The conditions are;
(1) Install all applications required to the LAMP server into one docker image file
(2) Install all applications required to the Flexisip server into one docker image file
(3) For implementing multi tasks in one container, embedded the system daemon:systemd
NOTES) Because of the difference for the flexisip server settings under your environment, you have to tweak these by yourself (MOST Important : Flexisip config + XMLRPC related files + Database settings and so on). Official Acount Manager web frontend design is different from mine introduced before. Officials adopts more simple design.
If you want to tweak these to meet your environment, please contact me.
Please visit the following Github site to check docker files, docker-compose files and so on.
https://github.com/capitalfuse/centos7_environment
1. Build CentOS7 Base Image with working systemd
First of all, create the docker image file running system daemon based on CentOS7, and build it.
centos7_environment/docker_files/centos7_systemd_base_image/Dockerfile
FROM centos:7
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]
Build,
$ cd dockerfiles/centos7_systemd_base_image
$ docker build --rm -t local/c7-systemd .
Confirm this image
$ docker images
REPOSITORY local/c7-systemd
2. Build LAMP Server image besed on local/c7-systemd
Create Dockerfile:lamp-c7 for building New LAMP Sever Image based on local/c7-systemd.
centos7_environment/docker_files/lamp-c7
FROM local/c7-systemd
MAINTAINER Takanobu Fuse< [email protected]>
# Prepare the Belledonne's repository
COPY Belledonne.repo /etc/yum.repos.d/Belledonne.repo
# Install varioius utilities
RUN yum -y install curl wget unzip git vim nano \
iproute sysvinit-tools hostname inotify-tools yum-utils which epel-release \
freetype-dev libjpeg-turbo-dev zip libxml2-dev icu-dev nodejs-current npm
# Install Apache
RUN yum -y install httpd httpd-mod_ssl httpd-mod_auth_mellon httpd-mod_security openssl
# Install PHP 7.3
RUN yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm \
&& yum-config-manager --disable remi-php54 \
&& yum-config-manager --enable remi-php73 \
&& yum -y install php php-cli php-fpm php-mysqlnd php-zip php-devel php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath php-json \
php-pdo php-soap php-xmlrpc php-xml php-opcache php-pdo_mysql php-zip php-mysqli php-intl
# Reconfigure Apache
RUN sed -i 's/AllowOverride None/AllowOverride All/g' /etc/httpd/conf/httpd.conf
# Install phpMyAdmin
RUN yum install -y phpMyAdmin \
&& sed -i 's/Require ip 127.0.0.1//g' /etc/httpd/conf.d/phpMyAdmin.conf \
&& sed -i 's/Require ip ::1/Require all granted/g' /etc/httpd/conf.d/phpMyAdmin.conf \
&& sed -i 's/Allow from 127.0.0.1/Allow from all/g' /etc/httpd/conf.d/phpMyAdmin.conf \
&& sed -i "s/'cookie'/'config'/g" /etc/phpMyAdmin/config.inc.php \
&& sed -i "s/\['user'\] .*= '';/\['user'\] = 'root';/g" /etc/phpMyAdmin/config.inc.php \
&& sed -i "s/\['password'\] .*= '';/\['password'\] = 'password1234';/g" /etc/phpMyAdmin/config.inc.php \
# && sed -i "/AllowNoPassword.*/ {N; s/AllowNoPassword.*FALSE/AllowNoPassword'] = TRUE/g}" /etc/phpMyAdmin/config.inc.php \
&& sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 512M/g' /etc/php.ini \
&& sed -i 's/post_max_size = 8M/post_max_size = 512M/g' /etc/php.ini \
&& sed -i 's/memory_limit = 128M/memory_limit = 512M/g' /etc/php.ini
# Install MariaDB
# https://downloads.mariadb.org/mariadb/repositories/#distro=CentOS&distro_release=centos7-amd64--centos7&mirror=netactuate&version=10.5
# After start container, MariaDB [(none)]> set password for 'root'@localhost = password("password1234");
COPY MariaDB.repo /etc/yum.repos.d/MariaDB.repo
RUN yum -y install MariaDB-server MariaDB-client
