PBX in a Flash
From Proxmox VE
Appliance Details
| Package: | pbxinaflash |
| Version: | 1.5.0-6 |
| Certified: | no |
| Section: | www |
| Location: | http://pbxinflash.cyberneticnetworks.com/centos-5.0-pbxinaflash_1.5.0-6_i386.tar.gz |
| Maintainer: | Ward Mundy |
| OS: | centos-5.0 |
Introduction
PBX in a Flash is an aggregation of open source tools used to build a flexible, extensible VoIP telephony PBX. The open source tools include the CentOS 5.3 operating system, Apache web server, MySQL database management system, PHP, and the Asterisk 1.4 PBX/FreePBX 2.5 telephony platform.
Check out this Nerd Vittles Article for step-by-step VM installation instructions. Both Proxmox Network Types are supported, and both are covered in the Nerd Vittles Article. WARNING: No adjustment to /etc/hosts should be necessary and making one may very well break the VoIP telephony interface.
Check out the PBX in a Flash forum link for support.
Download latest OpenVZ template pbxinaflash_1.5.0-6 (533 MB) made for ProxMox. MD5: e751a2aa3961b4affec3e503c3875b1b
Alternate site for the OpenVZ template available each evening after 8 p.m. (Eastern time).
To transform the PBX in a Flash VM into a turnkey system, run the Orgasmatron Installer script.
NOTE: A new 64-bit PBX in a Flash OpenVZ template has just been released. It features a secure IAX2 interface as well as full support for Asterisk conferencing using DAHDI. For full details and install instructions, see this Nerd Vittles article.
Securing Your System
Security Matters especially with a VoIP telephony system. If you compromise a blog, you lose your blog. If you compromise a CRM, you lose your contacts. If you compromise your phone system, you lose your wallet! Here are some suggestions to get you started and keep your system safe. Use very secure passwords: for your root account, for your other user accounts on PBX in a Flash, and for your telephone extensions and trunks. Activate the IPtables firewall which will automatically activate the Fail2Ban server that detects password attacks against your system and blocks the attackers IP addresses. We strongly recommend a hardware-based firewall between your PBX and the Internet with no redirected ports to your PBX until you know what you're doing. Do some reading about network security and PBX in a Flash. Finally, get in the habit of regularly accessing the PBX in a Flash web GUI at the IP address of your new virtual machine. In the left column, you'll find the PBX in a Flash RSS Feed that relays important security alerts when upgrades become necessary.
IMPORTANT: Immediately after you create a new virtual machine, log into the new VM as root and run passwd-master to set a very secure password for the non-root accounts on your system. Beginning with the 1.5-0.6 build, the default password is hidden but not protected from anyone that downloads the software. Prior versions used password. In either case, your system is extremely vulnerable via web access until this master password is changed! We've simply hidden it to remind you to change it. Web access with the maint user account gives an individual total access to all of the credentials in your PBX as well as your MySQL databases so make certain the password you create with passwd-master is as secure as your root password. And change your SSH server keys!
To activate the IPtables firewall, shut down all running VMs. Log into your Proxmox server as root and issue the following two commands. NOTE: You must be using the PIAF15.04 or later OpenVZ template!
sed -i 's|ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length|ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp|' /etc/vz/vz.conf /etc/init.d/vz restart
WARNING: DO NOT RUN yum update on PBX in a Flash systems!! Instead run update-scripts and update-fixes periodically. These scripts provide a secure method of doing the same thing without damaging permissions and the system integrity of your PBX!
Using PBX in a Flash with Proxmox
One of the beauties of Proxmox is that it supports two different types of images to create virtual machines. An OpenVZ image is akin to a snapshot of an existing system while an ISO image is identical to the installer you normally would burn onto a CD in order to install a software application on your server. In short, you still have to go through the installation scenario when you create a virtual machine (KVM) from an ISO image. A virtual machine created from an OpenVZ image is ready for use 30 seconds after creation.
OpenVZ containers rely upon a shared kernel, the one that actually boots the Proxmox server. KVM containers created from ISO images are self-contained with their own complete operating system and kernel. With Asterisk, zaptel and dahdi cannot be loaded directly from an OpenVZ container because they are tied directly to the Linux kernel. Instead one must rely upon a shared version of zaptel or dahdi loaded on the Proxmox server itself. If you need conferencing or otherwise need a timing source for your Asterisk deployment, you will not want to use the OpenVZ approach at least for now. On the other hand, if you have more traditional VoIP requirements for your PBX, then the ease of installation and use of the OpenVZ image makes perfect sense. So let's start there assuming you understand the limitations.
