#!/bin/bash # Script de instalación automatizada de FreePBX 17 en Ubuntu 24.04 LTS # Autor: Kimi Code CLI # Fecha: 2026-04-29 # Empresas: horux360.com, consultoria-as.com, nexus.consultoria-as.com set -e # ============================================ # CONFIGURACIÓN # ============================================ DB_ROOT_PASS="${DB_ROOT_PASS:-FreePBXRoot2026!}" DB_USER="${DB_USER:-asteriskuser}" DB_PASS="${DB_PASS:-AsteriskDB2026!}" ADMIN_USER="${ADMIN_USER:-admin}" ADMIN_PASS="${ADMIN_PASS:-FreePBX2026!}" AMI_USER="${AMI_USER:-odoo}" AMI_PASS="${AMI_PASS:-OdooAMI2026!}" TIMEZONE="${TIMEZONE:-America/Mexico_City}" SERVER_IP="$(hostname -I | awk '{print $1}')" echo "================================================" echo "Instalación FreePBX 17 en Ubuntu 24.04" echo "IP Detectada: $SERVER_IP" echo "================================================" # ============================================ # 1. ACTUALIZACIÓN E INSTALACIÓN DE DEPENDENCIAS # ============================================ echo "[1/9] Instalando dependencias del sistema..." export DEBIAN_FRONTEND=noninteractive apt-get update apt-get install -y \ git curl wget vim nano sudo \ apache2 mariadb-server mariadb-client \ php8.3 php8.3-cli php8.3-common php8.3-curl php8.3-gd php8.3-mbstring \ php8.3-mysql php8.3-xml php8.3-bcmath php8.3-zip php8.3-intl \ php8.3-sqlite3 php8.3-opcache php8.3-readline php8.3-soap php8.3-xmlrpc \ libapache2-mod-php8.3 \ sox libncurses5-dev libssl-dev libmysqlclient-dev libxml2-dev libnewt-dev \ libsqlite3-dev libjansson-dev libasound2-dev libogg-dev libvorbis-dev \ libcurl4-openssl-dev libical-dev libneon27-dev libsrtp2-dev libspandsp-dev \ libtool libtool-bin libbsd-dev libcorosync-common-dev libcpg-dev libedit-dev \ libgmime-3.0-dev libunbound-dev libldap2-dev libpq-dev lua5.2 liblua5.2-dev \ liburiparser-dev libspeex-dev libspeexdsp-dev libcodec2-dev libiksemel-dev \ libresample1-dev unixodbc-dev subversion build-essential ffmpeg mpg123 \ cron postfix flite fail2ban nodejs npm odbc-mariadb ufw # ============================================ # 2. CONFIGURACIÓN DE MARIADB # ============================================ echo "[2/9] Configurando MariaDB..." systemctl enable mariadb systemctl start mariadb mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '$DB_ROOT_PASS';" mysql -e "CREATE DATABASE IF NOT EXISTS asterisk CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE DATABASE IF NOT EXISTS asteriskcdrdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" mysql -e "CREATE USER IF NOT EXISTS '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';" mysql -e "GRANT ALL PRIVILEGES ON asterisk.* TO '$DB_USER'@'localhost';" mysql -e "GRANT ALL PRIVILEGES ON asteriskcdrdb.* TO '$DB_USER'@'localhost';" mysql -e "FLUSH PRIVILEGES;" # ============================================ # 3. CONFIGURACIÓN PHP Y APACHE # ============================================ echo "[3/9] Configurando PHP y Apache..." for ini in /etc/php/8.3/cli/php.ini /etc/php/8.3/apache2/php.ini; do sed -i "s/^memory_limit = .*/memory_limit = 256M/" "$ini" sed -i "s/^max_execution_time = .*/max_execution_time = 300/" "$ini" sed -i "s/^max_input_vars = .*/max_input_vars = 3000/" "$ini" sed -i "s/^upload_max_filesize = .*/upload_max_filesize = 64M/" "$ini" sed -i "s/^post_max_size = .*/post_max_size = 64M/" "$ini" sed -i "s|^;date.timezone =.