Skip to content

Commit

Permalink
dev asterisk env
Browse files Browse the repository at this point in the history
  • Loading branch information
kevinnguyenai committed Sep 6, 2021
1 parent 9440656 commit 6924798
Show file tree
Hide file tree
Showing 216 changed files with 31,526 additions and 2,212 deletions.
7 changes: 7 additions & 0 deletions asterisk/.dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
.git
.gitignore
.github
.gitattributes
src/notused
local
demo/
6 changes: 6 additions & 0 deletions asterisk/.travis.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
language: ruby
os: linux
dist: bionic
services: docker
install: make build-all
script: make test-all
7 changes: 7 additions & 0 deletions asterisk/docker-asterisk-0.9.9/.dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
.git
.gitignore
.github
.gitattributes
src/notused
local
demo/
4 changes: 4 additions & 0 deletions asterisk/docker-asterisk-0.9.9/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
*private
local*
sub/*
!sub/module
3 changes: 3 additions & 0 deletions asterisk/docker-asterisk-0.9.9/.gitmodules
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[submodule "sub/module/phpami"]
path = sub/module/phpami
url = https://github.com/ofbeaton/phpami.git
6 changes: 6 additions & 0 deletions asterisk/docker-asterisk-0.9.9/.travis.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
language: ruby
os: linux
dist: bionic
services: docker
install: make build-all
script: make test-all
180 changes: 180 additions & 0 deletions asterisk/docker-asterisk-0.9.9/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,180 @@
# 0.9.9

- [docker](src/docker) Now use alpine:3.14 (asterisk:18.2.2).
- [docker](ROADMAP.md) Use [travis-ci.com](https://travis-ci.com/).

# 0.9.8

- [autoban](src/autoban) Let autoband handle AMI connection failures nicely.

# 0.9.7

- [docker](src/docker) Now use alpine:3.13 (asterisk:18.1.1).
- [test](test/Makefile) Move tests into test dir.

# 0.9.6

- [repo](hooks) Fixed bug in hooks/pre_build. Use curl in `make pre_build`.

# 0.9.5

- [codec](sub/codec) Provide the [G.729](https://en.wikipedia.org/wiki/G.729) and [G.723.1](https://en.wikipedia.org/wiki/G.723.1) audio codecs.
- [codec](sub/codec) Improved handling of codec versions (`BLD_CVER` in Makefile).

# 0.9.4

- [websms](src/websms) Use `prox_addr = 172.16.0.0/12,192.168.0.0/16` by default.

# 0.9.3

- [acme](src/acme) Introduce `ACME_POSTHOOK="sv restart asterisk"` and run that after we have updated the certificates.
- [docker](src/docker) Don't move `DOCKER_APPL_SSL_DIR=$DOCKER_SSL_DIR/asterisk` to persistent storage. Data there is updated at container startup anyway. Moreover there is no need to remove old data when it is updated.
- [privatedial](src/privatedial) In `pjsip_transport.conf` set `method=tlsv1_2` to harden TLS.

# 0.9.2

- [docker](src/docker) Use the native envvar `SVDIR` instead of `DOCKER_RUNSV_DIR`.
- [docker](src/docker) Update docker-common.sh.
- [docker](src/docker) Now use docker-config.sh.
- [docker](src/docker) Update docker-entrypoint.sh.
- [docker](src/docker) Update docker-service.sh.
- [docker](src/docker) Now use DOCKER_ENTRY_DIR=/etc/docker/entry.d and DOCKER_EXIT_DIR=/etc/docker/exit.d.
- [docker](Makefile) Improved smoke test.
- [acme](src/acme/bin/acme-extract.sh) Update module.
- [privatedial](src/privatedial) Breaking change. Now use `cert_file=/etc/ssl/asterisk/cert.pem` and `priv_key_file=/etc/ssl/asterisk/priv_key.pem`

# 0.9.1

- [repo](hooks) Added hooks/pre_build which assembles files from sub-modules.
- [repo](.travis.yml) Revisited `.travis.yml`.
- [docker](README.md) Proofread documentation.
- [docker](README.md) Fixed broken hyperlinks in documentation.

