Commit 3d9d2521 authored by Sylvain Berfini's avatar Sylvain Berfini 🎩

Feature/complete rework for future developments

parent 33da7b1d
Pipeline #6667 passed with stages
in 33 seconds
flexisip-account-manager/
rpmbuild/
This diff is collapsed.
......@@ -5,11 +5,10 @@ rpm:
mkdir $(OUTPUT_DIR)/flexisip-account-manager
mkdir -p $(OUTPUT_DIR)/rpmbuild/SPECS
mkdir -p $(OUTPUT_DIR)/rpmbuild/SOURCES
cp src/*.php $(OUTPUT_DIR)/flexisip-account-manager/
cp -R src/ $(OUTPUT_DIR)/flexisip-account-manager/
cp -R conf/ $(OUTPUT_DIR)/flexisip-account-manager/
cp README.md $(OUTPUT_DIR)/flexisip-account-manager/
cp src/*.conf $(OUTPUT_DIR)/flexisip-account-manager/
mkdir -p $(OUTPUT_DIR)/flexisip-account-manager/httpd
cp httpd/flexisip-account-manager.conf $(OUTPUT_DIR)/flexisip-account-manager/httpd
cp -R httpd/ $(OUTPUT_DIR)/flexisip-account-manager/
cp flexisip-account-manager.spec $(OUTPUT_DIR)/rpmbuild/SPECS/
tar cvf flexisip-account-manager.tar.gz -C $(OUTPUT_DIR) flexisip-account-manager
mv flexisip-account-manager.tar.gz $(OUTPUT_DIR)/rpmbuild/SOURCES/flexisip-account-manager.tar.gz
......
### 1. Install RPM package with dependencies
--------------------------------------------
# RPM package should install necessary dependencies automatically
# Check that the PHP version is 5.4 or higher
RPM package should install necessary dependencies automatically.
yum install flexisip-account-manager-1.0-1.0.x86_64.rpm
`yum install bc-flexisip-account-manager`
### 2. Configure Apache server
------------------------------
This package depends on `rh-php71` which will be installed in `/opt/rh/rh-php71/`.
If you don't have any other php installed on your server, use the following to be able to use php commands:
# Edit factory apache configuration file and replace the following parameters with the correct values:
# ServerName, ServerAdmin, ErrorLog, CustomLog, SSLCertificateFile, SSLCertificateKeyFile
# Copy this file to the configuration folder of the apache server with a new name
`ln -s /opt/rh/rh-php71/root/usr/bin/php /usr/bin/php`
cp /etc/flexisip-account-manager/apache.conf /etc/httpd/conf.d/flexisip-account-manager.conf
### 2. Configure Apache server
------------------------------
# If your apache server is brand new you might need to add a ServerName in httpd.conf
# Start the apache server with the root user
The RPM will create a `flexisip-account-manager.conf` file inside `/opt/rh/httpd24/root/etc/httpd/conf.d/`
systemctl start httpd
It simply contains an Alias directive, up to you to configure your virtual host correctly.
# If the httpd service doesn't start properly it might be a log folder permission issue
# Check that httpd can write logs in destination folder, if not you can use /var/log/httpd
Once you're done, reload the configuration inside httpd: `service httpd24-httpd reload`
### 3. Install and setup MySQL database
---------------------------------------
# Install the mariadb-server package and start the mariadb service
yum install mariadb-server
systemctl start mariadb
# Configure the newly installed mariadb server
# When asked for root password press Enter and create a new root password
mysql_secure_installation
# Create a database and a user with the rights to read and write
# Replace <user> and <password> in the following command
mysql -u root -p
create database flexisip;
grant all on flexisip.* to <username>@'localhost' identified by '<password>';
flush privileges;
exit
For the account manager to work, you need a mysql database with a user that has read/write access.
### 4. Configure XMLRPC server
------------------------------
# The RPM package has installed XMLRPC configuration files in /etc/flexisip-account-manager/
# Edit these files with the correct values
The RPM package has installed the configuration files in `/etc/flexisip-account-manager/`
vim /etc/flexisip-account-manager/xmlrpc.conf
vim /etc/flexisip-account-manager/internationalization.conf
Each file name should be explicit on which settings it contains. If you have any doubt, leave the default value.
