January 26, 2018 at 14:45ATS in the container. Asterisk 14 + Nginx + Freepbx 14 + srtp on Centos 7 in Proxmox VE 4 lxc container
- Tutorial
In containers, in our time, you can install many interesting systems, 
but under the cut you can find only relatively standard installation instructions for asterisk + freepbx. The boredom is slightly dispelled by the fact that the versions of all software are “last stable”, there is encryption, instead of apache - nginx, and the entire installation under the recently “matured” lxc. The output will be a fairly mobile, compact and modern IP-PBX, consuming 200-300 MB of RAM
0 at rest . Before installation
Before you begin, please note that the instruction does not imply the installation of DAHDI and work with analog lines. In addition, since the system is not officially distributed by FreePBX , you will not be able to connect commercial FreePBX modules in the future.
1. LXC.Proxmox
First you need to create a container with Centos. If you, like mine, have proxmox ve, it will be most convenient to do this through the web interface. The “equipment” settings are minimal. Then they can be increased to meet the needs of: cores: 1 memory: 1024 rootfs: 8G swap: 256, and as the OS template we use centos-7-default_20171212_amd64.tar.xz.
If your template is not available for download, do the pveam update on the host. After installing and starting the container, I usually put ssh right away, because working with the integrated proxmox web console is not very convenient.
2. LEMP
Repositories and Basic Utilities
The choice of webtatic is justified by the further installation of php56w, with which freepbx is guaranteed to work well. But you can try and Remi.
We put mariadb, nginx and utility. The net-tools package is also useful, because in centos7, by default there is no ifconfig that freepbx works with.
Freepbx does not yet support php7, so we put the recommended 5.6.
We start mariadb and nginx, disconnect apache, we correct php.ini. Otherwise, you will not be able to update freepbx modules through the web interface.
After that you can run mysql_secure_installation but without setting the root password - this is required by the freepbx installer.
Now that we have a working "preparation" of the LEMP server, we can backup the system so that we can then roll back or use the backup to prepare another server. It takes less than a minute, and a complete archive will turn out about 350MB.
3. Asterisk.SRTP
Basically, everything is ready to install asterisk. We will supply SIP and PJSIP during assembly through the option --with-pjproject-bundled. What is missing is srtp to enable media encryption support. There is a small plug, because the documentation for asterisk 14 says that srtp requires libsrtp no lower than 1.5.4, theoretically, libsrtp 2.x is supported, but it is practically necessary to use 1.5.4 to achieve a stable result. That is, version 1.4.4 from repositories will not work, and we need to assemble it ourselves.
Just in case, you can check the availability of the library at the destination
and through ldconfig
Hint! If you do not specify make shared_library, then by default, make builds the libsrtp.a archive library, and requires an intermediate test, make runtest. If you need libsrtp.a, then download the dictionary for this test in advance.
Download and deploy Asterisk:
At this stage, you can use the script kindly provided by the developers to check the availability of the necessary packages and install them. Since we have already installed part of the packages, I recommend performing such a check in mode
Remove mysql-devel, srtp-devel from the script output, and replace gmime22-devel with gmime-devel. At the moment, the lame and jansson packages in the repositories are fresh, so we will also put them from the repositories:
Next, download the sound file sources and run the asterisk configuration
If everything went without errors, then start the configuration menu
We enable mp3 support, select the desired audio file packages in Core Sound Packages, Music On Hold File Packages and Extras Sound Packages. Also, just in case, we check the availability of the res_srtp item in Resource Modules. Done. Further:
Now you can try to start asterisk and check if it picked up the srtp module:
Asterisk is working, now see if the srtp module is loaded. In the asterisk console, do:
If the module is not loaded, try loading it:
If everything went fine - stop the service and turn off asterisk startup. In the future, it will be launched by the freepbx service.
4. Freepbx.Nginx We
start the user asterisk and give him the rights to directories
Install nodeJS:
Configure nginx and php-fpm. To do this, delete all the files in /etc/nginx/conf.d/ and /etc/php-fpm.d/, and instead create your own. The example shows access by IP of the machine:
Starting nginx is also set from the user asterisk. Otherwise, module admin will not work in freepbx:
instead
Allow php-fpm autoload and restart nginx:
Update (03/18/2019) : Since the fresh asterisk works with mysql via adaptive_odbc, you need to install an odbc connector for CDR-reports to work. You can put mysql connector
However, even though CDR and CEL will work, the whole Cyrillic alphabet will be UTF8 krakozyabry.
