Difference between revisions of "CentOS Install"

From FusionPBX
Jump to: navigation, search
m (Reverted edits by Admin (talk) to last revision by Peletiah)
(Undo revision 1173 by Admin (talk))
Line 1: Line 1:
==Zaptel Install==
+
==Preface==
 +
The following instructions were written for CentOS 5.6. http://mirror.centos.org/centos/5/isos/ After installing CentOS follow the instructions below.
  
If this system is to use cards inside the phone server than Zaptel needs to be installed.
+
==Dependencies==
 
+
Install the following dependencies
==Sangoma Wanpipe==
+
  yum install subversion autoconf automake libtool gcc-c++ git-core ncurses-devel make expat-devel zlib zlib-devel
 
+
  yum install nano unixODBC-devel openssl-devel gnutls-devel libogg-devel libvorbis-devel curl-devel libtiff-devel libjpeg-devel python-devel expat-devel zlib zlib-devel bzip2
This is a Sangoma specific driver it can be used or Zaptel can be used. http://wiki.sangoma.com/wanpipe-freeswitch-install
 
 
 
Install dependency packages
 
 
 
  sudo yum install -y kernel-devel.x86_64 zaptel-devel.x86_64
 
  sudo yum install lksctp-tools-devel
 
sudo yum install flex libtermcap-devel bison
 
 
 
==Get zaptel source==
 
 
 
cd /usr/src
 
svn checkout http://svn.digium.com/svn/zaptel/branches/1.4 zaptel
 
 
 
or
 
 
 
cd /usr/src/
 
wget http://downloads.asterisk.org/pub/telephony/zaptel/zaptel-1.4.12.1.tar.gz
 
 
 
Get wanpipe source
 
 
 
cd /usr/src/
 
wget ftp://ftp.sangoma.com/linux/current_wanpipe/wanpipe-latest.tgz
 
tar xvfz wanpipe-latest.tgz
 
cd /usr/src/wanpipe-*
 
 
 
 
 
Install wanpipe
 
 
 
bash -p Setup install
 
  
 +
==GIT Install==
 +
cd /usr/local/src
 +
yum -y install gcc make gettext-devel curl-devel
 +
wget http://kernel.org/pub/software/scm/git/git-1.7.4.tar.bz2
 +
tar -xvjf git-1.7.4.tar.bz2
 +
cd git-1.7.4
 +
make prefix=/usr/local all
 +
make prefix=/usr/local install
  
Would you like to install WANPIPE now? [y] (y/n) y Press [Enter] to continue... Please specify absolute path name of your linux headers/source directory
 
 
Press Enter for Default: /lib/modules/2.6.18-164.el5/build /usr/src/kernels/2.6.18-164.11.1.el5-x86_64/
 
 
Install modules for current image: 2.6.18-164.el5 ? (y/n) y
 
 
Press [Enter] to continue...
 
 
Please Select Compilation Mode Please select (1-11) [Default: 1]:
 
 
10. TDM API
 
 
      Protocols: TDM API on AFT adapters:
 
      Default for: FreeSwitch, Yate, Sunrise
 
                    Custom voice development
 
 
Please select (1-11) [Default: 1]: 10
 
 
Please select a protocol option in [<opt>]: ALL (for all)
 
 
Please select working zaptel directory [1-1][m]: m
 
 
Please enter zaptel dir: [Default: /usr/src/zaptel]
 
 
    1. > /usr/src/zaptel
 
 
Checking for UDEV Zaptel compatibility...
 
 
  Would you like to add UDEV rules for Zaptel devices ? (y/n) n
 
 
Press [Enter] to continue... Press [Enter] to continue...
 
 
[EXIT|Q|q]: Exit Protocol Selection
 
 
Please select a protocol option in [<opt>]: EXIT
 
 
Visually Confirm that driver compilation was successful! (y/n) y
 
 
 
    WANPIPE v3.5.10 Installation Script
 
    Copyright (c) 1995-2009, Sangoma Technologies Inc.
 
 
WANPIPE META CONFIGURATION
 
 
There are two configuration files associated with WANPIPE.
 
