1. Connecting to services
First, verify the containers using the following command: docker ps -a . This will show a list similar to this:
[opengate@localhost ~]$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 15b0c01516eb devopengate.azurecr.io/dev/kamailio:latest "/bin/sh -c 'kamaili…" 11 days ago Up 11 days kamailio_og c999ff8ac61f devopengate.azurecr.io/dev/webservices:latest "/setup/entrypoint.sh" 11 days ago Up 11 days (healthy) webservices_og ab7e655d73fe devopengate.azurecr.io/dev/freeswitch:latest "/docker-entrypoint.…" 11 days ago Up 11 days (healthy) freeswitch_og 4d4230f3d3c4 devopengate.azurecr.io/dev/asterisk:latest "/entrypoint.sh" 11 days ago Up 11 days asterisk_og 204aa182b9e8 devopengate.azurecr.io/dev/postgres:latest "docker-entrypoint.s…" 11 days ago Up 11 days 0.0.0.0:5432->5432/tcp, :::5432->5432/tcp postgres_og 3c716da20711 devopengate.azurecr.io/dev/ssh-server:latest "/init" 11 days ago Up 11 days 0.0.0.0:2222->2222/tcp, :::2222->2222/tcp ssh_og
To connect to each container, use the following command: docker exec -it CONTAINER_NAME bash. This runs bash and shows a console inside the container where you can execute the standard commands (asterisk -rvvv, fs_cli, kamctl, etc.). However, you must be careful when changing files as you might modify their permissions (please, check this with the ls -ln command, and restore the original permissions if required).
A special scenario: When you reuse an IP address from a Node or WebRTC Gateway, the SSH connection will fail because their fingerprint will have changed. As a result, you will be warned of a possible security failure (a connection against a known host is expected, but instead the found host is another). You can see an error in the trace logs of Presence OpenGate web services. To fix this problem, connect to this module and clear the entry which causes this conflict in the /var/lib/ua/known_hosts file. If the listed hosts are known to you and you are sure that this is not a security issue, you can execute the following command: docker exec -it webservices_og rm /var/lib/ua/known_hosts. This will clear all known hosts and the new hosts will automatically be accepted.
2. Environment variables of containers
Variables allow you to customize the configuration of containers. We define the minimum required to configure an environment in docker-compose.yml and .env files, but there are more variables that allow further configuration and must be manually defined.
Common variables in all environments, defined in the .env file:
TZ=Europe/MadridUsed to set the time zone.SSH_USERNAME=opengateUsed to set the username in the SSH server. All Nodes and WebRTC Gateways of an environment must also have the same.SSH_PORT=2222Used to set the SSH server port. All Nodes and WebRTC Gateways of an environment must also have the same.
If you want to set a variable that does not appear in the .env file, you must manually add to your docker-compose.yml file, inserting in the appropriate section with the value you want to use. For more information on defining enviroment variables in a compose file you can check the official documentation https://docs.docker.com/compose/how-tos/environment-variables/set-environment-variables/.
Below is the full list of variables:
PostgreSQL: Check the official documentation at https://github.com/docker-library/docs/blob/master/postgres/README.md#environment-variables .
SSH Server: Check the official documentation at https://github.com/linuxserver/docker-openssh-server?tab=readme-ov-file#parameters .
Web services:
DB_HOST=localhostUsed to set the IP or hostname of the database.DB_NAME=opengateUsed to set the database name.DB_USER=opengateUsed to set the database user.DB_PASSWORD_FILE=/run/secrets/db_passwordUsed to set the “secret” path, which contains the database connection password.SIP_REGISTRAR_IP=127.0.0.1Used to set the IP address used to configure the SIP Registrar.MASTER_ASTERISK_IP=127.0.0.1Used to set the IP address of the interface connected to the data network of the Master node. This must match the DATA_BINDADDR value of the master Asterisk.RECORDING_MOUNT_POINTUsed to set the mount point of Presence Recording. This information is required to generate the configuration that Asterisk uses to record user extensions.LOG_TO_DEFAULT=TrueUsed to set the traces to be logged in the standard location. If set to “False”, traces will be logged in a file.SSH_USERNAME=opengateUsed to set the username of the SSH connections.SSH_PORT=2222Used to set the port for SSH connections.SSH_KEY_FILE=/run/secrets/ssh_keyUsed to set the “secret” path, which contains the SSH private key.SSH_KEY_PUB_FILE=/run/secrets/ssh_key.pubUsed to set the “secret” path, which contains the SSH public key.RESTORE_MODE=FalseAllows you to enable the restore mode to load a previous backup copy when the value is set to “True”.UNIMRCP_SERVER_IP=127.0.0.1Used to set the UniMRCP Server IP address.SIP_ALIASES=sample1.domain.com,sample2.doman.comUsed to set the list of domains (comma separated) if extensions use a domain to connect to the SIP Registrar.
Asterisk:
DATA_BINDADDR="0.0.0.0"Used to set the IP address of the data network.SIP_BINDADDR="0.0.0.0"Used to set the IP address of the SIP server.LOG_TO_DEFAULT=TrueUsed to set that traces to be logged in the standard location. If set to “False”, traces will be logged in a file.RUN_CONVERTER=FalseUsed to set whether or not the audio format converter is to run. This is only set to “True” in the Master node.SIP_TLS_PEM_FILE=/run/secrets/tls_pemUsed to set the “secret” path, which contains the TLS certificate for SIP.ASTERISK_ARGS="-fpvvvg"Used to set the parameters that are used to launch the Asterisk exec file.CHECK_FILE="/etc/asterisk/presence-scripts/create_conf_files.sh"Used to set the file that is to be checked before you start Asterisk. This check is to make sure that the Unified Administration has successfully loaded the configuration prior to the Asterisk startup.
FreeSWITCH:
FS_EXTIP=127.0.0.1Used to set the external IP address of FreeSWITCH (public IP).FS_PRIVIP=127.0.0.1Used to set the IP address of the network interface connected to the private network. This network is used to connect to the nodes and to the rest of the OpenGate system.FS_DMZIP=$FS_PRIVIPUsed to set the IP address of the network interface connected to the DMZ network. If there is no separation between the private / DMZ networks, then the network is the same and there is no need to be specified.FS_UA_ACL=$FS_PRIVIP/24Used to set an ACL (Access Control List) of IPs from which Presence OpenGate web services can connect to FreeSWITCH (to make change in the configuration). By default, let’s assume this is the private network in a subnetwork /24. If the Master node falls outside this range, you have to update this variable to match the network address of OpenGate web services.FS_WSSPORT=7443Used to set the WSS Port (WebSocket Secure) used to establish the WebRTC connections.FS_RTPSTARTPORT=22000andFS_RTPENDPORT=24600Used to set the range of ports used for RTP.FS_CODEC=PCMAUsed to set the codec to establish the WebRTC connection. The values are the following: PCMA, PCMU, OPUS.FS_TLS_PEM_FILE=/run/secrets/tls_pemUsed to set the “secret” path, which contains the TLS certificate for WSS and SRTP.FS_REVERSEPROXY_ACL=255.255.255.255/32Used to specify an ACL where a reverse proxy is running (example: 10.100.1.99/32 to match a reverse proxy with IP 10.100.1.99).