For everything to be correct - it is better to put mariadb connector. At the moment, the stable version is 3.0.8. Download, unpack and register the libmaodbc.so library
Now you need to register the driver in /etc/odbcinst.ini by adding a section:
And, in /etc/odbc.ini change the driver to MariaDB:
Download and install FreePBX:
We check. If everything went fine, then we should get into the FreePBX admin panel at the IP address specified in /etc/nginx/conf.d/freepbx.conf You can set the admin password / email and look for errors, if any.
Next, create a systemd unit for freepbx startup:
We stop freepbx, start the service, check:
If all is well, congratulations! Your PBX is ready!
Possible errors that I encountered while writing the instructions:
In preparing the instructions used materials:
Installing FreePBX 14 on CentOS 7
Install Asterisk 14 on Centos 7
Asterisk configure TLS SRTP for PJSIP .
Thank you all for your attention! I will be glad to comments and corrections.
Special thanks to Generick , otkachov and chents for the inaccuracies found!
but under the cut you can find only relatively standard installation instructions for asterisk + freepbx. The boredom is slightly dispelled by the fact that the versions of all software are “last stable”, there is encryption, instead of apache - nginx, and the entire installation under the recently “matured” lxc. The output will be a fairly mobile, compact and modern IP-PBX, consuming 200-300 MB of RAM
0 at rest . Before installation
Before you begin, please note that the instruction does not imply the installation of DAHDI and work with analog lines. In addition, since the system is not officially distributed by FreePBX , you will not be able to connect commercial FreePBX modules in the future.
At this time we only support commercial modules in the distro. Yoy can not take a non distro system and turn it into the distro ( Andrew Nagy. Director of Software Engineering )
1. LXC.Proxmox
First you need to create a container with Centos. If you, like mine, have proxmox ve, it will be most convenient to do this through the web interface. The “equipment” settings are minimal. Then they can be increased to meet the needs of: cores: 1 memory: 1024 rootfs: 8G swap: 256, and as the OS template we use centos-7-default_20171212_amd64.tar.xz.
If your template is not available for download, do the pveam update on the host. After installing and starting the container, I usually put ssh right away, because working with the integrated proxmox web console is not very convenient.
yum -y install openssh-server
systemctl enable sshd --now
2. LEMP
Repositories and Basic Utilities
yum -y install epel-release
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum -y updateThe choice of webtatic is justified by the further installation of php56w, with which freepbx is guaranteed to work well. But you can try and Remi.
We put mariadb, nginx and utility. The net-tools package is also useful, because in centos7, by default there is no ifconfig that freepbx works with.
yum -y install wget tar nano bzip2 unzip curl net-tools make gcc gcc-c++ openssl openssl-devel mariadb-server mariadb-devel nginx tftp-server crontabs cronie cronie-anacron sendmail sendmail-cfFreepbx does not yet support php7, so we put the recommended 5.6.
yum -y install php56w php56w-pdo php56w-mysql php56w-mbstring php56w-pear php56w-process php56w-xml php56w-opcache php56w-ldap php56w-intl php56w-soap php56w-fpm php56w-gdWe start mariadb and nginx, disconnect apache, we correct php.ini. Otherwise, you will not be able to update freepbx modules through the web interface.
systemctl enable mariadb.service
systemctl start mariadb
sed -i 's/\(^upload_max_filesize = \).*/\120M/' /etc/php.ini
systemctl enable nginx --now
systemctl disable httpdAfter that you can run mysql_secure_installation but without setting the root password - this is required by the freepbx installer.
Now that we have a working "preparation" of the LEMP server, we can backup the system so that we can then roll back or use the backup to prepare another server. It takes less than a minute, and a complete archive will turn out about 350MB.
