ben.carrasco/jambonz-infrastructure
1
0
Fork 0
mirror of https://github.com/jambonz/jambonz-infrastructure.git synced 2026-01-25 02:08:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Distro/rhel (#81)

Browse Source 
add support for RHEL 9 and 8
This commit is contained in:
Dave Horton
2023-10-30 13:55:34 -04:00
committed by GitHub
parent 96a0dda192
commit c1b2667bca
74 changed files with 3232 additions and 579 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
cloudformation/jambonz-mini.yaml
View File

@@ -95,7 +95,9 @@ Conditions:
Mappings:
AWSRegion2AMI:
us-east-1:
Ami: ami-03ad97025b54ac745
Ami: ami-0431217c9cbe73ea6
us-east-2:
Ami: ami-008d6e54f5b6f4947
Resources:
IamCloudwatchRole:
@@ -170,10 +172,26 @@ Resources:
- |
#!/bin/bash -xe
#install rtpengine kernel module
#echo "installing rtpengine kernel module"
#modprobe xt_RTPENGINE
#iptables -I INPUT -p udp -j RTPENGINE --id 42
# Detecting the Linux distribution
if grep -q 'ID="rhel"' /etc/os-release; then
USER=ec2-user
HOME=/home/ec2-user
NGINX_CONFIG=/etc/nginx/conf.d/default.conf
echo restarting mysql and postgresql
systemctl restart mysqld
systemctl restart postgresql-12
echo disabling firewalld
sudo systemctl stop firewalld
sudo systemctl disable firewalld
sudo systemctl restart rtpengine
else
USER=admin
HOME=/home/admin
NGINX_CONFIG=/etc/nginx/sites-available/default
fi
# get instance metadata
PRIVATE_IPV4="$(curl -s http://169.254.169.254/latest/meta-data/local-ipv4)"
@@ -182,37 +200,38 @@ Resources:
AWS_REGION_NAME="$(curl -s http://169.254.169.254/latest/meta-data/placement/region)"
# change the database password to a random id
NEW_DB_PASSWD="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
#NEW_DB_PASSWD="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
NEW_DB_PASSWD=$(< /dev/urandom tr -dc A-Z | head -c1; < /dev/urandom tr -dc a-z | head -c1; < /dev/urandom tr -dc 0-9 | head -c1; < /dev/urandom tr -dc _ | head -c1; < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8; echo;)
echo "alter user 'admin'@'%' identified by '$NEW_DB_PASSWD'" | mysql -h 127.0.0.1 -u admin -D jambones -pJambonzR0ck$
sudo sed -i -e "s/\(.*\)JAMBONES_MYSQL_PASSWORD.*/\1JAMBONES_MYSQL_PASSWORD: '$NEW_DB_PASSWD',/g" /home/admin/apps/ecosystem.config.js
sudo sed -i -e "s/\(.*\)JAMBONES_MYSQL_PASSWORD.*/\1JAMBONES_MYSQL_PASSWORD: '$NEW_DB_PASSWD',/g" $HOME/apps/ecosystem.config.js
# replace ip addresses in the ecosystem.config.js file
sudo sed -i -e "s/\(.*\)PRIVATE_IP\(.*\)/\1$PRIVATE_IPV4\2/g" /home/admin/apps/ecosystem.config.js
sudo sed -i -e "s/\(.*\)AWS_REGION_NAME\(.*\)/\1$AWS_REGION_NAME\2/g" /home/admin/apps/ecosystem.config.js
sudo sed -i -e "s/\(.*\)--JAMBONES_API_BASE_URL--\(.*\)/\1http:\/\/$PUBLIC_IPV4\/v1\2/g" /home/admin/apps/ecosystem.config.js
sudo sed -i -e "s/\(.*\)PRIVATE_IP\(.*\)/\1$PRIVATE_IPV4\2/g" $HOME/apps/ecosystem.config.js
sudo sed -i -e "s/\(.*\)AWS_REGION_NAME\(.*\)/\1$AWS_REGION_NAME\2/g" $HOME/apps/ecosystem.config.js
sudo sed -i -e "s/\(.*\)--JAMBONES_API_BASE_URL--\(.*\)/\1http:\/\/$PUBLIC_IPV4\/v1\2/g" $HOME/apps/ecosystem.config.js
# replace JWT_SECRET
uuid=$(uuidgen)
sudo sed -i -e "s/\(.*\)JWT-SECRET-GOES_HERE\(.*\)/\1$uuid\2/g" /home/admin/apps/ecosystem.config.js
sudo sed -i -e "s/\(.*\)JWT-SECRET-GOES_HERE\(.*\)/\1$uuid\2/g" $HOME/apps/ecosystem.config.js
# reset the database
JAMBONES_ADMIN_INITIAL_PASSWORD=$INSTANCE_ID JAMBONES_MYSQL_USER=admin JAMBONES_MYSQL_PASSWORD=$NEW_DB_PASSWD JAMBONES_MYSQL_DATABASE=jambones JAMBONES_MYSQL_HOST=127.0.0.1 /home/admin/apps/jambonz-api-server/db/reset_admin_password.js
JAMBONES_ADMIN_INITIAL_PASSWORD=$INSTANCE_ID JAMBONES_MYSQL_USER=admin JAMBONES_MYSQL_PASSWORD=$NEW_DB_PASSWD JAMBONES_MYSQL_DATABASE=jambones JAMBONES_MYSQL_HOST=127.0.0.1 $HOME/apps/jambonz-api-server/db/reset_admin_password.js
# configure webapp
if [[ -z "${URLPortal}" ]]; then
# portals will be accessed by IP address of server
echo "VITE_API_BASE_URL=http://$PUBLIC_IPV4/api/v1" > /home/admin/apps/jambonz-webapp/.env
echo "VITE_API_BASE_URL=http://$PUBLIC_IPV4/api/v1" > $HOME/apps/jambonz-webapp/.env
API_BASE_URL=http://$PUBLIC_IPV4/api/v1 TAG="<script>window.JAMBONZ = { API_BASE_URL: '$API_BASE_URL'};</script>"
sed -i -e "\@</head>@i\ $TAG" /home/admin/apps/jambonz-webapp/dist/index.html
sed -i -e "\@</head>@i\ $TAG" $HOME/apps/jambonz-webapp/dist/index.html
else
# portals will be accessed by DNS name
echo "VITE_API_BASE_URL=http://${URLPortal}/api/v1" > /home/admin/apps/jambonz-webapp/.env
echo "VITE_API_BASE_URL=http://${URLPortal}/api/v1" > $HOME/apps/jambonz-webapp/.env
API_BASE_URL=http://${URLPortal}/api/v1 TAG="<script>window.JAMBONZ = { API_BASE_URL: '$API_BASE_URL'};</script>"
sed -i -e "\@</head>@i\ $TAG" /home/admin/apps/jambonz-webapp/dist/index.html
sed -i -e "\@</head>@i\ $TAG" $HOME/apps/jambonz-webapp/dist/index.html
# add row to system information table
mysql -h 127.0.0.1 -u admin -D jambones -p$NEW_DB_PASSWD -e $'insert into system_information (domain_name, sip_domain_name, monitoring_domain_name) values ('\'''"${URLPortal}"''\'', '\''sip.'"${URLPortal}"''\'', '\''grafana.'"${URLPortal}"''\'')'
sudo cat << EOF > /etc/nginx/sites-available/default
sudo cat << EOF > $NGINX_CONFIG
server {
listen 80;
server_name ${URLPortal};
@@ -273,11 +292,11 @@ Resources:
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json
else
echo "Cloudwatch is not enabled for jambonz logs"
sudo sed -i -e "s/combine_logs: true/combine_logs: false/g" /home/admin/apps/ecosystem.config.js
sudo sed -i -e "s/combine_logs: true/combine_logs: false/g" $HOME/apps/ecosystem.config.js
fi
sudo -u admin bash -c "pm2 restart /home/admin/apps/ecosystem.config.js"
sudo -u admin bash -c "pm2 save"
sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemd -u admin --hp /home/admin
sudo -u $USER bash -c "pm2 restart $HOME/apps/ecosystem.config.js"
sudo -u $USER bash -c "pm2 save"
sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemd -u $USER --hp $HOME
sudo systemctl restart cassandra.service
echo "waiting 60 secs for cassandra to start.."

13
packer/jambonz-feature-server/aws/README.md
View File

@@ -4,12 +4,21 @@ A [packer](https://www.packer.io/) template to build an AMI for the jambonz feat
## Installing
To build an amd64 image:
To build a debian 11 AMI (preferred):
```
$ packer build -color=false template.json
```
To build an RHEL-9 AMI:
```
packer build -color=false -var "redhat_username=<my-rh-username>" -var "redhat_password=<my-rh-password>" template-rhel.json
```
To build an RHEL-8 AMI:
```
packer build -color=false-var "redhat_username=<my-rh-username>" -var "redhat_password=<my-rh-password>" \
-var "distro=rhel-8" -var "rhel_major_release_number=8" template-rhel.json```
To build an arm64 image:
```

25
packer/jambonz-feature-server/aws/files/drachtio-rhel-5070.service Normal file
View File

@@ -0,0 +1,25 @@
[Unit]
Description=drachtio
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStart=/usr/local/bin/drachtio --daemon -f /etc/drachtio-5070.conf.xml --contact sip:${LOCAL_IP}:5070;transport=udp,tcp --address 0.0.0.0 --port 9023
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

28
packer/jambonz-feature-server/aws/files/drachtio-rhel.service Normal file
View File

@@ -0,0 +1,28 @@
[Unit]
Description=drachtio
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStartPre=/bin/sh -c 'systemctl set-environment PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`'
ExecStart=/usr/local/bin/drachtio --daemon --contact sip:${LOCAL_IP};transport=udp --external-ip ${PUBLIC_IP} \
--contact sip:${LOCAL_IP};transport=tcp \
--address 0.0.0.0 --port 9022 --homer 127.0.0.1:9060 --homer-id 10
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

31
packer/jambonz-feature-server/aws/files/freeswitch-rhel.service Normal file
View File

@@ -0,0 +1,31 @@
[Unit]
Description=freeswitch
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
PIDFile=/usr/local/freeswitch/run/freeswitch.pid
EnvironmentFile=-/etc/default/freeswitch
Environment="MOD_AUDIO_FORK_SUBPROTOCOL_NAME=audio.jambonz.org"
Environment="MOD_AUDIO_FORK_SERVICE_THREADS=1"
Environment="MOD_AUDIO_FORK_BUFFER_SECS=3"
Environment="LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64"
Environment="GOOGLE_APPLICATION_CREDENTIALS=/home/admin/credentials/gcp.json"
ExecStart=/usr/local/freeswitch/bin/freeswitch -nc -nonat
TimeoutSec=45s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

22
packer/jambonz-feature-server/aws/scripts/cleanup.sh Normal file
View File

@@ -0,0 +1,22 @@
#! /bin/bash
DISTRO=$1
LEAVE_SOURCE=$2
set -e
set -x
echo "running cleanup.sh on $DISTRO, leaving source: $LEAVE_SOURCE"
if [[ "$DISTRO" == rhel* ]]; then
sudo dnf install -y iptables-services
sudo subscription-manager unregister
else
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
sudo apt-get -y install iptables-persistent
sudo rm /root/.ssh/authorized_keys
sudo rm ~/.ssh/authorized_keys
fi
sudo rm -Rf /tmp/*
if [ "$LEAVE_SOURCE" = 'no' ]; then sudo rm -Rf /usr/local/src/*; fi

56
packer/jambonz-feature-server/aws/scripts/install_app.sh
View File

@@ -1,24 +1,56 @@
#!/bin/bash
VERSION=$1
DISTRO=$1
VERSION=$2
RHEL_RELEASE=""
cd /home/admin
if [ "$DISTRO" == rhel* ]; then
RHEL_RELEASE="${DISTRO:5}"
HOME=/home/ec2-user
sed -i "s|/home/admin|${HOME}|g" /tmp/ecosystem.config.js
else
HOME=$HOME
cd $HOME
fi
ALIAS_LINE="alias gl='git log --oneline --decorate'"
echo "$ALIAS_LINE" >> ~/.bash_aliases
cd $HOME
mkdir -p apps
cp /tmp/ecosystem.config.js apps
cd apps
echo "building jambonz-feature-server.."
cd /home/admin/apps/jambonz-feature-server && npm ci --unsafe-perm
cd $HOME/apps/jambonz-feature-server && npm ci --unsafe-perm
echo "building fsw-clear-old-calls.."
cd /home/admin/apps/fsw-clear-old-calls && npm ci --unsafe-perm && sudo npm install -g .
sudo npm install -g pino-pretty pm2 pm2-logrotate gulp grunt
cd $HOME/apps/fsw-clear-old-calls && npm ci --unsafe-perm && sudo npm install -g .
echo "0 * * * * root fsw-clear-old-calls --password JambonzR0ck$ >> /var/log/fsw-clear-old-calls.log 2>&1" | sudo tee -a /etc/crontab
echo "0 1 * * * root find /tmp -name \"*.mp3\" -mtime +2 -exec rm {} \; > /dev/null 2>&1" | sudo tee -a /etc/crontab
echo "0 2 * * * root find /usr/local/freeswitch/storage/http_file_cache -mtime +7 -exec rm {} \; > /dev/null 2>&1" | sudo tee -a /etc/crontab
sudo -u admin bash -c "pm2 install pm2-logrotate"
sudo -u admin bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u admin bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u admin bash -c "pm2 set pm2-logrotate:compress true"
sudo npm install -g pino-pretty pm2 pm2-logrotate gulp grunt
sudo chown -R admin:admin /home/admin/apps
if [[ "$DISTRO" == rhel* ]]; then
sudo pm2 install pm2-logrotate
sudo pm2 set pm2-logrotate:max_size 1G
sudo pm2 set pm2-logrotate:retain 5
sudo pm2 set pm2-logrotate:compress true
sudo chown -R ec2-user:ec2-user $HOME/apps
sudo ln -s /var/lib/snapd/snap /snap
sudo systemctl enable snapd
sudo systemctl start snapd
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
else
sudo -u admin bash -c "pm2 install pm2-logrotate"
sudo -u admin bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u admin bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u admin bash -c "pm2 set pm2-logrotate:compress true"
sudo chown -R admin:admin $HOME/apps
sudo snap install core
sudo snap install --classic certbot
sudo rm /usr/bin/certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
fi

21
packer/jambonz-feature-server/aws/scripts/install_cloudwatch.sh
View File

@@ -1,13 +1,20 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
if [ "$2" == "yes" ]; then
#install cloudwatch
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb -O /home/admin/amazon-cloudwatch-agent.deb
sudo dpkg -i -E /home/admin/amazon-cloudwatch-agent.deb
sudo rm -rf /home/admin/amazon-cloudwatch-agent.deb
#install cloudwatch
if [[ "$DISTRO" == rhel* ]]; then
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/redhat/amd64/latest/amazon-cloudwatch-agent.rpm -O /tmp/amazon-cloudwatch-agent.rpm
sudo dnf install -y /tmp/amazon-cloudwatch-agent.rpm
sudo rm -rf /tmp/amazon-cloudwatch-agent.rpm
else
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb -O /home/admin/amazon-cloudwatch-agent.deb
sudo dpkg -i -E /home/admin/amazon-cloudwatch-agent.deb
sudo rm -rf /home/admin/amazon-cloudwatch-agent.deb
fi
# install config file for jambonz
sudo cp -r /tmp/cloudwatch-config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
# install config file for jambonz
sudo cp -r /tmp/cloudwatch-config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
fi

18
packer/jambonz-feature-server/aws/scripts/install_drachtio.sh
View File

@@ -1,18 +1,28 @@
#!/bin/bash
VERSION=$1
DISTRO=$1
VERSION=$2
echo "drachtio version to install is ${VERSION}"
echo "drachtio version to install is ${VERSION} on ${DISTRO}"
chmod 0777 /usr/local/src
cd /usr/local/src
git clone https://github.com/drachtio/drachtio-server.git -b ${VERSION}
cd drachtio-server
git submodule update --init --recursive
./autogen.sh && mkdir -p build && cd $_ && ../configure --enable-tcmalloc=yes CPPFLAGS='-DNDEBUG -g -O2' && make -j 4 && sudo make install
./autogen.sh && mkdir -p build && cd $_ && ../configure --enable-tcmalloc=yes CPPFLAGS='-DNDEBUG -g -O2' && make -j 8 && sudo make install
echo "installing drachtio for aws"
if [[ "$DISTRO" == rhel* ]]; then
sudo mv /tmp/drachtio-rhel.service /etc/systemd/system/drachtio.service
else
sudo mv /tmp/drachtio.service /etc/systemd/system
fi
sudo mv /tmp/drachtio.conf.xml /etc
sudo mv /tmp/drachtio.service /etc/systemd/system
sudo chmod 644 /etc/drachtio.conf.xml
sudo chmod 644 /etc/systemd/system/drachtio.service
sudo systemctl enable drachtio
sudo systemctl restart drachtio
sudo systemctl status drachtio.service

