeswitch-dos-tcp]
enabled = true
port = 5060,5061,5080,5081
protocol = all
filter = freeswitch-dos
logpath = /var/log/freeswitch/freeswitch.log
action = iptables-multiport[name=freeswitch-dos-tcp, port="5060,5061,5080,5081", protocol=tcp]
maxretry = 50
findtime = 30
bantime = 6000
[freeswitch-404]
enabled = true
port = 5060,5061,5080,5081
protocol = all
filter = freeswitch-404
logpath = /var/log/freeswitch/freeswitch.log
action = iptables-allports[name=freeswitch-404, protocol=all]
maxretry = 3
findtime = 300
bantime = 86400
[fusionpbx]
enabled = true
port = 80,443
protocol = tcp
filter = fusionpbx
logpath = /var/log/auth.log
action = iptables-multiport[name=fusionpbx, port="http,https", protocol=tcp]
# sendmail-whois[name=fusionpbx, dest=root, sender=fail2ban@example.org] #no smtp server installed
maxretry = 10
findtime = 600
bantime = 600
[nginx-404]
enabled = true
port = 80,443
protocol = tcp
filter = nginx-404
logpath = /var/log/nginx/access*.log
bantime = 600
findtime = 60
maxretry = 120
[nginx-dos]
# Based on apache-badbots but a simple IP check (any IP requesting more than
# 240 pages in 60 seconds, or 4p/s average, is suspicious)
# Block for two full days.
enabled = true
port = 80,443
protocol = tcp
filter = nginx-dos
logpath = /var/log/nginx/access*.log
findtime = 60
bantime = 172800
maxretry = 240

5
freebsd/resources/fail2ban/nginx-404.conf Executable file
View File

@ -0,0 +1,5 @@
# Fail2Ban configuration file
#
[Definition]
failregex = <HOST> - - \[.*\] "(GET|POST).*HTTP[^ ]* 404
ignoreregex =

14
freebsd/resources/fail2ban/nginx-dos.conf Executable file
View File

@ -0,0 +1,14 @@
# Fail2Ban configuration file
[Definition]
# Option: failregex
# Notes.: Regexp to catch a generic call from an IP address.
# Values: TEXT
#
failregex = ^<HOST> -.*"(GET|POST).*HTTP.*"$
# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