3. Asterisk.SRTP
Basically, everything is ready to install asterisk. We will supply SIP and PJSIP during assembly through the option --with-pjproject-bundled. What is missing is srtp to enable media encryption support. There is a small plug, because the documentation for asterisk 14 says that srtp requires libsrtp no lower than 1.5.4, theoretically, libsrtp 2.x is supported, but it is practically necessary to use 1.5.4 to achieve a stable result. That is, version 1.4.4 from repositories will not work, and we need to assemble it ourselves.
cd /usr/src/
wget https://github.com/cisco/libsrtp/archive/v1.5.4.tar.gz
tar xvzf v1.5.4.tar.gz
cd libsrtp-1.5.4
./configure --libdir=/usr/lib64 --enable-openssl
make shared_library
make installJust in case, you can check the availability of the library at the destination
ls /usr/lib64 | grep srtpand through ldconfig
ldconfig -p | grep srtp Hint! If you do not specify make shared_library, then by default, make builds the libsrtp.a archive library, and requires an intermediate test, make runtest. If you need libsrtp.a, then download the dictionary for this test in advance.
wget -O /usr/share/dict/words https://github.com/cisco/libsrtp/blob/master/test/words.txtDownload and deploy Asterisk:
cd /usr/src
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-14-current.tar.gz
tar xvfz asterisk-14-current.tar.gz
cd asterisk-14*/At this stage, you can use the script kindly provided by the developers to check the availability of the necessary packages and install them. Since we have already installed part of the packages, I recommend performing such a check in mode
test../contrib/scripts/install_prereq testRemove mysql-devel, srtp-devel from the script output, and replace gmime22-devel with gmime-devel. At the moment, the lame and jansson packages in the repositories are fresh, so we will also put them from the repositories:
yum -y install patch ncurses-devel uuid-devel libuuid-devel jansson-devel lame lame-libs libxml2-devel sqlite-devel automake unixODBC-devel libcurl-devel libogg-devel libvorbis-devel speex-devel spandsp-devel freetds-devel net-snmp-devel iksemel-devel corosynclib-devel newt-devel popt-devel libtool-ltdl-devel lua-devel libsqlite3x-devel radiusclient-ng-devel portaudio-devel neon-devel libical-devel openldap-devel sqlite2-devel bluez-libs-devel jack-audio-connection-kit-devel gsm-devel libedit-devel pjproject-devel gmime-devel subversion git libxslt-devel python-develNext, download the sound file sources and run the asterisk configuration
./contrib/scripts/get_mp3_source.sh
./configure --libdir=/usr/lib64 --with-pjproject-bundled --with-crypto --with-ssl=ssl --with-srtpIf everything went without errors, then start the configuration menu
make menuselectWe enable mp3 support, select the desired audio file packages in Core Sound Packages, Music On Hold File Packages and Extras Sound Packages. Also, just in case, we check the availability of the res_srtp item in Resource Modules. Done. Further:
make && make install && make config && ldconfigNow you can try to start asterisk and check if it picked up the srtp module:
systemctl start asterisk
systemctl status asterisk
rasterisk
Asterisk 14.7.5, Copyright (C) 1999 - 2016, Digium, Inc. and others.
Created by Mark Spencer
Asterisk comes with ABSOLUTELY NO WARRANTY; type 'core show warranty' for details.
This is free software, with components licensed under the GNU General Public
License version 2 and other licenses; you are welcome to redistribute it under
certain conditions. Type 'core show license' for details.
===============================================================
Connected to Asterisk 14.7.5 currently running on pbx4 (pid = 28020)
pbx4*CLI> Asterisk is working, now see if the srtp module is loaded. In the asterisk console, do:
pbx4*CLI> module show like srtp
Module Description Use Count Status Support Level
res_srtp.so Secure RTP (SRTP) 0 Running core
1 modules loaded
If the module is not loaded, try loading it:
pbx4*CLI> module load res_srtp.so
Loaded res_srtp.so
If everything went fine - stop the service and turn off asterisk startup. In the future, it will be launched by the freepbx service.