147
packer/jambonz-feature-server/aws/scripts/install_freeswitch.sh
View File

@@ -1,4 +1,7 @@
#!/bin/bash
DISTRO=$1
FREESWITCH_VERSION=v1.10.10
SPAN_DSP_VERSION=0d2e6ac
GRPC_VERSION=v1.57.0
@@ -8,34 +11,49 @@ AWS_SDK_VERSION=1.8.129
LWS_VERSION=v4.3.2
MODULES_VERSION=v0.8.5
if [ "$EUID" -ne 0 ]; then
echo "Switching to root user..."
bash "$0" --as-root
exit
fi
# Your script continues here, as root
echo "freeswitch version to install is ${FREESWITCH_VERSION}"
echo "drachtio modules version to install is ${MODULES_VERSION}"
echo "GRPC version to install is ${GRPC_VERSION}"
echo "GOOGLE_API_VERSION version to install is ${GOOGLE_API_VERSION}"
echo "AWS_SDK_VERSION version to install is ${AWS_SDK_VERSION}"
echo "LWS_VERSION version to install is ${LWS_VERSION}"
echo "DISTRO is ${DISTRO}"
export PATH=/usr/local/bin:$PATH
export LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64:$LD_LIBRARY_PATH
if [ -n "$PKG_CONFIG_PATH" ]; then
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH
else
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
fi
export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH
cd /tmp
tar xvfz SpeechSDK-Linux-1.32.1.tar.gz
cd SpeechSDK-Linux-1.32.1
sudo cp -r include /usr/local/include/MicrosoftSpeechSDK
sudo cp -r lib/ /usr/local/lib/MicrosoftSpeechSDK
cp -r include /usr/local/include/MicrosoftSpeechSDK
cp -r lib/ /usr/local/lib/MicrosoftSpeechSDK
if [ "$ARCH" == "arm64" ]; then
echo installing Microsoft arm64 libs...
sudo cp /usr/local/lib/MicrosoftSpeechSDK/arm64/libMicrosoft.*.so /usr/local/lib/
cp /usr/local/lib/MicrosoftSpeechSDK/arm64/libMicrosoft.*.so /usr/local/lib/
echo done
fi
if [ "$ARCH" == "amd64" ]; then
echo installing Microsoft x64 libs...
sudo cp /usr/local/lib/MicrosoftSpeechSDK/x64/libMicrosoft.*.so /usr/local/lib/
cp /usr/local/lib/MicrosoftSpeechSDK/x64/libMicrosoft.*.so /usr/local/lib/
echo done
fi
cd /usr/local/src
echo remove SpeechSDK-Linux-1.32.1
sudo rm -Rf /tmp/SpeechSDK-Linux-1.32.1.tgz /tmp/SpeechSDK-Linux-1.32.1
rm -Rf /tmp/SpeechSDK-Linux-1.32.1.tgz /tmp/SpeechSDK-Linux-1.32.1
echo done
echo config git
@@ -60,20 +78,20 @@ git clone https://github.com/googleapis/googleapis -b master
cd googleapis && git checkout ${GOOGLE_API_VERSION} && cd ..
git clone https://github.com/awslabs/aws-c-common.git
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_audio_fork /usr/local/src/freeswitch/src/mod/applications/mod_audio_fork
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_aws_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_aws_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_azure_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_azure_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_aws_lex /usr/local/src/freeswitch/src/mod/applications/mod_aws_lex
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_cobalt_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_cobalt_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_deepgram_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_deepgram_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_google_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_google_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_ibm_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_ibm_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_nuance_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_nuance_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_nvidia_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_nvidia_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_soniox_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_soniox_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_jambonz_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_jambonz_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_google_tts /usr/local/src/freeswitch/src/mod/applications/mod_google_tts
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_dialogflow /usr/local/src/freeswitch/src/mod/applications/mod_dialogflow
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_audio_fork /usr/local/src/freeswitch/src/mod/applications/mod_audio_fork
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_aws_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_aws_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_azure_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_azure_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_aws_lex /usr/local/src/freeswitch/src/mod/applications/mod_aws_lex
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_cobalt_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_cobalt_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_deepgram_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_deepgram_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_google_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_google_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_ibm_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_ibm_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_nuance_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_nuance_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_nvidia_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_nvidia_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_soniox_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_soniox_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_jambonz_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_jambonz_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_google_tts /usr/local/src/freeswitch/src/mod/applications/mod_google_tts
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_dialogflow /usr/local/src/freeswitch/src/mod/applications/mod_dialogflow
# copy Makefiles and patches into place
cp /tmp/configure.ac.extra /usr/local/src/freeswitch/configure.ac
@@ -101,49 +119,51 @@ patch < mod_httapi.c.patch
# build libwebsockets
echo building lws
cd /usr/local/src/libwebsockets
sudo mkdir -p build && cd build && sudo cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo && sudo make && sudo make install
mkdir -p build && cd build && cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo && make && make install
# build libfvad
cd /usr/local/src/freeswitch/libs/libfvad
# use our version of libfvad configure.ac - should only do this on debian 12
if [ "$DISTRO" == "debian-12" ]; then
echo "patching libfvad configure.ac to remove deprecated commands"
sudo cp /tmp/configure.ac.libfvad configure.ac
cp /tmp/configure.ac.libfvad configure.ac
fi
echo building libfvad
sudo autoreconf -i && sudo ./configure && sudo make -j 4 && sudo make install
autoreconf -i && ./configure && make -j 4 && make install
# build spandsp
echo building spandsp
cd /usr/local/src/freeswitch/libs/spandsp
./bootstrap.sh && ./configure && make -j 4 && sudo make install
./bootstrap.sh && ./configure && make -j 4 && make install
# build sofia
echo building sofia
cd /usr/local/src/freeswitch/libs/sofia-sip
./bootstrap.sh && ./configure && make -j 4 && sudo make install
./bootstrap.sh && ./configure && make -j 4 && make install
# build aws-c-common
echo building aws-c-common
cd /usr/local/src/freeswitch/libs/aws-c-common
mkdir -p build && cd build
cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter"
make -j 4 && sudo make install
make -j 4 && make install
# build aws-sdk-cpp
echo building aws-sdk-cpp
cd /usr/local/src/freeswitch/libs/aws-sdk-cpp
git submodule update --init --recursive
mkdir -p build && cd build
cmake .. -DBUILD_ONLY="lexv2-runtime;transcribestreaming" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter"
if [ "$DISTRO" == "debian-12" ]; then
echo "patching aws-sdk-cpp to fix debian 12 build"
sudo sed -i 's/uint8_t arr\[16\];/uint8_t arr\[16\] = {0};/g' /usr/local/src/freeswitch/libs/aws-sdk-cpp/build/.deps/build/src/AwsCCommon/tests/byte_buf_test.c
sudo sed -i 's/char filename_array\[64\];/char filename_array\[64\] = {0};/g' /usr/local/src/freeswitch/libs/aws-sdk-cpp/build/.deps/build/src/AwsCCommon/tests/logging/logging_test_utilities.c
cmake .. -DBUILD_ONLY="lexv2-runtime;transcribestreaming" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter"
cmake .. -DBUILD_ONLY="lexv2-runtime;transcribestreaming" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter -Wno-error=nonnull -Wno-error=deprecated-declarations -Wno-error=uninitialized -Wno-error=maybe-uninitialized"
if [ "$DISTRO" == "debian-12" ] ||[[ "$DISTRO" == rhel* ]] ; then
echo "patching aws-sdk-cpp to fix warnings treated as errors"
sed -i 's/uint8_t arr\[16\];/uint8_t arr\[16\] = {0};/g' /usr/local/src/freeswitch/libs/aws-sdk-cpp/build/.deps/build/src/AwsCCommon/tests/byte_buf_test.c
sed -i 's/char filename_array\[64\];/char filename_array\[64\] = {0};/g' /usr/local/src/freeswitch/libs/aws-sdk-cpp/build/.deps/build/src/AwsCCommon/tests/logging/logging_test_utilities.c
echo "re-running cmake after patching aws-sdk-cpp"
cmake .. -DBUILD_ONLY="lexv2-runtime;transcribestreaming" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter -Wno-error=nonnull -Wno-error=deprecated-declarations -Wno-error=uninitialized -Wno-error=maybe-uninitialized"
echo cmake completed
fi
sudo make -j 4 && sudo make install
sudo find /usr/local/src/freeswitch/libs/aws-sdk-cpp/ -type f -name "*.pc" | sudo xargs cp -t /usr/local/lib/pkgconfig/
make -j 4 && make install
find /usr/local/src/freeswitch/libs/aws-sdk-cpp/ -type f -name "*.pc" | xargs cp -t /usr/local/lib/pkgconfig/
# build grpc
echo building grpc
@@ -153,7 +173,7 @@ mkdir -p cmake/build
cd cmake/build
cmake -DBUILD_SHARED_LIBS=ON -DgRPC_SSL_PROVIDER=package -DBUILD_SHARED_LIBS=ON -DCMAKE_BUILD_TYPE=RelWithDebInfo ../..
make -j 4
sudo make install
make install
# build googleapis
echo building googleapis
@@ -161,7 +181,11 @@ cd /usr/local/src/freeswitch/libs/googleapis
echo "Ref: https://github.com/GoogleCloudPlatform/cpp-samples/issues/113"
sed -i 's/\$fields/fields/' google/maps/routes/v1/route_service.proto
sed -i 's/\$fields/fields/' google/maps/routes/v1alpha/route_service.proto
LANGUAGE=cpp make -j 4
if [ "$DISTRO" == "debian-12" ] || [ "$DISTRO" == rhel* ] ; then
LANGUAGE=cpp FLAGS+='--experimental_allow_proto3_optional' make -j 4
else
LANGUAGE=cpp make -j 4
fi
# build nuance protobufs
echo "building protobuf stubs for Nuance asr"
@@ -186,29 +210,34 @@ LANGUAGE=cpp make
# build freeswitch
echo "building freeswitch"
cd /usr/local/src/freeswitch
sudo ./bootstrap.sh -j
sudo ./configure --enable-tcmalloc=yes --with-lws=yes --with-extra=yes --with-aws=yes
sudo make -j 4
sudo make install
sudo make cd-sounds-install cd-moh-install
sudo cp /tmp/acl.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo cp /tmp/event_socket.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo cp /tmp/switch.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo cp /tmp/conference.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo rm -Rf /usr/local/freeswitch/conf/dialplan/*
sudo rm -Rf /usr/local/freeswitch/conf/sip_profiles/*
sudo cp /tmp/mrf_dialplan.xml /usr/local/freeswitch/conf/dialplan
sudo cp /tmp/mrf_sip_profile.xml /usr/local/freeswitch/conf/sip_profiles
sudo cp /usr/local/src/freeswitch/conf/vanilla/autoload_configs/modules.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo cp /tmp/freeswitch.service /etc/systemd/system
sudo chown root:root -R /usr/local/freeswitch
sudo chmod 644 /etc/systemd/system/freeswitch.service
sudo sed -i -e 's/global_codec_prefs=OPUS,G722,PCMU,PCMA,H264,VP8/global_codec_prefs=PCMU,PCMA,OPUS,G722/g' /usr/local/freeswitch/conf/vars.xml
sudo sed -i -e 's/outbound_codec_prefs=OPUS,G722,PCMU,PCMA,H264,VP8/outbound_codec_prefs=PCMU,PCMA,OPUS,G722/g' /usr/local/freeswitch/conf/vars.xml
sudo systemctl enable freeswitch
sudo cp /tmp/freeswitch_log_rotation /etc/cron.daily/freeswitch_log_rotation
sudo chown root:root /etc/cron.daily/freeswitch_log_rotation
sudo chmod a+x /etc/cron.daily/freeswitch_log_rotation
./bootstrap.sh -j
./configure --enable-tcmalloc=yes --with-lws=yes --with-extra=yes --with-aws=yes
make -j 8
make install
make cd-sounds-install cd-moh-install
cp /tmp/acl.conf.xml /usr/local/freeswitch/conf/autoload_configs
cp /tmp/event_socket.conf.xml /usr/local/freeswitch/conf/autoload_configs
cp /tmp/switch.conf.xml /usr/local/freeswitch/conf/autoload_configs
cp /tmp/conference.conf.xml /usr/local/freeswitch/conf/autoload_configs
rm -Rf /usr/local/freeswitch/conf/dialplan/*
rm -Rf /usr/local/freeswitch/conf/sip_profiles/*
cp /tmp/mrf_dialplan.xml /usr/local/freeswitch/conf/dialplan
cp /tmp/mrf_sip_profile.xml /usr/local/freeswitch/conf/sip_profiles
cp /usr/local/src/freeswitch/conf/vanilla/autoload_configs/modules.conf.xml /usr/local/freeswitch/conf/autoload_configs
if [[ "$DISTRO" == rhel* ]]; then
cp /tmp/freeswitch-rhel.service /etc/systemd/system/freeswitch.service
else
cp /tmp/freeswitch.service /etc/systemd/system
fi
chown root:root -R /usr/local/freeswitch
chmod 644 /etc/systemd/system/freeswitch.service
sed -i -e 's/global_codec_prefs=OPUS,G722,PCMU,PCMA,H264,VP8/global_codec_prefs=PCMU,PCMA,OPUS,G722/g' /usr/local/freeswitch/conf/vars.xml
sed -i -e 's/outbound_codec_prefs=OPUS,G722,PCMU,PCMA,H264,VP8/outbound_codec_prefs=PCMU,PCMA,OPUS,G722/g' /usr/local/freeswitch/conf/vars.xml
systemctl enable freeswitch
cp /tmp/freeswitch_log_rotation /etc/cron.daily/freeswitch_log_rotation
chown root:root /etc/cron.daily/freeswitch_log_rotation
chmod a+x /etc/cron.daily/freeswitch_log_rotation
echo "downloading soniox root verification certificate"
cd /usr/local/freeswitch/certs

28
packer/jambonz-feature-server/aws/scripts/install_nodejs.sh
View File

@@ -1,11 +1,25 @@
#!/bin/bash
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install nodejs -y
DISTRO=$1
if [[ "$DISTRO" == rhel* ]]; then
dnf install -y crypto-policies-scripts
sudo update-crypto-policies --set DEFAULT
sudo rpm --import https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
sudo dnf install -y https://rpm.nodesource.com/pub_18.x/nodistro/repo/nodesource-release-nodistro-1.noarch.rpm
sudo dnf install -y nodejs --setopt=nodesource-nodejs.module_hotfixes=1 --nogpgcheck
node -v
sudo dnf install -y npm --nogpgcheck
npm -v
else
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install -y nodejs npm
fi
sudo npm install -g npm@latest
node -v
npm -v

29
packer/jambonz-feature-server/aws/scripts/install_os_tuning.sh
View File

@@ -1,6 +1,8 @@
#!/bin/bash
DISTRO=$1
export PATH=/usr/local/bin:$PATH
sudo sed -i '/# End of file/i * hard nofile 65535' /etc/security/limits.conf
sudo sed -i '/# End of file/i * soft nofile 65535' /etc/security/limits.conf
sudo sed -i '/# End of file/i root hard nofile 65535' /etc/security/limits.conf
@@ -15,18 +17,39 @@ vm.dirty_expire_centisecs=200
vm.dirty_writeback_centisecs=100
EOT'
sudo cp /tmp/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
if [[ "$DISTRO" == rhel* ]] ; then
grep -q "* soft core unlimited" /etc/security/limits.conf
if [ $? -ne 0 ]; then
echo "* soft core unlimited" | sudo tee -a /etc/security/limits.conf > /dev/null
fi
grep -q "* hard core unlimited" /etc/security/limits.conf
if [ $? -ne 0 ]; then
echo "* hard core unlimited" | sudo tee -a /etc/security/limits.conf > /dev/null
fi
ulimit -c unlimited
else
sudo cp /tmp/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
fi
# disable ipv6
echo "net.ipv6.conf.all.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf > /dev/null
echo "net.ipv6.conf.default.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf > /dev/null
# install latest cmake
if [ "$DISTRO" == "debian-12" ]; then
if [ "$DISTRO" == "debian-12" ] || [[ "$DISTRO" == rhel* ]] ; then
echo disable RHEL firewall
sudo systemctl stop firewalld
sudo systemctl disable firewalld
echo build cmake 3.27, required by bcg729
cd /usr/local/src
wget https://github.com/Kitware/CMake/archive/refs/tags/v3.27.4.tar.gz
tar xvfz v3.27.4.tar.gz
cd CMake-3.27.4
./bootstrap && make -j 4 && sudo make install
echo "building cmake"
./bootstrap && make -j 8 && sudo make install
echo "cmake built and installed"
export PATH=/usr/local/bin:$PATH
cmake --version
fi

35
packer/jambonz-feature-server/aws/scripts/install_telegraf.sh
View File

@@ -1,17 +1,34 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
INFLUXDB_IP=$2
if [ "$2" == "yes" ]; then
cd /tmp
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo apt-get update
sudo apt-get install -y telegraf
if [[ "$DISTRO" == rhel* ]]; then
cat <<EOF | sudo tee /etc/yum.repos.d/influxdata.repo
[influxdata]
name = InfluxData Repository
baseurl = https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://repos.influxdata.com/influxdata-archive_compat.key
EOF
echo checking disk space
df -h
dnf clean packages
echo after cleaning packages
df -h
sudo dnf install -y telegraf
else
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo apt-get update
sudo apt-get install -y telegraf
fi
sudo cp /tmp/telegraf.conf /etc/telegraf/telegraf.conf

158
packer/jambonz-feature-server/aws/template-rhel-8.json Normal file
View File

@@ -0,0 +1,158 @@
{
"variables": {
"region": "us-east-1",
"ssh_username": "ec2-user",
"ami_description": "jambonz feature server",
"instance_type": "c6in.2xlarge",
"drachtio_version": "v0.8.24-rc1",
"jambonz_version": "v0.8.5-rc10",
"ami_base_image_arch": "amd64",
"ami_base_image_owner": "309956199498",
"install_telegraf": "yes",
"install_datadog": "no",
"datadog_key" : "",
"install_cloudwatch": "yes",
"mediaserver_name" : "jambonz",
"preferred_codec_list" : "PCMU,PCMA,OPUS,G722",
"distro": "rhel-8",
"redhat_username": "your-redhat_username-here",
"redhat_password": "your-redhat_password-here",
"leave_source": "no"
},
"builders": [{
"type": "amazon-ebs",
"region": "{{user `region`}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "RHEL-8.8*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["{{user `ami_base_image_owner`}}"],
"most_recent": true
},
"instance_type": "{{user `instance_type`}}",
"ssh_username": "{{user `ssh_username`}}",
"ami_name": "jambonz-feature-server-{{user `jambonz_version`}}-{{user `distro`}}-{{user `ami_base_image_arch`}}-{{isotime |clean_resource_name }}",
"ami_description": "{{user `ami_description`}}",
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_size": 60,
"volume_type": "gp3",
"delete_on_termination": true
}
],
"tags": {
"Name": "jambonz-feature-server"
},
"run_tags": {
"Name": "jambonz-feature-server-build"
}
}],
"provisioners": [
{
"type": "shell",
"inline": [
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
"export PATH=/usr/local/bin:$PATH",
"export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH",
"export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH",
"sudo setenforce 0",
"sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config",
"echo registering",
"sudo subscription-manager register --username={{user `redhat_username`}} --password={{user `redhat_password`}}",
"sudo dnf upgrade -y",
"sudo sed -i 's/manage_repos = 0/manage_repos = 1/' /etc/rhsm/rhsm.conf",
"cat /etc/rhsm/rhsm.conf",
"echo installing codeready repos",
"sudo subscription-manager repos --enable=codeready-builder-for-rhel-8-x86_64-rpms",
"echo installing epel repo",
"sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm",
"sudo dnf upgrade -y",
"echo running /usr/bin/crb",
"sudo /usr/bin/crb enable",
"echo installing rpmfusion repo",
"sudo dnf install -y https://download1.rpmfusion.org/free/el/rpmfusion-free-release-8.noarch.rpm",
"echo installing Development tools",
"sudo dnf groupinstall -y 'RPM Development Tools'",
"sudo dnf groupinstall -y 'Development Tools'",
"echo installing needed packages",
"sudo dnf install -y iptables-devel htop lsof redis pandoc wget yasm cmake ffmpeg ffmpeg-devel perl-ExtUtils-Embed perl-IPC-Cmd pcre-devel iptables-devel \\",
"google-perftools-devel libcurl-devel jq telnet libevent-devel xmlrpc-c-devel gperf libpcap-devel libmpg123-devel libshout-devel systemd-devel \\",
"glib2-devel json-glib-devel hiredis-devel mariadb-devel dnsutils speex speex-devel speexdsp-devel re2-devel libedit-devel opus-devel opusfile-devel \\",
"glib2-devel json-glib-devel hiredis-devel libtiff-devel libevent-devel xmlrpc-c-devel perl-IPC-Cmd mariadb-devel snapd \\",
"libjpeg-devel libsndfile-devel lua-devel sqlite-devel libuuid-devel lame-devel libyuv-devel protobuf-compiler",
"sudo dnf debuginfo-install -y binutils",
"sudo chmod a+w /usr/local/src",
"ssh-keyscan github.com >> ~/.ssh/known_hosts",
"mkdir ~/apps",
"cd ~/apps",
"git config --global advice.detachedHead false",
"git clone https://github.com/jambonz/jambonz-feature-server.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/fsw-clear-old-calls.git -b {{user `jambonz_version`}}",
"sudo find / -name authorized_keys | sudo xargs -0 -r rm -Rf"
]
},
{
"type": "file",
"source": "files/",
"destination": "/tmp"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_os_tuning.sh"
},
{
"type": "shell",
"environment_vars": [
"ARCH={{user `ami_base_image_arch`}}",
"MEDIA_SERVER_NAME={{user `mediaserver_name`}}",
"PREFERRED_CODEC_LIST={{user `preferred_codec_list`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_freeswitch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_cloudwatch`}}",
"script": "scripts/install_cloudwatch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nodejs.sh"
},
{
"type": "shell",
"environment_vars": [
"DD_KEY={{user `datadog_key`}}",
"DD_INSTALL={{user `install_datadog`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}'",
"script": "scripts/install_datadog.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_telegraf`}}",
"script": "scripts/install_telegraf.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `drachtio_version`}}",
"script": "scripts/install_drachtio.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `jambonz_version`}}",
"script": "scripts/install_app.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `leave_source`}}",
"script": "scripts/cleanup.sh"
}
]
}

158
packer/jambonz-feature-server/aws/template-rhel-9.json Normal file
View File

@@ -0,0 +1,158 @@
{
"variables": {
"region": "us-east-1",
"ssh_username": "ec2-user",
"ami_description": "jambonz feature server",
"instance_type": "c6in.2xlarge",
"drachtio_version": "v0.8.24-rc1",
"jambonz_version": "v0.8.5-rc10",
"ami_base_image_arch": "amd64",
"ami_base_image_owner": "309956199498",
"install_telegraf": "yes",
"install_datadog": "no",
"datadog_key" : "",
"install_cloudwatch": "yes",
"mediaserver_name" : "jambonz",
"preferred_codec_list" : "PCMU,PCMA,OPUS,G722",
"distro": "rhel-9",
"redhat_username": "your-redhat_username-here",
"redhat_password": "your-redhat_password-here",
"leave_source": "no"
},
"builders": [{
"type": "amazon-ebs",
"region": "{{user `region`}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "RHEL-9.2*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["{{user `ami_base_image_owner`}}"],
"most_recent": true
},
"instance_type": "{{user `instance_type`}}",
"ssh_username": "{{user `ssh_username`}}",
"ami_name": "jambonz-feature-server-{{user `jambonz_version`}}-{{user `distro`}}-{{user `ami_base_image_arch`}}-{{isotime |clean_resource_name }}",
"ami_description": "{{user `ami_description`}}",
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_size": 60,
"volume_type": "gp3",
"delete_on_termination": true
}
],
"tags": {
"Name": "jambonz-feature-server"
},
"run_tags": {
"Name": "jambonz-feature-server-build"
}
}],
"provisioners": [
{
"type": "shell",
"inline": [
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
"export PATH=/usr/local/bin:$PATH",
"export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH",
"export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH",
"sudo setenforce 0",
"sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config",
"echo registering",
"sudo subscription-manager register --username={{user `redhat_username`}} --password={{user `redhat_password`}}",
"sudo dnf upgrade -y",
"sudo sed -i 's/manage_repos = 0/manage_repos = 1/' /etc/rhsm/rhsm.conf",
"cat /etc/rhsm/rhsm.conf",
"echo installing codeready repos",
"sudo subscription-manager repos --enable=codeready-builder-for-rhel-9-x86_64-rpms",
"echo installing epel repo",
"sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm",
"sudo dnf upgrade -y",
"echo running /usr/bin/crb",
"sudo /usr/bin/crb enable",
"echo installing rpmfusion repo",
"sudo dnf install -y https://download1.rpmfusion.org/free/el/rpmfusion-free-release-9.noarch.rpm",
"echo installing Development tools",
"sudo dnf groupinstall -y 'RPM Development Tools'",
"sudo dnf groupinstall -y 'Development Tools'",
"echo installing needed packages",
"sudo dnf install -y iptables-devel htop lsof redis pandoc wget yasm cmake ffmpeg ffmpeg-devel perl-ExtUtils-Embed perl-IPC-Cmd pcre-devel iptables-devel \\",
"google-perftools-devel libcurl-devel jq telnet libevent-devel xmlrpc-c-devel gperf libpcap-devel libmpg123-devel libshout-devel systemd-devel \\",
"glib2-devel json-glib-devel hiredis-devel mariadb-devel dnsutils speex speex-devel speexdsp-devel re2-devel libedit-devel opus-devel opusfile-devel \\",
"glib2-devel json-glib-devel hiredis-devel libtiff-devel libevent-devel xmlrpc-c-devel perl-IPC-Cmd mariadb-devel snapd \\",
"libjpeg-devel libsndfile-devel lua-devel sqlite-devel libuuid-devel lame-devel libyuv-devel protobuf-compiler",
"sudo dnf debuginfo-install -y binutils",
"sudo chmod a+w /usr/local/src",
"ssh-keyscan github.com >> ~/.ssh/known_hosts",
"mkdir ~/apps",
"cd ~/apps",
"git config --global advice.detachedHead false",
"git clone https://github.com/jambonz/jambonz-feature-server.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/fsw-clear-old-calls.git -b {{user `jambonz_version`}}",
"sudo find / -name authorized_keys | sudo xargs -0 -r rm -Rf"
]
},
{
"type": "file",
"source": "files/",
"destination": "/tmp"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_os_tuning.sh"
},
{
"type": "shell",
"environment_vars": [
"ARCH={{user `ami_base_image_arch`}}",
"MEDIA_SERVER_NAME={{user `mediaserver_name`}}",
"PREFERRED_CODEC_LIST={{user `preferred_codec_list`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_freeswitch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_cloudwatch`}}",
"script": "scripts/install_cloudwatch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nodejs.sh"
},
{
"type": "shell",
"environment_vars": [
"DD_KEY={{user `datadog_key`}}",
"DD_INSTALL={{user `install_datadog`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}'",
"script": "scripts/install_datadog.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_telegraf`}}",
"script": "scripts/install_telegraf.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `drachtio_version`}}",
"script": "scripts/install_drachtio.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `jambonz_version`}}",
"script": "scripts/install_app.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `leave_source`}}",
"script": "scripts/cleanup.sh"
}
]
}