### Create database and use and set root password in docker container lamp-c7
########## $ mariadb -u root -e 'create database flexisip;'
########## $ mariadb -u root -e 'grant all privileges on flexisip.* TO 'flexisip'@'localhost' identified by 'password1234';'
########## $ mariadb -u root -e 'set password for 'root'@localhost = password("password1234");'
# Place VOLUME statement below all changes to /var/lib/mysql
VOLUME /var/lib/mysql
#EXPOSE 3306
# Install Redis
RUN yum -y install redis
#EXPOSE 3000
# UTC Timezone & Networking
RUN ln -sf /usr/share/zoneinfo/UTC /etc/localtime \
&& echo "NETWORKING=yes" > /etc/sysconfig/network
# Install Composer and Laravel
COPY composer_installer.sh /var/www/html
RUN cd /var/www/html \
&& ./composer_installer.sh \
&& mv composer.phar /usr/local/bin/composer \
&& chown -R apache:apache /var/www/html \
&& composer global require laravel/installer \
&& ln -s /root/.config/composer/vendor/laravel/installer/bin/laravel /usr/local/bin/laravel
# Install flexisip-account-manager
#RUN yum -y install centos-release-scl-rh \
#RUN yum -y install bc-flexisip-account-manager \
#&& chown -R apache:apache /opt/belledonne-communications/share/flexisip-account-manager
#&& cp /opt/rh/httpd24/root/etc/httpd/conf.d/flexisip-account-manager.conf /etc/httpd/conf.d/
### OR
# Install latest flexisip-account-manager from github
RUN mkdir -p /opt/belledonne-communications/share/flexisip-account-manager /etc/flexisip-account-manager /var/opt/belledonne-communications/flexiapi/storage \
&& cd /tmp \
&& git clone https://gitlab.linphone.org/BC/public/flexisip-account-manager.git \
&& cd flexisip-account-manager \
&& cp -R flexiapi /opt/belledonne-communications/share/flexisip-account-manager/ \
&& cp -R src/* /opt/belledonne-communications/share/flexisip-account-manager/ \
&& cp -R conf/* /etc/flexisip-account-manager/ \
&& cp httpd/* /etc/httpd/conf.d/ \
### setting connfig file for flexisip account manager
&& sed -i "s/\"DB_USER\",.*\".*\"/\"DB_USER\", \"root\"/g" /etc/flexisip-account-manager/db.conf \
&& sed -i "s/\"DB_PASSWORD\",.*\".*\"/\"DB_PASSWORD\", \"password1234\"/g" /etc/flexisip-account-manager/db.conf \
&& sed -i "s/\"DB_NAME\",.*\".*\"/\"DB_NAME\", \"flexisip\"/g" /etc/flexisip-account-manager/db.conf \
&& sed -i "s/(\"REMOTE_PROVISIONING_OVERWRITE_ALL\",.*);/(\"REMOTE_PROVISIONING_OVERWRITE_ALL\", True);/g" /etc/flexisip-account-manager/provisioning.conf \
&& touch /var/opt/belledonne-communications/flexiapi/storage/db.sqlite \
&& chown -R apache:apache /opt/belledonne-communications/share/flexisip-account-manager \
&& cd /opt/belledonne-communications/share/flexisip-account-manager/flexiapi \
&& composer install --no-dev
### Implement the below php commnds in docker container lamp-c7
########## $ php /opt/belledonne-communications/share/flexisip-account-manager/tools/create_tables.php
########## $ php artisan key:generate
########## $ php artisan migrate:rollback
########## $ php artisan migrate
### set an account admin user {account_id}, in advance create user and use user's account_id
########## $ php artisan accounts:set-admin 1
# Make the log directory and the log file for flexisip-account-manager
RUN mkdir -p /var/opt/belledonne-communications/log \
&& cd /var/opt/belledonne-communications/log \
&& touch account-manager.log \
&& chown apache:apache account-manager.log
#EXPOSE 80
RUN systemctl enable httpd.service mariadb.service redis.service
CMD ["/usr/sbin/init"]
To build New LAMP docker image based on local/c7-systemd, there are two methos, the docker command method with options and the docker-compose command method including options. You choose which one. I choosed latter, so the doker-compose file seems to be like the below.
