diff --git a/roles/pbx/defaults/main.yml b/roles/pbx/defaults/main.yml index 0271907a7..187a9a949 100644 --- a/roles/pbx/defaults/main.yml +++ b/roles/pbx/defaults/main.yml @@ -5,13 +5,16 @@ # pbx_install: False # pbx_enabled: False +# pbx_try_nginx: False # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE, +# # AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX ! + # asterisk_chan_dongle: False # pbx_signaling_ports_chan_sip: 5160:5161 # pbx_signaling_ports_chan_pjsip: 5060 # pbx_data_ports: 10000:20000 # pbx_http_port: 83 -# + # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! diff --git a/roles/pbx/tasks/asterisk.yml b/roles/pbx/tasks/asterisk.yml index 909f5ef3b..1fd97d589 100644 --- a/roles/pbx/tasks/asterisk.yml +++ b/roles/pbx/tasks/asterisk.yml @@ -33,12 +33,12 @@ path: "{{ asterisk_src_dir }}" # /opt/iiab/asterisk state: directory -- name: Asterisk - Extract to source dir (root:root) +- name: Asterisk - Extract to source dir (root:root by default) unarchive: src: "{{ downloads_dir }}/{{ asterisk_src_file }}" dest: "{{ asterisk_src_dir }}" - owner: root - group: root + # owner: root + # group: root extra_opts: [--strip-components=1] creates: "{{ asterisk_src_dir }}/Makefile" @@ -63,8 +63,8 @@ chdir: "{{ asterisk_src_dir }}" creates: addons/mp3/mpg123.h -- name: Asterisk - Run './configure --with-jansson-bundled' - command: ./configure --with-jansson-bundled +- name: Asterisk - Run './configure --with-pjproject-bundled --with-jansson-bundled' + command: ./configure --with-pjproject-bundled --with-jansson-bundled args: chdir: "{{ asterisk_src_dir }}" @@ -75,11 +75,13 @@ creates: menuselect.makeopts - name: Asterisk - Do a bit of menuselect configuration - command: > - menuselect/menuselect --enable app_macro --enable format_mp3 - --enable CORE-SOUNDS-EN-WAV --enable CORE-SOUNDS-EN-G722 - --enable EXTRA-SOUNDS-EN-WAV --enable EXTRA-SOUNDS-EN-G722 --enable EXTRA-SOUNDS-EN-GSM - --disable-category MENUSELECT_MOH + command: menuselect/menuselect --enable app_macro --enable format_mp3 menuselect.makeopts + # 2021-08-06: Let's standardize (ABOVE) if 6 others (BELOW) aren't needed? + # command: > + # menuselect/menuselect --enable app_macro --enable format_mp3 + # --enable CORE-SOUNDS-EN-WAV --enable CORE-SOUNDS-EN-G722 + # --enable EXTRA-SOUNDS-EN-WAV --enable EXTRA-SOUNDS-EN-G722 --enable EXTRA-SOUNDS-EN-GSM + # --disable-category MENUSELECT_MOH args: chdir: "{{ asterisk_src_dir }}" @@ -100,7 +102,7 @@ args: chdir: "{{ asterisk_src_dir }}" -- name: Asterisk - Run 'make samples' +- name: Asterisk - Run 'make samples' - this creates /etc/asterisk/asterisk.conf used below command: make samples args: chdir: "{{ asterisk_src_dir }}" @@ -110,28 +112,41 @@ args: chdir: "{{ asterisk_src_dir }}" +# 2021-08-06: Most install recipes do 'update-rc.d -f asterisk remove' here. +# Can't hurt but we do that a bit later in freepbx.yml -- name: Asterisk - Ensure group 'asterisk' exists - group: - name: asterisk - state: present -- name: Asterisk - Ensure system user 'asterisk' has primary group 'asterisk', groups 'audio,dialout', home '/var/lib/asterisk' +# 2021-08-06: Taken care of just below +# - name: Asterisk - Ensure group 'asterisk' exists +# group: +# name: asterisk +# state: present + +#- name: Asterisk - Ensure system user 'asterisk' has primary group 'asterisk', groups 'audio,dialout', home '/var/lib/asterisk' +- name: Asterisk - Create Linux user 'asterisk' user: name: asterisk - group: asterisk - groups: audio,dialout - home: /var/lib/asterisk - system: