diff --git a/roles/pbx/tasks/asterisk.yml b/roles/pbx/tasks/asterisk.yml index 909f5ef3b..4d185942d 100644 --- a/roles/pbx/tasks/asterisk.yml +++ b/roles/pbx/tasks/asterisk.yml @@ -33,12 +33,12 @@ path: "{{ asterisk_src_dir }}" # /opt/iiab/asterisk state: directory -- name: Asterisk - Extract to source dir (root:root) +- name: Asterisk - Extract to source dir (root:root by default) unarchive: src: "{{ downloads_dir }}/{{ asterisk_src_file }}" dest: "{{ asterisk_src_dir }}" - owner: root - group: root + # owner: root + # group: root extra_opts: [--strip-components=1] creates: "{{ asterisk_src_dir }}/Makefile" @@ -63,8 +63,8 @@ chdir: "{{ asterisk_src_dir }}" creates: addons/mp3/mpg123.h -- name: Asterisk - Run './configure --with-jansson-bundled' - command: ./configure --with-jansson-bundled +- name: Asterisk - Run './configure --with-pjproject-bundled --with-jansson-bundled' + command: ./configure --with-pjproject-bundled --with-jansson-bundled args: chdir: "{{ asterisk_src_dir }}" @@ -75,11 +75,13 @@ creates: menuselect.makeopts - name: Asterisk - Do a bit of menuselect configuration - command: > - menuselect/menuselect --enable app_macro --enable format_mp3 - --enable CORE-SOUNDS-EN-WAV --enable CORE-SOUNDS-EN-G722 - --enable EXTRA-SOUNDS-EN-WAV --enable EXTRA-SOUNDS-EN-G722 --enable EXTRA-SOUNDS-EN-GSM - --disable-category MENUSELECT_MOH + command: menuselect/menuselect --enable app_macro --enable format_mp3 menuselect.makeopts + # 2021-08-06: Let's standardize (ABOVE) if 5 extras (BELOW) aren't needed? + # command: > + # menuselect/menuselect --enable app_macro --enable format_mp3 + # --enable CORE-SOUNDS-EN-WAV --enable CORE-SOUNDS-EN-G722 + # --enable EXTRA-SOUNDS-EN-WAV --enable EXTRA-SOUNDS-EN-G722 --enable EXTRA-SOUNDS-EN-GSM + # --disable-category MENUSELECT_MOH args: chdir: "{{ asterisk_src_dir }}" @@ -100,38 +102,51 @@ args: chdir: "{{ asterisk_src_dir }}" -- name: Asterisk - Run 'make samples' - command: make samples - args: - chdir: "{{ asterisk_src_dir }}" +# - name: Asterisk - Run 'make samples' +# command: make samples +# args: +# chdir: "{{ asterisk_src_dir }}" - name: Asterisk - Run 'ldconfig' command: ldconfig args: chdir: "{{ asterisk_src_dir }}" +# 2021-08-06: Most install recipes do 'update-rc.d -f asterisk remove' here. +# Can't hurt but we do that a bit later in freepbx.yml -- name: Asterisk - Ensure group 'asterisk' exists - group: - name: asterisk - state: present -- name: Asterisk - Ensure system user 'asterisk' has primary group 'asterisk', groups 'audio,dialout', home '/var/lib/asterisk' +# 2021-08-06: Taken care of just below +# - name: Asterisk - Ensure group 'asterisk' exists +# group: +# name: asterisk +# state: present + +#- name: Asterisk - Ensure system user 'asterisk' has primary group 'asterisk', groups 'audio,dialout', home '/var/lib/asterisk' +- name: Asterisk - Create Linux user 'asterisk' user: name: asterisk - group: asterisk - groups: audio,dialout - home: /var/lib/asterisk - system: yes + # group: asterisk # 2021-08-06: Implicit + # groups: audio,dialout # 2021-08-06: No longer mainline + # home: /var/lib/asterisk # 2021-08-06: No longer mainline + # system: yes # 2021-08-06: No longer mainline (and does nothing to pre-existing users) + # append: yes # 2021-08-06: Only relevant if adding groups later + +- name: Asterisk - Add user 'www-data' to group 'asterisk' + user: + name: www-data + groups: asterisk + # system: yes # 2021-08-06: Does nothing to pre-existing users append: yes -- name: Asterisk - Set ownership for 5 directories (asterisk:asterisk, recurse) +- name: Asterisk - Set ownership for 6 directories (asterisk:asterisk, recurse) file: dest: "{{ item }}" owner: asterisk group: asterisk recurse: yes with_items: + - /var/run/asterisk - /etc/asterisk - /var/lib/asterisk - /var/log/asterisk diff --git a/roles/pbx/tasks/enable-or-disable.yml