Home » Posts tagged 'vm'
Tag Archives: vm
Incredible VMware Deal: Workstation Pro and Fusion Pro Free for Personal Use
In case you missed it, Broadcom purchased VMware® from Dell in late 2023 for $61 billion. While pricing for commercial licenses went up, the good news for hobbyists is that Broadcom immediately rebranded VMware Workstation Pro and Fusion Pro for Macs as free offerings for personal use. While open source virtual machine platforms have dominated the marketplace over the past few years, if you fall into the personal use group, then this is a deal you can’t refuse. That’s not to say that VMware doesn’t have its fair share of quirks, but once you get past the installation process, VMware is a rock-solid virtualization platform.
While Proxmox remains our virtualization platform of choice for Linux, today we’ll walk you through getting VMware running on your Windows 11 or Mac desktop. One word of caution. There are three different installation procedures for Windows 11, x86 Macs, and ARM-based Macs. Be sure you use the correct procedure for your actual desktop computer.
With all three platforms, you’ll first need to sign up for a Broadcom account here. Once you’re registered, log into your new Broadcom account by clicking on the Login button. Then follow the applicable tutorial below to install Incredible PBX 2027 with Ubuntu® 22.04, Asterisk® 20, and FreePBX® 16. When finished, hop over to our Incredible PBX 2027-U tutorial for setup tips.
Installing VMware Workstation Pro with Windows 11
For Windows 11, install VMware Workstation Pro 17 for Personal Use (Windows) from here after logging into your Broadcom account.
1. Download this Incredible PBX 2027-U-VMware.ova image into Downloads
2. From your Downloads folder, right-click on the IncrediblePBX2027-U-VMware.ova file, click Open With, choose VMware Workstation
3. Give the virtual machine a name: IncrediblePBX2027-U, Accept default Storage Path, click Import
4. Click on the new VM in left sidebar and Click Power On
5. Login as root:password and press Ctrl-C at first prompt
6. Edit /etc/netplan/00* and add the following below the dhcp4 line:
dhcp-identifier: mac. Then save the file.
7. Issue the following commands:
echo -n > /etc/machine-id rm /var/lib/dbus/machine-id ln -s /etc/machine-id /var/lib/dbus/machine-id
8. Reboot and proceed with the normal installation scenario after logging back in
Installing VMware Fusion Pro on x86 Mac Desktops
For x86-based Macs, begin by downloading Fusion 13 Pro for Personal Use. Start it up on your x86 Mac desktop and then…
1. Download the Incredible PBX 2027-U zip file from this link
2. Unzip the file and switch to the unzipped directory
3. Right click the disk-1.vmdk file and open it using the VMware Fusion Pro app
4. Create a new VM specifying Linux -> Ubuntu-64bit as the platform
5. Choose Legacy BIOS and for the disk to use, Use Existing Disk, Take Disk Away and specify the disk-1.vmdk file above
6. Click Continue, Finish, and Save. When the VM is loaded, do not start it yet. If it starts, type halt to stop it.
7. Click Window, Virtual Machine Library, right-click on your VM, and choose Settings
8. For Network Adapter, choose Bridged Network -> Autodetect
9. For Hard Disk, click Advanced Options and then…
10. Check Pre-allocate Disk Space (this will keep the drive from loading as read only). Click Apply
11. After reconfig completes, start up the VM and press Ctrl-C at the first prompt after logging in as root:password
12. Enter the command: ip a
13. Write down the name associated with the network adapter, e.g. ens33
14. Edit /etc/netplan/00*
15. Replace the existing network adapter name (e.g. ens160) with your actual adapter name (e.g. ens33)
16. Add the following below the dhcp4 line: dhcp-identifier: mac. Then save the file.
17. Issue the following commands:
echo -n > /etc/machine-id rm /var/lib/dbus/machine-id ln -s /etc/machine-id /var/lib/dbus/machine-id
18. Issue command: sed -i "s|ens160|ens33|" /etc/default/knockd
19. Reboot and proceed with the normal installation scenario
Installing VMware Fusion Pro on ARM-Based Mac
For newer ARM-based Macs, begin by downloading Fusion 13 Pro for Personal Use. Start it up on your ARM-based Mac desktop and then…
1. In your Downloads folder, download iPBX2027U-ARM.tar.gz
2. Untar the file: tar zxvf iPBX2027U-ARM.tar.gz
3. Rename the untarred file to something unique. Be sure to preserve the .vmwarevm extension. Repeat steps #2 and #3 for each additional virtual machine you wish to create using unique file names each time.
4. Double-click on the .vmwarevm file that you untarred and renamed to start up the virtual machine in VMware Fusion..
5. Proceed with the standard Incredible PBX install procedure by following the prompts.
Originally published: Wednesday, May 22, 2024
Need help with Asterisk? Visit the VoIP-info Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
5 Minute PBX With Any Virtual Machine
For those with an existing virtual machine platform either at home or at the office, today is your lucky day. We have an Incredible PBX image for VirtualBox, VMware, Proxmox, Windows WSL, Mac UTM, and Linux Containers LXC that will have an Asterisk® PBX with FreePBX® up and running in less than 5 minutes. If you’ve ever wanted to kick the tires on a fully-loaded, secure PBX that offers virtually every telephony feature on the planet, now’s your chance. And it’s FREE!
If you’d prefer to let someone else worry about hardware maintenance, networking, and power outages, we’ve even got an Incredible PBX offering in the Cloud that will only set you back $25 a year in your choice of locations: Los Angeles, Atlanta, Miami, Germany, or The Netherlands. And that includes a free backup for a rainy day. Start here.
For those that are new to the open source community, finding free software is pretty easy. Finding good documentation to accompany it is more of a challenge. With Incredible PBX, you get both. My previous employer spent well over $150,000 for a PBX with less than half the features you’ll find in Incredible PBX out of the box. And you’ll never have to worry about upcharges every time you add a feature or an additional user or extension. Pick your free virtual machine platform below and enjoy the ride.
Incredible PBX 2027 for VirtualBox
For VirtualBox platforms, start by downloading the latest Incredible PBX 2027 .ova image from the Incredible PBX repository. You have a choice of operating systems: Ubuntu 22.04 or Debian 11. Then read our VirtualBox tutorial for setup and usage tips.
Incredible PBX 2027 for VMware
For VMware, start by downloading the latest VMware image for Incredible PBX 2027 and Ubuntu 22.04. Then read our VMware tutorial for setup and usage tips.
Incredible PBX 2027 for Proxmox 7
Our Incredible PBX 2027-U for Proxmox 7 tutorial will walk you through setting up a Proxmox server and building Incredible PBX 2027 virtual machines with Ubuntu® 22.04, Asterisk® 20, and FreePBX® 16 in minutes using a powerful little MiniPC.
Incredible PBX 2027 for Windows 11 WSL
If you’re strapped for cash and simply want to use an existing Windows 11 computer as the virtual machine host for Incredible PBX, you have a couple of options. First, you can install VirtualBox on your machine and follow the VirtualBox tutorial above. Another options is to deploy Microsoft’s own virtual machine platform for Windows 11. It’s called Windows 11 Subsystem for Linux (WSL). You’ll find step-by-step install instructions in this Nerd Vittles tutorial.
Incredible PBX 2027 for Mac UTM
With Apple’s new, proprietary processors, the days of using VirtualBox on a Mac are over. But, fear not. Apple has introduced their own virtualization platform: Mac UTM. You’ll find step-by-step instructions to deploy both UTM and Incredible PBX in this Nerd Vittles tutorial. For older Intel-based Macs, you still can deploy Incredible PBX with VirtualBox.
Incredible PBX 2027 for Linux Containers LXC
For those of you that have kissed Windows and Mac desktops goodbye, there’s now a virtualization platform for Linux desktop computers as well. You’ll find our tutorial for Linux LXC Containers here. You won’t be disappointed.
Adding a $1 a Month Phone Number with Free Incoming Calls
Last, but not least, let us point you to two of the best deals on the planet when it comes to acquiring a telephone number for your PBX with free incoming calls. CallCentric offers $1 a month residential DID with free incoming SIP calls. And a similar deal is available from LocalPhone with up to 100 free incoming calls of unlimited duration every day. We use both services and have never experienced an outage in over 10 years.
Originally published: Wednesday, January 24, 2024
Need help with Asterisk? Visit the VoIP-info Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
The Asterisk Superfecta: Incredible PBX 2020 Finishes First
At the track, picking the first four winning horses pays big bucks, and you’ll never forget winning the Superfecta. When it comes to unified communications, it’s equally advantageous to have cloud, on-premise, VirtualBox, and VMware offerings from which to choose. With the latest rollouts of Incredible PBX® 2020, you literally have the Asterisk® Superfecta. With the exception of the cloud offering, you don’t even have to buy a ticket. The CrownCloud offerings for $25/year in Los Angeles, Atlanta, Germany, and the Netherlands have no equal.1 And soon we’ll roll out IncredibleBackup2020 so you can move transparently between all the platforms.
The current Incredible PBX 2020 offerings include the following:
- Incredible PBX 2020 for CentOS 7 and Raspbian 10
- Incredible PBX 2020 for VirtualBox®
- Incredible PBX 2020 for VMware®
- Incredible PBX 2020 for CrownCloud
Snapshot images are available for Raspbian 10, VirtualBox, VMware, and CrownCloud which means all of these builds can be installed in just a few minutes. The Incredible PBX 2020 offering for CentOS 7 is built from source code on the fly which typically takes about 30 minutes once you have your CentOS 7 Minimal platform in place. And, of course, Incredible PBX 2020 for CentOS 7 can be installed on any platform offering a CentOS 7 base image. Unlike most of the other Asterisk aggregations, all Incredible PBX 2020 offerings include both Asterisk and FreePBX® source code which makes upgrades incredibly flexible whether upgrading Asterisk 16 to the latest, trying out Asterisk 17, or updating FreePBX 15 modules.