yes + # group: asterisk # 2021-08-06: Implicit + # groups: audio,dialout # 2021-08-06: No longer mainline + # home: /var/lib/asterisk # 2021-08-06: No longer mainline + # system: yes # 2021-08-06: No longer mainline (and does nothing to pre-existing users) + # append: yes # 2021-08-06: Only relevant if adding groups later + +- name: Asterisk - Add user 'www-data' to group 'asterisk' + user: + name: www-data + groups: asterisk + # system: yes # 2021-08-06: Does nothing to pre-existing users append: yes -- name: Asterisk - Set ownership for 5 directories (asterisk:asterisk, recurse) +- name: Asterisk - Set ownership for 6 directories (asterisk:asterisk, recurse) file: dest: "{{ item }}" owner: asterisk group: asterisk recurse: yes with_items: + - /var/run/asterisk - /etc/asterisk - /var/lib/asterisk - /var/log/asterisk diff --git a/roles/pbx/tasks/enable-or-disable.yml b/roles/pbx/tasks/enable-or-disable.yml index a83a0befb..ba88e76b1 100644 --- a/roles/pbx/tasks/enable-or-disable.yml +++ b/roles/pbx/tasks/enable-or-disable.yml @@ -15,33 +15,41 @@ when: not pbx_enabled -- name: Enable http://box:{{ pbx_http_port }}/freepbx via Apache, if pbx_enabled # http://box:83/freepbx - command: a2ensite freepbx.conf - when: pbx_enabled +- block: -- name: Disable http://box:{{ pbx_http_port }}/freepbx via Apache, if not pbx_enabled - command: a2dissite freepbx.conf - when: not pbx_enabled + - name: Enable http://box:{{ pbx_http_port }}/freepbx via Apache, if pbx_enabled # http://box:83/freepbx + command: a2ensite freepbx.conf + when: pbx_enabled -- name: Restart Apache service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" # apache2 - state: restarted + - name: Disable http://box:{{ pbx_http_port }}/freepbx via Apache, if not pbx_enabled + command: a2dissite freepbx.conf + when: not pbx_enabled + + - name: Restart Apache service ({{ apache_service }}) + systemd: + name: "{{ apache_service }}" # apache2 + state: restarted + + when: not pbx_try_nginx -# - name: Enable http://box/freepbx via NGINX, by installing {{ nginx_conf_dir }}/freepbx-nginx.conf from template -# template: -# src: freepbx-nginx.conf.j2 -# dest: "{{ nginx_conf_dir }}/freepbx-nginx.conf" # /etc/nginx/conf.d -# when: pbx_enabled +- block: -# - name: Disable http://box/freepbx via NGINX, by removing {{ nginx_conf_dir }}/freepbx-nginx.conf -# file: -# path: "{{ nginx_conf_dir }}/freepbx-nginx.conf" -# state: absent -# when: not pbx_enabled + - name: Enable http://box/freepbx via NGINX, by installing {{ nginx_conf_dir }}/freepbx-nginx.conf from template + template: + src: freepbx-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/freepbx-nginx.conf" # /etc/nginx/conf.d + when: pbx_enabled -# - name: Restart 'nginx' systemd service -# systemd: -# name: nginx -# state: restarted + - name: Disable http://box/freepbx via NGINX, by removing {{ nginx_conf_dir }}/freepbx-nginx.conf + file: + path: "{{ nginx_conf_dir }}/freepbx-nginx.conf" + state: absent + when: not pbx_enabled + + - name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted + + when: pbx_try_nginx diff --git a/roles/pbx/tasks/freepbx.yml b/roles/pbx/tasks/freepbx.yml index 9e673b187..6904a21b8 100644 --- a/roles/pbx/tasks/freepbx.yml +++ b/roles/pbx/tasks/freepbx.yml @@ -133,10 +133,33 @@ with_items: - ./start_asterisk start - ./install -n --webroot {{ freepbx_install_dir }} --dbuser {{ asterisk_db_user }} --dbpass {{ asterisk_db_password }} --dbname {{ asterisk_db_dbname }} --cdrdbname {{ asterisk_db_cdrdbname }} - # - ./start_asterisk stop - # - killall -9 safe_asterisk # 2021-08-05: These 2 lines from PR #2912 attempted a brute force (not enough!) workaround for the #2908 annoyance on 1st - # - killall -9 asterisk # install, of 'systemctl status freepbx' showing "Unable to run Pre-Asterisk hooks, because Asterisk is already running" - # - /usr/sbin/asterisk -rx "core stop gracefully" + +- name: "Run 'fwconsole stop' to stop both Asterisk processes -- this avoids \"Unable to run Pre-Asterisk hooks, because Asterisk is already running\" in 'journalctl -u freepbx' logs" + command: fwconsole stop + # command: "{{ item }}" + # with_items: + # # - ./start_asterisk stop + # # - killall -9 safe_asterisk # 2021-08-05: These 2 lines from PR #2912 brute force a workaround for #2908 #2913 #2915 + # # - killall -9 asterisk # glitches on 1st install. In the end, above 'fwconsole stop' does the job more gracefully. + # # - /usr/sbin/asterisk -rx "core stop gracefully" + # # - fwconsole reload + # - fwconsole stop + # # - fwconsole restart + # # - fwconsole ma disablerepo commercial + # # - fwconsole ma installall + # # - fwconsole ma delete firewall + # # - fwconsole reload + # # - fwconsole restart + +# 2021-08-06: This stanza might be removed in future, if Asterix/FreePBX fix +# this install glitch in a future release? FYI #2908, #2912, #2913 attempts +# didn't work. This workaround helps: https://github.com/iiab/iiab/pull/2915 +# - name: FreePBX - Run 'systemctl restart freepbx' TWICE (THIS IS 1 OF 2) to get past 'systemctl status freepbx' glitch "Unable to run Pre-Asterisk hooks, because Asterisk is already running" +# systemd: +# daemon_reload: yes +# name: freepbx +# enabled: yes +# state: restarted # - name: 'FreePBX - fix file permissions for NGINX: /etc/freepbx.conf (0644), /var/log/asterisk/freepbx.log (0666)' # file: @@ -167,26 +190,30 @@ src: freepbx.service dest: /etc/systemd/system/ -# 2021-08-06: This stanza might be removed in future, if Asterix/FreePBX fix -# the install glitch in a future release. FYI #2908, #2912, #2913 attempts -# didn't work. This one did: https://github.com/iiab/iiab/pull/2915 -- name: FreePBX - Run 'systemctl restart freepbx' TWICE (THIS IS 1 OF 2) to get past 'systemctl status freepbx' glitch "Unable to run Pre-Asterisk hooks, because Asterisk is already running" - systemd: - daemon_reload: yes - name: freepbx - enabled: yes - state: restarted +# FreePBX's initial page (Admin user registration) tries to set up a cron job and +# fails: "Exception: Trying to edit user asterisk, when I'm running as www-data" +# DETAILS: https://github.com/iiab/iiab/pull/2916#issuecomment-894585322 +# FWIW hacking /etc/freepbx.conf in this way does not help in the end... +# - name: "2021-08-06: Try \"$amp_conf['AMPASTERISKWEBUSER'] = 'www-data';\" in /etc/freepbx.conf for #2916 registration cron fix ?'" +# lineinfile: +# path: /etc/freepbx.conf +# insertafter: '^<\?php$' # Match exact line '= 8.0: phpX.Y-json is baked into PHP itself. # For PHP < 8.0: phpX.Y-json auto-installed by phpX.Y-fpm AND phpX.Y-cli in 3-base-server's nginx/tasks/install.yml, as confirmed by: apt rdepends phpX.Y-json # diff --git a/roles/pbx/tasks/install.yml b/roles/pbx/tasks/install.yml index 36e0190fa..2d8a32f75 100644 --- a/roles/pbx/tasks/install.yml +++ b/roles/pbx/tasks/install.yml @@ -22,14 +22,18 @@ # when: nodejs_version != "12.x" -- name: "Set 'apache_install: True' and 'apache_enabled: True'" - set_fact: - apache_install: True - apache_enabled: True +block: -- name: APACHE - run 'httpd' role - include_role: - name: httpd + - name: "Set 'apache_install: True' and 'apache_enabled: True'" + set_fact: + apache_install: True + apache_enabled: True + + - name: APACHE - run 'httpd' role + include_role: + name: httpd + + when: not pbx_try_nginx - name: Install Asterisk diff --git a/roles/pbx/templates/freepbx-nginx.conf.j2 b/roles/pbx/templates/freepbx-nginx.conf.j2 new file mode 100644 index 000000000..44ae755b9 --- /dev/null +++ b/roles/pbx/templates/freepbx-nginx.conf.j2 @@ -0,0 +1,31 @@ +location ~ ^/freepbx(|/.