centos7_environment/docker_files/docker-compose.lamp.yml
version: '3.5'
services:
# LAMP Server
lamp-c7:
container_name: lamp-c7
build:
context: ./docker_files
dockerfile: lamp-c7
tty: true
volumes:
# for Systemd integration:https://hub.docker.com/_/centos
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- ${MAKE_TEMP}:/run
# shared database
- mariadb:/var/lib/mysql
# copy flexiapi env file
- ./flexiapi_env/flexiapi.env:/opt/belledonne-communications/share/flexisip-account-manager/flexiapi/.env
# for laravel php framework
# - ./html:/var/www/html:rw
# - ./etc/flexisip-account-manager:/etc/flexisip-account-manager:rw
# shared apache default.conf between host and container
# - ./etc/http:/etc/http/conf.d/default.conf
# shared the directory /var/www/html
# - ./html:/var/www/html
restart: always
network_mode: host
cap_add:
- SYS_ADMIN
privileged: true
devices:
- /dev/fuse
# need to "$ docker volume create mariadb"
volumes:
mariadb:
external: true
Build command;
$ docker-compose -f docker-compose.lamp.yml build
3. Build Flexisip SIP Server image besed on local/c7-systemd
Same as the above, create Dockerfile:flexisip-c7 for building New Flexisip Sever Image based on local/c7-systemd.
centos7_environment/docker_files/flexisip-c7
FROM local/c7-systemd
MAINTAINER Jehan Monnier < [email protected]>
# Prepare the Belledonne's repository
COPY Belledonne.repo /etc/yum.repos.d/Belledonne.repo
RUN yum -y install epel-release yum-downloadonly gdb
RUN yum update -y
# Download rpm to be able to skip systemd's scripts
RUN yum install -y --downloadonly --downloaddir=/opt bc-flexisip bc-flexisip-debuginfo bc-flexisip-jwe-auth-plugin
RUN mv /opt/bc-flexisip*.rpm /tmp
RUN rpm -i /opt/*.rpm
RUN rpm -i --noscripts /tmp/bc-flexisip*.rpm
#RUN echo '/tmp/core' > /proc/sys/kernel/core_pattern
RUN rm /opt/*.rpm
# Add it to the default path
ENV PATH=$PATH:/opt/belledonne-communications/bin
WORKDIR /opt/belledonne-communications
# Generate a default configuration
RUN flexisip --dump-default all > /etc/flexisip/flexisip.conf
VOLUME /etc/flexisip
COPY flexisip/flexisip-entrypoint.sh /
COPY flexisip/backtrace.gdb /
RUN chmod a+x /flexisip-entrypoint.sh
# Script to wait db before launch flexisip [Licence Apache2]
ADD https://github.com/ufoscout/docker-compose-wait/releases/download/2.2.1/wait /wait
RUN chmod +x /wait
RUN yum clean all
# Make the proxy and presence servers to start on system boot
RUN systemctl enable flexisip-proxy flexisip-presence
CMD ["/usr/sbin/init"]
Create the following docker-compose file and build New Flexisip Server Image.
NOTE)Important: flexisip configration file will be overwrited to config/felxisip.conf, so, in advance, you shoud modify each sections in it to meet your requirements.
centos7_environment/docker_files/docker-compose.flexisip.yml
version: '3.5'
services:
# Flexisip SIP Server
flexisip-c7:
container_name: flexisip-c7
build:
context: ./docker_files
dockerfile: flexisip-c7
tty: true
volumes:
# for Systemd integration:https://hub.docker.com/_/centos
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- ${MAKE_TEMP}:/run
#- ./letsencrypt:/etc/flexisip/tls
- ./config:/etc/flexisip
### If you are using TLS Support for Apache to listen on 443 in the container drop them in /certs and set these:
#- TLS_CERT=cert.pem
#- TLS_KEY=key.pem
restart: always
network_mode: host
cap_add:
- SYS_ADMIN
privileged: true
devices:
- /dev/fuse
Build the New Flexisip Server Image
$ docker-compose -f docker-compose.flexisip.yml build
4. How to run above images
In advance, create shared volume for mariadb database backup
$ docker volume create mariadb
CentOS7 LAMP Server start by docker-compose.lamp.yml If you don't run containers under Ubuntu host, move "MAKE_TEMP=/tmp/$(mktemp -d)"
and delete "- ${MAKE_TEMP}:/run"
in docker-compose file.