114
freebsd/resources/finish.sh Executable file
View File

@ -0,0 +1,114 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#includes
. ./config.sh
. ./colors.sh
#database details
database_host=127.0.0.1
database_port=5432
database_username=fusionpbx
if [ .$database_password = .'random' ]; then
database_password=$(cat /dev/random | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 20)
fi
#allow the script to use the new password
export PGPASSWORD=$database_password
#update the database password
sudo -u postgres psql -c "ALTER USER fusionpbx WITH PASSWORD '$database_password';"
sudo -u postgres psql -c "ALTER USER freeswitch WITH PASSWORD '$database_password';"
#add the config.php
mkdir -p /etc/fusionpbx
chown -R www-data:www-data /etc/fusionpbx
cp fusionpbx/config.php /etc/fusionpbx
sed -i' ' -e s:'{database_username}:fusionpbx:' /etc/fusionpbx/config.php
sed -i' ' -e s:"{database_password}:$database_password:" /etc/fusionpbx/config.php
#add the database schema
cd /usr/local/www/fusionpbx && php /usr/local/www/fusionpbx/core/upgrade/upgrade_schema.php > /dev/null 2>&1
#get the server hostname
#domain_name=$(hostname -f)
#get the interface name
interface_name=$(ifconfig | pcregrep -M -o '^[^\t:]+:([^\n]|\n\t)*status: active' | egrep -o -m 1 '^[^\t:]+')
#get the ip address
domain_name=$(ifconfig $interface_name | grep 'inet ' | awk '{print $2}')
#get a domain_uuid
domain_uuid=$(/usr/bin/php /usr/local/www/fusionpbx/resources/uuid.php);
#add the domain name
psql --host=$database_host --port=$database_port --username=$database_username -c "insert into v_domains (domain_uuid, domain_name, domain_enabled) values('$domain_uuid', '$domain_name', 'true');"
#app defaults
cd /usr/local/www/fusionpbx && php /usr/local/www/fusionpbx/core/upgrade/upgrade_domains.php
#add the user
user_uuid=$(/usr/bin/php /usr/local/www/fusionpbx/resources/uuid.php);
user_salt=$(/usr/bin/php /usr/local/www/fusionpbx/resources/uuid.php);
user_name=$system_username
if [ .$system_password = .'random' ]; then
user_password=$(cat /dev/random | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 20)
else
user_password=$system_password
fi
password_hash=$(php -r "echo md5('$user_salt$user_password');");
psql --host=$database_host --port=$database_port --username=$database_username -t -c "insert into v_users (user_uuid, domain_uuid, username, password, salt, user_enabled) values('$user_uuid', '$domain_uuid', '$user_name', '$password_hash', '$user_salt', 'true');"
#get the superadmin group_uuid
group_uuid=$(psql --host=$database_host --port=$database_port --username=$database_username -t -c "select group_uuid from v_groups where group_name = 'superadmin';");
group_uuid=$(echo $group_uuid | sed 's/^[[:blank:]]*//;s/[[:blank:]]*$//')
#add the user to the group
group_user_uuid=$(/usr/bin/php /usr/local/www/fusionpbx/resources/uuid.php);
group_name=superadmin
psql --host=$database_host --port=$database_port --username=$database_username -c "insert into v_group_users (group_user_uuid, domain_uuid, group_name, group_uuid, user_uuid) values('$group_user_uuid', '$domain_uuid', '$group_name', '$group_uuid', '$user_uuid');"
#update xml_cdr url, user and password
xml_cdr_username=$(cat /dev/random | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 20)
xml_cdr_password=$(cat /dev/random | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 20)
sed -i' ' -e s:"{v_http_protocol}:http:" /usr/local/freeswitch/conf/autoload_configs/xml_cdr.conf.xml
sed -i' ' -e s:"{domain_name}:127.0.0.1:" /usr/local/freeswitch/conf/autoload_configs/xml_cdr.conf.xml
sed -i' ' -e s:"{v_project_path}::" /usr/local/freeswitch/conf/autoload_configs/xml_cdr.conf.xml
sed -i' ' -e s:"{v_user}:$xml_cdr_username:" /usr/local/freeswitch/conf/autoload_configs/xml_cdr.conf.xml
sed -i' ' -e s:"{v_pass}:$xml_cdr_password:" /usr/local/freeswitch/conf/autoload_configs/xml_cdr.conf.xml
#app defaults
cd /usr/local/www/fusionpbx && php /usr/local/www/fusionpbx/core/upgrade/upgrade_domains.php
#restart freeswitch
service freeswitch restart
#welcome message
echo ""
echo ""
verbose "Installation has completed."
echo ""
echo " Use a web browser to login."
echo " domain name: https://$domain_name"
echo " username: $user_name"
echo " password: $user_password"
echo ""
echo " The domain name in the browser is used by default as part of the authentication."
echo " If you need to login to a different domain then use username@domain."
echo " username: $user_name@$domain_name";
echo ""
echo " Official FusionPBX Training"
echo " Fastest way to learn FusionPBX. For more information https://www.fusionpbx.com."
echo " Admin Training 27 - 28 March (2 Days)"
echo " Advanced Training 29 - 30 March (2 Days)"
echo " Timezone: https://www.timeanddate.com/worldclock/usa/boise"
echo " Available online and in person. Includes documentation and recording."
echo ""
echo " Additional information."
echo " https://fusionpbx.com/support.php"
echo " https://www.fusionpbx.com"
echo " http://docs.fusionpbx.com"
echo ""

27
freebsd/resources/fusionpbx.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
. ./config.sh
. ./colors.sh
#send a message
verbose "Installing FusionPBX"
#install dependencies
pkg install --yes git ghostscript9-base tiff
if [ .$system_branch = "master" ]; then
verbose "Using master"
branch=""
else
system_version=4.2
verbose "Using version $system_version"
branch="-b $system_version"
fi
#get the source code
git clone $branch https://github.com/fusionpbx/fusionpbx.git /usr/local/www/fusionpbx
chown -R www:www /usr/local/www/fusionpbx
chmod -R 755 /usr/local/www/fusionpbx/secure

