#CentOS FreePBX Distro Kickstart #Copyright Schmooze Com. Inc 2010 # # #Set out logging level logging --level=debug #System authorization infomation auth --useshadow --enablemd5 #Network information network --bootproto=query --device=eth0 #Language modules to install lang en_US keyboard us #Use non-interactive text mode install text #Install Red Hat Linux instead of upgrade install # The place to check for packages and other install related files (such as initrd) url --url http://yum.freepbxdistro.org/centos/5/os/i386 #Firewall configuration firewall --disabled selinux --disabled #Do not configure XWindows skipx # Define Repos for install process. repo --name=Centos-extras --baseurl=http://yum.freepbxdistro.org/centos/5/extras/i386 repo --name=Centos-base --baseurl=http://yum.freepbxdistro.org/centos/5/os/i386 repo --name=Centos-updates --baseurl=http://yum.freepbxdistro.org/centos/5/updates/i386/ repo --name=pbx --baseurl=http://yum.freepbxdistro.org/pbx/1.8.x.x/i386 repo --name=kernel-dependent --baseurl=http://yum.freepbxdistro.org/kernel-dependent/2.6.18-194.17.1/i386 # System bootloader configuration bootloader --location=mbr # Clear the Master Boot Record zerombr yes # Partition clearing information clearpart --all --initlabel # Reboot when complete to load first boot script reboot --eject # Now bring in the actual partition setup %include /tmp/part-include # Pre is where we do things that need to be done before we install %pre # Add an asterisk user groupadd -r asterisk useradd -r -M -g asterisk -s /sbin/nologin -d /var/lib/asterisk asterisk 2> /dev/null || : # Detect hard drives # Find the number of hard drives we have, if we find only one, no raid, more then one? raid. harddrives=`list-harddrives | wc -l` count=0 if [ "$harddrives" -gt "1" ] then for disk in `list-harddrives | awk '{print $1}'` do # Creates the BOOT partition that is 100mb in size echo "part raid.0$count --size=100 --ondisk=$disk --asprimary" >> /tmp/part-include # Creates the SWAP partition (1024mb) echo "part raid.1$count --size=1024 --ondisk=$disk" >> /tmp/part-include # Creates the root (/) partition that is able to grow to fill echo "part raid.2$count --size=100 --grow --ondisk=$disk" >> /tmp/part-include ((count = count + 1)) done ((count = count - 1)) echo -n "raid /boot --level=1 --device=md0 --fstype=ext3 " >> /tmp/part-include for disk in `seq 0 $count` do echo -n "raid.0$disk " >> /tmp/part-include done echo "" >> /tmp/part-include echo -n "raid swap --level=1 --device=md1 --fstype=swap " >> /tmp/part-include for disk in `seq 0 $count` do echo -n "raid.1$disk " >> /tmp/part-include done echo "" >> /tmp/part-include echo -n "raid / --level=1 --device=md2 --fstype=ext3 " >> /tmp/part-include for disk in `seq 0 $count` do echo -n "raid.2$disk " >> /tmp/part-include done echo "" >> /tmp/part-include else echo "part /boot --fstype ext3 --size=100" >> /tmp/part-include echo "part / --fstype ext3 --size=1024 --grow" >> /tmp/part-include echo "part swap --size=256 --grow --maxsize=768" >> /tmp/part-include fi # Make all disks bootable for disk in `list-harddrives | awk '{print $1}'` do echo "device (hd0) /dev/$disk" >> /tmp/grub-include echo "root (hd0,0)" >> /tmp/grub-include echo "setup (hd0)" >> /tmp/grub-include done echo "quit" >> /tmp/grub-include /sbin/grub --batch </dev/null 2>/dev/null `cat /tmp/grub-include` EOT # Package install information %packages # NOTE: The Kernel packages need to match what we tell Sangoma to compile Wanpipe against or we will have issues kernel-2.6.18-194.17.1.el5 kernel-devel-2.6.18-194.17.1.el5 