When
installing the machine, at package selection make sure you pick - at
least - 'OpenSSH Server', and 'LAMP Packages'. This installs the base
packages required.
MySQL Password
After selecting 'Continue' you will be prompted (several times) for a root password. There is no need to set one, and setting one is discouraged!
As part of the FreePBX install, a secure (128 bit) password is
generated, and used to lock down MySQL. If you set a password now, it is
not possible for the installer to secure your database. Please just
push 'enter' when prompted for a password.
Unlock and configure your root password.
You
may find it helpful to log in directly as root to manage and update
your system. We recommend you do set a root password, and enable SSH
logins from root, so you don't need to go through secondary steps that
may cause problems. This command enables SSH root logins, and prompts
you for a new root password.
sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/sshd/sshd_config
service ssh restart
sudo passwd root
Switch to the Root User
THIS IS IMPORTANT! You must run the entire process as root. Attempting to use 'sudo' later on will not work. Please don't ignore this. You must run this command to switch to an interactive root shell.
Ensure
that you re-run 'sudo -i', or log in as the root user. As mentioned
above, the entire install process must be run as 'root', and failure to
do so will cause unexpected problems.
Install Legacy pear requirements
pear install Console_Getopt
Install Dependencies for Google Voice (if required)
You may skip this section if you do not require Google Voice support.
Install iksemel
cd /usr/src
wget https://iksemel.googlecode.com/files/iksemel-1.4.tar.gz
tar xf iksemel-1.4.tar.gz
cd iksemel-*
./configure
make
make install
If
you don't have any physical PSTN hardware attached to this machine, you
don't need to install DAHDI (For example, a T1 or E1 card, or a USB
device). Most smaller setups will not have DAHDI hardware, and this step
can be safely skipped.
cd /usr/src
tar xvfz dahdi-linux-complete-current.tar.gz
rm -f dahdi-linux-complete-current.tar.gz
cd dahdi-linux-complete-*
make all
make install
make config
cd /usr/src
tar xvfz libpri-1.4-current.tar.gz
rm -f libpri-1.4-current.tar.gz
cd libpri-*
make
make install
Compile and install pjproject
cd /usr/src
tar -xjvf pjproject-2.4.tar.bz2
rm -f pjproject-2.4.tar.bz2
cd pjproject-2.4
CFLAGS='-DPJ_HAS_IPV6=1' ./configure --enable-shared --disable-sound --disable-resample --disable-video --disable-opencore-amr
make dep
make
make install
Compile and Install jansson
cd /usr/src
tar vxfz jansson.tar.gz
rm -f jansson.tar.gz
cd jansson-*
autoreconf -i
./configure
make
make install
Compile and install Asterisk
cd /usr/src
tar xvfz asterisk-13-current.tar.gz
rm -f asterisk-13-current.tar.gz
cd asterisk-*
contrib/scripts/install_prereq install
./configure
contrib/scripts/get_mp3_source.sh
make menuselect
You will be prompted at the point to pick
which modules to build. Most of them will already be enabled, but if you
want to have MP3 support (eg, for Music on Hold), you need to manually turn on 'format_mp3' on the first page.
After selecting 'Save & Exit' you can then continue
make
make install
make config
ldconfig
update-rc.d -f asterisk remove
Install Asterisk Soundfiles.
The
'make install' above installs a standard low-quality base sound file by
default. This is suitable if you are on a small, underpowered system
(such as a Rasberry Pi), but on a larger system you should install
higher quality soundfiles. Note that this installs the (8khz) 'wav'
soundfiles and G722 (High Definition 'Wideband') audio.
cd /var/lib/asterisk/sounds
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-wav-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-wav-current.tar.gz
tar xvf asterisk-core-sounds-en-wav-current.tar.gz
rm -f asterisk-core-sounds-en-wav-current.tar.gz
tar xfz asterisk-extra-sounds-en-wav-current.tar.gz
rm -f asterisk-extra-sounds-en-wav-current.tar.gz
# Wideband Audio download
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-g722-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-g722-current.tar.gz
tar xfz asterisk-extra-sounds-en-g722-current.tar.gz
rm -f asterisk-extra-sounds-en-g722-current.tar.gz
tar xfz asterisk-core-sounds-en-g722-current.tar.gz
rm -f asterisk-core-sounds-en-g722-current.tar.gz
Install and Configure FreePBX
Create the Asterisk user and set base file permissions.