Upgrading to the Latest Asterisk 16 Release. All Incredible PBX 2020 platforms include an Asterisk 16 upgrade script in the /root folder which will build you the latest release of Asterisk 16 from source code. It also provides the flexibility to choose which modules to include in the build as well as whether to enhance performance on a particular platform by turning on the BUILD_NATIVE Compiler Flag, a feature that is not available with packaged RPMs.
Upgrading to the Latest Asterisk 17 Release. Appreciating that some of you like to live on the bleeding edge, we now have released an Asterisk 17 upgrade script for the CentOS 7, VirtualBox, VMware, and CrownCloud platforms. Just issue the following commands, and you’ll be off to the races.
cd /root wget http://incrediblepbx.com/upgrade-asterisk17.tar.gz tar zxvf upgrade-asterisk17.tar.gz rm -f upgrade-asterisk17.tar.gz ./upgrade-asterisk17
Updating Your FreePBX 15 Modules. While the Module Admin utility in FreePBX gives you the flexibility to update any or all of your FreePBX modules, a simpler method is available to do a bulk upgrade from the Linux CLI. After logging into your PBX as root, issue these commands:
rm -f /tmp/* fwconsole ma upgradeall fwconsole reload /root/sig-fix systemctl restart apache2 /root/sig-fix
Regardless of the Incredible PBX 2020 platform you choose, always remember our Automatic Update Utility will keep your PBX current, running reliably, and as bug-free as we possibly can make it. No one else in the VoIP community has anything close. Enjoy the free ride!
Originally published: Monday, August 24, 2020
Need help with Asterisk? Visit the VoIP-info Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
- We don’t make a dime on the CrownCloud platforms, and the on-premise, VirtualBox, and VMware offerings all are free. [↩]
Virtual Paradise: It’s Incredible PBX 2020 for VMware
Let’s face it. Virtual Machines are the future of server administration. Whether you prefer your own dedicated hardware or cloud-based resources managed by you or someone else, virtual platforms are the way to go. You get more bang for the buck out of your hardware by pooling resources for multiple tasks. VMware® and VirtualBox® make it easy. Today we’re pleased to introduce a summer refresh of our VMware build. It provides the latest Asterisk® 16 and FreePBX® 15 components and now includes Incredible Fax featuring HylaFax and AvantFax. All are built from source, and the install only takes a few minutes.
Just download the VMware tarball image from SourceForge to your desktop. Fire up your browser and login to your VMware Web Console. With a few mouse clicks, you’ll have a CentOS 7 platform in place with Incredible PBX® and Incredible Fax just a single keystroke away. It doesn’t get much easier. And, you get the very latest release of Asterisk 16 compiled from source code that you can actually examine, enhance, and share… just like the GPL license says.
Choosing a Virtual Machine Platform
Making the right deployment choice for your virtual machine platform depends upon a number of factors. We’ve already sung the praises of VirtualBox so we won’t repeat it here. VMware also is rock-solid and has been for decades. VMware typically runs on dedicated hardware. If you don’t have the funds for a hardware purchase to support your virtualization requirements, then VirtualBox on your desktop machine is a no-brainer. For many, however, some separation of the virtualization environment from your desktop computing environment is desirable. That choice is equally easy. VMware wins, hands down. Better yet, you can make snapshot backups of your virtual machines in seconds with a single button click. If you’ve wrestled with backups on standalone hardware with Linux, you’ll quickly appreciate the difference.
Getting Started with VMware ESXi
Many of you have VMware platforms already in place at work. For you, installing Incredible PBX 2020 is as simple as downloading the image to your desktop and importing it into your existing platform. Better yet, your system administrator can do it for you. If you’re new to VMware, here’s an easy way to get started, and the software won’t cost you a dime. VMware offers a couple of free products that will give you everything you need to run a robust VMware platform on relatively inexpensive hardware. The choice is up to you.
A Free VMware Platform for SOHO Apps
Before you can download the components for the free VMware ESXi platform, you’ll need to sign up for a free account at my.vmware.com. Once you’re signed up, log in and follow these simple steps to sign up for a free ESXi license key and download the ESXi version 6 software:
- Write down your assigned License Key
- Manually download the VMware vSphere Hypervisor 6.5 ISO
- Manually download the VMware vSphere Client 6.5
Next, burn the ISO to a CD/DVD and boot your dedicated VM hardware platform with it. Follow the instructions to complete the install. Next install the vSphere Client on a Windows computer, if desired. Don’t forget to add your ESXi License Key when you complete the installation. Once the ESXi server is up and running, you can stick the hardware on a shelf somewhere out of the way. You will rarely interact with it. That’s all handled using the VMware Web Console. Don’t forget to apply your License Key once VMware ESXi is up: Virtual Machines -> Licensing -> Apply License.
Installing the vSphere Web Client
Most of the feature set of the former Windows vSphere Client now is available from the convenience of your browser. Just point it to the IP address of your VMware server like this: https://ip-address/ui/.
Here’s how to install the vSphere Web Client:
1. Log into the console of your ESXi server as root using your root password.
2. Press F2 to Customized System.
3. Choose Troubleshooting Options.
4. Choose Enable SSH.
5. Using a Terminal window on a Mac or Linux machine or using Putty with Windows, log into the IP address of your ESXi server as root.
6. Issue the following commands to install the latest vSphere Web Client vib and disable http firewall blockage:
esxcli software vib install -v http://download3.vmware.com/software/vmw-tools/esxui/esxui-signed-latest.vib esxcli network firewall ruleset set -e true -r httpClient
7. Using a web browser, login to the web client as root at https://ESXi-server-IP-address/ui/
8. Should you ever wish to remove the web client from your server:
esxcli software vib remove -n esx-ui
9. You may wish to disable SSH access when you’re finished. Just repeat steps 1-4 above.
Here’s what a typical Incredible PBX Virtual Machine looks like in the web client once you’ve added the VMware Tools to your virtual machine as documented below. There’s even a Console window.
Under the Virtual Machines tab, you now can manage and add new VMs directly.
Installing VMware Tools in a Virtual Machine
If you plan to manage your virtual machines using the vSphere Web Client and a browser, then you definitely will want to install the VMware Tools in each of your virtual machines.
For ESXi 6.5, install the new GPL VMware open-vm-tools. Here’s how:
1. Start up your VM and login to the VM as root using SSH or Putty.
2. From the Linux CLI, issue the following commands:
yum -y install --enablerepo=epel open-vm-tools reboot
Special thanks to John Borhek (@unsichtbarre on the PIAF Forum) for the VMware lessons. 🙂
Deploying the Incredible PBX Template
Deploying an Incredible PBX template only takes a few minutes, but first you need to download the Incredible PBX 2020 tarball template from SourceForge onto your Desktop PC. Then untar the tar.gz file which will create the IncrediblePBX folder with the VMware image components.
Once the Incredible PBX template components are on your desktop, here are the install steps:
1. Using a browser, login to the VMware Web Console using the root account you set up when you installed ESXi. Choose File, Deploy OVF/OVA Template.
2. Drag-and-drop the IncrediblePBX folder from your Desktop PC onto the web console.
3. Click Next.
4. Give the new Virtual Machine a name.
5. IMPORTANT: Choose Thin Provision option and click Next.
6. Review your entries and click Next to create the new Virtual Machine.
7. It only takes a few minutes to create the new Virtual Machine.
8. The Main Client window will redisplay and your new VM should now be shown in the left panel. (1) Click on it. (2) Then click the Green start icon. (3) Then click the Console Window icon.
9. When the VM’s Console Window opens, click in the window in the black area. Log into your virtual machine as root using the default password: password.
10. To complete the Incredible PBX 2020 setup, you will automatically be walked through the short installation procedure when you start the virtual machine. Following the automatic reboot, just log in a second time as root and the install will complete. We recommend using SSH for your second login so that your desktop PC gets whitelisted in the Incredible PBX firewall.
11. Set up the proper time zone for your server: /root/timezone-setup.
12. Reset admin passwords by running: ./admin-pw-change, ./apache-pw-change, and ./avantfax-pw-change.
13. Choose an email delivery address for your faxes: ./avantfax-email-change.
That should be enough tutorial for today. Enjoy your new VMware platform.
Continue Reading: Configuring Extensions, Trunks & Routes
Don’t Miss: Incredible PBX Application User’s Guide covering the 31 Whole Enchilada apps
Originally published: Monday, February 17, 2020 Updated: Sunday, August 16, 2020
Need help with Asterisk? Visit the VoIP-info Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Virtual Paradise: It’s Incredible PBX 13-13.10 for VMware
Let’s face it. Virtual Machines are the future of server administration. Whether you prefer your own dedicated hardware or cloud-based resources managed by you or someone else, virtual platforms are the way to go. You get more bang for the buck out of your hardware by pooling resources for multiple tasks. VMware® and VirtualBox® make it easy. Today we’re pleased to introduce our latest build for VMware. It provides the latest Asterisk® 13 and FreePBX® 13 GPL components from source in about 15 minutes.
Just download the VMware .zip image from SourceForge to your desktop and unzip it. Fire up your browser and login to your VMware Web Console. With a few mouse clicks, you’ll have a CentOS 6.10 platform in place with Incredible PBX® just a single keystroke away. It doesn’t get much easier. And, you get the very latest release of Asterisk 13 compiled from source code that you can actually examine, enhance, and share… just like the GPL license says.
Choosing a Virtual Machine Platform
Making the right deployment choice for your virtual machine platform depends upon a number of factors. We initially started out with Proxmox 4 which looked promising. After all, we had used and recommended earlier releases of Proxmox for many years until some security vulnerabilities caused us to look elsewhere. Those kernel issues are now a thing of the past, but Proxmox 4 introduced some new wrinkles. First, to stay current with software fixes and updates, you have to pay the piper by signing up for the annual support license. This turned out to be a deal breaker for a couple of reasons. It was expensive since it’s based upon the number of CPUs in your platform. In the case of the hardware shown below, that turned out to be 4 CPUs (by Proxmox’s calculation) which meant the annual support license would run nearly $400 per year. That buys an enormous number of cloud-based virtual machines without having to babysit hardware at all. So we’ve reluctantly concluded that Proxmox 4 isn’t a particularly good fit for development or production use.
