Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

1. Connecting to services

First, verify the containers using the following command: docker ps -a . This will show a list similar to this:

[opengate@localhost ~]$ docker ps -a
CONTAINER ID   IMAGE                                           COMMAND                  CREATED       STATUS                 PORTS                                       NAMES
15b0c01516eb   devopengate.azurecr.io/dev/kamailio:latest      "/bin/sh -c 'kamaili…"   11 days ago   Up 11 days                                                         kamailio_og
c999ff8ac61f   devopengate.azurecr.io/dev/webservices:latest   "/setup/entrypoint.sh"   11 days ago   Up 11 days (healthy)                                               webservices_og
ab7e655d73fe   devopengate.azurecr.io/dev/freeswitch:latest    "/docker-entrypoint.…"   11 days ago   Up 11 days (healthy)                                               freeswitch_og
4d4230f3d3c4   devopengate.azurecr.io/dev/asterisk:latest      "/entrypoint.sh"         11 days ago   Up 11 days                                                         asterisk_og
204aa182b9e8   devopengate.azurecr.io/dev/postgres:latest      "docker-entrypoint.s…"   11 days ago   Up 11 days             0.0.0.0:5432->5432/tcp, :::5432->5432/tcp   postgres_og
3c716da20711   devopengate.azurecr.io/dev/ssh-server:latest    "/init"                  11 days ago   Up 11 days             0.0.0.0:2222->2222/tcp, :::2222->2222/tcp   ssh_og

To connect to each container, use the following command: docker exec -it CONTAINER_NAME bash. This runs bash and shows a console inside the container where you can execute the standard commands (asterisk -rvvv, fs_cli, kamctl, etc.). However, you must be careful when changing files as you might modify their permissions (please, check this with the ls -ln command, and restore the original permissions if required).

A special scenario: When you reuse an IP address from a Node or WebRTC Gateway, the SSH connection will fail because their fingerprint will have changed. As a result, you will be warned of a possible security failure (a connection against a known host is expected, but instead the found host is another). You can see an error in the trace logs of Presence OpenGate web services. To fix this problem, connect to this module and clear the entry which causes this conflict in the /var/lib/ua/known_hosts file. If the listed hosts are known to you and you are sure that this is not a security issue, you can execute the following command: docker exec -it webservices_og rm /var/lib/ua/known_hosts. This will clear all known hosts and the new hosts will automatically be accepted.

2. Environment variables of containers

Variables allow you to customize the configuration of containers. We define the minimum required to configure an environment in docker-compose.yml and .env files, but there are more variables that allow further configuration and must be manually defined.

Common variables in all environments, defined in the .env file:

  • TZ=Europe/Madrid used to set the timezone.

  • SSH_USERNAME=opengate Used to set the username in the SSH server. All Nodes and WebRTC Gateways of an environment must also have the same.

  • SSH_PORT=2222 Used to set the SSH server port. All Nodes and WebRTC Gateways of an environment must also have the same.

If you want to set a variable that does not appear in the .env file, you must manually add to your docker-compose.yml file, inserting in the appropriate section with the value you want to use. For more information on defining enviroment variables in a compose file you can check the official documentation https://docs.docker.com/compose/how-tos/environment-variables/set-environment-variables/.

Below is the full list of variables:

  • PostgreSQL: Check the official documentation at https://github.com/docker-library/docs/blob/master/postgres/README.md#environment-variables .

  • SSH Server: Check the official documentation at https://github.com/linuxserver/docker-openssh-server?tab=readme-ov-file#parameters .

  • Web services:

    • DB_HOST=localhost Used to set the IP or hostname of the database.

    • DB_NAME=opengate Used to set the database name.

    • DB_USER=opengate Used to set the database user.

    • DB_PASSWORD_FILE=/run/secrets/db_password Used to set the “secret” path, which contains the database connection password.