kernel-headers-2.6.18-194.17.1.el5 # Vim goodies vim-enhanced-7.0.109-6.el5 # Apache httpd-2.2.3-43.el5.centos.3 # MySQL mysql-5.0.77-4.el5_5.3 mysql-server-5.0.77-4.el5_5.3 # PHP php-5.2.17-1.1 php-mysql-5.2.17-1.1 php-common-5.2.17-1.1 php-cli-5.2.17-1.1 php-ldap-5.2.17-1.1 php-gd-5.2.17-1.1 php-pdo-5.2.17-1.1 php-process-5.2.17-1.1 php-pear-1.4.9-6.el5 php-pear-DB-1.7.13-1.el5.centos zend-optimizer-3.3.3-3 # Various utilities dnsmasq-2.57-1.el5.rfx lm_sensors-2.10.7-9.el5 gcc-4.1.2-48.el5 gcc-c++-4.1.2-48.el5 gdb-7.0.1-23.el5_5.2.i386 incron-0.5.9-1.el5.rf screen-4.0.3-1.el5_4.1 # Network Tools ntp-4.2.2p1-9.el5.centos.2.1 nmap-4.11-1.1 openvpn-2.0.9-1.el5.rf # Dahdi kmod-dahdi-linux-2.4.1.2-1_centos5.2.6.18_194.17.1.el5 dahdi-linux-kmod-debuginfo-2.4.1.2-1_centos5.2.6.18_194.17.1.el5 dahdi-firmware-2.4.1.2-1_centos5 dahdi-firmware-oct6114-064-1.05.01-1_centos5 dahdi-firmware-oct6114-128-1.05.01-1_centos5 dahdi-firmware-vpmadt032-1.07-1_centos5 dahdi-firmware-tc400m-MR6.12-1_centos5 dahdi-linux-2.4.1.2-1_centos5 dahdi-linux-devel-2.4.1.2-1_centos5 dahdi-linux-debuginfo-2.4.1.2-1_centos5 dahdi-tools-2.4.1-1_centos5 dahdi-tools-debuginfo-2.4.1-1_centos5 dahdi-tools-doc-2.4.1-1_centos5 libpri-1.4.12-1_centos5 libpri-debuginfo-1.4.12-1_centos5 libpri-devel-1.4.12-1_centos5 libtonezone-2.4.1-1_centos5 libtonezone-devel-2.4.1-1_centos5 # Asterisk asterisk18-1.8.5.0-1_centos5 asterisk18-addons-1.8.5.0-1_centos5 asterisk18-addons-bluetooth-1.8.5.0-1_centos5 asterisk18-addons-core-1.8.5.0-1_centos5 asterisk18-addons-mysql-1.8.5.0-1_centos5 asterisk18-addons-ooh323-1.8.5.0-1_centos5 asterisk18-core-1.8.5.0-1_centos5 asterisk18-curl-1.8.5.0-1_centos5 asterisk18-dahdi-1.8.5.0-1_centos5 asterisk18-voicemail-1.8.5.0-1_centos5 asterisk18-curl-1.8.5.0-1_centos5 asterisk-sounds-core-en-alaw-1.4.19-1_centos5 asterisk-sounds-core-en-ulaw-1.4.19-1_centos5 asterisk-sounds-core-en-gsm-1.4.19-1_centos5 asterisk-sounds-extra-en-alaw-1.4.9-1_centos5 asterisk-sounds-extra-en-ulaw-1.4.9-1_centos5 asterisk-sounds-extra-en-gsm-1.4.9-1_centos5 moh-sounds-1.0.0-2 # Flite asterisk18-app_flite-0.6-5 flite-1.3-9 # TFTP and FTP Server tftp-server-0.49-2.el5.centos vsftpd-2.0.5-16.el5_5.1.i386 # Java jre-1.6.0_18-fcs # FreePBX freepbx-2.9.0-8 # Play audio files from asterisk mpg123-1.9.1-1.el5.rf sox-12.18.1-1 esound-devel-0.2.36-3.i386 libtool-ltdl-1.5.22-7.el5_4.i386 # Install postifx to handle email -sendmail postfix-2.3.3-2.1.el5_2 # fax conversion applications libtiff-3.8.2-7.el5_5.5 libtiff-devel-3.8.2-7.el5_5.5.i386 ghostscript-8.70-9custom # SVN subversion-1.4.2-4.el5_3.1.i386 # Wanpipe for Sangoma Cards # Forced to Move to First Boot since the anaconda Kernel is older than what we are using in the distro. # FreePBX Landing Page freepbxdistro-header-2.9.0-5 # Sysadmin RPM for Sysadmin Module # Moved to Firstboot so we can create the incrontab # Fail2ban RPM for Security fail2ban-0.8.4-1 # Install iksemel for SRTP iksemel-1.4-1.el5.rf.i386 iksemel-devel-1.4-1.el5.rf.i386 # Install spandsp for faxing spandsp-0.0.6-1.i386 spandsp-debuginfo-0.0.6-1 spandsp-devel-0.0.6-1 %post # ntp settings echo "driftfile /var/lib/ntp/drift" > /etc/ntp.conf echo "server 0.pool.ntp.org" >> /etc/ntp.conf echo "server 1.pool.ntp.org" >> /etc/ntp.conf echo "server 2.pool.ntp.org" >> /etc/ntp.conf echo "server 127.127.1.0" >> /etc/ntp.conf echo "fudge 127.127.1.0 stratum 10" >> /etc/ntp.conf cp -f /boot/grub/grub.conf /boot/grub/grub.conf.old sed -e "s/hiddenmenu/#hiddenmenu/" /boot/grub/grub.conf.old > /boot/grub/grub.conf cp -f /boot/grub/grub.conf /boot/grub/grub.conf.old2 sed -e "s/default=0/default=1/" /boot/grub/grub.conf.old2 > /boot/grub/grub.conf cp -f /etc/xinetd.d/tftp /tmp/xinetd.tftp.old sed -e "s/\W*disable\W*yes/ disable = no/" /tmp/xinetd.tftp.old > /etc/xinetd.d/tftp # Change which user apache runs as so freepbx can modify asterisk files sed -i "s/^User apache$/User asterisk/" /etc/httpd/conf/httpd.conf sed -i "s/^Group apache$/Group asterisk/" /etc/httpd/conf/httpd.conf # The standard timeout will prevent us from downloading modules and installing them sed -i "s/^Timeout 120$/Timeout 300/" /etc/httpd/conf/httpd.conf # Change the port we listen on for web connections # sed -i "s/^Listen 80$/Listen TODO/" /etc/httpd/conf/httpd.conf # Improve the amount of memory php can use sed -i "s/^memory_limit = 16M.*$/memory_limit = 64M/" /etc/php.ini # Make a bunch of processes start on boot /sbin/chkconfig httpd on /sbin/chkconfig mysqld on /sbin/chkconfig ntpd on /sbin/chkconfig dnsmasq on /sbin/chkconfig incrond on /sbin/chkconfig fail2ban on # Various file ownership changes /bin/chown -R asterisk:asterisk /var/www/html /bin/chown -R asterisk:asterisk /var/lib/php/session # Create rc.local /bin/echo "# Make sure asterisk starts on boot" >> /etc/rc.local /bin/echo "/usr/local/sbin/amportal start" >> /etc/rc.local # Set rc.local to run /etc/pbxact_first_boot.sh so that we can run our first boot commands # Note: This is only being done because certain commands don't like being called in our post install /bin/echo "/etc/pbx_first_boot.sh" >> /etc/rc.local # The following creates a first boot file that will run any commands # for applications that are not installed or configured during the # anaconda install process. /bin/cat <> /etc/pbx_first_boot.sh #!/bin/bash # pull in all freepbx modules and load them /usr/local/sbin/amportal chown sudo -u asterisk /var/lib/asterisk/bin/module_admin download sysadmin sudo -u asterisk /var/lib/asterisk/bin/module_admin install sysadmin sudo -u asterisk /var/lib/asterisk/bin/module_admin install sysadmin sudo -u asterisk /var/lib/asterisk/bin/module_admin upgradeall sudo -u asterisk /var/lib/asterisk/bin/retrieve_conf sudo -u asterisk /var/lib/asterisk/bin/module_admin reload # Sysadmin RPM for Sysadmin Module Moved to Firstboot or we can create the incrontab /usr/bin/yum install -y sysadmin-2.2.1-1 # Install dahdi.conf file /usr/bin/yum -y install schmooze-dahdi-1.0.0-2 # Remove the entry from firstboot rm -rf /etc/pbx_first_boot.sh sed -i 's/\/etc\/pbx_first_boot.sh//' /etc/rc.local /usr/local/sbin/amportal chown rm -rf /tmp/ks-script-* rm -rf /tmp/xinetd.tftp.old updatedb sleep 10; reboot EOF # make this file executable /bin/chmod 555 /etc/pbx_first_boot.sh # Clear all other repos rm -f /etc/yum.repos.d/*.repo # Add the FreePBX repo /bin/cat <<'EOTT' > /etc/yum.repos.d/FreePBX.repo # FreePBX-Base.repo # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # # [base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.freepbxdistro.org/?release=$releasever&arch=$basearch&repo=os #baseurl=http://yum.freepbxdistro.org/centos/$releasever/os/$basearch/ gpgcheck=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 #released updates [updates] name=CentOS-$releasever - Updates mirrorlist=http://mirrorlist.freepbxdistro.org/?release=$releasever&arch=$basearch&repo=updates #baseurl=http://yum.freepbxdistro.org/centos/$releasever/updates/$basearch/ gpgcheck=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 #packages used/produced in the build but not released [addons] name=CentOS-$releasever - Addons