At least you MUST edit the following file and fill the values you used in previous step:
# Create the necessary tables in the database using our script
`nano /etc/flexisip-account-manager/db.conf`
cd /opt/belledonne-communications/share/flexisip-account-manager
php xmlrpc.php create_tables
php xmlrpc.php create_algo_table
Now you can create the necessary tables in the database using our script:
# For remote provisioning create a default.rc file on /opt/belledonne-communications/ and set the values you want
# Client side, set the provisioning uri to the same host but to provisioning.php instead of xmlrpc.php
`php /opt/belledonne-communications/share/flexisip-account-manager/tools/create_tables.php`
### 5. Miscellaneous
--------------------
### 5. Install OVH SMS gateway dependency (optionnal)
# To install OVH SMS PHP API create composer.json in /opt/belledonne-communications/
To install OVH SMS PHP API create a `composer.json` file in `/opt/belledonne-communications/`:
echo '{ "name": "XMLRPC SMS API", "description": "XMLRPC SMS API", "require": { "ovh/php-ovh-sms": "dev-master" } }' > /var/www/html/composer.json
`echo '{ "name": "XMLRPC SMS API", "description": "XMLRPC SMS API", "require": { "ovh/php-ovh-sms": "dev-master" } }' > /opt/belledonne-communications/share/flexisip-account-manager/composer.json`
# Then execute the following command
Then download and install [composer](https://getcomposer.org/download/).
cd /opt/belledonne-communications && composer install
Finally start composer:
# If you have not installed an OVH SMS API you might need to comment out the following lines in xmlrpc-sms.php
`cd /opt/belledonne-communications/share/flexisip-account-manager/ && composer install`
require __DIR__ . '/vendor/autoload.php';
use \Ovh\Sms\SmsApi;
### 6. Miscellaneous
--------------------
# if SELinux forbids mail sending you can try this command
- For remote provisioning create a `default.rc` file in `/opt/belledonne-communications/` and set the values you want
client side, set the provisioning uri to the same host but to `provisioning.php` instead of `xmlrpc.php`.
setsebool -P httpd_can_sendmail=1
- If SELinux forbids mail sending you can try this command:
`setsebool -P httpd_can_sendmail=1`
# On CentOS firewalld might be running:
firewall-cmd --state
- On CentOS firewalld might be running:
`firewall-cmd --state`
# If it is running you can add a rule to allow https traffic
firewall-cmd --zone public --permanent --add-port=444/tcp && firewall-cmd --reload
- If it is running you can add a rule to allow https traffic:
`firewall-cmd --zone public --permanent --add-port=444/tcp && firewall-cmd --reload`
# If you use the standard https port (443) or http (80) the following command might be better
firewall-cmd --zone public --permanent --add-service={http,https} && firewall-cmd --reload
- If you use the standard https port (443) or http (80) the following command might be better:
`firewall-cmd --zone public --permanent --add-service={http,https} && firewall-cmd --reload`
# Also it can listen on IPv6 only
# To fix that, edit the ssl.conf in /etc/httpd/conf.d/ dir and add/set: Listen 0.0.0.0:444 https
- Also it can listen on IPv6 only.
To fix that, edit `/opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf` and add/set: `Listen 0.0.0.0:444 https`
<?php
/*
* The SIP domain to use to hash passwords.
*
* Default value: sip.example.org
*/
define("SIP_DOMAIN", "sip.example.org");
/*
* If true, when account is created, the password will be generated automatically (see below).
* Otherwise it has to be given as the last parameter of the create_account method call.
*
* Default value: False
*/
define("GENERATE_PASSWORD_ENABLED", False);
/*
* A string with each character allowed in the password generation.
*
* Default value: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789``-=~!@#$%^&*()_+,./<>?;:[]{}\|
*/
define("GENERATED_PASSWORD_CHARACTERS", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789``-=~!@#$%^&*()_+,./<>?;:[]{}\|");
/*
* The length of the passwords that will be generated.
*
* Default value: 8
*/
define("GENERATED_PASSWORD_LENGTH", 8);
/*
* If set to True, a created account will automatically be activated and it's expiration date set to now + TRIAL_DURATION_DAYS,
* otherwise expiration date for trial will be set when account is activated via a different xml rpc call.
*/
define('AUTO_ACTIVATE_ACCOUNT', False);
/*
* Send an email to activate the account when it is created.
*/
define('SEND_ACTIVATION_EMAIL', True);
/*
* Send a sms to activate the phone account when it is created.
