API tools faq
paste
Guest User

Untitled

a guest
Nov 16th, 2021
146
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.45 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. ########################## README ############ README ############# README #########################
  4. # El script first_boot_installer, tiene como finalidad desplegar el componente sobre una instancia
  5. # de linux exclusiva. Las variables que utiliza son "variables de entorno" de la instancia que está
  6. # por lanzar el script como acto seguido al primer boot del sistema operativo.
  7. # Dichas variables podrán ser provisionadas por un archivo .env (ej: Vagrant) o bien utilizando este
  8. # script como plantilla de terraform.
  9. #
  10. # En el caso de necesitar ejecutar este script manualmente sobre el user_data de una instancia cloud
  11. # o bien sobre una instancia onpremise a través de una conexión ssh, entonces se deberá copiar
  12. # esta plantilla hacia un archivo ignorado por git (first_boot_installer.sh) para luego sobre
  13. # dicha copia, descomentar las líneas que comienzan con la cadena "export", para posteriormente
  14. # introducir el valor deseado a cada variable.
  15. ########################## README ############ README ############# README #########################
  16.  
  17. # ******************** SET ENV VARS ******************** #
  18.  
  19. # The infrastructure environment:
  20. # Values: onpremise | digitalocean | linode | vultr | aws
  21. export oml_infras_stage=aws
  22.  
  23. # The GitLab branch
  24. export oml_app_release=master
  25.  
  26. # OMniLeads tenant NAME
  27. export oml_tenant_name=omlBN
  28.  
  29. # Device for recordings
  30. # Values: local | s3-do | s3-aws | nfs | disk
  31. export oml_callrec_device=local
  32.  
  33. # Parameters for S3 when s3-do is selected as store for oml_callrec_device
  34. #export s3_access_key=
  35. #export s3_secret_key=
  36. #export s3url=
  37. #export ast_bucket_name=
  38.  
  39. # Parameters for NFS when nfs is selected as store for oml_callrec_device
  40. #export nfs_host=
  41.  
  42. # ******* persistent data STORE block devices *******
  43.  
  44. # Values: /dev/disk/by-label/optoml-${oml_tenant_name}
  45. export optoml_device=NULL
  46. # Values: /dev/disk/by-label/pgsql-${oml_tenant_name}
  47. export pgsql_device=NULL
  48.  
  49. # Set your network interface
  50. export oml_nic=eth0
  51.  
  52. # ******* Variables for ACD Asterisk *******
  53. # AMI connection from OMLApp
  54. export oml_ami_user=omnileads
  55. export oml_ami_password=u66gsa8523gd7jcgeh3876ck3vrod8
  56. # Values: NULL | IP address or FQDN
  57. export oml_acd_host=NULL
  58.  
  59. # ******* Variables for PGSQL *******
  60. # POSTGRESQL network address and port
  61. # Values: NULL | IP address or FQDN
  62. export oml_pgsql_host=NULL
  63. export oml_pgsql_port=5432
  64. # POSTGRESQL user, password and DB parameters
  65. export oml_pgsql_db=omnileads
  66. export oml_pgsql_user=omnileads
  67. export oml_pgsql_password=u66gsa8523gd7jcgeh3876ck3vrod8
  68. # If PGSQL runs on cloud cluster, set this parameter to true
  69. export oml_pgsql_cloud=NULL
  70.  
  71. # ******* Variables for Dialer *******
  72. export api_dialer_user=demoadmin
  73. export api_dialer_password=demo
  74. # Values: NULL | IP address or FQDN
  75. export oml_dialer_host=NULL
  76.  
  77. # ******* Variables for WebRTC bridge *******
  78. # Values: NULL | IP address or FQDN
  79. export oml_rtpengine_host=NULL
  80. # Values: NULL | IP address or FQDN
  81. export oml_kamailio_host=NULL
  82.  
