Professional Documents
Culture Documents
(321)E-GURU-4-U
&
iChoze Internet Solutions
Make sure you update the system first, then reboot if you installed
an updated kernel.
yum -y update
reboot
Setup MySQL
Here is a sample mysql configuration file you can use. Backup your
original, then use this instead.
service mysqld stop
cp /etc/my.cnf /etc/my.cnf.original
echo "" > /etc/my.cnf
nano /etc/my.cnf
[mysql.server]
user = mysql
#basedir = /var/lib
[client]
port = 3306
socket = /var/lib/mysql/mysql.sock
[mysqld]
datadir = /var/lib/mysql
#tmpdir = /home/mysql_tmp
socket = /var/lib/mysql/mysql.sock
user = mysql
old_passwords = 0
ft_min_word_len = 3
max_connections = 800
max_allowed_packet = 32M
skip-external-locking
log-error = /var/log/mysqld/mysqld.log
query-cache-type = 1
query-cache-size = 32M
long_query_time = 1
#slow_query_log = 1
#slow_query_log_file = /var/log/mysqld/slow-queries.log
tmp_table_size = 128M
table_cache = 1024
join_buffer_size = 1M
key_buffer = 512M
sort_buffer_size = 6M
read_buffer_size = 4M
read_rnd_buffer_size = 16M
myisam_sort_buffer_size = 64M
max_tmp_tables = 64
thread_cache_size = 8
thread_concurrency = 8
# If using replication, uncomment log-bin below
#log-bin = mysql-bin
[mysqldump]
quick
max_allowed_packet = 16M
[mysql]
no-auto-rehash
[isamchk]
key_buffer = 256M
sort_buffer_size = 256M
read_buffer = 2M
write_buffer = 2M
[myisamchk]
key_buffer = 256M
sort_buffer_size = 256M
read_buffer = 2M
write_buffer = 2M
[mysqlhotcopy]
interactive-timeout
[mysqld_safe]
#log-error = /var/log/mysqld/mysqld.log
#pid-file = /var/run/mysqld/mysqld.pid
mkdir /var/log/mysqld
mv /var/log/mysqld.log /var/log/mysqld/mysqld.log
touch /var/log/mysqld/slow-queries.log
chown -R mysql:mysql /var/log/mysqld
service mysqld restart
Changes take effect immediately after you run the rdate command.
Note: It's very important to set the correct time zone of
your Operating System (shown above) and in the vicidial admin
area (Admin->Phones, Admin->Servers, Admin->System Settings)
and also in your php.ini file. They must all be the same time zone
or offset equivalent. Don't forget about this when configuring
vicidial after using this guide.
install CPAN
reload cpan
install YAML
install MD5
install Digest::MD5
install Digest::SHA1
install readline
install Bundle::CPAN
reload cpan
install DBI
force install DBD::mysql
install Net::Telnet
install Time::HiRes
install Net::Server
install Switch
install Mail::Sendmail
install Unicode::Map
install Jcode
install Spreadsheet::WriteExcel
install OLE::Storage_Lite
install Proc::ProcessTable
install IO::Scalar
install Spreadsheet::ParseExcel
install Curses
install Getopt::Long
install Net::Domain
install Term::ReadKey
install Term::ANSIColor
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
cpan>
install
install
install
install
install
install
install
install
install
install
install
install
install
install
install
install
quit
Spreadsheet::XLSX
Spreadsheet::Read
LWP::UserAgent
HTML::Entities
HTML::Strip
HTML::FormatText
HTML::TreeBuilder
Time::Local
MIME::Decoder
Mail::POP3Client
Mail::IMAPClient
Mail::Message
IO::Socket::SSL
MIME::Base64
MIME::QuotedPrint
Crypt::Eksblowfish::Bcrypt
In the end, I usually run all these commands once again to make
sure its all installed.
lame
ttyload
iftop
mtop
mytop
htop
sipsak
ploticus
LAME:
LAME is an MP3 encoder used to convert audio files from WAV to
MP3. Some prefer GSM usually, but others have standardized on
MP3 so you would need this utility to be loaded to use that option.