*/
define('SEND_ACTIVATION_SMS', True);
/*
* If false, creating an account with an email that is already used for another account will trigger an error
*/
define('ALLOW_SAME_EMAILS_ON_MULTILPLE_ACCOUNTS', True);
/*
* If true, when an account creation request is received for an existing number, assumes recover procedure
*/
define('RECOVER_ACCOUNT_IF_EXISTS', False);
?>
\ No newline at end of file
<?php
/* ### Authentication configuration ### */
/*
* Attempt to authenticate sensitive xmlrpc requests using DIGEST.
*
* Default value: FALSE
*/
define("USE_DIGEST_AUTH", FALSE);
/*
* The domain to use for digest auth.
*
* Default value: sip.example.org
*/
define("AUTH_REALM", "sip.example.org");
/* Authentication Nonce Key
* This value must be a random string(12 characters minimum length) specific to each server and is PRIVATE
*
* Default value : The default is empty to force using a key different for each server
*/
define("AUTH_NONCE_KEY", "");
/* Authentication Nonce Validity
* The authentication is aimed to provide a one time usage nonce, it is not strictly inforced by storing valid once, instead
* we use a short living period, the maximum validity period will be twice the minimum one, value is in seconds
*
* Default value : 10 seconds
*/
define("MIN_NONCE_VALIDITY_PERIOD", 10);
?>
\ No newline at end of file
<?php
/* ### Database configuration ### */
/*
* The host on which the database is located.
*
* Default value: localhost
*/
define("DB_HOST", "localhost");
/*
* The database username.
*
* Default value: flexisip_rw
*/
define("DB_USER", "flexisip_rw");
/*
* The database user's password.
*
* Default value:
*/
define("DB_PASSWORD", "");
/*
* The name of the database.
*
* Default value: flexisip
*/
define("DB_NAME", "flexisip");
/*
* The name of the accounts table.
*
* Default value: accounts
*/
define("ACCOUNTS_DB_TABLE", "accounts");
/*
* The name of the accounts_algo table.
*
* Default value: passwords
*/
define("ACCOUNTS_ALGO_DB_TABLE", "passwords");
/*
* The name of the aliases table.
* It is used to store links between an alias (phone number, facebook id, google email, ...) and a SIP address
*
* Default value: aliases
*/
define("ALIAS_DB_TABLE", "aliases");
/*
* The name of the devices table.
* It is used to store hardware information about devices running linphone
*
* Default value: devices
*/
define("DEVICES_DB_TABLE", "devices");
/*
* The name of the sms table.
* It is used to keep track of sent SMS
*
* Default value: sms
*/
define("SMS_DB_TABLE", "sms");
/*
* The name of the inapp table.
* It is used to store informations about in-app purchases, accounts expiration, etc...
*
* Default value: inapp_purchases
*/
define("INAPP_DB_TABLE", "inapp_purchases");
/*
* The delay in minutes before test account expiration.
* It is used to delete old test accounts from database;
*
* Default value: 180
*/
define("EXPIRATION_DELAY", 180);
?>
\ No newline at end of file
<?php
/* ### Email configuration ### */
/*
* Whever or not enable the send email feature.
* Used to send link to generate random password if user forgot it, or the newly generated email once the link has been clicked.
*
* Default value: False
*/
define("EMAIL_ENABLED", False);
/*
* The website address to display in the email header.
*
* Default value: https://linphone.org
*/
define("EMAIL_SITE", "https://linphone.org");
/*
* The link to open when click on activation
*
* Default value: www.linphone.org
*/
define("EMAIL_ACTIVATION_LINK", "www.linphone.org");
/*
* The FROM address to set in the email header.
*
* Default value: no.reply@linphone.org
*/
define("EMAIL_FROM_ADDR", "no.reply@linphone.org");
/*
* The FROM display name to set in the email header.
*
* Default value: No reply at Linphone.org
*/
define("EMAIL_FROM_NAME", "No reply at Linphone.org");
/*
* The subject of the activation account email.
*/
define("EMAIL_ACTIVATION_SUBJECT", "Start your sip.linphone.org service");
/*
* The body (as text) of the activation account email.
*/
define("EMAIL_ACTIVATION_BODY", "Hello,\nActivation pending for using your Linphone account.\nPlease use the link bellow to activate your account :\n\n%link%\n\nRegards,\nThe Linphone team.\n");
/*
* The body (as html) of the activation account email.