  83. # ******* Variables for Redis and Websocket *******
  84. # Values: NULL | IP address or FQDN
  85. export oml_redis_host=NULL
  86. # Values: NULL | IP address or FQDN
  87. export oml_websocket_host=NULL
  88. export oml_websocket_port=NULL
  89.  
  90. # *********************** NAT voip webrtc setting ***************************************************************************************
  91. # External IP. This parameter will set the public IP for SIP and RTP traffic, on environments where calls go through a firewall. #
  92. # Values: auto | IP address | none #
  93. # auto = The public IP will be obtained from http://ipinfo.io/ip. It depends on the WAN connection that OML is using to go to Internet. #
  94. # X.X.X.X = The public IP is set manually. #
  95. # none = If the agents are working on a LAN environment, and don't need a public IP. #
  96. # ***************************************************************************************************************************************
  97. export oml_extern_ip=13.5X.XXX.XXX
  98.  
  99. # ******* Vaiables for OMLApp web *******
  100. export oml_tz=America/Mexico_City
  101. # Session Cookie Age (SCA): It's the time in seconds that will last the https session when inactivity
  102. # is detected in the session (by default is 1 hour)
  103. export oml_app_sca=3600
  104. # Ephemeral Credentials TTL (ECTTL): It's the time in seconds that will last the SIP credentials
  105. # used to authenticate a SIP user in the telephony system (by default 8 hours)
  106. export oml_app_ecctl=3600
  107. # Login failure limit (LFM): It's the number of attempts a user has to enter an incorrect password in login
  108. # Decrease it if paranoic reasons
  109. export oml_app_login_fail_limit=10
  110.  
  111. # Values: true | false
  112. export oml_app_init_env=true
  113. export oml_app_reset_admin_pass=true
  114. export oml_app_install_sngrep=true
  115.  
  116. # ******************** SET ENV VARS ******************** #
  117.  
  118. COMPONENT_REPO=https://gitlab.com/omnileads/ominicontacto.git
  119. SRC=/usr/src
  120. PATH_DEPLOY=install/onpremise/deploy/ansible
  121. CALLREC_DIR_DST=/opt/omnileads/asterisk/var/spool/asterisk/monitor
  122. SSM_AGENT_URL="https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm"
  123. S3FS="/bin/s3fs"
  124. PATH_CERTS="$(cd "$(dirname "${BASH_SOURCE[0]}")" &> /dev/null && pwd)/certs"
  125.  
  126. # if callrec device like DISK BLOCK DEVICE
  127. if [[ ${oml_callrec_device} == "disk" ]];then
  128. CALLREC_BLOCK_DEVICE=/dev/disk/by-label/callrec-${oml_tenant_name}
  129. fi
  130.  
  131. echo "******************** OML RELEASE = ${oml_app_release} ********************"
  132.  
  133. sleep 20
  134.  
  135. echo "******************** block_device mount ********************"
  136.  
  137. if [[ ${optoml_device} != "NULL" ]];then
  138. mkdir /opt/omnileads
  139. echo "${optoml_device} /opt/omnileads ext4 defaults,nofail,discard 0 0" >> /etc/fstab
  140. fi
  141.  
  142. if [[ ${pgsql_device} != "NULL" ]];then
  143. mkdir /var/lib/pgsql
  144. echo "${pgsql_device} /var/lib/pgsql ext4 defaults,nofail,discard 0 0" >> /etc/fstab
  145. fi
  146.  
  147. mount -a
  148. sleep 10
  149. mount
  150.  
  151. echo "******************** IPV4 address config ********************"
  152.  
