Starting to work on an initial FreePBX setup script
-
Wondering how to better automate this first bit....
- Install FreePBX 15 from the 2020-02 ISO - Log in as root to the Vultr virtual console useradd --create-home jbusch mkdir /home/jbusch/.ssh wget -O /home/jbusch/.ssh/authorized_keys https://gitlab.com/sorvani/public_keys/-/raw/master/authorized_keys chown -R jbusch:jbusch /home/jbusch/.ssh chmod 700 /home/jbusch/.ssh chmod 600 /home/jbusch/authorized_keys passwd jbusch gpasswd -a jbusch wheel gpasswd -a jbusch asterisk exit- from local terminal ssh pbx15.bundystl.com (or IP) sudo nano /etc/sshd/sshd_config - disable root login and password login. wget https://raw.githubusercontent.com/sorvani/freepbx-helper-scripts/master/InitialSetup/setup.sh chmod +x setup.sh ./setup.sh - wait for a while - Go to GUI and complete setup - Create admin account, activate system, and run the firewall wizard, then set interface to internet. -
FYI, as of April 13, 2020, this is wehre the above leaves a FreepBX 15 system.
[jbusch@freepbx ~]$ sudo fwconsole ma listonline No repos specified, using: [standard,commercial] from last GUI settingsModule Version Status License accountcodepreserve 13.0.2.2 Enabled and up to date GPLv2 amd 15.0.2 Enabled and up to date GPLv3+ announcement 15.0.3.10 Enabled and up to date GPLv3+ api Not Installed (Available online: 15.0.3.7) AGPLv3+ areminder Not Installed (Available online: 15.0.14.20) Commercial arimanager 15.0.3.8 Enabled and up to date GPLv3+ asterisk-cli 14.0.1 Enabled and up to date GPLv3+ asteriskinfo 15.0.9 Enabled and up to date GPLv3+ backup 15.0.8.94 Enabled and up to date GPLv3+ blacklist 15.0.2.10 Enabled and up to date GPLv3+ broadcast Not Installed (Available online: 15.0.12) Commercial builtin Enabled; Not available online bulkhandler 13.0.17 Enabled and up to date GPLv3+ calendar 15.0.4.19 Enabled and up to date GPLv3+ callback 15.0.8 Enabled and up to date GPLv3+ callerid Not Installed (Available online: 15.0.14) Commercial callforward 15.0.10 Enabled and up to date AGPLv3+ calllimit Not Installed (Available online: 15.0.5.3) Commercial callrecording 15.0.7.11 Enabled and up to date AGPLv3+ callwaiting 15.0.4.2 Enabled and up to date GPLv3+ campon 13.0.4.1 Enabled and up to date GPLv3+ cdr 15.0.17 Enabled and up to date GPLv3+ cel 15.0.15.8 Enabled and up to date GPLv3+ certman 15.0.22 Enabled and up to date AGPLv3+ cidlookup 15.0.15 Enabled and up to date GPLv3+ conferences 15.0.7.4 Enabled and up to date GPLv3+ conferencespro Not Installed (Available online: 15.0.3.15) Commercial configedit 13.0.7.1 Enabled and up to date AGPLv3+ contactmanager 15.0.8.23 Enabled and up to date GPLv3+ core 15.0.9.94 Enabled and up to date GPLv3+ cos Not Installed (Available online: 15.0.9) Commercial customappsreg 15.0.13 Enabled and up to date GPLv3+ cxpanel Not Installed (Available online: 15.0.4) GPLv3 dahdiconfig 15.0.5.4 Enabled and up to date GPLv3+ dashboard 15.0.5 Enabled and up to date AGPLv3+ daynight 15.0.11 Enabled and up to date GPLv3+ dictate 15.0.6 Enabled and up to date GPLv3+ digium_phones 15.0.2 Enabled and up to date GPLv2 digiumaddoninstaller 13.0.1.1 Enabled and up to date GPLv2 directory 15.0.16 Enabled and up to date GPLv3+ disa 15.0.4.7 Enabled and up to date AGPLv3+ donotdisturb 15.0.6 Enabled and up to date GPLv3+ endpoint Not Installed (Available online: 15.0.27.16) Commercial extensionroutes Not Installed (Available online: 15.0.5) Commercial extensionsettings 13.0.4 Enabled and up to date GPLv3+ fax 15.0.19 Enabled and up to date GPLv3+ faxpro Not Installed (Available online: 15.0.8.8) Commercial featurecodeadmin 