45
freebsd/resources/fusionpbx/config.php Executable file
View File

@ -0,0 +1,45 @@
<?php
/*
FusionPBX
Version: MPL 1.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is FusionPBX
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2016
the Initial Developer. All Rights Reserved.
Contributor(s):
Mark J Crane <markjcrane@fusionpbx.com>
*/
//set the database type
$db_type = 'pgsql'; //sqlite, mysql, pgsql, others with a manually created PDO connection
//sqlite: the db_name and db_path are automatically assigned however the values can be overidden by setting the values here.
//$db_name = 'fusionpbx.db'; //host name/ip address + '.db' is the default database filename
//$db_path = '/var/www/fusionpbx/secure'; //the path is determined by a php variable
//pgsql: database connection information
$db_host = 'localhost'; //set the host only if the database is not local
$db_port = '5432';
$db_name = 'fusionpbx';
$db_username = '{database_username}';
$db_password = '{database_password}';
//show errors
ini_set('display_errors', '1');
//error_reporting (E_ALL); // Report everything
//error_reporting (E_ALL ^ E_NOTICE); // hide notices
error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING ); //hide notices and warnings

201
freebsd/resources/fusionpbx/fusionpbx Executable file
View File

@ -0,0 +1,201 @@
server{
listen 127.0.0.1:80;
server_name 127.0.0.1;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
client_max_body_size 80M;
client_body_buffer_size 128k;
location / {
root /var/www/fusionpbx;
index index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
}
# Disable viewing .htaccess & .htpassword & .db
location ~ .htaccess {
deny all;
}
location ~ .htpassword {
deny all;
}
location ~^.+.(db)$ {
deny all;
}
}
server {
listen 80;
server_name fusionpbx;
if ($uri !~* ^.*provision.*$) {
rewrite ^(.*) https://$host$1 permanent;
break;
}
#REST api
if ($uri ~* ^.*/api/.*$) {
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
break;
}
#algo
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
#mitel
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#grandstream
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
#aastra
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#yealink common
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
#yealink mac
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
#polycom
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
#cisco
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
#Escene
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
client_max_body_size 80M;
client_body_buffer_size 128k;
location / {
root /var/www/fusionpbx;
index index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
}
# Disable viewing .htaccess & .htpassword & .db
location ~ .htaccess {
deny all;
}
location ~ .htpassword {
deny all;
}
location ~^.+.(db)$ {
deny all;
}
}
server {
listen 443;
server_name fusionpbx;
ssl on;
ssl_certificate /etc/ssl/certs/nginx.crt;
ssl_certificate_key /etc/ssl/private/nginx.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!ADH:!MD5:!aNULL;
#letsencrypt
location /.well-known/acme-challenge {
root /var/www/letsencrypt;
}
#REST api
if ($uri ~* ^.*/api/.*$) {
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
break;
}
#algo
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
#mitel
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#grandstriam
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
#aastra
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#yealink common
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
#yealink mac
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
#polycom
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
#cisco
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
#Escene
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
client_max_body_size 80M;
client_body_buffer_size 128k;
location / {
root /var/www/fusionpbx;
index index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
}
# Disable viewing .htaccess & .htpassword & .db
location ~ .htaccess {
deny all;
}
location ~ .htpassword {
deny all;
}
location ~^.+.(db)$ {
deny all;
}
}

49
freebsd/resources/nginx.sh Executable file
View File

@ -0,0 +1,49 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#includes
. ./config.sh
. ./colors.sh
#send a message
verbose "Installing the web server"
#install nginx
pkg install --yes nginx
#enable nginx
echo 'nginx_enable="YES"' >> /etc/rc.conf
echo 'php_fpm_enable="YES"' >> /etc/rc.conf
#install dependencies
if [ ."$php_version" = ."5" ]; then
pkg install --yes php56 php56-phar php56-pgsql php56-pdo php56-pdo_pgsql php56-pdo_odbc php56-pdo_sqlite php56-json php56-gd
pkg install --yes php56-imap php56-ldap php56-mcrypt php56-openssl php56-sockets php56-simplexml php56-xml php56-session
fi
if [ ."$php_version" = ."7" ]; then
pkg install --yes php70 php70-phar php70-pgsql php70-pdo php70-pdo_pgsql php70-pdo_odbc php70-pdo_sqlite php70-json php70-gd
pkg install --yes php70-imap php70-ldap php70-mcrypt php70-openssl php70-sockets php70-simplexml php70-xml php70-session
fi
#enable fusionpbx nginx config
mv /usr/local/etc/nginx/nginx.conf /usr/local/etc/nginx/nginx.conf-orig
cp nginx/nginx.conf /usr/local/etc/nginx
mkdir -p /usr/local/etc/nginx/conf.d
mkdir -p /usr/local/etc/nginx/sites-available/
mkdir -p /usr/local/etc/nginx/sites-enabled/
cp nginx/fusionpbx.conf /usr/local/etc/nginx/sites-available/fusionpbx
ln -s /usr/local/etc/nginx/sites-available/fusionpbx /usr/local/etc/nginx/sites-enabled/fusionpbx
#self signed certificate
#ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/private/nginx.key
#ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/nginx.crt
#add the letsencrypt directory
mkdir -p /var/www/letsencrypt/
#restart php fpm and nginx
service php-fpm restart
service nginx restart

