ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Starting to work on an initial FreePBX setup script

    IT Discussion
    freepbx scripting setup
    3
    13
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch
      last edited by scottalanmiller

      I've never installed FreePBX, from scratch, often enough, back to back, to actually script my process.

      But today I decided to get off my ass and do a little more documentation. That turned in to me FFSing myself with "just fucking put it in a script Jared".

      I put a new folder in my FreePBX helper scripts repo.
      https://github.com/sorvani/freepbx-helper-scripts/tree/master/InitialSetup

      I will turn the module deletion into a loop once I validate all the dependencies. I believe that the current order is correct though.

      1 Reply Last reply Reply Quote 8
      • JaredBuschJ
        JaredBusch
        last edited by JaredBusch

        Wondering how to better automate this first bit....

         - Install FreePBX 15 from the 2020-02 ISO
         - Log in as root to the Vultr virtual console
        useradd --create-home jbusch
        mkdir /home/jbusch/.ssh
        wget -O /home/jbusch/.ssh/authorized_keys https://gitlab.com/sorvani/public_keys/-/raw/master/authorized_keys
        chown -R jbusch:jbusch /home/jbusch/.ssh
        chmod 700 /home/jbusch/.ssh
        chmod 600 /home/jbusch/authorized_keys
        passwd jbusch
        gpasswd -a jbusch wheel
        gpasswd -a jbusch asterisk
        exit
        
         - from local terminal
        ssh pbx15.bundystl.com (or IP)
        sudo nano /etc/sshd/sshd_config
          - disable root login and password login.
        wget https://raw.githubusercontent.com/sorvani/freepbx-helper-scripts/master/InitialSetup/setup.sh
        chmod +x setup.sh
        ./setup.sh
          - wait for a while
         - Go to GUI and complete setup
         - Create admin account, activate system, and run the firewall wizard, then set interface to internet.
        
        1 Reply Last reply Reply Quote 0
        • JaredBuschJ
          JaredBusch
          last edited by JaredBusch

          FYI, as of April 13, 2020, this is wehre the above leaves a FreepBX 15 system.

          [jbusch@freepbx ~]$ sudo fwconsole ma listonline
          No repos specified, using: [standard,commercial] from last GUI settings
          