We’ve already sung the praises of VirtualBox so we wont’ repeat it here. VMware also is rock-solid and has been for more than fifteen years. VMware typically runs on dedicated hardware. If you don’t have the funds for a hardware purchase to support your virtualization requirements, then VirtualBox on your desktop machine is a no-brainer. For many, however, some separation of the virtualization environment from your desktop computing environment is desirable. That choice is equally easy. VMware wins, hands down. Better yet, you can make snapshot backups of your virtual machines in seconds with a single button click. If you’ve wrestled with backups on standalone hardware with Linux, you’ll quickly appreciate the difference.
Getting Started with VMware ESXi
Many of you have VMware platforms already in place at work. For you, installing Incredible PBX 13-13.10 is as simple as downloading the image to your desktop and importing it into your existing platform. Better yet, your system administrator can do it for you. If you’re new to VMware, here’s an easy way to get started, and the software won’t cost you a dime. VMware offers a couple of free products that will give you everything you need to run a robust VMware platform on relatively inexpensive hardware. The choice is up to you.
A Free VMware Platform for SOHO Apps
Before you can download the components for the free VMware ESXi platform, you’ll need to sign up for a free account at my.vmware.com. Once you’re signed up, log in and follow these simple steps to sign up for a free ESXi license key and download the ESXi version 6 software:
- Write down your assigned License Key
- Manually download the VMware vSphere Hypervisor 6.5 ISO
- Manually download the VMware vSphere Client 6.5
Next, burn the ISO to a CD/DVD and boot your dedicated VM hardware platform with it. Follow the instructions to complete the install. Next install the vSphere Client on a Windows computer. Don’t forget to add your ESXi License Key when you complete the installation. Once the ESXi server is up and running, you can stick the hardware on a shelf somewhere out of the way. You will rarely interact with it. That’s all handled using either the VMware vSphere Client on your Windows Desktop or the VMware Web Console. Don’t forget to apply your License Key once VMware ESXi is up: Virtual Machines -> Licensing -> Apply License.
Deploy VMware Template with vSphere Client
Deploying an Incredible PBX template takes about two minutes, but first you need to download the Incredible PBX 13-13.10 template from SourceForge onto your Windows Desktop and unzip it.
Once the Incredible PBX template components are on your desktop, here are the deployment steps:
1. Login to the vSphere Client on your Windows Desktop using the root account you set up when you installed ESXi. Choose File, Deploy OVF Template.
2. Select the two Incredible PBX components from your desktop PC.
3. Click Next.
4. Give the new Virtual Machine a name.
5. IMPORTANT: Choose Thin Provision option and click Next.
6. Review your entries and click Next to create the new Virtual Machine.
7. It only takes a couple minutes to create the new Virtual Machine.
8. The Main Client window will redisplay and your new VM should now be shown in the left panel. (1) Click on it. (2) Then click the Green start icon. (3) Then click the Console Window icon.
9. When the VM’s Console Window opens, click in the window in the black area. Log into your virtual machine as root using the default password: password.
10. To complete the Incredible PBX setup, you will automatically be walked through the short installation procedure when you start the virtual machine. Following the automatic reboot, just log in a second time as root and the install will complete.
11. To add Incredible Fax support with HylaFax and AvantFax, run: /root/incrediblefax13.sh.
12. Set up the proper time zone for your server: /root/timezone-setup.
13. Next, reset your root password and make it very secure: passwd.
14. Finally reset your admin password for web access to your server: /root/admin-pw-change.
15. Reset Enchilada passwords at any time by running: /root/update-passwords.
Press Ctrl-Alt to get your mouse and keyboard out of the console window.
Installing the vSphere Web Client
If you’re lucky, you may not have a Windows machine. The downside is that the vSphere Client described above only works on the Windows platform. After a good bit of searching, we finally uncovered a simple way to install the latest vSphere Web Client. It is pure HTML5 with no Flash code! While still under development, VMware has made progress, and it shows. Most of the feature set of vSphere Client now is available from the convenience of your browser. Just point it to the IP address of your VMware server like this: https://ip-address/ui/.
Here’s how to install the vSphere Web Client:
1. Log into the console of your ESXi server as root using your root password.
2. Press F2 to Customized System.
3. Choose Troubleshooting Options.
4. Choose Enable SSH.
5. Using a Terminal window on a Mac or Linux machine or using Putty with Windows, log into the IP address of your ESXi server as root.
6. Issue the following commands to install the latest vSphere Web Client vib and disable http firewall blockage:
esxcli software vib install -v http://download3.vmware.com/software/vmw-tools/esxui/esxui-signed-latest.vib esxcli network firewall ruleset set -e true -r httpClient
7. Using a web browser, login to the web client as root at https://ESXi-server-IP-address/ui/
8. Should you ever wish to remove the web client from your server:
esxcli software vib remove -n esx-ui
9. You may wish to disable SSH access when you’re finished. Just repeat steps 1-4 above.
Here’s what a typical Incredible PBX Virtual Machine looks like in the web client once you’ve added the VMware Tools to your virtual machine as documented below. There’s even a Console window.
Under the Virtual Machines tab, you now can manage and add new VMs directly.
Installing VMware Tools in a Virtual Machine
If you plan to manage your virtual machines using the vSphere Web Client and a browser, then you definitely will want to install the VMware Tools in each of your virtual machines.
For ESXi 6.0, your only choice is VMwareTools. Here’s how to install:
1. Start up your VM and login as root.
2. From the Windows vSphere Client, right click on virtual machine you started.
3. Choose Guest:Install VMware Tools.
4. Return to the Linux CLI of your virtual machine and issue the following commands. Accept all of the defaults in the installation script when it is run in the final step below:
mkdir /mnt/cdrom mount /dev/cdrom /mnt/cdrom ls /mnt/cdrom cd /tmp tar -zxvf /mnt/cdrom/VMwareTools* umount /mnt/cdrom cd vmware-tools-distrib ./vmware-install.pl
For ESXi 6.5, we prefer the new GPL VMware open-vm-tools. Here’s how to install:
1. Start up your VM and login to the VM as root using SSH or Putty.
2. From the Linux CLI, issue the following commands:
yum -y install --enablerepo=epel open-vm-tools reboot
Special thanks to John Borhek (@unsichtbarre on the PIAF Forum) for the VMware lessons. 🙂
That should be enough tutorial for today. Enjoy your new VMware platform.
Continue Reading: Configuring Extensions, Trunks & Routes
Don’t Miss: Incredible PBX Application User’s Guide covering the 31 Whole Enchilada apps
Originally published: Monday, December 18, 2017 Updated: Monday, June 17, 2019
Need help with Asterisk? Visit the VoIP-info Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
The 5-Minute PBX: Incredible PBX with Wazo for VirtualBox
We’ve sung the praises of VirtualBox for many years because it provides a wonderful platform for experimentation as well as production-ready systems using almost any hardware and any operating system. Versions of VirtualBox are available for Windows PCs, Macs, Linux desktops, and even Solaris machines. And, once you have VirtualBox in place, you can load gigabyte-sized turnkey virtual machines in a couple minutes. It literally transforms complex computer setups into child’s play.
We’ve received dozens of emails about Wazo, and many of them go something like this:
I’d love to experiment with Wazo as an Asterisk® platform, but I worry that the environment is just too different and the learning curve too steep. I just wish there were a simple way to get started so that I could learn the basics.
Today, your prayers have been answered. You don’t have to buy any hardware. You can use the desktop computer you already have. We’ve taken the Incredible PBX for Wazo tutorial and turned it into a turnkey virtual machine for VirtualBox. You can load it in a couple minutes and be ready to go. It’s got all of the Incredible PBX bells and whistles, and extensions already are configured for a SIP phone and WebRTC so that you can hit the ground running. Just install VirtualBox. Next, load the Incredible PBX for Wazo image. Install your favorite SIP phone or run WebRTC in your browser. A complete WebRTC tutorial is available here. Once you finish configuring your SIP or WebRTC client, you’re ready to start making calls. You can add a SIP trunk using one of preconfigured setups by following one of SIP provider tutorials we’ve provided. Or, if you live in the United States, you can add a Google Voice trunk and make free calls in the U.S. and Canada. Let’s get started!
Installing Oracle VM VirtualBox
Oracle’s virtual machine platform inherited from Sun is amazing. It’s not only free, but it’s pure GPL2 code. VirtualBox gives you a virtual machine platform that runs on top of any desktop operating system. In terms of limitations, we haven’t found any. We even tested this on an Atom-based Windows 7 machine with 2GB of RAM, and it worked without a hiccup. So step #1 today is to download one or more of the VirtualBox installers from VirtualBox.org or Oracle.com. Our recommendation is to put all of the 100MB installers on a 4GB thumb drive.1 Then you’ll have everything in one place whenever and wherever you happen to need it. Once you’ve downloaded the software, simply install it onto your favorite desktop machine. Accept all of the default settings, and you’ll be good to go. For more details, here’s a link to the Oracle VM VirtualBox User Manual.
Installing Incredible PBX for Wazo VM
To begin, download Incredible PBX for Wazo .ova image (1.9 GB) to the computer on which you installed VirtualBox.
When the download completes, double-click on the .ova file you downloaded to load it into VirtualBox. When prompted, be sure to check the Reinitialize the Mac address of all network cards box, agree to the license agreement, and then click the Import button. Once the import is finished, you’ll see a new (1) Incredible PBX for Wazo virtual machine in the VM List of the VirtualBox Manager Window. We need to make a couple of one-time adjustments to the Incredible PBX for Wazo configuration to account for differences in sound and network cards on different host machines.
(1) Click once on the Incredible PBX for Wazo virtual machine in the VM List. Then (2) click the Settings button. In the Audio tab, check the Enable Audio option and choose your sound card. In the Network tab for Adapter 1, check the Enable Network Adapter option. From the Attached to pull-down menu, choose Bridged Adapter. Then select your network card from the Name list. Then click OK. That’s all the configuration that is necessary for your Incredible PBX for Wazo.