$ MAKE_TEMP=/tmp/$(mktemp -d) docker-compose -f docker-compose.lamp.yml up -d
CentOS7 Flexisip SIP Server start by docker-compose.flexisip.yml If you don't run containers under Ubuntu host, move "MAKE_TEMP=/tmp/$(mktemp -d)"
and delete "- ${MAKE_TEMP}:/run"
in docker-compose file.
$ MAKE_TEMP=/tmp/$(mktemp -d) docker-compose -f docker-compose.flexisip.yml up -d
If you want to deploy on the production CentOS system, check the following dockerfiles
docker_files/lamp-c7
docker_files/flexisip-c7
Implement the commands COPY, RUN and ENV lines in your Linux OS terminal(Not Inspected).
5. Set mariadb root password
For login to phpmyadmin by "root" admin user, set password in mariadb console.
$ docker exec -ti lamp-c7 bash
# mariadb
>MariaDB [(none)]> set password for 'root'@localhost = password("password1234");
6. Create database for flexisip
In phpmyadmin or mariadb console, create user "flexisip" with the same database "flexisip", password "password1234"
7. Modify the following files and create table for flexisip
Input DB_USER, DB_PASSWORD and DB_NAME defined by the above.
In lamp-c7 container;
etc/flexisip-account-manager/db.conf
/*
* The database username.
*
* Default value: flexisip_rw
*/
define("DB_USER", "root");
/*
* The database user's password.
*
* Default value:
*/
define("DB_PASSWORD", "password1234");
/*
* The name of the database.
*
* Default value: flexisip
*/
define("DB_NAME", "flexisip");
Implement the following script to make flexisip table.
In lamp-c7 container;
$ php /opt/belledonne-communications/share/flexisip-account-manager/tools/create_tables.php
8. Load Custom Settings by XMLRPC Server(Provisioning)
For activing the override remote provisioning, "REMOTE_PROVISIONING_OVERWRITE_ALL" should be set to "True"
NOTE) Official Linphone App doen't load your custom settings by default. You need to modify Linphone App source code and rebuild it to activate and load your custom settings.
About how to activate and load custom settings, check the blog contents about email activation.
2020/11/03: Retrieved. No need to compile Linphone. Your provisioning settings will be loaded via "Fetch Remote Configuration".
In lamp-c7 container;
/etc/flexisip-account-manager/provisioning.conf
define("REMOTE_PROVISIONING_OVERWRITE_ALL", True);
By Creating the following default.rc
, this is transformed automatically to provisioning XML file format by accessing : https://sip.example.cpm/flexisip-account-manager/provisioning.php
.
In this case, you should input this URL as provisioning URL into Linphone Android "Remote Setting" menu.
In lamp-c7 container;
/opt/belledonne-communications/share/flexisip-account-manager/xmlrpc/default.rc
#
#This file shall not contain path referencing package name, in order to be portable when app is renamed.
#Paths to resources must be set from LinphoneManager, after creating LinphoneCore.
[assistant]
domain=sip.example.com
xmlrpc_url=https://sip.example.com/flexisip-account-manager/xmlrpc.php
OR
You can create own provisioning file by XML format like the below;
In lamp-c7 container;
/opt/belledonne-communications/share/flexisip-account-manager/xmlrpc/custom_provisioning.xml
version="1.0" encoding="UTF-8"?>
< config xmlns="http://www.linphone.org/xsds/lpconfig.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.linphone.org/xsds/lpconfig.xsd lpconfig.xsd">
< section name="assistant">
< entry name="domain" overwrite="true">sip.example.com < /entry>
< entry name="xmlrpc_url" overwrite="true">https://sip.example.com/flexisip-account-manager/xmlrpc.php < /entry>
< /section>
< /config>
In this case, you should input the below URL as provisioning URL into Linphone Android "Remote Setting" menu. https://sip.example.cpm/flexisip-account-manager/custom_provisioning.xml
Please see also the following reference about provisioning;
https://wiki.linphone.org/xwiki/wiki/public/view/Lib/Features/Remote%20Provisioning/
9. Flexisip-Account-Manager Web Frontend
Modify the following file to access localhost database.
