====== Installer Asterisk et FreePBX sur CentOS 7 ======
En cours de rédaction, à vos risques et périls
===== Configuration des dépôts =====
Le dépôt tucny contient les RPMS nécessaires:
cat <<'_EOF' > /etc/yum.repos.d/tucny-asterisk.repo
[asterisk-common]
name=Asterisk Common Requirement Packages @ tucny.com
#baseurl=https://ast.tucny.com/repo/asterisk-common/el$releasever/$basearch/
mirrorlist=https://ast.tucny.com/mirrorlist.php?release=$releasever&arch=$basearch&repo=asterisk-common
enabled=1
gpgcheck=1
gpgkey=https://ast.tucny.com/repo/RPM-GPG-KEY-dtucny
[asterisk-13]
name=Asterisk 13 Packages @ tucny.com
#baseurl=https://ast.tucny.com/repo/asterisk-13/el$releasever/$basearch/
mirrorlist=https://ast.tucny.com/mirrorlist.php?release=$releasever&arch=$basearch&repo=asterisk-13
enabled=1
gpgcheck=1
gpgkey=https://ast.tucny.com/repo/RPM-GPG-KEY-dtucny
_EOF
rpm --import https://ast.tucny.com/repo/RPM-GPG-KEY-dtucny
===== Installation des paquets =====
* Asterisk et ses composants
yum install asterisk asterisk-voicemail-plain asterisk-pjsip asterisk-mysql asterisk-ael asterisk-iax2 asterisk-sip
* Dépendances pour FreePBX
yum install mariadb-server php-mysql php-fpm httpd mod_ssl php-mbstring php-xml php-cli php-pear tftp-server nmap
pear install Console_Getopt
* Démarrer les services
systemctl start mariadb
systemctl enable mariadb
systemctl start httpd
systemctl enable httpd
systemctl start php-fpm
systemctl enable php-fpm
* Désactiver SELinux
sed -i -e "s/SELINUX=.*/SELINUX=disabled/" /etc/selinux/config
setenforce 0
Voir pour créer une politique de sécurité au lieu de désactiver SELinux entièrement
* Configurer la partie web
mkdir /var/lib/php/ast-sessions
chown asterisk:asterisk /var/lib/php/ast-sessions
chmod 770 /var/lib/php/ast-sessions
chown asterisk:asterisk /var/log/php/www/
chmod 770 /var/log/php/www/
cat <<'_EOF' > /etc/php-fpm.d/www.conf
[www]
listen = /run/php-fpm/www.sock
listen.owner = apache
listen.group = apache
listen.mode = 0660
user = asterisk
group = asterisk
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
php_admin_value[error_log] = /var/log/php/www/error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/ast-sessions
php_admin_value[memory_limit] = 256M
_EOF
cat <<'_EOF' > /etc/httpd/conf.d/php-fpm.conf
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
cat <<'_EOF' > /etc/httpd/conf.d/freepbx.conf
# Pour forcer le SSL, décommenter les 2 lignes suivantes
# RewriteEngine on
# RewriteRule /(.*|$) https://%{HTTP_HOST}/$1 [L]
Timeout 600
DirectoryIndex index.php
Options +FollowSymlinks
AllowOverride All
# En cas d'utilisation de Lemonldap::NG pour l'authentification
# PerlHeaderParserHandler Lemonldap::NG::Handler
# SetEnvIfNoCase Auth-User "(.*)" PHP_AUTH_USER=$1
_EOF
systemctl restart httpd
systemctl restart php-fpm
* Configurer MariaDB
mysql_secure_installation
* Créer le rep pour le provisioning
mkdir -p /tftpboot/{contacts,logs,overrides,licenses,bmp}
chown asterisk:asterisk /tftpboot
mkdir -p /tftpboot/config_bkp/contacts
chown -R asterisk:asterisk /tftpboot/config_bkp
chmod 750 /tftpboot
chmod 770 /tftpboot/{contacts,logs,overrides,bmp}
chown PlcmSpIp:asterisk /tftpboot/{contacts,logs,overrides,licenses,bmp}
yum install vsftpd
useradd PlcmSpIp -d /tftpboot
usermod -a -G asterisk PlcmSpIp
passwd PlcmSpIp
Configurer un mot de passe au compte PlcmSpIp, il sera utilisé par les téléphone au démarrage pour récupérer leur configuration
systemctl enable vsftpd
systemctl start vsftpd
cat <<'_EOF' > /etc/vsftpd/user_list
PlcmSpIp
_EOF
cat <<'_EOF' >> /etc/vsftpd/vsftpd.conf
userlist_deny=NO
_EOF
sed -i -e "s/anonymous_enable=.*/anonymous_enable=NO/" \
-e "s/local_umask=.*/local_umask=007/" \
/etc/vsftpd/vsftpd.conf
cat <<'_EOF' > /etc/vsftpd/chroot_list
PlcmSpIp
_EOF
* Télécharger FreePBX
cd /usr/src
wget http://mirror.freepbx.org/modules/packages/freepbx/freepbx-13.0-latest.tgz
tar xfz freepbx-13.0-latest.tgz
rm -f freepbx-13.0-latest.tgz
cd freepbx
* Les répertoires pour les packs de voix
mkdir -p /var/lib/asterisk/sounds/custom
mkdir -p /var/lib/asterisk/moh
pushd /var/lib/asterisk/sounds/
popd
BASE=http://downloads.asterisk.org/pub/telephony/sounds/
for F in alaw g722 g729 gsm siren7 siren14 sln16 ulaw wav; do
for L in en fr; do
[ -d /var/lib/asterisk/sounds/$L ] || mkdir /var/lib/asterisk/sounds/$L
for V in core extra; do
wget -O - $BASE/asterisk-$V-sounds-$L-$F-current.tar.gz | tar xzv -C /var/lib/asterisk/sounds/$L
done
[ -l /usr/share/asterisk/sounds/$L ] || ln -s /var/lib/asterisk/sounds/$L /usr/share/asterisk/sounds/$L
done
wget $BASE/asterisk-moh-opsound-$F-current.tar.gz -O - | tar xzv -C /var/lib/asterisk/moh/
done
chown -R asterisk:asterisk /var/lib/asterisk/{sounds,moh}
* Créer les bases de données
mysql
create database freepbx;
create database asteriskcdrdb;
grant all privileges on freepbx.* to 'freepbx'@'localhost' identified by 'p@ssw0rd';
grant all privileges on asteriskcdrdb.* to 'freepbx'@'localhost' identified by 'p@ssw0rd';
* Éditer /etc/asterisk/asterisk.conf et enlever **(!)** sur la première ligne
* Lancer l'installation
systemctl start asterisk
./install