  153. case ${oml_infras_stage} in
  154. aws)
  155. echo -n "AWS"
  156. PRIVATE_IPV4=$(ip addr show ${oml_nic} | grep "inet\b" | awk '{print $2}' | cut -d/ -f1)
  157. PUBLIC_IPV4=$(curl ifconfig.co)
  158. ;;
  159. digitalocean)
  160. echo -n "DigitalOcean"
  161. PUBLIC_IPV4=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address)
  162. PRIVATE_IPV4=$(curl -s http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address)
  163. ;;
  164. linode)
  165. echo -n "Linode"
  166. PRIVATE_IPV4=$(ip addr show ${oml_nic} |grep "inet 192.168" |awk '{print $2}' | cut -d/ -f1)
  167. PUBLIC_IPV4=$(curl checkip.amazonaws.com)
  168. ;;
  169. onpremise)
  170. echo -n "Onpremise CentOS7 Minimal"
  171. PRIVATE_IPV4=$(ip addr show ${oml_nic} | grep "inet\b" | awk '{print $2}' | cut -d/ -f1)
  172. PUBLIC_IPV4=$(curl ifconfig.co)
  173. ;;
  174. vagrant)
  175. echo -n "Vagrant CentOS7 Minimal CI/CD"
  176. PRIVATE_IPV4=$STAGING_IP_CENTOS
  177. PUBLIC_IPV4=$(curl ifconfig.co)
  178. ;;
  179. *)
  180. echo -n "You must to set STAGE variable\n"
  181. ;;
  182. esac
  183.  
  184. echo "******************** STAGE fix /etc/hosts ********************"
  185.  
  186. case ${oml_infras_stage} in
  187. digitalocean)
  188. echo -n "DigitalOcean"
  189. sed -i 's/127.0.0.1 '$(hostname)'/#127.0.0.1 '$(hostname)'/' /etc/hosts
  190. sed -i 's/::1 '$(hostname)'/#::1 '$(hostname)'/' /etc/hosts
  191. ;;
  192. vultr)
  193. echo -n "Vultr"
  194. TEMP_HOSTNAME=$(hostname)
  195. sed -i 's/127.0.0.1 '$TEMP_HOSTNAME'/#127.0.0.1 '$TEMP_HOSTNAME'/' /etc/hosts
  196. sed -i 's/::1 '$TEMP_HOSTNAME'/#::1 '$TEMP_HOSTNAME'/' /etc/hosts
  197. ;;
  198. *)
  199. echo -n "Your stage is clean.\n"
  200. ;;
  201. esac
  202.  
  203. echo "******************** SELinux and firewalld disable ********************"
  204.  
  205. setenforce 0
  206. sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux
  207. sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
  208. systemctl disable firewalld > /dev/null 2>&1
  209. systemctl stop firewalld > /dev/null 2>&1
  210.  
  211. echo "******************** yum update and install packages ********************"
  212.  
  213. case ${oml_infras_stage} in
  214. aws)
  215. amazon-linux-extras install epel
  216. yum install -y $SSM_AGENT_URL kernel-devel git
  217. yum install -y python3-pip patch libedit-devel libuuid-devel
  218. systemctl start amazon-ssm-agent
  219. systemctl enable amazon-ssm-agent
  220. ;;
  221. *)
  222. yum update -y
  223. yum -y install git python3 python3-pip kernel-devel
  224. ;;
  225. esac
  226.  
  227. echo "******************** Ansible installation ********************"
  228.  
  229. sleep 5
  230. pip3 install --upgrade pip
  231. pip3 install --user 'ansible==2.9.2'
  232. export PATH="$HOME/.local/bin/:$PATH"
  233.  
  234. echo "******************** git clone omnileads repo ********************"
  235.  
  236. cd $SRC
  237. git clone --recurse-submodules --branch ${oml_app_release} $COMPONENT_REPO
  238. cd ominicontacto
  239. git submodule update --remote
  240.  
  241. echo "******************** inventory setting ********************"
  242.  
  243. sed -i "s/#localhost ansible/localhost ansible/g" $PATH_DEPLOY/inventory
  244.  
  245. # PGSQL edit inventory params **************************************************
  246.  