sed -i 's/\(^upload_max_filesize = \).*/\120M/' /etc/php5/apache2/php.ini
cp /etc/apache2/apache2.conf /etc/apache2/apache2.conf_orig
sed -i 's/^\(User\|Group\).*/\1 asterisk/' /etc/apache2/apache2.conf
sed -i 's/AllowOverride None/AllowOverride All/' /etc/apache2/apache2.conf
service apache2 restart
Configure ODBC
Edit
/etc/odbcinst.ini and add the following. Note that this command assumes
you are installing to a new machine, and that the file is empty. If
this is not a freshly installed machine, please manually verify the
contents of the file, rather than just copying and pasting the lines
below. The 'EOF' does no go in the file, it simply signals to the 'cat'
command that you have finished pasting.
You may need to verify these paths, if you're not on a x86_64 machine. You can use the command `find / -name libmyodbc.so` to verify the location
Edit
or create /etc/odbc.ini and add the following section. Note that,
again, this command assumes you are installing to a new machine, and the
file is empty. Please manually verify the contents of the files if this
is not the case.
cd /usr/src
wget http://mirror.freepbx.org/modules/packages/freepbx/freepbx-13.0-latest.tgz
tar vxfz freepbx-13.0-latest.tgz
rm -f freepbx-13.0-latest.tgz
cd freepbx
./start_asterisk start
./install -n
That's it!
You
can now start using FreePBX. Open up your web browser and connect to
the IP address or hostname of your new FreePBX server. You will see the
Admin setup page, which is where you set your 'admin' account
password, and configure an email address to receive update
notifications.
We hope you enjoy using FreePBX 13!
How To guide for installing ViciDial on a NEW SERVER - ViciDial SVN Trunk 2.9 with Asterisk 1.8.23.0-vici On CentOS 6.5
Introduction
VICIDIALis an enterprise class, open source, call center suite in use by many large call centers around the world.
Asteriskis software that turns an ordinary computer into a voice communications server.
Together, you have a full featured predictive dialer. It can also function as an ACD for inbound calls, or closer calls coming from VICIDIAL outbound fronters. It is capable of inbound, outbound, and blended call handling. VICIDIAL even allows you to have agents logged in from remote locations.
Preliminary Notes
In this guide I will be installing this on a newly installed & updated CentOS 6 64-bit dedicated server that I am leasing from a data center. It has no control panel (cPanel, Plesk, ISPconfig, etc..) because a control panel is not needed. You should be comfortable using theputtycommand line terminal software and knowledgeable in server administration.
This guide also applies to CentOS 6 32-bit.(There were a couple minor modifications needed that I pointed out in that part of the guide)
This guide will not explain how to configure or use vicidial. For that, I recommend purchasing the Agent and Managers Manual fromwww.eflo.net. This is required reading. There is also a free version of the Agent and Manager's Manual available for download that will help. You may also use theforumsto ask specific questions.
This tutorial is a derivative of the original scratch install instructions found in the astguiclient source package. It has been adapted to CentOS.
I recommend reading this turorial in its entirety before starting so you get an idea of what prerequisites are required.
From time to time this page may get updated and if so, I will update the date at the bottom of this guide.
The text that arehighlighted in redare the areas you need to customize.
You must login as root during the entire installation and configuration process.
Update the system
Make sure you update the system first, then reboot if you installed an updated kernel.
Changes take effect immediately after you run the rdate command.
Note:It's very important to set the correct time zone of yourOperating System(shown above) and in thevicidial admin area(Admin->Phones, Admin->Servers, Admin->System Settings) and also in yourphp.inifile. They must all be the same time zone or offset equivalent.Don't forget about this when configuring vicidial after using this guide.
Turn off ntpd and remove it from bootup runlevels.
In the end, I usually run all these commands once again to make sure its all installed.