103
packer/jambonz-mini/aws/README.md
View File

@@ -4,99 +4,22 @@ A [packer](https://www.packer.io/) template to build an AMI containing everythin
## Installing
To build a debian 11 AMI (preferred):
```
$ packer build -color=false template.json
```
To build an RHEL-8 AMI:
```
packer build -color=false -var "redhat_username=<my-rh-username>" -var "redhat_password=<my-rh-password>" template-rhel-8.json
```
To build an RHEL-9 AMI:
```
packer build -color=false -var "redhat_username=<my-rh-username>" -var "redhat_password=<my-rh-password>" template-rhel-9.json
```
> Note: on RHEL-9 the kernel module for rtpengine (which passes media streams in the kernel rather than userspace) is not available. For that reason, you may prefer to deploy on RHEL-8 when deploying on RedHat Enterprise Linux.
### variables
There are many variables that can be specified on the `packer build` command line; however defaults (which are shown below) are appropriate for building an "all in one" jambonz server, so you generally should not need to specify values.
There are many variables that can be specified on the `packer build` command line; please check the templates to see the full list.
```
"region": "us-east-1"
```
The region to create the AMI in
```
"ami_description": "EC2 AMI jambonz mini"
```
AMI description.
```
"instance_type": "t2.medium"
```
EC2 Instance type to use when building the AMI.
```
"install_drachtio": "true"
```
whether to install drachtio
```
"install_nodejs": "false",
```
whether to install Node.js
```
"install_rtpengine": "true",
```
whether to install rtpengine
```
"install_freeswitch": "true",
```
whether to install freeswitch
```
"install_drachtio_fail2ban": "true",
```
whether to install fail2ban with drachtio filter
```
"install_redis": "true",
```
whether to install redis
```
"drachtio_version": "v0.8.3"
```
drachtio tag or branch to build
```
"nodejs_version": "v10.16.2",
```
Node.js version to install
```
"freeswitch_bind_cloud_ip": "true"
```
If freeswitch is enabled, and cloud_provider is not none then this variable dictates whether freeswitch should bind its sip and rtp ports to the cloud public address (versus the local ipv4 address).
```
"mod_audio_fork_subprotocol": "audio.jambonz.org"
```
websocket subprotocol name used by freeswitch module mod_audio_fork
```
"mod_audio_fork_service_threads": "3",
```
number of libwebsocket service threads used by freeswitch module mod_audio_fork
``
"mod_audio_fork_buffer_secs": "2",
```
max number of seconds of audio to buffer by freeswitch module mod_audio_fork
```
"freeswitch_build_with_grpc:: "true"
```
whether to build support for google speech and text-to-speech services
```
"remove_source": "true"
```
whether to remove source build directories, or leave them on the instance
```
"cloud_provider": "aws"
```
Cloud provider the AMI will be built on.

25
packer/jambonz-mini/aws/files/drachtio-rhel-5070.service Normal file
View File

@@ -0,0 +1,25 @@
[Unit]
Description=drachtio
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStart=/usr/local/bin/drachtio --daemon -f /etc/drachtio-5070.conf.xml --contact sip:${LOCAL_IP}:5070;transport=udp,tcp --address 0.0.0.0 --port 9023
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

28
packer/jambonz-mini/aws/files/drachtio-rhel.service Normal file
View File

@@ -0,0 +1,28 @@
[Unit]
Description=drachtio
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStartPre=/bin/sh -c 'systemctl set-environment PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`'
ExecStart=/usr/local/bin/drachtio --daemon --contact sip:${LOCAL_IP};transport=udp --external-ip ${PUBLIC_IP} \
--contact sip:${LOCAL_IP};transport=tcp \
--address 0.0.0.0 --port 9022 --homer 127.0.0.1:9060 --homer-id 10
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

31
packer/jambonz-mini/aws/files/freeswitch-rhel.service Normal file
View File

@@ -0,0 +1,31 @@
[Unit]
Description=freeswitch
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
PIDFile=/usr/local/freeswitch/run/freeswitch.pid
EnvironmentFile=-/etc/default/freeswitch
Environment="MOD_AUDIO_FORK_SUBPROTOCOL_NAME=audio.jambonz.org"
Environment="MOD_AUDIO_FORK_SERVICE_THREADS=1"
Environment="MOD_AUDIO_FORK_BUFFER_SECS=3"
Environment="LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64"
Environment="GOOGLE_APPLICATION_CREDENTIALS=/home/admin/credentials/gcp.json"
ExecStart=/usr/local/freeswitch/bin/freeswitch -nc -nonat
TimeoutSec=45s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

2
packer/jambonz-mini/aws/files/freeswitch.service
View File

@@ -11,7 +11,7 @@ EnvironmentFile=-/etc/default/freeswitch
Environment="MOD_AUDIO_FORK_SUBPROTOCOL_NAME=audio.jambonz.org"
Environment="MOD_AUDIO_FORK_SERVICE_THREADS=1"
Environment="MOD_AUDIO_FORK_BUFFER_SECS=3"
Environment="LD_LIBRARY_PATH=/usr/local/lib"
Environment="LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64"
Environment="GOOGLE_APPLICATION_CREDENTIALS=/home/admin/credentials/gcp.json"
ExecStart=/usr/local/freeswitch/bin/freeswitch -nc -nonat
TimeoutSec=45s

43
packer/jambonz-mini/aws/files/rtpengine-nomodule.service Normal file
View File

@@ -0,0 +1,43 @@
[Unit]
Description=rtpengine
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
Environment="LD_LIBRARY_PATH=/usr/local/lib/"
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStartPre=/bin/sh -c 'systemctl set-environment PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`'
ExecStart=/usr/local/bin/rtpengine \
--interface private/${LOCAL_IP} \
--interface public/${LOCAL_IP}!${PUBLIC_IP} \
--listen-ng=22222 \
--listen-http=8080 \
--listen-udp=12222 \
--dtmf-log-dest=127.0.0.1:22223 \
--listen-cli=127.0.0.1:9900 \
--pidfile /run/rtpengine.pid \
--port-min 40000 \
--port-max 60000 \
--recording-dir /tmp \
--recording-method pcap \
--recording-format eth \
--log-level 5 \
--delete-delay 0
PIDFile=/run/rtpengine.pid
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

25
packer/jambonz-mini/aws/files/rtpengine-recording-rhel8.service Normal file
View File

@@ -0,0 +1,25 @@
[Unit]
Description=rtpengine-recording
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
Environment="LD_LIBRARY_PATH=/usr/local/lib/"
ExecStart=/usr/local/bin/rtpengine-recording --config-file=/etc/rtpengine-recording.ini
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

44
packer/jambonz-mini/aws/files/rtpengine-rhel8.service Normal file
View File

@@ -0,0 +1,44 @@
[Unit]
Description=rtpengine
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
Environment="LD_LIBRARY_PATH=/usr/local/lib/"
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStartPre=/bin/sh -c 'systemctl set-environment PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`'
ExecStartPre=echo 'del 42' > /proc/rtpengine/control
ExecStart=/usr/local/bin/rtpengine \
--interface private/${LOCAL_IP} \
--interface public/${LOCAL_IP}!${PUBLIC_IP} \
--listen-ng=22222 \
--listen-http=8080 \
--listen-udp=12222 \
--dtmf-log-dest=127.0.0.1:22223 \
--listen-cli=127.0.0.1:9900 \
--table=42 \
--pidfile /run/rtpengine.pid \
--port-min 40000 \
--port-max 60000 \
--recording-dir /var/spool/recording \
--recording-method proc \
--log-level 5 \
--delete-delay 0
PIDFile=/run/rtpengine.pid
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

22
packer/jambonz-mini/aws/scripts/cleanup.sh Normal file
View File

@@ -0,0 +1,22 @@
#! /bin/bash
DISTRO=$1
LEAVE_SOURCE=$2
set -e
set -x
echo "running cleanup.sh on $DISTRO, leaving source: $LEAVE_SOURCE"
if [[ "$DISTRO" == rhel* ]]; then
sudo dnf install -y iptables-services
sudo subscription-manager unregister
else
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
sudo apt-get -y install iptables-persistent
sudo rm /root/.ssh/authorized_keys
sudo rm ~/.ssh/authorized_keys
fi
sudo rm -Rf /tmp/*
if [ "$LEAVE_SOURCE" = 'no' ]; then sudo rm -Rf /usr/local/src/*; fi

75
packer/jambonz-mini/aws/scripts/install_app.sh
View File

@@ -1,51 +1,72 @@
#!/bin/bash
VERSION=$1
DB_USER=$2
DB_PASS=$3
DISTRO=$1
VERSION=$2
DB_USER=$3
DB_PASS=$4
RHEL_RELEASE=""
if [[ "$DISTRO" == rhel* ]]; then
RHEL_RELEASE="${DISTRO:5}"
HOME=/home/ec2-user
sed -i "s|/home/admin|${HOME}|g" /tmp/ecosystem.config.js
else
HOME=/home/admin
fi
ALIAS_LINE="alias gl='git log --oneline --decorate'"
echo "$ALIAS_LINE" >> ~/.bash_aliases
cd /home/admin
cd $HOME
mkdir -p $HOME/apps
cp /tmp/ecosystem.config.js apps
echo "building jambonz-feature-server.."
cd /home/admin/apps/jambonz-feature-server && npm ci --unsafe-perm
cd $HOME/apps/jambonz-feature-server && npm ci --unsafe-perm
echo "building fsw-clear-old-calls.."
cd /home/admin/apps/fsw-clear-old-calls && npm ci --unsafe-perm && sudo npm install -g .
cd $HOME/apps/fsw-clear-old-calls && npm ci --unsafe-perm && sudo npm install -g .
echo "building jambonz-api-server.."
cd /home/admin/apps/jambonz-api-server && npm ci --unsafe-perm
cd $HOME/apps/jambonz-api-server && npm ci --unsafe-perm
echo "building jambonz-webapp.."
cd /home/admin/apps/jambonz-webapp && npm ci --unsafe-perm && npm run build
cd $HOME/apps/jambonz-webapp && npm ci --unsafe-perm && npm run build
echo "building sbc-sip-sidecar.."
cd /home/admin/apps/sbc-sip-sidecar && npm ci --unsafe-perm
cd $HOME/apps/sbc-sip-sidecar && npm ci --unsafe-perm
echo "building sbc-inbound.."
cd /home/admin/apps/sbc-inbound && npm ci --unsafe-perm
cd $HOME/apps/sbc-inbound && npm ci --unsafe-perm
echo "building sbc-outbound.."
cd /home/admin/apps/sbc-outbound && npm ci --unsafe-perm
cd $HOME/apps/sbc-outbound && npm ci --unsafe-perm
echo "building sbc-call-router.."
cd /home/admin/apps/sbc-call-router && npm ci --unsafe-perm
cd $HOME/apps/sbc-call-router && npm ci --unsafe-perm
echo "building jambonz-smpp-esme.."
cd /home/admin/apps/jambonz-smpp-esme && npm ci --unsafe-perm
cd $HOME/apps/jambonz-smpp-esme && npm ci --unsafe-perm
echo "building sbc-rtpengine-sidecar.."
cd /home/admin/apps/sbc-rtpengine-sidecar && npm ci --unsafe-perm
sudo npm install -g pino-pretty pm2 pm2-logrotate gulp grunt
sudo pm2 install pm2-logrotate
cd $HOME/apps/sbc-rtpengine-sidecar && npm ci --unsafe-perm
echo "0 * * * * root fsw-clear-old-calls --password JambonzR0ck$ >> /var/log/fsw-clear-old-calls.log 2>&1" | sudo tee -a /etc/crontab
echo "0 1 * * * root find /tmp -name \"*.mp3\" -mtime +2 -exec rm {} \; > /dev/null 2>&1" | sudo tee -a /etc/crontab
sudo -u admin bash -c "pm2 install pm2-logrotate"
sudo -u admin bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u admin bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u admin bash -c "pm2 set pm2-logrotate:compress true"
sudo npm install -g pino-pretty pm2 pm2-logrotate gulp grunt
sudo chown -R admin:admin /home/admin/apps
if [[ "$DISTRO" == rhel* ]]; then
sudo pm2 install pm2-logrotate
sudo pm2 set pm2-logrotate:max_size 1G
sudo pm2 set pm2-logrotate:retain 5
sudo pm2 set pm2-logrotate:compress true
sudo chown -R ec2-user:ec2-user $HOME/apps
sudo rm /home/admin/apps/jambonz-webapp/.env
sudo ln -s /var/lib/snapd/snap /snap
sudo systemctl enable snapd
sudo systemctl start snapd
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
else
sudo -u admin bash -c "pm2 install pm2-logrotate"
sudo -u admin bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u admin bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u admin bash -c "pm2 set pm2-logrotate:compress true"
sudo chown -R admin:admin $HOME/apps
sudo snap install core
sudo snap install --classic certbot
sudo rm /usr/bin/certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo snap install core
sudo snap install --classic certbot
sudo rm /usr/bin/certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
fi

21
packer/jambonz-mini/aws/scripts/install_cloudwatch.sh
View File

@@ -1,13 +1,20 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
if [ "$2" == "yes" ]; then
#install cloudwatch
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb -O /home/admin/amazon-cloudwatch-agent.deb
sudo dpkg -i -E /home/admin/amazon-cloudwatch-agent.deb
sudo rm -rf /home/admin/amazon-cloudwatch-agent.deb
#install cloudwatch
if [[ "$DISTRO" == rhel* ]]; then
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/redhat/amd64/latest/amazon-cloudwatch-agent.rpm -O /tmp/amazon-cloudwatch-agent.rpm
sudo dnf install -y /tmp/amazon-cloudwatch-agent.rpm
sudo rm -rf /tmp/amazon-cloudwatch-agent.rpm
else
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb -O /home/admin/amazon-cloudwatch-agent.deb
sudo dpkg -i -E /home/admin/amazon-cloudwatch-agent.deb
sudo rm -rf /home/admin/amazon-cloudwatch-agent.deb
fi
# install config file for jambonz
sudo cp -r /tmp/cloudwatch-config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
# install config file for jambonz
sudo cp -r /tmp/cloudwatch-config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
fi

18
packer/jambonz-mini/aws/scripts/install_drachtio.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
VERSION=$1
DISTRO=$2
DISTRO=$1
VERSION=$2
echo "drachtio version to install is ${VERSION} on ${DISTRO}"
@@ -10,11 +10,17 @@ cd /usr/local/src
git clone https://github.com/drachtio/drachtio-server.git -b ${VERSION}
cd drachtio-server
git submodule update --init --recursive
./autogen.sh && mkdir -p build && cd $_ && ../configure --enable-tcmalloc=yes CPPFLAGS='-DNDEBUG -g -O2' && make -j 4 && sudo make install
./autogen.sh && mkdir -p build && cd $_ && ../configure --enable-tcmalloc=yes CPPFLAGS='-DNDEBUG -g -O2' && make -j 8 && sudo make install
echo "installing drachtio for aws"
sudo mv /tmp/drachtio.service /etc/systemd/system
sudo mv /tmp/drachtio-5070.service /etc/systemd/system
if [[ "$DISTRO" == rhel* ]]; then
sudo mv /tmp/drachtio-rhel.service /etc/systemd/system/drachtio.service
sudo mv /tmp/drachtio-rhel-5070.service /etc/systemd/system/drachtio-5070.service
else
sudo mv /tmp/drachtio.service /etc/systemd/system
sudo mv /tmp/drachtio-5070.service /etc/systemd/system
fi
sudo mv /tmp/drachtio.conf.xml /etc
sudo chmod 644 /etc/drachtio.conf.xml
@@ -27,4 +33,4 @@ sudo mv /tmp/drachtio-5070.conf.xml /etc
sudo chmod 644 /etc/drachtio-5070.conf.xml
sudo chmod 644 /etc/systemd/system/drachtio-5070.service
sudo systemctl enable drachtio-5070
sudo systemctl restart drachtio-5070
sudo systemctl restart drachtio-5070

1
packer/jambonz-mini/aws/scripts/install_fail2ban.sh
View File

@@ -1,4 +1,5 @@
#!/bin/bash
DISTRO=$1
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

149
packer/jambonz-mini/aws/scripts/install_freeswitch.sh
View File

@@ -1,4 +1,7 @@
#!/bin/bash
DISTRO=$1
FREESWITCH_VERSION=v1.10.10
SPAN_DSP_VERSION=0d2e6ac
GRPC_VERSION=v1.57.0
@@ -8,34 +11,49 @@ AWS_SDK_VERSION=1.8.129
LWS_VERSION=v4.3.2
MODULES_VERSION=v0.8.4
if [ "$EUID" -ne 0 ]; then
echo "Switching to root user..."
bash "$0" --as-root
exit
fi
# Your script continues here, as root
echo "freeswitch version to install is ${FREESWITCH_VERSION}"
echo "drachtio modules version to install is ${MODULES_VERSION}"
echo "GRPC version to install is ${GRPC_VERSION}"
echo "GOOGLE_API_VERSION version to install is ${GOOGLE_API_VERSION}"
echo "AWS_SDK_VERSION version to install is ${AWS_SDK_VERSION}"
echo "LWS_VERSION version to install is ${LWS_VERSION}"
echo "DISTRO is ${DISTRO}"
export PATH=/usr/local/bin:$PATH
export LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64:$LD_LIBRARY_PATH
if [ -n "$PKG_CONFIG_PATH" ]; then
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH
else
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
fi
export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH
cd /tmp
tar xvfz SpeechSDK-Linux-1.32.1.tar.gz
cd SpeechSDK-Linux-1.32.1
sudo cp -r include /usr/local/include/MicrosoftSpeechSDK
sudo cp -r lib/ /usr/local/lib/MicrosoftSpeechSDK
cp -r include /usr/local/include/MicrosoftSpeechSDK
cp -r lib/ /usr/local/lib/MicrosoftSpeechSDK
if [ "$ARCH" == "arm64" ]; then
echo installing Microsoft arm64 libs...
sudo cp /usr/local/lib/MicrosoftSpeechSDK/arm64/libMicrosoft.*.so /usr/local/lib/
cp /usr/local/lib/MicrosoftSpeechSDK/arm64/libMicrosoft.*.so /usr/local/lib/
echo done
fi
if [ "$ARCH" == "amd64" ]; then
echo installing Microsoft x64 libs...
sudo cp /usr/local/lib/MicrosoftSpeechSDK/x64/libMicrosoft.*.so /usr/local/lib/
cp /usr/local/lib/MicrosoftSpeechSDK/x64/libMicrosoft.*.so /usr/local/lib/
echo done
fi
cd /usr/local/src
echo remove SpeechSDK-Linux-1.32.1
sudo rm -Rf /tmp/SpeechSDK-Linux-1.32.1.tgz /tmp/SpeechSDK-Linux-1.32.1
rm -Rf /tmp/SpeechSDK-Linux-1.32.1.tgz /tmp/SpeechSDK-Linux-1.32.1
echo done
echo config git
@@ -60,21 +78,21 @@ git clone https://github.com/googleapis/googleapis -b master
cd googleapis && git checkout ${GOOGLE_API_VERSION} && cd ..
git clone https://github.com/awslabs/aws-c-common.git
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_audio_fork /usr/local/src/freeswitch/src/mod/applications/mod_audio_fork
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_aws_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_aws_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_azure_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_azure_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_aws_lex /usr/local/src/freeswitch/src/mod/applications/mod_aws_lex
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_cobalt_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_cobalt_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_deepgram_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_deepgram_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_google_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_google_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_ibm_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_ibm_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_nuance_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_nuance_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_nvidia_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_nvidia_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_soniox_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_soniox_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_jambonz_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_jambonz_transcribe
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_google_tts /usr/local/src/freeswitch/src/mod/applications/mod_google_tts
sudo cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_dialogflow /usr/local/src/freeswitch/src/mod/applications/mod_dialogflow
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_audio_fork /usr/local/src/freeswitch/src/mod/applications/mod_audio_fork
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_aws_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_aws_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_azure_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_azure_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_aws_lex /usr/local/src/freeswitch/src/mod/applications/mod_aws_lex
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_cobalt_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_cobalt_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_deepgram_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_deepgram_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_google_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_google_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_ibm_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_ibm_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_nuance_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_nuance_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_nvidia_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_nvidia_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_soniox_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_soniox_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_jambonz_transcribe /usr/local/src/freeswitch/src/mod/applications/mod_jambonz_transcribe
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_google_tts /usr/local/src/freeswitch/src/mod/applications/mod_google_tts
cp -r /usr/local/src/drachtio-freeswitch-modules/modules/mod_dialogflow /usr/local/src/freeswitch/src/mod/applications/mod_dialogflow
# copy Makefiles and patches into place
cp /tmp/configure.ac.extra /usr/local/src/freeswitch/configure.ac
cp /tmp/Makefile.am.extra /usr/local/src/freeswitch/Makefile.am
@@ -101,49 +119,51 @@ patch < mod_httapi.c.patch
# build libwebsockets
echo building lws
cd /usr/local/src/libwebsockets
sudo mkdir -p build && cd build && sudo cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo && sudo make && sudo make install
mkdir -p build && cd build && cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo && make && make install
# build libfvad
cd /usr/local/src/freeswitch/libs/libfvad
# use our version of libfvad configure.ac - should only do this on debian 12
if [ "$DISTRO" == "debian-12" ]; then
echo "patching libfvad configure.ac to remove deprecated commands"
sudo cp /tmp/configure.ac.libfvad configure.ac
cp /tmp/configure.ac.libfvad configure.ac
fi
echo building libfvad
sudo autoreconf -i && sudo ./configure && sudo make -j 4 && sudo make install
autoreconf -i && ./configure && make -j 4 && make install
# build spandsp
echo building spandsp
cd /usr/local/src/freeswitch/libs/spandsp
./bootstrap.sh && ./configure && make -j 4 && sudo make install
./bootstrap.sh && ./configure && make -j 4 && make install
# build sofia
echo building sofia
cd /usr/local/src/freeswitch/libs/sofia-sip
./bootstrap.sh && ./configure && make -j 4 && sudo make install
./bootstrap.sh && ./configure && make -j 4 && make install
# build aws-c-common
echo building aws-c-common
cd /usr/local/src/freeswitch/libs/aws-c-common
mkdir -p build && cd build
cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter"
make -j 4 && sudo make install
make -j 4 && make install
# build aws-sdk-cpp
echo building aws-sdk-cpp
cd /usr/local/src/freeswitch/libs/aws-sdk-cpp
git submodule update --init --recursive
mkdir -p build && cd build
cmake .. -DBUILD_ONLY="lexv2-runtime;transcribestreaming" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter"
if [ "$DISTRO" == "debian-12" ]; then
echo "patching aws-sdk-cpp to fix debian 12 build"
sudo sed -i 's/uint8_t arr\[16\];/uint8_t arr\[16\] = {0};/g' /usr/local/src/freeswitch/libs/aws-sdk-cpp/build/.deps/build/src/AwsCCommon/tests/byte_buf_test.c
sudo sed -i 's/char filename_array\[64\];/char filename_array\[64\] = {0};/g' /usr/local/src/freeswitch/libs/aws-sdk-cpp/build/.deps/build/src/AwsCCommon/tests/logging/logging_test_utilities.c
cmake .. -DBUILD_ONLY="lexv2-runtime;transcribestreaming" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter"
cmake .. -DBUILD_ONLY="lexv2-runtime;transcribestreaming" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter -Wno-error=nonnull -Wno-error=deprecated-declarations -Wno-error=uninitialized -Wno-error=maybe-uninitialized"
if [ "$DISTRO" == "debian-12" ] ||[[ "$DISTRO" == rhel* ]] ; then
echo "patching aws-sdk-cpp to fix warnings treated as errors"
sed -i 's/uint8_t arr\[16\];/uint8_t arr\[16\] = {0};/g' /usr/local/src/freeswitch/libs/aws-sdk-cpp/build/.deps/build/src/AwsCCommon/tests/byte_buf_test.c
sed -i 's/char filename_array\[64\];/char filename_array\[64\] = {0};/g' /usr/local/src/freeswitch/libs/aws-sdk-cpp/build/.deps/build/src/AwsCCommon/tests/logging/logging_test_utilities.c
echo "re-running cmake after patching aws-sdk-cpp"
cmake .. -DBUILD_ONLY="lexv2-runtime;transcribestreaming" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DCMAKE_CXX_FLAGS="-Wno-unused-parameter -Wno-error=nonnull -Wno-error=deprecated-declarations -Wno-error=uninitialized -Wno-error=maybe-uninitialized"
echo cmake completed
fi
sudo make -j 4 && sudo make install
sudo find /usr/local/src/freeswitch/libs/aws-sdk-cpp/ -type f -name "*.pc" | sudo xargs cp -t /usr/local/lib/pkgconfig/
make -j 4 && make install
find /usr/local/src/freeswitch/libs/aws-sdk-cpp/ -type f -name "*.pc" | xargs cp -t /usr/local/lib/pkgconfig/
# build grpc
echo building grpc
@@ -153,7 +173,7 @@ mkdir -p cmake/build
cd cmake/build
cmake -DBUILD_SHARED_LIBS=ON -DgRPC_SSL_PROVIDER=package -DBUILD_SHARED_LIBS=ON -DCMAKE_BUILD_TYPE=RelWithDebInfo ../..
make -j 4
sudo make install
make install
# build googleapis
echo building googleapis
@@ -161,7 +181,11 @@ cd /usr/local/src/freeswitch/libs/googleapis
echo "Ref: https://github.com/GoogleCloudPlatform/cpp-samples/issues/113"
sed -i 's/\$fields/fields/' google/maps/routes/v1/route_service.proto
sed -i 's/\$fields/fields/' google/maps/routes/v1alpha/route_service.proto
LANGUAGE=cpp make -j 4
if [ "$DISTRO" == "debian-12" ] || [ "$DISTRO" == rhel* ] ; then
LANGUAGE=cpp FLAGS+='--experimental_allow_proto3_optional' make -j 4
else
LANGUAGE=cpp make -j 4
fi
# build nuance protobufs
echo "building protobuf stubs for Nuance asr"
@@ -186,29 +210,34 @@ LANGUAGE=cpp make
# build freeswitch
echo "building freeswitch"
cd /usr/local/src/freeswitch
sudo ./bootstrap.sh -j
sudo ./configure --enable-tcmalloc=yes --with-lws=yes --with-extra=yes --with-aws=yes
sudo make -j 4
sudo make install
sudo make cd-sounds-install cd-moh-install
sudo cp /tmp/acl.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo cp /tmp/event_socket.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo cp /tmp/switch.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo cp /tmp/conference.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo rm -Rf /usr/local/freeswitch/conf/dialplan/*
sudo rm -Rf /usr/local/freeswitch/conf/sip_profiles/*
sudo cp /tmp/mrf_dialplan.xml /usr/local/freeswitch/conf/dialplan
sudo cp /tmp/mrf_sip_profile.xml /usr/local/freeswitch/conf/sip_profiles
sudo cp /usr/local/src/freeswitch/conf/vanilla/autoload_configs/modules.conf.xml /usr/local/freeswitch/conf/autoload_configs
sudo cp /tmp/freeswitch.service /etc/systemd/system
sudo chown root:root -R /usr/local/freeswitch
sudo chmod 644 /etc/systemd/system/freeswitch.service
sudo sed -i -e 's/global_codec_prefs=OPUS,G722,PCMU,PCMA,H264,VP8/global_codec_prefs=PCMU,PCMA,OPUS,G722/g' /usr/local/freeswitch/conf/vars.xml
sudo sed -i -e 's/outbound_codec_prefs=OPUS,G722,PCMU,PCMA,H264,VP8/outbound_codec_prefs=PCMU,PCMA,OPUS,G722/g' /usr/local/freeswitch/conf/vars.xml
sudo systemctl enable freeswitch
sudo cp /tmp/freeswitch_log_rotation /etc/cron.daily/freeswitch_log_rotation
sudo chown root:root /etc/cron.daily/freeswitch_log_rotation
sudo chmod a+x /etc/cron.daily/freeswitch_log_rotation
./bootstrap.sh -j
./configure --enable-tcmalloc=yes --with-lws=yes --with-extra=yes --with-aws=yes
make -j 8
make install
make cd-sounds-install cd-moh-install
cp /tmp/acl.conf.xml /usr/local/freeswitch/conf/autoload_configs
cp /tmp/event_socket.conf.xml /usr/local/freeswitch/conf/autoload_configs
cp /tmp/switch.conf.xml /usr/local/freeswitch/conf/autoload_configs
cp /tmp/conference.conf.xml /usr/local/freeswitch/conf/autoload_configs
rm -Rf /usr/local/freeswitch/conf/dialplan/*
rm -Rf /usr/local/freeswitch/conf/sip_profiles/*
cp /tmp/mrf_dialplan.xml /usr/local/freeswitch/conf/dialplan
cp /tmp/mrf_sip_profile.xml /usr/local/freeswitch/conf/sip_profiles
cp /usr/local/src/freeswitch/conf/vanilla/autoload_configs/modules.conf.xml /usr/local/freeswitch/conf/autoload_configs
if [[ "$DISTRO" == rhel* ]]; then
cp /tmp/freeswitch-rhel.service /etc/systemd/system/freeswitch.service
else
cp /tmp/freeswitch.service /etc/systemd/system
fi
chown root:root -R /usr/local/freeswitch
chmod 644 /etc/systemd/system/freeswitch.service
sed -i -e 's/global_codec_prefs=OPUS,G722,PCMU,PCMA,H264,VP8/global_codec_prefs=PCMU,PCMA,OPUS,G722/g' /usr/local/freeswitch/conf/vars.xml
sed -i -e 's/outbound_codec_prefs=OPUS,G722,PCMU,PCMA,H264,VP8/outbound_codec_prefs=PCMU,PCMA,OPUS,G722/g' /usr/local/freeswitch/conf/vars.xml
systemctl enable freeswitch
cp /tmp/freeswitch_log_rotation /etc/cron.daily/freeswitch_log_rotation
chown root:root /etc/cron.daily/freeswitch_log_rotation
chmod a+x /etc/cron.daily/freeswitch_log_rotation
echo "downloading soniox root verification certificate"
cd /usr/local/freeswitch/certs

27
packer/jambonz-mini/aws/scripts/install_grafana.sh
View File

@@ -1,10 +1,27 @@
#!/bin/bash
if [ "$1" = "yes" ]; then
DISTRO=$1
curl -sL https://packages.grafana.com/gpg.key | sudo apt-key add -
echo "deb https://packages.grafana.com/oss/deb stable main" | sudo tee /etc/apt/sources.list.d/grafana.list
sudo apt-get update
sudo apt-get install -y grafana
if [ "$2" = "yes" ]; then
if [[ "$DISTRO" == rhel* ]] ; then
sudo tee /etc/yum.repos.d/grafana.repo <<EOF
[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF
sudo dnf install -y grafana
else
curl -sL https://packages.grafana.com/gpg.key | sudo apt-key add -
echo "deb https://packages.grafana.com/oss/deb stable main" | sudo tee /etc/apt/sources.list.d/grafana.list
sudo apt-get update
sudo apt-get install -y grafana
fi
# move to port 3010
sudo sed -i -e "s/;http_port = 3000/http_port = 3010/g" /etc/grafana/grafana.ini

42
packer/jambonz-mini/aws/scripts/install_homer.sh
View File

@@ -1,24 +1,42 @@
#!/bin/bash
if [ "$1" == "yes" ]; then
DISTRO=$1
if [ "$2" == "yes" ]; then
DB_USER=$2
DB_PASS=$3
DB_USER=$3
DB_PASS=$4
curl -s https://packagecloud.io/install/repositories/qxip/sipcapture/script.deb.sh | sudo bash
echo "installing homer on $DISTRO with user $DB_USER and pass $DB_PASS"
if [[ "$DISTRO" == rhel* ]] ; then
echo installing homer on rhel
curl -s https://packagecloud.io/install/repositories/qxip/sipcapture/script.rpm.sh | sudo bash
sudo dnf install -y homer-app
# DH: TMP hack until homer releases debs for bookworm
sudo sed -i 's/bookworm/bullseye/g' /etc/apt/sources.list.d/qxip_sipcapture.list
sudo apt-get update
curl -s https://packagecloud.io/install/repositories/qxip/sipcapture/script.rpm.sh | sudo os=rpm_any dist=rpm_any bash
sudo dnf install -y heplify-server
sudo dnf clean packages
# now install homer
sudo apt-get install -y homer-app heplify-server
sudo systemctl restart postgresql-12
sudo systemctl status postgresql-12
else
curl -s https://packagecloud.io/install/repositories/qxip/sipcapture/script.deb.sh | sudo bash
# DH: TMP hack until homer releases debs for bookworm
sudo sed -i 's/bookworm/bullseye/g' /etc/apt/sources.list.d/qxip_sipcapture.list
sudo apt-get update
# now install homer
sudo apt-get install -y homer-app heplify-server
sudo cp /usr/local/homer/etc/webapp_config.json.example /usr/local/homer/etc/webapp_config.json
fi
sudo cp /usr/local/homer/etc/webapp_config.json.example /usr/local/homer/etc/webapp_config.json
sudo sed -i -e "s/homer_user/$DB_USER/g" /usr/local/homer/etc/webapp_config.json
sudo sed -i -e "s/homer_password/$DB_PASS/g" /usr/local/homer/etc/webapp_config.json
sudo sed -i -e "s/localhost/127.0.0.1/g" /usr/local/homer/etc/webapp_config.json
sudo homer-app -create-table-db-config
sudo homer-app -populate-table-db-config
echo "populating homer database - users etc"
sudo /usr/local/bin/homer-app -create-table-db-config
sudo /usr/local/bin/homer-app -populate-table-db-config
sudo sed -i -e "s/DBUser\s*=\s*\"postgres\"/DBUser = \"$DB_USER\"/g" /etc/heplify-server.toml
sudo sed -i -e "s/DBPass\s*=\s*\"\"/DBPass = \"$DB_PASS\"/g" /etc/heplify-server.toml
sudo sed -i -e "s/PromAddr\s*=\s*\".*\"/PromAddr = \"0.0.0.0:9098\"/g" /etc/heplify-server.toml

28
packer/jambonz-mini/aws/scripts/install_influxdb.sh
View File

@@ -1,17 +1,29 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
if [ "$2" == "yes" ]; then
sudo apt-get install -y apt-transport-https
curl -sL https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
sudo apt-get update
sudo apt-get install -y influxdb
sudo chmod a+x /usr/lib/influxdb/scripts/influxd-systemd-start.sh
if [[ "$DISTRO" == rhel* ]] ; then
cat <<EOF | sudo tee /etc/yum.repos.d/influxdb.repo
[influxdb]
name = InfluxDB Repository
baseurl = https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://repos.influxdata.com/influxdata-archive_compat.key
EOF
sudo dnf install -y influxdb
else
sudo apt-get install -y apt-transport-https
curl -sL https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/debian buster stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
sudo apt-get update
sudo apt-get install -y influxdb
sudo chmod a+x /usr/lib/influxdb/scripts/influxd-systemd-start.sh
fi
sudo systemctl enable influxdb
sudo systemctl start influxdb
sudo systemctl status influxdb.service
sudo journalctl -xe
fi

31
packer/jambonz-mini/aws/scripts/install_jaeger.sh
View File

@@ -1,6 +1,7 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
if [ "$2" == "yes" ]; then
cd /tmp
@@ -16,10 +17,11 @@ sudo chmod 644 /etc/systemd/system/jaeger-collector.service
sudo cp jaeger-query.service /etc/systemd/system
sudo chmod 644 /etc/systemd/system/jaeger-query.service
sudo systemctl daemon-reload
echo "installing cassandra on $2"
if [ "$2" == "debian-12" ]; then
if [ "$DISTRO" == "debian-12" ]; then
# if debian 12 we need to downgrade java JDK to 11
echo "downgrading Java JSDK to 11 because cassandra requires it"
@@ -32,6 +34,8 @@ if [ "$2" == "debian-12" ]; then
echo "export JAVA_HOME=/opt/jdk-11.0.9+11" >> ~/.bashrc
echo "export PATH=$PATH:$JAVA_HOME/bin" >> ~/.bashrc
source ~/.bashrc
elif [[ "$DISTRO" == rhel* ]]; then
sudo dnf install -y java-11-openjdk-devel
else
sudo apt-get install -y default-jdk
fi
@@ -41,15 +45,23 @@ java -version
tar xvfz apache-cassandra-4.1.3-bin.tar.gz
sudo mv apache-cassandra-4.1.3 /usr/local/cassandra
sudo cp cassandra.yaml /usr/local/cassandra/conf
sudo chown -R admin:admin /usr/local/cassandra/
chown -R admin:admin /usr/local/cassandra/
echo 'export PATH=$PATH:/usr/local/cassandra/bin' | sudo tee -a /home/admin/.bashrc
if [[ "$DISTRO" == rhel* ]] ; then
chown -R ec2-user:ec2-user /usr/local/cassandra/
echo 'export PATH=$PATH:/usr/local/cassandra/bin' | sudo tee -a /home/ec2-user/.bashrc
sed -i 's/\badmin\b/ec2-user/g' cassandra.service
else
sudo chown -R admin:admin /usr/local/cassandra/
chown -R admin:admin /usr/local/cassandra/
echo 'export PATH=$PATH:/usr/local/cassandra/bin' | sudo tee -a /home/admin/.bashrc
fi
echo 'export PATH=$PATH:/usr/local/cassandra/bin' | sudo tee -a /etc/profile
export PATH=$PATH:/usr/local/cassandra/bin
sudo cp cassandra.service /etc/systemd/system
sudo chmod 644 /etc/systemd/system/cassandra.service
sudo systemctl daemon-reload
sudo systemctl enable cassandra
sudo systemctl start cassandra
@@ -75,7 +87,12 @@ git clone https://github.com/jaegertracing/jaeger.git
cd jaeger/plugin/storage/cassandra/schema
MODE=prod DATACENTER=datacenter1 TRACE_TTL=604800 KEYSPACE=jaeger_v1_dc1 ./create.sh | cqlsh localhost -u cassandra -p cassandra
systemctl enable jaeger-collector
systemctl enable jaeger-query
if [[ "$DISTRO" == rhel* ]] ; then
sudo sed -i 's/User=admin/User=ec2-user/' /etc/systemd/system/jaeger-collector.service
sudo sed -i 's/User=admin/User=ec2-user/' /etc/systemd/system/jaeger-query.service
fi
sudo systemctl enable jaeger-collector
sudo systemctl enable jaeger-query
fi

81
packer/jambonz-mini/aws/scripts/install_mysql.sh
View File

@@ -1,35 +1,76 @@
#!/bin/bash
DB_USER=$1
DB_PASS=$2
DISTRO=$1
DB_USER=$2
DB_PASS=$3
RHEL_RELEASE=
if [[ "$DISTRO" == rhel* ]] ; then
RHEL_RELEASE="${DISTRO:5}"
HOME=/home/ec2-user
cd /tmp
wget https://repo.mysql.com//mysql80-community-release-el${RHEL_RELEASE}-1.noarch.rpm
sudo dnf install -y mysql80-community-release-el${RHEL_RELEASE}-1.noarch.rpm
if [ "$RHEL_RELEASE" == "8" ]; then
sudo dnf install -y @mysql
echo "starting mysql"
sudo systemctl enable mysqld
sudo systemctl start mysqld
echo checking mysql status
sudo systemctl status mysqld
mysql -u root << EOL
ALTER USER 'root'@'localhost' IDENTIFIED BY 'JambonzR0ck$';
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
FLUSH PRIVILEGES;
EOL
else
sudo dnf install -y mysql-community-server
echo "starting mysql"
sudo systemctl enable mysqld
sudo systemctl start mysqld
echo checking mysql status
sudo systemctl status mysqld
TEMP_PASS=$(sudo grep 'A temporary password is generated' /var/log/mysqld.log | tail -1 | awk '{print $NF}')
echo "temporary password is $TEMP_PASS"
mysql -u root -p"${TEMP_PASS}" --connect-expired-password << EOL
ALTER USER 'root'@'localhost' IDENTIFIED BY 'JambonzR0ck$';
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
FLUSH PRIVILEGES;
EOL
fi
else
HOME=/home/admin
sudo apt install -y dirmngr
sudo apt-key add - < /tmp/mysql-server.key
echo "deb http://repo.mysql.com/apt/debian $(lsb_release -sc) mysql-8.0" | sudo tee /etc/apt/sources.list.d/mysql80.list
sudo apt update
sudo debconf-set-selections <<< "mysql-community-server mysql-community-server/root-pass password JambonzR0ck\$"
sudo debconf-set-selections <<< "mysql-community-server mysql-community-server/re-root-pass password JambonzR0ck\$"
sudo debconf-set-selections <<< "mysql-community-server mysql-server/default-auth-override select Use Legacy Authentication Method (Retain MySQL 5.x Compatibility)"
sudo DEBIAN_FRONTEND=noninteractive apt install -y default-mysql-server
echo "starting mysql"
sudo systemctl start mysql
fi
sudo apt install -y dirmngr
sudo apt-key add - < /tmp/mysql-server.key
echo "deb http://repo.mysql.com/apt/debian $(lsb_release -sc) mysql-8.0" | sudo tee /etc/apt/sources.list.d/mysql80.list
sudo apt update
sudo debconf-set-selections <<< "mysql-community-server mysql-community-server/root-pass password JambonzR0ck\$"
sudo debconf-set-selections <<< "mysql-community-server mysql-community-server/re-root-pass password JambonzR0ck\$"
sudo debconf-set-selections <<< "mysql-community-server mysql-server/default-auth-override select Use Legacy Authentication Method (Retain MySQL 5.x Compatibility)"
sudo DEBIAN_FRONTEND=noninteractive apt install -y default-mysql-server
#cd /etc/systemd/system
#rm mysql.service
#sudo systemctl enable mysql
echo "starting mysql"
sudo systemctl start mysql
echo "creating database"
# create the database and the user
mysql -h localhost -u root -pJambonzR0ck\$ << END
mysql -h localhost -u root -pJambonzR0ck\$ << EOL
create database jambones;
SET old_passwords=0;
create user $DB_USER@'%' IDENTIFIED BY '$DB_PASS';
grant all on jambones.* to $DB_USER@'%' with grant option;
grant create user on *.* to $DB_USER@'%' with grant option;
flush privileges;
END
EOL
# create the schema
echo "creating schema"
mysql -h localhost -u $DB_USER -p$DB_PASS -D jambones < /home/admin/apps/jambonz-api-server/db/jambones-sql.sql
mysql -h localhost -u $DB_USER -p$DB_PASS -D jambones < $HOME/apps/jambonz-api-server/db/jambones-sql.sql
echo "seeding initial data"
mysql -h localhost -u $DB_USER -p$DB_PASS -D jambones < /home/admin/apps/jambonz-api-server/db/seed-production-database-open-source.sql
mysql -h localhost -u $DB_USER -p$DB_PASS -D jambones < $HOME/apps/jambonz-api-server/db/seed-production-database-open-source.sql

17
packer/jambonz-mini/aws/scripts/install_nginx.sh
View File

@@ -1,17 +1,20 @@
#!/bin/bash
DISTRO=$1
echo "installing nginx"
sudo apt-get install -y nginx
if [[ "$DISTRO" == rhel* ]]; then
sudo dnf install -y nginx httpd-tools
cd /etc/nginx/conf.d
sudo mv /tmp/nginx.default default.conf
else
sudo apt-get install -y nginx apache2-utils
cd /etc/nginx/sites-available
sudo mv /tmp/nginx.default default
fi
echo "installing apache utils for htpasswd"
sudo apt-get install -y apache2-utils
cd /etc/nginx/sites-available
sudo mv /tmp/nginx.default default
sudo systemctl enable nginx
sudo systemctl restart nginx
sudo systemctl status nginx
sudo journalctl -xe

28
packer/jambonz-mini/aws/scripts/install_nodejs.sh
View File

@@ -1,11 +1,25 @@
#!/bin/bash
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install nodejs -y
DISTRO=$1
if [[ "$DISTRO" == rhel* ]]; then
dnf install -y crypto-policies-scripts
sudo update-crypto-policies --set DEFAULT
sudo rpm --import https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
sudo dnf install -y https://rpm.nodesource.com/pub_18.x/nodistro/repo/nodesource-release-nodistro-1.noarch.rpm
sudo dnf install -y nodejs --setopt=nodesource-nodejs.module_hotfixes=1 --nogpgcheck
node -v
sudo dnf install -y npm --nogpgcheck
npm -v
else
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install -y nodejs npm
fi
sudo npm install -g npm@latest
node -v
npm -v

29
packer/jambonz-mini/aws/scripts/install_os_tuning.sh
View File

@@ -1,6 +1,8 @@
#!/bin/bash
DISTRO=$1
export PATH=/usr/local/bin:$PATH
sudo sed -i '/# End of file/i * hard nofile 65535' /etc/security/limits.conf
sudo sed -i '/# End of file/i * soft nofile 65535' /etc/security/limits.conf
sudo sed -i '/# End of file/i root hard nofile 65535' /etc/security/limits.conf
@@ -15,18 +17,39 @@ vm.dirty_expire_centisecs=200
vm.dirty_writeback_centisecs=100
EOT'
sudo cp /tmp/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
if [[ "$DISTRO" == rhel* ]] ; then
grep -q "* soft core unlimited" /etc/security/limits.conf
if [ $? -ne 0 ]; then
echo "* soft core unlimited" | sudo tee -a /etc/security/limits.conf > /dev/null
fi
grep -q "* hard core unlimited" /etc/security/limits.conf
if [ $? -ne 0 ]; then
echo "* hard core unlimited" | sudo tee -a /etc/security/limits.conf > /dev/null
fi
ulimit -c unlimited
else
sudo cp /tmp/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
fi
# disable ipv6
echo "net.ipv6.conf.all.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf > /dev/null
echo "net.ipv6.conf.default.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf > /dev/null
# install latest cmake
if [ "$DISTRO" == "debian-12" ]; then
if [ "$DISTRO" == "debian-12" ] || [[ "$DISTRO" == rhel* ]] ; then
echo disable RHEL firewall
sudo systemctl stop firewalld
sudo systemctl disable firewalld
echo build cmake 3.27, required by bcg729
cd /usr/local/src
wget https://github.com/Kitware/CMake/archive/refs/tags/v3.27.4.tar.gz
tar xvfz v3.27.4.tar.gz
cd CMake-3.27.4
./bootstrap && make -j 4 && sudo make install
echo "building cmake"
./bootstrap && make -j 8 && sudo make install
echo "cmake built and installed"
export PATH=/usr/local/bin:$PATH
cmake --version
fi

42
packer/jambonz-mini/aws/scripts/install_postgresql.sh
View File

@@ -1,22 +1,44 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
if [ "$2" == "yes" ]; then
DB_USER=$2
DB_PASS=$3
DB_USER=$3
DB_PASS=$4
RHEL_RELEASE
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O- | sudo apt-key add -
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/postgresql.list'
sudo apt-get update
sudo apt-get install -y postgresql-12
sudo systemctl daemon-reload
sudo systemctl enable postgresql
sudo systemctl restart postgresql
if [[ "$DISTRO" == rhel* ]] ; then
RHEL_RELEASE="${DISTRO:5}"
sudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-${RHEL_RELEASE}-x86_64/pgdg-redhat-repo-latest.noarch.rpm
dnf -qy module disable postgresql
sudo dnf install -y postgresql12 postgresql12-server
sudo /usr/pgsql-12/bin/postgresql-12-setup initdb
sudo systemctl enable postgresql-12
sudo systemctl start postgresql-12
else
wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O- | sudo apt-key add -
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/postgresql.list'
sudo apt-get update
sudo apt-get install -y postgresql-12
sudo systemctl daemon-reload
sudo systemctl enable postgresql
sudo systemctl restart postgresql
fi
echo "creating database homer_config and homer_data with user ${DB_USER} and password ${DB_PASS}"
cd /tmp
sudo -u postgres psql -c "CREATE DATABASE homer_config;"
sudo -u postgres psql -c "CREATE DATABASE homer_data;"