  247. if [[ "${oml_pgsql_cloud}" == "true" ]];then
  248. sed -i "s/postgres_cloud=false/postgres_cloud=true/g" $PATH_DEPLOY/inventory
  249. fi
  250. if [[ "${oml_pgsql_db}" != "NULL" ]];then
  251. sed -i "s/postgres_database=omnileads/postgres_database=${oml_pgsql_db}/g" $PATH_DEPLOY/inventory
  252. fi
  253. if [[ "${oml_pgsql_user}" != "NULL" ]];then
  254. sed -i "s/#postgres_user=omnileads/postgres_user=${oml_pgsql_user}/g" $PATH_DEPLOY/inventory
  255. fi
  256. if [[ "${oml_pgsql_password}" != "NULL" ]];then
  257. sed -i "s/#postgres_password=my_very_strong_pass/postgres_password=${oml_pgsql_password}/g" $PATH_DEPLOY/inventory
  258. fi
  259. if [[ "${oml_pgsql_host}" != "NULL" ]];then
  260. sed -i "s/#postgres_host=/postgres_host=${oml_pgsql_host}/g" $PATH_DEPLOY/inventory
  261. fi
  262. if [[ "${oml_pgsql_port}" != "NULL" ]];then
  263. sed -i "s/#postgres_port=/postgres_port=${oml_pgsql_port}/g" $PATH_DEPLOY/inventory
  264. fi
  265.  
  266. # Asterisk ACD parameters *******
  267.  
  268. if [[ "${oml_ami_user}" != "NULL" ]];then
  269. sed -i "s/#ami_user=omnileadsami/ami_user=${oml_ami_user}/g" $PATH_DEPLOY/inventory
  270. fi
  271. if [[ "${oml_ami_password}" != "NULL" ]];then
  272. sed -i "s/#ami_password=5_MeO_DMT/ami_password=${oml_ami_password}/g" $PATH_DEPLOY/inventory
  273. fi
  274. if [[ "${oml_acd_host}" != "NULL" ]];then
  275. sed -i "s/#asterisk_host=/asterisk_host=${oml_acd_host}/g" $PATH_DEPLOY/inventory
  276. fi
  277.  
  278. # Wombat Dialer parameters *******
  279.  
  280. if [[ "${api_dialer_user}" != "NULL" ]];then
  281. sed -i "s/#dialer_user=demoadmin/dialer_user=${api_dialer_user}/g" $PATH_DEPLOY/inventory
  282. fi
  283. if [[ "${api_dialer_password}" != "NULL" ]];then
  284. sed -i "s/#dialer_password=demo/dialer_password=${api_dialer_password}/g" $PATH_DEPLOY/inventory
  285. fi
  286. if [[ "${oml_dialer_host}" != "NULL" ]];then
  287. sed -i "s/#dialer_host=/dialer_host=${oml_dialer_host}/g" $PATH_DEPLOY/inventory
  288. fi
  289.  
  290. # WebRTC kamailio & rtpengine params *******
  291.  
  292. if [[ "${oml_kamailio_host}" != "NULL" ]];then
  293. sed -i "s/#kamailio_host=/kamailio_host=${oml_kamailio_host}/g" $PATH_DEPLOY/inventory
  294. fi
  295. if [[ "${oml_rtpengine_host}" != "NULL" ]];then
  296. sed -i "s/#rtpengine_host=/rtpengine_host=${oml_rtpengine_host}/g" $PATH_DEPLOY/inventory
  297. fi
  298. if [[ "${oml_extern_ip}" != "NULL" ]];then
  299. sed -i "s/#extern_ip=auto/extern_ip=${oml_extern_ip}/g" $PATH_DEPLOY/inventory
  300. fi
  301.  
  302. # Redis, Nginx and Websockets params *******
  303.  
