Asterisk Freepbx on CentOS (CentOS v8, Asterisk v16, Freepbx v15)

CentOS

 

 

 

This covers the installation of Asterisk v16 and Freepbx v15 GUI, from source, on CentOS v8. 

Tested on

CentOS v8 x64
Asterisk v16
Freepbx v15
PHP v7.3

Assumptions

Console text mode (multi-user.target)
Installation done as root user (#)

Missing Dependencies

At the time of writing the following packages were not included with CentOS 8, EPEL 8, or some other popular 3rd party repositories.  The names in brackets ( ) are the asterisk modules or features that will not compile or be available if the package is missing.

* spandsp-devel (app_fax, res_fax_spandsp)
* iksemel-devel (app_xmpp, res_xmpp, chan_motif)
* corosynclib-devel (res_corosync)
* radiusclient-ng-devel (cdr_radius)
* gmime-devel (res_http_post)
* gstreamer (music on hold streaming)
* mongodb-server (required for Freepbx XMPP chat)

If you want to use the features that depend on these packages you will need to find them from alternate repositories or compile them yourself from source.

Prerequisites

Ensure a basic server install with initial dependencies to start with.

dnf -y update && dnf -y install dnf-plugins-core epel-release && dnf -y remove sendmail
dnf config-manager --enable PowerTools
dnf -y install yum wget make which rsyslog crontabs automake gcc gcc-c++ ncurses-devel openssl-devel libxml2-devel unixODBC-devel libcurl-devel libogg-devel libvorbis-devel speex-devel freetds-devel net-snmp-devel newt-devel popt-devel libtool-ltdl-devel lua-devel sqlite-devel portaudio-devel neon-devel libical-devel openldap-devel mysql-devel bluez-libs-devel jack-audio-connection-kit-devel gsm-devel libedit-devel libuuid-devel libsrtp-devel git subversion libxslt-devel kernel-devel audiofile-devel gtk2-devel libtiff-devel libtermcap-devel bison tftp-server httpd tzdata mariadb mariadb-server mariadb-connector-odbc fail2ban xmlstarlet ghostscript libtiff-tools patch e2fsprogs mpg123 postfix whois mod_ssl nodejs

Disable Selinux

Check status

sestatus

If command found and not disabled, set SELINUX=disabled in /etc/selinux/config.  Requires reboot for changes to take effect.

sed -i 's/\(^SELINUX=\).*/\SELINUX=disabled/' /etc/selinux/config

PHP

Install repository.

dnf remove php php*
dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm

Install PHP v7.3

dnf -y module disable php
dnf -y module enable php:remi-7.3
dnf -y install php php-mysqlnd php-process php-pear php-mbstring php-xml php-gd php-curl

ODBC

cat >> /etc/odbc.ini << EOF
[MySQL-asteriskcdrdb]
Description = MariaDB connection to 'asteriskcdrdb' database
driver = MySQL
server = localhost
database = asteriskcdrdb
Port = 3306
Socket = /var/lib/mysql/mysql.sock
option = 3
Charset=utf8
  
EOF
sed -i 's/\/lib64\/libmyodbc5.so/\/lib64\/libmaodbc.so/' /etc/odbcinst.ini

Miscellaneous

dnf -y install https://download1.rpmfusion.org/free/el/rpmfusion-free-release-8.noarch.rpm
dnf -y install ffmpeg
dnf -y install https://forensics.cert.org/cert-forensics-tools-release-el8.rpm
dnf -y install lame sox

Set Timezone

## FIND YOUR TIMEZONE
tzselect
## SET TIMEZONE EXAMPLE
timedatectl set-timezone America/Vancouver
​timedatectl status

Install

DAHDI

Only required if using a physical server and installing telecom hardware.  At this time, versions newer than 2.10.2 (2.11.0 and 2.11.1) do not install correctly.

cd /usr/src
wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-2.10.2+2.10.2.tar.gz
tar zxvf dahdi-linux-complete-2.10*
cd /usr/src/dahdi-linux-complete-2.10*/
make all && make install && make config
systemctl restart dahdi

If make all fails try reboot and run dnf install kernel-devel

Asterisk

If upgrading an existing install with older asterisk it is best to run  rm -rf /usr/lib64/asterisk/modules first.

cd /usr/src
wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16-current.tar.gz
tar zxvf asterisk-16-current.tar.gz
cd /usr/src/asterisk-16*/
make distclean

Install release specific dependencies

cd /usr/src/asterisk-16*/
./contrib/scripts/install_prereq install

Configure

cd /usr/src/asterisk-16*/
./configure --libdir=/usr/lib64 --with-jansson-bundled

To view results type nano -v config.log.

