-
Notifications
You must be signed in to change notification settings - Fork 0
/
opensuse15_3-vicibox-bootstrap.sh
205 lines (185 loc) · 9.11 KB
/
opensuse15_3-vicibox-bootstrap.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
#!/bin/bash
### Global node configuration, applicable to any server role
# Export a usable path so things work right
PATH="/sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/bin"
export PATH
cd /tmp # Go somewhere safe
# If we are in debug, then give useful wget and CLI output, otherwise be quiet about it
WGET="wget -nv"
ZYPPER='zypper'
if [ "${0}" == "debug" ]; then
WGET="wget"
ZYPPER='zypper'
fi
# Simple check for directory, make if doesn't exist subversion
function checkdir {
if [ ! -d $1 ]; then
echo -n " Creating dir $1..."
mkdir -p $1
echo "done."
fi
}
# Checks to see if the file exists in the current directory unless directory is supplied, and then downloads it
function checkget {
# Check to see if we are supplied a target directory, otherwise assume current directory
if [ -z "$2" ]; then
LOCALDIR="$PWD"
else
LOCALDIR="$2"
fi
# Make sure directory exists
checkdir "$LOCALDIR"
cd $LOCALDIR
# And now check for our file and download if it's not there
FILE="${1##*/}"
if [ ! -f $FILE ]; then
echo -n " Downloading $1..."
$WGET $1 -O $PWD/$FILE
echo "done."
fi
# If we were provided a file mask, apply it
if [ ! -z "$3" ]; then
chmod $3 $PWD/$FILE
fi
}
# Sometimes the CD gets left in as a repo, so check and remove it
CDTEST=`zypper lr --url | grep cd: | awk '{split($0,a,"|"); print a[1]}'`
if [ ! -z "$CDTEST" ]; then
echo "Removing CD-Rom repository"
$ZYPPER rr $CDTEST
fi
# Add repositories
$ZYPPER ar https://download.opensuse.org/repositories/home:/vicidial/openSUSE_Leap_15.3/home:vicidial.repo
$ZYPPER ar https://download.opensuse.org/repositories/home:/vicidial:/asterisk-13/openSUSE_Leap_15.3/home:vicidial:asterisk-13.repo
$ZYPPER ar https://download.opensuse.org/repositories/home:/vicidial:/vicibox/openSUSE_Leap_15.3/home:vicidial:vicibox.repo
$ZYPPER ar https://download.opensuse.org/repositories/devel:/languages:/perl/openSUSE_Leap_15.3/devel:languages:perl.repo
$ZYPPER --gpg-auto-import-keys refresh
$ZYPPER --non-interactive in -t pattern lamp_server
$ZYPPER --non-interactive in home_vicidial:libjansson4
$ZYPPER --non-interactive in adaptec-firmware aggregate apache2-mod_cband asterisk-dahdi bmon ddclient dhcp-client digitemp extundelete fonts-config git gnu_ddrescue htop iftop iotop iprelay iptraf-ng lame lshw lvm2 memtest86+ mlocate mpt-firmware mtop mtr mydumper mytop ncftp net-tools-deprecated ngrep-sip nmap numad ntp openr2 OpenIPMI patch pcapsipdump perl-MIME-Lite perl-Net-SFTP-Foreign perl-MySQL-Diff perl-Term-ANSIColor phpMyAdmin php7-opcache pico ploticus python-eyeD3 recode sensord sensors sipp shim sngrep sshfs stress-ng sysstat tcpdump telnet vicibox-dynportal vicibox-firewall vicibox-install vicibox-ssl voicesync-kmp-default vsftpd zip
$ZYPPER --non-interactive up
# Create directories
checkdir /usr/src/astguiclient
checkdir /usr/src/tars
checkdir /srv/mysql/data
# Load SVN
cd /usr/src/astguiclient
svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk
