diff --git a/inventories/default.nix b/inventories/default.nix index bd3466d..3b132c3 100644 --- a/inventories/default.nix +++ b/inventories/default.nix @@ -65,6 +65,7 @@ name = "asterisk"; input = "self"; }; + roles.default.machines."rigel" = { }; }; pocket-id = { diff --git a/machines/rigel/networking.nix b/machines/rigel/networking.nix index 63d6d60..332aa90 100644 --- a/machines/rigel/networking.nix +++ b/machines/rigel/networking.nix @@ -63,7 +63,7 @@ in virtualHosts = { "_" = { locations."/" = { - proxyPass = "http://192.168.254.96"; + proxyPass = "http://192.168.254.100"; }; }; }; @@ -73,6 +73,13 @@ in "net.ipv6.conf.all.forwarding" = true; }; + networking.firewall.allowedUDPPortRanges = [ + { + from = 10000; + to = 20000; + } + ]; + networking.firewall.allowedUDPPorts = [ 53 67 diff --git a/modules/clan/asterisk/default.nix b/modules/clan/asterisk/default.nix index 1c71aac..4689383 100644 --- a/modules/clan/asterisk/default.nix +++ b/modules/clan/asterisk/default.nix @@ -12,56 +12,133 @@ ... }: { + networking.firewall.allowedUDPPorts = [ 5060 ]; services.asterisk = { enable = lib.mkDefault true; + extraArguments = [ + "-vvvddd" + ]; confFiles = { + "logger.conf" = '' + [general] + dateformat = %F %T.%3q ; ISO 8601 date format with milliseconds + use_callids = yes + appendhostname = no + queue_log = yes + queue_log_to_file = no + queue_log_name = queue_log + queue_log_realtime_use_gmt = no + rotatestrategy = rotate + exec_after_rotate=gzip -9 $\{filename\}.2 + [logfiles] + console => notice,warning,error + security => security + messages => notice,warning,error + full => notice,warning,error,verbose,dtmf,fax + syslog.local0 => notice,warning,error + ''; # Dial plan config "extensions.conf" = '' - exten => 1001,1,Dial(PJSIP/user1,20) - exten => 1002,1,Dial(PJSIP/user2,20) - + [from-internal] exten => 100,1,Answer() same => n,Wait(1) same => n,Playback(hello-world) same => n,Hangup() + + exten => 6001,1,Dial(PJSIP/6001,20) + exten => 6002,1,Dial(PJSIP/6002,20) ''; "pjsip.conf" = '' [transport-udp] type=transport protocol=udp - bind=0.0.0.0,[::] + bind=0.0.0.0 + [transport-udp6] + type=transport + protocol=udp + bind=:: - [endpoint_internal](!) + [6001] type=endpoint context=from-internal disallow=all allow=ulaw + auth=6001 + aors=6001 - [auth_userpass](!) + [6001] type=auth auth_type=userpass + password=unsecurepassword + username=6001 - [aor_dynamic](!) + [6001] type=aor - max_contacts=1 + max_contacts=1 - [user1](endpoint_internal) - auth=user1 - aors=user1 - [user1](auth_userpass) - password=user1 - username=user1 - [user1](aor_dynamic) + [6002] + type=endpoint + context=from-internal + disallow=all + allow=ulaw + auth=6002 + aors=6002 - [user2](endpoint_internal) - auth=user2 - aors=user2 - [user2](auth_userpass) - password=user2 - username=user2 - [user2](aor_dynamic) + [6002] + type=auth + auth_type=userpass + password=unsecurepassword + username=6002 + + [6002] + type=aor + max_contacts=1 ''; + # "pjsip.conf" = '' + # [transport-udp6] + # type=transport + # protocol=udp + # bind=:: + # + # [transport-udp] + # type=transport + # protocol=udp + # bind=0.0.0.0 + # + # [endpoint_internal](!) + # type=endpoint + # context=from-internal + # disallow=all + # allow=ulaw + # allow=alaw + # allow=g722 + # allow=gsm + # + # [auth_userpass](!) + # type=auth + # auth_type=userpass + # + # [aor_dynamic](!) + # type=aor + # max_contacts=1 + # + # [user1](endpoint_internal) + # auth=user1 + # aors=user1 + # [user1](auth_userpass) + # password=user1 + # username=user1 + # [user1](aor_dynamic) + # + # [user2](endpoint_internal) + # auth=user2 + # aors=user2 + # [user2](auth_userpass) + # password=user2 + # username=user2 + # [user2](aor_dynamic) + # ''; }; }; };