 
1) /usr/src/wanpipe-3.5.10/wanrouter.rc:
 
 
        - defines locations of important files such as lock
 
          and configuration files as well as start/stop
 
          order of multiple WANPIPE devices.
 
 
2) /usr/src/wanpipe-3.5.10/wanpipe1.conf:
 
 
        - main configuration file for each WANPIPE device.
 
        - defines interfaces, hardware and protocol information.
 
        - this file can be created using the 'wancfg' GUI
 
          utility or manually based on sample files located
 
          in /etc/wanpipe/samples.
 
 
Please read the WanpipeInstallation.(pdf/txt) manual for further information.
 
 
Press [Enter] to continue...
 
 
Please specify a desired location for WANPIPE configuration files.
 
 
        (Press Enter for Default: /etc/wanpipe)
 
 
<specify path:> /etc/wanpipe
 
 
Please specify a desired location for WANPIPE interface files.
 
 
        (Press Enter for Default: /etc/wanpipe/interfaces)
 
 
<specify path:> /etc/wanpipe/interfaces
 
 
Please specify a location for WANPIPE binary, firmware files.
 
 
        (Press Enter for Default: /etc/wanpipe/firmware)
 
 
<specify path:> /etc/wanpipe/firmware
 
 
 
    WANPIPE v3.5.10 Installation Script
 
    Copyright (c) 1995-2009, Sangoma Technologies Inc.
 
 
WANPIPE UTILITIES SETUP
 
 
WANPIPE utilities are used to:
 
 
        1) create configuration files: for Zaptel and Asterisk
 
                /usr/sbin/wancfg_zaptel #Zaptel and Asterisk
 
                /usr/sbin/wancfg_dahdi  #Dahdi and Asterisk
 
                /usr/sbin/wancfg_smg    #BRI/SS7, Zaptel and Asterisk
 
                /usr/sbin/wancfg_tdmapi #TDM API
 
        2) create WANPIPE WAN/IP configuration files.
 
                (/usr/sbin/wancfg)
 
        3) start,stop,restart individual/all devices and interfaces.
 
                (/usr/sbin/wanrouter)
 
        4) debug line, protocol and driver problems.
 
                (/usr/sbin/wanpipemon)
 
        5) aid in WANPIPE API development
 
                (/etc/wanpipe/api)
 
 
Refer to the WanpipeInstallation.(pdf/txt) for more information.
 
 
Press [Enter] to continue...
 
 
Press [Enter] to continue...
 
 
 
Installing WANPIPE Files ... ! Installing WANPIPE Utilities in /usr/sbin Installing wanrouter.rc in /etc/wanpipe Installing wanpipe libraries in  /etc/wanpipe Installing firmware in /etc/wanpipe/firmware Installing documentation in /usr/share/doc/wanpipe Installing sample api code in /etc/wanpipe/api Installing AFT Firmware update utility in /etc/wanpipe/util Installing driver headers in /etc/wanpipe/api/include/linux Installing Hardware Echo Cancel Utilites Press [Enter] to continue...
 
 
 
Would you like to install WANPIPE start-up scripts? (y/n) y
 
 
 
    WANPIPE v3.5.10 Installation Script
 
    Copyright (c) 1995-2009, Sangoma Technologies Inc.
 
 
WANPIPE INSTALLATON: COMPLETE
 
 
WANPIPE installation is now complete. WANPIPE kernel drivers and configuration/debug utilities have been compiled and installed.
 
 
 
        1) Proceed to configure the WANPIPE drivers:
 
                Asterisk/Zaptel  : /usr/sbin/wancfg_zaptel
 
                Asterisk/Dahdi  : /usr/sbin/wancfg_dahdi
 
                TDM API          : /usr/sbin/wancfg_tdmapi
 
                SMG SS7/BRI/PRI  : /usr/sbin/wancfg_smg
 
                WAN Routing/API  : /usr/sbin/wancfg
 
        2) Use the /usr/sbin/wanrouter startup script to start and stop
 
          the router. (eg: wanrouter start)
 
        3) To uninstall WANPIPE package run ./Setup remove
 
 
Please read http://wiki.sangoma.com for further instructions.
 
