hosts/common/optional/services/asterisk.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106

{ config, lib, pkgs, ... }:
{
  networking.firewall = {
    allowedUDPPortRanges = [{
      from = 6970;
      to = 6999;
    }];
    interfaces.enp116s0.allowedUDPPorts = [
      5060 # sip
    ];
  };

  services.asterisk = {
    confFiles = {
      "cdr.conf" = ''
        [general]
        unanswered = yes
        [csv]
        usegmtime=yes    ; log date/time in GMT.  Default is "no"
        loguniqueid=yes  ; log uniqueid.  Default is "no"
        loguserfield=yes ; log user field.  Default is "no"
        accountlogs=yes  ; create separate log file for each account code. Default is "yes"
      '';
      "console.conf" = ''
        [general]
        [default]
        input_device = default       ; When configuring an input device and output device,
        output_device = default      ; use the name that you see when you run the "console
        autoanswer = no
        context = default
        extension = s
        callerid = MyName Here <(256) 428-6000>
        language = en
        overridecontext = no
        mohinterpret = default
        active = yes                 ; This option should only be set for one console.
      '';
      "modules.conf" = ''
        [modules]
        autoload=yes
        noload => pbx_gtkconsole.so
        noload => pbx_kdeconsole.so
        noload => app_intercom.so
        noload => chan_modem.so
        noload => chan_modem_aopen.so
        noload => chan_modem_bestdata.so
        noload => chan_modem_i4l.so
        noload => chan_capi.so
        load => res_musiconhold.so
        noload => chan_alsa.so
        noload => chan_console.so
        noload => chan_oss.so
        noload => cdr_sqlite.so
        noload => app_directory_odbc.so
        noload => res_config_odbc.so
        noload => res_config_pgsql.so
      '';
      "musiconhold.conf" = ''
        [general]
        [default]
        mode=files
        directory=moh
      '';
    };
    enable = true;
    useTheseDefaultConfFiles = [
      "indications.conf"
      "pjsip_notify.conf"
    ];
  };

  sops = {
    secrets = {
      "asterisk/extensions.ael" = {
        owner = config.users.users.asterisk.name;
        group = config.users.users.asterisk.group;
        mode = "00400";
        path = "/etc/asterisk/extensions.ael";
      };
      "asterisk/pjsip.conf" = {
        owner = config.users.users.asterisk.name;
        group = config.users.users.asterisk.group;
        mode = "00400";
        path = "/etc/asterisk/pjsip.conf";
      };
      "asterisk/rtp.conf" = {
        owner = config.users.users.asterisk.name;
        group = config.users.users.asterisk.group;
        mode = "00400";
        path = "/etc/asterisk/rtp.conf";
      };
    };
  };

  systemd.services.asterisk = {
    #serviceConfig.ExecStart = lib.mkForce "${pkgs.asterisk}/bin/asterisk -U asterisk -C ${config.sops.secrets."asterisk/asterisk.conf".path} -F";
    unitConfig = {
      ConditionPathExists = [
        config.sops.secrets."asterisk/extensions.ael".path
        config.sops.secrets."asterisk/pjsip.conf".path
        config.sops.secrets."asterisk/rtp.conf".path
      ];
    };
    #wantedBy = lib.mkForce [];
  };
}