cd /usr/src
wget http://downloads.sourceforge.net/project/lame/lame/3.99/lame-3.99.5.tar.gz
tar -zxf lame-3.99.5.tar.gz
cd lame-3.99.5
./configure
make
make install
SOX:
SoX is a cross-platform command line utility that can convert
various formats of computer audio files in to other formats.
cd /usr/src
wget http://downloads.sourceforge.net/project/sox/sox/14.4.1/sox-14.4.1.tar.gz
tar -zxf sox-14.4.1.tar.gz
cd sox-14.4.1
./configure
make -s
make install
TTYLOAD:
ttyload is a simple terminal application that shows the processor
load in a graphical time-based scrolling graph. I use it to view how
loaded the system is and it visualizes load spikes very well.
cd /usr/src
wget http://www.daveltd.com/src/util/ttyload/ttyload-0.5.3.tar.bz2
tar -xvjpf ttyload-0.5.3.tar.bz2
cd ttyload-0.5.3
nano ttyload.h
insert this #include directive just above the #define directives, then save and
close the ttyload.h file
#include <time.h>
make
ln -s /usr/src/ttyload-0.5.3/ttyload /usr/bin/ttyload
IFTOP:
iftop is a good console bandwidth visualization tool that shows you
active connections, where they are going to/from and how much of
your precious bandwidth they are using.
cd /usr/src
wget http://www.ex-parrot.com/~pdw/iftop/download/iftop-0.17.tar.gz
tar -zxf iftop-0.17.tar.gz
cd iftop-0.17
./configure
make
make install
MTOP:
mtop is a great utility for real-time monitoring of mysql and the
queries that are running in it.
Note: the root mysql password must be blank before installing this
mysql -u root -p
MYTOP:
mytop is is an optional utility for monitoring the threads and overall
performance of mysql
Note: the root mysql password must be blank before installing this
mysql -u root -p
HTOP:
htop is an interactive process viewer for Linux
cd /usr/src
wget http://downloads.sourceforge.net/project/htop/htop/1.0.2/htop-1.0.2.tar.gz
tar -zxf htop-1.0.2.tar.gz
cd htop-1.0.2
./configure
make
make install
SIPSAK:
sipsak is an optional utility that VICIDIAL can use to send messages
to an agent's SIP-based phone(like the Snom 320) to display text
on their LCD screen.
cd /usr/src
wget http://download.berlios.de/sipsak/sipsak-0.9.6-1.tar.gz
tar -zxf sipsak-0.9.6-1.tar.gz
cd sipsak-0.9.6
./configure
make
make install
/usr/local/bin/sipsak --version
PLOTICUS:
ploticus is a free graph creation package that allows you to create
line graphs within PNG files simply by creating a config file and a
data file. ViciDial uses this package to generate server performance
graphs that can be displayed real-time within the ViciDial reports
page.
cd /usr/src
wget
http://downloads.sourceforge.net/project/ploticus/ploticus/2.42/ploticus242_src.tar.gz
tar -zxf ploticus242_src.tar.gz
cd ploticus242/src/
make clean
make
make install
mkdir -p /var/www/html/vicidial/ploticus/
cp pl /var/www/html/vicidial/ploticus/
cd /usr/src
wget
http://downloads.sourceforge.net/project/eaccelerator/eaccelerator/eAccelerator%200.9.
6.1/eaccelerator-0.9.6.1.zip
unzip eaccelerator-0.9.6.1.zip
cd eaccelerator-0.9.6.1
export PHP_PREFIX="/usr"
$PHP_PREFIX/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=$PHP_PREFIX/bin/php-config
make
make install
Configure php.ini
nano /etc/php.ini
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
mkdir /tmp/eaccelerator
chmod 0777 /tmp/eaccelerator
php -v
nano /etc/httpd/conf/httpd.conf
to this:
CustomLog /dev/null common
</Directory>
Installing Asterisk
Any time you upgrade the Linux kernel you must recompile/install
dahdi for the new kernel.
Asterisk must be compiled with dahdi support.