Running Incredible PBX for Wazo VM
Once you’ve imported and configured the Incredible PBX for Wazo Virtual Machine, you’re ready to go. Highlight Incredible PBX for Wazo virtual machine in the VM List on the VirtualBox Manager Window and click the Start button. The standard Wazo boot procedure will begin and, within a short time, you’ll get the familiar Linux login prompt. During the bootstrap procedure, you’ll see a couple of dialogue boxes pop up that explain the keystrokes to move back and forth between your host operating system desktop and your virtual machine. Remember, you still have full access to your desktop computer. Incredible PBX for Wazo is merely running as a task in a VirtualBox window. Always gracefully halt Incredible PBX just as you would on a dedicated computer.
Here’s what you need to know. To work in the Incredible PBX for Wazo virtual machine, just left-click your mouse while it is positioned inside the VM window. To return to your host operating system desktop, press the right Option key on Windows machines or the left Command key on any Mac. For other operating systems, read the dialogue boxes for instructions on moving around. To access the Linux CLI, login as root with the default password: password.
Once you log into your virtual machine, a startup script will briefly configure a few things and then advise you that it’s time to reboot. If prompted for the hostname, type xivo. Write down the IP address provided because for Phase 2 of the setup, we need to use SSH or Putty on the desktop that you will actually be using to manage your server. The reason for this is that Incredible PBX automatically creates a whitelist of IP addresses that the firewall will allow to access your server. If the IP address isn’t in your whitelist, you may lock yourself out except from the VirtualBox console window.
Once the VirtualBox console window shows that your server has rebooted by displaying the Linux login prompt, switch to SSH or Putty and login as root using the IP address you wrote down. You’ll then be prompted to change your root password for Linux as well as your root password for Wazo GUI access using a web browser. You’ll also need to set a PIN that will be used to authorize access to extension 123 to schedule Telephone Reminders on your server. This completes the configuration. You’ll get a final screen showing the credentials for the preconfigured 701 and 702 extensions as well as a reminder that your PortKnocker credentials are stored in /root/knock.FAQ in the event you ever lock yourself out of your machine. It’s a good idea to leave this screen displayed while you install and configure a softphone since you can cut-and-paste your extension 702 credentials without having to type anything. Extension 701 comes preconfigured to support WebRTC using a Chrome or Firefox browser.
Once you complete the SIP or WebRTC setup below, you can return to the SSH window and press ENTER to finish the install. The Incredible PBX Automatic Update Utility will run, and then you will be presented with the pbxstatus display. You can access the Asterisk CLI by typing: asterisk -rvvvvvvvvvv. Exit from the CLI by typing quit. As mentioned previously, always shut down your server gracefully by typing halt. When prompted for the hostname, type xivo. Once the shutdown procedure finishes, it’s safe to turn off your virtual machine.
Choosing a SIP Softphone for Incredible PBX
Softphones tend to be a matter of taste for most folks so we’ll keep our suggestions to a minimum. On the Windows platform, it’s hard to go wrong with X-Lite. It works out of the box by simply plugging in the IP address of your server and your SIP username and password. It also happens to be free. The only downside is that X-Lite has a nasty habit of embedding time bombs in their free software so you may have to reinstall it from time to time. If you know what you’re doing, Zoiper is another alternative but be advised that it doesn’t work out of the box on servers behind NAT-based routers.
On the Mac platform, our favorite free softphone is Telephone. It’s a barebones SIP client that just works. As with X-Lite, you plug in your server’s IP address and SIP credentials, and you’re in business.
On the Linux or Solaris platforms, we assume that you know what you’re doing and that you are perfectly capable of choosing and installing a SIP phone that meets your requirements.
Incredible PBX Application Quick Start Guide
We’ve finished the basic Incredible PBX for Wazo setup. You now have a functioning PBX with dozens of applications for Asterisk that work out of the box. It’s probably a good idea to spend a little time getting acquainted with Incredible PBX for Wazo before you add trunks to communicate with the outside world.
Here’s a handy cheat sheet for some of the Incredible PBX applications that have been installed or are available as add-ons. There’s also a link for more information.
- Google Voice CLI interface and SMS Message Blasting (Add-On)
- CallerID Superfecta – Match Names to CallerID Numbers
- CallerID Blacklist – Block Calls from Spammers and Old Girlfriends
- CDR Reports in CSV Format
- CDR Reports in SQLite3 Format
- Asteridex – The Poor Man’s Rolodex (SQLite3 version)
- AsteriDex Click-to-Dial with Wazo Phonebook
- NeoRouter VPN for Wazo
- FCC RoboCall BlackList
- CallerID WhiteList Override
- Dial 123 – Telephone Reminders
- Dial 411 – Call by Name from AsteriDex
- Dial 947 – Weather Forecasts by ZIP Code
- Dial 951 – Latest Yahoo News
- Dial 2663 – Conference Call
- Dial 3472 – DISA Access
- Dial 4871 – Allison’s Sample IVR
- Dial *881400 – Schedule an Alarm for 2 p.m. (1400 military time)
- Dial 53669 – Meet Lenny, the Robocaller’s Worst Nightmare
Configuring Trunks and Routes with Wazo
The next step in your Wazo adventure is connecting your PBX to the outside world so that you can make and receive phone calls from anywhere in the world. For this you’ll need one or more trunks. Unlike the Ma Bell world, there’s no reason to put all your eggs in one basket. You can use one or more trunk providers for incoming calls with separate phone numbers for each. And you can use one or more trunk providers for outgoing calls and save money on calls to certain countries by choosing the best provider for where you want to call. And, of course, if you live in the United States, you can set up one or more Google Voice trunks and make calls to the U.S. and Canada for free. We’ve written a number of tutorials to make it easy to set up these trunks.
To get started, point a web browser to the IP address of your PBX. Login as root with the Wazo GUI password you set up above. If you ever forget your password, you can run /root/admin-pw-change to reconfigure it.
Wazo Trunk Implementation Tutorials
- Wazo Trunks Tutorial: Installing a Vitelity SIP Trunk2
- Wazo Trunks Tutorial: Installing a VoIP.ms SIP Trunk
- Wazo Trunks Tutorial: Installing a FreeVoipDeal (Betamax) SIP Trunk
- Wazo Trunks Tutorial: Installing a Google Voice-Simonics SIP Trunk
- Wazo Trunks Tutorial: Deploying Native Google Voice with OAuth Trunks
- Wazo Trunks Tutorial: Installing an Anveo Direct Outbound SIP Trunk
- Wazo Trunks Tutorial: Installing a Skype Connect SIP Trunk
Once you’ve added one or more trunks, you’ll need to tell Wazo how to route outgoing and incoming calls. Here are our step-by-step tutorials on setting up Outbound Calling Routes and Incoming Call Routes:
Wazo Call Routing Tutorials
- Wazo Call Routing Tutorial: Creating Outbound Routes for PSTN Calling
- Wazo Call Routing Tutorial: Creating Inbound Routes for DIDs
Now you’re ready to explore. We recommend you read through the Incredible PBX for Wazo tutorial to familiarize yourself with the inner workings of Wazo. Enjoy the ride!
Originally published: Monday, June 12, 2017
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…
- Many of our purchase links refer users to Amazon when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from Amazon to help cover the costs of our blog. We never recommend particular products solely to generate Amazon commissions. However, when pricing is comparable or availability is favorable, we support Amazon because Amazon supports us. [↩]
- Vitelity is a platinum sponsor of Nerd Vittles, and they also happen to be the best in the business. You’ll find a discount coupon to get a great deal on a DID and 4-channel trunk toward the end of this article. [↩]
Twofer Tuesday: 2 Cloud Servers for the Price of a RasPi
It’s been more than a year since we last chatted about Cloud At Cost. Because they’re in the midst of yet another 50% off Fire Sale and to close out February with a bang, it seemed like a good time to take a fresh look at a terrific way to get started with Linux. For today’s $35 cloud project, we’re going to build a free WordPress server and a free commercial PBX compliments of 3CX. For what it’s worth, we’ve been running a PIAF5 server at CloudAtCost for more than four months without a single hiccup. It provides flawless Google Voice calling from either a connected SIP phone or from the 3CX Client running on a SIM-free Android phone or iPhone. See our recent article for tips on setting up a SIM-free mobile phone.
For those coming from the Windows World, Linux can be a little intimidating. Learning with a Cloud-based server presents its own challenges because of the security issues when your server sits on the public Internet. And then there’s the cost factor. Not everyone has several hundred dollars to buy hardware and, frankly, learning about Linux on a $35 Raspberry Pi can drive most folks to drink. So today we’ll show you another way. It’s not necessarily a better way. But it’s different, and it’s loads of fun for not much money. Today’s project takes about an hour, and you’ll have two terrific Linux applications to play with for life when we’re finished.
There’s lots to hate at Cloud At Cost, a Canadian provider that offers virtual machines in the cloud for a one-time fee with no recurring charges. For $35, you currently get two virtual machine platforms, and each has 512MB of RAM, 10GB of storage, and a gigabit Internet connection FOR LIFE. We haven’t seen a week go by when Cloud at Cost didn’t offer some sort of discount. Today it’s 50% off which brings the per server cost down to $17.50 each. That’s less than most lunches these days. If you don’t like half off and would prefer to wait for a better discount, check their Twitter feed every few days. So that’s the good news. But, if 99.999% reliability, performance, and excellent customer support are your must-haves, then look elsewhere. So why would anyone in their right mind sign up for a cloud solution that didn’t offer those things? Did we mention it’s $17.50 for a lifetime cloud server!
If you take our recommendation, you’ll need to go into this with the right attitude. It’s not going to be flawless perfection computing. It’s a sandbox on which to experiment with Linux, and VoIP, and Cloud Computing. Will your virtual machine disintegrate at some juncture? Maybe so. We’ve had about a third of ours fail at some point. But you can rebuild them easily, especially if you keep a backup. Our experience is that the first couple days are critical. If you start seeing sluggish performance which degenerates to zero, don’t waste your time. Take good notes as you go along, delete the virtual machine, and rebuild a new one. It won’t cost you a dime, and it’ll save you hours of frustration. We suspect that bad folks get onto some of the servers and delight in bringing the machines to their knees. So the quicker you cut your losses, the better off you will be. Is CloudAtCost a good solution for production use? Don’t risk it unless waterboarding is your favorite sport. It’s probably not gonna work, and you WILL be disappointed. Repeat after me: IT’S A SANDBOX!