 
 
Sometimes you need an
 
 
depmod -a
 
 
 
==FreeSWITCH Install==
 
==FreeSWITCH Install==
 
Install the following dependencies
 
 
yum install subversion autoconf automake libtool gcc-c++ ncurses-devel make expat-devel zlib zlib-devel
 
 
The following will enable additional modules
 
 
yum install nano unixODBC-devel openssl-devel gnutls-devel libogg-devel libvorbis-devel curl-devel
 
  
 
Then use the following
 
Then use the following
Line 194: Line 24:
 
  cd /usr/src/freeswitch
 
  cd /usr/src/freeswitch
 
  ./bootstrap.sh
 
  ./bootstrap.sh
 +
 +
Edit modules.conf to enable or disable desired modules. To enable a few extra features you may want to go ahead and edit modules.conf. Remove the # in front of the lines with these modules:
 +
sed -i 's/#mod_spandsp/mod_spandsp/g' /usr/src/freeswitch/modules.conf
 +
sed -i 's/#mod_flite/mod_flite/g' /usr/src/freeswitch/modules.conf
 +
sed -i 's/#mod_shout/mod_shout/g' /usr/src/freeswitch/modules.conf
 +
sed -i 's/#mod_pocketshpinx/mod_pocketshpinx/g' /usr/src/freeswitch/modules.conf
 +
 +
Complete the FreeSWITCH compile.
 +
 
  ./configure
 
  ./configure
 
  make install
 
  make install
 
  make cd-sounds-install
 
  make cd-sounds-install
 
  make cd-moh-install
 
  make cd-moh-install
 +
make hd-moh-install
 +
make hd-sounds-install
  
 
  +---------- FreeSWITCH install Complete ----------+
 
  +---------- FreeSWITCH install Complete ----------+
Line 251: Line 92:
 
  +-------------------------------------------------+
 
  +-------------------------------------------------+
  
To enable a few extra features you may want to go ahead and edit modules.conf. Remove the # in front of the lines with these modules:
 
  
mod_spandsp
+
To upgrade FreeSWITCH in the future do the following:
mod_shout
 
mod_flite
 
mod_pocketshpinx
 
  
After saving the changes you may want to go ahead and get your "git together":
+
  cd /usr/src/freeswitch
 
 
  cd freeswitch
 
git pull
 
 
  make current
 
  make current
 
After this you have the latest FreeSWITCH ready for use with FusionPBX
 
  
 
==FreeSWITCH Auto Start==
 
==FreeSWITCH Auto Start==
Line 283: Line 115:
 
Set the permissions and add it to run on startup
 
Set the permissions and add it to run on startup
  
  chmod 755 /etc/init.d/freeswitch
+
  chmod 765 /etc/init.d/freeswitch
 
  chkconfig --add freeswitch
 
  chkconfig --add freeswitch
 
  chkconfig --level 5 freeswitch on
 
  chkconfig --level 5 freeswitch on
 
  chkconfig --list freeswitch
 
  chkconfig --list freeswitch
  
==CentoOS 32-bit Install==
+
==FreeSWITCH conf==
 
 
    * Take a look at, installing FusionPBX on CentOS in 4 Steps.
 
  
==CentoOS 64-bit Install==
+
Disable the following files but leave them for examples
  
If you don't have 64-bit support, just remove x86_64 from the below packages.
+
cd /usr/local/freeswitch/conf/dialplan/default
 +
mv 00_ladspa.xml 00_ladspa.noload
 +
mv 00_pizza_demo.xml 00_pizza_demo.noload
 +
mv 01_Talking_Clock.xml 01_Talking_Clock.noload
  