Note: The install MUST be done in the following order:
Minor note: dahdi-linux-complete-current.tar.gz and libpri-1.4current.tar.gz may contain an updated version than what I am
currently using, therefore the directory names may be different than
shown below.
mkdir /usr/src/asterisk
cd /usr/src/asterisk
wget http://downloads.vicidial.com/required-apps/asterisk-1.8.23.0-vici.tar.gz
wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linuxcomplete-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-1.4-current.tar.gz
tar -zxf asterisk-1.8.23.0-vici.tar.gz
tar -zxf dahdi-linux-complete-current.tar.gz
tar -zxf libpri-1.4-current.tar.gz
cd ../dahdi-linux-complete-2.8.0.1+2.8.0
make clean
make
make install
make config
cd tools
make clean
make
make install
make config
cd ../../libpri-1.4.14
make clean
make
make install
cd ../asterisk-1.8.23.0
./configure
make clean
make
make install
make samples
cp /usr/src/asterisk/asterisk-1.8.23.0/contrib/init.d/rc.redhat.asterisk
/etc/init.d/asterisk
chkconfig asterisk on
cd /usr/src
wget http://downloads.digium.com/pub/telephony/sounds/asterisk-core-sounds-en-ulawcurrent.tar.gz
wget http://downloads.digium.com/pub/telephony/sounds/asterisk-core-sounds-en-wavcurrent.tar.gz
wget http://downloads.digium.com/pub/telephony/sounds/asterisk-core-sounds-en-gsmcurrent.tar.gz
wget http://downloads.digium.com/pub/telephony/sounds/asterisk-extra-sounds-en-ulawcurrent.tar.gz
wget http://downloads.digium.com/pub/telephony/sounds/asterisk-extra-sounds-en-wavcurrent.tar.gz
wget http://downloads.digium.com/pub/telephony/sounds/asterisk-extra-sounds-en-gsmcurrent.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-moh-opsound-gsmcurrent.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-moh-opsound-ulawcurrent.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-moh-opsound-wavcurrent.tar.gz
/var/lib/asterisk/moh
-f CHANGES*
-f LICENSE*
-f CREDITS*
cd /var/lib/asterisk/sounds
rm -f CHANGES*
rm -f LICENSE*
rm -f CREDITS*
cd /var/lib/asterisk/quiet-mp3
sox ../mohmp3/macroform-cold_day.wav macroform-cold_day.wav vol 0.25
sox ../mohmp3/macroform-cold_day.gsm macroform-cold_day.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/macroform-cold_day.ulaw -t ul macroform-cold_day.ulaw
vol 0.25
sox ../mohmp3/macroform-robot_dity.wav macroform-robot_dity.wav vol 0.25
sox ../mohmp3/macroform-robot_dity.gsm macroform-robot_dity.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/macroform-robot_dity.ulaw -t ul macroformrobot_dity.ulaw vol 0.25
sox ../mohmp3/macroform-the_simplicity.wav macroform-the_simplicity.wav vol 0.25
sox ../mohmp3/macroform-the_simplicity.gsm macroform-the_simplicity.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/macroform-the_simplicity.ulaw -t ul macroformthe_simplicity.ulaw vol 0.25
sox ../mohmp3/reno_project-system.wav reno_project-system.wav vol 0.25
sox ../mohmp3/reno_project-system.gsm reno_project-system.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/reno_project-system.ulaw -t ul reno_projectsystem.ulaw vol 0.25
sox ../mohmp3/manolo_camp-morning_coffee.wav manolo_camp-morning_coffee.wav vol 0.25
sox ../mohmp3/manolo_camp-morning_coffee.gsm manolo_camp-morning_coffee.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/manolo_camp-morning_coffee.ulaw -t ul manolo_campmorning_coffee.ulaw vol 0.25
Installing Proftpd
Install the FTP server from source
cd /usr/src
wget --passive-ftp ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.4d.tar.gz
tar -zxf proftpd-1.3.4d.tar.gz
cd proftpd-1.3.4d
./configure --prefix=/usr --sysconfdir=/etc
make
make install
ln -s /usr/local/sbin/proftpd /usr/sbin/proftpd
start)
echo -n "Starting proftpd: "
$DAEMONIZE proftpd -p 0
echo $RESULT
touch /var/lock/subsys/proftpd
;;
stop)
echo -n "Stopping proftpd: "
killproc proftpd
echo $RESULT
rm -f /var/lock/subsys/proftpd
;;
status)
status proftpd
;;
restart)
$0 stop
$0 start
;;
*)
echo "Usage: proftpd {start|stop|status|restart}"
exit 1
esac
exit 0
Generate SSL certificate and key so you can transfer files securely
to/from your server using SSL.
