If using 64bit get rid of all 32bit packages in the 64bit VPS. They are not necessary and may cause hard to find conflicts.
yum remove *.i?86
Clean out yum to ensure all cached packages and mirrored server references are removed.
yum clean all
Get rid of all installed groups except 'Yum Utilities' so we are starting with a clean slate. Check the delete list before entering 'y' to make sure none of these remove 'sshd' or 'yum' (they don't but check just in case things change with newer revisions).
yum grouplist installed
Installed Groups:
DNS Name Server
Editors
Legacy Network Server
Mail Server
Network Servers
System Tools
Text-based Internet
Web Server
Windows File Server
Yum Utilities
yum groupremove 'DNS Name Server'
yum groupremove 'Editors'
yum groupremove 'Legacy Network Server'
yum groupremove 'Mail Server'
yum groupremove 'Network Servers'
yum groupremove 'System Tools'
yum groupremove 'Text-based Internet'
yum groupremove 'Web Server'
yum groupremove 'Windows File Server'
If installing 64bit VPS edit yum.conf to prevent 32bit packages from being installed. If that happens it may have unintended consequences.
yum install -y nano
nano /etc/yum.conf
Add the following line.
exclude=*.i?86
(Ctrl-x> y >Enter)
Now update the base install
yum -y update
Install Asterisk/FreePBX required packages, other useful packages, and their dependencies
yum groupinstall core
yum groupinstall base
yum install gcc gcc-c++ wget bison mysql-devel mysql-server php php-mysql php-pear php-pear-DB php-mbstring nano tftp-server httpd make ncurses-devel libtermcap-devel sendmail sendmail-cf caching-nameserver sox newt-devel libxml2-devel libtiff-devel php-gd audiofile-devel gtk2-devel
Get rid of some unnecessary packages. I have no doubt there are many other packages that could be added to this list. These are the ones I found that are resident in memory by default. Since memory is at a premium on a VPS, removing these will help reduce the memory footprint.
yum remove yum-updatesd cups cups-lpd redhat-lsb autofs pcsc-lite smartmontools cpuspeed avahi
To prevent common udev problems in OpenVZ VPS do the following
nano +346 /etc/rc.d/rc.sysinit
Search for the following line and comment (#) it out and add the 2 lines immediately after
#/sbin/start_udev
/sbin/MAKEDEV tty
/sbin/MAKEDEV pty
(Ctrl-x> y >Enter)
Selinux is not compatible with OpenVZ. Create the following file and copy paste the contents indicated here just to be sure selinux never runs.
nano /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
(Ctrl-x> y >Enter)
Make sure selinux is turned off for this session
setenforce 0
Enable the tftp server on startup if required (for configuring phones on LAN or VPN)
nano /etc/xinetd.d/tftp
change “disable=yes” to “disable=no”
(Ctrl-X>y>ENTER)
Download and untar source files. Since this is a shared kernel environment we cannot make use of zaptel/dahdi hardware in the physical server and cannot install the zaptel/dahdi kernel module inside the virtual servers. The zaptel/dahdi kernel module must be installed on the host server kernel with some special configurations and sharing of files for each virtual server. This is only required for enabling meetme conferencing during Asterisk installation as of Asterisk 1.6.1 and will not be required at all eventually. This is all beyond the scope of this document. If you require meetme conferencing and have access to the host operating system you can complete this procedure in the VPS first and then return after zaptel/dahdi is installed on the host system and re-compile Asterisk with meetme conferencing enabled.
Install lame mp3 encoder (not recommended) if you plan to make use of mp3's for MOH. This is now a legacy feature as the default behaviour of Asterisk/Freepbx is to NOT use mp3's for anything. Freepbx by default now automatically converts uploaded mp3's to wav.
rpm -ivh http://apt.sw.be/redhat/el5/en/x86_64/RPMS.dag/lame-3.98.2-1.el5.rf.x86_64.rpm
Get FreePBX. Check if this is the latest released version.
cd /usr/src
wget http://mirror.freepbx.org/freepbx-2.6.0RC2.tar.gz
tar zxvf freepbx-2.6.0RC2.tar.gz
Get Asterisk and addons. Check if this is the latest released version of Asterisk and Asterisk addons
wget http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-1.6.0.17.tar.gz
tar zxvf asterisk-1.6.0.17.tar.gz
wget http://downloads.asterisk.org/pub/telephony/asterisk/releases/asterisk-addons-1.6.0.3.tar.gz
tar zxvf asterisk-addons-1.6.0.3.tar.gz
Configure and compile Asterisk
cd /usr/src/asterisk-1.6.0.17
make clean
./configure; make menuselect
select the core sounds you want. Same with addon sounds. I suggest ulaw as they sound better than gsm.
At menu press "x" to save
make
make install
Do NOT run "make samples". I have found it causes problems down the line with FreePBX. Not insurmountable but just more things to have to deal with that you probably don't want to.