systemctl stop asterisk
systemctl disable asterisk4. Freepbx.Nginx We
start the user asterisk and give him the rights to directories
adduser asterisk -m -c "Asterisk User"
chown asterisk. /var/run/asterisk
chown asterisk. /var/spool/mqueue/
chown -R asterisk. /etc/asterisk
chown -R asterisk. /var/{lib,log,spool}/asterisk
chown -R asterisk. /usr/lib64/asterisk
chown -R asterisk. /var/www/
chown -R asterisk. /var/lib/nginxInstall nodeJS:
curl -sL https://rpm.nodesource.com/setup_8.x | bash -
yum install -y nodejsConfigure nginx and php-fpm. To do this, delete all the files in /etc/nginx/conf.d/ and /etc/php-fpm.d/, and instead create your own. The example shows access by IP of the machine:
nano /etc/nginx/conf.d/freepbx.conf server {
server_name 10.10.0.126;
listen 80;
index index.php;
client_max_body_size 120m;
root /var/www/html/;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param SERVER_NAME $host;
}
}
nano /etc/php-fpm.d/freepbx.conf[freepbx]
listen = /var/run/php-fpm.sock
listen.owner = asterisk
listen.group = asterisk
listen.mode = 0666
user = asterisk
group = asterisk
pm = dynamic
pm.max_children = 30
pm.start_servers = 3
pm.min_spare_servers = 3
pm.max_spare_servers = 21
pm.max_requests = 1000
php_admin_value[memory_limit] = 512MStarting nginx is also set from the user asterisk. Otherwise, module admin will not work in freepbx:
nano /etc/nginx/nginx.confinstead
user nginx;user asterisk;Allow php-fpm autoload and restart nginx:
systemctl enable php-fpm --now
systemctl restart nginx
Update (03/18/2019) : Since the fresh asterisk works with mysql via adaptive_odbc, you need to install an odbc connector for CDR-reports to work. You can put mysql connector
yum -y install mysql-connector-odbc However, even though CDR and CEL will work, the whole Cyrillic alphabet will be UTF8 krakozyabry.
For everything to be correct - it is better to put mariadb connector. At the moment, the stable version is 3.0.8. Download, unpack and register the libmaodbc.so library
wget -qO- https://downloads.mariadb.com/Connectors/odbc/connector-odbc-3.0.8/mariadb-connector-odbc-3.0.8-ga-rhel7-x86_64.tar.gz | tar xvz -C / && ldconfig Now you need to register the driver in /etc/odbcinst.ini by adding a section:
[MariaDB]
Description=ODBC for MariaDB
Driver=/usr/lib64/libmaodbc.so
Setup=/usr/lib64/libodbcmyS.so
UsageCount=1
And, in /etc/odbc.ini change the driver to MariaDB:
[MySQL-asteriskcdrdb]
Description=MySQL connection to 'asteriskcdrdb' database
driver=MariaDB
server=localhost
database=asteriskcdrdb
Port=3306
Socket=/var/lib/mysql/mysql.sock
option=3
Charset=utf8
Download and install FreePBX:
cd /usr/src
wget http://mirror.freepbx.org/modules/packages/freepbx/freepbx-14.0-latest.tgz
tar xvfz freepbx-14.0-latest.tgz
cd freepbx
./start_asterisk start
./install -nWe check. If everything went fine, then we should get into the FreePBX admin panel at the IP address specified in /etc/nginx/conf.d/freepbx.conf You can set the admin password / email and look for errors, if any.
Next, create a systemd unit for freepbx startup:
nano /etc/systemd/system/freepbx.service
[Unit]
Description=FreePBX VoIP Server
After=mariadb.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/fwconsole start -q
ExecStop=/usr/sbin/fwconsole stop -q
[Install]
WantedBy=multi-user.target
We stop freepbx, start the service, check:
fwconsole stop
systemctl enable freepbx --now
If all is well, congratulations! Your PBX is ready!
Possible errors that I encountered while writing the instructions:
- If the error cannot communicate with Asterisk hangs on web gui: Check passwords. /etc/asterisk/manager.conf and /etc/amportal.conf password from manager.conf section [admin] should match the password from amportal.conf
- If any of the modules is marked as tampered: Run in the consolefwconsole ma refreshsignatures, restart the service freepbx and try updating the module online
In preparing the instructions used materials:
Installing FreePBX 14 on CentOS 7
Install Asterisk 14 on Centos 7
Asterisk configure TLS SRTP for PJSIP .
Thank you all for your attention! I will be glad to comments and corrections.
Special thanks to Generick , otkachov and chents for the inaccuracies found!