241
freebsd/resources/nginx/fusionpbx.conf Normal file
View File

@ -0,0 +1,241 @@
server {
listen 127.0.0.1:80;
server_name 127.0.0.1;
#set the log files
error_log /var/log/nginx/error.log info;
access_log /var/log/nginx/access.log;
#set the default index files
location / {
root /usr/local/www/fusionpbx;
index index.php index.html index.htm;
}
#nginx settings
client_max_body_size 128M;
client_body_buffer_size 128k;
#http error handling
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
#pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/www/fusionpbx$fastcgi_script_name;
include fastcgi_params;
}
#disable viewing of .htaccess, htpassword, and .db
location ~ /\.htaccess {
deny all;
}
location ~ .htpassword {
deny all;
}
location ~^.+.(db)$ {
deny all;
}
}
server {
listen 80;
server_name fusionpbx;
#set the log files
error_log /var/log/nginx/error.log info;
access_log /var/log/nginx/access.log;
#set the default index files
location / {
root /usr/local/www/fusionpbx;
index index.php index.html index.htm;
}
#rewrite rule - send to https with an exception for provisioning
#if ($uri !~* ^.*provision.*$) {
# rewrite ^(.*) https://$host$1 permanent;
# break;
#}
#rewrite rule - REST api
if ($uri ~* ^.*/api/.*$) {
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
break;
}
#algo
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
#mitel
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#grandstream
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
#aastra
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#yealink common
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
#yealink mac
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
#polycom
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
#cisco
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
#Escene
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
#nginx settings
client_max_body_size 128M;
client_body_buffer_size 128k;
#http error handling
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
#pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/www/fusionpbx$fastcgi_script_name;
include fastcgi_params;
}
#disable viewing of .htaccess, htpassword, and .db
location ~ /\.htaccess {
deny all;
}
location ~ .htpassword {
deny all;
}
location ~^.+.(db)$ {
deny all;
}
}
server {
listen 443;
server_name fusionpbx;
#set tls configuration
#ssl on;
#ssl_certificate /etc/ssl/certs/nginx.crt;
#ssl_certificate_key /etc/ssl/private/nginx.key;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers HIGH:!ADH:!MD5:!aNULL;
#letsencrypt
location /.well-known/acme-challenge {
root /var/www/letsencrypt;
}
#set the log files
error_log /var/log/nginx/error.log info;
access_log /var/log/nginx/access.log;
#set the default index files
location / {
root /usr/local/www/fusionpbx;
index index.php index.html index.htm;
}
#rewrite rule - send to https with an exception for provisioning
#if ($uri !~* ^.*provision.*$) {
# rewrite ^(.*) https://$host$1 permanent;
# break;
#}
#rewrite rule - REST api
if ($uri ~* ^.*/api/.*$) {
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
break;
}
#algo
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
#mitel
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#grandstream
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
#aastra
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#yealink common
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
#yealink mac
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
#polycom
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
#cisco
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
#Escene
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
#nginx settings
client_max_body_size 128M;
client_body_buffer_size 128k;
#http error handling
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
#pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/www/fusionpbx$fastcgi_script_name;
include fastcgi_params;
}
#disable viewing of .htaccess, htpassword, and .db
location ~ /\.htaccess {
deny all;
}
location ~ .htpassword {
deny all;
}
location ~^.+.(db)$ {
deny all;
}
}

67
freebsd/resources/nginx/nginx.conf Normal file
View File

@ -0,0 +1,67 @@
#load modules
load_module /usr/local/libexec/nginx/ngx_mail_module.so;
load_module /usr/local/libexec/nginx/ngx_stream_module.so;
#user nobody;
worker_processes 4;
#events section
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /usr/local/etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /usr/local/etc/nginx/conf.d/*.conf;
include /usr/local/etc/nginx/sites-enabled/*;
}