In lamp-c7 container;
/etc/flexisip-account-manager/fleiapi.env
.....
.....
# Local FlexiAPI database
DB_DATABASE=/var/opt/belledonne-communications/flexiapi/storage/db.sqlite
# External FlexiSIP database
DB_EXTERNAL_DRIVER=mysql
DB_EXTERNAL_HOST=127.0.0.1
DB_EXTERNAL_PORT=3306
#DB_EXTERNAL_DATABASE=/var/opt/belledonne-communications/flexiapi/storage/external.db.sqlite
DB_EXTERNAL_DATABASE=flexisip
DB_EXTERNAL_USERNAME=root
DB_EXTERNAL_PASSWORD=password1234
.....
.....
# SMTP and emails
MAIL_DRIVER=smtp
MAIL_HOST=smtp.XXXXX
MAIL_PORT=XXXX
MAIL_USERNAME=XXXXXXXX
MAIL_PASSWORD=XXXXXXXX
MAIL_FROM_ADDRESS=[email protected]
MAIL_FROM_NAME="${APP_NAME}"
MAIL_ALLOW_SELF_SIGNED=false
MAIL_VERIFY_PEER=true
MAIL_VERIFY_PEER_NAME=true
MAIL_SIGNATURE="The Example Team"
# OVH SMS API variables
OVH_APP_KEY=
OVH_APP_SECRET=
OVH_APP_ENDPOINT=ovh-eu
OVH_APP_CONSUMER_KEY=
OVH_APP_SENDER=
# Google reCaptcha v2 parameters
NOCAPTCHA_SECRET=XXXXXXXXXXXXXXXXXXXX
NOCAPTCHA_SITEKEY=XXXXXXXXXXXXXXXXXXX
In lamp-c7 container;
Implement the following php artisan command in '/opt/belledonne-communications/share/flexisip-account-manager/flexiapi` to cretate account table.
$ cd /opt/belledonne-communications/share/flexisip-account-manager/flexiapi
$ chown -R apache:apache /opt/belledonne-communications/share/flexisip-account-manager/flexiapi
$ php artisan key:generate
$ php artisan migrate:rollback
$ php artisan migrate
As not exist server.php(If you don't need to check as local address:http://localhost:8000, no need) in /opt/belledonne-communications/share/flexisip-account-manager/flexiapi directory, make it.
Note) No need this process if you could install the source from github.
In lamp-c7 container;
/opt/belledonne-communications/share/flexisip-account-manager/flexiapi/server.php
/**
* Laravel - A PHP Framework For Web Artisans
*
* @package Laravel
* @author Taylor Otwell < [email protected]>
*/
$uri = urldecode(
parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH)
);
// This file allows us to emulate Apache's "mod_rewrite" functionality from the
// built-in PHP web server. This provides a convenient way to test a Laravel
// application without having installed a "real" web server software here.
if ($uri !== '/' && file_exists(__DIR__.'/public'.$uri)) {
return false;
}
require_once __DIR__.'/public/index.php';
In lamp-c7 container;
Start flexisip-account-manager server:
$ php artisan serve --host 127.0.0.1
Access
http://localhost:8000
Normally, don't need to execute "php artisan serve" command, so access;
http://yourdomain.com/flexiapi
If you try latest version frontend, download it from github and copy it into this directory; /opt/belledonne-communications/share/flexisip-account-manager/flexiapi
Github 'https://gitlab.linphone.org/BC/public/flexisip-account-manager/tree/master/flexiapi'
I will add or fix about this contents in the forum(only Japanese).