sudo -u postgres psql -c "CREATE ROLE ${DB_USER} WITH SUPERUSER LOGIN PASSWORD '$DB_PASS';"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE homer_config to ${DB_USER};"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE homer_data to ${DB_USER};"
if [[ "$DISTRO" == rhel* ]] ; then
# change authentication to md5
sudo sed -i -e 's/^local all all peer/local all all md5/' -e 's/^host all all 127.0.0.1\/32 ident/host all all 127.0.0.1\/32 md5/' -e 's/^host all all ::1\/128 ident/host all all ::1\/128 md5/' /var/lib/pgsql/12/data/pg_hba.conf
fi
fi

14
packer/jambonz-mini/aws/scripts/install_redis.sh
View File

@@ -1,5 +1,13 @@
#!/bin/bash
DISTRO=$1
echo "DISTRO is $DISTRO"
if [[ "$DISTRO" == rhel* ]] ; then
sudo dnf install -y redis
sudo systemctl enable redis
sudo systemctl start redis
else
sudo apt-get install -y redis-server
sudo systemctl enable redis-server
sudo systemctl restart redis-server
fi
sudo apt-get install -y redis-server
sudo systemctl enable redis-server
sudo systemctl restart redis-server

112
packer/jambonz-mini/aws/scripts/install_rtpengine.sh
View File

@@ -1,7 +1,27 @@
#!/bin/bash
VERSION=$1
VERSION=$2
DISTRO=$1
RHEL_RELEASE=""
echo "rtpengine version to install is ${VERSION}, cloud provider is $2"
echo "rtpengine version to install is ${VERSION} on distribution ${DISTRO}"
if [[ "$DISTRO" == rhel* ]]; then
if [ "$EUID" -ne 0 ]; then
echo "Switching to root user..."
sudo bash "$0" --as-root
exit
fi
RHEL_RELEASE="${DISTRO:5}"
# Your script continues here, as root
echo "Now running as root user on RHEL ${RHEL_RELEASE}"
setenforce 0
export PATH=/usr/local/bin:$PATH
export PATH=/usr/local/bin:$PATH
export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:/usr/local/lib64/pkgconfig:$PKG_CONFIG_PATH
fi
cd /usr/local/src
git clone https://github.com/BelledonneCommunications/bcg729.git
@@ -11,46 +31,70 @@ cd /usr/local/src
git clone https://github.com/warmcat/libwebsockets.git -b v4.3.2
cd /usr/local/src/libwebsockets
sudo mkdir -p build && cd build && sudo cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo && sudo make && sudo make install
mkdir -p build && cd build && cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo && make -j 8 && sudo make install
cd /usr/local/src
git clone https://github.com/sipwise/rtpengine.git -b ${VERSION}
cd rtpengine
make -j 4 with_transcoding=yes with_iptables_option=yes with-kernel
# copy iptables extension into place
cp ./iptables-extension/libxt_RTPENGINE.so `pkg-config xtables --variable=xtlibdir`
if [[ "$DISTRO" == rhel* ]] && [[ "$RHEL_RELEASE" == "9" ]]; then
echo with_iptables_option=no with_transcoding=yes make
make with_iptables_option=no with_transcoding=yes -j 8
cp /usr/local/src/rtpengine/daemon/rtpengine /usr/local/bin
mv /tmp/rtpengine-nomodule.service /etc/systemd/system/rtpengine.service
chmod 644 /etc/systemd/system/rtpengine.service
systemctl enable rtpengine
systemctl start rtpengine
else
echo make with_transcoding=yes with_iptables_option=yes with-kernel
make with_transcoding=yes with_iptables_option=yes with-kernel
# install kernel module
mkdir /lib/modules/`uname -r`/updates/
cp ./kernel-module/xt_RTPENGINE.ko /lib/modules/`uname -r`/updates
depmod -a
modprobe xt_RTPENGINE
cat << EOF >> /etc/modules
# copy iptables extension into place
echo "copying iptables extension into ${pkg-config xtables --variable=xtlibdir}"
cp ./iptables-extension/libxt_RTPENGINE.so `pkg-config xtables --variable=xtlibdir`
echo "creating directory /lib/modules/$(uname -r)/updates/"
mkdir -p /lib/modules/`uname -r`/updates/
echo "copying kernel module into /lib/modules/$(uname -r)/updates"
cp ./kernel-module/xt_RTPENGINE.ko /lib/modules/`uname -r`/updates
depmod -a
modprobe xt_RTPENGINE
cat << EOF >> /etc/modules
xt_RTPENGINE
EOF
echo 'add 42' > /proc/rtpengine/control
iptables -I INPUT -p udp --dport 40000:60000 -j RTPENGINE --id 42
echo "creating file 42 in /proc/rtpengine/control"
echo 'add 42' > /proc/rtpengine/control
cat /proc/rtpengine/control
echo "installing iptables rule"
iptables -I INPUT -p udp --dport 40000:60000 -j RTPENGINE --id 42
if [ "$2" = "gcp" ]; then
echo "installing rtpengine for gcp"
sudo mv /tmp/rtpengine.gcp.service /etc/systemd/system/rtpengine.service
cp /usr/local/src/rtpengine/daemon/rtpengine /usr/local/bin
cp /usr/local/src/rtpengine/recording-daemon/rtpengine-recording /usr/local/bin/
if [[ "$RHEL_RELEASE" == "8" ]]; then
sudo mv /tmp/rtpengine-rhel8.service /etc/systemd/system/rtpengine.service
else
sudo mv /tmp/rtpengine.service /etc/systemd/system
fi
sudo chmod 644 /etc/systemd/system/rtpengine.service
sudo systemctl enable rtpengine
sudo systemctl start rtpengine
fi
if [[ "$DISTRO" == rhel* ]] && [[ "$RHEL_RELEASE" == "9" ]]; then
echo "not installing recording service"
else
echo "installing rtpengine for aws"
sudo mv /tmp/rtpengine.service /etc/systemd/system/rtpengine.service
fi
cp /usr/local/src/rtpengine/daemon/rtpengine /usr/local/bin
cp /usr/local/src/rtpengine/recording-daemon/rtpengine-recording /usr/local/bin/
sudo mv /tmp/rtpengine-recording.service /etc/systemd/system
sudo mv /tmp/rtpengine-recording.ini /etc/rtpengine-recording.ini
sudo chmod 644 /etc/systemd/system/rtpengine.service
sudo chmod 644 /etc/systemd/system/rtpengine-recording.service
sudo chmod 644 /etc/rtpengine-recording.ini
mkdir -p /var/spool/recording
mkdir -p /recording
sudo systemctl enable rtpengine
sudo systemctl enable rtpengine-recording
sudo systemctl start rtpengine
sudo systemctl start rtpengine-recording
if [[ "$RHEL_RELEASE" == "8" ]]; then
sudo mv /tmp/rtpengine-recording-rhel8.service /etc/systemd/system/rtpengine-recording.service
else
sudo mv /tmp/rtpengine-recording.service /etc/systemd/system
fi
sudo mv /tmp/rtpengine-recording.ini /etc/rtpengine-recording.ini
sudo chmod 644 /etc/systemd/system/rtpengine-recording.service
sudo chmod 644 /etc/rtpengine-recording.ini
mkdir -p /var/spool/recording
mkdir -p /recording
sudo systemctl enable rtpengine-recording
sudo systemctl start rtpengine-recording
fi

40
packer/jambonz-mini/aws/scripts/install_telegraf.sh
View File

@@ -1,26 +1,38 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
if [ "$2" == "yes" ]; then
INFLUXDB_IP=$2
INFLUXDB_IP=$3
cd /tmp
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
#curl -sL https://repos.influxdata.com/influxdb.key | sudo apt-key add -
#curl -sLhttps://repos.influxdata.com/influxdata-archive_compat.key | sudo apt-key add -
#echo "deb https://repos.influxdata.com/debian stretch stable" | sudo tee /etc/apt/sources.list.d/influxdb.list
if [[ "$DISTRO" == rhel* ]]; then
cat <<EOF | sudo tee /etc/yum.repos.d/influxdata.repo
[influxdata]
name = InfluxData Repository
baseurl = https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://repos.influxdata.com/influxdata-archive_compat.key
EOF
echo checking disk space
df -h
dnf clean packages
echo after cleaning packages
df -h
sudo dnf install -y telegraf
else
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo apt-get update
sudo apt-get install -y telegraf
sudo apt-get update
sudo apt-get install -y telegraf
fi
sudo cp /tmp/telegraf.conf /etc/telegraf/telegraf.conf
sudo sed -i -e "s/influxdb:8086/$INFLUXDB_IP:8086/g" /etc/telegraf/telegraf.conf
sudo sed -i -e "s/# mount_points = /mount_points = /g" /etc/telegraf/telegraf.conf
sudo sed -i -e "s/ignore_fs = /#ignore_fs = /g" /etc/telegraf/telegraf.conf
sudo systemctl enable telegraf
sudo systemctl start telegraf

214
packer/jambonz-mini/aws/template-rhel-8.json Normal file
View File

@@ -0,0 +1,214 @@
{
"variables": {
"region": "us-east-1",
"ssh_username": "ec2-user",
"ami_description": "jambonz all-in-one AMI",
"instance_type": "c6in.2xlarge",
"drachtio_version": "v0.8.24-rc1",
"jambonz_version": "v0.8.5-rc10",
"jambonz_user": "admin",
"jambonz_password": "JambonzR0ck$",
"ami_base_image_owner": "309956199498",
"install_telegraf": "yes",
"homer_user": "homer_user",
"homer_password": "XcapJTqy11LnsYRtxXGPTYQkAnI",
"install_influxdb": "yes",
"install_grafana": "yes",
"install_homer": "yes",
"install_jaeger": "yes",
"install_cloudwatch": "yes",
"install_nodered": "no",
"influxdb_ip": "127.0.0.1",
"rtp_engine_version": "mr11.4.1.4",
"rtp_engine_min_port": "40000",
"rtp_engine_max_port": "60000",
"mediaserver_name" : "jambonz",
"preferred_codec_list" : "PCMU,PCMA,OPUS,G722",
"distro": "rhel-8",
"redhat_username": "your-redhat_username-here",
"redhat_password": "your-redhat_password-here",
"leave_source": "no"
},
"builders": [{
"type": "amazon-ebs",
"region": "{{user `region`}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "RHEL-8.8*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["{{user `ami_base_image_owner`}}"],
"most_recent": true
},
"instance_type": "{{user `instance_type`}}",
"ssh_username": "{{user `ssh_username`}}",
"ami_name": "jambonz-mini-{{user `jambonz_version`}}-{{user `distro`}}-{{isotime |clean_resource_name }}",
"ami_description": "{{user `ami_description`}}",
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_size": 100,
"volume_type": "gp3",
"delete_on_termination": true
}
],
"tags": {
"Name": "jambonz-mini"
},
"run_tags": {
"Name": "jambonz-mini-build"
}
}],
"provisioners": [
{
"type": "shell",
"inline": [
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
"export PATH=/usr/local/bin:$PATH",
"export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH",
"export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH",
"sudo setenforce 0",
"sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config",
"sudo subscription-manager register --username={{user `redhat_username`}} --password={{user `redhat_password`}}",
"sudo dnf upgrade -y",
"sudo sed -i 's/manage_repos = 0/manage_repos = 1/' /etc/rhsm/rhsm.conf",
"sudo subscription-manager repos --enable=codeready-builder-for-rhel-8-x86_64-rpms",
"sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm",
"sudo dnf install -y https://download1.rpmfusion.org/free/el/rpmfusion-free-release-8.noarch.rpm",
"sudo dnf groupinstall -y 'RPM Development Tools'",
"sudo dnf groupinstall -y 'Development Tools'",
"sudo dnf install -y iptables-devel htop pandoc wget cmake ffmpeg ffmpeg-devel fail2ban \\",
"perl-IPC-Cmd pcre-devel google-perftools-devel libcurl-devel curl jq telnet \\",
"libevent-devel xmlrpc-c-devel gperf libpcap-devel glib2-devel json-glib-devel \\",
"hiredis-devel spandsp-devel mariadb-devel dnsutils speex libedit-devel \\",
"opus-devel lsof redis yasm perl-ExtUtils-Embed libmpg123-devel libshout-devel \\",
"systemd-devel speex-devel speexdsp-devel re2-devel opusfile-devel libtiff-devel \\",
"snapd libjpeg-devel libsndfile-devel lua-devel sqlite-devel libuuid-devel \\",
"lame-devel libyuv-devel protobuf-compiler tcpdump kernel-devel-$(uname -r)",
"sudo dnf debuginfo-install -y binutils",
"sudo chmod a+w /usr/local/src",
"mkdir ~/apps",
"cd ~/apps",
"git config --global advice.detachedHead false",
"git clone https://github.com/jambonz/sbc-call-router.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/fsw-clear-old-calls.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-outbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-inbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-sip-sidecar.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-feature-server.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-api-server.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-webapp.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-smpp-esme.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-rtpengine-sidecar.git -b {{user `jambonz_version`}}"
]
},
{
"type": "file",
"source": "files/",
"destination": "/tmp"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_os_tuning.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `rtp_engine_version`}}",
"script": "scripts/install_rtpengine.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `jambonz_user`}} {{user `jambonz_password`}}",
"script": "scripts/install_mysql.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_homer`}} {{user `homer_user`}} {{user `homer_password`}}",
"script": "scripts/install_postgresql.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `drachtio_version`}}",
"script": "scripts/install_drachtio.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_fail2ban.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_redis.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_influxdb`}}",
"script": "scripts/install_influxdb.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_telegraf`}} {{user `influxdb_ip`}}",
"script": "scripts/install_telegraf.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_grafana`}}",
"script": "scripts/install_grafana.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_jaeger`}}",
"script": "scripts/install_jaeger.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_homer`}} {{user `homer_user`}} {{user `homer_password`}}",
"script": "scripts/install_homer.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nginx.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_cloudwatch`}}",
"script": "scripts/install_cloudwatch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{build `ID`}}",
"script": "scripts/install_apiban.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nodejs.sh"
},
{
"type": "shell",
"environment_vars": [
"ARCH=amd64",
"MEDIA_SERVER_NAME={{user `mediaserver_name`}}",
"PREFERRED_CODEC_LIST={{user `preferred_codec_list`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_freeswitch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `jambonz_version`}} {{user `jambonz_user`}} {{user `jambonz_password`}}",
"script": "scripts/install_app.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `leave_source`}}",
"script": "scripts/cleanup.sh"
}
]
}

214
packer/jambonz-mini/aws/template-rhel-9.json Normal file
View File

@@ -0,0 +1,214 @@
{
"variables": {
"region": "us-east-1",
"ssh_username": "ec2-user",
"ami_description": "jambonz all-in-one AMI",
"instance_type": "c6in.2xlarge",
"drachtio_version": "v0.8.24-rc1",
"jambonz_version": "v0.8.5-rc10",
"jambonz_user": "admin",
"jambonz_password": "JambonzR0ck$",
"ami_base_image_owner": "309956199498",
"install_telegraf": "yes",
"homer_user": "homer_user",
"homer_password": "XcapJTqy11LnsYRtxXGPTYQkAnI",
"install_influxdb": "yes",
"install_grafana": "yes",
"install_homer": "yes",
"install_jaeger": "yes",
"install_cloudwatch": "yes",
"install_nodered": "no",
"influxdb_ip": "127.0.0.1",
"rtp_engine_version": "mr11.4.1.4",
"rtp_engine_min_port": "40000",
"rtp_engine_max_port": "60000",
"mediaserver_name" : "jambonz",
"preferred_codec_list" : "PCMU,PCMA,OPUS,G722",
"distro": "rhel-9",
"redhat_username": "your-redhat_username-here",
"redhat_password": "your-redhat_password-here",
"leave_source": "no"
},
"builders": [{
"type": "amazon-ebs",
"region": "{{user `region`}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "RHEL-9.2*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["{{user `ami_base_image_owner`}}"],
"most_recent": true
},
"instance_type": "{{user `instance_type`}}",
"ssh_username": "{{user `ssh_username`}}",
"ami_name": "jambonz-mini-{{user `jambonz_version`}}-{{user `distro`}}-{{isotime |clean_resource_name }}",
"ami_description": "{{user `ami_description`}}",
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_size": 100,
"volume_type": "gp3",
"delete_on_termination": true
}
],
"tags": {
"Name": "jambonz-mini"
},
"run_tags": {
"Name": "jambonz-mini-build"
}
}],
"provisioners": [
{
"type": "shell",
"inline": [
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
"export PATH=/usr/local/bin:$PATH",
"export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH",
"export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH",
"sudo setenforce 0",
"sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config",
"sudo subscription-manager register --username={{user `redhat_username`}} --password={{user `redhat_password`}}",
"sudo dnf upgrade -y",
"sudo sed -i 's/manage_repos = 0/manage_repos = 1/' /etc/rhsm/rhsm.conf",
"sudo subscription-manager repos --enable=codeready-builder-for-rhel-9-x86_64-rpms",
"sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm",
"sudo /usr/bin/crb enable || true",
"sudo dnf install -y https://download1.rpmfusion.org/free/el/rpmfusion-free-release-9.noarch.rpm",
"sudo dnf groupinstall -y 'RPM Development Tools'",
"sudo dnf groupinstall -y 'Development Tools'",
"sudo dnf install -y iptables-devel htop pandoc wget cmake ffmpeg ffmpeg-devel fail2ban \\",
"perl-IPC-Cmd pcre-devel google-perftools-devel libcurl-devel curl jq telnet \\",
"libevent-devel xmlrpc-c-devel gperf libpcap-devel glib2-devel json-glib-devel \\",
"hiredis-devel spandsp-devel mariadb-devel dnsutils speex libedit-devel \\",
"opus-devel lsof redis yasm perl-ExtUtils-Embed libmpg123-devel libshout-devel \\",
"systemd-devel speex-devel speexdsp-devel re2-devel opusfile-devel libtiff-devel \\",
"snapd libjpeg-devel libsndfile-devel lua-devel sqlite-devel libuuid-devel \\",
"lame-devel libyuv-devel protobuf-compiler tcpdump",
"sudo dnf debuginfo-install -y binutils",
"sudo chmod a+w /usr/local/src",
"mkdir ~/apps",
"cd ~/apps",
"git config --global advice.detachedHead false",
"git clone https://github.com/jambonz/sbc-call-router.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/fsw-clear-old-calls.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-outbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-inbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-sip-sidecar.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-feature-server.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-api-server.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-webapp.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-smpp-esme.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-rtpengine-sidecar.git -b {{user `jambonz_version`}}"
]
},
{
"type": "file",
"source": "files/",
"destination": "/tmp"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_os_tuning.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `drachtio_version`}}",
"script": "scripts/install_drachtio.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_fail2ban.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_redis.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `jambonz_user`}} {{user `jambonz_password`}}",
"script": "scripts/install_mysql.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_influxdb`}}",
"script": "scripts/install_influxdb.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_homer`}} {{user `homer_user`}} {{user `homer_password`}}",
"script": "scripts/install_postgresql.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_telegraf`}} {{user `influxdb_ip`}}",
"script": "scripts/install_telegraf.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_grafana`}}",
"script": "scripts/install_grafana.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_jaeger`}}",
"script": "scripts/install_jaeger.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_homer`}} {{user `homer_user`}} {{user `homer_password`}}",
"script": "scripts/install_homer.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nginx.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_cloudwatch`}}",
"script": "scripts/install_cloudwatch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{build `ID`}}",
"script": "scripts/install_apiban.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `rtp_engine_version`}}",
"script": "scripts/install_rtpengine.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nodejs.sh"
},
{
"type": "shell",
"environment_vars": [
"ARCH=amd64",
"MEDIA_SERVER_NAME={{user `mediaserver_name`}}",
"PREFERRED_CODEC_LIST={{user `preferred_codec_list`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_freeswitch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `jambonz_version`}} {{user `jambonz_user`}} {{user `jambonz_password`}}",
"script": "scripts/install_app.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `leave_source`}}",
"script": "scripts/cleanup.sh"
}
]
}

1
packer/jambonz-mini/gcp/scripts/install_influxdb.sh
View File

@@ -12,6 +12,5 @@ sudo systemctl enable influxdb
sudo systemctl start influxdb
sudo systemctl status influxdb.service
sudo journalctl -xe
fi

1
packer/jambonz-mini/gcp/scripts/install_nginx.sh
View File

@@ -14,4 +14,3 @@ sudo systemctl enable nginx
sudo systemctl restart nginx
sudo systemctl status nginx
sudo journalctl -xe

1
packer/jambonz-mini/proxmox/scripts/install_influxdb.sh
View File

@@ -12,6 +12,5 @@ sudo systemctl enable influxdb
sudo systemctl start influxdb
sudo systemctl status influxdb.service
sudo journalctl -xe
fi

1
packer/jambonz-mini/proxmox/scripts/install_nginx.sh
View File

@@ -14,4 +14,3 @@ sudo systemctl enable nginx
sudo systemctl restart nginx
sudo systemctl status nginx
sudo journalctl -xe

14
packer/jambonz-sbc-sip-rtp/aws/README.md
View File

@@ -4,12 +4,22 @@ A [packer](https://www.packer.io/) template to build an AMI containing the jambo
## Installing
To build an amd64 image:
To build a debian 11 AMI (preferred):
```
$ packer build -color=false template.json
```
To build an RHEL-8 AMI:
```
packer build -color=false -var "redhat_username=<my-rh-username>" -var "redhat_password=<my-rh-password>" template-rhel-8.json
```
To build an RHEL-9 AMI:
```
packer build -color=false -var "redhat_username=<my-rh-username>" -var "redhat_password=<my-rh-password>" template-rhel-9.json
```
> Note: on RHEL-9 the kernel module for rtpengine (which passes media streams in the kernel rather than userspace) is not available. For that reason, you may prefer to deploy on RHEL-8 when deploying on RedHat Enterprise Linux.
To build an arm64 image:
```

