Home » Posts tagged 'vm' (Page 2)

Tag Archives: vm

The Most Versatile VoIP Provider: FREE PORTING

The Ultimate Linux Sandbox in the Cloud for Less Than a $35 Raspberry Pi 2



Every few years we like to drop back and take a fresh look at the best way to get started with Linux. For those coming from the Windows World, it can be a painful process. Learning with a Cloud-based server can be especially dangerous because of the security risks. And then there’s the cost factor. Not everyone has several hundred dollars to buy hardware and, frankly, learning about Linux on a $35 Raspberry Pi can drive most newbies to drink. So today we’ll show you another way. It’s not necessarily a better way. But it’s different, and it’s loads of fun for not much money. Today’s project only takes 30 minutes.

There’s lots to hate at Cloud At Cost, a Canadian provider that offers virtual machines in the cloud for a one-time fee with no recurring charges. For $35 or less, you get a virtual machine with 512MB of RAM, 10GB of storage, and a gigabit Internet connection FOR LIFE. We haven’t seen a week go by when Cloud at Cost didn’t offer some sort of discount. Today it’s 70% off with coupon code TAKE70 which brings the total cost down to $10.50. That’s less than a burger at Five Guys. That’s the good news. But, if security, 99.999% reliability, performance, and excellent customer support are your must-haves, then look elsewhere. So why would anyone in their right mind sign up for a cloud solution that didn’t offer those four things? Did we mention it’s $10.50 for a lifetime cloud server?

If you take our recommendation and plunk down your Alexander Hamilton, you’ll need to go into this with the right attitude. It’s not going to be flawless perfection computing. It’s a sandbox on which to experiment with Linux and Cloud Computing. Will your virtual machine disintegrate at some juncture? Probably. Our experience is that the first couple days are critical. If you start seeing sluggish performance which degenerates to zero, don’t waste your time. Take good notes as you go along, delete the virtual machine, and rebuild a new one. It won’t cost you a dime, and it’ll save you hours of frustration. We suspect that bad folks get onto some of the servers and delight in bringing the machines to their knees. So the quicker you cut your losses, the better off you will be. Is CloudAtCost a good solution for production use? Absolutely not so don’t try to fit a square peg in the round hole. It’s not gonna work, and you WILL be disappointed. You’ve been warned. Let’s get started. ENJOY THE RIDE!

Our objective today is to show you how to build a rock-solid, secure Linux server in the Cloud with all the bells and whistles that make Linux the server platform of choice for almost every organization in the world. We’ll finish up by showing you how to embellish the platform with WordPress to do something that’s special for you whether it’s your own blog like Nerd Vittles, or a school newspaper, or an on-line shopping site to sell comic books. The basic foundation for most Linux platforms is called a LAMP server which stands for Linux, Apache, MySQL, and PHP. Linux is an open source operating system that includes contributions from thousands of developers around the world. Apache is the web server platform on which most commercial businesses stake their reputation. MySQL is the open source database management system now owned by Oracle. If it’s good enough for Facebook, it’s good enough for you. And PHP is THE web-based programming language that will let you build almost any application using Linux, Apache, and MySQL.

So what’s the big deal? There are thousands of online tutorials that will show you how to build a LAMP server. For long time readers of Nerd Vittles, you already know that the component we continually stress is security. Without that, the rest really doesn’t matter. You’ll be building a platform for someone else to hijack and use for nefarious purposes. When we’re finished today, you’ll have a cloud-based server that is totally invisible to the rest of the world with the exception of its web interface. And we’ll show you a simple way to reduce the exposure of your web interface to some of its most likely attackers. Will it be 100% secure? Nope. If you have a web server on the public Internet, it’s never going to be 100% secure because there’s always the chance of a software bug that nobody has yet discovered and corrected. THAT’S WHAT BACKUPS ARE FOR!

Creating Your Virtual Machine Platform in the Cloud

To get started, you’ve got to plunk down your $10.50 at Cloud at Cost using coupon code TAKE70. Once you’ve paid the piper, they will send you credentials to log into the Cloud at Cost Management Portal. Change your password IMMEDIATELY after logging in. Just go to SETTINGS and follow your nose.

To create your virtual machine, click on the CLOUDPRO button and click Add New Server. If you’ve only purchased the $10.50 CloudPRO 1 platform, then you’ll need all of the available resources shown in the pick list. Leave CentOS 6.7 64bit selected as the OS Type and click Complete. Depending upon the type of special pricing that Cloud at Cost is offering when you sign up, the time to build your virtual machine can take anywhere from a minute to the better part of a day. We’ve learned to build new virtual machines at night, and they’re usually available for use by the next morning. Luckily, this slow performance does not impact existing virtual machines that already are running in their hosting facility.

Initial Configuration of Your CentOS 6.7 Virtual Machine

With a little luck, your virtual machine soon will appear in your Cloud at Cost Management Portal and look something like what’s shown above. The red arrow points to the i button you’ll need to click to decipher the password for your new virtual machine. You’ll need both the IP address and the password for your new virtual machine in order to log into the server which is now up and running with a barebones CentOS 6.7 operating system. Note the yellow caution flag. That’s telling you that Cloud at Cost will automatically shut down your server in a week to save (them) computing resources. You can change the setting to keep your server running 24/7. Click Modify, Change Run Mode, and select Normal – Leave Powered On. Click Continue and OK to save your new settings.

Finally, you’ll want to change the Host Name for your server to something more descriptive than c7…cloudpro.92… Click the Modify button again and click Rename Server to make the change. Your management portal then will show the new server name as shown above.

Logging into Your CentOS 6.7 Virtual Machine

In order to configure and manage your new CentOS 6.7 virtual machine, you’ll need to log into the new server using either SSH or, for Windows users, Putty. After installing Putty, run it and log in to the IP address of your VM with username root and the password you deciphered above. On a Mac, open a Terminal session and issue a command like this using the actual IP address of your new virtual machine:

ssh root@12.34.56.78

Before you do anything else, reset your root password to something very secure: passwd

Installing the LAMP Server Basics with CentOS 6.7

Now we’re ready to build your LAMP server platform. We’ve chopped this up into lots of little steps so we can explain what’s happening as we go along. There’s nothing hard about this, but we want to document the process so you can repeat it at any time. As we go along, just cut-and-paste each clump of code into your SSH or Putty session and review the results to make sure nothing comes unglued. If something does, the beauty of virtual machines is you can delete them instantly within your management portal and just start over whenever you like. So here we go…

We’ll begin by permanently turning off SELINUX which causes more problems than it solves. The first command turns it off instantly. The second line assures that it’ll stay off whenever you reboot your virtual machine.

setenforce 0
sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/selinux/config

Now let’s bring CentOS 6.7 up to current specs and add a few important applications:

yum -y update
yum -y install nano wget expect net-tools dialog git xz
yum -y install kernel-headers
yum -y install kernel-devel
reboot

After reboot, log back in as root. Now we’ll set up your Apache web server and configure it to start whenever you reboot your server:

yum -y install httpd
service httpd start
chkconfig httpd on

Now let’s set up your MySQL server, bring it on line, and make sure it restarts after server reboots. Unless you plan to add Asterisk® and FreePBX® to your server down the road, you’ll want to uncomment the two commands that begin with # by removing the # symbol and replacing new-password with a very secure password for your root user account in MySQL. Be sure to run the last command to secure your server. After logging in, the correct answers are n,Y,Y,Y,Y.

yum -y install mysql mysql-server
service mysqld start
chkconfig mysqld on
#/usr/bin/mysqladmin -u root password 'new-password'
#/usr/bin/mysqladmin -u root -p -h localhost.localdomain password 'new-password'
mysql_secure_installation

Next, we’ll set up PHP and configure it to work with MySQL:

yum -y install php
yum -y install php-mysql
service httpd restart

Finally let’s get SendMail installed and configured. Insert your actual email address in the last line and send yourself a test message to be sure it’s working. Be sure to check your spam folder since the message will show a sender address of localhost which many email systems including Gmail automatically identify as spam.

yum -y install sendmail
rpm -e postfix
service sendmail restart
yum -y install mailx
echo "test" | mail -s testmessage youracctname@yourmailserver.com

Installing Supplemental Repositories for CentOS 6.7

One of the beauties of Linux is not being totally dependent upon CentOS for all of your packaged applications. Let’s add a few other repositories that can be used when you need to add a special package that is not in the CentOS repository. Let’s start with EPEL. We’ll disable it by default and only use it when we need it.

yum -y install http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
sed -i 's|enabled=1|enabled=0|' /etc/yum.repos.d/epel.repo

We actually need the EPEL repo to install Fail2Ban for monitoring of attacks on certain Linux services such as SSH:

yum --enablerepo=epel install fail2ban -y
cd /etc
wget http://incrediblepbx.com/fail2ban-lamp.tar.gz
tar zxvf fail2ban-lamp.tar.gz


We also need the EPEL repo to install ipset, a terrific addition to the IPtables Linux firewall that lets you quickly block entire countries from accessing your server:

yum --enablerepo=epel install ipset -y

Next, we’ll add a sample script that documents how the country blocking mechanism works with ipset.1 For a complete list of countries that can be blocked, go here. If you need a decoder badge to match abbreviations against country names, you’ll find it here. To add other countries, simply edit the shell script and clone lines 4-7 using the names of the countries and country zone files that you wish to add. Be sure to insert the new lines before the commands to restart iptables and fail2ban. This script will need to be run each time your server reboots and before IPtables is brought on line. We’ll handle that a little later.

echo "#\\!/bin/bash" > /etc/block-china.sh
echo " " >> /etc/block-china.sh
echo "cd /etc" >> /etc/block-china.sh
echo "ipset -N china hash:net" >> /etc/block-china.sh
echo "rm cn.zone" >> /etc/block-china.sh
echo "wget -P . http://www.ipdeny.com/ipblocks/data/countries/cn.zone" >> /etc/block-china.sh
echo "for i in \$(cat /etc/cn.zone ); do ipset -A china \$i; done" >> /etc/block-china.sh
echo "service iptables restart" >> /etc/block-china.sh
echo "service fail2ban restart" >> /etc/block-china.sh
sed -i 's|\\\\||' /etc/block-china.sh
chmod +x /etc/block-china.sh

Another important repository is REMI. It is especially helpful if you decide to upgrade PHP from the default version 5.3 to one of the newer releases: 5.5 or 5.6. In this case, you’ll want to activate the specific repository to support the release you choose in /etc/yum.repos.d/remi-safe.repo.

yum -y install http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
sed -i 's|enabled=1|enabled=0|' /etc/yum.repos.d/remi-safe.repo

One final repository to have on hand is RPMForge, now renamed RepoForge. We’ll use it in a bit to install a dynamic DNS update utility which you actually won’t need at CloudAtCost since your server is assigned a static IP address. But it’s handy to have in the event you wish to assign a free FQDN to your server anyway.

yum -y install http://incrediblepbx.com/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
sed -i 's|enabled = 1|enabled = 0|' /etc/yum.repos.d/rpmforge.repo

Adding a Few Utilities to Round Out Your LAMP Server Deployment

If you’re like us, you’ll want to test the speed of your Internet connection from time to time. Let’s install a free script that you can run at any time by logging into your server as root and issuing the command: /root/speedtest-cli

cd /root
wget https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py
chmod +x speedtest.py

Next, let’s put in place a simple status display which will quickly tell you what’s running and what’s not. We’ve borrowed some GPL code from Incredible PBX to help you out. Run status-lamp at any time for a snapshot of your server.

cd /usr/local/sbin
wget http://incrediblepbx.com/status-lamp.tar.gz
tar zxvf status-lamp.tar.gz
rm -f status-lamp.tar.gz
sed -i 's|myip.pbxinaflash.com|myip.incrediblepbx.com|' /usr/local/sbin/status-lamp

Now we’ll put the Linux Swiss Army Knife in place. It’s called WebMin, and it provides a GUI to configure almost everything in Linux. Pick up a good WebMin book from your public library to get started. Once installed, you access WebMin from your browser at the IP address of your server on the default port of 10000: https://serverIPaddress:10000. It’s probably a good idea to change this port number and the commented out line shows how to do it with the new port being 9001 in the example. The way in which we typically configure the Linux firewall will block all access to WebMin except from an IP address which you have whitelisted, e.g. your home computer’s public IP address.

cd /root
yum -y install perl perl-Net-SSLeay openssl perl-IO-Tty
yum -y install http://prdownloads.sourceforge.net/webadmin/webmin-1.780-1.noarch.rpm
#sed -i 's|10000|9001|g' /etc/webmin/miniserv.conf
service webmin restart
chkconfig webmin on

Tweaking Your CloudAtCost Setup Improves Performance and Improves Security

Finally, let’s address a couple of CloudAtCost quirks that may cause problems down the road. CloudAtCost has a nasty habit of not cleaning up after itself with fresh installs. The net result is your root password gets reset every time you reboot.

killall plymouthd
echo killall plymouthd >> /etc/rc.local
rm -f /etc/rc3.d/S97*

With the exception of firewall configuration, which is so important that we’re covering it separately below, you now have completed the LAMP server installation. After completing the firewall steps in the next section, simply reboot your server and you’re ready to go.