openssl version -a
openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/ftpd-rsa-key.pem -out
/etc/ftpd-rsa.pem
Backup the proftpd.conf file, delete all the contents, then edit it.
cp /etc/proftpd.conf /etc/proftpd.conf.original
echo "" > /etc/proftpd.conf
nano /etc/proftpd.conf
ServerName
ServerType
DefaultServer
"MyBusiness Dialer"
standalone
on
<IfModule mod_tls.c>
TLSEngine on
TLSProtocol SSLv23
TLSRequired off
TLSRSACertificateFile /etc/ftpd-rsa.pem
TLSRSACertificateKeyFile /etc/ftpd-rsa-key.pem
TLSVerifyClient off
TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
TLSOptions NoSessionReuseRequired
</IfModule>
TransferLog /var/log/proftpd/ftpxferlog
ExtendedLog /var/log/proftpd/proftpd.log read,write
UseReverseDNS off
IdentLookups off
# Port 21 is the standard FTP port.
Port
21
# Don't use IPv6 support by default.
UseIPv6
off
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask
022
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances
30
# Set the user and group under which the server will run.
User
nobody
Group
proftpd
# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~
# Normally, we want files to be overwriteable.
AllowOverwrite
on
DefaultRoot /var/www/html
<Limit LOGIN>
Order Allow,Deny
Allow xxx.xxx.xxx.xxx
Deny from all
</Limit>
<Limit LIST NLST STOR STOU APPE RETR RNFR RNTO DELE MKD XMKD SITE_MKDIR
RMD XRMD SITE_RMDIR SITE_CHMOD PWD XPWD SIZE STAT CWD XCWD CDUP XCUP >
AllowAll
</Limit>
<Limit SITE SITE_CHMOD SITE_CHGRP MTDM >
DenyAll
</Limit>
Now you can connect to your server via FTP with or without SSL.
Vicidial by default will not use SSL. This configuration gives the
opportunity to use it either way. Use Filezilla to test this and see
what it does.
First, login to mysql to create the database, add a couple users and
assign privileges.
NOTE: MY_DATABASE_USER and MY_DATABASE_PASSWORD will
be used for login with phpMyAdmin
mysql -u root -p
mkdir /usr/src/astguiclient
cd /usr/src/astguiclient
svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk
cd trunk
perl install.pl
You will have to define various things like IP address of the server
and FTP username/password.
It will also ask you where is the web root, use /var/www/html
Leave the other login settings as-is unless you already know how to
update the database and other asterisk config files.
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
defined
server_ip:
xxx.xxx.xxx.xxx
DB_server:
localhost
DB_database:
asterisk
DB_user:
cron
DB_pass:
1234
DB_custom_user:
custom
DB_custom_pass:
custom1234
DB_port:
3306
active_keepalives:
1234568
asterisk_version:
1.8
copying conf files:
y
copying weblang files: n
FTP_host:
xxx.xxx.xxx.xxx
FTP_user:
MY_FTP_USERNAME
FTP_pass:
MY_FTP_PASSWORD
FTP_port:
21
FTP_dir:
RECORDINGS
HTTP_path:
http://xxx.xxx.xxx.xxx
REPORT_host:
xxx.xxx.xxx.xxx
REPORT_user:
MY_FTP_USERNAME
REPORT_pass:
MY_FTP_PASSWORD
REPORT_port:
21
REPORT_dir:
REPORTS
Final Adjustments
Make several entries in the rc.local of your system.