    • SIP_REGISTRAR_IP=127.0.0.1 Used to set the IP address used to configure the SIP Registrar.

    • MASTER_ASTERISK_IP=127.0.0.1 Used to set the IP address of the interface connected to the data network of the Master node. This must match the DATA_BINDADDR value of the master Asterisk.

    • RECORDING_MOUNT_POINT Used to set the mount point of Presence Recording. This information is required to generate the configuration that Asterisk uses to record user extensions.

    • LOG_TO_DEFAULT=True Used to set the traces to be logged in the standard location. If set to “False”, traces will be logged in a file.

    • SSH_USERNAME=opengate Used to set the username of the SSH connections.

    • SSH_PORT=2222 Used to set the port for SSH connections.

    • SSH_KEY_FILE=/run/secrets/ssh_key Used to set the “secret” path, which contains the SSH private key.

    • SSH_KEY_PUB_FILE=/run/secrets/ssh_key.pub Used to set the “secret” path, which contains the SSH public key.

    • RESTORE_MODE=False Allows you to enable the restore mode to load a previous backup copy when the value is set to “True”.

    • UNIMRCP_SERVER_IP=127.0.0.1 Used to set the UniMRCP Server IP address.

    • SIP_ALIASES=sample1.domain.com,sample2.doman.com Used to set the list of domains (comma separated) if extensions use a domain to connect to the SIP Registrar.

  • Asterisk:

    • DATA_BINDADDR="0.0.0.0" Used to set the IP address of the data network.

    • SIP_BINDADDR="0.0.0.0" Used to set the IP address of the SIP server.

    • LOG_TO_DEFAULT=True Used to set that traces to be logged in the standard location. If set to “False”, traces will be logged in a file.

    • RUN_CONVERTER=False Used to set whether or not the audio format converter is to run. This is only set to “True” in the Master node.

    • SIP_TLS_PEM_FILE=/run/secrets/tls_pem Used to set the “secret” path, which contains the TLS certificate for SIP.

    • ASTERISK_ARGS="-fpvvvg" Used to set the parameters that are used to launch the Asterisk exec file.

    • CHECK_FILE="/etc/asterisk/presence-scripts/create_conf_files.sh" Used to set the file that is to be checked before you start Asterisk. This check is to make sure that the Unified Administration has successfully loaded the configuration prior to the Asterisk startup.

  • FreeSWITCH:

    • FS_EXTIP=127.0.0.1 Used to set the external IP address of FreeSWITCH (public IP).

    • FS_PRIVIP=127.0.0.1 Used to set the IP address of the network interface connected to the private network. This network is used to connect to the nodes and to the rest of the OpenGate system.

    • FS_DMZIP=$FS_PRIVIP Used to set the IP address of the network interface connected to the DMZ network. If there is no separation between the private / DMZ networks, then the network is the same and there is no need to be specified.

    • FS_UA_ACL=$FS_PRIVIP/24 Used to set an ACL (Access Control List) of IPs from which Presence OpenGate web services can connect to FreeSWITCH (to make change in the configuration). By default, let’s assume this is the private network in a subnetwork /24. If the Master node falls outside this range, you have to update this variable to match the network address of OpenGate web services.

    • FS_WSSPORT=7443 Used to set the WSS Port (WebSocket Secure) used to establish the WebRTC connections.

    • FS_RTPSTARTPORT=22000 and FS_RTPENDPORT=24600 Used to set the range of ports used for RTP.

    • FS_CODEC=PCMA Used to set the codec to establish the WebRTC connection. The values are the following: PCMA, PCMU, OPUS.

    • FS_TLS_PEM_FILE=/run/secrets/tls_pem Used to set the “secret” path, which contains the TLS certificate for WSS and SRTP.

    • FS_REVERSEPROXY_ACL=255.255.255.255/32 Used to specify an ACL where a reverse proxy is running (example 10.100.1.99/32 to match a reverse proxy in 10.100.1.99).

  • No labels