*/
define("EMAIL_ACTIVATION_BODY_HTML", '<html><head><title>Start your sip.linphone.org service</title></head><body><p>Hello,</p><p>Activation pending for using your Linphone account.<br />Please use the link bellow to activate your account :</p><p><a href="%link%">%link%</a></p><p>&nbsp;</p><p>Regards,<br />The Linphone team.</p></body></html>');
?>
\ No newline at end of file
<?php
/* ### Hooks configuration ### */
/*
* Set the following to TRUE to be called in the below functions
*
* Default value: FALSE
*/
define('CUSTOM_HOOKS', FALSE);
/** ### Hooks implementation */
function hook_on_account_created($account) {
}
function hook_on_account_activated($account) {
}
?>
\ No newline at end of file
<?php
/*
* If set to True, a created account will be flagged as trial with an expiration date set in TRIAL_DURATION_DAYS days in the future.
*/
define ('USE_IN_APP_PURCHASES', False);
/*
* This value determines the number of days for trial starting when the account will be activated.
*
* Default value: 365
*/
define('TRIAL_DURATION_DAYS', 365);
/* ### Apple/ioS configuration ### */
/*
* The URL to use to validate an Apple in app purchase receipts.
*
* Default value: https://buy.itunes.apple.com/verifyReceipt
*/
define("APPLE_URL", "https://buy.itunes.apple.com/verifyReceipt");
/*
* The URL to use to validate an Apple in app purchase receipts while app is in development.
*
* Default value: https://buy.itunes.apple.com/verifyReceipt
*/
define("APPLE_SANDBOX_URL", "https://sandbox.itunes.apple.com/verifyReceipt");
/*
* The shared secret for your application.
* Used to validate in app purchase receipts.
*
* Default value:
*/
define("APPLE_SECRET", "");
/* ### Google/Android configuration ### */
/*
* The package name of your Android application.
* Used to validate in app purchase receipts.
*
* Default value: org.linphone
*/
define("ANDROID_PACKAGE", "org.linphone");
/*
* The path to the public key generated by the Android Play Store.
* See the documentation to know how to get it.
*
* Default value: google.pem
*/
define("ANDROID_PUB_KEY_PATH", "google.pem");
/*
* The URL to use to get the authentication token to make calls to Google API server.
* Used to validate in app purchase receipts.
*
* Default value: https://accounts.google.com/o/oauth2/token
*/
define("GOOGLE_API_OAUTH_URL", "https://accounts.google.com/o/oauth2/token");
/*
* The project ID with the access to the Android Developer Console API
* Used to validate in app purchase receipts.
*
* Default value:
*/
define("GOOGLE_PROJECT_ID", "");
/*
* The previous project ID's password
* Used to validate in app purchase receipts.
*
* Default value:
*/
define("GOOGLE_PROJECT_PASSWORD", "");
/*
* The refresh token generated by the Google Developer server.
* See documentation to know how to get it.
* Used to validate in app purchase receipts.
*
* Default value:
*/
define("GOOGLE_PROJECT_REFRESH_TOKEN", "");
?>
\ No newline at end of file
<?php
/* ### Logs configuration ### */
/*
* Whever or not to log each function called.
* Passwords are never logged.
*
* Default value: True
*/
define("LOGS_ENABLED", True);
/*
* Whever or not to log everything in the same file.
* If false, a new log file will be created every day.
*
* Default value: True
*/
define("USE_ONE_LOG_FILE", True);
/*
* The file in which to log.
*
* Default value: "/var/opt/belledonne-communications/log/account-manager.log"
*/
define("LOG_FILE", "/var/opt/belledonne-communications/log/account-manager.log");
/*
* The dir in which to log.
*
* Default value: "/var/opt/belledonne-communications/log/account-manager.log"
*/
define("LOG_DIR", "/var/opt/belledonne-communications/log/");
?>
\ No newline at end of file
<?php
/*
* If set to True, each line will be flagged as overwrite, otherwise none of them will be flagged.
*
* Default value: False
*/
define("REMOTE_PROVISIONING_OVERWRITE_ALL", False);
?>
\ No newline at end of file
<?php
/* ### SMS API configuration ### */
/*
* Whever or not enable the send SMS feature.
* Used to verify phone number when used as SIP username.
*
* Default value: False
*/
define("SMS_API_ENABLED", False);
/*
* The application key for OVH SMS platform
*
* Default value:
*/
define("SMS_OVH_API_KEY", "");
/*
* The application secret for OVH SMS platform
*
* Default value:
*/
define("SMS_OVH_API_SECRET", "");
/*
* The consumer key for OVH SMS platform
*
* Default value:
*/
define("SMS_OVH_CONSUMER_KEY", "");
/*
* The sender alias for OVH SMS
*
* Default value: "Linphone"
*/
define("SMS_OVH_SENDER", "Linphone");
/*
* Whever or not to use a sender to send the SMS.