13
freebsd/resources/pf.sh Executable file
View File

@ -0,0 +1,13 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
. ./config.sh
. ./colors.sh
#send a message
verbose "Configuring PF"
#install the PF config

26
freebsd/resources/php.sh Executable file
View File

@ -0,0 +1,26 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#includes
. ./config.sh
. ./colors.sh
#send a message
verbose "Configuring PHP"
#update config if source is being used
if [ ."$php_version" = ."5" ]; then
verbose "version 5.x"
php_ini_file='/etc/php5/fpm/php.ini'
fi
if [ ."$php_version" = ."7" ]; then
verbose "version 7.0"
php_ini_file='/etc/php/7.0/fpm/php.ini'
fi
sed -i' ' -e 's#post_max_size = .*#post_max_size = 80M#g' $php_ini_file
sed -i' ' -e 's#upload_max_filesize = .*#upload_max_filesize = 80M#g' $php_ini_file
#restart php-fpm
service php-fpm restart

62
freebsd/resources/postgres.sh Executable file
View File

@ -0,0 +1,62 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#includes
. ./config.sh
. ./colors.sh
#send a message
echo "Install PostgreSQL"
#generate a random password
password=$(cat /dev/random | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 20)
#install message
echo "Install PostgreSQL and create the database and users\n"
#postgres install
if [ ."$database_version" = ."9.6" ]; then
pkg install --yes postgresql96-server
fi
if [ ."$database_version" = ."9.5" ]; then
pkg install --yes postgresql95-server
fi
if [ ."$database_version" = ."9.4" ]; then
pkg install --yes postgresql94-server
fi
if [ ."$database_version" = ."9.3" ]; then
pkg install --yes postgresql93-server
fi
#enable postgres
echo 'postgresql_enable=true' >> /etc/rc.conf
#initialize the database
/usr/local/etc/rc.d/postgresql initdb
#restart the service
service postgresql restart
#install the database backup
#cp backup/fusionpbx-backup.sh /etc/cron.daily
#chmod 755 /etc/cron.daily/fusionpbx-backup.sh
#sed -i' ' -e "s/zzz/$password/g" /etc/cron.daily/fusionpbx-backup.sh
#move to /tmp to prevent an error when running sudo with psql
cwd=$(pwd)
cd /tmp
#add the databases, users and grant permissions to them
#sudo -u postgres psql -d fusionpbx -c "DROP SCHEMA public cascade;";
#sudo -u postgres psql -d fusionpbx -c "CREATE SCHEMA public;";
sudo -u postgres psql -c "CREATE DATABASE fusionpbx;";
sudo -u postgres psql -c "CREATE DATABASE freeswitch;";
sudo -u postgres psql -c "CREATE ROLE fusionpbx WITH SUPERUSER LOGIN PASSWORD '$password';"
sudo -u postgres psql -c "CREATE ROLE freeswitch WITH SUPERUSER LOGIN PASSWORD '$password';"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE fusionpbx to fusionpbx;"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE freeswitch to fusionpbx;"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE freeswitch to freeswitch;"
#ALTER USER fusionpbx WITH PASSWORD 'newpassword';

11
freebsd/resources/sngrep.sh Executable file
View File

@ -0,0 +1,11 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#includes
. ./config.sh
. ./colors.sh
#add sngrep
pkg install --yes sngrep

29
freebsd/resources/switch.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/sh
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#includes
. ./config.sh
if [ .$switch_source = .true ]; then
if [ ."$switch_branch" = "master" ]; then
switch/source-master.sh
else
switch/source-release.sh
fi
#copy the switch conf files
switch/conf-copy.sh
#set the file permissions
switch/source-permissions.sh
fi
if [ .$switch_package = .true ]; then
if [ ."$switch_branch" = "master" ]; then
else
fi
fi

4
freebsd/resources/switch/conf-copy.sh Executable file
View File

@ -0,0 +1,4 @@
mv /usr/local/freeswitch/conf /usr/local/freeswitch/conf.orig
mkdir -p /etc/freeswitch
mkdir -p /usr/local/freeswitch/conf
cp -R /var/www/fusionpbx/resources/templates/conf/* /usr/local/freeswitch/conf

