myron/fusionpbx-config
1
0
Fork 0
mirror of https://github.com/myronblair/fusionpbx-config synced 2026-06-30 17:50:16 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
1d41970b8dc5909afcac0a4cebde2de819e304a2
fusionpbx-config/restore.sh
T
myron 1d41970b8d Initial: backup/restore scripts + README for FusionPBX 
- backup.sh: weekly PostgreSQL dump + FreeSWITCH/nginx/fail2ban configs
- restore.sh: 10-phase interactive restore wizard
- README.md: full rebuild guide, PBX reference, SSH relay instructions

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-09 04:07:27 +00:00

284 lines
12 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
# =============================================================================
# FusionPBX Restore — run on a fresh Debian 12 droplet
#
# Usage:
# bash restore.sh
#
# NOTE: SSH to this server is firewalled — access via DO server relay:
# ssh root@165.22.1.228
# ssh root@134.209.72.226
# =============================================================================
REPO_DIR="$(cd "$(dirname "$0")" && pwd)"
RED='\033[0;31m'; YELLOW='\033[1;33m'; GREEN='\033[0;32m'; CYAN='\033[0;36m'; BOLD='\033[1m'; NC='\033[0m'
header() { echo -e "\n${CYAN}══════════════════════════════════════════════════${NC}"; echo -e "${CYAN}${BOLD} $*${NC}"; echo -e "${CYAN}══════════════════════════════════════════════════${NC}"; }
success() { echo -e "${GREEN}$*${NC}"; }
warn() { echo -e "${YELLOW}$*${NC}"; }
info() { echo -e " → $*"; }
die() { echo -e "${RED}$*${NC}" >&2; exit 1; }
confirm() {
echo -e "\n${YELLOW} $1${NC}"
read -rp " Apply? [Y/n] " ans
[[ "${ans:-Y}" =~ ^[Yy]$ ]]
}
[[ $(id -u) -eq 0 ]] || die "Must run as root"
clear
echo -e "${CYAN}"
cat << 'BANNER'
╔══════════════════════════════════════════════════════╗
║ FUSIONPBX RESTORE — fusion.orbishosting.com ║
║ 134.209.72.226 | Debian 12 | FreeSWITCH ║
╚══════════════════════════════════════════════════════╝
BANNER
echo -e "${NC}"
echo " Source : $REPO_DIR"
echo " Date : $(date)"
echo ""
warn "SSH to this server is port-restricted."
warn "Access via: ssh root@165.22.1.228, then ssh root@134.209.72.226"
echo ""
read -rp " Type 'yes' to continue: " c
[[ "$c" == "yes" ]] || { echo "Aborted."; exit 0; }
APPLIED=(); SKIPPED=()
# ---------------------------------------------------------------------------
# PHASE 1: SSH & Network
# ---------------------------------------------------------------------------
header "PHASE 1 — SSH & Network"
if [[ -f "$REPO_DIR/ssh/authorized_keys" ]] && confirm "Restore SSH authorized_keys?"; then
mkdir -p /root/.ssh && chmod 700 /root/.ssh
cp "$REPO_DIR/ssh/authorized_keys" /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
success "authorized_keys restored"
APPLIED+=("ssh")
else; SKIPPED+=("ssh"); fi
if confirm "Set hostname to 'fusion' (fusion.orbishosting.com)?"; then
hostnamectl set-hostname fusion
echo "127.0.1.1 fusion.orbishosting.com" >> /etc/hosts
success "Hostname set"
APPLIED+=("hostname")
else; SKIPPED+=("hostname"); fi
# ---------------------------------------------------------------------------
# PHASE 2: Install FusionPBX + FreeSWITCH
# ---------------------------------------------------------------------------
header "PHASE 2 — Install FusionPBX (official installer)"
echo ""
warn "The official FusionPBX installer handles everything:"
warn "FreeSWITCH, PostgreSQL, nginx, PHP, fail2ban, all systemd units."
echo ""
info "Run this in a separate terminal and come back when done (~10-15 min):"
echo ""
echo -e " ${BOLD}wget -O - https://raw.githubusercontent.com/fusionpbx/fusionpbx-install.sh/master/debian/install.sh | bash${NC}"
echo ""
warn "During install, when asked for the domain: enter fusion.orbishosting.com"
warn "Note the admin username/password it generates — you'll change it after DB restore."
echo ""
read -rp " Press ENTER once FusionPBX is fully installed... "
# Verify install
if [[ ! -f /var/www/fusionpbx/index.php ]]; then
warn "FusionPBX doesn't appear to be installed at /var/www/fusionpbx/"
read -rp " Continue anyway? [y/N] " ans
[[ "${ans:-N}" =~ ^[Yy]$ ]] || { echo "Aborted."; exit 1; }
fi
# ---------------------------------------------------------------------------
# PHASE 3: Restore PostgreSQL Database — THE critical step
# ---------------------------------------------------------------------------
header "PHASE 3 — Restore PostgreSQL Database (ALL CONFIG)"
echo ""
warn "This restores ALL FusionPBX config: extensions, dialplans, SIP gateways,"
warn "IVR menus, ring groups, devices, voicemail settings, users — everything."