# 0.9.0

- [privatedial](src/privatedial) Break out endpoints from pjsip_wizard.conf to pjsip_endpoint.conf.
- [privatedial](src/privatedial) Use Hangup() instead of Goto() when entering extension `h`.
- [privatedial](src/privatedial) Work around bug in [MinivmGreet()](https://wiki.asterisk.org/wiki/display/AST/Asterisk+16+Application_MinivmGreet).
- [privatedial](src/privatedial) Renamed dialplan contexts.
- [privatedial](src/privatedial) Dialplan `[sub_voicemail]` now handles CHANUNAVAIL correctly.
- [privatedial](src/privatedial) Added `endpoint/bind_rtp_to_media_address = yes`
- [docker](README.md) Complete documentation.
- [docker](src/docker) Now use alpine:3.12 (asterisk:16.7.0).
- [websms](src/websms) `WEBSMSD_PORT=80` sets PHP web server port, used by WebSMS.
- [repo](src) Harmonized file names in `entry.d` and `exit.d`.
- [repo](sub) Use git submodule for third party projects.

# 0.8.0

- [websms](src/websms) Harmonized configuration parameter names.
- [websms](src/websms) Harmonized function names.
- [websms](src/websms) Facilitate static key-value pairs, `val_static = "key1=value1,key2=value2"`.
- [websms](src/websms) Parameter `val_numform`, now takes `E.164` (omit +) and `E.123`.
- [websms](src/websms) Improved Unicode configuration, allowing `val_unicode = "key=value"`.
- [websms](src/websms) Added authorization methods, `plain` and `none`.
- [websms](src/websms) Allow multiple API interfaces to be configured.
- [websms](src/websms) Now accept incoming message with null body.
- [websms](src/websms) Code clean up.
- [privatedial](src/privatedial) Use set_var=TRUNK_ENDPOINT to set outgoing target for each endpoint individually.
- [privatedial](src/privatedial) Don't use `endpoint/from_user`, it overwrites CallerID.

# 0.7.0

- [acme](src/acme/bin/acme-extract.sh) Support both v1 and v2 formats of the acme.json file.
- [acme](src/acme/entry.d/50-acme-monitor-tlscert) Support both host and domain wildcard TLS certificates.
- [websms](src/websms) Complete documentation.
- [privatedial](src/privatedial) Advancing documentation.
- [docker](README.md) Advancing documentation.
- [docker](src/notused) Cleanup `src/notused`.
- [docker](src/docker) Consolidate common functions in src/docker/bin/docker-common.sh.

# 0.6.0

- [docker](Dockerfile) Audio via PulseAudio.
- [docker](src/docker) Now use alpine:3.11 (asterisk:16.6.2).
- [demo](demo) Added demo.
- [demo](demo) Enabled audio via PulseAudio socket and cookie.
- [demo](demo) Use host timezone by mounting /etc/localtime.
- [websms](src/websms) Updating documentation.
- [privatedial](src/privatedial) Added demo-echotest in IVR.
- [privatedial](src/privatedial) Fixed initiation issue for minivm.

# 0.5.2

- [websms](src/websms) Fixing bugs related to special characters in SMS messages
- [websms](src/websms) Added `val_unicode` parameter. Set to `ucs-2` to make sure all characters are within the Unicode BMP (up to U+FFFF).
- [websms](src/websms) Updating documentation.
- [websms](src/websms) Refactoring of `astqueue.class.ini` to better cope with message encoding.
- [privatedial](src/privatedial) added `sub_decode_body` to cope with encoded messages.

# 0.5.1

- [docker](Makefile) Enable PHP profiling using xdebug.
- [autoban](src/autoban) Optimized code with respect to efficiency and speed.
- [autoban](src/autoban) Improved command line options of the shell utility.

# 0.5.0

- [acme](src/acme) Fixed dumpcert.sh leaking to stdout. Have it write to logger instead.
- [autoban](src/autoban) Added shell utility autoban, which helps to manage the NFT state
- [autoban](src/autoban) Updated documentation.
- [autoban](src/autoban) Now write to autoban.nft every time we get a security event and update NFT, so that its state is always preserved.
- [autoban](src/autoban) Code base now refactored and split into autoban.class.inc and nft.class.inc
- [websms](src/websms) Updated documentation.

