Пошаговая инструкция для установки программной PBX Asterisk 11.x и панели управления FreePBX на CentOS 6.5
Условия:
Система CentOS установлена и имеет доступ в интернет.
Подготовка
# yum -y update
- Выключить SELinux:
# vi /etc/selinux/config
# reboot
- Дополнительные репозитарии:
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm # rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# yum -y install mc make gcc kernel-devel gcc-c++ ncurses-devel httpd mysql-server mysql mysql-devel php iksemel iksemel-devel crypto-utils openssl-devel gmime gmime-devel spandsp spandsp-devel openldap openldap-devel popt-devel libresample libresample-devel speex speex-devel libcurl-devel speex-tools svn sqlite-devel mod_ssl php-mysql php-pear-MDB2-Driver-mysqli php-mbstring php-gd php-mcrypt libxml2-devel lame bison audiofile-devel sox php-pear-DB php-posix
# cd /root
# wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-11-current.tar.gz # tar -zxf asterisk-11-current.tar.gz
# wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-current.tar.gz # tar -zxf libpri-current.tar.gzwget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz # tar -zxf dahdi-linux-complete-current.tar.gz
Установка DAHDI, libPRI и Asterisk
# cd dahdi-linux-complete-2.9.0+2.9.0.1 #make all #make install #make config
# cd libpri-* # make # make install
# cd asterisk-11.7.0 # ./configure --prefix=/usr --exec-prefix=/usr --with-crypto --with-dahdi --with-iconv -with-libcurl --with-gmime --with-iksemel --with-mysqlclient --disable-xmldoc --with-pri --with-spandsp --with-ldap --with-libcurl --with-popt --with-resample --with-speex # make menuselect # contrib/scripts/get_mp3_source.sh # make # make install # make samples
# ln -s /usr/lib/libasteriskssl.so.1 /usr/lib64/libasteriskssl.so.1 # ln -s /usr/lib/libpri.so.1.4 /usr/lib64/libpri.so.1.4 # cat contrib/init.d/rc.redhat.asterisk | sed 's/__ASTERISK_SBIN_DIR__/\/usr\/sbin/' > /etc/init.d/asterisk # chkconfig --add asterisk # cp -rf configs/* /etc/asterisk/
# service dahdi start # service asterisk start
Установка FreePBX
# wget “http://downloads.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.5.5/phpMyAdmin-3.5.5-all-languages.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fphpmyadmin%2Ffiles%2FphpMyAdmin%2F3.5.5%2FphpMyAdmin-3.5.5-all-languages.tar.gz%2Fdownload&ts=1358931580&use_mirror=ignum” # tar -zxf phpMyAdmin-3.5.5-all-languages.tar.gz -C /var/www/
- в /etc/hosts добавить:
[IP PBX] pbx-mysql.example.com [IP PBX] pbx.example.com
- в конфиг /etc/httpd/httpd.conf:
NameVirtualHost *:443
- в конфиг /etc/httpd/conf.d/ssl.conf добавить:
DocumentRoot "/var/www/phpmyadmin" ServerName pbx-mysql.example.com:443 ErrorLog logs/ssl_phpmyadmin_error_log TransferLog logs/ssl_phpmyadmin_access_log LogLevel warn SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/pki/tls/certs/localhost.crt SSLCertificateKeyFile /etc/pki/tls/private/localhost.key SSLOptions +StdEnvVars <Directory "/var/www/cgi-bin"> SSLOptions +StdEnvVars SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_phpmyadmin_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" <Directory "/var/www/phpmyadmin"> Order allow,deny Allow from [Admin IP] DocumentRoot "/var/www/html" ServerName pbx.example.com:443 ErrorLog logs/ssl_html_error_log TransferLog logs/ssl_html_access_log LogLevel warn SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/pki/tls/certs/localhost.crt SSLCertificateKeyFile /etc/pki/tls/private/localhost.key SSLOptions +StdEnvVars <Directory "/var/www/cgi-bin"> SSLOptions +StdEnvVars SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_html_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" <Directory "/var/www/html"> Order allow,deny Allow from [Admin IP]
# cd /var/www/ # ln -s phpMyAdmin-3.5.5-all-languages phpmyadmin # service httpd restart # chkconfig --levels 345 mysqld on # chkconfig --levels 345 httpd on # service mysqld start # /usr/bin/mysql_secure_installation
Установить пароль root для MySQL
# cd /root # wget http://mirror.freepbx.org/freepbx-2.11.0.43.tgz # tar -zxf freepbx-2.11.0.tar.gz -C /usr/src # cd /usr/src/freepbx-2.11.0
- Отредактировать php.ini:
# vi /etc/php.ini (или /etc/php4/apache2/php.ini) upload_max_filesize=20M
# mysqladmin create asteriskcdrdb -p # mysql -p asteriskcdrdb < SQL/cdr_mysql_table.sql # mysqladmin create asterisk -p # mysql -p asterisk < SQL/newinstall.sql # mysql -p mysql> GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO asteriskuser@localhost IDENTIFIED BY '[ваш пароль]'; mysql> GRANT ALL PRIVILEGES ON asterisk.* TO asteriskuser@localhost IDENTIFIED BY '[ваш пароль]'; mysql> flush privileges;
# groupadd asterisk # useradd -c "asterisk PBX" -d /var/lib/asterisk -s /sbin/nologin -g asterisk asterisk
- Отредактировать:
# vi /etc/httpd/conf/httpd.conf (или /etc/apache2/apache2.conf): User asterisk Group asterisk
# chown asterisk /var/lib/php/session
# ./install_amp
- Заменить в базе asterisk в таблице freepbx_settings пароль для астериск манагера:
# mysql -p mysql> UPDATE `asterisk`.`freepbx_settings` SET `value` = '[ваш пароль 2]' WHERE `freepbx_settings`.`keyword` = 'AMPMGRPASS'; # chown asterisk /etc/modprobe.d/dahdi.conf
# rm /etc/asterisk/ccss.conf /etc/asterisk/logger.conf /etc/asterisk/iax.conf /etc/asterisk/extensions.conf /etc/asterisk/sip_notify.conf /etc/asterisk/features.conf /etc/asterisk/sip.conf
- Изменить что-нить в freepbx нажать аплай (дефолтный логин/пароль — admin/admin)
- Поменять дефолтный пароль
Допольнительные установки:
# yum -y install bind bind-utils mailx ntp # chkconfig --add named # chkconfig --add ntpdate # service ntpdate start # service named start # echo “nameserver 127.0.0.1” > /etc/resolv.conf # echo “nameserver 8.8.8.8” >> /etc/resolv.conf
# yum -y install xinetd tftp-server # vi /etc/xinetd.d/tftp -s /tftp -c # mkdir /tftp && # chown nobody /tftp # vi /etc/sysconfig/iptables # service xinetd start
- Добваить в iptables:
-A INPUT -m udp -p udp -d [IP PBX]/32 --dport 5060 -m hashlimit --hashlimit 10/m --hashlimit-burst 10 --hashlimit-mode srcip,dstip,dstport --hashlimit-htable-expire 180 --hashlimit-name SIP -j ACCEPT