Using a web browser, download the new PBX in a Flash OpenVZ image or ISO image to your Desktop. Once you have the image in hand, point your web browser to your Proxmox server: https://ipaddress. Accept the default certificate and login as root. At the Welcome screen, click on the Appliance Template option. In the Upload File section, choose the PIAF OpenVZ or ISO image on your Desktop and click Upload. Be patient. These are large files (500-700MB). You'll get an alert message when the upload completes successfully.
Creating an OpenVZ Virtual Machine
Now we're ready to create an OpenVZ virtual machine. Click on Virtual Machines and then the Create tab. Accept the default OpenVZ container type and give your virtual machine a host name that will help you distinguish it from other VMs on your Proxmox server. Create a secure root password for your new VM. We recommend a minimum memory and swap memory size of 512MB and a minimum disk size of 20GB. You can experiment with these to find the best fit on your server. It only takes about 30 seconds to create an OpenVZ virtual machine so trial-and-error isn't painful. In our testing a Dual Core AMD Opteron-based server with 8GB of RAM can support about 8 PBX in a Flash servers. YMMV!
You have a choice of Network Types. With Virtual Networks (venet), you need to designate a static IP for your virtual machine. With Bridged Ethernet (veth), an IP address is assigned by your DHCP server. Be aware that the PIAF status app currently won't display venet-assigned IP addresses, but ifconfig will. There are some other significant differences including network security that you may wish to review. To keep things simple, choose Bridged Ethernet if you want a dynamically assigned IP address. Otherwise, choose the Virtual Network option. Finally, provide a DNS domain for the new VM and assign at least one DNS server. The IP of your gateway router/firewall usually will suffice. Click create when you have filled in all the blanks. Your new virtual machine will be ready to run in less than a minute.
The procedure for creating an ISO-based VM is similar except that you will need to run through the installation procedure for the ISO by clicking the Open VNC Console option the first time you start up the virtual machine.
Getting Started with PBX in a Flash
Before you start the Virtual Machine, enable Quotas in the Options tab of the VM Configuration menu.
Now you're ready to start using your PBX in a Flash system. Start the virtual machine by choosing Virtual Machines, selecting the desired VM, and then clicking the Start button. Once the VM has started, it's a good practice to verify that everything is functioning properly by clicking on Open VNC Console. This is equivalent to logging into your server as root. The PBX in a Flash status display should greet you. If an IP address is not shown at the bottom of the window, run ifconfig several times until an IP address appears in the results. If you're using Bridged Ethernet and an IP doesn't display after the VM has been running for 20 seconds, you have a slow DHCP server. You can force an IP refresh by issuing the command: service network restart. Once an IP address is shown by running ifconfig, write down the IP address for your virtual machine. You'll need it to access the web interface to PBX in a Flash in a minute.
If you haven't yet run passwd-master, do that now! Use a very secure password because this is the one you will use to manage PBX in a Flash through the web interface. In addition, on 32-bit systems only, you need to generate unique SSH keys for your VM. These are automatically generated on 64-bit VMs. Here are the commands to execute from the console for 32-bit systems. Be sure to overwrite your existing SSH keys! DO NOT generate new SSH server keys on 64-bit systems, or you may disable SSH access!
passwd-master # Run next two commands only on 32-bit systems. If run on 64-bit systems, SSH gets disabled. ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N "Your Secret PassPhrase" ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N "Your Secret PassPhrase"
Now you're ready to run rasterisk to access the Asterisk CLI and make sure that Asterisk is functional. The CLI should respond by notifying you that version 1.4.21.2 of Asterisk is running. You can close the VNC window. We have found it's a good practice to enter the IP address of the VM in the Notes field in the Proxmox GUI for ease of future reference. Just click Save when you're finished.
NOTE: To decipher your IP address, don't rely on the status application just yet. It's being rewritten to better support Proxmox VMs. For now, use ifconfig.
Most of the management of PBX in a Flash and Asterisk can be accomplished using a web browser which is quite similar to the Proxmox design. To access the web GUI, point your browser to the IP address of your new PBX in a Flash virtual machine. The RSS Feed for the PBX in a Flash distribution displays in the left column of the GUI. This is the place to look for security alerts and other important notices regarding PBX in a Flash. Do it regularly! The actual management of your PBX is done using FreePBX, a web front-end for Asterisk. To access it, click on the Admin button and then click FreePBX Administration. You'll be prompted for a username and password. The username is maint. The password will be whatever you set when you ran passwd-master.
A number of books have been written on how to configure PBX in a Flash using FreePBX. We also have an award-winning knol to get you started on the right foot. You have two choices at this juncture. You can roll your own system to meet your needs, or you can use our Orgasmatron Installer which will build a default system for you with virtually every Asterisk bell and whistle on the planet. Whatever direction you choose, don't wing it! PBXs can be used to make disguised phone calls worldwide unless they are configured properly. And PBXs can generate enormous telephone bills. Remember, it's your phone bill. After doing some reading, come join the PBX in a Flash Forum. If you have a problem, someone usually will offer a solution within an hour or two. Enjoy!