Building a LAMP Server in the Cloud
Our first objective today is to show you how to build a rock-solid, secure Linux server in the Cloud with all the bells and whistles that make Linux the server platform of choice for almost every organization in the world. We’ll continue by showing you how to embellish the platform with WordPress to do something that’s special for you whether it’s your own blog like Nerd Vittles, or a school newspaper, or an on-line shopping site to sell comic books. The basic foundation for most Linux platforms is called a LAMP server which stands for Linux, Apache, MySQL, and PHP. Linux is an open source operating system that includes contributions from thousands of developers around the world. Apache is the web server platform on which most commercial businesses stake their reputation. MySQL is the open source database management system now owned by Oracle. If it’s good enough for Facebook, it’s good enough for you. And PHP is THE web-based programming language that will let you build almost any application using Linux, Apache, and MySQL.
So what’s the big deal? There are thousands of online tutorials that will show you how to build a LAMP server. For long time readers of Nerd Vittles, you already know that the component we continually stress is security. Without that, the rest really doesn’t matter. You’ll be building a platform for someone else to hijack and use for nefarious purposes. When we’re finished with today’s Project #1, you’ll have a cloud-based LAMP server that is totally invisible to the rest of the world with the exception of its web interface. And we’ll show you a simple way to reduce the exposure of that web interface to some of its most likely attackers. Will it be 100% secure? Nope. If you have a web server on the public Internet, it’s never going to be 100% secure because there’s always the chance of a software bug that nobody has yet discovered and corrected. THAT’S WHAT BACKUPS ARE FOR!
Creating a CentOS Machine in the Cloud
To get started, you’ve got to plunk down your $35 at Cloud at Cost. This buys you two server platforms while they’re cheap! Once you’ve paid the piper, they will send you credentials to log into the Cloud at Cost Management Portal. Change your password IMMEDIATELY after logging in. Just go to SETTINGS and follow your nose.
To create your first virtual machine, click on the CLOUDPRO button and click Add New Server. If you’ve only purchased the $17.50 CloudPRO 1 platform, then you’ll need all of the available resources shown in the pick list. Otherwise, choose 1 CPU, 512MB RAM, and 10GB storage for your first server. Leave CentOS 6.7 64bit selected as the OS Type and click Complete. Depending upon the type of special pricing that Cloud at Cost is offering when you sign up, the time to build your virtual machine can take anywhere from a minute to the better part of a day. We’ve learned to build new virtual machines at night, and they’re usually available for use by the next morning. Luckily, this slow performance does not impact existing virtual machines that already are running in their hosting facility.
Initial Configuration of Your CentOS 6 VM
With a little luck, your virtual machine soon will appear in your Cloud at Cost Management Portal and look something like what’s shown above. The red arrow points to the i button you’ll need to click to decipher the password for your new virtual machine. You’ll need both the IP address and the password for your new virtual machine in order to log into the server which is now up and running with a barebones CentOS 6.7 operating system. Note the yellow caution flag. That’s telling you that Cloud at Cost will automatically shut down your server in a week to save (them) computing resources. You can change the setting to keep your server running 24/7. Click Modify, Change Run Mode, and select Normal – Leave Powered On. Click Continue and OK to save your new settings.
Finally, you’ll want to change the Host Name for your server to something more descriptive than c7…cloudpro.92… Click the Modify button again and click Rename Server to make the change. Your management portal then will show the new server name as shown above.
Logging into Your CentOS 6 VM
In order to configure and manage your new CentOS 6 virtual machine, you’ll need to log into the new server using either SSH or, for Windows users, Putty. After installing Putty, run it and log in to the IP address of your VM with username root and the password you deciphered above. On a Mac, open a Terminal session and issue a command like this using the actual IP address of your new virtual machine:
ssh root@12.34.56.78
Before you do anything else, reset your root password to something very secure: passwd
Installing the LAMP Server Basics
Now we’re ready to build your LAMP server platform. We’ve chopped this up into lots of little steps so we can explain what’s happening as we go along. There’s nothing hard about this, but we want to document the process so you can repeat it at any time. As we go along, just cut-and-paste each clump of code into your SSH or Putty session and review the results to make sure nothing comes unglued. If something does, the beauty of virtual machines is you can delete them instantly within your management portal and just start over whenever you like. So here we go…
We’ll begin by permanently turning off SELINUX which causes more problems than it solves. The first command turns it off instantly. The second line assures that it’ll stay off whenever you reboot your virtual machine.
setenforce 0 sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/selinux/config
First, let’s address a couple of CloudAtCost quirks that may cause problems down the road. CloudAtCost has a nasty habit of not cleaning up after itself with fresh installs. The net result is your root password gets reset every time you reboot.
killall plymouthd echo killall plymouthd >> /etc/rc.local rm -f /etc/rc3.d/S97*
Now let’s bring CentOS 6.7 up to current CentOS 6.8 specs and add a few important applications:
yum -y update yum -y install nano wget expect net-tools dialog git xz yum -y install kernel-headers yum -y install kernel-devel reboot
After reboot, log back in as root. Now we’ll set up your Apache web server and configure it to start whenever you reboot your server:
yum -y install httpd service httpd start chkconfig httpd on
Next, let’s set up your MySQL server, bring it on line, and make sure it restarts after server reboots. Unless you plan to add Asterisk® and FreePBX® to your server down the road, you’ll want to uncomment the two commands that begin with # by removing the # symbol and replacing new-password with a very secure password for your root user account in MySQL. Be sure to run the last command to secure your server. After logging in, the correct answers are n,Y,Y,Y,Y.
yum -y install mysql mysql-server service mysqld start chkconfig mysqld on #/usr/bin/mysqladmin -u root password 'new-password' #/usr/bin/mysqladmin -u root -p -h localhost.localdomain password 'new-password' mysql_secure_installation
Next, we’ll set up PHP and configure it to work with MySQL:
yum -y install php yum -y install php-mysql service httpd restart
Finally let’s get SendMail installed and configured. Insert your actual email address in the last line and send yourself a test message to be sure it’s working. Be sure to check your spam folder since the message will show a sender address of localhost which many email systems including Gmail automatically identify as spam.
yum -y install sendmail rpm -e postfix service sendmail restart yum -y install mailx echo "test" | mail -s testmessage youracctname@yourmailserver.com
Installing Supplemental Repositories
One of the beauties of Linux is not being totally dependent upon CentOS for all of your packaged applications. Let’s add a few other repositories that can be used when you need to add a special package that is not in the CentOS repository. Let’s start with EPEL. We’ll disable it by default and only use it when we need it.
yum -y install http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm sed -i 's|enabled=1|enabled=0|' /etc/yum.repos.d/epel.repo
We actually need the EPEL repo to install Fail2Ban for monitoring of attacks on certain Linux services such as SSH:
yum --enablerepo=epel install fail2ban -y cd /etc wget http://incrediblepbx.com/fail2ban-lamp.tar.gz tar zxvf fail2ban-lamp.tar.gz
Another important repository is REMI. It is especially helpful if you decide to upgrade PHP from the default version 5.3 to one of the newer releases: 5.5 or 5.6. In this case, you’ll want to activate the specific repository to support the release you choose in /etc/yum.repos.d/remi-safe.repo.
yum -y install http://rpms.famillecollet.com/enterprise/remi-release-6.rpm sed -i 's|enabled=1|enabled=0|' /etc/yum.repos.d/remi-safe.repo
One final repository to have on hand is RPMForge, now renamed RepoForge. We’ll use it in a bit to install a dynamic DNS update utility which you actually won’t need at CloudAtCost since your server is assigned a static IP address. But it’s handy to have in the event you wish to assign a free FQDN to your server anyway.
yum -y install http://incrediblepbx.com/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm sed -i 's|enabled = 1|enabled = 0|' /etc/yum.repos.d/rpmforge.repo
Country Blocking with IPSET
We’ll use the EPEL repo to install ipset, a terrific addition to the IPtables Linux firewall that lets you quickly block entire countries from accessing your server:
yum --enablerepo=epel install ipset -y
Next, we’ll add a sample script that documents how the country blocking mechanism works with ipset. For a complete list of countries that can be blocked, go here. If you need a decoder badge to match abbreviations against country names, you’ll find it here. To add other countries, simply edit the shell script and clone lines 4-7 using the names of the countries and country zone files that you wish to add. Be sure to insert the new lines before the commands to restart iptables and fail2ban. This script will need to be run each time your server reboots and before IPtables is brought on line. We’ll handle that a little later.
echo "#\\!/bin/bash" > /etc/block-china.sh echo " " >> /etc/block-china.sh echo "cd /etc" >> /etc/block-china.sh echo "ipset -N china hash:net" >> /etc/block-china.sh echo "rm cn.zone" >> /etc/block-china.sh echo "wget -P . http://www.ipdeny.com/ipblocks/data/countries/cn.zone" >> /etc/block-china.sh echo "for i in $(cat /etc/cn.zone ); do ipset -A china $i; done" >> /etc/block-china.sh echo "service iptables restart" >> /etc/block-china.sh echo "service fail2ban restart" >> /etc/block-china.sh sed -i 's|\\\\||' /etc/block-china.sh chmod +x /etc/block-china.sh
Adding a Few Handy Utilities
If you’re like us, you’ll want to test the speed of your Internet connection from time to time. Let’s install a free script that you can run at any time by logging into your server as root and issuing the command: /root/speedtest.py. Here were our results from last year. Running speedtest on a new server we built today showed a vast improvement in performance. Downloads were over ten times as fast, and upload speeds more than tripled. In fact, we now are using two CloudAtCost servers to host the old PIAF3 repositories.