*|date.timezone = $TIMEZONE|" "$ini" sed -i "s|^date.timezone =.*|date.timezone = $TIMEZONE|" "$ini" done a2enmod rewrite headers ssl cat > /etc/apache2/sites-available/freepbx.conf << EOF ServerAdmin webmaster@localhost DocumentRoot /var/www/html Options Indexes FollowSymLinks AllowOverride All Require all granted ErrorLog \${APACHE_LOG_DIR}/freepbx-error.log CustomLog \${APACHE_LOG_DIR}/freepbx-access.log combined EOF a2ensite freepbx a2dissite 000-default 2>/dev/null || true # Cambiar Apache para correr como asterisk sed -i 's/^export APACHE_RUN_USER=.*/export APACHE_RUN_USER=asterisk/' /etc/apache2/envvars sed -i 's/^export APACHE_RUN_GROUP=.*/export APACHE_RUN_GROUP=asterisk/' /etc/apache2/envvars systemctl enable apache2 systemctl restart apache2 # ============================================ # 4. CONFIGURACIÓN FIREWALL # ============================================ echo "[4/9] Configurando Firewall..." ufw default deny incoming ufw default allow outgoing ufw allow 22/tcp ufw allow 80/tcp ufw allow 443/tcp ufw allow 5060/tcp ufw allow 5060/udp ufw allow 5061/tcp ufw allow 5061/udp ufw allow 10000:20000/udp ufw allow 8088/tcp ufw allow 8089/tcp ufw allow 5038/tcp ufw --force enable # ============================================ # 5. COMPILAR E INSTALAR ASTERISK 21 # ============================================ echo "[5/9] Descargando y compilando Asterisk 21..." useradd -m -s /bin/bash asterisk 2>/dev/null || true usermod -aG audio,dialout asterisk mkdir -p /usr/src/asterisk cd /usr/src/asterisk curl -fsSL http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-21-current.tar.gz -o asterisk-21.tar.gz tar -xzf asterisk-21.tar.gz --strip-components=1 ./configure --with-pjproject-bundled --with-jansson-bundled --prefix=/usr --libdir=/usr/lib/x86_64-linux-gnu --with-crypto --with-ssl=ssl --with-srtp make -j$(nproc) make install make samples make config ldconfig # Instalar sonidos cd /usr/src/asterisk mkdir -p sounds cd sounds curl -fsSL http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-wav-current.tar.gz -o core-en.tar.gz curl -fsSL http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-wav-current.tar.gz -o extra-en.tar.gz curl -fsSL http://downloads.asterisk.org/pub/telephony/sounds/asterisk-moh-opsound-wav-current.tar.gz -o moh.tar.gz tar -xzf core-en.tar.gz -C /var/lib/asterisk/sounds tar -xzf extra-en.tar.gz -C /var/lib/asterisk/sounds tar -xzf moh.tar.gz -C /var/lib/asterisk/moh # Permisos Asterisk chown -R asterisk:asterisk /etc/asterisk /var/spool/asterisk /var/log/asterisk /var/run/asterisk /var/lib/asterisk sed -i 's/;runuser = asterisk/runuser = asterisk/' /etc/asterisk/asterisk.conf sed -i 's/;rungroup = asterisk/rungroup = asterisk/' /etc/asterisk/asterisk.conf systemctl enable asterisk systemctl start asterisk # ============================================ # 6. INSTALAR FREEPBX 17 # ============================================ echo "[6/9] Instalando FreePBX 17..." cd /var/www/html git clone -b release/17.0 --depth 1 https://github.com/FreePBX/framework.git freepbx cd freepbx ./install --dbuser "$DB_USER" --dbpass "$DB_PASS" --user asterisk --group asterisk --webroot /var/www/html # Mover contenido al webroot cd /var/www/html mv freepbx/* . 2>/dev/null || true mv freepbx/.* . 