# Populdate locate database since we're in a somewhat sane state
updatedb
# Configure asterisk stuff
checkdir /usr/share/asterisk/sounds
checkdir /usr/share/asterisk/moh
checkdir /var/lib/asterisk
checkdir /usr/share/asterisk/agi-bin
checkdir /etc/asterisk/keys
checkdir /var/spool/asterisk/monitorDONE
chown -R wwwrun /var/spool/asterisk/monitorDONE
ln -s /usr/share/asterisk/agi-bin/ /var/lib/asterisk/agi-bin
ln -s /usr/share/asterisk/sounds/ /var/lib/asterisk/sounds
ln -s /usr/share/asterisk/moh/ /var/lib/asterisk/moh
ln -s /usr/share/asterisk/moh/ /var/lib/asterisk/mohmp3
ln -s /usr/share/asterisk/images /var/lib/asterisk/images
ln -s /usr/share/asterisk/firmware /var/lib/asterisk/firmware
ln -s /usr/share/asterisk/static-http/ /var/lib/asterisk/static-http
sed -i 's+/usr/share/asterisk+/var/lib/asterisk+g' /etc/asterisk/asterisk.conf
sed -i 's/;timestamp/timestamp/' /etc/asterisk/asterisk.conf
sed -i 's/;execincludes = yes/execincludes = no/' /etc/asterisk/asterisk.conf
sed -i 's/;verbose = 3/verbose = 21/' /etc/asterisk/asterisk.conf
sed -i 's/;live_dangerously/live_dangerously/' /etc/asterisk/asterisk.conf
sed -i 's/;enabled=yes/enabled=yes/g' /etc/asterisk/http.conf
sed -i 's/bindaddr=127.0.0.1/bindaddr=0.0.0.0/g' /etc/asterisk/http.conf
sed -i 's/;bindport=8088/bindport=8088/g' /etc/asterisk/http.conf
sed -i 's/;tlsenable=yes/tlsenable=yes/g' /etc/asterisk/http.conf
sed -i 's/;tlsbindaddr=0.0.0.0:8089/tlsbindaddr=0.0.0.0:8089/g' /etc/asterisk/http.conf
sed -i 's+;tlscertfile=</path/to/certificate.pem>+tlscertfile=/etc/apache2/ssl.crt/vicibox.crt+g' /etc/asterisk/http.conf
sed -i 's+;tlsprivatekey=</path/to/private.pem>+tlsprivatekey=/etc/apache2/ssl.key/vicibox.key+g' /etc/asterisk/http.conf
codec-install
modprobe dahdi
/usr/sbin/dahdi_genconf
# Make an entry for ramdrive if it's not already there
if ! [[ `cat /etc/fstab | grep monitor` ]]; then
/bin/echo "tmpfs /var/spool/asterisk/monitor tmpfs rw,size=6G 0 0" >> /etc/fstab
fi
# Take care of sounds for Asterisk
cd /usr/src/tars
checkget https://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-wav-current.tar.gz /usr/src/tars/
checkget https://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-wav-current.tar.gz /usr/src/tars
checkget https://downloads.asterisk.org/pub/telephony/sounds/asterisk-moh-opsound-wav-current.tar.gz /usr/src/tars/
cd /usr/share/asterisk/sounds
rm -rf *
/bin/tar -xf /usr/src/tars/asterisk-core-sounds-en-wav-current.tar.gz
/bin/tar -xf /usr/src/tars/asterisk-extra-sounds-en-wav-current.tar.gz
cp /usr/share/vicibox/conf.gsm ./
cp conf.gsm park.gsm
cd /usr/share/asterisk/moh
rm -rf *
/bin/tar -xzf /usr/src/tars/asterisk-moh-opsound-wav-current.tar.gz
/bin/rm CHANGES*
/bin/rm LICENSE*
/bin/rm CREDITS*
/bin/rm .asterisk*
/bin/mkdir /var/lib/asterisk/quiet-mp3
cd /var/lib/asterisk/moh
for each_file in ./*.wav; do
/usr/bin/sox $each_file /var/lib/asterisk/quiet-mp3/$each_file vol 0.25
done
# Some asterisk fixups
cd /etc/asterisk
echo '' > extensions.ael
rm modules.conf
cp /usr/share/vicibox/modules.conf /etc/asterisk/
# Configure Apache2 and PHP specific stuff
/usr/sbin/a2enmod rewrite