The Most Important Step: Configuring the Linux IPtables Firewall

RULE #1: DON’T BUILD SERVERS EXPOSED TO THE INTERNET WITHOUT ROCK-SOLID SECURITY!

As installed by CloudAtCost, your server provides ping and SSH access from a remote computer and nothing else. The good news: it’s pretty safe. The bad news: it can’t do anything useful for anybody because all web access to the server is blocked. We want to fix that, tighten up SSH access to restrict it to your IP address, and deploy country blocking to show you how.

As we implement the firewall changes, you need to be extremely careful in your typing so that you don’t accidentally lock yourself out of your own server. A typo in an IP address is all it takes. The good news is that, if you do lock yourself out, you still can gain access via the CloudAtCost Management Portal by clicking the Console button of your virtual machine. Because the console is on the physical machine and the lo interface is whitelisted, you can log in and disable the firewall temporarily: service iptables stop. Then fix the typo and restart the firewall: service iptables start.

First, let’s download the new IPtables config file into your root folder and take a look at it.

cd /root
wget http://incrediblepbx.com/iptables-lamp.tar.gz
tar zxvf iptables-lamp.tar.gz

Now edit the /root/iptables-lamp file by issuing the command: nano -w /root/iptables-lamp

You can scroll up and down through the file with Ctl-V and Ctl-Y. Cursor keys work as well. Once you make changes, save your work: Ctl-X, Y, ENTER. You’re now an expert with the nano text editor, an absolutely essential Linux tool.

Here’s what that file actually looks like:

*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp ! --syn -m state --state NEW -j DROP
-A INPUT -m state --state INVALID -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A INPUT -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN              -j DROP
-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST              -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST              -j DROP
-A INPUT -p tcp -m tcp --tcp-flags ACK,FIN FIN                  -j DROP
-A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG                  -j DROP
-A INPUT -p tcp -m set --match-set china src                    -j DROP
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 123 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
#-A INPUT -s 12.34.56.78 -j ACCEPT
#-A INPUT -s yourFQDN.dyndns.org -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Reminder: If you add another country to your block-china script, don’t forget to add a corresponding new country entry to your iptables file. See line 17 above that includes the word "china" for the syntax. There’s nothing much else to tweak except the two commented out (brown) lines that begin with #. First, remove the # symbol by moving the cursor to the right of the first one and hitting the backspace/delete key on your keyboard. Replace 12.34.56.78 with the public IP address of the computer from which you will be accessing your virtual machine. If you need multiple entries for multiple computers at different addresses, clone the line by pressing Ctrl-K and then Ctrl-U twice. Yes, we know. Some folks IP addresses change from time to time. In the next section, we’ll show you how to set up a Dynamic DNS entry with a utility that will keep track of your current IP address. In this case, uncomment the second commented line and replace yourFQDN.dyndns.org with your dynamic DNS address. Be very careful to assure that your FQDN is always on line. If the firewall cannot verify your DNS entry when it starts, the IPtables firewall will not start which means your server will be left unprotected. HINT: IP addresses are much safer because they are never verified.

Once you have your addresses configured, save the file: Ctl-X, Y, ENTER. Then issue the following commands to copy everything into place and restart the firewall.

mv /etc/sysconfig/iptables /etc/sysconfig/iptables.orig
cp -p /root/iptables-lamp /etc/sysconfig/iptables
echo "/etc/block-china.sh" >> /etc/rc.local
/etc/block-china.sh

Always, always, always check to be sure your firewall is functioning: iptables -nL. If you don’t see your desktop computer’s public IP address near the end of the listing, then the firewall is dead. status-lamp should also show IPtables down. Check for an error message which will tell you the problematic line so you can correct it.

Implementing Dynamic DNS Service on Your Virtual Machine

There are a number of free and paid Dynamic DNS providers. The way this works is you choose a fully-qualified domain name (FQDN) to identify your computer. Then you run a dynamic DNS update utility periodically from that computer. It reports back the current public IP address of your computer and your provider updates the IP address assigned to your FQDN if it has changed. In addition to supporting sites with ever changing IP addresses, it also allows you to permanently assign an FQDN to your computer or server so that it can be accessed without using a cryptic IP address.

If that computer happens to be an Incredible PBX server or a LAMP server that you’ve set up using this tutorial, then the following will get the DNS client update utility loaded using the RPM Forge repository that we previously installed:

yum --enablerepo=rpmforge install ddclient -y

Similar DNS update clients are available for Windows, Mac OS X, and many residential routers. Then it’s just a matter of plugging in the credentials for your dynamic DNS provider and your FQDN. In the case of the CentOS client, the config file is /etc/ddclient/ddclient.conf. Now reboot your server and pick up a good book on Linux to begin your adventure.

Now For Some Fun…

First, let’s check things out and make sure everything is working as it should. With your favorite web browser, visit the IP address of your new server. You should see the default Apache page:

Next, let’s be sure that PHP is working as it should. While still logged into your server as root using SSH or Putty, issue the following commands and make up some file name to replace test4567 in both lines. Be sure to keep the .php file name extension. Note to gurus: Yes, we know the second line below is unnecessary if you remove the space after the less than symbol in the first line. Unfortunately, WordPress forces the space into the display which left us no alternative.

echo "< ?php phpinfo(); ?>" > /var/www/html/test4567.php
sed -i 's|< |<|' /var/www/html/test4567.php

Now jump back to your web browser and access the new page you just created using the IP address of your server and the file name you made up: http://12.34.56.78/test4567.php

The PHPinfo listing will tell you everything you ever wanted to know about your web server setup including all of the PHP functions that have been enabled. That's why you want an obscure file name for the page. You obviously don't want to share that information with every bad guy on the planet. Remember. This is a public-facing web site that anyone on the Internet can access if they know or guess your IP address.

When you're ready to set up your own web site, just name it index.php and store the file in the /var/www/html directory of your server. In the meantime, issuing the following command will assure that anyone accessing your site gets a blank page until you're ready to begin your adventure:

echo " " > /var/www/html/index.php

Ready to learn PHP programming? There's no shortage of books to get you started.

Adding WordPress to Your LAMP Server

Where to begin with WordPress? What used to be a simple platform for bloggers has morphed into an all-purpose tool that makes building virtually any type of web site child's play. If you want to see what's possible, take a look at the templates and sample sites shown on WPZOOM. Unless you're an art major and savvy web designer, this will be the best $70 you ever spent. One of these templates will have your site up and running in minutes once we put the WordPress pieces in place. For the big spenders, $149 will give you access to over 50 gorgeous templates which you can download and use to your heart's content on multiple sites. And, no, your sites don't blow up after a year. You just can't download any additional templates or updates unless you renew your subscription. The other alternative is choose from thousands of templates that are provided across the Internet as well as in the WordPress application itself.

WordPress templates run the gamut from blogs to newsletters to photographer sites to e-commerce to business portfolios to video to travel to magazines to newspapers to education to food to recipes to restaurants and more. Whew! There literally is nothing you can't put together in minutes using a WordPress template. But, before you can begin, we need to get WordPress installed on your server. This is optional, of course. And, if you follow along and add WordPress, we've set it up in such a way that WordPress becomes the primary application for your site. Stated differently, when people use a browser to access your site, your WordPress template will immediately display. When we finish the basic WordPress setup and once you upload an image or two, you'll have a site that looks something like this:

Before you begin, we strongly recommend that you acquire a domain for your site if you plan to use it for anything but experimentation. The reason is because it can be complicated to migrate a WordPress site from one location to another.2 Once you've acquired your domain, point the domain to the IP address of your new server. With a dirt cheap registrar such as Omnis.com, it's easy:

Now let's get started. To begin, we need to load the WordPress application onto your server:

cd /root
mkdir wordpress
cd wordpress
wget http://wordpress.org/latest.tar.gz
tar -xvzf latest.tar.gz -C /var/www/html

Next, we'll configure MySQL to support WordPress. We're assuming that you have NOT already created root passwords for MySQL. If you have, you'll need to add -pYourPassword to the various commands below immediately after root. There is no space between -p and your root password. Also edit the first line and make up a new password (replacing XYZ below) for the wordpress user account that will manage WordPress on your server before you cut and paste the code:

mysql -u root -e 'CREATE USER wordpress@localhost IDENTIFIED BY "XYZ";'
mysql -u root -e 'CREATE DATABASE wordpress;'
mysql -u root -e 'GRANT ALL ON wordpress.* TO wordpress@localhost;'
mysql -u root -e 'FLUSH PRIVILEGES;'

Next, we need to configure WordPress with your new MySQL credentials. Before you cut and paste, replace XYZ in the fourth line with the password you assigned in the preceding MySQL step:

cp /var/www/html/wordpress/wp-config-sample.php /var/www/html/wordpress/wp-config.php
sed -i 's|database_name_here|wordpress|' /var/www/html/wordpress/wp-config.php
sed -i 's|username_here|wordpress|' /var/www/html/wordpress/wp-config.php
sed -i 's|password_here|XYZ|' /var/www/html/wordpress/wp-config.php
chown -R apache:apache /var/www/html/wordpress

Before you forget, take a moment and create a very secure password for your MySQL root user accounts. Here are the commands. Just replace new-password with your new password before you cut and paste. Note that you also will be prompted for this password when you execute the second command because you will now have a root user password in place from executing the first command.

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -p -h localhost.localdomain password 'new-password'

Finally, we need to modify your Apache web server to support WordPress as the primary application. Be sure to enter your actual email address in the third line before you cut and paste the code below:

echo " " >> /etc/httpd/conf/httpd.conf
echo "" >> /etc/httpd/conf/httpd.conf
echo 'ServerAdmin somebody@somedomain.com' >> /etc/httpd/conf/httpd.conf
echo "DocumentRoot /var/www/html/wordpress" >> /etc/httpd/conf/httpd.conf
echo "ServerName wordpress" >> /etc/httpd/conf/httpd.conf
echo "ErrorLog /var/log/httpd/wordpress-error-log" >> /etc/httpd/conf/httpd.conf
echo "CustomLog /var/log/httpd/wordpress-acces-log common" >> /etc/httpd/conf/httpd.conf
echo "" >> /etc/httpd/conf/httpd.conf
echo " " >> /etc/httpd/conf/httpd.conf
service httpd restart

That should do it. Open a browser and navigate to the IP address of your server. You should be greeted with the following form. Fill in the blanks as desired. The account you're setting up will be the credentials you use to add and modify content on your WordPress site when you click Log In (as shown above). Make the username obscure and the password even more so. Remember, it's a public web site accessible worldwide! When you click Install WordPress, you'll be off to the races.

After your server whirs away for a minute or two, you will be greeted with the WordPress login prompt. With the username and password you entered above, you'll be ready to start configuring your WordPress site.