* When using sender you can customize the name of the sender, otherwise it will be a phone number.
* To disable for clients using our own OVH SMS account.
*
* Default value: True
*/
define("SMS_USE_SENDER", True);
/*
* The sender reason for OVH SMS
*
* Default value: "created Linphone SMS sender"
*/
define("SMS_OVH_REASON", "created Linphone SMS sender");
/*
* The sender description for OVH SMS
*
* Default value: "Linphone SMS sender"
*/
define("SMS_OVH_DESC", "Linphone SMS sender");
/*
* The template to use to send SMS to the US
* Remember to stay under 160 characters
*
* Default value: "Your Linphone validation code is #CODE#"
*/
define("SMS_OVH_US_TEMPLATE", "Your Linphone validation code is #CODE#");
/*
* The OVH endpoint
*
* Default value: ovh-eu
*/
define("SMS_OVH_ENDPOINT", "ovh-eu");
/*
* The URL at which the SMS API is available.
*
* Default value:
*/
define("SMS_API_URL", "");
/*
* The username to authenticate to the SMS API if needed.
*
* Default value:
*/
define("SMS_API_USERNAME", "");
/*
* The username's password to authenticate to the SMS API if needed.
*
* Default value:
*/
define("SMS_API_PASSWORD", "");
/*
* The period of time (in milli seconds) over which we compute the number of sent sms
*
* Default value: 86400000 (24 hours)
*/
define("SMS_TIME_PERIOD", 86400000);
/*
* The maximum number of allowed SMS to be sent over the period
* MUST BE LESS THAN 255 !
*
* Default value: 3
*/
define("SMS_COUNT_LIMIT_IN_PERIOD", 3);
/**
* Translation for OVH SMS template
* Remember to stay under 160 characters
*/
$SMS_OVH_TEMPLATE = array (
'US' => 'Your Linphone validation code is #CODE#', // This one isn't required but if present it MUST be equal to SMS_OVH_US_TEMPLATE
'FR' => 'Votre code de validation Linphone est #CODE#',
);
?>
\ No newline at end of file
<?php
/* ### Tests configuration ### */
/*
* If true, more features are available for test purposes
*
* Default value: False
*/
define('ALLOW_TEST_ACCOUNTS', False);
/*
* Prefix used only by tests account to enable/disable some features
*
* Default value: "+1000555"
*/
define("TESTS_PHONE_PREFIX", "+1000555");
/*
* Prefix used only by tests account to enable/disable some features
*
* Default value: "XXXTEST"
*/
define("TESTS_LOGIN_PREFIX", "xxxtest");
?>
\ No newline at end of file
......@@ -8,13 +8,13 @@
#%define _datadir %{_datarootdir}
#%define _docdir %{_datadir}/doc
%define build_number 2
%define build_number 3
#%if %{build_number}
#%define build_number_ext -%{build_number}
#%endif
Name: bc-flexisip-account-manager
Version: 1.0.2
Version: 1.1.0
Release: %{build_number}%{?dist}
Summary: SIP account management xml-rpc server, for use with flexisip server suite.
......@@ -26,7 +26,7 @@ Source0: flexisip-account-manager.tar.gz
#BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
# dependencies
Requires: rh-php71-php rh-php71-php-xmlrpc rh-php71-php-mysqlnd rh-php71-php-mbstring
Requires: rh-php71-php rh-php71-php-xmlrpc rh-php71-php-pdo rh-php71-php-mysqlnd rh-php71-php-mbstring
%description
PHP server for Linphone and Flexisip providing module for account creation.
......@@ -38,12 +38,12 @@ PHP server for Linphone and Flexisip providing module for account creation.
%install
rm -rf "$RPM_BUILD_ROOT"
mkdir -p "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager"
cp -R *.php "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager"
cp -R README* "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager"
cp -R src/* "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager/"
cp README* "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager/"
mkdir -p "$RPM_BUILD_ROOT/etc/flexisip-account-manager"
cp -R *.conf "$RPM_BUILD_ROOT/etc/flexisip-account-manager"
cp -R conf/* "$RPM_BUILD_ROOT/etc/flexisip-account-manager/"
mkdir -p $RPM_BUILD_ROOT/opt/rh/httpd24/root/etc/httpd/conf.d
cp httpd/flexisip-account-manager.conf "$RPM_BUILD_ROOT/opt/rh/httpd24/root/etc/httpd/conf.d"