cd /root wget https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py chmod +x speedtest.py
Next, let’s put in place a simple status display which will quickly tell you what’s running and what’s not. We’ve borrowed some GPL code from Incredible PBX to help you out. Run status-lamp at any time for a snapshot of your server.
cd /usr/local/sbin wget http://incrediblepbx.com/status-lamp.tar.gz tar zxvf status-lamp.tar.gz rm -f status-lamp.tar.gz sed -i 's|myip.pbxinaflash.com|myip.incrediblepbx.com|' /usr/local/sbin/status-lamp
Now we’ll put the Linux Swiss Army Knife in place. It’s called WebMin, and it provides a GUI to configure almost everything in Linux. Pick up a good WebMin book from your public library to get started. Once installed, you access WebMin from your browser at the IP address of your server on the default port of 10000: https://serverIPaddress:10000. It’s probably a good idea to change this port number and the commented out line shows how to do it with the new port being 9001 in the example. The way in which we typically configure the Linux firewall will block all access to WebMin except from an IP address which you have whitelisted, e.g. your home computer’s public IP address.
cd /root yum -y install perl perl-Net-SSLeay openssl perl-IO-Tty yum -y install http://prdownloads.sourceforge.net/webadmin/webmin-1.831-1.noarch.rpm #sed -i 's|10000|9001|g' /etc/webmin/miniserv.conf service webmin restart chkconfig webmin on
Configuring the Linux IPtables Firewall
RULE #1: DON’T BUILD SERVERS EXPOSED TO THE INTERNET WITHOUT SECURITY!
As installed by CloudAtCost, your server provides ping and SSH access from a remote computer and nothing else. The good news: it’s pretty safe. The bad news: it can’t do anything useful for anybody because all web access to the server is blocked. We want to fix that, tighten up SSH access to restrict it to your IP address, and deploy country blocking to show you how.
As we implement the firewall changes, you need to be extremely careful in your typing so that you don’t accidentally lock yourself out of your own server. A typo in an IP address is all it takes. The good news is that, if you do lock yourself out, you still can gain access via the CloudAtCost Management Portal by clicking the Console button of your virtual machine. Because the console is on the physical machine and the lo interface is whitelisted, you can log in and disable the firewall temporarily: service iptables stop
. Then fix the typo and restart the firewall: service iptables start
.
First, let’s download the new IPtables config file into your root folder and take a look at it.
cd /root wget http://incrediblepbx.com/iptables-lamp.tar.gz tar zxvf iptables-lamp.tar.gz
Now edit the /root/iptables-lamp file by issuing the command: nano -w /root/iptables-lamp
You can scroll up and down through the file with Ctl-V and Ctl-Y. Cursor keys work as well. Once you make changes, save your work: Ctl-X, Y, ENTER
. You’re now an expert with the nano text editor, an absolutely essential Linux tool.
Here’s what that file actually looks like:
*filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j DROP -A INPUT -i lo -j ACCEPT -A INPUT -p tcp ! --syn -m state --state NEW -j DROP -A INPUT -m state --state INVALID -j DROP -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A INPUT -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN -j DROP -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP -A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP -A INPUT -p tcp -m tcp --tcp-flags ACK,FIN FIN -j DROP -A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP -A INPUT -p tcp -m set --match-set china src -j DROP -A INPUT -p udp -m udp --dport 53 -j ACCEPT -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT -A INPUT -p tcp -m tcp --dport 113 -j ACCEPT -A INPUT -p udp -m udp --dport 123 -j ACCEPT -A INPUT -p tcp -m tcp --dport 123 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT #-A INPUT -s 12.34.56.78 -j ACCEPT #-A INPUT -s yourFQDN.dyndns.org -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
Reminder: If you add another country to your block-china script, don’t forget to add a corresponding new country entry to your iptables file. See line 17 above that includes the word "china" for the syntax. There’s nothing much else to tweak except the two commented out (brown) lines that begin with #. First, remove the # symbol by moving the cursor to the right of the first one and hitting the backspace/delete key on your keyboard. Replace 12.34.56.78
with the public IP address of the computer from which you will be accessing your virtual machine. If you need multiple entries for multiple computers at different addresses, clone the line by pressing Ctrl-K and then Ctrl-U twice. Yes, we know. Some folks IP addresses change from time to time. In the next section, we’ll show you how to set up a Dynamic DNS entry with a utility that will keep track of your current IP address. In this case, uncomment the second commented line and replace yourFQDN.dyndns.org
with your dynamic DNS address. Be very careful to assure that your FQDN is always on line. If the firewall cannot verify your DNS entry when it starts, the IPtables firewall will not start which means your server will be left unprotected. HINT: IP addresses are much safer because they are never verified.
Once you have your whitelisted addresses configured, comment out the port 22 line to keep the bad guys from trying to break into your server with SSH. Then save the file: Ctl-X, Y, ENTER
. Next, issue the following commands to copy everything into place and restart the firewall.
mv /etc/sysconfig/iptables /etc/sysconfig/iptables.orig cp -p /root/iptables-lamp /etc/sysconfig/iptables echo "/etc/block-china.sh" >> /etc/rc.local /etc/block-china.sh
Always, always, always check to be sure your firewall is functioning: iptables -nL
. If you don’t see your desktop computer’s public IP address near the end of the listing, then the firewall is dead. status-lamp should also show IPtables down. Check for an error message which will tell you the problematic line so you can correct it.
Implementing Dynamic DNS Service
There are a number of free and paid Dynamic DNS providers. The way this works is you choose a fully-qualified domain name (FQDN) to identify your computer. Then you run a dynamic DNS update utility periodically from that computer. It reports back the current public IP address of your computer and your provider updates the IP address assigned to your FQDN if it has changed. In addition to supporting sites with ever changing IP addresses, it also allows you to permanently assign an FQDN to your computer or server so that it can be accessed without using a cryptic IP address.
If that computer happens to be an Incredible PBX server or a LAMP server that you’ve set up using this tutorial, then the following will get the DNS client update utility loaded using the RPM Forge repository that we previously installed:
yum --enablerepo=rpmforge install ddclient -y
Similar DNS update clients are available for Windows, Mac OS X, and many residential routers. Then it’s just a matter of plugging in the credentials for your dynamic DNS provider and your FQDN. In the case of the CentOS client, the config file is /etc/ddclient/ddclient.conf
. Now reboot your server and pick up a good book on Linux to begin your adventure.
Now For Some Fun…
First, let’s check things out and make sure everything is working as it should. With your favorite web browser, visit the IP address of your new server. You should see the default Apache page:
Next, let’s be sure that PHP is working as it should. While still logged into your server as root using SSH or Putty, issue the following commands and make up some file name to replace test4567 in both lines. Be sure to keep the .php file name extension. Note to gurus: Yes, we know the second line below is unnecessary if you remove the space after the less than symbol in the first line. Unfortunately, WordPress forces the space into the display which left us no alternative.
echo "< ?php phpinfo(); ?>" > /var/www/html/test4567.php sed -i 's|< |<|' /var/www/html/test4567.php
Now jump back to your web browser and access the new page you just created using the IP address of your server and the file name you made up: http://12.34.56.78/test4567.php
The PHPinfo listing will tell you everything you ever wanted to know about your web server setup including all of the PHP functions that have been enabled. That's why you want an obscure file name for the page. You obviously don't want to share that information with every bad guy on the planet. Remember. This is a public-facing web site that anyone on the Internet can access if they know or guess your IP address.
When you're ready to set up your own web site, just name it index.php and store the file in the /var/www/html directory of your server. In the meantime, issuing the following command will assure that anyone accessing your site gets a blank page until you're ready to begin your adventure:
echo " " > /var/www/html/index.php
Ready to learn PHP programming? There's no shortage of books to get you started.
Adding WordPress to Your LAMP Server
Where to begin with WordPress? What used to be a simple platform for bloggers has morphed into an all-purpose tool that makes building virtually any type of web site child's play. If you want to see what's possible, take a look at the templates and sample sites shown on WPZOOM. Unless you're an art major and savvy web designer, this will be the best $70 you ever spent. One of these templates will have your site up and running in minutes once we put the WordPress pieces in place. For the big spenders, $149 will give you access to over 50 gorgeous templates which you can download and use to your heart's content on multiple sites. And, no, your sites don't blow up after a year. You just can't download any additional templates or updates unless you renew your subscription. The other alternative is choose from thousands of templates that are provided across the Internet as well as in the WordPress application itself.
WordPress templates run the gamut from blogs to newsletters to photographer sites to e-commerce to business portfolios to video to travel to magazines to newspapers to education to food to recipes to restaurants and more. Whew! There literally is nothing you can't put together in minutes using a WordPress template. But, before you can begin, we need to get WordPress installed on your server. This is optional, of course. And, if you follow along and add WordPress, we've set it up in such a way that WordPress becomes the primary application for your site. Stated differently, when people use a browser to access your site, your WordPress template will immediately display. When we finish the basic WordPress setup and once you upload an image or two, you'll have a site that looks something like this:
Before you begin, we strongly recommend that you acquire a domain for your site if you plan to use it for anything but experimentation. The reason is because it can be complicated to migrate a WordPress site from one location to another.1 Once you've acquired your domain, point the domain to the IP address of your new server. With a dirt cheap registrar such as Omnis.com, it's easy:
Now let's get started. To begin, we need to load the WordPress application onto your server:
cd /root mkdir wordpress cd wordpress wget http://wordpress.org/latest.tar.gz tar -xvzf latest.tar.gz -C /var/www/html
Next, we'll configure MySQL to support WordPress. We're assuming that you have NOT already created root passwords for MySQL. If you have, you'll need to add -pYourPassword to the various commands below immediately after root. There is no space between -p and your root password. Also edit the first line and make up a new password (replacing XYZ below) for the wordpress user account that will manage WordPress on your server before you cut and paste the code:
mysql -u root -e 'CREATE USER wordpress@localhost IDENTIFIED BY "XYZ";' mysql -u root -e 'CREATE DATABASE wordpress;' mysql -u root -e 'GRANT ALL ON wordpress.* TO wordpress@localhost;' mysql -u root -e 'FLUSH PRIVILEGES;'
Next, we need to configure WordPress with your new MySQL credentials. Before you cut and paste, replace XYZ in the fourth line with the password you assigned in the preceding MySQL step:
cp /var/www/html/wordpress/wp-config-sample.php /var/www/html/wordpress/wp-config.php sed -i 's|database_name_here|wordpress|' /var/www/html/wordpress/wp-config.php sed -i 's|username_here|wordpress|' /var/www/html/wordpress/wp-config.php sed -i 's|password_here|XYZ|' /var/www/html/wordpress/wp-config.php chown -R apache:apache /var/www/html/wordpress
Before you forget, take a moment and create a very secure password for your MySQL root user accounts. Here are the commands. Just replace new-password with your new password before you cut and paste. Note that you also will be prompted for this password when you execute the second command because you will now have a root user password in place from executing the first command.