Create users and set permissions
useradd -c "Asterisk PBX" -d /var/lib/asterisk asterisk
mkdir /var/run/asterisk
chown -R asterisk /var/run/asterisk
chown -R asterisk /var/log/asterisk
chown -R asterisk /var/lib/asterisk/moh
chown -R asterisk /var/lib/php/session
Music on Hold
Since the Asterisk default moh directory (/moh) and the Freepbx default moh directory (/mohmp3) are different we need to create a symbolic link so moh files are where FreePBX expect them to be.
ln -s /var/lib/asterisk/moh /var/lib/asterisk/mohmp3
The new default behaviour for Asterisk and Freepbx is to only use wav files for moh due to transcoding overhead and Asterisk stability issues with mp3's. So we want to install mpg123 for converting uploaded mp3's to wav automagically. If you won't be uploading or streaming mp3's or won't be using FreePBX (new) default behaviour then you probably don't need to install mpg123.
cd /usr/src
wget http://sourceforge.net/projects/mpg123/files/mpg123/1.9.1/mpg123-1.9.1.tar.bz2/download
tar -xjvf mpg123-1.9.1.tar.bz2
cd mpg123-1.9.1
make clean
./configure
make
make install
Freepbx php script cannot find mpg123 by default so we need to create a symbolic link.
ln -s /usr/local/bin/mpg123 /usr/bin/mpg123
Change User apache and Group apache to User asterisk and Group asterisk.
sed -i "s/User apache/User asterisk/" /etc/httpd/conf/httpd.conf
sed -i "s/Group apache/Group asterisk/" /etc/httpd/conf/httpd.conf
You can choose to change the default AllowOverride All to AllowOverride None to prevent .htaccess permission problems which can be frustrating to troubleshoot.
sed -i "s/AllowOverride All/AllowOverride None/" /etc/httpd/conf/httpd.conf
Before you can do anything to MySQL, you need to make sure it's running:
/etc/init.d/mysqld start
Initializing MySQL database: [ OK ]
Starting MySQL: [ OK ]
Now, to configure the databases for freePBX:
Note: If mysql admin password is already configured, add "-p" after the command and enter password when asked. For example, "mysqladmin -p create asterisk"
cd /usr/src/freepbx-2.6.0RC2
mysqladmin create asterisk
mysqladmin create asteriskcdrdb
mysql asterisk < SQL/newinstall.sql mysql asteriskcdrdb < SQL/cdr_mysql_table.sql They also need to be secured. FreePBX will prompt you for a database username/password when you do the install. You need to pick that now. We'll assume that you've picked 'asteriskuser' and 'amp109' - you probably shouldn't use these, as they are well known passwords for Freepbx. MySQL only listens to localhost by default so I would not get too paranoid about using these defaults. mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 8 to server version: 4.1.16 Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO asteriskuser@localhost IDENTIFIED BY 'amp109';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT ALL PRIVILEGES ON asterisk.* TO asteriskuser@localhost IDENTIFIED BY 'amp109';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> \q
Bye
Now, after all of this, you need to pick a root 'mysql' password. We'll make it 'abcdef' just for this example. You should use a reasonably strong password. If you need to do anything else with mysql, you'll need to provide this password.
mysqladmin -u root password 'abcdef'
Build the cdr_mysql module for Asterisk
cd /usr/src/asterisk-addons-1.6.0.3
make clean
./configure; make menuselect
You can check options but should leave all at default selections. At menu press "x"
make; make install
edit /usr/sbin/safe_asterisk and comment out TTY=9 to prevent errors in OpenVZ VPS
nano +5 /usr/sbin/safe_asterisk
#TTY=9
Prioritize Asterisk Process
Increase Asterisk process priority. You can experiment with different values and see what works best. I wouldn't go too high as it could cause other problems. From the command 'top' the PR column shows absolute priority and NI column is the relative number we add here. Default is 0 which gives Asterisk about the same default priority as httpd and mysql. 5-10 should give top priority without crippling critical background tasks. I believe you can go as high as 20. This is only a prioritization recommendation setting. The process scheduler still has ultimate authority so actual priority will vary from system to system depending on what else is installed.
nano +22 /usr/sbin/safe_asterisk
PRIORITY=10
(Ctl-x > y >ENTER)
Install FreePBX
/usr/sbin/safe_asterisk
If you didn't 'run make samples' when you installed asterisk you will probably get some warning messages saying no modules will be loaded. Just ignore and press 'ENTER' to get a command prompt.
cd /usr/src/freepbx-2.6.0RC2
./install_amp
If you get any warnings or errors in the last part of the output, they're usually not traumatic.
Leave AMPWEBADDRESS=xx.xx.xx.xx blank
nano /etc/amportal.conf
AMPWEBADDRESS=
To enable password protection of the Web GUI set:
AUTHTYPE=database
Default username is: admin
Default pw is: admin
Edit /etc/asterisk/cdr_mysql.conf and add 'loguniqueid=yes' to the global section
nano /etc/asterisk/cdr_mysql.conf
loguniqueid=yes
set FreePBX to start on boot
echo /usr/local/sbin/amportal start >> /etc/rc.local
Enable Apache and mysql to start on boot
chkconfig httpd on
chkconfig mysqld on
Now reboot at which point you should be able to access freePBX with your web browser. The very first thing you need to do when you enter the FreePBX Admin GUI for the first time is "Apply Configuration Changes" so all the *.conf files are created then reboot again or 'amportal restart' from command prompt.
