I finally put together a xen image for trixbox 2.8.0.4 This is fully updated and is current as of today, 5-24-2010. The xen image for trixbox and others can be downloaded from XenForge.org here I have not tested this image that thoroughly.
Thank you,
Engineer Tim
I had so many requests for my trixbox Xen image that I decided to create a new site. XenForge.org is this site. My hope is that people will be able to share their own Xen images with other users as well as use the ones that I create. This site is also not just limited to Xen based images but all images that can be portable and use some form of virtualization technology will be welcome. The only criteria is that no copyright violations or sharing of copyrighted material happens. This means OpenSource and derivatives only.
Currently XenForge offers the following.
Xen Image downloads via Bittorrent links.
The ability to add your own torrent file to the site for others to download.
Forums to discuss the Xen images and config options.
We hope to be able to offer the means to post torrent files directly to our torrent server from a user. This is something that is currently being looked at. Right now users can submit a image for approval and we will be happy to generate the torrent and seed it directly. This is a manual process right now.
Feel free to join us on XenForge if you have the need for some Xen images.
Thank you,
Engineer Tim
For this to work, you need to have the install media for CentOS, I use the CentOS 5.3 i386 DVD. You should also have a read the trixbox-xen.pdf on this site.
CentOS specific stuff we need to do.
make sure this is browsable in a web browser. You will need to be able to serve the installer these files.
We need to copy off the vmliuz and initrd.img from the images/xen folder for our use during the install. I like to serve all of my xen specific stuff from a nfs mount so that I can access these files from different xen servers without issues. How you do it is up to you. These files MUST be accessible by the computer that is going to boot the Xen DomU for trixbox28. For ease of following this doc, I will user /srv/xen/trixbox28 as my directory for these files.
Trixbox Specific Repo Setup.
We have to create a trixbox folder to serve the rpms from for the installer.
We need to mount the trixbox-2.8.0 iso so we can get the rpms and the comps.xml file off.
Now we need to grab the comps.xml file for making the trixbox repo on our web server.
We need to add a couple of rpms to our new trixbox repo for xen. This will ensure the xen kernel and dahdi kmod files will work right out of the box. Make sure you are in /var/www/html/trixbox when doing the wget. Please also make sure to use your closest mirror by going to http://www.centos.org/modules/tinycontent/index.php?id=30
We also need the kmod-dahdi from the trixbox repo.
Now lets create our repo for our installer.
if the createrepo is not found, install it with yum and try again.
Now we create our install file. I call mine trixbox28.install, the contents are listed below. Yours may differ. Of particular note is the kernel, ramdisk, and ks=http://192.168.1.216/trixbox.ks lines. The file trixbox.ks is our kickstart file, which we will have to make changes to from my original one in my xen guide.
kernel = “/srv/xen/trixbox28/vmlinuz”
ramdisk = “/srv/xen/trixbox28/initrd.img”
extra = “text ks=http://192.168.1.216/trixbox.ks”
name = “trixbox”
memory = “512″
disk = [ 'tap:aio:/srv/xen/trixbox.img,xvda,w', ]
vif = [ 'bridge=xenbr0', ]
vcpus=1
on_reboot = ‘destroy’
on_crash = ‘destroy’
Save this file in /etc/xen/
Now we need to edit the trixbox.ks file or ks.cfg from my trixbox-xen guide. We need to change the first line for the url to now point to our centos install media.
url –url http://192.168.1.216/centos
please make sure to use the ip address for your web server that is serving the centos install media.
We also need to add one additional repo (trixbox) to the trixbox.ks file. This is done with the repo line. Add this just before the %packages statement in the trixbox.ks file. Be sure to change the IP address and path to reflect the trixbox repo we created from above. We also need to add the kmod-dahdi-linux-xen so it gets installed and not install the kmod-dahdi-linux package.
#Add the repo information
repo –name=trixbox –baseurl=http://192.168.1.216/trixbox/
%packages
@Core
@Trixboxcore
kernel
kernel-xen
#add kmod-dahdi-linux-xen
kmod-dahdi-linux-xen
#remove the one for the other kernel so they don’t conflict possibly
-kmod-dahdi-linux
postfix
-sendmail
Now save your trixbox.ks or ks.cfg file with these changes.
Now start the install process for trixbox28.
Your installer should start and ask you for your local as well as a password for root.
You may, more than likely, see a few error messages fly by when the installer starts going. These are ok to ignore.
Once the install has finished it will shutdown and you will need to start it with your actual trixbox28 xen config. Mine is listed below, again yours might differ.
name = “trixbox28″
memory = “512″
disk = [ 'tap:aio:/srv/xen/trixbox.img,xvda,w', ]
vif = [ 'bridge=xenbr0', ]
bootloader=”/usr/bin/pygrub”
vcpus=1
on_reboot = ‘restart’
on_crash = ‘restart’
You should see no errors with dhadi,
Starting dahdi: Loading DAHDI hardware modules:
wct4xxp: [ OK ]
wcte12xp: [ OK ]
wct1xxp: [ OK ]
wcte11xp: [ OK ]
wctdm24xxp: [ OK ]
opvxa1200: [ OK ]
wcfxo: [ OK ]
wctdm: [ OK ]
wcb4xxp: [ OK ]
wctc4xxp: [ OK ]
xpp_usb: [ OK ]
No hardware timing source found in /proc/dahdi, loading dahdi_dummy
Running dahdi_cfg: [ OK ]
Firstboot scripts will run and you should be good to go.