/usr/bin/mysqladmin -u root password 'new-password' /usr/bin/mysqladmin -u root -p -h localhost.localdomain password 'new-password'
Finally, we need to modify your Apache web server to support WordPress as the primary application. Be sure to enter your actual email address in the third line before you cut and paste the code below:
echo " " >> /etc/httpd/conf/httpd.conf echo "" >> /etc/httpd/conf/httpd.conf echo 'ServerAdmin somebody@somedomain.com' >> /etc/httpd/conf/httpd.conf echo "DocumentRoot /var/www/html/wordpress" >> /etc/httpd/conf/httpd.conf echo "ServerName wordpress" >> /etc/httpd/conf/httpd.conf echo "ErrorLog /var/log/httpd/wordpress-error-log" >> /etc/httpd/conf/httpd.conf echo "CustomLog /var/log/httpd/wordpress-acces-log common" >> /etc/httpd/conf/httpd.conf echo " " >> /etc/httpd/conf/httpd.conf echo " " >> /etc/httpd/conf/httpd.conf service httpd restart
That should do it. Open a browser and navigate to the IP address of your server. You should be greeted with the following form. Fill in the blanks as desired. The account you're setting up will be the credentials you use to add and modify content on your WordPress site when you click Log In (as shown above). Make the username obscure and the password even more so. Remember, it's a public web site accessible worldwide! When you click Install WordPress, you'll be off to the races.
After your server whirs away for a minute or two, you will be greeted with the WordPress login prompt. With the username and password you entered above, you'll be ready to start configuring your WordPress site.
Once you're logged in, navigate to Appearance -> Themes and click Add New Theme. There's you will find literally hundreds of free WordPress templates that can be installed in a matter of seconds if WPZOOM is too rich for your blood. For a terrific all-purpose (free) theme, try Atahualpa. We'll leave our actual demo site running for a bit in case you want to explore and check out its performance. Installing and configuring the new theme took less than a minute:
A Final Word to the Wise. WordPress is relatively secure but new vulnerabilities are discovered regularly. Keep your templates, plug-ins, AND the WordPress application up to date at all times! The WordFence plug-in is a must-have. And we strongly recommend adding the following lines to your WordPress config file which then will let WordPress update everything automatically. Microsoft has given automatic updates a bad name, but in the case of WordPress, they work well.
echo "define('WP_AUTO_UPDATE_CORE', true);" >> /var/www/html/wordpress/wp-config.php echo "add_filter( 'auto_update_plugin', '__return_true' );" >> /var/www/html/wordpress/wp-config.php echo "add_filter( 'auto_update_theme', '__return_true' );" >> /var/www/html/wordpress/wp-config.php
Building a 3CX Server in the Cloud
Now we're ready for our second cloud project. In less than 10 minutes, we're going to build a free 3CX commercial PBX using the remaining Cloud resources from our $35 purchase. To create your second virtual machine, click on the CLOUDPRO button in the CloudAtCost control panel and then click Add New Server. Choose 1 CPU, 512MB RAM, and 10GB storage for your second server. Choose Debian 8 64bit as the OS Type and click Complete.
Obtain a free license key for 3CX. Next, log in to your new Debian server as root using SSH or Putty and issue these commands. We'll begin by changing your root password.
NOTE: What appears as the fourth line below needs to be added to line #3!
passwd wget -O- http://downloads.3cx.com/downloads/3cxpbx/public.key | apt-key add - echo "deb http://downloads.3cx.com/downloads/3cxpbx/ /" | tee /etc/apt/sources.list.d/3cxpbx.list apt-get update rm -f /zang-debian.sh apt-get -y install 3cxpbx apt-get -y install sendmail sendmail-bin
When the initial setup finishes, choose the Web Interface Wizard and complete the install using your favorite web browser. Enter your 3CX license key when prompted. Make up a very secure Username and Password to access your 3CX portal. Specify that your IP address is Dynamic when prompted (even though it isn't). This tells 3CX to generate an FQDN for your server. Accept the default ports for HTTP (5000) and HTTPS (5001) access to your server. We recommend choosing 4-digit extensions numbers so you'll be ready for next week's project interconnecting your 3CX server to a Raspberry Pi for the best of both worlds. While logged into the 3CX management portal, adjust Settings → Email to Mail Server → 127.0.0.1 and Reply to → noreply@YourActual3CX-FQDN. Leave the other settings blank and click TEST then OK. Set up a SIP trunk with inbound and outbound call routes. Now download your favorite 3CX smartphone client, send yourself the Welcome Email for your default extension, and start calling. It really doesn't get much easier in the VoIP World. Come join the PIAF Forum if you need a helping hand!
Free Calling in the U.S. and Canada with PIAF5. We know our more frugal U.S. residents are wondering if there's a way to make free calls even with 3CX. You didn't really think there would be a release of PBX in a Flash without Google Voice support, did you? It's easy using the Simonics SIP to Google Voice gateway service. Setup time is about a minute, and the one-time cost is $4.99 using this Nerd Vittles link. Setup instructions for the 3CX side are straight-forward as well, and we've documented the procedure on the PIAF Forum.
Free Calling Worldwide with SIP URIs. There's another free calling option as well. PIAF5 and 3CX support worldwide SIP URI calling at no cost. As part of the PIAF5 install procedure, 3CX registers an FQDN for you with one of the 3CX domains if you indicate that your server has a dynamic IP address. Unless you really know what you're doing with DNS, it's a good idea to tell 3CX you have a dynamic IP address whether you do or not. Here's why. Once you have an assigned FQDN in the 3CX universe, one very slick feature is the ease with which you can publish a SIP URI address for any or all of your 3CX extensions thereby allowing PIAF5 users to receive calls from any SIP client worldwide at no cost. Setup takes less than a minute. It's as easy as 1-2-3. Here's how:
1. Login to the 3CX GUI and go to Settings → Network → FQDN. Tick "Allow calls from/to external SIP URIs" and make note of your FQDN, e.g. mypiaf5server.3cx.us. Click OK.
2. For an extension to enable (e.g. 001), go to Extensions → Edit 001 → Options → SIP ID and create any desired SIP URI alias for this extension, e.g. billybob. Click OK.
3. Anyone with a SIP client anywhere worldwide can now call extension 001 using SIP URI: billybob@mypiaf5server.3cx.us.
Special Thanks: Our special tip of the hat goes to a few web sites that we found helpful in putting this article together especially Unixmen and Matt Wilcox & friends and Programming-Review.
Originally published: Tuesday, February 28, 2017
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest...
- Should you ever have to migrate your WordPress site from one domain to another, here are two helpful tools to consider: the Automatic Domain Name Changer Plugin and our favorite: WordPress-Domain-Changer. [↩]
It’s All About Choices: Incredible PBX ISO Now Available in the Vultr VPS Cloud
[iframe-popup id="5″]
We’ve heard you. Many prefer the ease of installation offered by the Incredible PBX ISO. Unfortunately, until now, it wasn’t available if you wanted a do-it-yourself Cloud Solution other than, of course, using a turnkey Incredible PBX server at RentPBX. Well, now you have a choice. A great new VPS provider, Vultr, now gives you the option of using your own ISO when you deploy Cloud servers on their worldwide platforms. It’s not 100% intuitive just yet, but Vultr will get there. In the meantime, we’ll walk you through the procedure if you’d like to try it yourself. The good news is Incredible PBX can run on a $5/month Vultr server with 768MB of RAM plus a 768MB cache and a 15GB SSD plus 1TB of monthly bandwidth. And you can build your server in less than 30 minutes.
Getting Started with VULTR
Before you can set up virtual machines at VULTR, you’ll obviously need an account. Help Nerd Vittles keep the lights on by using our referral link. It doesn’t cost you a nickel extra. In fact,for a limited time, you get a $20 credit to try out the service when you sign up using our link above.
Once you’ve set up your account and logged in, the first step is to upload the Incredible PBX ISO so that you can use it to build cloud-based servers:
(1) Click on the Servers link in the left column.
(2) Click the ISO tab.
(3) Click the Add ISO button and use the following Incredible PBX ISO link to upload the ISO to VULTR:
http://sourceforge.net/projects/pbxinaflash/files/IncrediblePBX13.2.iso
(4) Once the ISO has been uploaded, it will display in your ISO uploads listing as shown above.
Building an Incredible PBX Server at VULTR
Now you have two ways to build Incredible PBX servers at VULTR. You can do it the traditional way by starting with a 64-bit CentOS 6.7 image and running the installer. Or you can use your new Incredible PBX ISO which we’ve preloaded into your VULTR account. Let’s do it the new way just to document the procedure.
Start by clicking on the Servers link in the left column. Then click + Deploy New Server button.
(1) Choose a Server Location from the list of choices shown above. For PBXs it’s always good to choose a location that’s near to both your VoIP hosting provider(s) and your actual phones where possible.
(2) For Server Type, click on the Custom ISO tab as shown above and select IncrediblePBX13.2.iso.
(3) For Server Size, choose the platform that meets your needs. You can always start small, take a snapshot of your server, and rebuild with a larger platform down the road if your requirements change.