Running the Orgasmatron Installer with OpenVZ Virtual Machines
NOTE: Asterisk ODBC connectivity is installed as part of the Orgasmatron. This requires a recompile of Asterisk. If you do not want ODBC connectivity, skip the source installation steps 1-4 below.
For 32-bit machines, to run the Orgasmatron Installer, start up your OpenVZ virtual machine for PBX in a Flash. Log into the server as root. Then type the following commands.
cd / wget http://pbxinaflash.net/source/OpenVZ/source.tgz # for 32-bit machines tar zxvf source.tgz # for 32-bit machines rm source.tgz # for 32-bit machines cd /root wget http://pbxinaflash.net/orgasmatron/orgasmatron-gv.x chmod +x orgasmatron-gv.x ./orgasmatron-gv.x
For 64-bit machines, to run the Orgasmatron Installer, start up your OpenVZ virtual machine for PBX in a Flash. Log into the server as root. Then type the following commands.
cd / wget http://pbxinaflash.net/source/OpenVZ/source-64.tgz # for 64-bit machines tar zxvf source-64.tgz # for 64-bit machines rm source-64.tgz # for 64-bit machines cd /root wget http://pbxinaflash.net/orgasmatron/orgasmatron-gv.x chmod +x orgasmatron-gv.x ./orgasmatron-gv.x
Answer the prompts and choose Flite for the text-to-speech engine for the two applications that offer the choice. When the install completes, run passwd-master from the console and choose your initial common password for FreePBX and other PIAF applications. Now use a web browser to access FreePBX using maint as the user and the password you just set. Do NOT apply any FreePBX updates yet. Click Admin, Tools, Backup & Restore, Restore from Backup, RightNow. Then click on the tar.gz file and choose Restore Entire Backup Set then OK. When the restore completes, click Apply Configuration Changes and Confirm. At this juncture, you may upgrade FreePBX (possibly more than once) if you wish by choosing Tools, Module Admin. Finally to add Google Voice to the PBX in a Flash, execute /root/configure-gv from the console. Be sure to read all four chapters of the Orgasmatron V for Google Voice tutorial on Nerd Vittles!
Integrating SugarCRM
From the console execute the following:
cd /var/www/html wget http://www.sugarforge.org/frs/download.php/5961/SugarCE-5.2.0j.zip unzip SugarCE-5.2.0j.zip #uncomment next line to cleanup # rm SugarCE-5.2.0j.zip mv SugarCE-Full-5.2.0j crm chown -R asterisk:asterisk crm # As of now, php-imap has already been installed # yum -y install php-imap sed -i '/memory_limit/s/16M/32M/g' /etc/php.ini sed -i '/upload_max_filesize/s/2M/10M/g' /etc/php.ini httpd -k restart
Now go to the browser mode Main Menu and choose Admin -> Menu Configuration and choose SugarCRM in addition to the ones already chosen, keep the Wrapper checkbox checked, click Update and restart the browser session. SugarCRM icon will now appear alongside the user choices from whence you can begin the web-installer wizard for the first time and subsequently access the installed application.
NOTE: During SugarCRM installation wizard, choose:
MySQL Host: localhost MySQL Admin User : root MySQL Admin Password : passw0rd
Choose to create a SugarCRM DB user and password (roll your own). Although your (LAN) IP may be the default in the MySQL Host field, please type in localhost.
Integrating Hylafax/Avantfax
Be aware that the latest install scripts for integration of Hylafax/Avantfax require a newer version of CUPS. The scripts are available in the PBX in a Flash forums. To get started, log into your OpenVZ container as root and issue the following commands:
yum remove cups yum install cups yum upgrade glibc wget http://www.fonicaprojects.com/downloads/piaf/piaf-hylafax.sh chmod +x piaf-hylafax.sh ./piaf-hylafax.sh
Apache config to allow Free Pbx and proxmox on the same hardware node
to achive this [1] setup, you need to mend /etc/apache2/sites-enabled/pve.conf
# diff /etc/apache2/sites-enabled/pve.conf /root/pve.conf 21,22d20 < #DocumentRoot /var/www < 27,33d24 < <Directory /var/www/html> < Options Indexes FollowSymLinks MultiViews < AllowOverride None < Order allow,deny < allow from all < </Directory> < Alias /freePbx /var/www/html 41d31 < ##Alias /pve /usr/share/pve-manager/root
Documentation and HowTo´s about PBX in a Flash
PIAF Home | Beta Downloads | Add-On Scripts | Forums | Documentation