28
packer/jambonz-sbc-sip-rtp/aws/files/drachtio-rhel.service Normal file
View File

@@ -0,0 +1,28 @@
[Unit]
Description=drachtio
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStartPre=/bin/sh -c 'systemctl set-environment PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`'
ExecStart=/usr/local/bin/drachtio --daemon --contact sip:${LOCAL_IP};transport=udp --external-ip ${PUBLIC_IP} \
--contact sip:${LOCAL_IP};transport=tcp \
--address 0.0.0.0 --port 9022 --homer 127.0.0.1:9060 --homer-id 10
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

174
packer/jambonz-sbc-sip-rtp/aws/files/ecosystem-rhel.config.js Normal file
View File

@@ -0,0 +1,174 @@
module.exports = {
apps : [
{
name: 'jambonz-smpp-esme',
cwd: '/home/ec2-user/apps/jambonz-smpp-esme',
script: 'app.js',
out_file: '/home/ec2-user/.pm2/logs/jambonz-smpp-esme.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-smpp-esme.log',
combine_logs: true,
instance_var: 'INSTANCE_ID',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
AVOID_UDH: true,
JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
JAMBONES_MYSQL_PASSWORD: '${JAMBONES_MYSQL_PASSWORD}',
JAMBONES_MYSQL_DATABASE: 'jambones',
JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
JAMBONES_REDIS_PORT: 6379,
JAMBONES_LOGLEVEL: 'debug',
JAMBONES_CLUSTER_ID: '${JAMBONES_CLUSTER_ID}',
HTTP_PORT: 3020
}
},
{
name: 'sbc-call-router',
cwd: '/home/ec2-user/apps/sbc-call-router',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-call-router.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-call-router.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
HTTP_PORT: 4000,
JAMBONES_INBOUND_ROUTE: '127.0.0.1:4002',
JAMBONES_OUTBOUND_ROUTE: '127.0.0.1:4003',
JAMBONZ_TAGGED_INBOUND: 1,
JAMBONES_NETWORK_CIDR: '${VPC_CIDR}',
}
},
{
name: 'sbc-sip-sidecar',
cwd: '/home/ec2-user/apps/sbc-sip-sidecar',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/sbc-sip-sidecar.log',
err_file: '/home/ec2-user/.pm2/logs/sbc-sip-sidecar.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
ENABLE_DATADOG_METRICS: 0,
JAMBONES_LOGLEVEL: 'info',
DRACHTIO_HOST: '127.0.0.1',
DRACHTIO_PORT: 9022,
DRACHTIO_SECRET: 'cymru',
JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
JAMBONES_MYSQL_PASSWORD: '${JAMBONES_MYSQL_PASSWORD}',
JAMBONES_MYSQL_DATABASE: 'jambones',
JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
JAMBONES_REDIS_PORT: 6379,
JAMBONES_NETWORK_CIDR: '${VPC_CIDR}'
}
},
{
name: 'sbc-rtpengine-sidecar',
cwd: '/home/ec2-user/apps/sbc-rtpengine-sidecar',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-rtpengine-sidecar.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-rtpengine-sidecar.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
LOGLEVEL: 'info',
DTMF_ONLY: true,
ENABLE_METRICS: 1,
STATS_HOST: '127.0.0.1',
STATS_PORT: 8125,
STATS_PROTOCOL: 'tcp',
STATS_TELEGRAF: 1
}
},
{
name: 'sbc-outbound',
cwd: '/home/ec2-user/apps/sbc-outbound',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-outbound.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-outbound.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
JAMBONES_LOGLEVEL: 'info',
JAMBONES_NETWORK_CIDR: '${VPC_CIDR}',
JAMBONES_RTPENGINES: '127.0.0.1:22222',
ENABLE_DATADOG_METRICS: 0,
DRACHTIO_HOST: '127.0.0.1',
DRACHTIO_PORT: 9022,
DRACHTIO_SECRET: 'cymru',
JAMBONES_TRACK_ACCOUNT_CALLS: 0,
JAMBONES_TRACK_SP_CALLS: 0,
JAMBONES_TRACK_APP_CALLS: 0,
JAMBONES_RTPENGINES: '${JAMBONES_RTPENGINE_IPS}',
JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
JAMBONES_MYSQL_PASSWORD: '${JAMBONES_MYSQL_PASSWORD}',
JAMBONES_MYSQL_DATABASE: 'jambones',
JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
JAMBONES_REDIS_PORT: 6379
}
},
{
name: 'sbc-inbound',
cwd: '/home/ec2-user/apps/sbc-inbound',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-inbound.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-inbound.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
JAMBONES_LOGLEVEL: 'info',
JAMBONES_NETWORK_CIDR: '${VPC_CIDR}',
ENABLE_DATADOG_METRICS: 0,
DRACHTIO_HOST: '127.0.0.1',
DRACHTIO_PORT: 9022,
DRACHTIO_SECRET: 'cymru',
JAMBONES_RTPENGINES: '${JAMBONES_RTPENGINE_IPS}',
JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
JAMBONES_MYSQL_PASSWORD: '${JAMBONES_MYSQL_PASSWORD}',
JAMBONES_MYSQL_DATABASE: 'jambones',
JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
JAMBONES_REDIS_PORT: 6379,
JAMBONES_TRACK_ACCOUNT_CALLS: 0,
JAMBONES_TRACK_SP_CALLS: 0,
JAMBONES_TRACK_APP_CALLS: 0,
JAMBONES_CLUSTER_ID: '${JAMBONES_CLUSTER_ID}',
MS_TEAMS_SIP_PROXY_IPS: '52.114.148.0, 52.114.132.46, 52.114.75.24, 52.114.76.76, 52.114.7.24, 52.114.14.70'
}
}]
};

43
packer/jambonz-sbc-sip-rtp/aws/files/rtpengine-nomodule.service Normal file
View File

@@ -0,0 +1,43 @@
[Unit]
Description=rtpengine
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
Environment="LD_LIBRARY_PATH=/usr/local/lib/"
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStartPre=/bin/sh -c 'systemctl set-environment PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`'
ExecStart=/usr/local/bin/rtpengine \
--interface private/${LOCAL_IP} \
--interface public/${LOCAL_IP}!${PUBLIC_IP} \
--listen-ng=22222 \
--listen-http=8080 \
--listen-udp=12222 \
--dtmf-log-dest=127.0.0.1:22223 \
--listen-cli=127.0.0.1:9900 \
--pidfile /run/rtpengine.pid \
--port-min 40000 \
--port-max 60000 \
--recording-dir /tmp \
--recording-method pcap \
--recording-format eth \
--log-level 5 \
--delete-delay 0
PIDFile=/run/rtpengine.pid
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

25
packer/jambonz-sbc-sip-rtp/aws/files/rtpengine-recording-rhel8.service Normal file
View File

@@ -0,0 +1,25 @@
[Unit]
Description=rtpengine-recording
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
Environment="LD_LIBRARY_PATH=/usr/local/lib/"
ExecStart=/usr/local/bin/rtpengine-recording --config-file=/etc/rtpengine-recording.ini
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

8
packer/jambonz-sbc-sip-rtp/aws/files/rtpengine-recording.service
View File

@@ -19,10 +19,10 @@ LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
IOSchedulingClass=realtime
IOSchedulingPriority=2
CPUSchedulingPolicy=rr
CPUSchedulingPriority=89
;IOSchedulingClass=realtime
;IOSchedulingPriority=2
;CPUSchedulingPolicy=rr
;CPUSchedulingPriority=89
UMask=0007
[Install]

44
packer/jambonz-sbc-sip-rtp/aws/files/rtpengine-rhel8.service Normal file
View File

@@ -0,0 +1,44 @@
[Unit]
Description=rtpengine
After=syslog.target network.target local-fs.target
[Service]
; service
Type=forking
Environment="LD_LIBRARY_PATH=/usr/local/lib/"
ExecStartPre=/bin/sh -c 'systemctl set-environment LOCAL_IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4`'
ExecStartPre=/bin/sh -c 'systemctl set-environment PUBLIC_IP=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`'
ExecStartPre=echo 'del 42' > /proc/rtpengine/control
ExecStart=/usr/local/bin/rtpengine \
--interface private/${LOCAL_IP} \
--interface public/${LOCAL_IP}!${PUBLIC_IP} \
--listen-ng=22222 \
--listen-http=8080 \
--listen-udp=12222 \
--dtmf-log-dest=127.0.0.1:22223 \
--listen-cli=127.0.0.1:9900 \
--table=42 \
--pidfile /run/rtpengine.pid \
--port-min 40000 \
--port-max 60000 \
--recording-dir /var/spool/recording \
--recording-method proc \
--log-level 5 \
--delete-delay 0
PIDFile=/run/rtpengine.pid
TimeoutSec=15s
Restart=always
; exec
User=root
Group=daemon
LimitCORE=infinity
LimitNOFILE=100000
LimitNPROC=60000
;LimitSTACK=240
LimitRTPRIO=infinity
LimitRTTIME=7000000
UMask=0007
[Install]
WantedBy=multi-user.target

22
packer/jambonz-sbc-sip-rtp/aws/scripts/cleanup.sh Normal file
View File

@@ -0,0 +1,22 @@
#! /bin/bash
DISTRO=$1
LEAVE_SOURCE=$2
set -e
set -x
echo "running cleanup.sh on $DISTRO, leaving source: $LEAVE_SOURCE"
if [[ "$DISTRO" == rhel* ]]; then
sudo dnf install -y iptables-services
sudo subscription-manager unregister
else
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
sudo apt-get -y install iptables-persistent
sudo rm /root/.ssh/authorized_keys
sudo rm ~/.ssh/authorized_keys
fi
sudo rm -Rf /tmp/*
if [ "$LEAVE_SOURCE" = 'no' ]; then sudo rm -Rf /usr/local/src/*; fi

61
packer/jambonz-sbc-sip-rtp/aws/scripts/install_app.sh
View File

@@ -1,27 +1,50 @@
#!/bin/bash
VERSION=$1
DISTRO=$1
VERSION=$2
RHEL_RELEASE=""
cd /home/admin
mkdir -p apps
if [[ "$DISTRO" == rhel* ]]; then
RHEL_RELEASE="${DISTRO:5}"
HOME=/home/ec2-user
sed -i "s|/home/admin|${HOME}|g" /tmp/ecosystem.config.js
else
HOME=/home/admin
fi
mkdir -p $HOME/apps
ALIAS_LINE="alias gl='git log --oneline --decorate'"
echo "$ALIAS_LINE" >> ~/.bash_aliases
cd $HOME
cp /tmp/ecosystem.config.js apps
cd apps
cd /home/admin/apps/sbc-inbound && npm ci --unsafe-perm
cd /home/admin/apps/sbc-outbound && npm ci --unsafe-perm
cd /home/admin/apps/sbc-call-router && npm ci --unsafe-perm
cd /home/admin/apps/sbc-sip-sidecar && npm ci --unsafe-perm
cd /home/admin/apps/sbc-rtpengine-sidecar && npm ci --unsafe-perm
cd /home/admin/apps/jambonz-smpp-esme && npm ci --unsafe-perm
cd $HOME/apps/sbc-inbound && npm ci --unsafe-perm
cd $HOME/apps/sbc-outbound && npm ci --unsafe-perm
cd $HOME/apps/sbc-call-router && npm ci --unsafe-perm
cd $HOME/apps/sbc-sip-sidecar && npm ci --unsafe-perm
cd $HOME/apps/sbc-rtpengine-sidecar && npm ci --unsafe-perm
cd $HOME/apps/jambonz-smpp-esme && npm ci --unsafe-perm
sudo npm install -g pino-pretty pm2 pm2-logrotate gulp grunt
sudo -u admin bash -c "pm2 install pm2-logrotate"
sudo -u admin bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u admin bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u admin bash -c "pm2 set pm2-logrotate:compress true"
if [ "$DISTRO" == "rhel-9" ]; then
sudo chown -R 1000:1000 /home/ec2-user/.npm
sudo -u ec2-user bash -c "pm2 install pm2-logrotate"
sudo -u ec2-user bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u ec2-user bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u ec2-user bash -c "pm2 set pm2-logrotate:compress true"
sudo chown -R ec2-user:ec2-user $HOME/apps
sudo systemctl enable --now snapd.socket
sudo ln -s /var/lib/snapd/snap /snap
else
sudo -u admin bash -c "pm2 install pm2-logrotate"
sudo -u admin bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u admin bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u admin bash -c "pm2 set pm2-logrotate:compress true"
sudo chown -R admin:admin $HOME/apps
sudo snap install core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
fi
sudo chown -R admin:admin /home/admin/apps
sudo snap install core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