echo ""
info "Backup DB dump: $REPO_DIR/database/fusionpbx.sql"
info "Size: $(wc -l < $REPO_DIR/database/fusionpbx.sql 2>/dev/null) lines"
echo ""
if confirm "Stop services and restore PostgreSQL fusionpbx database?"; then
# Stop FusionPBX services before restoring
for svc in active_calls active_conferences email_queue event_guard fax_queue \
system_status transcribe_queue websockets xml_cdr freeswitch; do
systemctl stop "$svc" 2>/dev/null || true
done
info "Services stopped"
# Drop and recreate the database
su -c "psql -c 'DROP DATABASE IF EXISTS fusionpbx;'" postgres
su -c "psql -c 'CREATE DATABASE fusionpbx OWNER fusionpbx;'" postgres
su -c "psql fusionpbx < '$REPO_DIR/database/fusionpbx.sql'" postgres
success "Database restored"
# Restore postgres globals (roles/passwords)
if [[ -f "$REPO_DIR/database/postgres_globals.sql" ]]; then
su -c "psql < '$REPO_DIR/database/postgres_globals.sql'" postgres 2>/dev/null || true
success "PostgreSQL globals restored"
fi
# Restart FreeSWITCH and FusionPBX services
systemctl start freeswitch
sleep 3
for svc in active_calls active_conferences email_queue event_guard fax_queue \
system_status transcribe_queue websockets xml_cdr; do
systemctl start "$svc" 2>/dev/null || true
done
success "Services restarted"
APPLIED+=("database")
else; SKIPPED+=("database"); fi
# ---------------------------------------------------------------------------
# PHASE 4: FreeSWITCH Config
# ---------------------------------------------------------------------------
header "PHASE 4 — FreeSWITCH Config"
if [[ -d "$REPO_DIR/freeswitch" ]] && confirm "Restore FreeSWITCH config files?"; then
[[ -f "$REPO_DIR/freeswitch/vars.xml" ]] && \
cp "$REPO_DIR/freeswitch/vars.xml" /etc/freeswitch/
[[ -f "$REPO_DIR/freeswitch/freeswitch.xml" ]] && \
cp "$REPO_DIR/freeswitch/freeswitch.xml" /etc/freeswitch/
# Autoload configs
if [[ -d "$REPO_DIR/freeswitch/autoload_configs" ]]; then
rsync -a "$REPO_DIR/freeswitch/autoload_configs/" \
/etc/freeswitch/autoload_configs/
fi
# Fix ownership
chown -R freeswitch:freeswitch /etc/freeswitch/ 2>/dev/null || true
# Force reload of FusionPBX XML cache
rm -f /var/cache/fusionpbx/FusionPBX.configuration.sofia.conf 2>/dev/null || true
systemctl reload freeswitch 2>/dev/null || systemctl restart freeswitch
success "FreeSWITCH config restored and reloaded"
APPLIED+=("freeswitch-config")
else; SKIPPED+=("freeswitch-config"); fi
# ---------------------------------------------------------------------------
# PHASE 5: FusionPBX App Config
# ---------------------------------------------------------------------------
header "PHASE 5 — FusionPBX App Config (DB credentials)"
if [[ -f "$REPO_DIR/fusionpbx-app/config.php" ]] && \
confirm "Restore FusionPBX resources/config.php (contains DB credentials)?"; then
cp "$REPO_DIR/fusionpbx-app/config.php" /var/www/fusionpbx/resources/config.php
chown www-data:www-data /var/www/fusionpbx/resources/config.php
success "FusionPBX config.php restored"
APPLIED+=("fusionpbx-config")
else; SKIPPED+=("fusionpbx-config"); fi
# ---------------------------------------------------------------------------
# PHASE 6: nginx Config
# ---------------------------------------------------------------------------
header "PHASE 6 — nginx Config"
if [[ -f "$REPO_DIR/nginx/fusionpbx.conf" ]] && confirm "Restore nginx fusionpbx config?"; then
cp "$REPO_DIR/nginx/fusionpbx.conf" /etc/nginx/sites-enabled/fusionpbx
nginx -t && systemctl reload nginx
success "nginx config restored and reloaded"
APPLIED+=("nginx")
else
SKIPPED+=("nginx")
warn "Skipped — installer's nginx config will work; restore if provisioning URLs break"
fi
# ---------------------------------------------------------------------------
# PHASE 7: fail2ban
# ---------------------------------------------------------------------------
header "PHASE 7 — fail2ban"
if [[ -f "$REPO_DIR/fail2ban/jail.local" ]] && confirm "Restore fail2ban jail.local (includes trusted IPs)?"; then