To change the password for administrator "recordings" GUI (access to extension voicemail, call monitoring, recording etc.)
nano +73 /var/www/html/recordings/includes/main.conf.php
$ARI_ADMIN_PASSWORD ="password"
change the “max filesize” from 2M to 20M to allow larger music on hold files
nano +582 /etc/php.ini
Edit Apache web server for GUI access using a port other than 80 (optional):
nano /etc/httpd/conf/httpd.conf
change "Listen 80" to "Listen 8888" or whatever port you want
/etc/rc.d/init.d/httpd restart
Instead of accessing FreePBX by http://xxx.xxx.xxx.xxx
You now access it by http://xxx.xxx.xxx.xxx:8888
setup external sip extensions if going through NAT
nano /etc/asterisk/sip_nat.conf
nat=yes
externip=
;externhost=yourdns.com
localnet=192.168.1.0/255.255.255.0
externrefresh=10
(Ctrl-X>y>ENTER)
Also, when adding the external SIP extension in FreePBX, make sure to change the nat=never default in the configuration to nat=yes for the extension that will be external.
logger.conf setup
By default, Asterisk/Freepbx installs with full (debug and verbose) logging enabled. This generates a significant amount of extra write activity to the hard drives and creates a very large "var/log/asterisk/full" log file in a short amount of time. After the initial settling in period when debug logging is no longer required it is a good idea to disable this to reduce the stress on the drives and extend their life.
nano /etc/asterisk/logger.conf
change
full => notice,warning,error,debug,verbose
to
full => notice,warning,error,verbose
you will need to restart Asterisk or type LOGGER ROTATE at the CLI to get this change to take effect (reload doesn't do it apparently).
logrotate setup
Set up configuration to rotate log files otherwise they get too big after a short while. Create the following file.
nano /etc/logrotate.d/asterisk
Now add the following to make sure the asterisk log files are rotated weekly along with all the other log files.
/var/log/asterisk/messages /var/log/asterisk/*log /var/log/asterisk/full {
missingok
notifempty
sharedscripts
create 0640 asterisk asterisk
postrotate
/usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null
endscript
}
Sendmail configuration
Edit /etc/aliases file and add a “root: username_to_forward_to” to forward all ‘root’ messages to your personal email address. Put in the full email address if it is not on the asterisk system itself.
Then run
/usr/bin/newaliases
to restart the service.
If emails are not received you must set up masquerading in sendmail. These still may be rejected if the email server requires the source of the email to also resolve to the same DNS that sendmail is masquerading as.
To enable this, add the following lines to the /etc/mail/sendmail.mc file:
MASQUERADE_AS(domain.com)dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
MASQUERADE_DOMAIN(domain.com)dnl
Put a “dnl” in front of the line ”EXPOSED_USER (`root’) dnl”. This enables host masquerading for root as well which is disabled by default.
Update the Sendmail configuration files using the m4 macro processor to generate a new sendmail.cf file by executing the following command:
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
To get the Sendmail macro file, the sendmail-cf package must be installed on the system.
After creating a new /etc/mail/sendmail.cf file, restart Sendmail for the changes to take effect. To do this, use the following command:
# service sendmail restart
nano /etc/asterisk/vm_general.inc
change serveremail=vm@asterisk to whom ever you want it to appear voicemail emails are coming from.
NOTE: If you are installing on a LAN or do not have a domain resolving to the IP of the VPS, Sendmail will hang for a couple minutes everytime you reboot. To prevent this your VPS hostname should end with .local or .localhost. So, for example, instead of naming the VPS hostname 'powerpbx' it should be named 'powerpbx.local'. The manual method is to edit your /etc/hosts file. There should be 2 lines.
127.0.0.1 localhost.localdomain localhost
yourIPaddress yourhostname.local yourhostname yourhostname
MySQL performance tuning for low memory
This will reduce memory usage significantly without affecting performance.
nano /etc/my.cnf
[mysqld]
.
.
.
skip-innodb
skip-bdb
(Ctl-x > y > ENTER)
From command prompt:
service mysqld restart
Bit of housekeeping
Asterisk installs *.sln sound files to the moh directory. FreePBX does not see *.sln files (yet) so they will not show up in the FreePBX moh GUI even though they will still play when people are put on hold. It's best to just delete these files to avoid confusion. Also, there is a bug in asterisk 1.6.1.x where MOH tries to play some text files in that directory that are just license information etc.. The result is MOH will intermittently stop working. If you are still running 1.6.1.x delete these text files as well.
rm /var/lib/asterisk/moh/*.sln
No comments:
Post a Comment