*)$ { # '~' -> '~*' for case-insensitive regex + + root /var/www/html; + # root {{ freepbx_install_dir }}; # /var/www/html/freepbx + # root {{ doc_root }}; # /library/www/html + + # location ~ ^/freepbx { + # root {{ doc_root }}; + # } + + location ~ ^/freepbx(.*)\.php(.*)$ { + alias {{ freepbx_install_dir }}$1.php$2; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_index index.php; + fastcgi_pass php; + + include fastcgi_params; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; + #fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; + fastcgi_param HTACCESS on; # disables FreePBX htaccess warning + } + + # disallows the things that the FreePBX .htaccess files disallow + location ~ /freepbx(/\.ht|/\.git|\.ini$|/libraries|/helpers|/i18n|/node|/views/.+php$) { + deny all; + } + + # from the api module .htaccess file + rewrite ^/freepbx/admin/api/([^/]*)/([^/]*)/?(.*)?$ /freepbx/admin/api/api.php?module=$1&command=$2&route=$3 last; +} diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 1de0209e5..39e151dfd 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -624,6 +624,8 @@ calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 # If using PBX intensively, investigate nginx_high_php_limits further above. pbx_install: False pbx_enabled: False +pbx_try_nginx: False # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE, +# AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX ! asterisk_chan_dongle: False pbx_signaling_ports_chan_sip: 5160:5161 pbx_signaling_ports_chan_pjsip: 5060 diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index c26d8d754..c0739f6d0 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -405,4 +405,6 @@ calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 # If using PBX intensively, investigate nginx_high_php_limits further above. pbx_install: False pbx_enabled: False +pbx_try_nginx: False # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE, +# AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX ! asterisk_chan_dongle: False diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index aac2ea348..d153accdf 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -405,4 +405,6 @@ calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 # If using PBX intensively, investigate nginx_high_php_limits further above. pbx_install: False pbx_enabled: False +pbx_try_nginx: False # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE, +# AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX ! asterisk_chan_dongle: False diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index 44393e84e..1ff1c213d 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -405,4 +405,6 @@ calibre_web_path: calibre #NEEDS WORK: https://github.com/iiab/iiab/issues/529 # If using PBX intensively, investigate nginx_high_php_limits further above. pbx_install: False pbx_enabled: False +pbx_try_nginx: False # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE, +# AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX ! asterisk_chan_dongle: False