13.0.6.4 Enabled and up to date GPLv3+ filestore 15.0.3.7 Enabled and up to date AGPLv3 findmefollow 15.0.20 Enabled and up to date GPLv3+ firewall 15.0.6.5 Enabled and up to date AGPLv3+ framework 15.0.16.49 Enabled and up to date GPLv2+ fw_langpacks 14.0.1 Enabled and up to date GPLv3+ hotelwakeup 15.0.5.4 Enabled and up to date GPLv2 iaxsettings 15.0.6 Enabled and up to date AGPLv3 infoservices 15.0.2 Enabled and up to date GPLv2+ iotserver Not Installed (Available online: 15.0.0.7) Commercial irc 13.0.1 Enabled and up to date GPLv3+ ivr 15.0.26 Enabled and up to date GPLv3+ languages 15.0.10 Enabled and up to date GPLv3+ logfiles 13.0.10.7 Enabled and up to date GPLv3+ manager 15.0.9 Enabled and up to date GPLv2+ miscapps 15.0.8 Enabled and up to date GPLv3+ miscdests 15.0.2.9 Enabled and up to date GPLv3+ music 15.0.20 Enabled and up to date GPLv3+ oracle_connector Not Installed (Available online: 14.0.1.8) Commercial outroutemsg 15.0.9 Enabled and up to date GPLv3+ paging 15.0.4.21 Enabled and up to date GPLv3+ pagingpro Not Installed (Available online: 15.0.1.16) Commercial parking 15.0.15 Enabled and up to date GPLv3+ parkpro Not Installed (Available online: 15.0.12.6) Commercial pbdirectory 2.11.0.6 Enabled and up to date GPLv3+ phonebook 15.0.11 Enabled and up to date GPLv3+ phpinfo 13.0.2 Enabled and up to date GPLv2+ pinsets 15.0.1.10 Enabled and up to date GPLv3+ pinsetspro Not Installed (Available online: 15.0.3) Commercial pm2 15.0.3.7 Enabled and up to date AGPLv3+ pms Not Installed (Available online: 15.0.2.45) Commercial presencestate 15.0.9 Enabled and up to date GPLv3+ printextensions 13.0.3.2 Enabled and up to date GPLv3+ queueprio 15.0.10 Enabled and up to date GPLv3+ queues 15.0.17 Enabled and up to date GPLv2+ queuestats Not Installed (Available online: 15.0.3.25) Commercial qxact_reports Not Installed (Available online: 15.0.3.20) Commercial recording_report Not Installed (Available online: 15.0.4.24) Commercial recordings 15.0.3.13 Enabled and up to date GPLv3+ restapps Not Installed (Available online: 15.0.19.3) Commercial ringgroups 15.0.11.7 Enabled and up to date GPLv3+ sangomacrm Not Installed (Available online: 15.0.14.43) Commercial setcid 15.0.8 Enabled and up to date GPLv3+ sipsettings 15.0.6.25 Enabled and up to date AGPLv3+ sipstation Not Installed (Available online: 15.0.5.8) Commercial sms Not Installed (Available online: 15.0.4) Commercial soundlang 15.0.5.6 Enabled and up to date GPLv3+ speeddial 2.11.0.4 Enabled and up to date GPLv3+ superfecta 15.0.2.23 Enabled and up to date GPLv2+ sysadmin 15.0.13.18 Enabled and up to date Commercial timeconditions 15.0.15.2 Enabled and up to date GPLv3+ tts 15.0.9 Enabled and up to date GPLv3+ ttsengines 15.0.4.6 Enabled and up to date AGPLv3 ucp 15.0.6.14 Enabled and up to date AGPLv3+ userman 15.0.23 Enabled and up to date AGPLv3+ vega Not Installed (Available online: 15.0.6) Commercial+ vmblast 15.0.11.3 Enabled and up to date GPLv3+ vmnotify Not Installed (Available online: 15.0.10) Commercial voicemail 15.0.18.13 Enabled and up to date GPLv3+ voicemail_report Not Installed (Available online: 15.0.5) Commercial vqplus Not Installed (Available online: 15.0.7.15) Commercial weakpasswords 13.0.2 Enabled and up to date GPLv3+ webcallback Not Installed (Available online: 15.0.6.2) Commercial webrtc 15.0.8 Enabled and up to date GPLv3+ xmpp 15.0.6.4 Enabled and up to date AGPLv3 zulu Not Installed (Available online: 15.0.58.3) Commercial -