Let me know any issues, questions or concerns either by email by posting a comment.
I have put together a install guide for use with trixbox 2.6.2.1 and Xen. This guide will walk you through installing trixbox in a Xen DomU. I hope people find it useful.
Thank you,
Engineer Tim
Download trixbox-xen
I whipped up a BFD rule to try and defend against sip attacks. This watches for failed logins in the /var/log/asterisk/full log and then blocks them. I set the TRIG level low so you might need to change this to something you are more comfortable with.
Drop this file in /usr/local/bfd/rules/
Name the file asterisk
So you want to recompile zaptel on trixbox. I have put together a script that might help. I have used this on a few custom installs and it seems to work. However, don’t kill me if it screws something up. You will need to start zaptel and amportal once the script finishes. I don’t do this for you since I like to watch for errors on startup.
rebuild-zaptel.sh.txt
I have created a small guide to help users secure their trixbox CE installs. This guide is in PDF format and should be readable on just about any system. This is by no means a definitive guide, but should be used as s way to help users.
securing_trixbox_ce_ver1
You want to password protect the user/maint on your trixbox server? Give this a shot!!
yum install mod_auth_mysql
Now, inside /etc/httpd/conf.d/auth_mysql.conf
put the following, or something like it.
LoadModule mysql_auth_module modules/mod_auth_mysql.so
<Directory /var/www/html>
AuthName “Authentication Required”
AuthType Basic
AuthMYSQLEnable on
AuthMySQLUser root
AuthMySQLPassword passw0rd
AuthMySQLDB userauth
AuthMySQLUserTable users
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
AuthMySQLGroupTable groups
AuthMySQLGroupField user_group
require group user
require valid-user
</Directory>
<Directory /var/www/html/maint>
AuthName “Authentication Required”
AuthType Basic
AuthMYSQLEnable on
AuthMySQLUser root
AuthMySQLPassword passw0rd
AuthMySQLDB userauth
AuthMySQLUserTable users
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
AuthMySQLGroupTable groups
AuthMySQLGroupField user_group
require group admin
</Directory>
Here is the schema for the userauth mysql database. Copy and paste this into a file called userauth.schema.sql
– MySQL dump 10.10
–
– Host: localhost Database: userauth
– ——————————————————
– Server version5.0.22
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE=’+00:00′ */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE=’NO_AUTO_VALUE_ON_ZERO’ */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
–
– Current Database: `userauth`
–
CREATE DATABASE /*!32312 IF NOT EXISTS*/ `userauth` /*!40100 DEFAULT CHARACTER SET latin1 */;
USE `userauth`;
–
– Table structure for table `groups`
–
DROP TABLE IF EXISTS `groups`;
CREATE TABLE `groups` (
`user_name` char(30) NOT NULL,
`user_group` char(20) NOT NULL,
PRIMARY KEY (`user_name`,`user_group`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
–
– Table structure for table `users`
–
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`user_name` char(30) NOT NULL,
`user_passwd` char(20) NOT NULL,
`extension` int(10) NOT NULL,
`email` char(50) NOT NULL,
PRIMARY KEY (`user_name`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
Now create the database and import the schema.
mysqladmin -uroot -p create userauth
mysql -uroot -p userauth < userauth.schema.sql
Now you need to create some users. I don’t recommend that you use the older maint/password if your server is facing the internet. I am going to create a engineertim login that is in both the user and admin group. For my one user, I will create a separate login called kerry.
login to mysql and use the following commands, replace engineertim and kerry with your own users.
mysql -uroot -p
mysql> use userauth;
INSERT INTO `userauth`.`users` (`user_name` ,`user_passwd` ,`extension` ,`email`) VALUES (‘engineertim’, ENCRYPT(‘letmein’),”,” );
INSERT INTO `userauth`.`users` (`user_name` ,`user_passwd` ,`extension` ,`email`) VALUES (‘kerry’, ENCRYPT(‘letmein’),”,” );
INSERT INTO `groups` VALUES (‘engineertim’,'user’),(‘engineertim’,'admin’),(‘kerry’,'user’);
mysql> exit
You now need to edit the /etc/httpd/conf/httpd.conf and add a comment to the last line that should be a Include.
#Include /etc/trixbox/httpdconf/*
Restart apache for everything to take affect.
service httpd restart
Now try and login to your trixbox with the new username and passwords. If you have issues, you can remove the comment from httpd.conf, restart apache and use the old login while you debug. You might also want to use tbm-phpmyadmin.
None
Grave Peril (The Dresden Files, Book 3) by Jim Butcher
One More Day Everywhere: Crossing 50 Borders on the Road to Global Understanding by Glen Heggstad