/usr/sbin/a2enmod php7
/usr/sbin/a2enmod status
/usr/sbin/a2enmod mod_socache_shmcb
#/usr/sbin/a2enflag SSL
cp /usr/share/vicibox/server-tuning.conf /etc/apache2/
cp /usr/share/vicibox/mod_deflate.conf /etc/apache2/conf.d/
cd /etc/apache2/conf.d
if [ -d /etc/apache2/conf.d/manual.conf ]; then
rm manual.conf
fi
cd /etc/apache2/vhosts.d
#cp /usr/share/vicibox/1111-default*.conf ./
. /etc/sysconfig/clock
sed -i "s+date.timezone = 'UTC'+date.timezone = '$DEFAULT_TIMEZONE'+" /etc/php7/apache2/php.ini
sed -i "s/max_execution_time = 30/max_execution_time = 330/" /etc/php7/apache2/php.ini
sed -i "s/max_input_time = 60/max_input_time = 360/" /etc/php7/apache2/php.ini
sed -i "s/; max_input_vars = 1000/max_input_vars = 4000/" /etc/php7/apache2/php.ini
sed -i "s/error_reporting = E_ALL \& \~E_DEPRECATED/error_reporting = E_ALL \& \~E_NOTICE \& \~E_DEPRECATED/" /etc/php7/apache2/php.ini
sed -i "s/short_open_tag = Off/short_open_tag = On/" /etc/php7/apache2/php.ini
sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 50M/" /etc/php7/apache2/php.ini
sed -i "s/post_max_size = 8M/post_max_size = 48M/" /etc/php7/apache2/php.ini
sed -i "s/memory_limit = 128M/memory_limit = 256M/" /etc/php7/apache2/php.ini
sed -i "s+date.timezone = 'UTC'+date.timezone = $DEFAULT_TIMEZONE+" /etc/php7/cli/php.ini
sed -i "s/max_execution_time = 30/max_execution_time = 330/" /etc/php7/cli/php.ini
sed -i "s/max_input_time = 60/max_input_time = 360/" /etc/php7/cli/php.ini
sed -i "s/; max_input_vars = 1000/max_input_vars = 4000/" /etc/php7/cli/php.ini
sed -i "s/error_reporting = E_ALL \& \~E_DEPRECATED/error_reporting = E_ALL \& \~E_NOTICE \& \~E_DEPRECATED/" /etc/php7/cli/php.ini
sed -i "s/short_open_tag = Off/short_open_tag = On/" /etc/php7/cli/php.ini
sed -i "s/memory_limit = 128M/memory_limit = 256M/" /etc/php7/cli/php.ini
sed -i 's/;opcache.enable=1/opcache.enable=1/g' /etc/php7/apache2/php.ini
sed -i 's/;opcache.memory_consumption=128/opcache.memory_consumption=128/g' /etc/php7/apache2/php.ini
sed -i 's/;opcache.interned_strings_buffer=8/opcache.interned_strings_buffer=16/g' /etc/php7/apache2/php.ini
sed -i 's/;opcache.max_accelerated_files=10000/opcache.max_accelerated_files=20000/g' /etc/php7/apache2/php.ini
sed -i 's/;opcache.max_wasted_percentage=5/opcache.max_wasted_percentage=5/g' /etc/php7/apache2/php.ini
sed -i 's/;opcache.validate_timestamps=1/opcache.validate_timestamps=1/g' /etc/php7/apache2/php.ini
sed -i 's/;opcache.revalidate_freq=2/opcache.revalidate_freq=10/g' /etc/php7/apache2/php.ini
# Generate self-signed SSL to keep the config from breaking, but a real SSL should be installed here for production
openssl req -newkey rsa:2048 -x509 -sha256 -days 3650 -nodes -out /etc/apache2/ssl.crt/vicibox.crt -keyout /etc/apache2/ssl.key/vicibox.key -subj "/C=US/ST=FL/L=Tampa/O=ViciBox/CN=vicibox.local"
# MySQL stuff
cd /etc
if [ ! -f /etc/my.cnf.orig ]; then
mv /etc/my.cnf /etc/my.cnf.orig
fi
if [ -f /etc/my.cnf ]; then
rm /etc/my.cnf
fi
cp /usr/share/vicibox/my.cnf /etc/
checkdir /var/lib/mysql
checkdir /srv/mysql/data
mysql_install_db
chown -R mysql:mysql /var/lib/mysql
chown -R mysql:mysql /srv/mysql