Set compile options

cd /usr/src/asterisk-16*/
make menuselect

# Go to Applications and make sure app_macro is checked.
# To add/change compile options afterwards just run make menuselect and make && make install again.

Create Asterisk User, compile, install and set preliminary ownership.

adduser asterisk -s /sbin/nologin -c "Asterisk User"
make && make install && chown -R asterisk. /var/lib/asterisk

Freepbx

systemctl restart mariadb
cd /usr/src
git clone -b release/15.0 --single-branch https://github.com/freepbx/framework.git freepbx
touch /etc/asterisk/modules.conf
cd /usr/src/freepbx
./start_asterisk start

./install -n

Module install

fwconsole ma downloadinstall framework core voicemail sipsettings infoservices \
featurecodeadmin logfiles callrecording cdr dashboard music soundlang recordings conferences
fwconsole chown
fwconsole reload

Additional modules can be installed via the GUI > Admin > Module Admin.

Optionally, install all modules (not recommended).  You may need to run the following commands twice.

fwconsole ma installall
fwconsole chown
fwconsole reload

Set Freepbx to start on boot

cat >> /etc/systemd/system/freepbx.service << EOF
[Unit]
Description=Freepbx
After=mariadb.service
 
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/fwconsole start
ExecStop=/usr/sbin/fwconsole stop
 
[Install]
WantedBy=multi-user.target

EOF
systemctl enable freepbx

Post-install tasks

Lock down the database server.

mysql_secure_installation

Answer Y to everything.

Change apache web server settings.

sed -i 's/\(^upload_max_filesize = \).*/\120M/' /etc/php.ini
sed -i 's/memory_limit = .*/memory_limit = 256M/g' /etc/php.ini

sed -i 's/^\(User\|Group\).*/\1 asterisk/' /etc/httpd/conf/httpd.conf
sed -i ':a;N;$!ba;s/AllowOverride None/AllowOverride All/2' /etc/httpd/conf/httpd.conf

sed -i 's/^\(user\|group\).*/\1 = asterisk/' /etc/php-fpm.d/www.conf
sed -i 's/.*listen\.owner =.*/listen.owner = asterisk/' /etc/php-fpm.d/www.conf
sed -i 's/.*listen\.group =.*/listen.group = asterisk/' /etc/php-fpm.d/www.conf
sed -i 's/^listen\.acl_users/;&/' /etc/php-fpm.d/www.conf

Set required services to start on boot.

systemctl enable mariadb
systemctl enable httpd
systemctl enable php-fpm
systemctl enable postfix

Finally, reboot for all changes to take effect

reboot

Optional

To be completed after logging into the GUI and initializing.

Log File Rotation

If this is not done the log files will keep growing indefinitely.

nano /etc/logrotate.d/asterisk
/var/spool/mail/asterisk
/var/log/asterisk/full
/var/log/asterisk/dtmf
/var/log/asterisk/fail2ban {
        weekly
        missingok
        rotate 4
        #compress
        notifempty
        sharedscripts
        create 0640 asterisk asterisk
        postrotate
        /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null || true
        endscript
        su root root
}

Firewall

systemctl enable firewalld
systemctl restart firewalld
firewall-cmd --permanent --zone=public --add-service={http,https}
firewall-cmd --permanent --zone=public --add-port=5060-5061/tcp
firewall-cmd --permanent --zone=public --add-port=5060-5061/udp
firewall-cmd --permanent --zone=public --add-port=10000-20000/udp
firewall-cmd --reload

TFTP

If you plan to use hardware SIP phones you will probably want to set up TFTP.

dnf -y install tftp-server

Create tftp configuration file.

nano /etc/xinetd.d/tftp
cat >> /etc/xinetd.d/tftp << EOF
service tftp
{
    socket_type     = dgram
    protocol        = udp
    wait            = yes
    user            = root
    server          = /usr/sbin/in.tftpd
    server_args     = -s /tftpboot
    disable         = no
    per_source      = 11
    cps             = 100 2
    flags           = IPv4
}
EOF

Make the directory and restart the daemon to start tftp.

mkdir /tftpboot
chmod 777 /tftpboot
systemctl restart xinetd
firewall-cmd --permanent --zone=public --add-port=69/udp
firewall-cmd --reload

Test ODBC

odbcinst -s -q

Use username & password in /etc/asterisk/res_odbc_additional.conf to test connectivity to the DB via ODBC. 

isql -v MySQL-asteriskcdrdb someusername somepassword

Test asterisk ODBC access

asterisk -vvvr
CLI> odbc show

 

Sections: