NEW IssabelPBX 2.12 on Debian 11

[hecatae]

/grabs popcorn, see you in two hours.

apt install curl
curl http://repo.issabel.org/install-debian-install_amp | bash

 

[wardmundy]

@hecatae: It's been a few years since we played with Issabel.

Up and running on this new release with Proxmox in under 10 minutes...

 

[wardmundy]

For those wanting to experiment with Issabel on the Proxmox platform, we've created a new Issabel 2.12 container template which can be installed on your Proxmox server while logged into the CLI as root like this:

cd /var/lib/vz/template/cache
wget https://filedn.com/lBgbGypMOdDm8PWOoOiBR7j/IssabelPBX-2.12/issabel212.tar.zst

Once uploaded, you then can use the Proxmox GUI with Create CT to create usable IssabelPBX containers by specifying issabel212.tar.zst as the template. Recommend: 20GB disk, 2048 RAM, 1024 Cache, DHCP IP address.

Preconfigured Firewall Protection: NONE!

Once individual IssabelPBX Containers are installed and running...

Issabel CLI login -> root:password
Issabel Web VoIP GUI (shown above) -> http://ip-address login as admin:password
Issabel Web Mgmt GUI -> https://ip-address:9090/ login as root:password

 

[krzykat]

Yeah, the folks at Issabel are pretty solid. I think some of the distros watch each other and pick up tricks and solutions from each other. I'm quite certain that Issabel does. Their major drawback from this crowd is that since the principals are in South America, most of the forum tends to be in Spanish which makes it difficult for some.

I wonder why they wouldn't implement FreePBX firewall module though. ??

 

[Samot]

I wonder why they wouldn't implement FreePBX firewall module though. ??

Because it has a dependency of Sys Admin which is commercial.

 

[wardmundy]

We're not big fans of Wide Open PBXs so here's a quick installer for the Travelin' Man 3 firewall tailored to the new IssabelPBX release plus a pbxstatus script for Issabel:

cd /root
wget http://incrediblepbx.com/Firewall-IssabelPBX.tar.gz
tar zxvf Firewall-IssabelPBX.tar.gz
rm -f Firewall-IssabelPBX.tar.gz
./iptables-issabel.sh

pbxstatus, iptables-restart, add-ip, add-fqdn, and del-acct work exactly as they do on all Incredible PBX builds.

iptables -nL will show you the status of your firewall and its whitelists.

 

[wardmundy]

IssabelPBX-2.12 Repo at Nerd Vittles (includes Proxmox CT for IssabelPBX and Firewall)

 

[tjspcs]

We're not big fans of Wide Open PBXs so here's a quick installer for the Travelin' Man 3 firewall tailored to the new IssabelPBX release plus a pbxstatus script for Issabel:

cd /root
wget http://incrediblepbx.com/IncrediblePBX-IssabelPBX.tar.gz
tar zxvf IncrediblePBX-IssabelPBX.tar.gz
rm -f IncrediblePBX-IssabelPBX.tar.gz
./iptables-issabel.sh

pbxstatus, iptables-restart, add-ip, add-fqdn, and del-acct work exactly as they do on all Incredible PBX builds.

iptables -nL will show you the status of your firewall and its whitelists.

For Debian...

sed -i 's/^#OSrelease/OSrelease/' /usr/local/sbin/pbxstatus
sed -i 's|OSrelease="Jammy|#OSrelease="Jammy|' /usr/local/sbin/pbxstatus

 

[dicko]

Are you sure about that ? Debian is not Ubuntu although Ubuntu is based on Debian they are different enough.

 

[tjspcs]

Are you sure about that ? Debian is not Ubuntu although Ubuntu is based on Debian they are different enough.

Well if the idea is that we're using the IssabelPBX install script on a Debian base, the pbxstatus that's included in Ward's archive at the time of posting indicates that the distro is "Jammy Jellyfish". After changing around a couple of hash characters in the script it goes back to indicating that it's running on Debian 11 Bullseye instead

 

[dicko]

and Bullseye is probably what you want, lets ask Ward. . . . . . .Ward ?

 

[tjspcs]

and Bullseye is probably what you want, lets ask Ward. . . . . . .Ward ?

Indubitably.
That's why I shared the alteration to make it so. First sed command *removes* the hashtag on the line of code for indicating Debian is the distro, and the second command *adds* the hash to the line indicating Jammy Jellyfish, thus "fixing" the problem.

 

[wardmundy]

@tjspcs: Thanks. Cut-and-paste will bite you in the butt every time. Fixed. Also renamed to Firewall-IssabelPBX.tar.gz.

 

[hecatae]

Tried installing on a 512mb ram server but no...

Thanks for the firewall

 

[wardmundy]

These newer Linux machines require at least 1GB and preferably 2GB.

 

[hecatae]

Anyone worked out how to setup email?

 

[wardmundy]

Anyone worked out how to setup email?

It's Postfix so this tutorial should work if you're using Gmail as a relayhost.

Or read this tutorial if you're not using Gmail.

 

[hecatae]

interesting if you install this now it installs cockpit for management

cd /etc/apt/preferences.d
rm preferences
nano /etc/apt/sources.list
add
deb http://deb.debian.org/debian bullseye-backports main contrib non-free
deb-src http://deb.debian.org/debian bullseye-backports main contrib non-free

save file

apt update

 apt list --upgradable
Listing... Done
asterisk-config/oldstable-security 1:16.28.0~dfsg-0+deb11u4 all [upgradable from: 1:16.16.1~dfsg-1+deb11u1]
asterisk-doc/oldstable-security 1:16.28.0~dfsg-0+deb11u4 all [upgradable from: 1:16.16.1~dfsg-1+deb11u1]
asterisk-modules/oldstable-security 1:16.28.0~dfsg-0+deb11u4 amd64 [upgradable from: 1:16.16.1~dfsg-1+deb11u1]
asterisk-voicemail/oldstable-security 1:16.28.0~dfsg-0+deb11u4 amd64 [upgradable from: 1:16.16.1~dfsg-1+deb11u1]
asterisk/oldstable-security 1:16.28.0~dfsg-0+deb11u4 amd64 [upgradable from: 1:16.16.1~dfsg-1+deb11u1]

Configuration file '/etc/asterisk/queues.conf'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** queues.conf (Y/I/N/O/D/Z) [default=N] ? n

https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/asterisk-16.28.0-summary.txt

asterisk (1:16.28.0~dfsg-0+deb11u1) bullseye-security; urgency=high

Special care should be taken when upgrading to this new upstream release.
Some configuration files and options have changed in order to remedy
certain security vulnerabilities. Most notably the pjsip TLS listener only
accepts TLSv1.3 connections in the default configuration now. This can be
reverted by adding method=tlsv1_2 to the transport in pjsip.conf. See also
https://issues.asterisk.org/jira/browse/ASTERISK-29017.

-- Markus Koschany <[email protected]> Thu, 17 Nov 2022 10:29:05 +0100

 

[hecatae]

Reading the install source, this is also made for Ubuntu 20.04

So add a Ubuntu Pro subscription and you could run this until 2030.