Once you're logged in, navigate to Appearance -> Themes and click Add New Theme. There's you will find literally hundreds of free WordPress templates that can be installed in a matter of seconds if WPZOOM is too rich for your blood. For a terrific all-purpose (free) theme, try Atahualpa. We'll leave our actual demo site running for a bit in case you want to explore and check out its performance. Installing and configuring the new theme took less than a minute:

A Final Word to the Wise. WordPress is relatively secure but new vulnerabilities are discovered regularly. Keep your templates, plug-ins, AND the WordPress application up to date at all times! The WordFence plug-in is a must-have. And we strongly recommend adding the following lines to your WordPress config file which then will let WordPress update everything automatically. Microsoft has given automatic updates a bad name, but in the case of WordPress, they work well.

echo "define('WP_AUTO_UPDATE_CORE', true);" >> /var/www/html/wordpress/wp-config.php
echo "add_filter( 'auto_update_plugin', '__return_true' );" >> /var/www/html/wordpress/wp-config.php
echo "add_filter( 'auto_update_theme', '__return_true' );" >> /var/www/html/wordpress/wp-config.php

Special Thanks: Our special tip of the hat goes to a few web sites that we found helpful in putting this article together especially Unixmen and Matt Wilcox & friends and Programming-Review.

Wondering What to Build Next with your new $10.50 Server in the Sky? Check out the latest Nerd Vittles tutorial. Turn it into a VoIP server FOR LIFE with free calling to/from the U.S. and Canada. Call for free demo:


Originally published: Monday, January 25, 2016





Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest...

  1. It doesn't take long for the probing to begin. So watch your logs, look up the IP addresses to identify the countries, and block them unless you happen to be expecting visitors from that part of the world:
    [Sun Jan 24 00:36:12 2016] [error] [client 40.114.202.60] File does not exist: /var/www/html/wordpress/w00tw00t.at.blackhats.romanian.anti-sec:)
    [Sun Jan 24 00:36:12 2016] [error] [client 40.114.202.60] File does not exist: /var/www/html/wordpress/phpMyAdmin
    [Sun Jan 24 00:36:13 2016] [error] [client 40.114.202.60] File does not exist: /var/www/html/wordpress/phpmyadmin
    [Sun Jan 24 00:36:13 2016] [error] [client 40.114.202.60] File does not exist: /var/www/html/wordpress/pma
    [Sun Jan 24 00:36:13 2016] [error] [client 40.114.202.60] File does not exist: /var/www/html/wordpress/myadmin
    [Sun Jan 24 00:36:14 2016] [error] [client 40.114.202.60] File does not exist: /var/www/html/wordpress/MyAdmin
    [Mon Jan 25 00:29:29 2016] [error] [client 137.116.220.182] File does not exist: /var/www/html/wordpress/w00tw00t.at.blackhats.romanian.anti-sec:)
    [Mon Jan 25 00:29:29 2016] [error] [client 137.116.220.182] File does not exist: /var/www/html/wordpress/phpMyAdmin
    [Mon Jan 25 00:29:29 2016] [error] [client 137.116.220.182] File does not exist: /var/www/html/wordpress/phpmyadmin
    [Mon Jan 25 00:29:30 2016] [error] [client 137.116.220.182] File does not exist: /var/www/html/wordpress/pma
    [Mon Jan 25 00:29:30 2016] [error] [client 137.116.220.182] File does not exist: /var/www/html/wordpress/myadmin
    [Mon Jan 25 00:29:30 2016] [error] [client 137.116.220.182] File does not exist: /var/www/html/wordpress/MyAdmin
    []
  2. Should you ever have to migrate your WordPress site from one domain to another, here are two helpful tools to consider: the Automatic Domain Name Changer Plugin and the one we use, WordPress-Domain-Changer. []

Virtual Paradise: An Asterisk OVF Template for VMware and VirtualBox Fans

UPDATE: A newer Incredible PBX image for VMware is now available here.

Let’s face it. Virtual Machines are the future of server administration. Whether you prefer your own dedicated hardware or cloud-based resources managed by you or someone else, virtual platforms are the way to go. You get more bang for the buck out of your hardware by pooling resources for multiple tasks. Platforms such as VMware® and VirtualBox® make it easy.

What we were missing in the Asterisk® aggregation market was a simplified, open source installer that would let you deploy servers on the virtual platform of your choice without our having to maintain separate builds for each VM technology.

Today, we’re pleased to introduce the new Incredible PBX Unified Installer for VMware and VirtualBox with new OVF editions for Incredible PBX Full Enchilada as well as Lean & Mean. Download the OVF flavor of your choice to your desktop and fire up your favorite virtual machine GUI. With a few mouse clicks and a couple of minutes, you’ll have a Scientific Linux 6.7 platform in place with Incredible PBX just a single keystroke away. It doesn’t get any easier than that. And, unlike the static builds offered by the competition, with Incredible PBX you always get the very latest release of Asterisk 13 and the Incredible PBX GUI compiled on the fly from source code that you can actually examine, enhance, and share… just like the GPL license says. Feel free to compare our open source approach to Sangoma’s Gotcha Special. You have a very real choice!

July 20 NEWS FLASH: Google now has discontinued support of their XMPP interface to Google Voice so the latest CentOS/SL version of Incredible PBX (13-13.7) including the Incredible PBX ISO now incorporate NAF’s GVSIP interface to Google Voice. You can read all about it here. What has changed is you now add Google Voice trunks from the command line by running /root/gvsip-naf/install-gvsip. You can delete trunks by running /root/gvsip-naf/del-trunk. Once one or more trunks have been added, they are numbered GVSIP1 through GVSIPn. Using the GUI, you then add an Outbound Route and an Inbound Route for each trunk. You’ll need both your Google Voice 10-digit phone number and a Refresh Token to add a new trunk. This functionality is not yet available in the virtual machine builds, but you can easily add it. Once your virtual machine is up and running, head over to this GVSIP tutorial for step-by-step instructions. New virtual machine builds natively supporting GVSIP will be available soon.

Choosing a Virtual Machine Platform

Making the right deployment choice for your virtual machine platform depends upon a number of factors. We initially started out with Proxmox 4 which looked promising. After all, we had used and recommended earlier releases of Proxmox for many years until some security vulnerabilities caused us to look elsewhere. Those kernel issues are now a thing of the past, but Proxmox 4 introduced some new wrinkles. First, to stay current with software fixes and updates, you have to pay the piper by signing up for the annual support license. This turned out to be a deal breaker for a couple of reasons. It was expensive since it’s based upon the number of CPUs in your platform. In the case of the hardware shown below, that turned out to be 4 CPUs (by Proxmox’s calculation) which meant the annual support license would run nearly $400 per year. That buys an enormous number of virtual machines at Digital Ocean without having to babysit hardware at all. And, you get a $10 credit to try out the service just for signing up. We also ran into serious technical problems with Proxmox 4. While the server would run without hiccups for a day or so, connectivity failed regularly after that. A reboot would fix the problem for another day, and then it was more of the same. Whether this was a bug or a design choice to encourage paid software updates, we obviously don’t know. Regardless of the reason, we reluctantly concluded that Proxmox 4 wasn’t ready for production use.

That narrowed the selection to VMware or VirtualBox. VMware is rock-solid and has been for more than fifteen years. VirtualBox is equally good, but typically runs on a desktop computer rather than dedicated hardware. If you don’t have the funds for a hardware purchase to support your virtualization requirements, then VirtualBox is a no-brainer. For many, however, some separation of the virtualization environment from your desktop computing environment is desirable. And, again, the choice is a no-brainer. VMware wins that one, hands down.

Getting Started with VMware ESXi

Many of you have VMware platforms already in place at work. For you, installing Incredible PBX is as simple as downloading the OVF tarball to your desktop and importing it into your existing platform. If you’re new to VMware, here’s an easy way to get started, and the software won’t cost you a dime. VMware offers a couple of free products that will give you everything you need to run a robust VMware platform on relatively inexpensive hardware. Let’s start with the hardware.

A $500 VMware Platform for SOHO and Small Business Applications

You’re looking at all the components that make up the $500 Intel® NUC D54250WYK with a Core i5 dual-core processor, a 250GB mSATA drive, and 16GB of RAM. While you install the RAM and disk drive yourself, if you can unscrew 5 screws and have 5 minutes to spare, you can handle this.

Here’s how we started. Of course, you can adjust the components and the merchant to meet your own requirements. For us, Amazon1 works great, and the prices are competitive. Who else delivers on Sunday? Despite the notice that the computer would be here on Monday, we knew better. And sure enough it was in the box with the other Sunday goodies. We removed the four screws from the bottom feet of the computer, and the case opened easily. Next, we unscrewed the screw from the bottom of the motherboard that holds the SSD drive in place securely. Snap in the mSATA drive and the two memory sticks, replace the screws, and we were in business.

NEWS FLASH: The Intel NUC pictured above is the 4th Generation Core i5 device. Now the 5th Generation edition is an even better deal. See the sidebar for the NUC5i5RYK link.

A Free VMware Software Platform for SOHO and Small Business Applications

Before you can download either of the components for the free VMware ESXi platform, you’ll need to sign up for a free account at my.vmware.com. Once you’re signed up, log in and go to the ESXi 6 Download Center and sign up for a free ESXi license key:

  1. Write down your assigned License Key
  2. Manually download the VMware vSphere Hypervisor 6.0 Update 1 ISO
  3. Manually download the VMware vSphere Client 6.0U1

Next, burn the ISO to a CD/DVD and boot your dedicated VM hardware platform with it. Follow the instructions to complete the install. Next install the vSphere Client on a Windows computer. Don’t forget to add your ESXi License Key when you complete the installation. Once the ESXi server is up and running, you can stick the hardware on a shelf somewhere out of the way. You will rarely interact with it. That’s all handled using the VMware vSphere Client on your Windows Desktop. Yes, there is a web client as well, but you’ll have to pay for that one.

Deploying Incredible PBX OVF Templates with VMware vSphere Client

Deploying an Incredible PBX OVF template takes about two minutes, but first you need to download and unzip the desired Incredible PBX OVF templates from SourceForge onto your Windows Desktop.

Once you have the Incredible PBX OVF templates on your desktop, here are the deployment steps:

1. Login to the vSphere Client on your Windows Desktop using the root account you set up when you installed ESXi. Choose File, Deploy OVF Template.

2. Select the desired Incredible PBX .ovf template from your desktop PC after first unzipping the downloads.

3. Click Next.

4. Give the new Virtual Machine a name.

5. IMPORTANT: Choose Thin Provision option and click Next.

6. Review your entries and click Next to create the new Virtual Machine.

7. It takes about 2 minutes to create the new Virtual Machine.

8. The Main Client window will redisplay and your new VM should now be shown in the left panel. (1) Click on it. (2) Then click the Green start icon. (3) Click the Console Window icon.

9. When the VM’s Console Window opens, click in the window in the black area. Then press ENTER to kick off the Incredible PBX Phase 2 install. Review the Incredible PBX tutorial to get started.

Ctrl-Alt gets your mouse and keyboard out of the console window.

Installing the vSphere Web Client

If you’re lucky, you may not have a Windows machine. The downside is that the vSphere Client described above only works on the Windows platform. After hours of searching some of the most dreadful documentation on the planet, we finally uncovered a simple way to install the (experimental) vSphere Web Client. It is pure HTML5 with no Flash code! It’s also not ready for prime time. Most of the feature set looks pretty but doesn’t work if you have a free license. But it will give you an idea of where VMware is headed, and the bug reportedly will be fixed in the ESXi 6.0U2 release.

FYI: An easy way to apply License Key once it’s set up: Virtual Machines -> Licensing -> Apply License

1. Log into the console of your ESXi server as root using your root password.

2. Press F2 to Customized System.

3. Choose Troubleshooting Options.

4. Choose Enable SSH.

5. Using a Terminal window on a Mac or Linux machine or using Putty with Windows, log into the IP address of your ESXi server as root.

6. Issue the following command to install the vSphere Web Client vib:

esxcli software vib install -v http://download3.vmware.com/software/vmw-tools/esxui/esxui-2976804.vib

7. Using a web browser, login to the web client as root at https://ESXi-server-IP-address/ui

8. Should you ever wish to remove the web client from your server:

esxcli software vib remove -n esx-ui

9. Don’t forget to disable SSH access when you’re finished. Just repeat steps 1-4 above.

Installing Incredible PBX OVF Templates with VirtualBox

For those that opt for a desktop virtualization solution, there is no finer choice than VirtualBox. We’ve written about VirtualBox previously on Nerd Vittles so we won’t repeat the history here. If you need help setting it up, see this Nerd Vittles tutorial.