21
packer/jambonz-sbc-sip-rtp/aws/scripts/install_cloudwatch.sh
View File

@@ -1,13 +1,20 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
if [ "$2" == "yes" ]; then
#install cloudwatch
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb -O /home/admin/amazon-cloudwatch-agent.deb
sudo dpkg -i -E /home/admin/amazon-cloudwatch-agent.deb
sudo rm -rf /home/admin/amazon-cloudwatch-agent.deb
#install cloudwatch
if [[ "$DISTRO" == rhel* ]]; then
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/redhat/amd64/latest/amazon-cloudwatch-agent.rpm -O /tmp/amazon-cloudwatch-agent.rpm
sudo dnf install -y /tmp/amazon-cloudwatch-agent.rpm
sudo rm -rf /tmp/amazon-cloudwatch-agent.rpm
else
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb -O /home/admin/amazon-cloudwatch-agent.deb
sudo dpkg -i -E /home/admin/amazon-cloudwatch-agent.deb
sudo rm -rf /home/admin/amazon-cloudwatch-agent.deb
fi
# install config file for jambonz
sudo cp -r /tmp/cloudwatch-config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
# install config file for jambonz
sudo cp -r /tmp/cloudwatch-config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
fi

26
packer/jambonz-sbc-sip-rtp/aws/scripts/install_drachtio.sh
View File

@@ -1,20 +1,28 @@
#!/bin/bash
VERSION=$1
DISTRO=$1
VERSION=$2
echo "drachtio version to install is ${VERSION}"
echo "drachtio version to install is ${VERSION} on ${DISTRO}"
chmod 0777 /usr/local/src
cd /usr/local/src
git clone https://github.com/davehorton/drachtio-server.git -b ${VERSION}
git clone https://github.com/drachtio/drachtio-server.git -b ${VERSION}
cd drachtio-server
git submodule update --init --recursive
./autogen.sh && mkdir -p build && cd $_ && ../configure --enable-tcmalloc=yes CPPFLAGS='-DNDEBUG -O2 -g' && make && sudo make install
./autogen.sh && mkdir -p build && cd $_ && ../configure --enable-tcmalloc=yes CPPFLAGS='-DNDEBUG -g -O2' && make -j 8 && sudo make install
echo "installing drachtio for aws"
if [[ "$DISTRO" == rhel* ]]; then
sudo mv /tmp/drachtio-rhel.service /etc/systemd/system/drachtio.service
else
sudo mv /tmp/drachtio.service /etc/systemd/system
fi
sudo mv /tmp/drachtio.conf.xml /etc
sudo mv /tmp/drachtio.service /etc/systemd/system
sudo chmod 644 /etc/drachtio.conf.xml
sudo chmod 644 /etc/systemd/system/drachtio.service
sudo systemctl enable drachtio
sudo cp /tmp/auto-assign-elastic-ip.sh /usr/local/bin
sudo chmod +x /usr/local/bin/auto-assign-elastic-ip.sh
sudo systemctl restart drachtio
sudo systemctl status drachtio.service

28
packer/jambonz-sbc-sip-rtp/aws/scripts/install_nodejs.sh
View File

@@ -1,11 +1,25 @@
#!/bin/bash
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install nodejs -y
DISTRO=$1
if [[ "$DISTRO" == rhel* ]]; then
dnf install -y crypto-policies-scripts
sudo update-crypto-policies --set DEFAULT
sudo rpm --import https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
sudo dnf install -y https://rpm.nodesource.com/pub_18.x/nodistro/repo/nodesource-release-nodistro-1.noarch.rpm
sudo dnf install -y nodejs --setopt=nodesource-nodejs.module_hotfixes=1 --nogpgcheck
node -v
sudo dnf install -y npm --nogpgcheck
npm -v
else
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install -y nodejs npm
fi
sudo npm install -g npm@latest
node -v
npm -v

29
packer/jambonz-sbc-sip-rtp/aws/scripts/install_os_tuning.sh
View File

@@ -1,6 +1,8 @@
#!/bin/bash
DISTRO=$1
export PATH=/usr/local/bin:$PATH
sudo sed -i '/# End of file/i * hard nofile 65535' /etc/security/limits.conf
sudo sed -i '/# End of file/i * soft nofile 65535' /etc/security/limits.conf
sudo sed -i '/# End of file/i root hard nofile 65535' /etc/security/limits.conf
@@ -15,18 +17,39 @@ vm.dirty_expire_centisecs=200
vm.dirty_writeback_centisecs=100
EOT'
sudo cp /tmp/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
if [[ "$DISTRO" == rhel* ]] ; then
grep -q "* soft core unlimited" /etc/security/limits.conf
if [ $? -ne 0 ]; then
echo "* soft core unlimited" | sudo tee -a /etc/security/limits.conf > /dev/null
fi
grep -q "* hard core unlimited" /etc/security/limits.conf
if [ $? -ne 0 ]; then
echo "* hard core unlimited" | sudo tee -a /etc/security/limits.conf > /dev/null
fi
ulimit -c unlimited
else
sudo cp /tmp/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
fi
# disable ipv6
echo "net.ipv6.conf.all.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf > /dev/null
echo "net.ipv6.conf.default.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf > /dev/null
# install latest cmake
if [ "$DISTRO" == "debian-12" ]; then
if [ "$DISTRO" == "debian-12" ] || [[ "$DISTRO" == rhel* ]] ; then
echo disable RHEL firewall
sudo systemctl stop firewalld
sudo systemctl disable firewalld
echo build cmake 3.27, required by bcg729
cd /usr/local/src
wget https://github.com/Kitware/CMake/archive/refs/tags/v3.27.4.tar.gz
tar xvfz v3.27.4.tar.gz
cd CMake-3.27.4
./bootstrap && make -j 4 && sudo make install
echo "building cmake"
./bootstrap && make -j 8 && sudo make install
echo "cmake built and installed"
export PATH=/usr/local/bin:$PATH
cmake --version
fi

107
packer/jambonz-sbc-sip-rtp/aws/scripts/install_rtpengine.sh
View File

@@ -1,7 +1,27 @@
#!/bin/bash
VERSION=$1
VERSION=$2
DISTRO=$1
RHEL_RELEASE=""
echo "rtpengine version to install is ${VERSION}"
echo "rtpengine version to install is ${VERSION} on distribution ${DISTRO}"
if [[ "$DISTRO" == rhel* ]]; then
if [ "$EUID" -ne 0 ]; then
echo "Switching to root user..."
sudo bash "$0" --as-root
exit
fi
RHEL_RELEASE="${DISTRO:5}"
# Your script continues here, as root
echo "Now running as root user on RHEL ${RHEL_RELEASE}"
setenforce 0
export PATH=/usr/local/bin:$PATH
export PATH=/usr/local/bin:$PATH
export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:/usr/local/lib64/pkgconfig:$PKG_CONFIG_PATH
fi
cd /usr/local/src
git clone https://github.com/BelledonneCommunications/bcg729.git
@@ -11,39 +31,70 @@ cd /usr/local/src
git clone https://github.com/warmcat/libwebsockets.git -b v4.3.2
cd /usr/local/src/libwebsockets
sudo mkdir -p build && cd build && sudo cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo && sudo make && sudo make install
mkdir -p build && cd build && cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo && make -j 8 && sudo make install
cd /usr/local/src
git clone https://github.com/sipwise/rtpengine.git -b ${VERSION}
cd rtpengine
make with_transcoding=yes with_iptables_option=yes with-kernel
# copy iptables extension into place
cp ./iptables-extension/libxt_RTPENGINE.so `pkg-config xtables --variable=xtlibdir`
if [[ "$DISTRO" == rhel* ]] && [[ "$RHEL_RELEASE" == "9" ]]; then
echo with_iptables_option=no with_transcoding=yes make
make with_iptables_option=no with_transcoding=yes -j 8
cp /usr/local/src/rtpengine/daemon/rtpengine /usr/local/bin
mv /tmp/rtpengine-nomodule.service /etc/systemd/system/rtpengine.service
chmod 644 /etc/systemd/system/rtpengine.service
systemctl enable rtpengine
systemctl start rtpengine
else
echo make with_transcoding=yes with_iptables_option=yes with-kernel
make with_transcoding=yes with_iptables_option=yes with-kernel
# install kernel module
mkdir /lib/modules/`uname -r`/updates/
cp ./kernel-module/xt_RTPENGINE.ko /lib/modules/`uname -r`/updates
depmod -a
modprobe xt_RTPENGINE
cat << EOF >> /etc/modules
# copy iptables extension into place
echo "copying iptables extension into ${pkg-config xtables --variable=xtlibdir}"
cp ./iptables-extension/libxt_RTPENGINE.so `pkg-config xtables --variable=xtlibdir`
echo "creating directory /lib/modules/$(uname -r)/updates/"
mkdir -p /lib/modules/`uname -r`/updates/
echo "copying kernel module into /lib/modules/$(uname -r)/updates"
cp ./kernel-module/xt_RTPENGINE.ko /lib/modules/`uname -r`/updates
depmod -a
modprobe xt_RTPENGINE
cat << EOF >> /etc/modules
xt_RTPENGINE
EOF
echo 'add 42' > /proc/rtpengine/control
iptables -I INPUT -p udp --dport 40000:60000 -j RTPENGINE --id 42
echo "creating file 42 in /proc/rtpengine/control"
echo 'add 42' > /proc/rtpengine/control
cat /proc/rtpengine/control
echo "installing iptables rule"
iptables -I INPUT -p udp --dport 40000:60000 -j RTPENGINE --id 42
cp /usr/local/src/rtpengine/daemon/rtpengine /usr/local/bin
cp /usr/local/src/rtpengine/recording-daemon/rtpengine-recording /usr/local/bin/
sudo mv /tmp/rtpengine.service /etc/systemd/system
sudo mv /tmp/rtpengine-recording.service /etc/systemd/system
sudo mv /tmp/rtpengine-recording.ini /etc/rtpengine-recording.ini
sudo chmod 644 /etc/systemd/system/rtpengine.service
sudo chmod 644 /etc/systemd/system/rtpengine-recording.service
sudo chmod 644 /etc/rtpengine-recording.ini
mkdir -p /var/spool/recording
mkdir -p /recording
sudo systemctl enable rtpengine
sudo systemctl enable rtpengine-recording
sudo systemctl start rtpengine
sudo systemctl start rtpengine-recording
cp /usr/local/src/rtpengine/daemon/rtpengine /usr/local/bin
cp /usr/local/src/rtpengine/recording-daemon/rtpengine-recording /usr/local/bin/
if [[ "$RHEL_RELEASE" == "8" ]]; then
sudo mv /tmp/rtpengine-rhel8.service /etc/systemd/system/rtpengine.service
else
sudo mv /tmp/rtpengine.service /etc/systemd/system
fi
sudo chmod 644 /etc/systemd/system/rtpengine.service
sudo systemctl enable rtpengine
sudo systemctl start rtpengine
fi
if [[ "$DISTRO" == rhel* ]] && [[ "$RHEL_RELEASE" == "9" ]]; then
echo "not installing recording service"
else
if [[ "$RHEL_RELEASE" == "8" ]]; then
sudo mv /tmp/rtpengine-recording-rhel8.service /etc/systemd/system/rtpengine-recording.service
else
sudo mv /tmp/rtpengine-recording.service /etc/systemd/system
fi
sudo mv /tmp/rtpengine-recording.ini /etc/rtpengine-recording.ini
sudo chmod 644 /etc/systemd/system/rtpengine-recording.service
sudo chmod 644 /etc/rtpengine-recording.ini
mkdir -p /var/spool/recording
mkdir -p /recording
sudo systemctl enable rtpengine-recording
sudo systemctl start rtpengine-recording
fi

35
packer/jambonz-sbc-sip-rtp/aws/scripts/install_telegraf.sh
View File

@@ -1,17 +1,34 @@
#!/bin/bash
DISTRO=$1
if [ "$1" == "yes" ]; then
INFLUXDB_IP=$2
if [ "$2" == "yes" ]; then
cd /tmp
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo apt-get update
sudo apt-get install -y telegraf
if [[ "$DISTRO" == rhel* ]]; then
cat <<EOF | sudo tee /etc/yum.repos.d/influxdata.repo
[influxdata]
name = InfluxData Repository
baseurl = https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://repos.influxdata.com/influxdata-archive_compat.key
EOF
echo checking disk space
df -h
dnf clean packages
echo after cleaning packages
df -h
sudo dnf install -y telegraf
else
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo apt-get update
sudo apt-get install -y telegraf
fi
sudo cp /tmp/telegraf.conf /etc/telegraf/telegraf.conf

163
packer/jambonz-sbc-sip-rtp/aws/template-rhel-8.json Normal file
View File

@@ -0,0 +1,163 @@
{
"variables": {
"region": "us-east-1",
"ssh_username": "ec2-user",
"ami_description": "jambonz SBC SIP+RTP",
"instance_type": "c6in.xlarge",
"drachtio_version": "v0.8.24-rc1",
"jambonz_version": "v0.8.5-rc10",
"ami_base_image_arch": "amd64",
"ami_base_image_owner": "309956199498",
"rtp_engine_version": "mr11.5.1.1",
"rtp_engine_min_port": "40000",
"rtp_engine_max_port": "60000",
"install_datadog": "no",
"datadog_key" : "",
"install_cloudwatch": "yes",
"install_telegraf": "yes",
"distro": "rhel-8",
"redhat_username": "your-redhat_username-here",
"redhat_password": "your-redhat_password-here",
"leave_source": "no"
},
"builders": [{
"type": "amazon-ebs",
"region": "{{user `region`}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "RHEL-8.8*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["{{user `ami_base_image_owner`}}"],
"most_recent": true
},
"instance_type": "{{user `instance_type`}}",
"ssh_username": "{{user `ssh_username`}}",
"ami_name": "jambonz-sbc-sip-rtp-{{user `jambonz_version`}}-{{user `distro`}}-{{user `ami_base_image_arch`}}-{{isotime |clean_resource_name }}",
"ami_description": "{{user `ami_description`}}",
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_size": 60,
"volume_type": "gp3",
"delete_on_termination": true
}
],
"tags": {
"Name": "jambonz-sbc-sip-rtp"
},
"run_tags": {
"Name": "jambonz-sbc-sip-rtp-build"
}
}],
"provisioners": [
{
"type": "shell",
"inline": [
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
"export PATH=/usr/local/bin:$PATH",
"export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH",
"export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH",
"sudo setenforce 0",
"sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config",
"echo registering",
"sudo subscription-manager register --username={{user `redhat_username`}} --password={{user `redhat_password`}}",
"sudo dnf upgrade -y",
"sudo sed -i 's/manage_repos = 0/manage_repos = 1/' /etc/rhsm/rhsm.conf",
"cat /etc/rhsm/rhsm.conf",
"echo installing codeready repos",
"sudo subscription-manager repos --enable=codeready-builder-for-rhel-8-x86_64-rpms",
"echo installing epel repo",
"sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm",
"sudo dnf upgrade -y",
"echo running /usr/bin/crb",
"sudo /usr/bin/crb enable",
"echo installing rpmfusion repo",
"sudo dnf install -y https://download1.rpmfusion.org/free/el/rpmfusion-free-release-9.noarch.rpm",
"echo installing Development tools",
"sudo dnf groupinstall -y 'RPM Development Tools'",
"sudo dnf groupinstall -y 'Development Tools'",
"echo installing needed packages",
"sudo dnf install -y iptables-devel htop pandoc wget cmake ffmpeg ffmpeg-devel perl-IPC-Cmd pcre-devel iptables-devel \\",
"google-perftools-devel libcurl-devel jq telnet libevent-devel xmlrpc-c-devel gperf libpcap-devel \\",
"glib2-devel json-glib-devel hiredis-devel spandsp-devel mariadb-devel dnsutils speex libedit-devel opus-devel \\",
"glib2-devel json-glib-devel spandsp-devel hiredis-devel libevent-devel xmlrpc-c-devel perl-IPC-Cmd mariadb-devel snapd",
"sudo dnf debuginfo-install -y binutils",
"sudo chmod a+w /usr/local/src",
"ssh-keyscan github.com >> ~/.ssh/known_hosts",
"mkdir ~/apps",
"cd ~/apps",
"git config --global advice.detachedHead false",
"git clone https://github.com/jambonz/sbc-sip-sidecar.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-rtpengine-sidecar.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-outbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-inbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-smpp-esme.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-call-router.git -b {{user `jambonz_version`}}",
"sudo find / -name authorized_keys | sudo xargs -0 -r rm -Rf"
]
},
{
"type": "file",
"source": "files/",
"destination": "/tmp"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_os_tuning.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{build `ID`}}",
"script": "scripts/install_apiban.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_cloudwatch`}}",
"script": "scripts/install_cloudwatch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nodejs.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `rtp_engine_version`}}",
"script": "scripts/install_rtpengine.sh"
},
{
"type": "shell",
"environment_vars": [
"DD_KEY={{user `datadog_key`}}",
"DD_INSTALL={{user `install_datadog`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}'",
"script": "scripts/install_datadog.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `drachtio_version`}}",
"script": "scripts/install_drachtio.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `jambonz_version`}}",
"script": "scripts/install_app.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_telegraf`}}",
"script": "scripts/install_telegraf.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `leave_source`}}",
"script": "scripts/cleanup.sh"
}
]
}

163
packer/jambonz-sbc-sip-rtp/aws/template-rhel-9.json Normal file
View File

@@ -0,0 +1,163 @@
{
"variables": {
"region": "us-east-1",
"ssh_username": "ec2-user",
"ami_description": "jambonz SBC SIP+RTP",
"instance_type": "c6in.xlarge",
"drachtio_version": "v0.8.24-rc1",
"jambonz_version": "v0.8.5-rc10",
"ami_base_image_arch": "amd64",
"ami_base_image_owner": "309956199498",
"rtp_engine_version": "mr11.5.1.1",
"rtp_engine_min_port": "40000",
"rtp_engine_max_port": "60000",
"install_datadog": "no",
"datadog_key" : "",
"install_cloudwatch": "yes",
"install_telegraf": "yes",
"distro": "rhel-9",
"redhat_username": "your-redhat_username-here",
"redhat_password": "your-redhat_password-here",
"leave_source": "no"
},
"builders": [{
"type": "amazon-ebs",
"region": "{{user `region`}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "RHEL-9.2*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["{{user `ami_base_image_owner`}}"],
"most_recent": true
},
"instance_type": "{{user `instance_type`}}",
"ssh_username": "{{user `ssh_username`}}",
"ami_name": "jambonz-sbc-sip-rtp-{{user `jambonz_version`}}-{{user `distro`}}-{{user `ami_base_image_arch`}}-{{isotime |clean_resource_name }}",
"ami_description": "{{user `ami_description`}}",
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_size": 60,
"volume_type": "gp3",
"delete_on_termination": true
}
],
"tags": {
"Name": "jambonz-sbc-sip-rtp"
},
"run_tags": {
"Name": "jambonz-sbc-sip-rtp-build"
}
}],
"provisioners": [
{
"type": "shell",
"inline": [
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
"export PATH=/usr/local/bin:$PATH",
"export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH",
"export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH",
"sudo setenforce 0",
"sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config",
"echo registering",
"sudo subscription-manager register --username={{user `redhat_username`}} --password={{user `redhat_password`}}",
"sudo dnf upgrade -y",
"sudo sed -i 's/manage_repos = 0/manage_repos = 1/' /etc/rhsm/rhsm.conf",
"cat /etc/rhsm/rhsm.conf",
"echo installing codeready repos",
"sudo subscription-manager repos --enable=codeready-builder-for-rhel-9-x86_64-rpms",
"echo installing epel repo",
"sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm",
"sudo dnf upgrade -y",
"echo running /usr/bin/crb",
"sudo /usr/bin/crb enable",
"echo installing rpmfusion repo",
"sudo dnf install -y https://download1.rpmfusion.org/free/el/rpmfusion-free-release-9.noarch.rpm",
"echo installing Development tools",
"sudo dnf groupinstall -y 'RPM Development Tools'",
"sudo dnf groupinstall -y 'Development Tools'",
"echo installing needed packages",
"sudo dnf install -y iptables-devel htop pandoc wget cmake ffmpeg ffmpeg-devel perl-IPC-Cmd pcre-devel iptables-devel \\",
"google-perftools-devel libcurl-devel jq telnet libevent-devel xmlrpc-c-devel gperf libpcap-devel \\",
"glib2-devel json-glib-devel hiredis-devel spandsp-devel mariadb-devel dnsutils speex libedit-devel opus-devel \\",
"glib2-devel json-glib-devel spandsp-devel hiredis-devel libevent-devel xmlrpc-c-devel perl-IPC-Cmd mariadb-devel snapd",
"sudo dnf debuginfo-install -y binutils",
"sudo chmod a+w /usr/local/src",
"ssh-keyscan github.com >> ~/.ssh/known_hosts",
"mkdir ~/apps",
"cd ~/apps",
"git config --global advice.detachedHead false",
"git clone https://github.com/jambonz/sbc-sip-sidecar.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-rtpengine-sidecar.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-outbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-inbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-smpp-esme.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-call-router.git -b {{user `jambonz_version`}}",
"sudo find / -name authorized_keys | sudo xargs -0 -r rm -Rf"
]
},
{
"type": "file",
"source": "files/",
"destination": "/tmp"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_os_tuning.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{build `ID`}}",
"script": "scripts/install_apiban.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_cloudwatch`}}",
"script": "scripts/install_cloudwatch.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nodejs.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `rtp_engine_version`}}",
"script": "scripts/install_rtpengine.sh"
},
{
"type": "shell",
"environment_vars": [
"DD_KEY={{user `datadog_key`}}",
"DD_INSTALL={{user `install_datadog`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}'",
"script": "scripts/install_datadog.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `drachtio_version`}}",
"script": "scripts/install_drachtio.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `jambonz_version`}}",
"script": "scripts/install_app.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `install_telegraf`}}",
"script": "scripts/install_telegraf.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}} {{user `leave_source`}}",
"script": "scripts/cleanup.sh"
}
]
}