          Module Version Status License
          accountcodepreserve 13.0.2.2 Enabled and up to date GPLv2
          amd 15.0.2 Enabled and up to date GPLv3+
          announcement 15.0.3.10 Enabled and up to date GPLv3+
          api Not Installed (Available online: 15.0.3.7) AGPLv3+
          areminder Not Installed (Available online: 15.0.14.20) Commercial
          arimanager 15.0.3.8 Enabled and up to date GPLv3+
          asterisk-cli 14.0.1 Enabled and up to date GPLv3+
          asteriskinfo 15.0.9 Enabled and up to date GPLv3+
          backup 15.0.8.94 Enabled and up to date GPLv3+
          blacklist 15.0.2.10 Enabled and up to date GPLv3+
          broadcast Not Installed (Available online: 15.0.12) Commercial
          builtin Enabled; Not available online
          bulkhandler 13.0.17 Enabled and up to date GPLv3+
          calendar 15.0.4.19 Enabled and up to date GPLv3+
          callback 15.0.8 Enabled and up to date GPLv3+
          callerid Not Installed (Available online: 15.0.14) Commercial
          callforward 15.0.10 Enabled and up to date AGPLv3+
          calllimit Not Installed (Available online: 15.0.5.3) Commercial
          callrecording 15.0.7.11 Enabled and up to date AGPLv3+
          callwaiting 15.0.4.2 Enabled and up to date GPLv3+
          campon 13.0.4.1 Enabled and up to date GPLv3+
          cdr 15.0.17 Enabled and up to date GPLv3+
          cel 15.0.15.8 Enabled and up to date GPLv3+
          certman 15.0.22 Enabled and up to date AGPLv3+
          cidlookup 15.0.15 Enabled and up to date GPLv3+
          conferences 15.0.7.4 Enabled and up to date GPLv3+
          conferencespro Not Installed (Available online: 15.0.3.15) Commercial
          configedit 13.0.7.1 Enabled and up to date AGPLv3+
          contactmanager 15.0.8.23 Enabled and up to date GPLv3+
          core 15.0.9.94 Enabled and up to date GPLv3+
          cos Not Installed (Available online: 15.0.9) Commercial
          customappsreg 15.0.13 Enabled and up to date GPLv3+
          cxpanel Not Installed (Available online: 15.0.4) GPLv3
          dahdiconfig 15.0.5.4 Enabled and up to date GPLv3+
          dashboard 15.0.5 Enabled and up to date AGPLv3+
          daynight 15.0.11 Enabled and up to date GPLv3+
          dictate 15.0.6 Enabled and up to date GPLv3+
          digium_phones 15.0.2 Enabled and up to date GPLv2
          digiumaddoninstaller 13.0.1.1 Enabled and up to date GPLv2
          directory 15.0.16 Enabled and up to date GPLv3+
          disa 15.0.4.7 Enabled and up to date AGPLv3+
          donotdisturb 15.0.6 Enabled and up to date GPLv3+
          endpoint Not Installed (Available online: 15.0.27.16) Commercial
          extensionroutes Not Installed (Available online: 15.0.5) Commercial
          extensionsettings 13.0.4 Enabled and up to date GPLv3+
          fax 15.0.19 Enabled and up to date GPLv3+
          faxpro Not Installed (Available online: 15.0.8.8) Commercial
          featurecodeadmin 13.0.6.4 Enabled and up to date GPLv3+
          filestore 15.0.3.7 Enabled and up to date AGPLv3
          findmefollow 15.0.20 Enabled and up to date GPLv3+
          firewall 15.0.6.5 Enabled and up to date AGPLv3+
          framework 15.0.16.49 Enabled and up to date GPLv2+
          fw_langpacks 14.0.1 Enabled and up to date GPLv3+
          hotelwakeup 15.0.5.4 Enabled and up to date GPLv2
          iaxsettings 15.0.6 Enabled and up to date AGPLv3
          infoservices 15.0.2 Enabled and up to date GPLv2+
          iotserver Not Installed (Available online: 15.0.0.7) Commercial
          irc 13.0.1 Enabled and up to date GPLv3+
          ivr 15.0.26 Enabled and up to date GPLv3+
          languages 15.0.10 Enabled and up to date GPLv3+
          logfiles 13.0.10.7 Enabled and up to date GPLv3+
          manager 15.0.9 Enabled and up to date GPLv2+
          miscapps 15.0.8 Enabled and up to date GPLv3+
          miscdests 15.0.2.9 Enabled and up to date GPLv3+
          music 15.0.20 Enabled and up to date GPLv3+
          oracle_connector Not Installed (Available online: 14.0.1.8) Commercial
          outroutemsg 15.0.9 Enabled and up to date GPLv3+
          paging 15.0.4.21 Enabled and up to date GPLv3+
          pagingpro Not Installed (Available online: 15.0.1.16) Commercial
          parking 15.0.15 Enabled and up to date GPLv3+
          parkpro Not Installed (Available online: 15.0.12.6) Commercial
          pbdirectory 2.11.0.6 Enabled and up to date GPLv3+
          phonebook 15.0.11 Enabled and up to date GPLv3+
          phpinfo 13.0.2 Enabled and up to date GPLv2+
          pinsets 15.0.1.10 Enabled and up to date GPLv3+
          pinsetspro Not Installed (Available online: 15.0.3) Commercial
          pm2 15.0.3.7 Enabled and up to date AGPLv3+
          pms Not Installed (Available online: 15.0.2.45) Commercial
          presencestate 15.0.9 Enabled and up to date GPLv3+
          printextensions 13.0.3.2 Enabled and up to date GPLv3+
          queueprio 15.0.10 Enabled and up to date GPLv3+
          queues 15.0.17 Enabled and up to date GPLv2+
          queuestats Not Installed (Available online: 15.0.3.25) Commercial
          qxact_reports Not Installed (Available online: 15.0.3.20) Commercial
          recording_report Not Installed (Available online: 15.0.4.24) Commercial
          recordings 15.0.3.13 Enabled and up to date GPLv3+
          restapps Not Installed (Available online: 15.0.19.3) Commercial
          ringgroups 15.0.11.7 Enabled and up to date GPLv3+
          sangomacrm Not Installed (Available online: 15.0.14.43) Commercial
          setcid 15.0.8 Enabled and up to date GPLv3+
          sipsettings 15.0.6.25 Enabled and up to date AGPLv3+
          sipstation Not Installed (Available online: 15.0.5.8) Commercial
          sms Not Installed (Available online: 15.0.4) Commercial
          soundlang 15.0.5.6 Enabled and up to date GPLv3+
          speeddial 2.11.0.4 Enabled and up to date GPLv3+
          superfecta 15.0.2.23 Enabled and up to date GPLv2+
          sysadmin 15.0.13.18 Enabled and up to date Commercial
          timeconditions 15.0.15.2 Enabled and up to date GPLv3+
          tts 15.0.9 Enabled and up to date GPLv3+
          ttsengines 15.0.4.6 Enabled and up to date AGPLv3
          ucp 15.0.6.14 Enabled and up to date AGPLv3+
          userman 15.0.23 Enabled and up to date AGPLv3+
          vega Not Installed (Available online: 15.0.6) Commercial+
          vmblast 15.0.11.3 Enabled and up to date GPLv3+
          vmnotify Not Installed (Available online: 15.0.10) Commercial
          voicemail 15.0.18.13 Enabled and up to date GPLv3+
          voicemail_report Not Installed (Available online: 15.0.5) Commercial
          vqplus Not Installed (Available online: 15.0.7.15) Commercial
          weakpasswords 13.0.2 Enabled and up to date GPLv3+
          webcallback Not Installed (Available online: 15.0.6.2) Commercial
          webrtc 15.0.8 Enabled and up to date GPLv3+
          xmpp 15.0.6.4 Enabled and up to date AGPLv3
          zulu Not Installed (Available online: 15.0.58.3) Commercial
          1 Reply Last reply Reply Quote 0
          • black3dynamiteB
            black3dynamite
            last edited by black3dynamite