nano /etc/rc.d/rc.local
externip = xxx.xxx.xxx.xxx
localnet=xxx.xxx.xxx.xxx/xxx.xxx.xxx.xxx
Run this perl script to update the server_ip fields in the asterisk
tables (copy the command as-is)
/usr/share/astguiclient/ADMIN_update_server_ip.pl --old-server_ip=10.10.10.15
;
; Music on Hold -- Sample Configuration
;
[default]
mode=files
directory=/var/lib/asterisk/mohmp3
[quiet]
mode=files
directory=/var/lib/asterisk/quiet-mp3
#include musiconhold-vicidial.conf
Diagnostics
After reboot, check your logs for any errors, make sure asterisk is
up and running.
Be proactive and look for problems before you start
configuring vicidial.
Run these commands to view log files:
tail -f -n 50 /var/log/asterisk/messages
tail -f -n 50 /var/log/messages
more /var/log/dmesg
tail -f -n 40 /etc/httpd/logs/error_log
tail -f -n 40 /var/log/maillog
tail -f -n 40 /var/log/cron
Run this command:
screen -ls
-A PREROUTING -i lo -j NOTRACK
-A OUTPUT -o lo -j NOTRACK
COMMIT
# Completed on Sat Dec 21 21:31:39 2013
# Generated by iptables-save v1.4.7 on Sat Dec 21 21:31:39 2013
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:forward_ext - [0:0]
:forward_int - [0:0]
:input_ext - [0:0]
:input_int - [0:0]
:reject_func - [0:0]
-A INPUT -s xxx.xxx.xxx.xxx -j ACCEPT
-A INPUT -s xxx.xxx.xxx.xxx -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -p icmp -m state --state RELATED -j ACCEPT
-A INPUT -i eth0 -j input_int
-A INPUT -i eth1 -j input_ext
-A INPUT -j input_ext
-A INPUT -m limit --limit 3/min -j LOG --log-prefix "SFW2-IN-ILL-TARGET " -log-tcp-options --log-ip-options
-A INPUT -j DROP
-A FORWARD -m limit --limit 3/min -j LOG --log-prefix "SFW2-FWD-ILL-ROUTING "
--log-tcp-options --log-ip-options
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -m limit --limit 3/min -j LOG --log-prefix "SFW2-OUT-ERROR " --logtcp-options --log-ip-options
-A input_ext -m pkttype --pkt-type broadcast -j DROP
-A input_ext -m recent --rcheck --name GOOD --rsource -j ACCEPT
-A input_ext -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A input_ext -p tcp -m tcp --dport 113 -m state --state NEW -j reject_func
-A input_ext -m pkttype --pkt-type multicast -j DROP
-A input_ext -m pkttype --pkt-type broadcast -j DROP
-A input_ext -p tcp -m limit --limit 3/min -m tcp --tcp-flags FIN,SYN,RST,ACK
SYN -j LOG --log-prefix "SFW2-INext-DROP-DEFLT " --log-tcp-options --log-ipoptions
-A input_ext -p icmp -m limit --limit 3/min -j LOG --log-prefix "SFW2-INextDROP-DEFLT " --log-tcp-options --log-ip-options
-A input_ext -p udp -m limit --limit 3/min -m state --state NEW -j LOG --logprefix "SFW2-INext-DROP-DEFLT " --log-tcp-options --log-ip-options
-A input_ext -j DROP
-A input_ext -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A input_ext -p tcp -m tcp --dport 113 -m state --state NEW -j reject_func
-A input_int -j ACCEPT
-A reject_func -p tcp -j REJECT --reject-with tcp-reset
-A reject_func -p udp -j REJECT --reject-with icmp-port-unreachable
-A reject_func -j REJECT --reject-with icmp-proto-unreachable
COMMIT
# Completed on Sat Dec 21 21:31:39 2013
Upgrading
First, you will do a full backup, then you will upgrade your local copy
of astguiclient via SVN and install it.
Make sure to read the UPGRADE doc for any new instructions.
/usr/share/astguiclient/ADMIN_backup.pl --debugX
cd /usr/src/astguiclient/trunk
svn up
perl install.pl
nano UPGRADE