  304. if [[ "${oml_redis_host}" != "NULL" ]];then
  305. sed -i "s/#redis_host=/redis_host=${oml_redis_host}/g" $PATH_DEPLOY/inventory
  306. fi
  307. if [[ "$NGINX_HOST" != "NULL" ]];then
  308. sed -i "s/#nginx_host=/nginx_host=$NGINX_HOST/g" $PATH_DEPLOY/inventory
  309. fi
  310. if [[ "${oml_websocket_host}" != "NULL" ]];then
  311. sed -i "s/#websocket_host=/websocket_host=${oml_websocket_host}/g" $PATH_DEPLOY/inventory
  312. fi
  313. if [[ "${oml_websocket_port}" != "NULL" ]];then
  314. sed -i "s/#websocket_port=/websocket_port=${oml_websocket_port}/g" $PATH_DEPLOY/inventory
  315. fi
  316.  
  317. # Others App params *******
  318.  
  319. sed -i "s%\#TZ=%TZ=${oml_tz}%g" $PATH_DEPLOY/inventory
  320.  
  321. if [[ "$${oml_app_sca}" != "NULL" ]];then
  322. sed -i "s/sca=3600/sca=$${oml_app_sca}/g" $PATH_DEPLOY/inventory
  323. fi
  324. if [[ "${oml_app_ecctl}" != "NULL" ]];then
  325. sed -i "s/sca=28800/sca=${oml_app_ecctl}/g" $PATH_DEPLOY/inventory
  326. fi
  327. if [[ "${oml_app_login_fail_limit}" != "NULL" ]];then
  328. sed -i "s/LOGIN_FAILURE_LIMIT=10/LOGIN_FAILURE_LIMIT=${oml_app_login_fail_limit}/g" $PATH_DEPLOY/inventory
  329. fi
  330. if [[ "${oml_app_reset_admin_pass}" == "true" ]];then
  331. sed -i "s/reset_admin_password=false/reset_admin_password=true/g" $PATH_DEPLOY/inventory
  332. fi
  333.  
  334. # User certs verification *******
  335.  
  336. if [ -f $PATH_CERTS/key.pem ] && [ -f $PATH_CERTS/cert.pem ];then
  337. cp $PATH_CERTS/key.pem $SRC/ominicontacto/install/onpremise/deploy/ansible/certs
  338. cp $PATH_CERTS/cert.pem $SRC/ominicontacto/install/onpremise/deploy/ansible/certs
  339. fi
  340.  
  341. sleep 35
  342.  
  343. echo "******************** deploy.sh execution ********************"
  344.  
  345. cd $PATH_DEPLOY
  346. ./deploy.sh -i --iface=${oml_nic}
  347.  
  348. echo "******************** NET File Systen callrec ********************"
  349.  
  350. case ${oml_callrec_device} in
  351. s3-do)
  352. echo "Callrec device: S3-DigitalOcean \n"
  353. yum install -y s3fs-fuse
  354. echo "${s3_access_key}:${s3_secret_key} " > ~/.passwd-s3fs
  355. chmod 600 ~/.passwd-s3fs
  356. if [ ! -d $CALLREC_DIR_DST ];then
  357. mkdir -p $CALLREC_DIR_DST
  358. chown omnileads.omnileads -R $CALLREC_DIR_DST
  359. fi
  360. echo "${ast_bucket_name} $CALLREC_DIR_DST fuse.s3fs _netdev,allow_other,use_path_request_style,url=${s3url} 0 0" >> /etc/fstab
  361. mount -a
  362. ;;
  363. s3-aws)
  364. echo "Callrec device: S3-AWS \n"
  365. yum install -y s3fs-fuse
  366. if [ ${aws_region} == "us-east-1" ];then
  367. URL_OPTION=""
  368. else
  369. URL_OPTION="-o url=https://s3-${aws_region}.amazonaws.com"
  370. fi
  371. S3FS_OPTIONS="${ast_bucket_name} $CALLREC_DIR_DST -o iam_role=${iam_role_name} $URL_OPTION -o umask=0007 -o allow_other -o nonempty -o uid=$(id -u omnileads) -o gid=$(id -g omnileads) -o kernel_cache -o max_background=1000 -o max_stat_cache_size=100000 -o multipart_size=52 -o parallel_count=30 -o multireq_max=30 -o dbglevel=warn"