Installing the Asterisk-Perl module
NOTE: Do NOT use the 0.09 or any newer version, they do not work with ViciDial.
cd /usr/src wget http://asterisk.gnuinter.net/files/asterisk-perl-0.08.tar.gz tar -zxf asterisk-perl-0.08.tar.gz cd asterisk-perl-0.08 perl Makefile.PL make all make install
Installing additional software from source
Next, you will download, compile and install the following software.
lame
ttyload
iftop
mtop
mytop
htop
sipsak
ploticus
LAME:
LAME is an MP3 encoder used to convert audio files from WAV to MP3. Some prefer GSM usually, but others have standardized on MP3 so you would need this utility to be loaded to use that option.
cd /usr/src wget http://downloads.sourceforge.net/project/lame/lame/3.99/lame-3.99.5.tar.gz tar -zxf lame-3.99.5.tar.gz cd lame-3.99.5 ./configure make make install
SOX:
SoX is a cross-platform command line utility that can convert various formats of computer audio files in to other formats.
cd /usr/src wget http://downloads.sourceforge.net/project/sox/sox/14.4.1/sox-14.4.1.tar.gz tar -zxf sox-14.4.1.tar.gz cd sox-14.4.1 ./configure make -s make install
TTYLOAD:
ttyload is a simple terminal application that shows the processor load in a graphical time-based scrolling graph. I use it to view how loaded the system is and it visualizes load spikes very well.
cd /usr/src wget http://www.daveltd.com/src/util/ttyload/ttyload-0.5.3.tar.bz2 tar -xvjpf ttyload-0.5.3.tar.bz2 cd ttyload-0.5.3 nano ttyload.h
insert this #include directive just above the #define directives, then save and close the ttyload.h file #include
make ln -s /usr/src/ttyload-0.5.3/ttyload /usr/bin/ttyload
IFTOP:
iftop is a good console bandwidth visualization tool that shows you active connections, where they are going to/from and how much of your precious bandwidth they are using.
cd /usr/src wget http://www.ex-parrot.com/~pdw/iftop/download/iftop-0.17.tar.gz tar -zxf iftop-0.17.tar.gz cd iftop-0.17 ./configure make make install
MTOP:
mtop is a great utility for real-time monitoring of mysql and the queries that are running in it. Note: the root mysql password must be blank before installing this
mysql -u root -p
Enter your MySQL password, then the following MySQL command:
SET PASSWORD FOR root@localhost=PASSWORD('');QUIT;
cd /usr/src wget http://downloads.sourceforge.net/project/mtop/mtop/v0.6.6/mtop-0.6.6.tar.gz tar -zxf mtop-0.6.6.tar.gz cd mtop-0.6.6 perl Makefile.PL make make install
Enter the following MySQL command to put your root password back the way it was originally Replace "MYSQL_PASSWORD" with your real password.
SET PASSWORD FOR root@localhost=PASSWORD('MYSQL_PASSWORD');QUIT;
MYTOP:
mytop is is an optional utility for monitoring the threads and overall performance of mysql Note: the root mysql password must be blank before installing this
mysql -u root -p
Enter your MySQL password, then the following MySQL command:
SET PASSWORD FOR root@localhost=PASSWORD('');QUIT;
cd /usr/src wget http://jeremy.zawodny.com/mysql/mytop/mytop-1.6.tar.gz tar -zxf mytop-1.6.tar.gz cd mytop-1.6 perl Makefile.PL make make test make install
Enter the following MySQL command to put your root password back the way it was originally Replace "MYSQL_PASSWORD" with your real password.