            # Prompt for a username and password
            read -p "Enter a new username: " myUserName
            read -s -p "Enter a new password for $myUserName: " myPassword; echo
            
            # Prompt for your GitLab username
            read -p "Enter your GitLab username: " myGitLabUsername
            
            # Create user account and add user to wheel and asterisk group
            useradd --create-home $myUserName --password $myPassword
            gpasswd -a $myUserName wheel
            gpasswd -a $myUserName asterisk
            
            # Create .ssh directory, add authorized_keys file, set permissions
            mkdir /home/$myUserName/.ssh
            wget -O /home/$myUserName/.ssh/authorized_keys https://gitlab.com/$myGitLabUsername/public_keys/-/raw/master/authorized_keys
            chown -R $myUserName:$myUserName /home/$myUserName/.ssh
            chmod 700 /home/$myUserName/.ssh
            chmod 600 /home/$myUserName/.ssh/authorized_keys
            
            # Disable root login
            sed -i 's/#\?\(PerminRootLogin\s*\).*$/\1 no/' /etc/ssh/sshd_config
            # Disable PasswordAuthentication
            # Ends up with duplicate PasswordAuthentication because it modifies both #PasswordAuthentication and PasswordAuthentication
            sed -i 's/#\?\(PasswordAuthentication\s*\).*$/\1 no/' /etc/ssh/sshd_config
            
            wget https://raw.githubusercontent.com/sorvani/freepbx-helper-scripts/master/InitialSetup/setup.sh
            chmod +x setup.sh
            ./setup.sh
            
            systemctl restart sshd.service
            exit
            
            JaredBuschJ 1 Reply Last reply Reply Quote 2
            • JaredBuschJ
              JaredBusch @black3dynamite
              last edited by

