FreePBX container image for running a complete Asterisk server.
With this container you can create a telephony system in your office or house with integration among various office branches and integration to external VOIP providers with features such as call recording and IVR (interactive voice response) Menus.
If "Apply" is taking too long, disable "Module signature check" (if you know what you're doing).
Turn off SIP Guest on Settings -> Sip settings
Enable fail2ban with ENV FAIL2BAN_ENABLE=true (you have to run this container in privileged mode for this to work)
Thanks to https://github.com/tiredofit/docker-freepbx for various insights on the new Asterisk 15 installation.
This image is used in production deployments.
version: '3.3' services: freepbx: image: flaviostutz/freepbx ports: - 8080:80 - 5060:5060/udp - 5160:5160/udp - 3306:3306 - 18000-18100:18000-18100/udp restart: always environment: - ADMIN_PASSWORD=admin123 volumes: - backup:/backup - recordings:/var/spool/asterisk/monitor volumes: backup: recordings:
docker-compose up -d
Open admin panel at http://localhost:8080/admin/
Install Ubuntu 18.04
Install Docker + Docker Compose
network: ethernets: eno1: addresses: - 10.1.2.5/22 - 10.223.49.234/29 nameservers: addresses: [10.1.1.254,22.214.171.124] gateway4: 10.1.1.254 routes: - to: 10.128.0.0/9 via: 10.223.49.233 version: 2
In this example suppose you have a VOIP provider in another network (10.223.x.x) connected to the Asterisk host. You can skip routes and the secondary address if not needed
Run this container
ADMIN_PASSWORD - GUI password for user 'admin'. required
RTP_START - port range from for RTP. defaults to 18000
RTP_FINISH - port range to for RTP. defaults to 18100
SIP_NAT_IP - SIP NAT Public IP for calls. defaults to ip got from "curl ifconfig.me"
USE_CHAN_SIP - if true, disables pjsip and enables legacy chan_sip engine. defaults to false, meaning it will use pjsip engine by default
ENABLE_AUTO_RESTORE - if true, when a new container instance is run, it will try to restore an existing backup from /backup/[FreePBX ver]/new.tar.gz. This backup is created each one hour automatically. This is useful when creating a new container instance (all MYSQL and other data is lost), so that your configurations are kept. defaults to true
ENABLE_DELETE_OLD_RECORDINGS - Delete all recordings older than 60 days if enabled. defaults to true
FAIL2BAN_ENABLE - enable fail2ban on asterisk logs. If set, this container needs to run in "privileged" mode because it needs to change iptables configurations. defaults to 'false'
FAIL2BAN_FINDTIME - Time window in which failed retries will be evaluated. Defaults to '600' seconds
FAIL2BAN_MAXRETRY - Number of failed attempts inside "findtime" window. Defaults to '15' retries
FAIL2BAN_BANTIME - Time a specific IP will be banned after too many failed retries. Defaults to '259200' seconds.
FAIL2BAN_IGNOREIPS - Comma/space separated list of IPs to be ignored on fail2ban (will never ban)
DISABLE_SIGNATURE_CHECK - Disables module signature checks so that configuration reloads are way faster. Disable if you know what module signing protection means. defaults to false
CERTIFICATE_DOMAIN - certificate domain name when generating site certs with let's encrypt. this is used to locate certificated by name in /etc/asterisk/keys/ and configure Apache to use it automatically. defaults to ''
docker exec -it [containerid] bash
fail2ban-client set sshd unbanip 192.168.1.69OR
fail2ban-client unban --all
fail2ban-client status asterisk-iptables
/backup - keeps new.tar.gz and old.tar.gz automatic backups. Default backup job stores backup there too. Backups are store inside a directory with freepbx version. Backup restore between different versions is not supported by Freepbx.
/var/spool/asterisk/monitor - call recording storage location
/etc/asterisk/keys - Let's Encrypt and self signed certificates pub/private keys generated in pbxadmin