mirrorlist=http://mirrorlist.freepbxdistro.org/?release=$releasever&arch=$basearch&repo=addons #baseurl=http://yum.freepbxdistro.org/centos/$releasever/addons/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras mirrorlist=http://mirrorlist.freepbxdistro.org/?release=$releasever&arch=$basearch&repo=extras #baseurl=http://yum.freepbxdistro.org/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus mirrorlist=http://mirrorlist.freepbxdistro.org/?release=$releasever&arch=$basearch&repo=centosplus #baseurl=http://yum.freepbxdistro.org/centos/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 #Core PBX Packages [pbx] name=pbx mirrorlist=http://mirrorlist.freepbxdistro.org/?pbxver=1.8.x.x&release=$releasever&arch=$basearch&repo=pbx #baseurl=http://yum.freepbxdistro.org/pbx/1.8.x.x/$basearch/ gpgcheck=0 enabled=1 #gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-FreePBX #Core Kernel Dependent Packages [kernel-dependent] name=kernel-dependent mirrorlist=http://mirrorlist.freepbxdistro.org/?kernver=2.6.18-194.17.1&release=$releasever&arch=$basearch&repo=kernel-dependent #baseurl=http://yum.freepbxdistro.org/kernel-dependent/2.6.18-194.17.1/$basearch/ gpgcheck=0 enabled=1 #gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-FreePBX EOTT # write resolv.conf file /bin/echo "nameserver 127.0.0.1" >> /etc/resolv.conf # set up java stuff mkdir /usr/java ln -s /usr/java/jre1.6.0_18 /usr/java/latest # install and configure aastra config file mkdir /tftpboot /bin/chown -R asterisk:asterisk /tftpboot # change sshd_config settings sed -i "s/#UseDNS yes/UseDNS no/g" /etc/ssh/sshd_config # Setup logger.conf cat <<'EOF' >/etc/asterisk/logger_general_custom.conf dateformat=%F %T EOF cat <<'EOF' >/etc/asterisk/logger_logfiles_custom.conf ; Format is "filename" and then "levels" of debugging to be included: ; debug ; notice ; warning ; error ; verbose ; console => notice,warning,error full => notice,warning,error,debug,verbose EOF # add logger rotation for asterisk logs cat <<'EOF' >/etc/logrotate.d/asterisk /var/log/asterisk/queue_log { daily missingok rotate 30 notifempty sharedscripts create 0640 asterisk asterisk } /var/spool/mail/asterisk /var/spool/mail/root /var/log/asterisk/messages /var/log/asterisk/event_log /var/log/asterisk/full /var/log/asterisk/dtmf { daily missingok rotate 7 notifempty sharedscripts create 0640 asterisk asterisk postrotate /usr/sbin/asterisk -rx 'logger reload' > /dev/null 2> /dev/null endscript } EOF # create sudoers settings for user asterisk sed -i "s/Defaults\s*requiretty/#Defaults requiretty/g" /etc/sudoers # add MOTD banner on SSH login /bin/cat <<'EOF' > /etc/motd ====================================== Welcome to The FreePBX Distro ====================================== EOF # Create Upgrade Notes Section mkdir /var/log/pbx mkdir /var/log/pbx/install mkdir /var/log/pbx/upgrade chown -R asterisk:asterisk /var/log/pbx # fix php.ini config parameters sed -i 's/upload_max_filesize = .*/upload_max_filesize = 100M/' /etc/php.ini sed -i 's/post_max_size = .*/post_max_size = 100M/' /etc/php.ini # run a weekly updatedb to keep locate up to date echo -e "#"\!"/bin/bash\nupdatedb" > /etc/cron.weekly/update-locate.sh chmod +x /etc/cron.weekly/update-locate.sh #Set nano as default editor for crons echo "export VISUAL=nano" >> /root/.bashrc # set permission of file that the FreePBX dahdi needs chown -R asterisk:asterisk /etc/modprobe.d/dahdi.conf # set version number in /etc/asterisk/freepbxdistro-version echo "1.8.2.0-2" > /etc/asterisk/freepbxdistro-version echo "1.0.0.0" > /etc/asterisk/freepbxdistro-failsafe