              @black3dynamite dunno if that is "better" from an automation standpoint, but it is certainly better from a guide standpoint.

              black3dynamiteB 1 Reply Last reply Reply Quote 0
              • JaredBuschJ
                JaredBusch
                last edited by

                so restoring again.

                lots of typing from the initial root login in the Vultr virtual console. I need to make that less.
                hmmm....

                1 Reply Last reply Reply Quote 0
                • JaredBuschJ
                  JaredBusch
                  last edited by JaredBusch

                  New method, testing now.

                  1. Complete setup from ISO in Vultr Virtual Console.
                  2. Log in as root user in the Vultr Virtual Console.
                  3. Download this script and execute.
                  wget https://raw.githubusercontent.com/sorvani/freepbx-helper-scripts/master/InitialSetup/root_setup.sh
                  chmod +x root_setup.sh
                  ./root_setup.sh
                  
                  1. Log in as your user via SSH
                  2. Execute the setup.sh already in your home folder.
                  sudo ./setup.sh
                  
                  1 Reply Last reply Reply Quote 0
                  • JaredBuschJ
                    JaredBusch
                    last edited by

                    Assuming this works as planned, then making it more generic would be next up.
                    For example, for getting the SSH public keys or not.

                    1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch
                      last edited by JaredBusch

                      That worked well.

                      8900cd24-a391-4e02-89dc-d9ab8c633e8d-image.png
                      c3a6a8b7-1c59-42a4-81f0-b8a24627da7d-image.png

                      1 Reply Last reply Reply Quote 0
                      • black3dynamiteB
                        black3dynamite @JaredBusch
                        last edited by

                        @JaredBusch said in Starting to work on an initial FeePBX setup script:

                        @black3dynamite dunno if that is "better" from an automation standpoint, but it is certainly better from a guide standpoint.

                        Yeah, I was all over the place trying to make it more of an automation deployment.

                        One of the things going back and forth was the part for creating a password, I was thinking of using chage -d 0 $myUserName to force password change upon first login instead of having the user enter a password during the setup since the PasswordAuthentication is disabled. And then use arguments instead of read prompts.

                        JaredBuschJ 1 Reply Last reply Reply Quote 0
                        • JaredBuschJ
                          JaredBusch @black3dynamite
                          last edited by

                          @black3dynamite said in Starting to work on an initial FeePBX setup script:

                          @JaredBusch said in Starting to work on an initial FeePBX setup script:

                          @black3dynamite dunno if that is "better" from an automation standpoint, but it is certainly better from a guide standpoint.

                          Yeah, I was all over the place trying to make it more of an automation deployment.

                          One of the things going back and forth was the part for creating a password, I was thinking of using chage -d 0 $myUserName to force password change upon first login instead of having the user enter a password during the setup since the PasswordAuthentication is disabled. And then use arguments instead of read prompts.

                          I was thinking something like that also with the new user. But I had not had time to look up the syntax.

                          1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller
                            last edited by

                            Corrected the title to FreePBX instead of FeePBX, lol. Although that name would be useful somewhere, too.

                            JaredBuschJ 1 Reply Last reply Reply Quote 0
                            • JaredBuschJ
                              JaredBusch @scottalanmiller
                              last edited by

                              @scottalanmiller said in Starting to work on an initial FreePBX setup script:

                              Corrected the title to FreePBX instead of FeePBX, lol. Although that name would be useful somewhere, too.

                              go me

                              1 Reply Last reply Reply Quote 0
                              • 1 / 1
                              • First post
                                Last post