SET PASSWORD FOR root@localhost=PASSWORD('MYSQL_PASSWORD');QUIT;
HTOP:
htop is an interactive process viewer for Linux
cd /usr/src wget http://downloads.sourceforge.net/project/htop/htop/1.0.2/htop-1.0.2.tar.gz tar -zxf htop-1.0.2.tar.gz cd htop-1.0.2 ./configure make make install
SIPSAK:
sipsak is an optional utility that VICIDIAL can use to send messages to an agent's SIP-based phone(like the Snom 320) to display text on their LCD screen.
cd /usr/src wget http://downloads.sourceforge.net/project/sipsak.berlios/sipsak-0.9.6-1.tar.gz tar -zxf sipsak-0.9.6-1.tar.gz cd sipsak-0.9.6 ./configure make make install /usr/local/bin/sipsak --version
PLOTICUS:
ploticus is a free graph creation package that allows you to create line graphs within PNG files simply by creating a config file and a data file. ViciDial uses this package to generate server performance graphs that can be displayed real-time within the ViciDial reports page.
cd /usr/src wget http://downloads.sourceforge.net/project/ploticus/ploticus/2.42/ploticus242_src.tar.gz tar -zxf ploticus242_src.tar.gz cd ploticus242/src/ make clean make make install mkdir -p /var/www/html/vicidial/ploticus/ cp pl /var/www/html/vicidial/ploticus/
Installing eAccelerator for PHP
Install the php module
cd /usr/src wget http://downloads.sourceforge.net/project/eaccelerator/eaccelerator/eAccelerator%200.9.6.1/eaccelerator-0.9.6.1.zip unzip eaccelerator-0.9.6.1.zip cd eaccelerator-0.9.6.1 export PHP_PREFIX="/usr" $PHP_PREFIX/bin/phpize ./configure --enable-eaccelerator=shared --with-php-config=$PHP_PREFIX/bin/php-config make make install
Configure php.ini
nano /etc/php.ini
Change the following values in your php.ini file.
Customize thedate.timezoneso you don't end up with a bunch of php errors complaining about it not being defined.
PHP 5.3.3 (cli) (built: Dec 11 2013 03:29:57) Copyright (c) 1997-2010 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator
Editing the Apache config file
nano /etc/httpd/conf/httpd.conf
To disable logging, change:
CustomLog logs/access_log combined
to this:
CustomLog /dev/null combined
To enable web browsing of Recordings on Asterisk server, add this:
Alias /RECORDINGS/ "/var/spool/asterisk/monitorDONE/"
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
Forcetype application/forcedownload
Change the values ofServerSignatureandServerTokensdirectives as shown below.
ServerSignature Off
ServerTokens Prod
Restart the Apache web server to apply the changes
service httpd restart chkconfig httpd on
Installphp-mcryptextension module from a fedora repository since its not available in the standard repo.
You will need this sophpMyAdmindoesn't complain about not having mcrypt installed.
Restart the Apache web server to apply the changes
service httpd restart
Installing Asterisk
Any time you upgrade the Linux kernel you must recompile/install dahdi for the new kernel.
Asterisk must be compiled with dahdi support.
Add a user account named "asterisk" with a strong password. You will not need to use this account for anything, but Asterisk expects it to exist.
Note: The install MUST be done in the following order:
Minor note:dahdi-linux-complete-current.tar.gzandlibpri-1.4-current.tar.gzmay contain an updated version than what I am currently using, therefore the directory names may be different than shown below.