  372. echo "*** Comprobando que se tiene acceso al bucket"
  373. BUCKETS_LIST=$(aws s3 ls ${ast_bucket_name})
  374. until [ $? -eq 0 ];do
  375. >&2 echo "*** No se ha podido acceder al bucket"
  376. BUCKETS_LIST=$(aws s3 ls ${ast_bucket_name})
  377. done
  378. echo "*** Se pudo acceder al bucket!, siguiendo"
  379. echo "*** Montando bucket ${ast_bucket_name}"
  380. $S3FS $S3FS_OPTIONS
  381. echo "$S3FS $S3FS_OPTIONS" >> /etc/rc.local
  382. ;;
  383. nfs)
  384. echo "Callrec device: NFS \n"
  385. yum install -y nfs-utils nfs-utils-lib
  386. if [ ! -d $CALLREC_DIR_DST ];then
  387. mkdir -p $CALLREC_DIR_DST
  388. chown omnileads.omnileads -R $CALLREC_DIR_DST
  389. fi
  390. echo "${nfs_host}:$CALLREC_DIR_DST $CALLREC_DIR_DST nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0" >> /etc/fstab
  391. mount -a
  392. ;;
  393. disk)
  394. echo "Callrec device: Disk \n"
  395. mkdir -p $CALLREC_DIR_DST
  396. echo "$CALLREC_BLOCK_DEVICE $CALLREC_DIR_DST ext4 defaults,nofail,discard 0 0" >> /etc/fstab
  397. mount -a
  398. ;;
  399. *)
  400. echo "callrec on local filesystem \n"
  401. ;;
  402. esac
  403.  
  404. sleep 30
  405.  
  406. echo "******************** Exec task if RTP run AIO ********************"
  407.  
  408. if [[ "${oml_rtpengine_host}" == "NULL" && "${oml_infras_stage}" != "onpremise" ]];then
  409. echo -n "STAGE rtpengine \n"
  410. echo "OPTIONS="-i $PUBLIC_IPV4 -o 60 -a 3600 -d 30 -s 120 -n 127.0.0.1:22222 -m 20000 -M 30000 -L 7 --log-facility=local1"" > /etc/rtpengine-config.conf
  411. systemctl start rtpengine
  412. fi
  413.  
  414. echo "******************** REDIS accept conection on private NIC ********************"
  415.  
  416. if [[ "${oml_redis_host}" == "NULL" ]];then
  417. sed -i "s/bind 127.0.0.1/bind 127.0.0.1 $PRIVATE_IPV4/g" /etc/redis.conf
  418. fi
  419.  
  420. echo "******************** WA issue #172 ********************"
  421.  
  422. chown omnileads.omnileads -R /opt/omnileads/media_root
  423.  
  424. echo "******************** setting demo environment ********************"
  425.  
  426. if [[ "${oml_app_init_env}" == "true" ]];then
  427. su -c "/opt/omnileads/bin/manage.sh inicializar_entorno" --login omnileads
  428. fi
  429.  
  430. echo "******************** sngrep SIP sniffer install ********************"
  431.  
  432. if [[ "${oml_app_install_sngrep}" == "true" ]];then
  433. yum install ncurses-devel make libpcap-devel pcre-devel \
  434. openssl-devel git gcc autoconf automake -y
  435. cd /root && git clone https://github.com/irontec/sngrep
  436. cd sngrep && ./bootstrap.sh && ./configure && make && make install
  437. ln -s /usr/local/bin/sngrep /usr/bin/sngrep
  438. fi
  439.  
  440. #reboot
  441.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!