How to install Asterisk and FreePBX on an OPENVZ server

Written by admin on November 22, 2014. Posted in Asterisk, Freepbx

yum grouplist installed

Installed Groups:
DNS Name Server
Editors
Legacy Network Server
Mail Server
Network Servers
System Tools
Text-based Internet
Web Server
Windows File Server
Yum Utilities

yum groupremove 'DNS Name Server'
yum groupremove 'Editors'
yum groupremove 'Legacy Network Server'
yum groupremove 'Mail Server'
yum groupremove 'Network Servers'
yum groupremove 'System Tools'
yum groupremove 'Text-based Internet'
yum groupremove 'Web Server'
yum groupremove 'Windows File Server'

Now update the base install

yum -y update

Install Asterisk/FreePBX required packages, other useful packages, and their dependencies

yum groupinstall core
yum groupinstall base

yum install gcc gcc-c++ wget bison mysql-devel mysql-server php php-mysql php-pear php-pear-DB php-mbstring nano tftp-server httpd make ncurses-devel libtermcap-devel sendmail sendmail-cf caching-nameserver sox newt-devel libxml2-devel libtiff-devel php-gd audiofile-devel gtk2-devel subversion nano kernel-devel selinux-policy

RHEL v5 NOTES:
Skip this section if you are using a RHEL6 distribution.

On RHEL 5 shutdown unnecessary daemon brcm-iscsi which is enabled by default and tends to do a lot of logging even when not used. This creates unnecessary I/O load.

chkconfig iscsi off
chkconfig iscsid off
service iscsi stop
service iscsid stop

Replace syslog with the improved and backwards compatible rsyslog (standard in RHEL6 but not RHEL5).  This also prevents a problem that comes up with improper timestamps in /var/log/secure when you get disconnects.

NOTE:This is only for RHEL5 based systems.  You do not need to do this for RHEL6.

yum -y install rsyslog
chkconfig syslog off
chkconfig rsyslog on
service syslog stop
service rsyslog start

--END of RHEL v5 NOTES--
RHEL v6 NOTES: 
Skip this section if you are using a RHEL5 based distribution.

On RHEL v6 and it's clone distributions the php-pear-DB package is not included.  You need to download it from an official mirror and install otherwise the FreePBX install will fail.  Click the link to check for the latest version.

cd /usr/src
wget http://dl.fedoraproject.org/pub/epel/6/i386/php-pear-DB-1.7.13-3.el6.noarch.rpm

rpm -ivh php-pear-DB*

RHEL v6 uses a newer version of php.  In this version php-posix is no longer in php-common, it is in php-process.  So you need to install php-process if using RHEL v6 or it's clones otherwise the FreePBX install will fail.

yum -y install php-process

Check if the firewall (iptables) is enabled by default and if the RHEL v6 default configuration blocks the FreePBX web GUI.  If you know what services/ports are required you can run "system-config-firewall-tui" and configure the firewall as required.

At a minimum, the following ports need to be opened:
TCP 80 (www)
TCP 4445 (Flash Operator Panel)
UDP 5060-5061 (SIP)
UDP 10,000 - 20,000 (RTP)
UDP 4569 (IAX)

Another option is to remove existing settings from the firewall and save.
iptables -F
service iptables save

Alternatively, you can disable the firewall for now and prevent it from starting on reboot.

service iptables stop
chkconfig iptables off

--END of RHEL v6 NOTES--
Selinux is not required or recommended.  This will create the required file if it does not already exist.  If it already exists copy paste or edit the contents indicated here to be sure selinux never runs.

nano /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.

SELINUXTYPE=targeted
# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

(Ctrl-x> y >Enter)

Make sure selinux is turned off for this session

setenforce 0

TFTP

Enable the tftp server on startup if required (for configuring phones)
nano /etc/xinetd.d/tftp
change server_args = from "-s /var/lib/tftpboot" to "-s /tftpboot"
change “disable=yes” to “disable=no”
(Ctrl-X>y>ENTER)

mkdir /tftpboot
chmod 777 /tftpboot
service xinetd restart

Set Timezone
Copy your timezone from this link

System timezone
Create a symbolic link to the appropriate timezone from /etc/localtime.
Example:
ln -sf /usr/share/zoneinfo/America/Vancouver /etc/localtime

PHP timezone (required since PHP v5.3):
if not set and using php v5.3+ (the version included with RHEL6) it will revert to the default timezone which may not be the correct one depending on your location.  The FreePBX install will throw out a bunch of warnings if you are using RHEL 6 and don't set this.
for RHEL5:
nano +633 /etc/php.ini
for RHEL6
nano +946 /etc/php.ini
Uncomment (;) date.timezone = and add your timezone
Restart apache for the changes to take effect
service httpd restart

Memory Limit

The recommended setting is 128M otherwise you may get warnings in FreePBX.  RHEL 5 installs will probably already have this set correctly.  RHEL 6 may need to have this changed.