For today, we’ll show you how to take a VMware OVA template and build a VirtualBox VM:

1. Start up VirtualBox on your desktop.

2. Choose File, Import Appliance and select your Incredible PBX OVF template by clicking on the File Dialog icon. Click Continue when done.

3. In the Appliance Settings dialog, be sure "Reinitialize MAC Address of all network cards" is checked. Click Import.

4. Once the virtual machine is created, select it and click Settings. Name the VM in the General tab. Check Enable I/O APIC in the System tab. Set Video Memory to 16MB in the Display tab. Enable Audio and choose your sound card in the Audio tab. Enable Network and choose Bridged Network for Adapter 1 in the Network tab. Click OK to save your changes.

5. Click the Start icon to fire up your virtual machine. Press ENTER in the VM window to start Phase II of the Incredible PBX install.

6. Review the Incredible PBX tutorial to get started.

Initial Configuration of Incredible PBX

To complete the install, use SSH or putty to log into your VM as root. Default password: password. Then…

  • Change your root password immediately: passwd
  • Set your FreePBX admin password: /root/admin-pw-change
  • Set your web apps admin password: htpasswd /etc/pbx/wwwpasswd admin
  • Set your correct time zone: /root/timezone-setup
  • Add WhiteList entries to firewall if needed: /root/add-ip or /root/add-fqdn
  • Store PortKnocker credentials in a safe place: cat /root/knock.FAQ
  • Login to your NeoRouter VPN server if desired: /root/nrclientcmd
  • Run the Incredible Fax installer, if desired: /root/incrediblefax11.sh
  • Set your admin password for AvantFax: /root/avantfax-pw-change
  • Enable Google Voice OAUTH authentication support, if desired: http://nerd.bz/1JaO4ij (section 1b.)

Originally published: Monday, December 14, 2015




Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. Some of our purchase links refer users to Amazon and other sites when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from merchants to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support Amazon and other merchants because they support us. []

A New Star Is Born: The PIAF-Green Virtual Machine featuring Scientific Linux 6.5

We are delighted to announce our first of many releases of PBX in a Flash™ 3.0.6.5 running atop the just released Scientific Linux™ 6.5. In keeping with our historical methodology (minus CentOS™), today’s PIAF-Green™ VM release with Asterisk 11® and FreePBX® 2.11 provides everyone an opportunity to kick the tires and provide some feedback before the tailorable PIAF™ 3.0.6.5 hits the street. What’s missing is the CentOS operating system. Good riddance! See last week’s article for why. We are pleased to introduce our new OS platform:

"From the beginning Scientific Linux was designed to be a community project. We solicited input from the labs and Universities that originally contacted [Fermilab™ computer scientists], as well as other interested parties. We also designed the sites area to make it easy for sites to create their own distribution, as well as add to the mirrors without disturbing the main core distribution."

Feel free to read up on its history, its legal footing, and its incredible growth over the past decade. If you’d like to build your own creation from Scientific Linux, there’s a well-documented tutorial to get you there. Incredible Linux™ here we come! And what a terrific contribution to the open source community by the Scientific Linux developers. Imagine actually being able to spin off GPL code into enhanced products just as the GPL license envisioned. What a concept!

We’ll have more news about Scientific Linux in coming weeks. But, for today, we hope you’ll take the new PIAF-Green Virtual Machine for a spin. This new release was put together within days of the release of Scientific Linux 6.5. That speaks volumes about SL platform stability and its enthusiastic community. We’re delighted to be the newest member!

The Ultimate VoIP Appliance: PIAF Virtual Machine for VirtualBox

Today brings us to a new plateau in the virtual machine development era. We’re pleased to introduce a new product that can be installed in under 5 minutes and will run on any Windows PC, Mac, or Linux machine as well as Solaris. And, unlike the dedicated machine platforms and OpenVZ compromises of years past, today’s PIAF-Green Virtual Machine is state-of-the-art giving you everything a bare metal install from source code would have provided. Most importantly, the components are truly portable. They can be copied to a 4GB flash drive1 for the price of a good hamburger and installed from there onto any type of machine that happens to be in front of you. Five minutes later, you have a fully functional Asterisk server with FreePBX and exactly the same feature set and source code that you would have had doing a bare metal PIAF install to a dedicated server. And we’ve built this 32-bit production-ready PIAF-Green Virtual Machine with Asterisk 11.7 and FreePBX 2.11. No Internet access required to perform the install. Sound too good to be true? Keep reading or, better yet, try the PIAF appliance for yourself. The install process is simple:

  1. Download and install VirtualBox onto a Desktop Machine of your choice
  2. Download and double-click on the PIAF-Green Virtual Machine to import it into VirtualBox
  3. Select the PIAF-Green Virtual Machine in VirtualBox Manager Window and click the Start button

Introducing Oracle VM VirtualBox

We’re late to the party, but Virtual Box®, Oracle’s virtual machine platform inherited from Sun, is really something. It’s not only free, but it’s pure GPL2 code. VirtualBox gives you a virtual machine platform that runs on top of any desktop operating system. In terms of limitations, we haven’t found any. We even tested this on an Atom-based Windows 7 machine with 2GB of RAM, and it worked without a hiccup. So step #1 is to download one or more of the VirtualBox installers from VirtualBox.org or Oracle.com. As mentioned, our recommendation is to put all of the 100MB installers on a 4GB thumb drive. Then you’ll have everything in one place whenever and wherever you happen to need it. Once you’ve downloaded the software, simply install it onto your favorite desktop machine. Accept all of the default settings, and you’ll be good to go. For more details, here’s a link to the Oracle VM VirtualBox User Manual.

Installing the PIAF Virtual Machine

Step #1 is to download the PIAF-Green Open Virtualization Appliance (.ova) from SourceForge.

Step #2: Verify the checksums for the 32-bit .ova appliance to be sure everything got downloaded properly. To check the MD5/SHA1 checksums in Windows, download and run Microsoft’s File Checksum Integrity Verifier.

For Mac or Linux desktops, open a Terminal window, change to the directory in which you downloaded the .ova file and type the following commands:

md5 PIAF-Green-SL.ova (use md5sum for Linux)    MD5: 33fcda3badc7cae025905b59d59f8213
openssl sha1 PIAF-Green-SL.ova    SHA1: f3aa8d966cd8e7bed1d0d6e16d29806056b81e6a

Step #3: Double-click on the downloaded .ova file which will begin the import process into VirtualBox. It only takes a couple minutes, and you only do it once. IMPORTANT: Be sure to check the Reinitialize the Mac address of all network cards box before clicking the Import button.

Once the import is finished, you’ll see the new PIAF-Green virtual machine in the VM List of your VirtualBox Manager Window. You’ll need to make a couple of one-time adjustments to the VM configuration to account for differences in sound and network cards on different host machines.

Click on the PIAF-Green-SL Virtual Machine in the VM List. Then click Settings -> Audio and check the Enable Audio option and choose your sound card. Save your setup by clicking the OK button. Next click Settings -> Network. For Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK. That’s all the configuration that is ever necessary for your PIAF-Green Virtual Machine. The rest is automagic.

Running the PIAF-Green Virtual Machine in VirtualBox

Once you’ve imported and configured the PIAF Virtual Machine, you’re ready to go. Highlight PIAF Virtual Machine in the VM List on the VirtualBox Manager Window and click the Start button. The PIAF boot procedure with Scientific Linux 6.5 will begin just as if you had installed PBX in a Flash on a standalone machine. You’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and your PIAF VM.

Here’s what you need to know. To work in the PIAF Virtual Machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. Always shut down PIAF gracefully! Click in the VM window with your mouse, log in as root, and type: shutdown -h now.

Run the PIAF Virtual Machine behind a hardware-based firewall with no Internet port exposure!

To begin, position your mouse over the VM window and left-click. Once the PIAF VM has booted, log in as root with password as the password. Change your root password immediately by typing passwd at the command prompt. Now set up a secure maint password for FreePBX as well. Type passwd-master. If you’re not in the Eastern U.S. time zone, then you’ll want to adjust your timezone setting so that reminders and other time-sensitive events happen at the correct time. While logged into your server as root, issue this command:

setup-timezone

Next, use a browser to log into your PIAF server by pointing to the IP address of the PIAF VM that’s displayed in the status window of the CLI. Click on the User button to display the Admin choices in the main PIAF Menu. Click on the FreePBX option to load the FreePBX GUI. You will be prompted for an Apache username and password. For the username, use maint. For the password, use whatever password you set up with passwd-master.

Now read the latest PIAF Quick Start Guide and begin your VoIP adventure. Then you’ll want to do some reading on VirtualBox. We’ve barely scratched the surface. Setting up Headless VMs that run in the background on any server is a breeze. From the command line, here’s an article to get you started. But you also can start Headless VMs from within the GUI by highlighting the VM and clicking Shift->Start. Always shut down VMs gracefully: Close->ACPI Shutdown. You’ll find more great tips at virtualbox.org and GitHub.

One of the real beauties of VirtualBox is you don’t have to use a GUI at all. The entire process can be driven from the command line. Other than on a Mac, here is the procedure to import, configure, and run the PIAF-Green-32 Virtual Machine:
 
VBoxManage import PIAF-Green-SL.ova
VBoxManage modifyvm "PIAF-Green-SL" --nic1 nat
VBoxManage modifyvm "PIAF-Green-SL" --acpi on --nic1 bridged
VBoxHeadless --startvm "PIAF-Green-SL" &
# Wait 1 minute for PIAF-Green-SL to load. Then decipher IP address like this:
VBoxManage guestproperty get "PIAF-Green-SL" /VirtualBox/GuestInfo/Net/0/V4/IP
# Now you can use SSH to login to PIAF-Green-SL at the displayed IP address
# Shutdown the PIAF-Green-SL Virtual Machine with the following command:
VBoxManage controlvm "PIAF-Green-SL" acpipowerbutton

On a Mac, everything works the same way except for deciphering the IP address. Download our findip script for that.

Adding Incredible PBX 11 and Incredible Fax

You can read all about the Incredible PBX 11 and Incredible Fax feature set in our recent Nerd Vittles article. If you decide you’d like to add one or both to your PIAF-Green Virtual Machine, just log into your server as root and issue the following commands. NOTE: You must install Incredible Fax after installing Incredible PBX, or you will lose the ability to install Incredible PBX at a later time. With Incredible Fax, there are a number of prompts during the install. With the exception of the prompt asking for your local area code, just press Enter at every other prompt.

cd /root
wget http://incrediblepbx.com/incrediblepbx11.gz
gunzip incrediblepbx11.gz
chmod +x incrediblepbx11
./incrediblepbx11
./incrediblefax11.sh

The Incredible PBX 11 Inventory. For those that have never heard of The Incredible PBX, here’s the current 11.0 feature set in addition to the base install of PBX in a Flash with Scientific Linux 6.5, Asterisk 11, FreePBX 2.11, and Apache, SendMail, MySQL, PHP, phpMyAdmin, IPtables Linux firewall, Fail2Ban, and WebMin. Incredible Fax, NeoRouter and PPTP VPNs, and all sorts of backup solutions are still just one command away and may be installed using the scripts included with Incredible PBX 11 and PBX in a Flash. Type help-pbx and browse /root for dozens of one-click install scripts.

Originally published: Wednesday, January 29, 2014



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. Many of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. []

The 5-Minute PBX: PIAF-Green Virtual Machine for Windows, Mac, or Linux

In our never-ending trek to build the Perfect PBX™, we have a sneak peek for you today of the soon-to-be-released PBX in a Flash™ 2.0.6.4.5 featuring CentOS® 6.4 LAMP stack (32-bit), Asterisk® 11.5.1, and FreePBX® 2.11.0.11. The 2.0.6.4.5 release also has a number of new security patches including a new Linux kernel that’s been patched to eliminate the reported zero-day vulnerability. Once you download today’s appliance, you can have a turnkey PBX running under VirtualBox® on almost any desktop computer in less than 5 minutes. We’re not talking about a crippled telephony platform with limited functionality. What you’ll have is the same platform that hundreds of thousands of organizations use to run their corporate phone systems. And, if you want the Incredible PBX™ feature set with literally dozens of open source telephony applications including news, weather, stocks, tide reports, SMS messaging, free faxing with Incredible Fax™, telephone reminders, wakeup calls, and more then just add a couple minutes to run two one-click installers. Welcome to the world of open source!