29
freebsd/resources/switch/rc.d.freeswitch Executable file
View File

@ -0,0 +1,29 @@
#!/bin/sh
#
# PROVIDE: freeswitch
# REQUIRE: LOGIN cleanvar
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable freeswitch:
# freeswitch_enable: Set it to "YES" to enable freeswitch.
# Default is "NO".
# freeswitch_flags: Flags passed to freeswitch-script on startup.
# Default is "".
#
. /etc/rc.subr
name="freeswitch"
rcvar=${name}_enable
load_rc_config $name
: ${freeswitch_enable="NO"}
: ${freeswitch_pidfile="/usr/local/freeswitch/run/freeswitch.pid"}
start_cmd=${name}_start
stop_cmd=${name}_stop
pidfile=${freeswitch_pidfile}
freeswitch_start() {
/usr/local/freeswitch/bin/freeswitch ${freeswitch_flags}
echo -n "Starting FreeSWITCH: "
}
freeswitch_stop() {
/usr/local/freeswitch/bin/freeswitch -stop
}
run_rc_command "$1"

56
freebsd/resources/switch/source-master.sh Executable file
View File

@ -0,0 +1,56 @@
#!/bin/sh
#send a message
echo "Installing the FreeSWITCH source"
#install minimum dependencies
pkg install --yes autoconf automake curl git gmake ldns libedit libtool openssl pcre pkgconf speex sqlite3
pkg install --yes wget sudo libsndfile lua52 opus libmemcached libvorbis libogg tiff memcached
#additional dependencies
#pkg install --yes libshout mpg123 lame
#get the source
git clone https://freeswitch.org/stash/scm/fs/freeswitch.git /usr/src/freeswitch
cd /usr/src/freeswitch
#prepare the source
cd /usr/src/freeswitch && /bin/sh /usr/src/freeswitch/bootstrap.sh -j
#enable the modules
sed -i' ' -e s:'#applications/mod_avmd:applications/mod_avmd:' /usr/src/freeswitch/modules.conf
sed -i' ' -e s:'#applications/mod_callcenter:applications/mod_callcenter:' /usr/src/freeswitch/modules.conf
sed -i' ' -e s:'#applications/mod_cidlookup:applications/mod_cidlookup:' /usr/src/freeswitch/modules.conf
sed -i' ' -e s:'#applications/mod_memcache:applications/mod_memcache:' /usr/src/freeswitch/modules.conf
sed -i' ' -e s:'#applications/mod_curl:applications/mod_curl:' /usr/src/freeswitch/modules.conf
#sed -i' ' -e s:'#formats/mod_shout:formats/mod_shout:' /usr/src/freeswitch/modules.conf
#configure the source (additional option --enable-system-lua)
/bin/sh configure --prefix=/usr/local/freeswitch --enable-core-pgsql-support --disable-fhs
#gmake
rm -rf /usr/local/freeswitch/{lib,mod,bin}/*
gmake install
gmake sounds-install moh-install
gmake hd-sounds-install hd-moh-install
gmake cd-sounds-install cd-moh-install
gmake uhd-sounds-install uhd-sounds-install
#move the music into music/default directory
mkdir -p /usr/local/freeswitch/sounds/music/default
mv /usr/local/freeswitch/sounds/music/*000 /usr/local/freeswitch/sounds/music/default
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#configure system service
ln -s /usr/local/freeswitch/bin/fs_cli /usr/bin/fs_cli
cp switch/rc.d.freeswitch /usr/local/etc/rc.d/freeswitch
chmod u-w,ugo+x /usr/local/etc/rc.d/freeswitch
#enable the service
echo 'freeswitch_enable="YES"' >> /etc/rc.conf
echo 'freeswitch_flags="-nc -nonat -reincarnate -u www -g www"' >> /etc/rc.conf
#start the service
service freeswitch start

6
freebsd/resources/switch/source-permissions.sh Executable file
View File

@ -0,0 +1,6 @@
#setup owner and group, permissions and sticky
chown -R www:www /usr/local/freeswitch
chmod -R ug+rw /usr/local/freeswitch
#touch /var/log/freeswitch/freeswitch.log
#chown -R www:www /var/log/freeswitch
find /usr/local/freeswitch -type d -exec chmod 2770 {} \;