(4) Choose any Additional Features and HostName desired. Then click the Deploy Now button.
(5) Click the Servers link to monitor the progress in building your virtual machine.
Installing Incredible PBX at VULTR from the ISO
Once your virtual machine Status changes from Installing to Running, (1) write down the IP address of your new server and click Restart button. (2) Click Manage. (3) Click View Console. Choose the type of Incredible PBX install you prefer and follow the prompts to enter your root password and time zone. When the operating system phase of the install finishes, your virtual machine will reboot. While this phase is underway, you’ll need to get prepared to disable the ISO during the reboot. You don’t want to inadvertently start the install all over again!
While the Phase I install is underway, click Server Details in your browser. Then choose (1) Settings, (2) Custom ISO, and (3) click Remove ISO. WAIT at the Are You Sure prompt until the reboot begins in the Console Window. Then click YES in your browser and also close the Console window.
Now use SSH or Putty to login to your new server as root at the IP address you wrote down above. Once logged in, run the Incredible PBX installer to begin Phase 2 of the install: ./IncrediblePBX13-12R.sh. Choose the type passwords you wish to use for Google Voice, and the install will begin. In order to bring your server up to current specs, it will reboot once more after a few minutes. Then you’ll need to kick off the install once again: ./IncrediblePBX13-12R.sh. Choose the type passwords you wish to use for Google Voice, and the install will finish without further interruption. When the install finishes, the server will reboot to bring Asterisk and your firewall on line.
Login to your server as root one more time to get the latest Incredible PBX updates and set up your passwords and verify your time zone. Then you’ll be ready to handle future server admin using your browser:
Make your root password very secure: passwd Create admin password for GUI access: /root/admin-pw-change Create admin password for web apps: htpasswd /etc/pbx/wwwpasswd admin Set your correct time zone: /root/timezone-setup Make a copy of your Knock codes: cat /root/knock.FAQ Review current info about your server: status
If you want to add fax support to your PBX, we’ve got one more installer to run, and you’ll be all set. Just run the following command and press the ENTER key each time you are prompted for input (about 21 times):
cd /root ./incrediblefax11.sh
Success!
It’s a GUI, GUI World Out There
Most management of Incredible PBX will be handled using your favorite browser and one of two GUIs: the Kennonsoft menu which appears when you access the IP address of your server using a browser AND the Incredible GUI which is available on the Admin page of the Kennonsoft menu.
Choose Incredible GUI Administration from the Admin menu of the Kennonsoft GUI (shown above) by clicking on User to switch. The default username is admin and the password is what you set in the preceding step. Now edit extension 701 so you can decipher or change the randomized passwords that was assigned to the 701 extension and its voicemail account: Applications -> Extensions -> 701.
Setting Up a Soft Phone to Use with Incredible PBX
Now you’re ready to set up a telephone so that you can play with Incredible PBX. We recommend YateClient which is free. Download it from here. Run YateClient once you’ve installed it and enter the credentials for the 701 extension on Incredible PBX. You’ll need the IP address of your server plus your extension
701 password. Choose Settings -> Accounts and click the New button. Fill in the blanks using the IP address of your server, 701 for your account name, and whatever password you created for the extension. Click OK.
Once you are registered to extension 701, close the Account window. Then click on YATE’s Telephony Tab and place some test calls to the numerous apps that are preconfigured on Incredible PBX. Dial a few of these to get started:
DEMO - Allison's IVR Demo
947 - Weather by ZIP Code
951 - Yahoo News
*61 - Time of Day
*68 - Wakeup Call
TODAY - Today in History
Now you’re ready to connect to the telephones in the rest of the world. If you live in the U.S., the easiest way (at least for now) is to set up a free Google Voice account. Google has threatened to shut this down but as this is written, it still works. An update supporting Google Voice OAUTH 2 authentication is available here with a complete tutorial. Just start at step #1b. A better long-term solution is to choose several SIP providers and set up redundant trunks for your incoming and outbound calls. The PIAF Forum includes dozens of recommendations to get you started. You’ll also find an incredible deal from our platinum sponsor, Vitelity, at the end of this article.
Configuring Google Voice
If you want to use Google Voice, you’ll need a dedicated Google Voice account to support Incredible PBX. If you want to use the inbound fax capabilities of Incredible Fax, then you’ll need an additional Google Voice line that can be routed to the FAX custom destination using the GUI. The more obscure the username (with some embedded numbers), the better off you will be. This will keep folks from bombarding you with unsolicited Gtalk chat messages, and who knows what nefarious scheme will be discovered using Google messaging six months from now. So keep this account a secret!
We’ve tested this extensively using an existing Gmail account, and inbound calling is just not reliable. The reason seems to be that Google always chooses Gmail chat as the inbound call destination if there are multiple registrations from the same IP address. So, be reasonable. Do it our way! Set up a dedicated Gmail and Google Voice account, and use it exclusively with Incredible PBX. It’s free at least through 2013. Google Voice no longer is by invitation only so, if you’re in the U.S. or have a friend that is, head over to the Google Voice site and register.
You must choose a telephone number (aka DID) for your new account, or Google Voice calling will not work… in either direction. Google used to permit outbound Gtalk calls using a fake CallerID, but that obviously led to abuse so it’s over! You also have to tie your Google Voice account to at least one working phone number as part of the initial setup process. Your cellphone number will work just fine. Don’t skip this step either. Just enter the provided 2-digit confirmation code when you tell Google to place the test call to the phone number you entered. Once the number is registered, you can disable it if you’d like in Settings, Voice Setting, Phones. But…
IMPORTANT: Be sure to enable the Google Chat option as one of your phone destinations in Settings, Voice Setting, Phones. That’s the destination we need for The Incredible PBX to work its magic! Otherwise, all inbound and outbound calls will fail. If you don’t see this option, you may need to call up Gmail and enable Google Chat there first. Then go back to the Google Voice Settings.
While you’re still in Google Voice Settings, click on the Calls tab. Make sure your settings match these:
- Call Screening – OFF
- Call Presentation – OFF
- Caller ID (In) – Display Caller’s Number
- Caller ID (Out) – Don’t Change Anything
- Do Not Disturb – OFF
- Call Options (Enable Recording) – OFF
- Global Spam Filtering – ON
Click Save Changes once you adjust your settings. Under the Voicemail tab, plug in your email address so you get notified of new voicemails. Down the road, receipt of a Google Voice voicemail will be a big hint that something has come unglued on your PBX.
One final word of caution is in order regardless of your choice of providers: Do NOT use special characters in any provider passwords, or nothing will work!
Now you’re ready to set up your Google Voice trunk in the GUI. After logging in with your browser, click the Connectivity tab and choose Google Voice/Motif. To Add a new Google Voice account, just fill out the form. Do NOT check the third box or incoming calls will never ring!
IMPORTANT LAST STEP: Google Voice will not work unless you restart Asterisk from the Linux command line at this juncture. Using SSH, log into your server as root and issue the following command: amportal restart.
If you have trouble getting Google Voice to work (especially if you have previously used your Google Voice account from a different IP address), try this Google Voice Reset Procedure. It usually fixes connectivity problems. If it still doesn’t work, enable Less Secure Apps using this Google tool.
Troubleshooting Audio and DTMF Problems
You can avoid one-way audio on calls and touchtones that don’t work with these simple settings in the GUI: Settings -> Asterisk SIP Settings. Just plug in your public IP address and your private IP subnet. Then set ULAW as the only Audio Codec.
A Few Words about the Incredible PBX Security Model for CentOS
Incredible PBX for CentOS joins our previous Ubuntu build as our most secure turnkey PBX implementation. As configured, it is protected by both Fail2Ban and a hardened configuration of the IPtables Linux firewall. The latest release also includes Port Knocker for simple, secure access from any remote computer or smartphone. You can get up to speed on how the technology works by reading the Nerd Vittles tutorial. Your Port Knocker credentials are stored in /root/knock.FAQ together with activation instructions for your server and mobile devices. The NeoRouter VPN client also is included for rock-solid, secure connectivity to remote users. Read our previous tutorial for setup instructions. As configured, nobody can access your PBX without your credentials AND an IP address that is either on your private network or that matches the IP address of your server or the PC from which you installed Incredible PBX. You can whitelist additional IP addresses by running the command-line utility /root/add-ip. You can remove whitelisted IP addresses by running /root/del-acct. Incredible PBX is preconfigured to let you connect to many of the leading SIP hosting providers without additional firewall tweaking. We always recommend you also add an extra layer of protection by running your server behind a hardware-based firewall with no Internet port exposure, but that’s your call. And it’s your phone bill. 😉
The IPtables firewall is a complex piece of software. If you need assistance with configuring it, visit the PIAF Forum for some friendly assistance.
Incredible Backup and Restore
We’re also pleased to offer our latest backup and restore utilities for Incredible PBX. Running /root/incrediblebackup will create a backup image of your server in /tmp. This backup image then can be copied to any other medium desired for storage. To restore it to another Incredible PBX server, simply copy the image to a server running Asterisk 13 and the same version of the Incredible PBX GUI. Then run /root/incrediblerestore. Doesn’t get much simpler than that.
Incredible PBX Automatic Update Utility
Every time you log into your server as root, Incredible PBX will ping the IncrediblePBX.com web site to determine whether one or more updates are available to bring your server up to current specs. We recommend you log in at least once a week just in case some new security vulnerability should come along.
In the meantime, we encourage you to sign up for an account on the PIAF Forum and join the discussion. In addition to providing first-class, free support, we think you’ll enjoy the camaraderie.
Incredible PBX Application User’s Guide
And now would be a great time to learn about the dozens of Incredible PBX applications. Enjoy!
Originally published: Tuesday, July 12, 2016
9 Countries Have Never Visited Nerd Vittles. Got a Friend in Any of Them https://t.co/wMfmlhiQ9y #asterisk #freepbx pic.twitter.com/TPFGZbqWB6
— Ward Mundy (@NerdUno) April 22, 2016
Need help with Asterisk? Visit the PBX in a Flash Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
Some Recent Nerd Vittles Articles of Interest…