==Additional Tools==
+
==Repositories==
  
On CentOS w/ 64-bit support: CentOS does not yet ship a recent enough version of PHP, so we suggest you use the RPMs provided in the REMI repository. To do so:
+
CentOS does not yet ship a recent enough version of PHP in order to use PHP FPM (fast cgi), so we suggest you use the RPMs provided in the REMI repository. To do so:
  
 
  wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm  
 
  wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm  
Line 305: Line 138:
 
  rpm -Uvh remi-release-5.rpm
 
  rpm -Uvh remi-release-5.rpm
  
 +
==Database==
 +
 +
===SQLite===
 +
 +
Is installed with PHP
 +
 +
===PostgreSQL===
 +
 +
Postgres 8.4 or higher is required. The following instructions install version 9.0
 +
Replace the custom-username and custom-password with the account information.
  
yum install zaptel.x86_64 zaptel-lib.x86_64 zaptel-utils.x86_64 libpri.x86_64 spandsp.x86_64
+
http://wiki.postgresql.org/wiki/YUM_Installation (additional information)
  
PostgreSQL
+
Locate and edit your distributions .repo file, located: [base] and [updates] sections
 +
nano /etc/yum.repos.d/CentOS-Base.repo
  
rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm 
+
To the section(s) identified above, you need to append a line:
  yum --enablerepo=remi install php php-common php-pgsql php-pdo php-soap php-xml php-xmlrpc
+
  exclude=postgresql*
yum --enablerepo=remi upgrade php php-common php-pdo
 
  
 +
Download and install PGDG RPM file
 +
wget http://www.pgrpms.org/9.0/redhat/rhel-5-i386/pgdg-centos-9.0-2.noarch.rpm
 +
rpm -ivh pgdg-centos-9.0-2.noarch.rpm
 +
yum install postgresql90-server
 +
service postgresql-9.0 initdb
 +
chkconfig postgresql-9.0 on
 +
service postgresql initdb
 +
service postgresql-9.0 start
 +
su postgres
 +
psql
 +
CREATE ROLE custom-username WITH SUPERUSER LOGIN PASSWORD 'custom-password';
 +
\q
 +
exit
 +
sed -i 's/ident/md5/g' /var/lib/pgsql/9.0/data/pg_hba.conf
 +
service postgresql-9.0 restart
  
MySQL
+
===MySQL===
  
Before installing the remi packages, it is suggested that you install the dependent libraries. The upstream packages does not have the correct version and conflict with each other. To do so:
+
Needs to be reviewed. Before installing the remi packages, it is suggested that you install the dependent libraries. The upstream packages does not have the correct version and conflict with each other. If you don't have 64-bit support, just remove x86_64 from the below packages.
  
 
  wget http://downloads.mysql.com/archives/mysql-5.1/MySQL-shared-compat-5.1.30-0.rhel5.x86_64.rpm
 
  wget http://downloads.mysql.com/archives/mysql-5.1/MySQL-shared-compat-5.1.30-0.rhel5.x86_64.rpm
Line 331: Line 189:
 
  yum --enablerepo=remi upgrade php php-common php-pdo
 
  yum --enablerepo=remi upgrade php php-common php-pdo
  
==Permissions==
+
==PHP==
  
Set permissions
+
rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm 
 +
yum --enablerepo=remi install php php-common php-pgsql php-pdo php-soap php-xml php-xmlrpc
 +
yum --enablerepo=remi upgrade php php-common php-pdo
  
adduser freeswitch
+
==Web Server==
chown -R freeswitch:freeswitch /usr/local/freeswitch
 
chown -R apache:apache /var/www/fusionpbx
 
chmod 766 -R /var/www/fusionpbx
 
  
Add the apache user to the freeswitch group
+
There are multiple choices for a web server to use. These instructions focus on nginx because it takes very little server resources and scales well.
  
nano /etc/group
+
NGINX (pronounced: engine x)
  
Before:
+
yum --enablerepo=remi install nginx php-fpm
 +
chkconfig php-fpm on
  
freeswitch:x:500
+
Add the following directories.
  
After:
+
mkdir /etc/nginx/sites-available
 +
mkdir /etc/nginx/sites-enabled
  
freeswitch:x:500:freeswitch,apache
+
Remove the original config and add a more flexible one.
  