The real beauty of PBX in a Flash has not been that someone with sufficient expertise couldn’t assemble something just as good or even better. Watch some of the AstriCon presentations if you have any doubts. The beauty of PIAF is it puts this technology down where the goats can get it. It provides a toolset that encourages further development by simplifying the learning curve for a broad cross-section of the VoIP community while not compromising functionality or flexibility. The source code for the major components is included in the build so you can customize and recompile Asterisk or load a new version of Asterisk or any additional Linux app in minutes without losing your existing setup.

If Voice Over IP technology is Greek to you, here’s a new 60-minute video tutorial that will tell you everything you need to know about this exciting, new technology before you begin the actual installation process:


As many of you know, we have literally hundreds of gurus on the PIAF Forum. That doesn’t mean any particular person or group knows everything. It’s merely a designation that a particular individual is an expert at something. The collective wisdom of the group is what makes PBX in a Flash as a project better because we’ve put in place a platform that experts from many different disciplines can build upon without needing to learn everything about everything. Simply stated, you can be a terrific chef without knowing how to build a stove!

Turning to Asterisk® 11 and FreePBX® 2.11, these releases are a remarkable step forward both in terms of toolset and in the amazing stability of the platform. For our part, we want to get our latest release of PBX in a Flash with CentOS 6.4, Asterisk 11.5.1 and FreePBX 2.11 release into as many hands as possible with a near zero investment in hardware and setup time.

The Ultimate VoIP Appliance: PIAF Virtual Machine for VirtualBox

Today brings us to a new plateau in the virtual machine development era. Thanks to the masterful work of Tom King on PBX in a Flash 2.0.6.4.5, we’re pleased to introduce a new product that can be installed in under 5 minutes and will run on any Windows PC, Mac, or Linux machine as well as Solaris. And, unlike the dedicated machine platforms and OpenVZ compromises of years past, today’s PIAF-Green Virtual Machine is state-of-the-art giving you everything a bare metal install from source code would have provided. Most importantly, the components are truly portable. They can be copied to a 4GB flash drive1 for the price of a good hamburger and installed from there onto any type of machine that happens to be in front of you. Five minutes later, you have a fully functional Asterisk server with FreePBX and exactly the same feature set and source code that you would have had doing a bare metal PIAF install to a dedicated server. And we’ve built this 32-bit production-ready PIAF-Green Virtual Machine with Asterisk 11.5.1 and FreePBX 2.11. No Internet access required to perform the install. Sound too good to be true? Keep reading or, better yet, try the PIAF appliance for yourself. The install process is simple:

  1. Download and install VirtualBox onto a Desktop Machine of your choice
  2. Download and double-click on the PIAF-Green Virtual Machine to import it into VirtualBox
  3. Select the PIAF-Green Virtual Machine in VirtualBox Manager Window and click the Start button

Introducing Oracle VM VirtualBox

We’re late to the party, but Virtual Box®, Oracle’s virtual machine platform inherited from Sun, is really something. It’s not only free, but it’s pure GPL2 code. VirtualBox gives you a virtual machine platform that runs on top of any desktop operating system. In terms of limitations, we haven’t found any. We even tested this on an Atom-based Windows 7 machine with 2GB of RAM, and it worked without a hiccup. So step #1 is to download one or more of the VirtualBox installers from VirtualBox.org or Oracle.com. As mentioned, our recommendation is to put all of the 100MB installers on a 4GB thumb drive. Then you’ll have everything in one place whenever and wherever you happen to need it. Once you’ve downloaded the software, simply install it onto your favorite desktop machine. Accept all of the default settings, and you’ll be good to go. For more details, here’s a link to the Oracle VM VirtualBox User Manual.

Installing the PIAF Virtual Machine

Step #1 is to download the PIAF-Green Open Virtualization Appliance (.ova) from SourceForge.

Step #2: Verify the checksums for the 32-bit .ova appliance to be sure everything got downloaded properly. To check the MD5/SHA1 checksums in Windows, download and run Microsoft’s File Checksum Integrity Verifier.

For Mac or Linux desktops, open a Terminal window, change to the directory in which you downloaded the .ova file of your choice, and type the following commands:

md5 PIAF-Green-32.ova (use md5sum for Linux)
openssl sha1 PIAF-Green-32.ova

The correct MD5 checksum for PIAF-Green-32.ova is 7691127afd065412e40429cee49a4738. The correct SHA1 checksum for PIAF-Green-32 is 9b3828649dc9644d046ef83cb227aea4c1473c65.

Step #3: Double-click on the downloaded .ova file which will begin the import process into VirtualBox. It only takes a couple minutes, and you only do it once. IMPORTANT: Be sure to check the Reinitialize the Mac address of all network cards box before clicking the Import button.

Once the import is finished, you’ll see a new PIAF virtual machine in the VM List of your VirtualBox Manager Window. You’ll need to make a couple of one-time adjustments to the PIAF-Green Virtual Machine configuration to account for differences in sound and network cards on different host machines.

Click on the PIAF-Green Virtual Machine in the VM List. Then click Settings -> Audio and check the Enable Audio option and choose your sound card. Save your setup by clicking the OK button. Next click Settings -> Network. For Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK. That’s all the configuration that is ever necessary for your PIAF-Green Virtual Machine. The rest is automagic.

Running the PIAF Virtual Machine in VirtualBox

Once you’ve imported and configured the PIAF Virtual Machine, you’re ready to go. Highlight PIAF Virtual Machine in the VM List on the VirtualBox Manager Window and click the Start button. The PIAF boot procedure with CentOS 6.4 will begin just as if you had installed PBX in a Flash on a standalone machine. You’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and your PIAF VM.

Here’s what you need to know. To work in the PIAF Virtual Machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. Always shut down PIAF gracefully! Click in the VM window with your mouse, log in as root, and type: shutdown -h now.

Run the PIAF Virtual Machine behind a hardware-based firewall with no Internet port exposure!

To begin, position your mouse over the VM window and left-click. Once the PIAF VM has booted, log in as root with password as the password. Change your root password immediately by typing passwd at the command prompt. Now set up a secure maint password for FreePBX as well. Type passwd-master. If you’re not in the Eastern U.S. time zone, then you’ll want to adjust your timezone setting so that reminders and other time-sensitive events happen at the correct time. While logged into your server as root, issue this command:

/root/timezone-setup

Next, use a browser to log into your PIAF server by pointing to the IP address of the PIAF VM that’s displayed in the status window of the CLI. Click on the User button to display the Admin choices in the main PIAF Menu. Click on the FreePBX option to load the FreePBX GUI. You will be prompted for an Apache username and password. For the username, use maint. For the password, use whatever password you set up with passwd-master.

Now read the latest PIAF Quick Start Guide and begin your VoIP adventure. Then you’ll want to do some reading on VirtualBox. We’ve barely scratched the surface. Setting up Headless VMs that run in the background on any server is a breeze. From the command line, here’s an article to get you started. But you also can start Headless VMs from within the GUI by highlighting the VM and clicking Shift->Start. Always shut down VMs gracefully: Close->ACPI Shutdown. You’ll find more great tips at virtualbox.org and GitHub.

One of the real beauties of VirtualBox is you don’t have to use a GUI at all. The entire process can be driven from the command line. Other than on a Mac, here is the procedure to import, configure, and run the PIAF-Green-32 Virtual Machine:
 
VBoxManage import PIAF-Purple.ova
VBoxManage modifyvm "PIAF-Green-32" --nic1 nat
VBoxManage modifyvm "PIAF-Green-32" --acpi on --nic1 bridged
VBoxHeadless --startvm "PIAF-Green-32" &
# Wait 1 minute for PIAF-Green to load. Then decipher IP address like this:
VBoxManage guestproperty get "PIAF-Green-32" /VirtualBox/GuestInfo/Net/0/V4/IP
# Now you can use SSH to login to PIAF-Green at the displayed IP address
# Shutdown the PIAF-Green Virtual Machine with the following command:
VBoxManage controlvm "PIAF-Green-32" acpipowerbutton

On a Mac, everything works the same way except for deciphering the IP address. Download our findip script for that.

Adding Incredible PBX 11 and Incredible Fax

You can read all about the Incredible PBX 11 and Incredible Fax feature set in our recent Nerd Vittles article. If you decide you’d like to add one or both to your PIAF-Green Virtual Machine, just log into your server as root and issue the following commands. NOTE: You must install Incredible Fax after installing Incredible PBX, or you will lose the ability to install Incredible PBX at a later time. With Incredible Fax, there are a number of prompts during the install. With the exception of the prompt asking for your local area code, just press Enter at every other prompt.

cd /root
wget http://incrediblepbx.com/incrediblepbx11.gz
gunzip incrediblepbx11.gz
chmod +x incrediblepbx11
./incrediblepbx11
./incrediblefax11.sh

The Incredible PBX 11 Inventory. For those that have never heard of The Incredible PBX, here’s the current 11.0 feature set in addition to the base install of PBX in a Flash with the CentOS 6.4, Asterisk 11, FreePBX 2.11, and Apache, SendMail, MySQL, PHP, phpMyAdmin, IPtables Linux firewall, Fail2Ban, and WebMin. Incredible Fax, NeoRouter and PPTP VPNs, and all sorts of backup solutions are still just one command away and may be installed using the scripts included with Incredible PBX 11 and PBX in a Flash. Type help-pbx and browse /root for dozens of one-click install scripts.

Originally published: Tuesday, October 22, 2013



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. Many of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. []

The 5-Minute PBX: Introducing PIAF-Green Virtual Machine for VMware ESXi

In our never-ending trek to build the Perfect PBX™, we have another installment for you today featuring VMware’s just released vSphere Hypervisor 5.5 (ESXi). And, yes, there’s still a free ESXi version with a free license available here. But, unlike VirtualBox, you’ll need a dedicated (beefy) server on which to install ESXi. Be sure to register on the site and obtain then install the unrestricted license, or you’re SOL after the short eval period. We’ve built an ESXi appliance which installs in under 5 minutes featuring the latest, greatest PIAF-Green with a CentOS® 6.4 LAMP stack (32-bit), Asterisk® 11.5.1, and FreePBX® 2.11. This 2.0.6.4.4 release also has a number of new security patches including a new Linux kernel that’s been patched to eliminate the reported zero-day vulnerability. If this is your first experience with our virtual machine builds, we’re not talking about a crippled telephony platform with limited functionality. What you’ll have is the same platform that hundreds of thousands of organizations use to run their corporate phone systems. And, if you want the Incredible PBX™ feature set with literally dozens of open source telephony applications including news, weather, stocks, tide reports, SMS messaging, free faxing with Incredible Fax™, telephone reminders, wakeup calls, and more then just add a couple minutes to run two one-click installers. Welcome to the world of open source!

The real beauty of PBX in a Flash has not been that someone with sufficient expertise couldn’t assemble something just as good or even better. Watch the AstriCon presentations from last year if you have any doubts. And, just a reminder that’s it’s almost AstriCon time again. Come join us to celebrate the 10th Anniversary. You’ll find a registration discount coupon at the end of this article. The beauty of PBX in a Flash is it puts this technology down where the goats can get it. PIAF provides a toolset that encourages further development by simplifying the learning curve for a broad cross-section of the VoIP community while not compromising functionality or flexibility. The source code for the major components is included in the build so you can customize and recompile Asterisk or load a new version of Asterisk or any additional Linux app in minutes without losing your existing setup.