For RHEL 5
nano +302 /etc/php.ini
memory_limit = 128M

For RHEL 6
nano +457 /etc/php.ini
memory_limit = 128M

As always after php.ini changes, apache needs to be restarted for the changes to take effect.
service httpd restart
Download and untar source files.   Zaptel/Dahdi is not included in this install procedure.  Starting with Asterisk 1.6.2/FreePBX2.9, it is possible to use ConfBridge in place of MeetMe conferencing.  Meetme conferencing was the last Asterisk application that required a timing source. The only reason to install zaptel/dahdi now is if you are installing telephony hardware.  Meetme still has some features that confbridge does not and is still required if you also require paging.  To install meetme conferencing you must install dahdi and ensure meetme is selected during the asterisk menuselect installation part of the procedure.  You can also install confbridge but FreePBX will default to use MeetMe if it detects it.

Get FreePBX.  Check if this is the latest released version.
cd /usr/src
wget http://mirror.freepbx.org/freepbx-2.10.0.tar.gz
tar zxvf freepbx-2.10.0.tar.gz

Get Asterisk v1.8.
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.8-current.tar.gz
tar zxvf asterisk-1.8-current.tar.gz

NOTE: There is no separate asterisk addons package to download starting with Asterisk v1.8

cd /usr/src/asterisk-1.8*
make clean
./configure && make menuselect

Select all addons.  I believe these are all needed or recommended for FreePBX.  Select base and addon sounds.  I suggest ulaw as they sound better than gsm especially if you are using ulaw as your default codec.  I usually just check both.  Then make sure to press the "save" button afterwards.

When you select 'format_mp3' above as an addon you must run a script before going any further otherwise the install will fail.

./contrib/scripts/get_mp3_source.sh

You must also have subversion installed to run the above script and be in the root directory of the Asterisk source code.

Now install Asterisk.  NOTE: If upgrading Asterisk on an already running FreePBX system do NOT run make samples.

make && make install && make samples

Create user.  May already exist but just to make sure
useradd -c "Asterisk PBX" -d /var/lib/asterisk asterisk

The following directory may already exist but just to make sure
mkdir /var/run/asterisk

Set ownership
chown -R asterisk /var/run/asterisk
chown -R asterisk /var/log/asterisk
chown -R asterisk /var/lib/asterisk/moh
chown -R asterisk /var/lib/php/session

Music on Hold
The Asterisk default moh directory is "/moh" and the Freepbx default moh directory is "/mohmp3".  If we create a symbolic link instead everything is in one place and can still be found by both FreePBX and Asterisk.  FreePBX uses mohmp3 by default so moh just sits there unused if we do not create a symbolic link.  You can switch between these two moh directories in the new Advanced Settings GUI.  I still include this symbolic link procedure for legacy reasons.  If you do it everything is in one directory always no matter what.  That simplifies things and simpler is often better.
ln -s /var/lib/asterisk/moh /var/lib/asterisk/mohmp3

The new default behaviour for Asterisk and Freepbx is to only use wav files for moh due to transcoding overhead and Asterisk stability issues with mp3's. So we want to install mpg123 for converting uploaded mp3's to wav automagically.  If you won't be uploading or streaming mp3's or won't be using FreePBX (new) default behaviour then you probably don't need to install mpg123.

cd /usr/src
wget http://sourceforge.net/projects/mpg123/files/mpg123/1.14.2/mpg123-1.14.2.tar.bz2/download
tar -xjvf mpg123-1.14.2.tar.bz2

cd mpg123-1.14.2
./configure && make && make install

Freepbx php script cannot find mpg123 by default so we need to create a symbolic link.
ln -s /usr/local/bin/mpg123 /usr/bin/mpg123

 

CHANGE APACHE USER

Change User apache and Group apache to User asterisk and Group asterisk.

sed -i "s/User apache/User asterisk/" /etc/httpd/conf/httpd.conf
sed -i "s/Group apache/Group asterisk/" /etc/httpd/conf/httpd.conf

 

MYSQL SETUP

Before you can do anything to MySQL, you need to make sure it's running:
NOTE: If running RHEL/CENTOS/SL 6 you may need to run this first.
mysql_install_db
Try without and see if it starts first.

service mysqld start
Initializing MySQL database:                               [  OK  ]
Starting MySQL:                                            [  OK  ]

Now, to configure the databases for freePBX:
Note: If mysql admin password is already configured, add "-p" after the command and enter password when asked.  For example, "mysqladmin -p create asterisk"

cd /usr/src/freepbx-2.10.0
mysqladmin create asterisk
mysqladmin create asteriskcdrdb
mysql asterisk < SQL/newinstall.sql
mysql asteriskcdrdb < SQL/cdr_mysql_table.sql

They also need to be secured.  FreePBX will prompt you for a database username/password when you do the install. You need to pick that now. We'll assume that you've picked 'asteriskuser' and 'amp109' - you probably shouldn't use these, as they are well known passwords for Freepbx.  If you use these well know defaults and your server is not firewalled make sure to set bind-address = 127.0.0.1 further down in this procedure so that MySQL only listens to localhost.  Or better yet do both.