==Fusionpbx==
+
rm nginx.conf
 +
wget http://www.fusionpbx.com/downloads/centos/nginx/nginx.conf
 +
cd /etc/nginx/sites-available
 +
wget http://www.fusionpbx.com/downloads/centos/nginx/fusionpbx.conf
 +
ln /etc/nginx/sites-available/fusionpbx.conf /etc/nginx/sites-enabled/fusionpbx.conf
  
Dependencies Subversion
+
==OpenSSL==
  
  yum install subversion
+
Make sure the /etc/ssl directory exists
 +
  mkdir -p /etc/ssl
 +
Change the directory
 +
cd /etc/ssl
 +
Generate a private key:
 +
openssl genrsa -des3 -passout pass:fusionpbx_cert_password -out fusionpbx.ssl.key 1024
 +
Remove password from private key:
 +
openssl rsa -in fusionpbx.ssl.key -passin pass:fusionpbx_cert_password -out fusionpbx.ssl.key.nopass
 +
Create a CSR (certificate signing request):
 +
openssl req -new -key fusionpbx.ssl.key.nopass -out fusionpbx.ssl.csr -subj "/E=support@fusionpbx.com/CN=fusionpbx/OU=Project/O=FusionPBX/L=Boise/S=ID/C=US"
 +
Generate self-signed cert:
 +
openssl x509 -req -days 3650 -in fusionpbx.ssl.csr -signkey fusionpbx.ssl.key.nopass -out fusionpbx.ssl.crt
  
Apache
+
==FusionPBX==
  
yum install apache2
+
Download FusionPBX source and add it to the web server directory.
  
PHP >= 5.2.3
+
cd /var/www
 +
sudo svn checkout http://fusionpbx.googlecode.com/svn/trunk/fusionpbx /var/www/fusionpbx
  
yum install php5 php5-pdo php-sqlite php5-pdo_sqlite
+
If you get an error: 'svn: command not found.' Then add subversion. Then run the svn checkout again.
  
Install the backend of your choice
+
yum install subversion
  
sqlite
+
==Permissions==
 +
There are multiple ways to handle permissions. FreeSWITCH creates some file on demand such as voicemail and does not give the necessary group permissions because of that the following method is currently recommended. This method adds the www-data user, changes ownership of the files to use www-data and then make the php-fpm and freeswitch services run as www-data.
  
  yum install sqlite3 php5-pdo_sqlite
+
  adduser www-data
 +
chown -R www-data:www-data /usr/local/freeswitch
 +
chown -R www-data:www-data /var/www/fusionpbx
 +
sed -i 's/user = apache/user = www-data/g' /etc/php-fpm.d/www.conf
 +
sed -i 's/group = apache/group = www-data/g' /etc/php-fpm.d/www.conf
 +
sed -i 's/${FS_USER-freeswitch}/${FS_USER-www-data}/g' /etc/init.d/freeswitch
 +
chown -R www-data:www-data -R /var/lib/php/session
  
mysql
+
==Network Time Protocol==
 
 
yum install mysql-server.x86_64  mysql.x86_64 mysql-server-devel.x86_64 php5-pdo_mysql
 
 
 
postgresql
 
 
 
yum install php5-pdo_pgsql postgresql-server.x86_64 postgresql.x86_64
 
 
 
FusionPBX install
 
 
 
Download FusionPBX source and add it to Apache
 
 
 
cd /var/www
 
sudo svn checkout http://fusionpbx.googlecode.com/svn/trunk/fusionpbx /var/www/fusionpbx
 
 
 
===Network Time Protocol===
 
  
 
If NTP is not installed then install it.
 
