#!/bin/sh
#
# Installation can take up a long time (e.g. downloading large high quality sound files) depending on your internet speed.
# Set default php-scl version to version as set in the above variables
#
# Install php-scl first
#yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
#yum -y install http://mirror.de-labrusse.fr/NethServer/7/x86_64/nethserver-stephdl-1.0.7-1.ns7.sdl.noarch.rpm
#yum -y install nethserver-php-scl --enablerepo=stephdl
#yum -y install php71-php-odbc php71-php-opcache php71-php-xmlrpc --enablerepo=remi-safe
#config setprop httpd PhpVersion php71
#signal-event nethserver-php-update
#
# then run this script "scl enable php71 'bash install.sh'
# Variables
autoyum=-"y" # -"y -q" for quiet mode
php_version=71 # PHP SCL version, must be >=7.x.
pg_version=9.4
database_host=127.0.0.1 # Fixed setting
database_port=5432 # Fixed setting
database_username=fusionpbx # FusionPBX PostgreSQL username
database_password=$(dd if=/dev/urandom bs=1 count=20 2>/dev/null | base64 | sed 's/[=\+//]//g')
fusionpbx_path=/var/www/html/fusionpbx
fusionpbx_branch=4.4 # Master or specific version e.g. 4.4
# Database names fusionpbx and freeswitch are hardcoded
# Save essentials under db key FusionPbx properties as backup
config set fusionpbx status PgsqlDbPassword $database_password PgsqlDbUser $database_username
# Install required repo's
yum $autoyum install https://forensics.cert.org/cert-forensics-tools-release-el7.rpm
yum $autoyum install http://repo.okay.com.mx/centos/7/x86_64/release/okay-release-1-1.noarch.rpm
yum $autoyum install https://download.postgresql.org/pub/repos/yum/9.4/redhat/rhel-7-x86_64/pgdg-centos94-9.4-3.noarch.rpm
yum-config-manager --disable okay,forensics
# Install various required tools
yum $autoyum install ntp yum-utils htop sngrep libtiff-devel libtiff-tools at memcached gdb git haveged
yum $autoyum install lame --enablerepo=forensics
yum $autoyum install ffmpeg ghostscript ilbc2 sox freeswitch-application-av --enablerepo=okay,epel,remi-safe
systemctl enable memcached
systemctl enable haveged
systemctl start memcached
# Install FusionPBX from github
mkdir -p /var/cache/fusionpbx
git clone --branch $fusionpbx_branch https://github.com/fusionpbx/fusionpbx.git $fusionpbx_path
chown -R apache:apache $fusionpbx_path
# Install PostgreSQL
yum $autoyum install luapgsql postgresql94-contrib
/usr/pgsql-9.4/bin/postgresql94-setup initdb
sed -i 's/\(host *all *all *127.0.0.1\/32 *\)ident/\1trust/' /var/lib/pgsql/9.4/data/pg_hba.conf
sed -i 's/\(host *all *all *::1\/128 *\)ident/\1trust/' /var/lib/pgsql/9.4/data/pg_hba.conf
sed -i /var/lib/pgsql/9.4/data/postgresql.conf -e s:"#port = 5432:port = 5432:"
# Set environment variables
export PATH=$PATH:/usr/pgsql-9.4/bin/
export LD_LIBRARY_PATH=/usr/pgsql-9.4/lib/
export PGHOST=localhost
#Add user postgres to the www group
usermod -a -G apache postgres
systemctl daemon-reload
systemctl restart postgresql-9.4
# move to /tmp to prevent a red herring error when running sudo with psql
cd /tmp
sudo -u postgres psql -c "CREATE DATABASE fusionpbx";
sudo -u postgres psql -c "CREATE DATABASE freeswitch";
sudo -u postgres psql -c "CREATE ROLE fusionpbx WITH SUPERUSER LOGIN PASSWORD '$database_password';"
sudo -u postgres psql -c "CREATE ROLE freeswitch WITH SUPERUSER LOGIN PASSWORD '$database_password';"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE fusionpbx to fusionpbx;"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE freeswitch to fusionpbx;"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE freeswitch to freeswitch;"
# Install Freeswitch
yum $autoyum install *1.8.5-2* freeswitch-sounds-en-us-callie* freeswitch-sounds-music* --enablerepo=okay,epel,remi-safe
#remove the music package to protect music on hold from package updates
mkdir -p /usr/share/freeswitch/sounds/temp
mv /usr/share/freeswitch/sounds/music/default/*000 /usr/share/freeswitch/sounds/temp
yum -y remove freeswitch-sounds-music
mkdir -p /usr/share/freeswitch/sounds/music/default
mv /usr/share/freeswitch/sounds/temp/* /usr/share/freeswitch/sounds/music/default
rm -R /usr/share/freeswitch/sounds/temp
config set fw_freeswitch service
config setprop fw_freeswitch status enabled
config setprop fw_freeswitch access "red,green"
config setprop fw_freeswitch UDPPorts "5060:5061,5080:5081,8081,8082,16384:32768"
config setprop fw_freeswitch TCPPorts "5060:5061,5080:5081,8081,8082"
signal-event firewall-adjust
#systemctl enable freeswitch
# Pre config fusionPBX integration with FreeSWITCH and start (required) FreeSWITCH
mkdir -p /var/cache/fusionpbx
chown -R freeswitch:daemon /var/cache/fusionpbx
mkdir -p /etc/fusionpbx
mv /etc/freeswitch /etc/freeswitch.orig
mkdir /etc/freeswitch
cp -R $fusionpbx_path/resources/templates/conf/* /etc/freeswitch
systemctl start freeswitch
# Setting permissions. Apache *requires* access
chown -R apache:apache /etc/freeswitch /etc/fusionpbx /var/lib/freeswitch /usr/share/freeswitch /var/log/freeswitch /var/run/freeswitch
## Populate database ##
export PGPASSWORD=$database_password
export PGUSERNAME=$database_username