2>/dev/null || true rm -rf freepbx chown -R asterisk:asterisk /var/www/html # ============================================ # 7. INSTALAR MÓDULOS ESENCIALES # ============================================ echo "[7/9] Instalando módulos de FreePBX..." fwconsole ma downloadinstall core dashboard sipsettings voicemail recordings cdr cel ivr callrecording music backup ucp webrtc queues 2>/dev/null || true fwconsole reload # ============================================ # 8. CONFIGURACIÓN POST-INSTALACIÓN # ============================================ echo "[8/9] Configurando sistema post-instalación..." # Crear usuario admin en base de datos HASH=$(php -r "echo password_hash('$ADMIN_PASS', PASSWORD_BCRYPT);") mysql -u "$DB_USER" -p"$DB_PASS" asterisk -e " INSERT INTO userman_users (auth, authid, username, description, password, default_extension, primary_group, fname, lname, displayname, email) VALUES ('freepbx', '1', '$ADMIN_USER', 'System Administrator', '$HASH', 'none', 1, 'Admin', 'User', 'Administrator', 'admin@consultoria-as.com') ON DUPLICATE KEY UPDATE password='$HASH'; " # Configurar SIP Settings mysql -u "$DB_USER" -p"$DB_PASS" asterisk -e " INSERT INTO sipsettings (keyword, seq, type, data) VALUES ('bindaddr', 0, 0, '0.0.0.0'), ('bindport', 1, 0, '5060'), ('rtpstart', 2, 0, '10000'), ('rtpend', 3, 0, '20000'), ('tcpenable', 4, 0, 'no'), ('udpbindport', 5, 0, '5060') ON DUPLICATE KEY UPDATE data=VALUES(data); " # Configurar ODBC para CDR cat > /etc/odbc.ini << EOF [asteriskcdrdb] Description=MySQL connection to asteriskcdrdb database Driver=MariaDB Unicode SERVER=localhost PORT=3306 DATABASE=asteriskcdrdb OPTION=3 CHARSET=utf8 [MySQL-asteriskcdrdb] Description=MySQL connection to asteriskcdrdb database Driver=MariaDB Unicode SERVER=localhost PORT=3306 DATABASE=asteriskcdrdb OPTION=3 CHARSET=utf8 EOF # Crear usuario AMI para Odoo cat >> /etc/asterisk/manager.conf << EOF [$AMI_USER] secret = $AMI_PASS deny = 0.0.0.0/0.0.0.0 permit = 192.168.10.0/255.255.255.0 read = system,call,log,verbose,command,agent,user,config,command,dtmf,reporting,cdr,dialplan write = system,call,log,verbose,command,agent,user,config,command,dtmf,reporting,cdr,dialplan writetimeout = 5000 EOF # Configurar Fail2Ban cat > /etc/fail2ban/jail.local << EOF [DEFAULT] bantime = 3600 findtime = 600 maxretry = 5 backend = auto [sshd] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log [asterisk] enabled = true port = 5060,5061 filter = asterisk logpath = /var/log/asterisk/full maxretry = 5 [apache-auth] enabled = true port = http,https filter = apache-auth logpath = /var/log/apache2/*error.log [apache-badbots] enabled = true port = http,https filter = apache-badbots logpath = /var/log/apache2/*error.log maxretry = 2 EOF mkdir -p /var/log/asterisk touch /var/log/asterisk/full chown -R asterisk:asterisk /var/log/asterisk systemctl enable fail2ban systemctl restart fail2ban # ============================================ # 9. RECARGAR TODO # ============================================ echo "[9/9] Recargando configuración..." fwconsole reload fwconsole restart echo "" echo "================================================" echo "INSTALACIÓN COMPLETADA" echo "================================================" echo "Panel Admin: http://$SERVER_IP/admin" echo "Usuario: $ADMIN_USER" echo "Password: $ADMIN_PASS" echo "AMI (Odoo): $AMI_USER / $AMI_PASS" echo "================================================"