If NTP is not installed then install it.
Line 401: Line 268:
 
  ntpdate pool.ntp.org
 
  ntpdate pool.ntp.org
 
  service ntpd start
 
  service ntpd start
 +
 +
==Fail2ban==
 +
 +
Brute force attacks are common. If the SIP and RTP ports are exposed to the Internet then it is important to install and configure Fail2ban.  Fail2ban can be configured to analyze the FreeSWITCH logs. When attacker are identified it blocks the offenders.
 +
 +
For more info go to [[Fail2Ban]]
 +
 +
==Browser==
 +
 +
To complete install go to the ip address or domain of the server in your web browser. You can use http or https and follow the instructions.
 +
 +
==Login==
 +
 +
After completing the install the default login information is:
 +
 +
user: superadmin
 +
 +
pass: fusionpbx
 +
 +
==TDM notes==
 +
 +
Optional TDM card notes. These notes have not been updated in a while.
 +
[[CentOS Install TDM]]
  
 
==Additional Notes==
 
==Additional Notes==
 
 
How to start stop FreeSWITCH
 
How to start stop FreeSWITCH
 
+
  service freeswitch start
  /usr/local/freeswitch/bin/freeswitch -stop
+
  service freeswitch stop
  /usr/local/freeswitch/bin/freeswitch -nc
 
  
 
How to start, stop and restart Apache
 
How to start, stop and restart Apache
  
  service httpd start
+
  service nginx start
  service httpd stop
+
  service nginx stop
  service httpd restart
+
  service nginx restart
  
 
Change the CentOS root password
 
Change the CentOS root password

Revision as of 03:16, 11 June 2011

Preface

The following instructions were written for CentOS 5.6. http://mirror.centos.org/centos/5/isos/ After installing CentOS follow the instructions below.

Dependencies

Install the following dependencies 

yum install subversion autoconf automake libtool gcc-c++ git-core ncurses-devel make expat-devel zlib zlib-devel
yum install nano unixODBC-devel openssl-devel gnutls-devel libogg-devel libvorbis-devel curl-devel libtiff-devel libjpeg-devel python-devel expat-devel zlib zlib-devel bzip2

GIT Install

cd /usr/local/src
yum -y install gcc make gettext-devel curl-devel
wget http://kernel.org/pub/software/scm/git/git-1.7.4.tar.bz2
tar -xvjf git-1.7.4.tar.bz2
cd git-1.7.4
make prefix=/usr/local all
make prefix=/usr/local install

FreeSWITCH Install

Then use the following 

cd /usr/src/
git clone git://git.freeswitch.org/freeswitch.git
cd /usr/src/freeswitch
./bootstrap.sh

Edit modules.conf to enable or disable desired modules. To enable a few extra features you may want to go ahead and edit modules.conf. Remove the # in front of the lines with these modules: 

sed -i 's/#mod_spandsp/mod_spandsp/g' /usr/src/freeswitch/modules.conf
sed -i 's/#mod_flite/mod_flite/g' /usr/src/freeswitch/modules.conf
sed -i 's/#mod_shout/mod_shout/g' /usr/src/freeswitch/modules.conf
sed -i 's/#mod_pocketshpinx/mod_pocketshpinx/g' /usr/src/freeswitch/modules.conf

Complete the FreeSWITCH compile. 

./configure
make install
make cd-sounds-install
make cd-moh-install
make hd-moh-install
make hd-sounds-install

+---------- FreeSWITCH install Complete ----------+
+ FreeSWITCH has been successfully installed.     +
+                                                 +
+       Install sounds:                           +
+       (uhd-sounds includes hd-sounds, sounds)   +
+       (hd-sounds includes sounds)               +
+       ------------------------------------      +
+                make cd-sounds-install           +
+                make cd-moh-install              +
+                                                 +
+                make uhd-sounds-install          +
+                make uhd-moh-install             +
+                                                 +
+                make hd-sounds-install           +
+                make hd-moh-install              +
+                                                 +
+                make sounds-install              +
+                make moh-install                 +
+                                                 +
+       Install non english sounds:               +
+       replace XX with language                  +
+       (ru : Russian)                            +
+       ------------------------------------      +
+                make cd-sounds-XX-install        +
+                make uhd-sounds-XX-install       +
+                make hd-sounds-XX-install        +
+                make sounds-XX-install           +
+                                                 +
+       Upgrade to latest:                        +
+       ----------------------------------        +
+                make current                     +
+                                                 +
+       Rebuild all:                              +
+       ----------------------------------        +
+                make sure                        +
+                                                 +
+       Install/Re-install default config:        +
+       ----------------------------------        +
+                make samples                     +
+                                                 +
+                                                 +
+       Additional resources:                     +
+       ----------------------------------        +
+       http://www.freeswitch.org               +
+       http://wiki.freeswitch.org              +
+       http://jira.freeswitch.org              +
+       http://lists.freeswitch.org             +
+                                                 +
+       irc.freenode.net / #freeswitch            +
+                                                 +
+-------------------------------------------------+