# 0.4.0

- [privatedial](src/privatedial) Now keep main dial-plan conf files separate.
- [privatedial](src/privatedial) Start to document the PrivateDial dial-plan.
- [autoban](src/autoban) Now don't crash if autoban.conf does not have both an `[autoban]` and an `[nftables]` section.
- [autoban](src/autoban) Renamed autoband.php (it was autoban.php)
- [autoban](src/autoban) Updated documentation.
- [asterisk](src/asterisk) Added Networking section in README.md.

# 0.3.0

- [acme](src/acme) New support for [Let’s Encrypt](https://letsencrypt.org/) LTS certificates using [Traefik](https://traefik.io/) using `ACME_FILE=/acme/acme.json`.
- [asterisk](src/asterisk) Configuration now supports UDP, TCP and TLS and SDES.
- [asterisk](src/asterisk) Generate self-signed TLS certificate.
- [asterisk](src/asterisk) Improved structure of `pjsip_wizard.conf`.
- [asterisk](src/asterisk) Don't answer when device is UNAVAILABLE in `[dp_answer]`
- [docker](src/docker) The [docker-service.sh](src/docker/bin/docker-service.sh) script now have options: down, force, log, name, source, quiet.
- [websms](src/websms) Added `val_numform` parameter. Set to `E164` to strip phone numbers from leading +.

# 0.2.1

- [asterisk](src/asterisk) Sanitize incoming extensions so they are all international
- [asterisk](src/asterisk) Move APP_SMS global to extensions.conf
- [websms](src/websms) Use `$_POST` since `file_get_contents("php://input")` cannot handle multipart/form-data
- [websms](src/websms) Allow IP addr filtering behind proxy by using HTTP_X_FORWARDED_FOR
- [websms](src/websms) websmsd.php parameters are json decoded and searched recursively
- [websms](src/websms) Also support Zadarma POST parameters in websms.class.inc
- [websms](src/websms) Started WebSMS (separate) documentation
- [autoban](src/autoban) Fixed new bug in autoban.class.inc
- [autoban](src/autoban) Added conf sample file autoban.conf.sample

# 0.2.0

- [repo](src) Now reorganize repo files according to which service they provide
- [docker](Dockerfile) alpine 3.10.3 released so now build using alpine:3.10
- [docker](Dockerfile) Added Health check
- [docker](src/docker) Introduce a `SIGTERM` trap in `docker-entrypoint.sh` allowing graceful container termination with `exit.d` script execution
- [docker](src/docker) [docker-service.sh](src/docker/bin/docker-service.sh) now also take switches -n and -l.
- [docker](src/docker) We now create directory structure when an empty volume is mounted at /srv.
- [asterisk](src/asterisk) Based on live testing updated templates in pjsip_wizard.conf
- [asterisk](src/asterisk) Now use extensions-local.conf to keep all local configurations
- [asterisk](src/asterisk) Fixed typo in rtp.conf
- [websms](src/websms) Retired service sms/d which has been succeeded by websms/d
- [websms](src/websms) New verify POST request in websms.class.inc
- [websms](src/websms) New check source IP address in websms.class.inc
- [autoban](src/autoban) New service Autoban, which listens to security AMI events and dynamically configures nftables to block abusing IPs.
- [autoban](src/autoban) autoban.class.inc (formerly nft.class.inc) is now state less
- [autoban](src/autoban) Restricting Autoban's AMI access to a minimum
- [autoban](src/autoban) Autoban now has `repeatmult` punishing repeat offenders progressively more severely
- [autoban](src/autoban) Autoban now use nftables timeouts
- [autoban](src/autoban) Added `entry.d` and `exit.d` scripts so that the `nft` state is loaded/saved at container startup/shutdown.

# 0.1.0

- [docker](Dockerfile) Using alpine:3.9 since for alpine:3.10 there are dependency errors reported when asterisk starts.
- [privatedial](src/privatedial) minivm-send bash script simplify minivm configuration.
176 changes: 176 additions & 0 deletions asterisk/docker-asterisk-0.9.9/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,176 @@
ARG DIST=alpine
ARG REL=latest