b/roles/pbx/tasks/enable-or-disable.yml index a83a0befb..bb4783885 100644 --- a/roles/pbx/tasks/enable-or-disable.yml +++ b/roles/pbx/tasks/enable-or-disable.yml @@ -15,33 +15,33 @@ when: not pbx_enabled -- name: Enable http://box:{{ pbx_http_port }}/freepbx via Apache, if pbx_enabled # http://box:83/freepbx - command: a2ensite freepbx.conf - when: pbx_enabled - -- name: Disable http://box:{{ pbx_http_port }}/freepbx via Apache, if not pbx_enabled - command: a2dissite freepbx.conf - when: not pbx_enabled - -- name: Restart Apache service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" # apache2 - state: restarted - - -# - name: Enable http://box/freepbx via NGINX, by installing {{ nginx_conf_dir }}/freepbx-nginx.conf from template -# template: -# src: freepbx-nginx.conf.j2 -# dest: "{{ nginx_conf_dir }}/freepbx-nginx.conf" # /etc/nginx/conf.d +# - name: Enable http://box:{{ pbx_http_port }}/freepbx via Apache, if pbx_enabled # http://box:83/freepbx +# command: a2ensite freepbx.conf # when: pbx_enabled -# - name: Disable http://box/freepbx via NGINX, by removing {{ nginx_conf_dir }}/freepbx-nginx.conf -# file: -# path: "{{ nginx_conf_dir }}/freepbx-nginx.conf" -# state: absent +# - name: Disable http://box:{{ pbx_http_port }}/freepbx via Apache, if not pbx_enabled +# command: a2dissite freepbx.conf # when: not pbx_enabled -# - name: Restart 'nginx' systemd service +# - name: Restart Apache service ({{ apache_service }}) # systemd: -# name: nginx +# name: "{{ apache_service }}" # apache2 # state: restarted + + +- name: Enable http://box/freepbx via NGINX, by installing {{ nginx_conf_dir }}/freepbx-nginx.conf from template + template: + src: freepbx-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/freepbx-nginx.conf" # /etc/nginx/conf.d + when: pbx_enabled + +- name: Disable http://box/freepbx via NGINX, by removing {{ nginx_conf_dir }}/freepbx-nginx.conf + file: + path: "{{ nginx_conf_dir }}/freepbx-nginx.conf" + state: absent + when: not pbx_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted diff --git a/roles/pbx/tasks/freepbx.yml b/roles/pbx/tasks/freepbx.yml index 9e673b187..15bac0914 100644 --- a/roles/pbx/tasks/freepbx.yml +++ b/roles/pbx/tasks/freepbx.yml @@ -137,6 +137,12 @@ # - killall -9 safe_asterisk # 2021-08-05: These 2 lines from PR #2912 attempted a brute force (not enough!) workaround for the #2908 annoyance on 1st # - killall -9 asterisk # install, of 'systemctl status freepbx' showing "Unable to run Pre-Asterisk hooks, because Asterisk is already running" # - /usr/sbin/asterisk -rx "core stop gracefully" + - fwconsole stop # 2021-08-06: #2915 EXPERIMENT + # - fwconsole ma disablerepo commercial + # - fwconsole ma installall + # - fwconsole ma delete firewall + # - fwconsole reload + # - fwconsole restart # - name: 'FreePBX - fix file permissions for NGINX: /etc/freepbx.conf (0644), /var/log/asterisk/freepbx.log (0666)' # file: @@ -170,23 +176,23 @@ # 2021-08-06: This stanza might be removed in future, if Asterix/FreePBX fix # the install glitch in a future release. FYI #2908, #2912, #2913 attempts # didn't work. This one did: https://github.com/iiab/iiab/pull/2915 -- name: FreePBX - Run 'systemctl restart freepbx' TWICE (THIS IS 1 OF 2) to get past 'systemctl status freepbx' glitch "Unable to run Pre-Asterisk hooks, because Asterisk is already running" - systemd: - daemon_reload: yes - name: freepbx - enabled: yes - state: restarted +# - name: FreePBX - Run 'systemctl restart freepbx' TWICE (THIS IS 1 OF 2) to get past 'systemctl status freepbx' glitch "Unable to run Pre-Asterisk hooks, because Asterisk is already running" +# systemd: +# daemon_reload: yes +# name: freepbx +# enabled: yes +# state: restarted -- name: FreePBX - Install /etc/apache2/sites-available/freepbx.conf from template ({{ apache_user }}:{{ apache_user }}, 0644 by default) - template: - src: freepbx.conf.j2 - dest: /etc/apache2/sites-available/freepbx.conf - owner: "{{ apache_user }}" # www-data - group: "{{ apache_user }}" +# - name: FreePBX - Install /etc/apache2/sites-available/freepbx.conf from template ({{ apache_user }}:{{ apache_user }}, 0644 by default) +# template: +# src: freepbx.conf.j2 +# dest: /etc/apache2/sites-available/freepbx.conf +# owner: "{{ apache_user }}" # www-data +# group: "{{ apache_user }}" -- name: FreePBX - Add directive "Listen {{ pbx_http_port }}" to /etc/apache2/ports.conf - lineinfile: - path: /etc/apache2/ports.conf - line: "Listen {{ pbx_http_port }}" - # insertafter: Listen 80 +# - name: FreePBX - Add directive "Listen {{ pbx_http_port }}" to /etc/apache2/ports.conf +# lineinfile: +# path: /etc/apache2/ports.conf +# line: "Listen {{ pbx_http_port }}" +# # insertafter: Listen 80 diff --git a/roles/pbx/tasks/freepbx_dependencies.yml b/roles/pbx/tasks/freepbx_dependencies.yml index f2b6b6ef4..f7a8a9f54 100644 --- a/roles/pbx/tasks/freepbx_dependencies.yml +++ b/roles/pbx/tasks/freepbx_dependencies.yml @@ -24,9 +24,9 @@ - php{{ php_version }}-snmp - php{{ php_version }}-xml # Likewise installed in mediawiki/tasks/install.yml, moodle/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml -- AND REGARDLESS dragged in later by Admin Console's use of php-pear for roles/cmdsrv/tasks/main.yml -- run 'php -m | grep -i xml' which in the end shows {libxml, SimpleXML, xml, xmlreader, xmlwriter} - php{{ php_version }}-zip # Likewise installed in moodle/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml - - libapache2-mod-php - #- python-mysqldb # https://github.com/Yannik/ansible-role-freepbx/blob/master/tasks/freepbx.yml#L33 - - libapache2-mpm-itk # To serve FreePBX through a VirtualHost as asterisk user + #- libapache2-mod-php + #- python-mysqldb # https://github.com/Yannik/ansible-role-freepbx/blob/master/tasks/freepbx.yml#L33 + #- libapache2-mpm-itk # To serve FreePBX through a VirtualHost as asterisk user state: latest # For PHP >= 8.0: phpX.Y-json is baked into PHP itself. diff --git a/roles/pbx/tasks/install.yml b/roles/pbx/tasks/install.yml index 36e0190fa..e6f3c234a 100644 --- a/roles/pbx/tasks/install.yml +++ b/roles/pbx/tasks/install.yml @@ -22,14 +22,14 @@ # when: nodejs_version != "12.x" -- name: "Set 'apache_install: True' and 'apache_enabled: True'" - set_fact: - apache_install: True - apache_enabled: True +# - name: "Set 'apache_install: True' and 'apache_enabled: True'" +# set_fact: +# apache_install: True +# apache_enabled: True -- name: APACHE - run 'httpd' role - include_role: - name: httpd +# - name: APACHE - run 'httpd' role +# include_role: +# name: httpd - name: Install Asterisk diff --git a/roles/pbx/templates/freepbx-nginx.conf.j2 b/roles/pbx/templates/freepbx-nginx.conf.j2 new file mode 100644 index 000000000..44ae755b9 --- /dev/null +++ b/roles/pbx/templates/freepbx-nginx.conf.j2 @@ -0,0 +1,31 @@ +location ~ ^/freepbx(|/.*)$ { # '~' -> '~*' for case-insensitive regex + + root /var/www/html; + # root {{ freepbx_install_dir }}; # /var/www/html/freepbx + # root {{ doc_root }}; # /library/www/html + + # location ~ ^/freepbx { + # root {{ doc_root }}; + # } + + location ~ ^/freepbx(.*)\.php(.*)$ { + alias {{ freepbx_install_dir }}$1.php$2; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_index index.php; + fastcgi_pass php; + + include fastcgi_params; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; + #fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; + fastcgi_param HTACCESS on; # disables FreePBX htaccess warning + } + + # disallows the things that the FreePBX .htaccess files disallow + location ~ /freepbx(/\.ht|/\.git|\.ini$|/libraries|/helpers|/i18n|/node|/views/.+php$) { + deny all; + } + + # from the api module .htaccess file + rewrite ^/freepbx/admin/api/([^/]*)/([^/]*)/?(.*)?$ /freepbx/admin/api/api.php?module=$1&command=$2&route=$3 last; +}