FreeBSD Install

My Goal
My Goal is to make a easy to install a PBX Based on Freebsd & Freeswitch & Fusionpbx. I am tired of iso's that don't work/install correctly. So I Have taken the time to walk you through a base install. By Default this install is based on Freebsd 9.x, freeswitch, nginx, sqlite3, php5, and fusionpbx. If you need Apache or another web server you will have to do this yourself. (Please take the time to Document it below if you do.) If you wish to use mysql or Postgresql then you can select them when the nginx port build it only installs the connector clients. You will have to install the mysql or postgresql server either on the same box or a remote server of your choice and configure it properly. Please contact: email: r.neese@gmail.com irc: efnet: rneese on #bsdports irc: freenode: rneese in #fusionpbx and #freeswitch

modules not currenly supported in port
The following modules are not in the freebsd-core port on BSD with reasons why. 
 * 1) applications/mod_osp (needs further devel on bsd)
 * 2) applications/mod_redis (needs further testing)
 * 3) applications/mod_stress (dead module)
 * 4) applications/mod_snipe_hunt (joke module)
 * 5) codecs/mod_sangoma_codec (not supported on bsd)
 * 6) codecs/mod_dahdi_codec (needs further testing on bsd
 * 7) directories/mod_ldap (dead)
 * 8) endpoints/mod_alsa ( not used on bsd)
 * 9) endpoints/mod_opal (currently broken on bsd)
 * 10) endpoints/mod_skypopen (not supported on bsd)
 * 11) endpoints/mod_h323 (does not build on bsd)
 * 12) ../../libs/openzap/mod_openzap (dead renamed freetdm)
 * 13) asr_tts/mod_cepstral(not supported on bsd)
 * 14) event_handlers/mod_cdr_mongodb (make file issues)(requires mod_mongo) (build issues)
 * 15) event_handlers/mod_radius_cdr (needs further work on bsd)
 * 16) languages/mod_yaml (dead)
 * 17) languages/mod_java requires java . looking at the opensource ver.
 * 18) timers/mod_timerfd (linux)

FreeBSD 9.x iso's For Installing
Download a Freebsd 9.x install iso and burn it to a disc. ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/i386/ISO-IMAGES/9.0/FreeBSD-9.0-RELEASE-i386-disc1.iso ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/ISO-IMAGES/9.0/FreeBSD-9.0-RELEASE-amd64-disc1.iso ftp://ftp.freebsd.org/pub/FreeBSD/releases/ia64/ia64/ISO-IMAGES/9.0/FreeBSD-9.0-RELEASE-ia64-release.iso

FreeBSD 9.x Minimal Install
In 9.x the installer changes.

Freebsd 9.0 New installer Basic Setup

1) select install

2) select United States iso-8895-1

3) set hostname

4) when prompter for docs and ports and src deselect all.

5) select guided and full partition

6) and then goto exit

7) hit save.

8) set root passwd

9) setup network interface

10) set up clock / ntpdate

11) setp daemons ssh and ntpd is all thats needed at this point

12) next add a user if you wish

13) next go to exit and reboot

After reboot Login : root / password

for root ssh (security hole)(enable at own risk) ee or vi /etc/ssh/sshd_conf rm the # from infront of PermitRootLogin and change no to yes save then run /etc/rc.d/sshd restart

now you can ssh into the box.

Install ports-tree & Freebsd-base-src
pkg_add -r fastest-cvsup

base src (needed if you whant mod_freetdm) (required for dahdi build) csup -h `fastest_cvsup -c tld -q` -L2 /usr/share/examples/cvsup/src-supfile

ports tree csup -h `fastest_cvsup -c tld -q` -L2 /usr/share/examples/cvsup/ports-supfile

cd /usr/ports/net/freeswitch-devel (FreeSwitch Meta Port) make install clean

cd /usr/ports/www/nginx make install clean

cd /usr/ports/www/fusionpbx make install clean

When it gets to the point of building php be sure to select php-fpm. when all is installed: edit /etc/rc.conf add 3 lines

freeswitch_enable="YES" php_fpm_enable="YES" nginx_enable="YES"

--DO NOT REBOOT UNTIL YOUR FINISHED CONFIGURING.......