Security check: It's very important to check that Allow Login With DB Credentials is set to FALSE in FreePBX Advanced Settings GUI.  This is the default setting.  If it were set to TRUE and you were using the default credentials ofasteriskuser/amp109 and your FreePBX GUI were exposed to the internet (ie. the http port), anyone could log into yourFreePBX GUI as administrator using those credentials.

MySQL creates a test database and 2 anonymous user accounts by default which we don't need so first we delete them.  MySQL also creates a non-local root@hostname account and assuming you don't want to access the database remotely as root (other than via SSH) you should probably delete that for security reasons.  DO NOT DELETE the root@localhost account.

mysql

mysql> DROP DATABASE test;
Query OK, 0 rows affected (0.00 sec)

mysql> SHOW VARIABLES LIKE 'hostname';
+---------------+----------------+
| Variable_name | Value          |
+---------------+----------------+
| hostname      | somehostname.com |
+---------------+----------------+
1 row in set (0.00 sec)

mysql> DROP USER ''@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> DROP USER ''@'somehostname.com';
Query OK, 0 rows affected (0.00 sec)

mysql> DROP USER 'root'@'somehostname.com';

mysql> GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO asteriskuser@localhost IDENTIFIED BY 'amp109';
Query OK, 0 rows affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON asterisk.* TO asteriskuser@localhost IDENTIFIED BY 'amp109';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> \q
Bye

Now, after all of this, you need to pick a root 'mysql' password. We'll make it 'abcdef' just for this example.  You should use a reasonably strong password. If you need to do anything else with mysql, you'll need to provide this password.
mysqladmin -u root password 'abcdef'
Install FreePBX

/usr/sbin/safe_asterisk
You may get a bunch of warnings, errors, and notices at this point.  Don't worry about them.  Hit ENTER to get a command prompt.

cd /usr/src/freepbx-2.10.0
./install_amp

If you get any warnings or errors in the last part of the output, they're usually not traumatic.

Default username is: admin
Default pw is: admin
Freepbx 2.10 now wants to create symlinks to some .conf files and complains if actual files already exist as is the case when Asterisk make samples is run.  So we need to delete these files.  In FreePBX 2.9 you should only have to delete sip_notify.conf and ccss.conf.  Not sure what would happen if you try delete the rest.  After deleting the following files, the next time we make a change in FreePBX and apply settings these symlinks will be created.

rm -f /etc/asterisk/sip_notify.conf
rm -f /etc/asterisk/iax.conf
rm -f /etc/asterisk/logger.conf
rm -f /etc/asterisk/features.conf
rm -f /etc/asterisk/sip.conf
rm -f /etc/asterisk/extensions.conf
rm -f /etc/asterisk/ccss.conf
rm -f /etc/asterisk/chan_dahdi.conf

Edit /etc/asterisk/cdr_mysql.conf and add 'loguniqueid=yes' to the global section which will give each call record a unique identifier number.

nano /etc/asterisk/cdr_mysql.conf

loguniqueid=yes
set FreePBX to start on boot
echo /usr/local/sbin/amportal start >> /etc/rc.local

Enable Apache and MySQL to start on boot
chkconfig httpd on
chkconfig mysqld on

Now reboot at which point you should be able to access FreePBX with your web browser.  The very first thing you need to do when you enter the FreePBX Admin GUI for the first time is "Apply Configuration Changes" so all the *.conf files are created then reboot again or 'amportal restart' from command prompt.

You may get an error in the FreePBX GUI saying "symlink failed for /etc/asterisk/sip_notify.conf" or something along those lines.  If that is the case just delete or rename /etc/asterisk/sip_notify.conf.  The next time you "Apply Configuration Changes" in the FreePBX GUI after some change this file will be recreated and the error should be gone.

AMPORTAL.conf changes

FreePBX v2.9+ now includes an "advanced settings" gui that is designed to replace amportal.conf and the requirements to edit it directly.  There are also some settings in a new file /etc/freepbx.conf

At this point you should go into this new advanced settings GUI on the FreePBX webpage and edit the following settings:

http://IPaddressOFyourFreePBXserver/

In the GUI Go to: Tools>Advanced Administration>Advanced Settings>System Setup>User Portal Admin Password

Choose your admin password for accessing the Voicemail & Recordings (ARI) section of the front webpage.

In the same GUI go to: System Setup>FreePBX Web Address

Remove the "xx.xx.xx.xx" and leave blank.  If that does not work use your public (ie. web facing) IP address for this server.

After saving these changes by pressing the green arrow on the right hand side of each box make sure to "Apply Configuration Changes" at the top of the GUI.