2
packer/jambonz-sbc-sip-rtp/aws/template.json
View File

@@ -3,7 +3,7 @@
"region": "us-east-1",
"ssh_username": "admin",
"ami_description": "jambonz SBC SIP+RTP",
"instance_type": "t3.xlarge",
"instance_type": "c6in.2xlarge",
"drachtio_version": "v0.8.24-rc1",
"jambonz_version": "v0.8.5-rc12",
"ami_base_image_arch": "amd64",

149
packer/jambonz-sbc-sip/aws/files/ecosystem-rhel9.config.js Normal file
View File

@@ -0,0 +1,149 @@
module.exports = {
apps : [
{
name: 'jambonz-smpp-esme',
cwd: '/home/ec2-user/apps/jambonz-smpp-esme',
script: 'app.js',
out_file: '/home/ec2-user/.pm2/logs/jambonz-smpp-esme.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-smpp-esme.log',
combine_logs: true,
instance_var: 'INSTANCE_ID',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
AVOID_UDH: true,
JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
JAMBONES_MYSQL_PASSWORD: '${JAMBONES_MYSQL_PASSWORD}',
JAMBONES_MYSQL_DATABASE: 'jambones',
JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
JAMBONES_REDIS_PORT: 6379,
JAMBONES_LOGLEVEL: 'debug',
JAMBONES_CLUSTER_ID: '${JAMBONES_CLUSTER_ID}',
HTTP_PORT: 3020
}
},
{
name: 'sbc-call-router',
cwd: '/home/ec2-user/apps/sbc-call-router',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-call-router.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-call-router.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
HTTP_PORT: 4000,
JAMBONES_INBOUND_ROUTE: '127.0.0.1:4002',
JAMBONES_OUTBOUND_ROUTE: '127.0.0.1:4003',
JAMBONZ_TAGGED_INBOUND: 1,
JAMBONES_NETWORK_CIDR: '${VPC_CIDR}',
}
},
{
name: 'sbc-sip-sidecar',
cwd: '/home/ec2-user/apps/sbc-registrar',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/sbc-sip-sidecar.log',
err_file: '/home/ec2-user/.pm2/logs/sbc-sip-sidecar.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
ENABLE_DATADOG_METRICS: 0,
JAMBONES_LOGLEVEL: 'info',
DRACHTIO_HOST: '127.0.0.1',
DRACHTIO_PORT: 9022,
DRACHTIO_SECRET: 'cymru',
JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
JAMBONES_MYSQL_PASSWORD: '${JAMBONES_MYSQL_PASSWORD}',
JAMBONES_MYSQL_DATABASE: 'jambones',
JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
JAMBONES_REDIS_PORT: 6379,
JAMBONES_NETWORK_CIDR: '${VPC_CIDR}'
}
},
{
name: 'sbc-outbound',
cwd: '/home/ec2-user/apps/sbc-outbound',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-outbound.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-outbound.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
JAMBONES_LOGLEVEL: 'info',
JAMBONES_NETWORK_CIDR: '${VPC_CIDR}',
ENABLE_DATADOG_METRICS: 0,
DRACHTIO_HOST: '127.0.0.1',
DRACHTIO_PORT: 9022,
DRACHTIO_SECRET: 'cymru',
JAMBONES_TRACK_ACCOUNT_CALLS: 0,
JAMBONES_TRACK_SP_CALLS: 0,
JAMBONES_TRACK_APP_CALLS: 0,
JAMBONES_RTPENGINES: '${JAMBONES_RTPENGINE_IPS}',
JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
JAMBONES_MYSQL_PASSWORD: '${JAMBONES_MYSQL_PASSWORD}',
JAMBONES_MYSQL_DATABASE: 'jambones',
JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
JAMBONES_REDIS_PORT: 6379
}
},
{
name: 'sbc-inbound',
cwd: '/home/ec2-user/apps/sbc-inbound',
script: 'app.js',
instance_var: 'INSTANCE_ID',
out_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-inbound.log',
err_file: '/home/ec2-user/.pm2/logs/jambonz-sbc-inbound.log',
exec_mode: 'fork',
instances: 1,
autorestart: true,
watch: false,
max_memory_restart: '1G',
env: {
NODE_ENV: 'production',
JAMBONES_LOGLEVEL: 'info',
JAMBONES_NETWORK_CIDR: '${VPC_CIDR}',
ENABLE_DATADOG_METRICS: 0,
DRACHTIO_HOST: '127.0.0.1',
DRACHTIO_PORT: 9022,
DRACHTIO_SECRET: 'cymru',
JAMBONES_RTPENGINES: '${JAMBONES_RTPENGINE_IPS}',
JAMBONES_MYSQL_HOST: '${JAMBONES_MYSQL_HOST}',
JAMBONES_MYSQL_USER: '${JAMBONES_MYSQL_USER}',
JAMBONES_MYSQL_PASSWORD: '${JAMBONES_MYSQL_PASSWORD}',
JAMBONES_MYSQL_DATABASE: 'jambones',
JAMBONES_MYSQL_CONNECTION_LIMIT: 10,
JAMBONES_REDIS_HOST: '${JAMBONES_REDIS_HOST}',
JAMBONES_REDIS_PORT: 6379,
JAMBONES_TRACK_ACCOUNT_CALLS: 0,
JAMBONES_TRACK_SP_CALLS: 0,
JAMBONES_TRACK_APP_CALLS: 0,
JAMBONES_CLUSTER_ID: '${JAMBONES_CLUSTER_ID}',
MS_TEAMS_SIP_PROXY_IPS: '52.114.148.0, 52.114.132.46, 52.114.75.24, 52.114.76.76, 52.114.7.24, 52.114.14.70'
}
}]
};

19
packer/jambonz-sbc-sip/aws/scripts/cleanup.sh Normal file
View File

@@ -0,0 +1,19 @@
#! /bin/bash
LEAVE_SOURCE=$1
DISTRO=$2
set -e
set -x
if [ "$DISTRO" == "rhel-9" ]; then
sudo dnf install -y iptables-services
else
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
sudo apt-get -y install iptables-persistent
sudo rm /root/.ssh/authorized_keys
sudo rm ~/.ssh/authorized_keys
fi
sudo rm -Rf /tmp/*
if [ "$LEAVE_SOURCE" = 'no' ]; then sudo rm -Rf /usr/local/src/*; fi

58
packer/jambonz-sbc-sip/aws/scripts/install_app.sh
View File

@@ -1,26 +1,46 @@
#!/bin/bash
VERSION=$1
DISTRO=$2
cd /home/admin
mkdir -p apps
cp /tmp/ecosystem.config.js apps
cd apps
if [ "$DISTRO" == "rhel-9" ]; then
HOME=/home/ec2-user
cd $HOME
mkdir -p apps
cp /tmp/ecosystem-rhel.config.js apps/ecosystem.config.js
cd apps
else
HOME=$HOME
cd $HOME
mkdir -p apps
cp /tmp/ecosystem.config.js apps
cd apps
fi
cd /home/admin/apps/sbc-inbound && npm ci --unsafe-perm
cd /home/admin/apps/sbc-outbound && npm ci --unsafe-perm
cd /home/admin/apps/sbc-call-router && npm ci --unsafe-perm
cd /home/admin/apps/sbc-sip-sidecar && npm ci --unsafe-perm
cd /home/admin/apps/jambonz-smpp-esme && npm ci --unsafe-perm
cd $HOME/apps/sbc-inbound && npm ci --unsafe-perm
cd $HOME/apps/sbc-outbound && npm ci --unsafe-perm
cd $HOME/apps/sbc-call-router && npm ci --unsafe-perm
cd $HOME/apps/sbc-sip-sidecar && npm ci --unsafe-perm
cd $HOME/apps/jambonz-smpp-esme && npm ci --unsafe-perm
sudo npm install -g pino-pretty pm2 pm2-logrotate gulp grunt
sudo -u admin bash -c "pm2 install pm2-logrotate"
sudo -u admin bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u admin bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u admin bash -c "pm2 set pm2-logrotate:compress true"
sudo chown -R admin:admin /home/admin/apps
sudo snap install core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
if [ "$DISTRO" == "rhel-9" ]; then
sudo chown -R 1000:1000 /home/ec2-user/.npm
sudo -u ec2-user bash -c "pm2 install pm2-logrotate"
sudo -u ec2-user bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u ec2-user bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u ec2-user bash -c "pm2 set pm2-logrotate:compress true"
sudo chown -R ec2-user:ec2-user $HOME/apps
sudo systemctl enable --now snapd.socket
sudo ln -s /var/lib/snapd/snap /snap
else
sudo -u admin bash -c "pm2 install pm2-logrotate"
sudo -u admin bash -c "pm2 set pm2-logrotate:max_size 1G"
sudo -u admin bash -c "pm2 set pm2-logrotate:retain 5"
sudo -u admin bash -c "pm2 set pm2-logrotate:compress true"
sudo chown -R admin:admin $HOME/apps
sudo snap install core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
fi

19
packer/jambonz-sbc-sip/aws/scripts/install_cloudwatch.sh
View File

@@ -1,13 +1,20 @@
#!/bin/bash
DISTRO=$2
if [ "$1" == "yes" ]; then
#install cloudwatch
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb -O /home/admin/amazon-cloudwatch-agent.deb
sudo dpkg -i -E /home/admin/amazon-cloudwatch-agent.deb
sudo rm -rf /home/admin/amazon-cloudwatch-agent.deb
#install cloudwatch
if [ "$DISTRO" == "rhel-9" ]; then
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/redhat/amd64/latest/amazon-cloudwatch-agent.rpm -O /tmp/amazon-cloudwatch-agent.rpm
sudo dnf install -y /tmp/amazon-cloudwatch-agent.rpm
sudo rm -rf /tmp/amazon-cloudwatch-agent.rpm
else
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/debian/amd64/latest/amazon-cloudwatch-agent.deb -O /home/admin/amazon-cloudwatch-agent.deb
sudo dpkg -i -E /home/admin/amazon-cloudwatch-agent.deb
sudo rm -rf /home/admin/amazon-cloudwatch-agent.deb
fi
# install config file for jambonz
sudo cp -r /tmp/cloudwatch-config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
# install config file for jambonz
sudo cp -r /tmp/cloudwatch-config.json /opt/aws/amazon-cloudwatch-agent/bin/config.json
fi

3
packer/jambonz-sbc-sip/aws/scripts/install_drachtio.sh
View File

@@ -1,5 +1,6 @@
#!/bin/bash
VERSION=$1
DISTRO=$2
echo "drachtio version to install is ${VERSION}"
@@ -8,7 +9,7 @@ cd /usr/local/src
git clone https://github.com/davehorton/drachtio-server.git -b ${VERSION}
cd drachtio-server
git submodule update --init --recursive
./autogen.sh && mkdir -p build && cd $_ && ../configure --enable-tcmalloc=yes CPPFLAGS='-DNDEBUG -O2 -g' && make && sudo make install
./autogen.sh && mkdir -p build && cd $_ && ../configure --enable-tcmalloc=yes CPPFLAGS='-DNDEBUG -O2 -g' && make -j 4 && sudo make install
sudo mv /tmp/drachtio.conf.xml /etc
sudo mv /tmp/drachtio.service /etc/systemd/system
sudo chmod 644 /etc/drachtio.conf.xml

29
packer/jambonz-sbc-sip/aws/scripts/install_nodejs.sh
View File

@@ -1,11 +1,26 @@
#!/bin/bash
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install nodejs -y
DISTRO=$1
echo "installing node.js for ${DISTRO}"
if [ "$DISTRO" == "rhel-9" ]; then
dnf install -y crypto-policies-scripts
sudo update-crypto-policies --set DEFAULT
sudo rpm --import https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
sudo dnf install -y https://rpm.nodesource.com/pub_18.x/nodistro/repo/nodesource-release-nodistro-1.noarch.rpm
sudo dnf install -y nodejs --setopt=nodesource-nodejs.module_hotfixes=1 --nogpgcheck
node -v
sudo dnf install -y npm --nogpgcheck
npm -v
else
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install -y nodejs npm
fi
sudo npm install -g npm@latest
node -v
npm -v

21
packer/jambonz-sbc-sip/aws/scripts/install_os_tuning.sh
View File

@@ -1,6 +1,8 @@
#!/bin/bash
DISTRO=$1
export PATH=/usr/local/bin:$PATH
sudo sed -i '/# End of file/i * hard nofile 65535' /etc/security/limits.conf
sudo sed -i '/# End of file/i * soft nofile 65535' /etc/security/limits.conf
sudo sed -i '/# End of file/i root hard nofile 65535' /etc/security/limits.conf
@@ -15,18 +17,33 @@ vm.dirty_expire_centisecs=200
vm.dirty_writeback_centisecs=100
EOT'
sudo cp /tmp/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
if [ "$DISTRO" == "rhel-9" ] ; then
grep -q "* soft core unlimited" /etc/security/limits.conf
if [ $? -ne 0 ]; then
echo "* soft core unlimited" | sudo tee -a /etc/security/limits.conf > /dev/null
fi
grep -q "* hard core unlimited" /etc/security/limits.conf
if [ $? -ne 0 ]; then
echo "* hard core unlimited" | sudo tee -a /etc/security/limits.conf > /dev/null
fi
ulimit -c unlimited
else
sudo cp /tmp/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
fi
# disable ipv6
echo "net.ipv6.conf.all.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf > /dev/null
echo "net.ipv6.conf.default.disable_ipv6 = 1" | sudo tee -a /etc/sysctl.conf > /dev/null
# install latest cmake
if [ "$DISTRO" == "debian-12" ]; then
if [ "$DISTRO" == "debian-12" ] || [ "$DISTRO" == "rhel-9" ] ; then
echo building an update cmake 3.27
cd /usr/local/src
wget https://github.com/Kitware/CMake/archive/refs/tags/v3.27.4.tar.gz
tar xvfz v3.27.4.tar.gz
cd CMake-3.27.4
./bootstrap && make -j 4 && sudo make install
export PATH=/usr/local/bin:$PATH
cmake --version
fi

31
packer/jambonz-sbc-sip/aws/scripts/install_telegraf.sh
View File

@@ -1,17 +1,36 @@
#!/bin/bash
DISTRO=$2
if [ "$1" == "yes" ]; then
INFLUXDB_IP=$2
cd /tmp
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo apt-get update
sudo apt-get install -y telegraf
if [ "$DISTRO" == "rhel-9" ]; then
cat <<EOF | sudo tee /etc/yum.repos.d/influxdata.repo
[influxdata]
name = InfluxData Repository
baseurl = https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://repos.influxdata.com/influxdata-archive_compat.key
EOF
echo checking disk space
df -h
dnf clean packages
echo after cleaning packages
df -h
sudo dnf install -y telegraf
else
wget -q https://repos.influxdata.com/influxdata-archive_compat.key
gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo apt-get update
sudo apt-get install -y telegraf
fi
sudo cp /tmp/telegraf.conf /etc/telegraf/telegraf.conf

149
packer/jambonz-sbc-sip/aws/template-rhel.json Normal file
View File

@@ -0,0 +1,149 @@
{
"variables": {
"region": "us-east-1",
"ssh_username": "ec2-user",
"ami_description": "jambonz SBC SIP",
"instance_type": "t3.xlarge",
"drachtio_version": "v0.8.24-rc1",
"jambonz_version": "v0.8.5-rc10",
"ami_base_image_arch": "amd64",
"ami_base_image_owner": "309956199498",
"install_datadog": "no",
"datadog_key" : "",
"install_cloudwatch": "yes",
"install_telegraf": "yes",
"distro": "rhel-9",
"redhat_username": "daveh-beachdog",
"redhat_password": "4DXUYYISNO460PMy",
"leave_source": "no"
},
"builders": [{
"type": "amazon-ebs",
"region": "{{user `region`}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "RHEL-9.2*",
"root-device-type": "ebs",
"architecture": "x86_64"
},
"owners": ["{{user `ami_base_image_owner`}}"],
"most_recent": true
},
"instance_type": "{{user `instance_type`}}",
"ssh_username": "{{user `ssh_username`}}",
"ami_name": "jambonz-sbc-sip-rtp-{{user `jambonz_version`}}-{{user `distro`}}-{{user `ami_base_image_arch`}}-{{isotime |clean_resource_name }}",
"ami_description": "{{user `ami_description`}}",
"launch_block_device_mappings": [
{
"device_name": "/dev/sda1",
"volume_size": 60,
"volume_type": "gp3",
"delete_on_termination": true
}
],
"tags": {
"Name": "jambonz-sbc-sip"
},
"run_tags": {
"Name": "jambonz-sbc-sip-build"
}
}],
"provisioners": [
{
"type": "shell",
"inline": [
"export PATH=/usr/local/bin:$PATH",
"export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH",
"export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH",
"sudo setenforce 0",
"sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config",
"echo registering",
"sudo subscription-manager register --username={{user `redhat_username`}} --password={{user `redhat_password`}}",
"sudo dnf upgrade -y",
"sudo sed -i 's/manage_repos = 0/manage_repos = 1/' /etc/rhsm/rhsm.conf",
"cat /etc/rhsm/rhsm.conf",
"echo installing codeready repos",
"sudo subscription-manager repos --enable=codeready-builder-for-rhel-9-x86_64-rpms",
"echo installing epel repo",
"sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm",
"sudo dnf upgrade -y",
"echo running /usr/bin/crb",
"sudo /usr/bin/crb enable",
"echo installing rpmfusion repo",
"sudo dnf install -y https://download1.rpmfusion.org/free/el/rpmfusion-free-release-9.noarch.rpm",
"echo installing Development tools",
"sudo dnf groupinstall -y 'RPM Development Tools'",
"sudo dnf groupinstall -y 'Development Tools'",
"echo installing needed packages",
"sudo dnf install -y htop pandoc wget cmake \\",
"google-perftools-devel libcurl-devel jq telnet gperf \\",
"hiredis-devel mariadb-devel dnsutils snapd",
"sudo chmod a+w /usr/local/src",
"ssh-keyscan github.com >> ~/.ssh/known_hosts",
"mkdir ~/apps",
"cd ~/apps",
"git config --global advice.detachedHead false",
"git clone https://github.com/jambonz/sbc-sip-sidecar.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-outbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-inbound.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/jambonz-smpp-esme.git -b {{user `jambonz_version`}}",
"git clone https://github.com/jambonz/sbc-call-router.git -b {{user `jambonz_version`}}"
]
},
{
"type": "file",
"source": "files/",
"destination": "/tmp"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_os_tuning.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{build `ID`}}",
"script": "scripts/install_apiban.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `distro`}}",
"script": "scripts/install_nodejs.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `install_cloudwatch`}} {{user `distro`}}",
"script": "scripts/install_cloudwatch.sh"
},
{
"type": "shell",
"environment_vars": [
"DD_KEY={{user `datadog_key`}}",
"DD_INSTALL={{user `install_datadog`}}"
],
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}'",
"script": "scripts/install_datadog.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `install_telegraf`}} {{user `distro`}}",
"script": "scripts/install_telegraf.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `drachtio_version`}} {{user `distro`}}",
"script": "scripts/install_drachtio.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `jambonz_version`}} {{user `distro`}}",
"script": "scripts/install_app.sh"
},
{
"type": "shell",
"execute_command": "chmod +x {{ .Path }}; sudo '{{ .Path }}' {{user `leave_source`}} {{user `distro`}}",
"script": "scripts/cleanup.sh"
}
]
}