56
freebsd/resources/switch/source-release.sh Executable file
View File

@ -0,0 +1,56 @@
#!/bin/sh
#send a message
echo "Installing the FreeSWITCH source"
#install minimum dependencies
pkg install --yes autoconf automake curl git gmake ldns libedit libtool openssl pcre pkgconf speex sqlite3
pkg install --yes wget sudo libsndfile lua52 opus libmemcached libvorbis libogg tiff memcached
#additional dependencies
#pkg install --yes libshout mpg123 lame
#get the source
git clone -b v1.6 https://freeswitch.org/stash/scm/fs/freeswitch.git /usr/src/freeswitch
cd /usr/src/freeswitch
#prepare the source
cd /usr/src/freeswitch && /bin/sh /usr/src/freeswitch/bootstrap.sh -j
#enable the modules
sed -i' ' -e s:'#applications/mod_avmd:applications/mod_avmd:' /usr/src/freeswitch/modules.conf
sed -i' ' -e s:'#applications/mod_callcenter:applications/mod_callcenter:' /usr/src/freeswitch/modules.conf
sed -i' ' -e s:'#applications/mod_cidlookup:applications/mod_cidlookup:' /usr/src/freeswitch/modules.conf
sed -i' ' -e s:'#applications/mod_memcache:applications/mod_memcache:' /usr/src/freeswitch/modules.conf
sed -i' ' -e s:'#applications/mod_curl:applications/mod_curl:' /usr/src/freeswitch/modules.conf
#sed -i' ' -e s:'#formats/mod_shout:formats/mod_shout:' /usr/src/freeswitch/modules.conf
#configure the source (additional option --enable-system-lua)
/bin/sh configure --prefix=/usr/local/freeswitch --enable-core-pgsql-support --disable-fhs
#gmake
rm -rf /usr/local/freeswitch/{lib,mod,bin}/*
gmake install
gmake sounds-install moh-install
gmake hd-sounds-install hd-moh-install
gmake cd-sounds-install cd-moh-install
gmake uhd-sounds-install uhd-sounds-install
#move the music into music/default directory
mkdir -p /usr/local/freeswitch/sounds/music/default
mv /usr/local/freeswitch/sounds/music/*000 /usr/local/freeswitch/sounds/music/default
#move to script directory so all relative paths work
cd "$(dirname "$0")"
#configure system service
ln -s /usr/local/freeswitch/bin/fs_cli /usr/bin/fs_cli
cp rc.d.freeswitch /usr/local/etc/rc.d/freeswitch
chmod u-w,ugo+x /usr/local/etc/rc.d/freeswitch
#enable the service
echo 'freeswitch_enable="YES"' >> /etc/rc.conf
echo 'freeswitch_flags="-nc -nonat -reincarnate -u www -g www"' >> /etc/rc.conf
#start the service
service freeswitch start