When it comes to support, we have literally hundreds of gurus on the PIAF Forum. That doesn’t mean any particular person or group knows everything. It’s merely a designation that a particular individual is an expert at something. The collective wisdom of the group is what makes PBX in a Flash as a project better because we’ve put in place a platform that experts from many different disciplines can build upon without needing to learn everything about everything. Simply stated, you can be a terrific chef without knowing how to build a stove!

The latest Asterisk® 11 and FreePBX® 2.11 releases are a remarkable step forward both in terms of toolset and in the new mindset of the development community. They are as close to bug-free as any software product ever can be, and that’s obviously a good thing. For our part, we want to get our latest release of PBX in a Flash with CentOS 6.4, Asterisk 11 and FreePBX 2.11 release into as many hands as possible. Many of our readers have existing VMware platforms in their businesses so today’s installment makes PIAF deployment a breeze whether you just want to kick the tires or deploy it in a production environment.

The Ultimate VoIP Appliance: PIAF-Green Virtual Machine for ESXi

Today brings us to yet another plateau in the virtual machine development era. Because most major companies already have a VMware platform in place, we’ll begin by walking you through the 5-minute exercise to install the PIAF-Green appliance. If you’re new to VMware and want to deploy an EXSi server on which to run PIAF-Green, then skip over the PIAF-Green install procedure for the time being. Jump down to the section where we walk you through bringing up your own ESXi server, and then return here once your ESXi server is humming along. Let us hasten to add that we make no claims with regard to VMware expertise. If you need help with VMware, head over to the PIAF Forum and chat with our VMware gurus. We’re not one of them.

To install the PIAF-Green Virtual Machine for ESXi, there are six simple steps:

  1. Download the ESXi PIAF-Green .ova template from SourceForge
  2. Verify checksums for downloaded ESXi PIAF-Green .ova template
  3. Deploy the PIAF-Green Template on ESXi using vSphere Client
  4. Start PIAF-Green appliance
  5. Login using Virtual Machine Console
  6. Complete the PIAF-Green Setup Checklist

Installing the PIAF-Green Virtual Machine for ESXi

1. Download the PIAF-Green Open Virtualization Appliance (.ova) for ESXi from SourceForge. Do not confuse it with our OVA appliance for VirtualBox. They’re not the same!

2. Verify the checksums for the 32-bit .ova appliance to be sure everything got downloaded properly. To check the MD5/SHA1 checksums in Windows, download and run Microsoft’s File Checksum Integrity Verifier.

For Mac or Linux desktops, open a Terminal window, change to the directory in which you downloaded the .ova file of your choice, and type the following commands:

md5 PIAF-Green-32.ova (use md5sum for Linux)
openssl sha1 PIAF-Green-32.ova

The correct MD5 checksum for PIAF-Green-32.ova is 2ba3a84d3be3167274308342f73a7a1f. The correct SHA1 checksum for PIAF-Green-32 is b79f2a96b65465337ddda5426e4a8d63982651ad. The bold portion isn’t actually shown in the i file display on SourceForge. Don’t worry about it.

3. To deploy the template on your ESXi server, open vSphere Client on your Windows desktop. Click File -> Deploy OVF Template as shown below. Browse to the location of your downloaded template and select it. Give the virtual machine a unique name (you can have multiple VMs using the same template). Accept the Disk Format defaults and click Finish to begin the import.

Once the import is finished, you’ll see a new PIAF-Green virtual machine in the Inventory under the IP address of your ESXi server.

4. Start up the new virtual machine by highlighting it and clicking Power on Virtual Machine in the right pane of vSphere Client. You can see it at the bottom of the screenshot below.

5. Open the Virtual Machine Console by clicking on the icon as shown below. Use your mouse to click inside the console window once it opens. Then log in as root with the default password: password.

HINT: To exit from the VM Console window, press Ctrl-Alt simultaneously.

PIAF-Green Virtual Machine Setup Checklist for ESXi

Once you’ve logged into PIAF-Green, you’ll see the status window telling you what’s running and what’s not. It should look something like what’s shown below. It includes the IP address of your virtual machine. This can be used with SSH to log in from any computer on your LAN. It also is required information to log in to the PIAF and FreePBX GUIs using a browser.

Here’s what you need to know. To work in the PIAF Virtual Machine from the vSphere Console, just left-click your mouse while it is positioned inside the VM Console window. To return to your host operating system desktop, press Ctrl-Alt. Remember to always shut down PIAF gracefully! Click in the VM Console window with your mouse, log in as root, and type: shutdown -h now.

Run ESXi and Virtual Machines behind a hardware-based firewall with no Internet port exposure!

Here’s the quick PIAF Setup Checklist:

  1. Change your root password immediately by typing passwd
  2. Set up a secure maint password for FreePBX: passwd-master
  3. Adjust your timezone setting: /root/timezone-setup
  4. Decipher your PIAF-Green VM’s IP address: status
  5. Browser log into PIAF: Point to IP address of PIAF-Green VM
  6. Click on User button to display the PIAF Admin menu
  7. Click on the FreePBX icon to load FreePBX GUI
  8. When prompted for Apache username and password: Username=maint
  9. Password is whatever password you set up with passwd-master

Now read the latest PIAF Quick Start Guide and begin your VoIP adventure.

You can read all about the Incredible PBX 11 and Incredible Fax feature set in our recent Nerd Vittles article. If you decide you’d like to add one or both to your PIAF-Green Virtual Machine, just log into your server as root and issue the following commands. NOTE: You must install Incredible Fax after installing Incredible PBX, or you will lose the ability to install Incredible PBX at a later time. With Incredible Fax, there are a number of prompts during the install. With the exception of the prompt asking for your local area code, just press Enter at every other prompt.

cd /root
wget http://incrediblepbx.com/incrediblepbx11.gz
gunzip incrediblepbx11.gz
chmod +x incrediblepbx11
./incrediblepbx11
./incrediblefax11.sh

The Incredible PBX 11 Inventory. For those that have never heard of The Incredible PBX, here’s the current 11.0 feature set in addition to the base install of PBX in a Flash with the CentOS 6.4, Asterisk 11, FreePBX 2.11, and Apache, SendMail, MySQL, PHP, phpMyAdmin, IPtables Linux firewall, Fail2Ban, and WebMin. Incredible Fax, NeoRouter and PPTP VPNs, and all sorts of backup solutions are still just one command away and may be installed using the scripts included with Incredible PBX 11 and PBX in a Flash. Type help-pbx and browse /root for dozens of one-click install scripts.

Unlike the dedicated machine platforms and OpenVZ compromises of years past, today’s PIAF-Green Virtual Machine is state-of-the-art giving you everything a bare metal install from source code would have provided. Most importantly, the components are truly portable. They can be exported and copied to an external USB drive or flash drive for instant portability for use on any ESXi server.

Installing VMware Tools (optional). If you wish to install VMware Tools in your Virtual Machine, here’s the two-step procedure. First, enable the tools in vSphere Client: VM -> Guest -> Install VMware Tools. See image below. Then log in to your virtual machine in the console and issue the following commands:

cd /mnt
mkdir cdrom
mount /dev/cdrom /mnt/cdrom
cd /tmp
tar zxvf /mnt/cdrom/VMware*
cd vmware-tools-distrib
./vmware-install.pl

Introducing vSphere Hypervisor 5.5 (ESXi)

We’re late to the party (again), but VMware’s latest ESXi platform is quite impressive. Because there’s a free version, we wanted to walk through the installation scenario just in case you have a spare (beefy) server sitting around gathering dust. Security is always our primary concern, and you are well-advised to install ESXi behind a secure, hardware-based firewall with no Internet port exposure to your ESXi server or its virtual machines!

There are dozens of VMware products and add-ons for the ESXi platform. Almost all of them cost money, lots of it. If your company is considering a move to VMware, then the free ESXi platform is a good way to get your feet wet. Before you make purchasing decisions, you really need to hire a VMware consultant. It could save you tens of thousands of dollars.

For today, our focus is getting a free ESXi platform in place to run PBX in a Flash virtual machines. Here’s what you’ll need: a server, the vSphere Hypervisor 5.5 ESXi ISO, a free license for ESXi, and the vSphere Client for Windows. All are free, but you do have to register for an account on the VMware web site. A web client is also available for dedicated Mac and Linux users. See the VMware site for details.

ESXi comes with a short-term license to let you try the application. Once you register for an account on the VMware web site, you also can obtain a full license here at no cost. Don’t put it off. Once your short-term eval license expires, you’re dead in the water unless you previously have installed the free, unrestricted license.

Installing ESXi. Here are the steps to get yourself in the (free) ESXi business:

  1. Download the ESXi ISO and burn it to a CD/DVD
  2. Obtain permanent license key from VMware
  3. Boot your server from the CD and answer the (easy) prompts
  4. When install finishes, remove CD and reboot
  5. Start up ESXi and log in as root with your new password
  6. Write down the IP address of your server
  7. Your temporary license key (only) is now active
  8. Using a browser, access your ESXi server by its IP address
  9. Click on the provided link to download and install the vSphere Client
  10. Open vSphere Client on Windows Desktop and login as root with same password

Registering Your ESXi License Key. Once the vSphere Client is open on your desktop…

  1. Select Configuration tab
  2. Click Software and choose Licensed Features
  3. Click Edit link in the top right hand corner as shown below
  4. Choose: Assign a new license key to this host
  5. Enter the license key you obtained from VMware
  6. Click OK to save your changes
  7. Make sure your key was accepted and is displayed

Getting Support. If you need help or have tips with regard to this tutorial, please visit this thread on the PIAF Forum and post your comments. Enjoy!

Deals of the Week. There are a couple of amazing deals still on the street, but you’d better hurry. First, for new customers, Sangoma is offering a board of your choice from a very impressive list at 75% off. For details, see this thread on the PIAF Forum. Second, a new company called Copy.com is offering 20GB of free cloud storage with no restrictions on file size uploads (which are all too common with other free offers). Copy.com has free sync apps for Windows, Macs, and Linux systems. To take advantage of the offer, just click on our referral link here. We get 5GB of extra storage, too, which will help avoid another PIAF Forum disaster.

Originally published: Tuesday, September 24, 2013



Need help with Asterisk? Visit the PBX in a Flash Forum.


 


We are pleased to once again be able to offer Nerd Vittles’ readers a 20% discount on registration to attend this year’s 10th Anniversary AstriCon in Atlanta. And, if you hurry, you also can take advantage of the early bird registration discount. Here’s the Nerd Vittles Discount Code: AC13NERD.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

The 5-Minute PBX: PIAF-Green Virtual Machine for Windows, Mac, or Linux

In our never-ending trek to build the Perfect PBX™, we have another installment for you today featuring the just released PBX in a Flash™ 2.0.6.4.3 with a CentOS® 6.4 LAMP stack (32-bit or 64-bit), Asterisk® 11.3, and FreePBX® 2.11. Once you download the image, you can have a turnkey PBX running under VirtualBox® on almost any desktop computer in less than 5 minutes. We’re not talking about a crippled telephony platform with limited functionality. What you’ll have is the same platform that hundreds of thousands of organizations use to run their corporate phone systems. And, if you want the Incredible PBX™ feature set with literally dozens of open source telephony applications including news, weather, stocks, tide reports, SMS messaging, free faxing with Incredible Fax™, telephone reminders, wakeup calls, and more then just add a couple minutes to run two one-click installers. Welcome to the world of open source!

The real beauty of PBX in a Flash has not been that someone with sufficient expertise couldn’t assemble something just as good or even better. Watch the AstriCon presentations from last year if you have any doubts. The beauty of PIAF is it puts this technology down where the goats can get it. It provides a toolset that encourages further development by simplifying the learning curve for a broad cross-section of the VoIP community while not compromising functionality or flexibility. The source code for the major components is included in the build so you can customize and recompile Asterisk or load a new version of Asterisk or any additional Linux app in minutes without losing your existing setup.

As many of you know, we have literally hundreds of gurus on the PIAF Forum. That doesn’t mean any particular person or group knows everything. It’s merely a designation that a particular individual is an expert at something. The collective wisdom of the group is what makes PBX in a Flash as a project better because we’ve put in place a platform that experts from many different disciplines can build upon without needing to learn everything about everything. Simply stated, you can be a terrific chef without knowing how to build a stove!