# Prompt for a username and password read -p "Enter a new username: " myUserName read -s -p "Enter a new password for $myUserName: " myPassword; echo # Prompt for your GitLab username read -p "Enter your GitLab username: " myGitLabUsername # Create user account and add user to wheel and asterisk group useradd --create-home $myUserName --password $myPassword gpasswd -a $myUserName wheel gpasswd -a $myUserName asterisk # Create .ssh directory, add authorized_keys file, set permissions mkdir /home/$myUserName/.ssh wget -O /home/$myUserName/.ssh/authorized_keys https://gitlab.com/$myGitLabUsername/public_keys/-/raw/master/authorized_keys chown -R $myUserName:$myUserName /home/$myUserName/.ssh chmod 700 /home/$myUserName/.ssh chmod 600 /home/$myUserName/.ssh/authorized_keys # Disable root login sed -i 's/#\?\(PerminRootLogin\s*\).*$/\1 no/' /etc/ssh/sshd_config # Disable PasswordAuthentication # Ends up with duplicate PasswordAuthentication because it modifies both #PasswordAuthentication and PasswordAuthentication sed -i 's/#\?\(PasswordAuthentication\s*\).*$/\1 no/' /etc/ssh/sshd_config wget https://raw.githubusercontent.com/sorvani/freepbx-helper-scripts/master/InitialSetup/setup.sh chmod +x setup.sh ./setup.sh systemctl restart sshd.service exit -
@black3dynamite dunno if that is "better" from an automation standpoint, but it is certainly better from a guide standpoint.
-
so restoring again.
lots of typing from the initial root login in the Vultr virtual console. I need to make that less.
hmmm.... -
New method, testing now.
- Complete setup from ISO in Vultr Virtual Console.
- Log in as
rootuser in the Vultr Virtual Console. - Download this script and execute.
wget https://raw.githubusercontent.com/sorvani/freepbx-helper-scripts/master/InitialSetup/root_setup.sh chmod +x root_setup.sh ./root_setup.sh- Log in as your user via SSH
- Execute the
setup.shalready in your home folder.
sudo ./setup.sh -
Assuming this works as planned, then making it more generic would be next up.
For example, for getting the SSH public keys or not. -
That worked well.
-
@JaredBusch said in Starting to work on an initial FeePBX setup script:
@black3dynamite dunno if that is "better" from an automation standpoint, but it is certainly better from a guide standpoint.
Yeah, I was all over the place trying to make it more of an automation deployment.
One of the things going back and forth was the part for creating a password, I was thinking of using
chage -d 0 $myUserNameto force password change upon first login instead of having the user enter a password during the setup since the PasswordAuthentication is disabled. And then use arguments instead of read prompts. -
@black3dynamite said in Starting to work on an initial FeePBX setup script:
@JaredBusch said in Starting to work on an initial FeePBX setup script:
@black3dynamite dunno if that is "better" from an automation standpoint, but it is certainly better from a guide standpoint.
Yeah, I was all over the place trying to make it more of an automation deployment.
One of the things going back and forth was the part for creating a password, I was thinking of using
chage -d 0 $myUserNameto force password change upon first login instead of having the user enter a password during the setup since the PasswordAuthentication is disabled. And then use arguments instead of read prompts.I was thinking something like that also with the new user. But I had not had time to look up the syntax.
-
Corrected the title to FreePBX instead of FeePBX, lol. Although that name would be useful somewhere, too.
-
@scottalanmiller said in Starting to work on an initial FreePBX setup script:
Corrected the title to FreePBX instead of FeePBX, lol. Although that name would be useful somewhere, too.
go me