188
install.sh
View File

@ -1,188 +0,0 @@
#!/bin/sh
# Exit codes
# 1 general error
# 2 unsupported OS
# 3 unsupported CPU/OS bits
verbose () {
echo "${green}$1${normal}"
}
error () {
echo "${red}$1${normal}"
}
# check for color support
if test -t 1; then
# see if it supports colors...
ncolors=$(tput colors)
if test -n "$ncolors" && test $ncolors -ge 8; then
bold="$(tput bold)"
underline="$(tput smul)"
standout="$(tput smso)"
normal="$(tput sgr0)"
black="$(tput setaf 0)"
red="$(tput setaf 1)"
green="$(tput setaf 2)"
yellow="$(tput setaf 3)"
blue="$(tput setaf 4)"
magenta="$(tput setaf 5)"
cyan="$(tput setaf 6)"
white="$(tput setaf 7)"
fi
verbose "Enabled color support"
fi
# check to confirm running as root.
if [ "$(id -u)" -ne "0" ]; then
error "$(basename "$0") must be run as root";
exit 1
fi
#Make ourselves executable next time we are run
chmod +x $0
#Os/Distro Check
os_check=$(lsb_release -is)
[ -z $os_check ] && os_lsb_release_installer
lsb_release -is && os_check=$(lsb_release -is)
real_os=$os_check
check_major_release=$(lsb_release -rs | cut -d. -f1)
check_codename=$(lsb_release -cs)
os_unsupported () {
echo " Your Operating System appears to be: "
lsb_release -a
error "Your Operating System is not currently supported... Exiting the install."
exit 2;
}
os_lsb_release_installer () {
if [ -s /etc/centos-release ] || [ -s /etc/fedora-release] || [ -s /etc/redhat-release ] ; then
yum -y install redhat-lsb-core
os_check='CentOS'
elif [ -s /etc/os-release ] && [ .`awk -F'=' '/^ID_LIKE=/ {print $2}' /etc/os-release` = .'debian' ] ; then
apt-get -y install lsb-base lsb-release
os_check='Debian'
fi
#try to find and use package manager
which yum && { yum -y install redhat-lsb-core ; }
which apt-get && { apt-get -y install lsb-base lsb-release ; }
#print location and file type
which lsb_release && file $(which lsb_release)
}
os_debian_common () {
verbose "Removing the CD image from /etc/apt/sources.list"
sed -i '/cdrom:/d' /etc/apt/sources.list
verbose "Updating system before starting."
apt-get update && apt-get -y upgrade
verbose "Installing Git"
apt-get install -y git
}
os_centos_common () {
verbose "Updating system before starting."
yum -y update
verbose "Installing Git"
yum install -y git
}
os_fetch_installer () {
if [ ! -d /usr/src ]; then
mkdir -vp /usr/src
fi
cd /usr/src
verbose "Fetching Installer"
if [ -d /usr/src/fusionpbx-install.sh ]; then
cd /usr/src/fusionpbx-install.sh
git pull
else
git clone https://github.com/fusionpbx/fusionpbx-install.sh
fi
}
if [ .$os_check = .'Raspbian' ]; then
echo "${yellow}Detected Raspbian, using Debian for compatibility${normal}"
os_check="Debian"
fi
if [ .$os_check = .'Ubuntu' ]; then
echo "${yellow}Detected Ubuntu, using Debian for compatibility${normal}"
os_check="Debian"
fi
if [ .$os_check = .'Fedora' ]; then
echo "${yellow}Detected Fedora, using CentOS for compatibility${normal}"
os_check="CentOS"
fi
if [ .$os_check = .'RedHatEnterpriseServer' ]; then
echo "${yellow}Detected RedHatEnterpriseServer, using CentOS for compatibility${normal}"
os_check="CentOS"
fi
if [ .$os_check = .'Debian' ]; then
if [ .$real_os = .'Debian' ]; then
echo "${yellow}Detected Debian${normal}"
if [ $check_major_release -ge 8 ]; then
os_debian_continue='true'
else
os_debian_continue='false'
error "Although you are running $real_os we require version >= 8"
os_unsupported
fi
fi
if [ .$real_os = .'Ubuntu' ]; then
if [ $check_major_release -ge 14 ]; then
os_debian_continue='true'
else
os_debian_continue='false'
error "Although you are running $real_os we require version >= 14"
os_unsupported
fi
fi
if [ .$os_debian_continue = .'true' ]; then
os_debian_common
os_fetch_installer
cd /usr/src/fusionpbx-install.sh/debian
./install.sh $@
fi
elif [ .$os_check = .'CentOS' ]; then
if [ .$real_os = .'CentOS' ]; then
echo "${yellow}Detected CentOS${normal}"
if [ $check_major_release -ge 7 ]; then
os_centos_continue='true'
else
os_centos_continue='false'
error "Although you are running $real_os we require version >= 7"
os_unsupported
fi
fi
if [ .$real_os = .'Fedora' ]; then
echo "${yellow}Detected Fedora${normal}"
if [ $check_major_release -ge 19 ]; then
os_centos_continue='true'
else
os_centos_continue='false'
error "Although you are running $real_os we require version >= 19"
os_unsupported
fi
fi
if [ .$real_os = .'RedHatEnterpriseServer' ]; then
if [ $check_major_release -ge 7 ]; then
os_centos_continue='true'
else
os_centos_continue='false'
error "Although you are running $real_os we require version >= 7"
os_unsupported
fi
fi
if [ .$os_centos_continue = .'true' ]; then
os_centos_common
os_fetch_installer
cd /usr/src/fusionpbx-install.sh/centos
./install.sh $@
fi
else
os_unsupported
fi

10
pre-install.sh Normal file
View File

@ -0,0 +1,10 @@
#!/bin/sh
#upgrade the packages
apt-get update && apt-get upgrade -y --force-yes
#install git
apt-get install -y --force-yes git
#get the install script
cd /usr/src && git clone https://github.com/fusionpbx/fusionpbx-install.sh.git