Setup Nginx & ssl keys
NGINX Replace /usr/local/etc/nginx/nginx.conf with the bellow configuration. ---(start cut here)--- #user www; worker_processes 1; #pid       logs/nginx.pid; events { worker_connections 1024; } http { include      mime.types; default_type application/octet-stream; #log_format main  '$remote_addr - $remote_user [$time_local] "$request" ' #                 '$status $body_bytes_sent "$http_referer" ' #                 '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log  main; sendfile       on; #tcp_nopush    on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server{ listen 127.0.0.1:80; server_name 127.0.0.1; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; client_max_body_size 10M; client_body_buffer_size 128k; location / { root /usr/local/www/fusionpbx; index index.php; }       location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param  SCRIPT_FILENAME /usr/local/www/fusionpbx$fastcgi_script_name; }       # Disable viewing .htaccess & .htpassword & .db        location ~ .htaccess { deny all; }       location ~ .htpassword { deny all; }       location ~^.+.(db)$ { deny all; } }  server{ listen 80; server_name fusionpbx; if (\$uri !~* ^.*provision.*$) { rewrite ^(.*) https://$host$1 permanent; break; }       access_log /var/log/nginx/access.log; error_log /var/log/nginx/.error.log; client_max_body_size 10M; client_body_buffer_size 128k; location / { root /usr/local/www/fusionpbx; index index.php; }       location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param  SCRIPT_FILENAME /usr/local/www/fusionpbx$fastcgi_script_name; }       # Disable viewing .htaccess & .htpassword & .db        location ~ .htaccess { deny all; }       location ~ .htpassword { deny all; }       location ~^.+.(db)$ { deny all; } }  server{ listen 443; server_name fusionpbx; access_log /var/log/nginx/access.log; error_log /var/log/nginx/.error.log; client_max_body_size 10M; client_body_buffer_size 128k; location / { root /usr/local/www/fusionpbx; index index.php; }       # Disable viewing .htaccess & .htpassword & .db        location ~ .htaccess { deny all; }       location ~ .htpassword { deny all; }       location ~^.+.(db)$ { deny all; }       #error_page  404              /404.html; # redirect server error pages to the static page /50x.html #       #error_page   500 502 503 504  /50x.html; location = /50x.html { root  /usr/local/www/nginx-dist; }       location ~ \.php$ { root          /usr/local/www/fusionpbx; fastcgi_pass  127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME  /usr/local/www/fusionpbx/$fastcgi_script_name; include       fastcgi_params; }       ssl                  on; ssl_certificate     /etc/ssl/www/fusionpbx/cert.pem; ssl_certificate_key /etc/ssl/www/fusionpbx/key.pem; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers  on; client_max_body_size 25m; } } ---(end cut here)--- SSL Key Generation

mkdir -p /etc/ssl/www/fusionpbx

cd /etc/ssl/www/fusionpbx

openssl req -new -x509 -nodes -out cert.pem -keyout key.pem -days 365

chmod 640 /etc/ssl/www/fusionpbx/*.pem

/usr/local/etc/rc.d/nginx start

Monit & Fail2Ban
Monit cd /usr/ports/security/monit make install clean

Fail2Ban cd /usr/ports/security/py-fail2ban make install clean

Postgresql Server Setup (localhost)
\Fresh pgsql install/ cd /usr/ports/database/postgresql84-server make install clean To set and configure PgSQL for use with FusionPBX, Follow this line for line. for a fresh pgsql install follow : su pgsql initdb -D /usr/local/pgsql/data postmaster -D /usr/local/pgsql/data >logfile 2>&1 & createuser -s -e FusionPBX createdb -O FusionPBX FusionPBX psql -d FusionPBX -U FusionPBX alter user FusionPBX with password 'password';or any passwordd you want ";" required psql -f /usr/local/www/fusionpbx/includes/install/sql/pgsql.sql FusionPBX exit from su

For a existiting pgsql database install follow: su pgsql createuser -s -e FusionPBX createdb -O FusionPBX FusionPBX psql -d FusionPBX -U FusionPBX ALTER USER FusionPBX with PASSWORD 'password'; or any password you want, ";" required

Now enable it in /etc/rc.conf echo postgres_enable="YES" > /etc/rc.conf

MySql Setup (localhost)
mysql install via ports cd /usr/ports/databases/mysql55-server make install clean echo mysql_enable="yes" >> /etc/rc.conf /usr/local/etc/rc.d/mysql start

Final Step
Reboot your system and point your browser to: https://ip.of.the.pbx or https://domain.name.box (Requires dns)