# Update the database password
sudo -u postgres psql --host=$database_host --port=$database_port --username=$database_username -c "ALTER USER fusionpbx WITH PASSWORD '$database_password';"
sudo -u postgres psql --host=$database_host --port=$database_port --username=$database_username -c "ALTER USER freeswitch WITH PASSWORD '$database_password';"
# Add the config.php
cat <<HERE1 > /etc/fusionpbx/config.php
<?php
\$db_type = 'pgsql'; //sqlite, mysql, pgsql, others with a manually created PDO connection
\$db_host = 'localhost'; //set the host only if the database is not local
\$db_port = '5432';
\$db_name = 'fusionpbx';
\$db_username = '$database_username';
\$db_password = '$database_password';
ini_set('display_errors', '1');
error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING ); //hide notices and warnings
?>
HERE1
chown -R apache:apache /etc/fusionpbx
# Add the database schema
echo "Populating FusionPBX database"
cd $fusionpbx_path && php $fusionpbx_path/core/upgrade/upgrade_schema.php > /dev/null 2>&1
# Get the server FQDN which is used for the default FusionPBX domain and initial admin login
domain_name=$(hostname -f)
# Get a domain_uuid
domain_uuid=$(php $fusionpbx_path/resources/uuid.php);
# Add the domain name
echo "Setting FusionPBX domain name"
sudo -u postgres psql --host=$database_host --port=$database_port --username=$database_username -c "insert into v_domains (domain_uuid, domain_name, domain_enabled) values('$domain_uuid', '$domain_name', 'true');"
# App defaults and set permissions, default settings are initialized
cd $fusionpbx_path && php $fusionpbx_path/core/upgrade/upgrade_domains.php
rm -f /etc/fusionpbx/config.lua
# Add the admin user
user_uuid=$(php $fusionpbx_path/resources/uuid.php);
user_salt=$(php $fusionpbx_path/resources/uuid.php);
user_name=admin
user_password=$(dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 | sed 's/[=\+//]//g');
password_hash=$(php -r "echo md5('$user_salt$user_password');");
sudo -u postgres psql --host=$database_host --port=$database_port --username=$database_username -t -c "insert into v_users (user_uuid, domain_uuid, username, password, salt, user_enabled) values('$user_uuid', '$domain_uuid', '$user_name', '$password_hash', '$user_salt', 'true');"
# Save essentials under db key FusionPbx properties as backup
config setprop fusionpbx FusionPbxUser $user_name FusionPbxPassword $user_password DomainName $domain_name
# Get the superadmin group_uuid
group_uuid=$(sudo -u postgres psql --host=$database_host --port=$database_port --username=$database_username -t -c "select group_uuid from v_groups where group_name = 'superadmin';");
group_uuid=$(echo $group_uuid | sed 's/^[[:blank:]]*//;s/[[:blank:]]*$//')
# Add the user to the group
group_user_uuid=$(php $fusionpbx_path/resources/uuid.php);
group_name=superadmin
sudo -u postgres psql --host=$database_host --port=$database_port --username=$database_username -c "insert into v_group_users (group_user_uuid, domain_uuid, group_name, group_uuid, user_uuid) values('$group_user_uuid', '$domain_uuid', '$group_name', '$group_uuid', '$user_uuid');"
# Update xml_cdr url, user and password
xml_cdr_username=$(dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 | sed 's/[=\+//]//g')
xml_cdr_password=$(dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 | sed 's/[=\+//]//g')
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_http_protocol}:https:"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{domain_name}:$domain_name:"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_project_path}::"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_user}:$xml_cdr_username:"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_pass}:$xml_cdr_password:"
# Save essentials under db key FusionPbx properties as backup
config setprop fusionpbx CdrUsername $xml_cdr_username CdrPassword $xml_cdr_password
# App defaults (in the GUI it is in Advanced -> upgrade) Default settings are updated
rm -f /etc/fusionpbx/config.lua
cd $fusionpbx_path && php $fusionpbx_path/core/upgrade/upgrade_domains.php
# Set directory permissions to 770 (u=rwx,g=rwx,o='')
find /etc/freeswitch -type d -exec chmod 775 {} \;
find /var/lib/freeswitch -type d -exec chmod 775 {} \;
find /var/log/freeswitch -type d -exec chmod 770 {} \;
find /usr/share/freeswitch -type d -exec chmod 770 {} \;
find $fusionpbx_path -type d -exec chmod 770 {} \;
# Set file permissions to 664 (u=rw,g=rw,o=r)
find /etc/freeswitch -type f -exec chmod 664 {} \;
find /var/lib/freeswitch -type f -exec chmod 664 {} \;
find /var/log/freeswitch -type f -exec chmod 664 {} \;
find /usr/share/freeswitch -type f -exec chmod 664 {} \;
find $fusionpbx_path -type f -exec chmod 664 {} \;
# Set system services and restart
systemctl enable postgresql-9.4
systemctl restart postgresql-9.4
systemctl restart freeswitch
# Message
echo ""
echo " Installation has completed."
echo ""
echo " Use a web browser to login to your PBX at:"
echo " domain name: https://$domain_name/fusionpbx"
echo " username: $user_name@$domain_name"
echo " password: $user_password"
echo ""
echo " config show fusionpbx has all credentials"