cp "$REPO_DIR/fail2ban/jail.local" /etc/fail2ban/jail.local
[[ -d "$REPO_DIR/fail2ban/jail.d" ]] && \
rsync -a "$REPO_DIR/fail2ban/jail.d/" /etc/fail2ban/jail.d/
systemctl restart fail2ban
success "fail2ban restored — trusted IPs: 107.178.2.130, 97.154.109.245"
APPLIED+=("fail2ban")
else; SKIPPED+=("fail2ban"); fi
# ---------------------------------------------------------------------------
# PHASE 8: Recordings
# ---------------------------------------------------------------------------
header "PHASE 8 — Recordings"
if [[ -d "$REPO_DIR/recordings" ]] && \
[[ -n "$(ls -A $REPO_DIR/recordings 2>/dev/null)" ]] && \
confirm "Restore call recordings?"; then
rsync -a "$REPO_DIR/recordings/" /var/lib/freeswitch/recordings/
chown -R freeswitch:freeswitch /var/lib/freeswitch/recordings/
success "Recordings restored"
APPLIED+=("recordings")
else; SKIPPED+=("recordings"); fi
# ---------------------------------------------------------------------------
# PHASE 9: Backup script + cron
# ---------------------------------------------------------------------------
header "PHASE 9 — Backup Script & Cron"
if confirm "Install fusionpbx-backup cron (weekly Sunday 5am)?"; then
cp "$REPO_DIR/backup.sh" /usr/local/bin/fusionpbx-backup
chmod +x /usr/local/bin/fusionpbx-backup
(crontab -l 2>/dev/null | grep -v fusionpbx-backup; \
echo "0 5 * * 0 /usr/local/bin/fusionpbx-backup >> /var/log/fusionpbx-backup.log 2>&1") | crontab -
success "Backup cron installed"
APPLIED+=("backup-cron")
else; SKIPPED+=("backup-cron"); fi
# ---------------------------------------------------------------------------
# PHASE 10: SSL (manual)
# ---------------------------------------------------------------------------
header "PHASE 10 — SSL Certificate"
echo ""
info "Re-issue SSL cert after DNS is pointing to this server:"
info " certbot --nginx -d fusion.orbishosting.com"
info " OR: FusionPBX web UI → Admin → Certificate Manager"
echo ""
read -rp " Press ENTER to continue... "
# ---------------------------------------------------------------------------
# PHASE 11: SignalWire SIP Trunk
# ---------------------------------------------------------------------------
header "PHASE 11 — SignalWire SIP Trunk"
echo ""
warn "The SignalWire SIP gateway is stored in the PostgreSQL DB and will"
warn "be restored automatically with the DB dump."
echo ""
info "After restore, verify in FusionPBX → Accounts → Gateways:"
info " Gateway: signalwire-inbound (or similar)"
info " SIP profile: external (transport=udp — required to avoid re-INVITE issues)"
info " If calls don't work: Admin → FreeSWITCH → Reload XML"
info " Also delete Sofia XML cache: rm /var/cache/fusionpbx/FusionPBX.configuration.sofia.conf"
echo ""
# ---------------------------------------------------------------------------
# Summary
# ---------------------------------------------------------------------------
header "Restore Complete"
echo ""
[[ ${#APPLIED[@]} -gt 0 ]] && success "Applied: ${APPLIED[*]}"
[[ ${#SKIPPED[@]} -gt 0 ]] && warn "Skipped: ${SKIPPED[*]}"
echo ""
echo -e "${YELLOW} Final checklist:${NC}"
echo " • FusionPBX web UI: https://fusion.orbishosting.com (admin / fY7XP5swgtpbzrYLhkeVYkA4744)"
echo " • Check FreeSWITCH status: systemctl status freeswitch"
echo " • Check gateways registered: fs_cli -x 'sofia status gateway'"
echo " • Check extensions load: fs_cli -x 'show registrations'"
echo " • Check fail2ban trusted IPs: fail2ban-client status"
echo " • Test ext 1000 (Myron Yealink T48S at 10.48.200.43) — update provisioning URL if IP changed"
echo " • Test ext 1001 (Tommy) registration"
echo " • Test IVR 900 (main number)"
echo " • Verify SignalWire trunk: make outbound test call"
echo ""
echo " SSH access: only from 107.178.2.130 and 97.154.109.245 (FortiGate)"
echo " Or relay: ssh root@165.22.1.228 → ssh root@134.209.72.226"
echo ""
Reference in New Issue View Git Blame Copy Permalink