To upgrade FreeSWITCH in the future do the following: 

cd /usr/src/freeswitch
make current

FreeSWITCH Auto Start

Copy the sample-init-file to /etc/init.d/ 

 cp build/freeswitch.init.redhat /etc/init.d/freeswitch

Open /etc/init.d/freeswitch and change the freeswitch-directory from /opt/freeswitch to /usr/local/freeswitch 

 nano /etc/init.d/freeswich
  PID_FILE=${PID_FILE-/usr/local/freeswitch/run/freeswitch.pid}
  FS_FILE=${FS_FILE-/usr/local/freeswitch/bin/freeswitch}
  FS_HOME=${FS_HOME-/usr/local/freeswitch}


Set the permissions and add it to run on startup 

chmod 765 /etc/init.d/freeswitch
chkconfig --add freeswitch
chkconfig --level 5 freeswitch on
chkconfig --list freeswitch

FreeSWITCH conf

Disable the following files but leave them for examples 

cd /usr/local/freeswitch/conf/dialplan/default
mv 00_ladspa.xml 00_ladspa.noload
mv 00_pizza_demo.xml 00_pizza_demo.noload
mv 01_Talking_Clock.xml 01_Talking_Clock.noload

Repositories

CentOS does not yet ship a recent enough version of PHP in order to use PHP FPM (fast cgi), so we suggest you use the RPMs provided in the REMI repository. To do so: 

wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm 
wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
rpm -Uvh epel-release-5-4.noarch.rpm
rpm -Uvh remi-release-5.rpm

Database

SQLite

Is installed with PHP

PostgreSQL

Postgres 8.4 or higher is required. The following instructions install version 9.0 Replace the custom-username and custom-password with the account information.

http://wiki.postgresql.org/wiki/YUM_Installation (additional information)

Locate and edit your distributions .repo file, located: [base] and [updates] sections 

nano /etc/yum.repos.d/CentOS-Base.repo

To the section(s) identified above, you need to append a line: 

exclude=postgresql*

Download and install PGDG RPM file 

wget http://www.pgrpms.org/9.0/redhat/rhel-5-i386/pgdg-centos-9.0-2.noarch.rpm
rpm -ivh pgdg-centos-9.0-2.noarch.rpm
yum install postgresql90-server
service postgresql-9.0 initdb
chkconfig postgresql-9.0 on
service postgresql initdb
service postgresql-9.0 start
su postgres
psql
CREATE ROLE custom-username WITH SUPERUSER LOGIN PASSWORD 'custom-password';
\q
exit
sed -i 's/ident/md5/g' /var/lib/pgsql/9.0/data/pg_hba.conf
service postgresql-9.0 restart

MySQL

Needs to be reviewed. Before installing the remi packages, it is suggested that you install the dependent libraries. The upstream packages does not have the correct version and conflict with each other. If you don't have 64-bit support, just remove x86_64 from the below packages. 

wget http://downloads.mysql.com/archives/mysql-5.1/MySQL-shared-compat-5.1.30-0.rhel5.x86_64.rpm
rpm -Uvh MySQL-shared-compat-5.1.30-0.rhel5.x86_64.rpm

If you get a conflict, force it. 

rpm -Uvh MySQL-shared-compat-5.1.30-0.rhel5.x86_64.rpm --force

Now that you have all the version of mysql client libraries; things just install cleanly. 

rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm  yum --enablerepo=remi install php php-common php-mysql php-pdo php-soap php-xml php-xmlrpc 
yum --enablerepo=remi upgrade php php-common php-pdo

PHP

rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm  
yum --enablerepo=remi install php php-common php-pgsql php-pdo php-soap php-xml php-xmlrpc
yum --enablerepo=remi upgrade php php-common php-pdo

Web Server

There are multiple choices for a web server to use. These instructions focus on nginx because it takes very little server resources and scales well.