#
#
# target: mini
#
# asterisk, minimal
#
#

FROM $DIST:$REL AS mini
LABEL maintainer=mlan

ENV SVDIR=/etc/service \
DOCKER_PERSIST_DIR=/srv \
DOCKER_BIN_DIR=/usr/local/bin \
DOCKER_ENTRY_DIR=/etc/docker/entry.d \
DOCKER_EXIT_DIR=/etc/docker/exit.d \
DOCKER_PHP_DIR=/usr/share/php7 \
DOCKER_SPOOL_DIR=/var/spool/asterisk \
DOCKER_CONF_DIR=/etc/asterisk \
DOCKER_LOG_DIR=/var/log/asterisk \
DOCKER_LIB_DIR=/var/lib/asterisk \
DOCKER_DL_DIR=/usr/lib/asterisk/modules \
DOCKER_NFT_DIR=/var/lib/nftables \
DOCKER_SEED_CONF_DIR=/usr/share/asterisk/config \
DOCKER_SEED_NFT_DIR=/etc/nftables \
DOCKER_SSL_DIR=/etc/ssl \
ACME_POSTHOOK="sv restart asterisk" \
SYSLOG_LEVEL=4 \
SYSLOG_OPTIONS=-SDt \
WEBSMSD_PORT=80
ENV DOCKER_MOH_DIR=$DOCKER_LIB_DIR/moh \
DOCKER_ACME_SSL_DIR=$DOCKER_SSL_DIR/acme \
DOCKER_APPL_SSL_DIR=$DOCKER_SSL_DIR/asterisk

#
# Copy utility scripts including docker-entrypoint.sh to image
#

COPY src/*/bin $DOCKER_BIN_DIR/
COPY src/*/entry.d $DOCKER_ENTRY_DIR/
COPY src/*/exit.d $DOCKER_EXIT_DIR/
COPY src/*/php $DOCKER_PHP_DIR/
COPY sub/*/php $DOCKER_PHP_DIR/
COPY src/*/config $DOCKER_SEED_CONF_DIR/
COPY src/*/nft $DOCKER_SEED_NFT_DIR/

#
# Facilitate persistent storage and install asterisk
#

RUN source docker-common.sh \
&& source docker-config.sh \
&& dc_persist_dirs \
$DOCKER_APPL_SSL_DIR \
$DOCKER_CONF_DIR \
$DOCKER_LOG_DIR \
$DOCKER_MOH_DIR \
$DOCKER_NFT_DIR \
$DOCKER_SPOOL_DIR \
&& mkdir -p $DOCKER_ACME_SSL_DIR \
&& apk --no-cache --update add \
asterisk

#
# Entrypoint, how container is run
#

ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["asterisk", "-fp"]


#
#
# target: base
#
# asterisk add-ons: WebSMS and AutoBan
#
#

FROM mini AS base

#
# Install packages used by the add-ons and register services
#

RUN apk --no-cache --update add \
asterisk-curl \
asterisk-speex \
asterisk-srtp \
openssl \
curl \
php7 \
php7-curl \
php7-json \
runit \
bash \
nftables \
jq \
&& docker-service.sh \
"syslogd -nO- -l$SYSLOG_LEVEL $SYSLOG_OPTIONS" \
"crond -f -c /etc/crontabs" \
"-q asterisk -pf" \
"-n websmsd php -S 0.0.0.0:$WEBSMSD_PORT -t $DOCKER_PHP_DIR websmsd.php" \
"$DOCKER_PHP_DIR/autoband.php" \
&& mkdir -p /var/spool/asterisk/staging

#
# Have runit's runsvdir start all services
#

CMD runsvdir -P ${SVDIR}

#
# Check if all services are running
#

HEALTHCHECK CMD sv status ${SVDIR}/*


#
#
# target: full
#
# Add sounds and configure ALSA pluging to PulseAudio
#
#

FROM base AS full

#
# Copy patent-encumbered codecs to image
#

COPY sub/*/module $DOCKER_DL_DIR/

#
# Install packages supporting audio
#

RUN apk --no-cache --update add \
asterisk-alsa \
alsa-plugins-pulse \
asterisk-sounds-en \
sox

#
#
# target: extra
#
# all asterisk packages
#
#

FROM full AS xtra

#
# Install all asterisk packages
#

RUN apk --no-cache --update add \
asterisk-cdr-mysql \
asterisk-dahdi \
asterisk-doc \
asterisk-fax \
asterisk-mobile \
asterisk-odbc \
asterisk-pgsql \
asterisk-tds \
asterisk-dbg \
asterisk-dev \
asterisk-sounds-moh \
man-pages
Loading

0 comments on commit 6924798

Please sign in to comment.