diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 2042c13be..0c1e7febb 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -42,7 +42,7 @@ path: /etc/nginx/sites-enabled/default state: absent -- name: 'Install 3 (of 5) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/nginx/mime.types +- name: 'Install 3 (of 5) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/nginx/mime.types' template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -50,7 +50,7 @@ - { src: 'server.conf.j2', dest: '/etc/nginx/server.conf' } - { src: 'nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } - { src: 'mime.types.j2', dest: '/etc/nginx/mime.types' } - # - { src: 'apache-ports.conf', dest: '/etc/{{ apache_service }}/ports.conf' } # 2021-08-09: Moved to pbx role + # - { src: 'ports.conf', dest: '/etc/{{ apache_service }}/ports.conf' } # 2021-08-09: Restored from enable-or-disable.yml then moved to roles/pbx/tasks/apache.yml # - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # Moved into homepage.yml, invoked later by roles/www_options/tasks/main.yml (see below!) - debug: diff --git a/roles/pbx/tasks/apache.yml b/roles/pbx/tasks/apache.yml new file mode 100644 index 000000000..4099ebfa5 --- /dev/null +++ b/roles/pbx/tasks/apache.yml @@ -0,0 +1,41 @@ +# Must happen before install of Apache, or it'll collide with NGINX port 80. +# 2021-08-09: Used to be done by roles/nginx/tasks/install.yml +- name: "Install from template: /etc/{{ apache_service }}/ports.conf containing 'Listen {{ pbx_http_port }}'" + template: + src: ports.conf + dest: /etc/{{ apache_service }}/ + +- name: "FreePBX - Install Apache packages: {{ apache_service }}, libapache2-mod-php, libapache2-mpm-itk - if not pbx_try_nginx" + package: + name: + - "{{ apache_service }}" # 2021-08-07: Install apache2 directly, as we prepare to deprecate roles/httpd + - libapache2-mod-php # NOTE duplication: roles/httpd/tasks.install.yml installed libapache2-mod-php{{ php_version }} ostensibly for "Elgg, Moodle, etc" + - libapache2-mpm-itk # To serve FreePBX through a VirtualHost as asterisk user (#2914: Is this possible via NGINX?) + +- name: 'Enable Apache module, as with "a2enmod" command: rewrite' + apache2_module: + name: rewrite + +# Legacy code from roles/httpd/tasks/install.yml +# - name: 'Enable 5 Apache modules, as with "a2enmod" command: headers, proxy, proxy_html, proxy_http, rewrite (for http://box/kiwix, http://box/kolibri, http://box/nodered, etc)' +# apache2_module: +# name: "{{ item }}" +# with_items: +# - headers +# - proxy +# - proxy_html +# - proxy_http +# - rewrite + +# 2021-08-08: Security risks? But official install doc recommends this: +# https://wiki.freepbx.org/display/FOP/Installing+FreePBX+16+on+Debian+10.9 +# (lineinfile doesn't quite do the job, as all instances are replaced) +- name: Run "sed -i 's/AllowOverride None/AllowOverride All/' /etc/apache2/apache2.conf" + command: sed -i 's/AllowOverride None/AllowOverride All/' /etc/apache2/apache2.conf + +- name: FreePBX - Install /etc/{{ apache_service }}/sites-available/freepbx.conf from template ({{ apache_user }}:{{ apache_user }}, 0644 by default) + template: + src: freepbx.conf.j2 + dest: /etc/{{ apache_service }}/sites-available/freepbx.conf # apache2 + owner: "{{ apache_user }}" # www-data + group: "{{ apache_user }}" diff --git a/roles/pbx/tasks/asterisk.yml b/roles/pbx/tasks/asterisk.yml index 1cbb42069..e3afe09d8 100644 --- a/roles/pbx/tasks/asterisk.yml +++ b/roles/pbx/tasks/asterisk.yml @@ -1,6 +1,6 @@ # 2021-08-05: Asterisk's own install_prereq (below) handles essentially all of these # - name: Asterisk - Install dependencies -# include: asterisk_dependencies.yml +# include_tasks: asterisk_dependencies.yml # BEWARE: 'systemctl is-active asterix' falsely reports 'inactive' even when systemd # is compiled in below! FWIW: /opt/iiab/asterisk/contrib/systemd/asterisk.service diff --git a/roles/pbx/tasks/freepbx.yml b/roles/pbx/tasks/freepbx.yml index e29906e21..3d8e7b9a4 100644 --- a/roles/pbx/tasks/freepbx.yml +++ b/roles/pbx/tasks/freepbx.yml @@ -3,8 +3,65 @@ # RPi: http://mghadam.blogspot.com/2021/03/install-asterisk-18-freepbx-15-on.html # 2012-2017: http://www.raspberry-asterisk.org -- name: FreePBX - Install dependencies - include: freepbx_dependencies.yml + +# 2021-08-04: systemd service 'asterisk' is Enabled but Not Active at this point -- LET'S EXPERIMENT +# - name: FreePBX - Disable & Stop 'asterisk' systemd service +# systemd: +# daemon_reload: yes +# name: asterisk +# enabled: no +# state: stopped + +# 2021-08-05: Asterisk's systemd / systemctl support is getting there but Very +# Imperfect (even when compiled in, as a result of package 'libsystemd-dev' at +# top of asterisk.tml) so let's follow these "official" instructions for now: + +- name: FreePBX - Run 'update-rc.d -f asterisk remove' similar to 'systemctl disable asterisk' giving FreePBX full control during boot - not strictly required but recommended by https://wiki.freepbx.org/display/FOP/Installing+FreePBX+16+on+Debian+10.9 + command: update-rc.d -f asterisk remove + + +- name: FreePBX - Install wget, git, unixodbc, sudo, net-tools, cron, sox + ~12 PHP dependencies (run 'php -m' or 'php -i' to verify PHP modules) + package: + name: + - wget + - git + - unixodbc # For Asterisk CDR (Call Detail Records) + - sudo # Required by FreePBX install script + - net-tools # Required by FWConsole (command-line utility, that controls FreePBX) + - cron # Required by FreePBX UCP package (User Control Panel) + - sox # Required for CDR web-playback + # - php{{ php_version }} # Basically drags in phpX.Y-cgi (already below!) + - php{{ php_version }}-bcmath # Likewise installed in nextcloud/tasks/install.yml, wordpress/tasks/install.yml + - php{{ php_version }}-cgi + # - php{{ php_version }}-common # Auto-installed as an apt dependency. REGARDLESS: php{{ php_version }}-common superset php{{ php_version }}-cli is auto-installed by php{{ php_version }}-fpm in nginx/tasks/install.yml + - php{{ php_version }}-curl # Likewise installed in moodle/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml + - php{{ php_version }}-fpm # Likewise installed in nginx/tasks/install.yml + # - php{{ php_version }}-gettext + - php{{ php_version }}-gd # Likewise installed in moodle/tasks/install.yml, nextcloud/tasks/install.yml + - php{{ php_version }}-imap + # - php{{ php_version }}-json # See stanza just below + - php{{ php_version }}-mbstring # Likewise installed in mediawiki/tasks/install.yml, moodle/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml + # - python-mysqldb # https://github.com/Yannik/ansible-role-freepbx/blob/master/tasks/freepbx.yml#L33 + - php{{ php_version }}-mysql # Likewise installed in mysql/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml + - php-pear # Likewise installed for ADMIN CONSOLE https://github.com/iiab/iiab-admin-console/blob/master/roles/cmdsrv/tasks/main.yml#L19 + - php{{ php_version }}-snmp + - php{{ php_version }}-xml # Likewise installed in mediawiki/tasks/install.yml, moodle/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml -- AND REGARDLESS dragged in later by Admin Console's use of php-pear for roles/cmdsrv/tasks/main.yml -- run 'php -m | grep -i xml' which in the end shows {libxml, SimpleXML, xml, xmlreader, xmlwriter} + - php{{ php_version }}-zip # Likewise installed in moodle/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml + state: latest + +# For PHP >= 8.0: phpX.Y-json is baked into PHP itself. +# For PHP < 8.0: phpX.Y-json auto-installed by phpX.Y-fpm AND phpX.Y-cli in 3-base-server's nginx/tasks/install.yml, as confirmed by: apt rdepends phpX.Y-json +# +# - name: Install php{{ php_version }}-json if PHP < 8.0 +# package: +# name: php{{ php_version }}-json +# state: present +# when: php_version is version('8.0', '<') + +- FreePBX - Install and configure Apache - if not pbx_try_nginx + include_tasks: apache.yml + when: not pbx_try_nginx + - name: FreePBX - Download {{ freepbx_url }}/{{ freepbx_src_file }} to {{ downloads_dir }} get_url: @@ -49,27 +106,17 @@ # src: roles/pbx/templates/pbx.patch # dest: "{{ freepbx_src_dir }}/amp_conf/htdocs/admin/libraries/Composer/vendor/neitanod/forceutf8/src/ForceUTF8/Encoding.php" - -# 2021-08-04: systemd service 'asterisk' is Enabled but Not Active at this point -- LET'S EXPERIMENT -# - name: FreePBX - Disable & Stop 'asterisk' systemd service -# systemd: -# daemon_reload: yes -# name: asterisk -# enabled: no -# state: stopped - -# 2021-08-05: Asterisk's systemd / systemctl support is getting there but Very -# Imperfect (even when compiled in, as a result of package 'libsystemd-dev' at -# top of asterisk.tml) so let's follow these "official" instructions for now: - -- name: FreePBX - Run 'update-rc.d -f asterisk remove' similar to 'systemctl disable asterisk' giving FreePBX full control during boot - not strictly required but recommended by https://wiki.freepbx.org/display/FOP/Installing+FreePBX+16+on+Debian+10.9 - command: update-rc.d -f asterisk remove +# 2021-08-04: FreePBX 16 no longer needs this FreePBX 15 patch +# - name: FreePBX - Patch FreePBX source - disable get_magic_quotes_gpc() +# patch: +# src: roles/pbx/templates/pbx2.patch +# dest: "{{ freepbx_install_dir }}/admin/libraries/view.functions.php" - name: FreePBX - Add MySQL user ({{ asterisk_db_user }}) mysql_user: - name: "{{ asterisk_db_user }}" - password: "{{ asterisk_db_password }}" + name: "{{ asterisk_db_user }}" # asterisk + password: "{{ asterisk_db_password }}" # asterisk priv: "{{ asterisk_db_dbname }}.*:ALL/{{ asterisk_db_cdrdbname }}.*:ALL" # login_host: "{{ asterisk_db_host }}" # login_user: root @@ -79,7 +126,7 @@ - name: FreePBX - Add MySQL db ({{ asterisk_db_dbname }}) mysql_db: - name: "{{ asterisk_db_dbname }}" + name: "{{ asterisk_db_dbname }}" # asterisk encoding: utf8 collation: utf8_general_ci # login_host: "{{ asterisk_db_host }}" @@ -89,12 +136,13 @@ - name: FreePBX - Add cdr MySQL db ({{ asterisk_db_cdrdbname }}) mysql_db: - name: "{{ asterisk_db_cdrdbname }}" + name: "{{ asterisk_db_cdrdbname }}" # asteriskcdrdb encoding: utf8 collation: utf8_general_ci login_host: "{{ asterisk_db_host }}" state: present + - name: FreePBX - Create new php sessions dir /var/lib/php/asterisk_sessions/ - SEE 'php_value session.save_path /var/lib/php/asterisk_sessions/' IN pbx/templates/freepbx.conf.j2 file: path: /var/lib/php/asterisk_sessions/ @@ -107,7 +155,7 @@ group: asterisk recurse: yes -- name: "FreePBX - Populate /etc/asterisk/freepbx_chown.conf to prevent 'fwconsole chown' takeover of /var/lib/php/sessions - and possibly later /etc/freepbx.conf, /var/log/asterisk/freepbx.log, /var/spool/asterisk/cache" +- name: "FreePBX - Populate /etc/asterisk/freepbx_chown.conf to prevent 'fwconsole chown' takeover of /var/lib/php/sessions" # And possibly later /etc/freepbx.conf, /var/log/asterisk/freepbx.log, /var/spool/asterisk/cache blockinfile: content: | [blacklist] @@ -118,14 +166,8 @@ group: asterisk create: yes -# 2021-08-04: FreePBX 16 no longer needs this FreePBX 15 patch -# - name: FreePBX - Patch FreePBX source - disable get_magic_quotes_gpc() -# patch: -# src: roles/pbx/templates/pbx2.patch -# dest: "{{ freepbx_install_dir }}/admin/libraries/view.functions.php" - -- name: FreePBX - 2-step install (just run once) - CAN TAKE 3-12 MIN OR LONGER! +- name: FreePBX - 2-step install - won't run if {{ freepbx_install_dir }} already exists - CAN TAKE 3-12 MIN OR LONGER! command: "{{ item }}" args: chdir: "{{ freepbx_src_dir }}" @@ -151,7 +193,6 @@ # - fwconsole restart ignore_errors: yes # 2021-08-08: For things like 'killall -9 safe_asterisk' that fail when process doesn't exist - # 2021-08-06: This stanza works, but above is more graceful. (FYI PRs #2908, # #2912, #2913 didn't quite work -- whereas this PR #2915 at least worked!) # - name: FreePBX - Run 'systemctl restart freepbx' TWICE (THIS IS 1 OF 2) to get past 'systemctl status freepbx' glitch "Unable to run Pre-Asterisk hooks, because Asterisk is already running" @@ -161,6 +202,18 @@ # enabled: yes # state: restarted + +- name: FreePBX - Install /etc/odbc.ini from template (root:root, 0644 by default) for CDR 'asteriskcdrdb' - in future consider compiling ODBC driver for aarch64 per http://mghadam.blogspot.com/2021/03/install-asterisk-18-freepbx-15-on.html ? + template: + src: odbc.ini + dest: /etc/ + +- name: FreePBX - Install /etc/systemd/system/freepbx.service from template (root:root, 0644 by default) + template: + src: freepbx.service + dest: /etc/systemd/system/ + + # - name: 'FreePBX - fix file permissions for NGINX: /etc/freepbx.conf (0644), /var/log/asterisk/freepbx.log (0666)' # file: # #state: file @@ -169,6 +222,7 @@ # with_items: # - { path: '/etc/freepbx.conf', mode: u=rw,g=r,o=r } # 2021-08-04: LATER ENDS UP AS 0660 # - { path: '/var/log/asterisk/freepbx.log', mode: u=rw,g=rw,o=rw } # 2021-08-04: LATER ENDS UP AS 0664 +# when: pbx_try_nginx # - name: 'FreePBX - fix dir permissions for NGINX: /var/spool/asterisk/cache (0777)' # file: @@ -179,17 +233,7 @@ # with_items: # # - /var/www/html/freepbx/admin/assets/less/cache # - /var/spool/asterisk/cache - -- name: FreePBX - Install /etc/odbc.ini from template (root:root, 0644 by default) - in future consider compiling ODBC driver for aarch64 per http://mghadam.blogspot.com/2021/03/install-asterisk-18-freepbx-15-on.html ? - template: - src: odbc.ini - dest: /etc/ - -- name: FreePBX - Install /etc/systemd/system/freepbx.service from template (root:root, 0644 by default) - template: - src: freepbx.service - dest: /etc/systemd/system/ - +# when: pbx_try_nginx # For 'pbx_try_nginx: True' -- FreePBX's initial page (Admin user registration) # tries to set up a cron job but fails: @@ -202,21 +246,3 @@ # insertafter: '^<\?php$' # Match exact line ' # Listen 443 # @@ -17,4 +20,3 @@ # # vim: syntax=apache ts=4 sw=4 sts=4 sr noet -