NGINX (pronounced: engine x) 

yum --enablerepo=remi install nginx php-fpm
chkconfig php-fpm on

Add the following directories. 

mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled

Remove the original config and add a more flexible one. 

rm nginx.conf
wget http://www.fusionpbx.com/downloads/centos/nginx/nginx.conf
cd /etc/nginx/sites-available
wget http://www.fusionpbx.com/downloads/centos/nginx/fusionpbx.conf
ln /etc/nginx/sites-available/fusionpbx.conf /etc/nginx/sites-enabled/fusionpbx.conf

OpenSSL

Make sure the /etc/ssl directory exists 

mkdir -p /etc/ssl

Change the directory 

cd /etc/ssl

Generate a private key: 

openssl genrsa -des3 -passout pass:fusionpbx_cert_password -out fusionpbx.ssl.key 1024

Remove password from private key: 

openssl rsa -in fusionpbx.ssl.key -passin pass:fusionpbx_cert_password -out fusionpbx.ssl.key.nopass

Create a CSR (certificate signing request): 

openssl req -new -key fusionpbx.ssl.key.nopass -out fusionpbx.ssl.csr -subj "/E=support@fusionpbx.com/CN=fusionpbx/OU=Project/O=FusionPBX/L=Boise/S=ID/C=US"

Generate self-signed cert: 

openssl x509 -req -days 3650 -in fusionpbx.ssl.csr -signkey fusionpbx.ssl.key.nopass -out fusionpbx.ssl.crt

FusionPBX

Download FusionPBX source and add it to the web server directory. 

cd /var/www
sudo svn checkout http://fusionpbx.googlecode.com/svn/trunk/fusionpbx /var/www/fusionpbx

If you get an error: 'svn: command not found.' Then add subversion. Then run the svn checkout again. 

yum install subversion

Permissions

There are multiple ways to handle permissions. FreeSWITCH creates some file on demand such as voicemail and does not give the necessary group permissions because of that the following method is currently recommended. This method adds the www-data user, changes ownership of the files to use www-data and then make the php-fpm and freeswitch services run as www-data. 

adduser www-data
chown -R www-data:www-data /usr/local/freeswitch
chown -R www-data:www-data /var/www/fusionpbx
sed -i 's/user = apache/user = www-data/g' /etc/php-fpm.d/www.conf
sed -i 's/group = apache/group = www-data/g' /etc/php-fpm.d/www.conf
sed -i 's/${FS_USER-freeswitch}/${FS_USER-www-data}/g' /etc/init.d/freeswitch
chown -R www-data:www-data -R /var/lib/php/session

Network Time Protocol

If NTP is not installed then install it. 

yum install ntp
chkconfig ntpd on
ntpdate pool.ntp.org
service ntpd start

If NTP is running then do the following: 

service ntpd stop
ntpdate pool.ntp.org
service ntpd start

Fail2ban

Brute force attacks are common. If the SIP and RTP ports are exposed to the Internet then it is important to install and configure Fail2ban. Fail2ban can be configured to analyze the FreeSWITCH logs. When attacker are identified it blocks the offenders.

For more info go to Fail2Ban

Browser

To complete install go to the ip address or domain of the server in your web browser. You can use http or https and follow the instructions.

Login

After completing the install the default login information is:

user: superadmin

pass: fusionpbx

TDM notes

Optional TDM card notes. These notes have not been updated in a while. CentOS Install TDM

Additional Notes

How to start stop FreeSWITCH 

service freeswitch start
service freeswitch stop

How to start, stop and restart Apache 

service nginx start
service nginx stop
service nginx restart

Change the CentOS root password 

su root
passwd
Retrieved from "http://wiki.fusionpbx.com/index.php?title=CentOS_Install&oldid=1174"