useradd asterisk -s /sbin/nologin passwd asterisk mkdir /usr/src/asterisk cd /usr/src/asterisk wget http://downloads.vicidial.com/required-apps/asterisk-1.8.23.0-vici.tar.gz wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-1.4-current.tar.gz tar -zxf asterisk-1.8.23.0-vici.tar.gz tar -zxf dahdi-linux-complete-current.tar.gz tar -zxf libpri-1.4-current.tar.gz cd dahdi-linux-complete-2.9.1.1+2.9.1 make clean make make install make config cd tools make clean make make install make config cd ../../libpri-1.4.15 make clean make make install cd ../asterisk-1.8.23.0 ./configure make clean make menuselect make make install make samples
* Confirm DAHDI works properly. * You do not need dahdi_dummy anymore, because it has not been required since DAHDI-Linux 2.3.0. * The core of DAHDI is now able to use the kernel timers automatically if no telephony hardware is installed. * http://www.voip-info.org/wiki/view/DAHDI * http://www.voip-info.org/wiki/view/chan_dahdi.conf * http://www.voip-info.org/wiki/view/Asterisk+CLI
service dahdi restart chkconfig dahdi on modprobe dahdi lsmod | grep dahdi dahdi_genconf dahdi_cfg -vvv dahdi_test
cd /var/lib/asterisk/sounds tar -zxf /usr/src/asterisk-core-sounds-en-gsm-current.tar.gz tar -zxf /usr/src/asterisk-core-sounds-en-ulaw-current.tar.gz tar -zxf /usr/src/asterisk-core-sounds-en-wav-current.tar.gz tar -zxf /usr/src/asterisk-extra-sounds-en-gsm-current.tar.gz tar -zxf /usr/src/asterisk-extra-sounds-en-ulaw-current.tar.gz tar -zxf /usr/src/asterisk-extra-sounds-en-wav-current.tar.gz
cd /var/lib/asterisk/mohmp3 tar -zxf /usr/src/asterisk-moh-opsound-gsm-current.tar.gz tar -zxf /usr/src/asterisk-moh-opsound-ulaw-current.tar.gz tar -zxf /usr/src/asterisk-moh-opsound-wav-current.tar.gz rm -f CHANGES* rm -f LICENSE* rm -f CREDITS*
cd /usr/src wget --passive-ftp ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.5.tar.gz tar -zxf proftpd-1.3.5.tar.gz cd proftpd-1.3.5 ./configure --prefix=/usr --sysconfdir=/etc make make install
The proftpd binary gets installed in/usr/local/sbin, but we need it in/usr/sbin, so we create a symlink: (This file might already exist, so don't worry if it gives you an error message that says it already exists)
Generate SSL certificate and key so you can transfer files securely to/from your server using SSL.
openssl version -a openssl req -x509 -nodes -newkey rsa:4096 -keyout /etc/ftpd-rsa-key.pem -out /etc/ftpd-rsa.pem
It will ask you some questions. Fill it out correctly.
Country Name (2 letter code) [XX]:US State or Province Name (full name) []:Arizona Locality Name (eg, city) [Default City]:Mesa Organization Name (eg, company) [Default Company Ltd]:MyBusiness LLC Organizational Unit Name (eg, section) []:HQ Common Name (eg, your name or your server's hostname) []:dialer.mydomain.com Email Address []:email@ddress.com
Backup the proftpd.conf file, delete all the contents, then edit it.
insert the collowing code and replacexxx.xxx.xxx.xxxwith thestatic IP addressthat ONLY YOU will be connecting from, also replaceMY_FTP_USERNAMEwith a valid Linux user account
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "MyBusiness Dialer"
ServerType standalone
DefaultServer on
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv3 TLSv1
TLSRequired on
TLSRSACertificateFile /etc/ftpd-rsa.pem
TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem
TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
TLSOptions NoSessionReuseRequired
TLSVerifyClient off
TLSRenegotiate none
TransferLog /var/log/proftpd/ftpxferlog
ExtendedLog /var/log/proftpd/proftpd.log read,write
UseReverseDNS off
IdentLookups off
# Port 21 is the standard FTP port.
Port 21
# Don't use IPv6 support by default.
UseIPv6 off
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30
# Set the user and group under which the server will run.
User nobody
Group proftpd
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~
MaxLoginAttempts 5
# Normally, we want files to be overwriteable.
AllowOverwrite on
Order Allow,Deny
AllowUser MY_FTP_USERNAME
Allow xxx.xxx.xxx.xxx
DenyALL
Allow proftpd to run on bootup and start proftpd
chmod 755 /etc/init.d/proftpd chkconfig proftpd on service proftpd restart
Now you can connect to your server via FTP with or without SSL. Vicidial by default will not use SSL. This configuration gives the opportunity to use it either way. UseFilezillato test this and see what it does.
Installing astGUIclient (ViciDial)
First, login to mysql to create the database, add a couple users and assign privileges.
NOTE:MY_DATABASE_USERandMY_DATABASE_PASSWORDwill be used for login withphpMyAdmin
mysql -u root -p
Enter these MySQL commands:
CREATE DATABASE `asterisk` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; CREATE USER 'MY_DATABASE_USER'@'localhost' IDENTIFIED BY 'MY_DATABASE_PASSWORD'; GRANT ALL PRIVILEGES on asterisk.* toMY_DATABASE_USER@localhost; CREATE USER 'cron'@'localhost' IDENTIFIED BY '1234'; GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@'%' IDENTIFIED BY '1234'; GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@localhost IDENTIFIED BY '1234'; GRANT RELOAD ON *.* TO cron@'%'; GRANT RELOAD ON *.* TO cron@localhost; flush privileges; quit
I am going to install the latest 2.x SVN trunk which happens to be version 2.9 at this time.
mkdir /usr/src/astguiclient cd /usr/src/astguiclient svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk cd trunk perl install.pl
You will have to define various things like IP address of the server and FTP username/password.
It will also ask you where is the web root, use/var/www/html
Leave the other login settings as-is unless you already know how to update the database and other asterisk config files.
defined server_ip: xxx.xxx.xxx.xxx
defined DB_server: localhost
defined DB_database: asterisk
defined DB_user: cron
defined DB_pass: 1234
defined DB_custom_user: custom
defined DB_custom_pass: custom1234
defined DB_port: 3306
defined active_keepalives: 1234568
defined asterisk_version: 1.8
defined copying conf files: y
defined copying weblang files: n
defined FTP_host: xxx.xxx.xxx.xxx
defined FTP_user: MY_FTP_USERNAME
defined FTP_pass: MY_FTP_PASSWORD
defined FTP_port: 21
defined FTP_dir: RECORDINGS
defined HTTP_path: http://xxx.xxx.xxx.xxx
defined REPORT_host: xxx.xxx.xxx.xxx
defined REPORT_user: MY_FTP_USERNAME
defined REPORT_pass: MY_FTP_PASSWORD
defined REPORT_port: 21
defined REPORT_dir: REPORTS
Make several entries in the rc.local of your system.
nano /etc/rc.d/rc.local
On a new system I just overwrite the file with the following:
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
# OPTIONAL enable ip_relay(for same-machine trunking and blind monitoring)
/usr/share/astguiclient/ip_relay/relay_control start 2>/dev/null 1>&2
# Disable console blanking and powersaving
/usr/bin/setterm -blank
/usr/bin/setterm -powersave off
/usr/bin/setterm -powerdown
### start up the MySQL server
/etc/init.d/mysqld start
### start up the apache web server
/etc/init.d/httpd start
### roll the Asterisk logs upon reboot
/usr/share/astguiclient/ADMIN_restart_roll_logs.pl
### clear the server-related records from the database
/usr/share/astguiclient/AST_reset_mysql_vars.pl
### load dahdi drivers
modprobe dahdi
/usr/sbin/dahdi_cfg -vvvvvvvvvvvvv
### sleep for 20 seconds before launching Asterisk
sleep 20
### start up asterisk
/usr/share/astguiclient/start_asterisk_boot.pl
Make several entries in the crontab of your system:
crontab -e
### recording mixing/compressing/ftping scripts
#0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl --MIX
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_VDonly.pl
1,4,7,10,13,16,19,22,25,28,31,34,37,40,43,46,49,52,55,58 * * * * /usr/share/astguiclient/AST_CRON_audio_2_compress.pl --GSM
#2,5,8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59 * * * * /usr/share/astguiclient/AST_CRON_audio_3_ftp.pl --GSM
### keepalive script for astguiclient processes
* * * * * /usr/share/astguiclient/ADMIN_keepalive_ALL.pl --cu3way
### kill Hangup script for Asterisk updaters
* * * * * /usr/share/astguiclient/AST_manager_kill_hung_congested.pl
### updater for voicemail
* * * * * /usr/share/astguiclient/AST_vm_update.pl
### updater for conference validator
* * * * * /usr/share/astguiclient/AST_conf_update.pl
### flush queue DB table every hour for entries older than 1 hour
11 * * * * /usr/share/astguiclient/AST_flush_DBqueue.pl -q
### fix the vicidial_agent_log once every hour and the full day run at night
33 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl
50 0 * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --last-24hours
## uncomment below if using QueueMetrics
#*/5 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --only-qm-live-call-check
## uncomment below if using Vtiger
#1 1 * * * /usr/share/astguiclient/Vtiger_optimize_all_tables.pl --quiet
### updater for VICIDIAL hopper
* * * * * /usr/share/astguiclient/AST_VDhopper.pl -q
### adjust the GMT offset for the leads in the vicidial_list table
1 1,7 * * * /usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --debug
### reset several temporary-info tables in the database
2 1 * * * /usr/share/astguiclient/AST_reset_mysql_vars.pl
### optimize the database tables within the asterisk database
3 1 * * * /usr/share/astguiclient/AST_DB_optimize.pl
## adjust time on the server with ntp
30 * * * * /usr/sbin/ntpdate -u pool.ntp.org 2>/dev/null 1>&2
### VICIDIAL agent time log weekly and daily summary report generation
2 0 * * 0 /usr/share/astguiclient/AST_agent_week.pl
22 0 * * * /usr/share/astguiclient/AST_agent_day.pl
### VICIDIAL campaign export scripts (OPTIONAL)
#32 0 * * * /usr/share/astguiclient/AST_VDsales_export.pl
#42 0 * * * /usr/share/astguiclient/AST_sourceID_summary_export.pl
### remove old recordings more than 7 days old
#24 0 * * * /usr/bin/find /var/spool/asterisk/monitorDONE -maxdepth 2 -type f -mtime +7 -print | xargs rm -f
### roll logs monthly on high-volume dialing systems
#30 1 1 * * /usr/share/astguiclient/ADMIN_archive_log_tables.pl
### remove old vicidial logs and asterisk logs more than 2 days old
28 0 * * * /usr/bin/find /var/log/astguiclient -maxdepth 1 -type f -mtime +2 -print | xargs rm -f
29 0 * * * /usr/bin/find /var/log/asterisk -maxdepth 3 -type f -mtime +2 -print | xargs rm -f
30 0 * * * /usr/bin/find / -maxdepth 1 -name "screenlog.0*" -mtime +4 -print | xargs rm -f
### cleanup of the scheduled callback records
25 0 * * * /usr/share/astguiclient/AST_DB_dead_cb_purge.pl --purge-non-cb -q
### GMT adjust script - uncomment to enable
#45 0 * * * /usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --list-settings
### Dialer Inventory Report
1 7 * * * /usr/share/astguiclient/AST_dialer_inventory_snapshot.pl -q --override-24hours
### inbound email parser
* * * * * /usr/share/astguiclient/AST_inbound_email_parser.pl
Next, it is important to change theexternipandlocalnetvalues in the sip.conf
The externip needs to be thepublic facing ipof your server. The localnet will consist of thepublic facing ip and netmaskof your server.
;
; Music on Hold -- Sample Configuration
;
[default]
mode=files
directory=/var/lib/asterisk/mohmp3
[quiet]
mode=files
directory=/var/lib/asterisk/quiet-mp3
#include musiconhold-vicidial.conf
* There are other sample configration files in/usr/src/astguiclient/docs/conf_examples/that you might want to look at and maybe copy from and customize.
Lastly, reboot the machine
reboot
Diagnostics
After reboot, check your logs for any errors, make sure asterisk is up and running.
Be proactive and look for problems before you start configuring vicidial.
Run these commands to view log files:
tail -f -n 50 /var/log/asterisk/messages
tail -f -n 50 /var/log/messages
more /var/log/dmesg
tail -f -n 40 /etc/httpd/logs/error_log
tail -f -n 40 /var/log/maillog
tail -f -n 40 /var/log/cron
Run this command:
screen -ls
The output should look similar to this:
There are screens on:
2301.ASTVDauto (Detached)
2125.asterisk (Detached)
2292.ASTupdate (Detached)
2307.ASTVDadapt (Detached)
2120.astshell20131221211922 (Detached)
2304.ASTVDremote (Detached)
2310.ASTfastlog (Detached)
2298.ASTlisten (Detached)
2295.ASTsend (Detached)
9 Sockets in /var/run/screen/S-root.
The default username is: 6666 and the password is: 1234
A note about security
When you get the vicidial server configured and working, make sure to follow basic common sense server administration rules like setting up a firewall, changing default passwords, disallow remote mysql connections or limiting it, etc...