Turning to Asterisk® 11 and FreePBX® 2.11, from everything we’re seeing, these new releases are shaping up to be a remarkable step forward both in terms of toolset and in the new mindset of the development community. That’s a good thing. For our part, we want to get our latest preview release of PBX in a Flash with CentOS 6.4, Asterisk 11.3 and the latest FreePBX 2.11 beta into as many hands as possible with a near zero investment in hardware and setup time.

The Ultimate VoIP Appliance: PIAF Virtual Machine for VirtualBox

Today brings us to a new plateau in the virtual machine development era. Thanks to the masterful work of Tom King on PBX in a Flash 2.0.6.4.3, we’re pleased to introduce a new product that can be installed in under 5 minutes and will run on any Windows PC, Mac, or Linux machine as well as Solaris. And, unlike the dedicated machine platforms and OpenVZ compromises of years past, today’s PIAF-Green Virtual Machine is state-of-the-art giving you everything a bare metal install from source code would have provided. Most importantly, the components are truly portable. They can be copied to a 4GB flash drive1 for the price of a good hamburger and installed from there onto any type of machine that happens to be in front of you. Five minutes later, you have a fully functional Asterisk server with FreePBX and exactly the same feature set and source code that you would have had doing a bare metal PIAF install to a dedicated server. And we’ve built both 32-bit and 64-bit production-ready PIAF-Green Virtual Machines with Asterisk 11.3 and FreePBX 2.11. The choice is yours. No Internet access required to perform the install. Sound too good to be true? Keep reading or, better yet, try the PIAF appliance for yourself. The install process is simple:

  1. Download and install VirtualBox onto a Desktop Machine of your choice
  2. Download and double-click on the PIAF-Green Virtual Machine to import it into VirtualBox
  3. Select the PIAF-Green Virtual Machine in VirtualBox Manager Window and click the Start button

Introducing Oracle VM VirtualBox

We’re late to the party, but Virtual Box®, Oracle’s virtual machine platform inherited from Sun, is really something. It’s not only free, but it’s pure GPL2 code. VirtualBox gives you a virtual machine platform that runs on top of any desktop operating system. In terms of limitations, we haven’t found any. We even tested this on an Atom-based Windows 7 machine with 2GB of RAM, and it worked without a hiccup. So step #1 is to download one or more of the VirtualBox installers from VirtualBox.org or Oracle.com. As mentioned, our recommendation is to put all of the 100MB installers on a 4GB thumb drive. Then you’ll have everything in one place whenever and wherever you happen to need it. Once you’ve downloaded the software, simply install it onto your favorite desktop machine. Accept all of the default settings, and you’ll be good to go. For more details, here’s a link to the Oracle VM VirtualBox User Manual.

Installing the PIAF Virtual Machine

Step #1 is to download the PIAF-Green Open Virtualization Appliance (.ova) of your choice from SourceForge.

Step #2: Verify the checksums for the 32-bit or 64-bit .ova appliance to be sure everything got downloaded properly. To check the MD5/SHA1 checksums in Windows, download and run Microsoft’s File Checksum Integrity Verifier.

For Mac or Linux desktops, open a Terminal window, change to the directory in which you downloaded the .ova file of your choice, and type the following commands (substitute 64 for 32 obviously if you’re using the 64-bit appliance):

md5 PIAF-Green-32.ova (use md5sum for Linux)
openssl sha1 PIAF-Green-32.ova

The correct MD5 checksum for PIAF-Green-32.ova is 7691127afd065412e40429cee49a4738. The correct SHA1 checksum for PIAF-Green-32 is 9b3828649dc9644d046ef83cb227aea4c1473c65.

The correct MD5 checksum for PIAF-Green-64.ova is 460ed99c5d57ef553b7a3df7118daaa6. The correct SHA1 checksum for PIAF-Green-64 is e2120eb692431482817d35bcf316c6b949fc2d9f.

Step #3: Double-click on the downloaded .ova file which will begin the import process into VirtualBox. It only takes a couple minutes, and you only do it once. IMPORTANT: Be sure to check the Reinitialize the Mac address of all network cards box before clicking the Import button.

Once the import is finished, you’ll see a new PIAF virtual machine in the VM List of your VirtualBox Manager Window. You’ll need to make a couple of one-time adjustments to the PIAF-Green Virtual Machine configuration to account for differences in sound and network cards on different host machines.

Click on the PIAF-Green Virtual Machine in the VM List. Then click Settings -> Audio and check the Enable Audio option and choose your sound card. Save your setup by clicking the OK button. Next click Settings -> Network. For Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK. That’s all the configuration that is ever necessary for your PIAF-Green Virtual Machine. The rest is automagic.

Running the PIAF Virtual Machine in VirtualBox

Once you’ve imported and configured the PIAF Virtual Machine, you’re ready to go. Highlight PIAF Virtual Machine in the VM List on the VirtualBox Manager Window and click the Start button. The PIAF boot procedure with CentOS 6.4 will begin just as if you had installed PBX in a Flash on a standalone machine. You’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and your PIAF VM.

Here’s what you need to know. To work in the PIAF Virtual Machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. Always shut down PIAF gracefully! Click in the VM window with your mouse, log in as root, and type: shutdown -h now.

Run the PIAF Virtual Machine behind a hardware-based firewall with no Internet port exposure!

To begin, position your mouse over the VM window and left-click. Once the PIAF VM has booted, log in as root with password as the password. Change your root password immediately by typing passwd at the command prompt. Now set up a secure maint password for FreePBX as well. Type passwd-master. If you’re not in the Eastern U.S. time zone, then you’ll want to adjust your timezone setting so that reminders and other time-sensitive events happen at the correct time. While logged into your server as root, issue these commands to download and run the timezone-setup script:

cd /root
wget http://pbxinaflash.com/timezone-setup.tar.gz
tar zxvf timezone-setup.tar.gz
./timezone-setup

Next, use a browser to log into your PIAF server by pointing to the IP address of the PIAF VM that’s displayed in the status window of the CLI. Click on the User button to display the Admin choices in the main PIAF Menu. Click on the FreePBX option to load the FreePBX GUI. You will be prompted for an Apache username and password. For the username, use maint. For the password, use whatever password you set up with passwd-master.

Now read the latest PIAF Quick Start Guide and begin your VoIP adventure. Then you’ll want to do some reading on VirtualBox. We’ve barely scratched the surface. Setting up Headless VMs that run in the background on any server is a breeze. From the command line, here’s an article to get you started. But you also can start Headless VMs from within the GUI by highlighting the VM and clicking Shift->Start. Always shut down VMs gracefully: Close->ACPI Shutdown. You’ll find more great tips at virtualbox.org and GitHub.

One of the real beauties of VirtualBox is you don’t have to use a GUI at all. The entire process can be driven from the command line. Other than on a Mac, here is the procedure to import, configure, and run the PIAF-Green-32 Virtual Machine:
 
VBoxManage import PIAF-Purple.ova
VBoxManage modifyvm "PIAF-Green-32" --nic1 nat
VBoxManage modifyvm "PIAF-Green-32" --acpi on --nic1 bridged
VBoxHeadless --startvm "PIAF-Green-32" &
# Wait 1 minute for PIAF-Green to load. Then decipher IP address like this:
VBoxManage guestproperty get "PIAF-Green-32" /VirtualBox/GuestInfo/Net/0/V4/IP
# Now you can use SSH to login to PIAF-Green at the displayed IP address
# Shutdown the PIAF-Green Virtual Machine with the following command:
VBoxManage controlvm "PIAF-Green-32" acpipowerbutton

On a Mac, everything works the same way except for deciphering the IP address. Download our findip script for that.

Fail2Ban Bug. A bug has been reported in the current Fail2Ban implementation that keeps it from blocking IP addresses of intruders attempting to gain brute-force access to your Asterisk accounts. An interim bug fix that restores proper Fail2Ban functionality is available on the PIAF Forum.

Adding Incredible PBX 11 and Incredible Fax

You can read all about the Incredible PBX 11 and Incredible Fax feature set in our recent Nerd Vittles article. If you decide you’d like to add one or both to your PIAF-Green Virtual Machine, just log into your server as root and issue the following commands. NOTE: You must install Incredible Fax after installing Incredible PBX, or you will lose the ability to install Incredible PBX at a later time. With Incredible Fax, there are a number of prompts during the install. With the exception of the prompt asking for your local area code, just press Enter at every other prompt.

cd /root
wget http://incrediblepbx.com/incrediblepbx11.gz
gunzip incrediblepbx11.gz
chmod +x incrediblepbx11
./incrediblepbx11
./incrediblefax11.sh

The Incredible PBX 11 Inventory. For those that have never heard of The Incredible PBX, here’s the current 11.0 feature set in addition to the base install of PBX in a Flash with the CentOS 6.4, Asterisk 11, FreePBX 2.11, and Apache, SendMail, MySQL, PHP, phpMyAdmin, IPtables Linux firewall, Fail2Ban, and WebMin. Incredible Fax, NeoRouter and PPTP VPNs, and all sorts of backup solutions are still just one command away and may be installed using the scripts included with Incredible PBX 11 and PBX in a Flash. Type help-pbx and browse /root for dozens of one-click install scripts.

Originally published: Thursday, April 4, 2013   Updated: Monday, April 15, 2013



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. Many of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. []

WebRTC: Asterisk Joins the Brave New World of Real Time Communications

This week we’ll be wading into the world of real time communications and the Asterisk® 11 implementation of WebRTC, a JavaScript API that makes it easy to build click-to-call systems and softphone interfaces using nothing more than a web page. To simplify the task of creating an Asterisk 11/WebRTC platform, we’ve created a free virtual appliance for you that can be deployed in a matter of minutes on any Windows®, Mac®, Linux® or Solaris® desktop using Oracle’s VirtualBox®. In producing this WebRTC implementation, the Asterisk Dev Team has introduced an impressive new set of (stable) features formerly lacking in Asterisk: SRTP for secure communications, ICE, STUN, and TURN to allow NAT clients to better communicate with Asterisk. As the old saying goes, a picture is worth a thousand words. So let’s begin with a one-minute video that actually demonstrates Asterisk WebRTC in action. Using nothing more than a Chrome browser, we’re connecting to a web site hosted on the PBX in a Flash™ appliance to dial a news application that’s part of the included Incredible PBX™ 11 build.


Before we walk you through deploying your own WebRTC platform with Asterisk 11, let’s quickly cover some of the WebRTC basics as they apply in the Asterisk environment.

Rolling Your Own. If you’re one of the purists that prefers to roll your own server, then the starting point for your build should be the Asterisk Wiki. The other important component is sipml5, Doubango Telecom‘s terrific HTML5 SIP client. It’s the actual interface demonstrated in the YouTube video above. And this link provides a failsafe recipe for bringing up WebRTC on any Asterisk 11 server. Our appliance just saves you the one-hour hassle. We’ve chosen not to deploy WebRTC2SIP, the middleware that’s currently necessary if you want to add video support to Asterisk WebRTC. And our current build only works with the latest Chrome browser; however, WebRTC4all is available if you prefer Safari, Opera, Firefox, or Internet Explorer. All of the documentation for these components is provided in the links above for our pioneers.

Why WebRTC? Some of you may be asking, "What’s the big deal? Why would I want to deploy WebRTC?" The short answer is that it eliminates the need to install and configure a proprietary softphone on every customers’ desktop computer before they can communicate. Instead, all they need is a web browser that supports Real-Time Communications. By pointing their browser to a server address that you provide, the customer instantly gains a communications platform that’s as feature-rich as you choose to make it. And it’s comparable to the dedicated clients of old… without the cost or hassle of marrying a softphone to every customer’s particular desktop operating system! And your web page could easily provide a directory of supported contact names and numbers as part of the user interface.


The other beauty of WebRTC is it allows you to create your own (secure) Skype-like communications system without a Man in the Middle. And all you need is a browser at both ends. The WebRTC video above demonstrates a video conversation between a Chrome user at Google and a Firefox user at Mozilla.

