Moderators: enjay, williamconley, Staydog, mflorell, MJCoate, mcargile, Kumba
williamconley wrote:Have you constructed the auto-renew weekly run for certbot yet?
Kumba wrote:williamconley wrote:Have you constructed the auto-renew weekly run for certbot yet?
LetsEncrypt is good for 90 days, the script will set a monthly cronjob to renew it which should be more then enough.
williamconley wrote:Kumba wrote:williamconley wrote:Have you constructed the auto-renew weekly run for certbot yet?
LetsEncrypt is good for 90 days, the script will set a monthly cronjob to renew it which should be more then enough.
Our experience has been "daily is overkill, weekly is good, but monthly with one hiccup can allow expiration by accident". For instance: Server off for a couple hours (for whatever reason) during that monthly job means there's now 59 days between two checks. The renewal period is open for 30 days before expiration. 59 Days is too long. Weekly, however, has proven to be without fail.
Easy change ...
Kumba wrote:Certbot SSL setup - /usr/local/bin/vicidial-cerbot
- You need a FULLY QUALIFIED DOMAIN NAME (FQDN), I.E. vicibox.somedomain.com
bigape wrote:Kumba wrote:Certbot SSL setup - /usr/local/bin/vicidial-cerbot
- You need a FULLY QUALIFIED DOMAIN NAME (FQDN), I.E. vicibox.somedomain.com
Small typo, should be:
/usr/local/bin/vicibox-certbot
dspaan wrote:edit: I created a new thread about the firewall: viewtopic.php?f=4&t=38741
And one about certbot: viewtopic.php?f=4&t=38742
Kumba wrote:dspaan wrote:edit: I created a new thread about the firewall: viewtopic.php?f=4&t=38741
And one about certbot: viewtopic.php?f=4&t=38742
They were moved from the general support to the ViciBox support. These are vicibox features not ViciDial features.
Thank you for choosing ViciPhone.
In order to use ViciPhone you must use "https://phone1.viciphone.com/viciphone.php" as your Webphone URL.
If you are using ViciPhone in conjunction with Vicidial you will need to change this setting in ADMIN → System Settings.
ccabrera wrote:I tried to read more about it at https://viciphone.com (same URL Google has currently indexed) but I can't reach it. Seems https://viciphone.com is currently unavailable, so that's why I'm asking about the stability of phone.viciphone.com
ccabrera wrote:My guess is that you are pointing the Webphone URL to the index.html, as I just did an hour ago. This was fixed by going to the System settings and updating the Webphone URL to point to the location of the viciphone.php.
Since I unzipped the viciphone-1.0.0.zip into /srv/www/htdocs/agc/viciphone, my URL was /agc/viciphone/viciphone.php. After doing that and opening the ports in the firewall, everything went smoothly.
Kumba wrote:Once you have verified that your SSL setup is working correctly (https:// works), you need to do a few additional setup tasks in ViciDial. This is only for a all-in-one setup. A cluster setup is more of a pain as templates have to be made for each individual telephony server and assigned to different phones and stuff.
Go to Admin --> Servers and click on the Server ID. The Web Socket URL for it needs to be set to : wss://<FQDN>:8089
Next you need to go to Admin --> Templates and select the webRTC template. Here you need to change the dtlscertfile= and dtlsprivatekey= directives to :
dtlscertfile=/etc/certbot/live/<FQDN>/cert.pem
dtlsprivatekey=/etc/certbot/live/<FQDN>/privkey.pem
After that, you need to go to Admin --> System Settings and change the Webphone URL to : https://phone.viciphone.com/viciphone.php
Then when you are adding phones, you will change 'Set to Web Phone' to 'Y' and the Template ID to 'webRTC'.
Also I allowed the wrong port in the firewall config. Here's how you fix that:
1) sed -i 's/8088/8089/g' /etc/sysconfig/scripts/SuSEfirewall2-custom
2) SuSEfirewall2
I've also added the fix to the ViciBox v.8.1 bugfix thread.
Unfortunatley the complexity of getting SSL working and all that means that this last bit of set-up has to be done by the admin after install. Probably the only thing I'll add in ViciBox v.8.1.1 is setting the Web Phone URL under System Settings. Anything else I set, without knowing that SSL is working properly, has the potential to just mess everything up.
dspaan wrote:What are the advantages of G729 nowadays when we have so much bandwith? Whare are the advantages of Opus?
Kumba wrote:Probably means the broke something for security somewhere. Have to go through the changelog and see what's up.
Kumba wrote:That package follows the OpenSuSE Network repository. So they pushed the update in there which caused it to update.
OpenSSH 7.2 triggers PCI Web-DSS scans which needed 7.7p1 to pass.
Kumba wrote:dspaan wrote:What are the advantages of G729 nowadays when we have so much bandwith? Whare are the advantages of Opus?
Advantages are mostly bandwidth. G729 is a fixed rate codec so it always consumes a set amount of bandwidth (32K/sec) which is smaller then ULAW (87K/sec). Opus is a variable rate codec so it can go up or down within your configuration for it. The other thing is compatibility. G729 is going to be your only option for what SIP carriers support outside of the standard ULAW/ALAW codecs. Opus is built into WebRTC and is why it's become popular on Asterisk lately.
The last thing is that both of these codecs use significant CPU resources so you'll need to plan appropriately if you are running them across a cluster.
vkad wrote:Can you please provide an auto-installer for opus codec?
Kumba wrote:Opus is in v.8.1.2.
williamconley wrote:vkad wrote:Can you please provide an auto-installer for opus codec?Kumba wrote:Opus is in v.8.1.2.
If you want "auto": Either install 8.1.2 or look at the install script ON 8.1.2
williamconley wrote:Now ya lost me entirely. If your carrier ONLY does g711, you have no need of any of this. Why are you asking?
Return to ViciBox Server Install and Demo
Users browsing this forum: No registered users and 15 guests