Below is firewall script I borrowed fromVICIbox Serverthat works quite well(why reinvent the wheel?). It basically blocks all IP adresses by default and only allows the IP addresses in which you specify to have access to the server. It's pretty good at blocking out all those voip hackers. I almost don't even need to worry anymore. I personally implement these iptable rules as soon as I get my server online and running and BEFORE starting this guide. DO NOT implement this unless you have a way to get back into your server in case it does not work for you. Take a look at it and modify it as needed. In my case, I use a server that I lease from Softlayer and they provide me with a VPN and IPMI interface and software to get back in if needed.
I also had to add various IP addresses for softlayer to connect to my server because they might do automated ping scans and remote management. Replacexxx.xxx.xxx.xxxwith the IP address that you need to allow access to your server. These ip addresses will be your remote location (using a static IP), your data center IP's, DID providers (such as Aretta, Switch2Voip, etc..), external database servers, etc...
Customize and add the following code to the whitelist.rules file:
# Generated by iptables-save v1.4.7 on Sat Dec 21 21:31:39 2013
*raw
:PREROUTING ACCEPT [72:5698]
:OUTPUT ACCEPT [71:5742]
-A PREROUTING -i lo -j NOTRACK
-A OUTPUT -o lo -j NOTRACK
COMMIT
# Completed on Sat Dec 21 21:31:39 2013
# Generated by iptables-save v1.4.7 on Sat Dec 21 21:31:39 2013
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:forward_ext - [0:0]
:forward_int - [0:0]
:input_ext - [0:0]
:input_int - [0:0]
:reject_func - [0:0]
-A INPUT -s xxx.xxx.xxx.xxx -j ACCEPT
-A INPUT -s xxx.xxx.xxx.xxx -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -p icmp -m state --state RELATED -j ACCEPT
-A INPUT -i eth0 -j input_int
-A INPUT -i eth1 -j input_ext
-A INPUT -j input_ext
-A INPUT -m limit --limit 3/min -j LOG --log-prefix "SFW2-IN-ILL-TARGET " --log-tcp-options --log-ip-options
-A INPUT -j DROP
-A FORWARD -m limit --limit 3/min -j LOG --log-prefix "SFW2-FWD-ILL-ROUTING " --log-tcp-options --log-ip-options
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -m limit --limit 3/min -j LOG --log-prefix "SFW2-OUT-ERROR " --log-tcp-options --log-ip-options
-A input_ext -m pkttype --pkt-type broadcast -j DROP
-A input_ext -m recent --rcheck --name GOOD --rsource -j ACCEPT
-A input_ext -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A input_ext -p tcp -m tcp --dport 113 -m state --state NEW -j reject_func
-A input_ext -m pkttype --pkt-type multicast -j DROP
-A input_ext -m pkttype --pkt-type broadcast -j DROP
-A input_ext -p tcp -m limit --limit 3/min -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j LOG --log-prefix "SFW2-INext-DROP-DEFLT " --log-tcp-options --log-ip-options
-A input_ext -p icmp -m limit --limit 3/min -j LOG --log-prefix "SFW2-INext-DROP-DEFLT " --log-tcp-options --log-ip-options
-A input_ext -p udp -m limit --limit 3/min -m state --state NEW -j LOG --log-prefix "SFW2-INext-DROP-DEFLT " --log-tcp-options --log-ip-options
-A input_ext -j DROP
-A input_ext -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A input_ext -p tcp -m tcp --dport 113 -m state --state NEW -j reject_func
-A input_int -j ACCEPT
-A reject_func -p tcp -j REJECT --reject-with tcp-reset
-A reject_func -p udp -j REJECT --reject-with icmp-port-unreachable
-A reject_func -j REJECT --reject-with icmp-proto-unreachable
COMMIT
# Completed on Sat Dec 21 21:31:39 2013
To implement the firewall rules immediately, run this command
This will ensure the iptable rules get saved to the default iptables file (/etc/sysconfig/iptables) and re-used each time the firewall is stopped or restarted.