Deploying PIAF-Green-WebRTC. So much for the theory. Let’s get your own server set up so you can experiment with this yourself. Here are the steps. It’s about a 10-minute procedure once you’ve downloaded our virtual machine appliance from SourceForge.

  1. Install Oracle’s VirtualBox on your Desktop computer
  2. Download PIAF-Green-WebRTC
  3. Import PIAF-Green-WebRTC into VirtualBox
  4. Start the PIAF-Green-WebRTC Appliance
  5. Using Chrome, Access the WebRTC Page Hosted on PIAF-Green-WebRTC
  6. Configure sipml5 to Make a Connection Using an Asterisk Extension
  7. Place Your First Call

1. Install Oracle’s VirtualBox. Download the VirtualBox installer for your desktop platform from VirtualBox.org. Run the installer and accept the default settings. For details, here’s a link to Oracle’s VM VirtualBox User Manual.

2. Download PIAF-Green-WebRTC. To get PIAF-Green-WebRTC installed on your desktop is quick and easy. Because the image tips the scales at over 2GB and due to the 2GB file size limit on many systems, we’ve chosen to split the download into two pieces. You need both of them! Just download them onto any flavor desktop from SourceForge. Once you’ve downloaded the two files, reassemble them into a single file known as an Open Virtualization Appliance (.ova). Then verify the checksums for the reassembled file to be sure everything is in its proper place. Finally, double-click on the .ova file which will initiate the import process into VirtualBox.

So let’s begin by downloading the two halves from SourceForge: PIAF20631aa and PIAF20631ab.

The reassembly procedure depends upon your desktop operating system. For Windows PCs, you’ll need to drop down to the Command Prompt, change to the directory in which you downloaded the two files, and type the following command:
 
copy /b PIAF20631aa + PIAF20631ab PIAF-Green-WebRTC.ova

To check the MD5/SHA1 checksums in Windows, download and run Microsoft’s File Checksum Integrity Verifier.

For Mac or Linux desktops, open a Terminal window, change to the directory in which you downloaded the two files, and type the following commands:
 
cat PIAF20631a{a..b} > PIAF-Green-WebRTC.ova
md5 PIAF-Green-WebRTC.ova (use md5sum for Linux)
openssl sha1 PIAF-Green-WebRTC.ova

The MD5 checksum for PIAF-Green-WebRTC.ova is 946c149c6adb53602ccfcd3ace10e13b. The SHA1 checksum is 285a5b999c761fcbef13d1a97b4c335a81e1cb0d. If you have a match, proceed. Otherwise, rinse and repeat.

3. Import PIAF-Green-WebRTC into VirtualBox. You only perform the import step one time. Once imported into VirtualBox, PIAF-Green-WebRTC is ready to use. There’s no further installation required, just like an OpenVZ template… only better. Double-click on the .ova file you downloaded to begin the procedure and load VirtualBox. When prompted, be sure to check the Reinitialize the Mac address of all network cards box. Read and accept the license agreement. Then click the Import button. Once the import is finished, you’ll see a new PIAF-Green-WebRTC virtual machine in your VM List on the VirtualBox Manager Window. You need to make a couple of one-time adjustments to the PIAF-Green-WebRTC Virtual Machine configuration to account for differences in sound and network cards on different host machines.

Click on PIAF-Green-WebRTC Virtual Machine in the VM List. Then click Settings -> Audio and check the Enable Audio option and choose your sound card. Save your setup by clicking the OK button. Next click Settings -> Network. For Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK to save your setup. Finally, click Settings -> System, uncheck Hardware clock in UTC time, and click OK. That’s all the configuration that is necessary for the PIAF-Green-WebRTC Virtual Machine. If you blinked, you probably missed it.

4. Start the PIAF-Green-WebRTC Appliance. Once you’ve imported and configured your new Virtual Machine, you’re ready to go. Highlight the appliance in the VM List on the VirtualBox Manager Window and click the Start button. The boot procedure with CentOS 6.3 will begin just as if you had installed PBX in a Flash and Incredible PBX on a standalone machine. You’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and Incredible PBX.

Here’s what you need to know. To work in the Virtual Machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. Always shut down your virtual machine gracefully! Click in the VM window with your mouse, log in as root, and type: shutdown -h now. Or, from the VirtualBox Manager Window, Ctl-Click on the PIAF-Green-WebRTC VM and choose Close -> ACPI Shutdown.

Always run Virtual Machines behind a hardware-based firewall with no Internet port exposure!

To begin, position your mouse over the VM window and left-click. Once the virtual machine has booted, log in as root with password as the password. Change your root password immediately by typing passwd at the command prompt. Now set up a secure maint password for FreePBX as well. Type passwd-master. If you’re not in the Eastern U.S. time zone, then you’ll want to adjust your timezone setting so that reminders and other time-sensitive events happen at the correct time. Issue the following command to pick your time zone: /root/timezone-setup. Now type status and write down the IP address of your appliance. Finally, edit /etc/asterisk/sip_custom.conf and replace the secret=8000 entry with a very secure password. This is your WebRTC extension password. Restart Asterisk: amportal restart.

5. Access WebRTC Page Hosted on PIAF-Green-WebRTC Using the latest Chrome browser from a machine on the same subnet as your appliance, point to the WebRTC web page of your appliance using the actual IP address of your virtual machine: http://192.168.0.141/myphone/call.htm.

6. Configure sipml5 to Make a Connection to Asterisk. There are two configuration steps before you can log in and start making calls through your Asterisk server. First, click on the Expert Mode button. Fill out the form as shown below using the actual IP address of your server. Click Save when you’re finished, close this browser window, and return to the main WebRTC page.

Next, fill out the Registration section using the actual IP address of your server and the extension 8000 password that you created above. Private Identity is 8000, Public Identity is sip:8000@ipaddress, Realm is Asterisk ipaddress.

Once you’ve completed your entries, click Login to make a connection to your Asterisk server.

7. Placing a Call with WebRTC. Once you’re logged in, it’s just as if you had registered a softphone to your Asterisk server. Calls from other extensions can reach you by dialing extension 8000. And you can place outbound calls using the Call Control panel. To demonstrate how this works, try the following. To retrieve Today’s News Headlines, enter 951. Then click the Call button. To retrieve the latest Weather Forecast for your city, dial 949 and say the city and state when prompted. You can’t enter touchtone keys so just ignore the "press pound" instruction and wait for the timeout.

We have intentionally not walked you through configuring an outbound trunk even though one can easily be used to make outbound calls. Before doing so, make very certain that your appliance is behind a hardware-based firewall with no Internet port exposure. It’s your phone bill. Enjoy!

WebRTC Conference and Expo. The 2013 WebRTC Conference and Expo is returning to Atlanta on June 25. For everything you ever wanted to know about WebRTC, that’s the place to be. You can sign up now at WebRTCWorld.com. The Half-Price Early Bird discount ends on March 1. And you can save an additional 15% by using Coupon Code: AA.

Originally published: Tuesday, February 26, 2013



Need help with Asterisk? Visit the PBX in a Flash Forum.

 


Some Recent Nerd Vittles Articles of Interest…

The Ultimate Android Tablet: Meet the Microsoft Surface Pro

We were fully prepared to hate the Microsoft Surface Pro. After all, it was designed and produced by Microsoft, and we haven’t seen many flashes of brilliance from Redmond since the XBox. That was more than eleven years ago! Yes, Microsoft has new smartphones, but they’re too little, too late in our opinion. So why is the Surface Pro different? For openers, it runs pure Windows 8, not the Windows RT crippleware. While we’re not much of a Windows cheerleader any more (we were for the first 25 years), it is worth noting that Apple has one operating system for desktops and notebooks and a different (crippled) one for smartphones and tablets. And Google has one operating system for its notebooks and a very different one for its smartphones and tablets. Microsoft, on the other hand, had a better idea. The same operating system runs on both its desktop computers, its notebooks, and its latest tablet, the Surface Pro. What that means is the same application that runs on your desktop computer can now perform equally well on a tablet. And it can do it with or without the Surface’s revolutionary, portable keyboard. Application portability is huge especially if your company happens to still be a pure Microsoft shop. And it’s especially important if you or your employees happen to travel for a living.

It Just Works. So much for the theory. The bottom line for us was whether our existing PBX in a Flash, Incredible PBX, and Android platforms could live and breathe on the Surface Pro. The short answer is a resounding YES. This is not the crippled, proprietary Windows RT platform found in the original (klunky) Surface. This is a fully functional Windows 8 machine with an Intel processor, blazing performance, and both microSD and USB 3.0 slots, nice additions that you won’t find on a lot of tablets. If an app will run with Windows 7 or Windows XP, it works just as well or better on the Surface Pro. And with BlueStacks, you can run 750,000 Android apps on your Surface Pro as well. We quickly downloaded our favorite Android VoIP app, Groove IP, from Google’s Play Store using BlueStacks. Then we performed a couple of quick calls using a Google Voice account. The calls were flawless even with our shaky DSL connection on a very snowy day in the mountains. Adding BlueStack’s Cloud Connect will let you push existing apps from your Android phone or tablet to your Surface Pro. Pretty cool.

For a complete technical review of the Surface Pro, visit ZDnet or TechRadar. Just pray you never need repairs.

The only thing we’ve found missing hardware-wise on the Surface Pro is a PrintScreen key on the awesome keyboard which is a must-have, by the way. To print screens, you’ll need to use the tablet trick: VolDown + Home. But, as you can see from the screenshot above, it works fine. Because of the high resolution screen however, you lose something shrinking the images down to 650 pixels. On the software front, there were few surprises. WiFi is rock solid, and links to MiFi devices make the Surface Pro truly portable. If ass-backwards scrolling with the touchpad drives you crazy, use RegEdit and search for the mouse entry for FlipFlopHScroll. Change the decimal value from 0 to 1. The Chrome browser works fine with the keyboard and mousepad, but you’ll be using Internet Explorer to work with the touchscreen in tablet mode. Hopefully, that will get fixed shortly.

SAMBA connections work fine after the usual tweaks to the Windows Registry and a reboot. NeoRouter as a VPN client or server functions just as you would expect after telling Windows 8 to run the main programs as Administrator. Windows 8 is a bit more picky about this even when you’re logged in as an Administrator. Oracle’s VirtualBox as a virtual machine platform for Linux appliances works swimmingly, and performance is AMAZING. We built an Incredible PBX server using the latest .ova template in under 5 minutes, and we were making free calls and sending out faxes through Google Voice in under 10 minutes. Amazing!

Family Feud. There’s only one major shortcoming worth noting. Microsoft has taken their feud with Google to a whole new level with Windows 8. It’s not so much the Bingification of every Windows utility that bothers us. It’s what appears to be a conscious effort to banish Google from the Windows platform entirely. Think Apple! Those using two-step authentication for Google services are S.O.L. when it comes to Gmail. You’re left having to deploy Gmail as an IMAP mail service to get your mail at all. Giving Microsoft the benefit of the doubt, you could give them a pass on this if it had just been the initial Windows 8 release. But there have been plenty of patches and updates since Day One, and two-step authentication for Google services remains MIA. If the United States is going to retain its lead in the software development arena, Microsoft and Google and Apple had best bury the hatchet and learn how to work together to make their offerings complimentary. Consumers aren’t going to tolerate this kind of seventh grader nonsense in this day and age. So, wake up, Microsoft. Ruining an otherwise promising platform while trying to shaft Google is a lousy business decision, and it’s going to backfire. Consumers will simply move exclusively to their platform of choice, and guess what? That platform isn’t going to be Microsoft. More importantly, this article is a testament to what actually can be accomplished in Googlifying a Surface Pro with a little Yankee ingenuity. For all practical purposes, our Surface Pro is the best Android tablet we’ve ever owned, and we’ve owned a few. So here’s a little tip for Microsoft: Remember what made Windows a hit! Ubiquity, not exclusivity!

Originally published: Monday, February 18, 2013



Need help with Asterisk? Visit the PBX in a Flash Forum.


whos.amung.us If you’re wondering what your fellow man is reading on Nerd Vittles these days, wonder no more. Visit our new whos.amung.us statistical web site and check out what’s happening. It’s a terrific resource both for us and for you.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…