-Install FreePBX on New Server
-Run a full backup on current server
-Deactivate the license on the current server – https://portal.sangoma.com/deployments
-Activate new server via SSH – fwconsole sysadmin activate deployementID
-Run a restore on the new server using the backup file from step above
-Change External Address from Settings > SIP Settings to new IP Address
-Update Firewall settings with new IP Address
If java is using too much CPU you can try the following modification. I was using a 1GB Memory droplet from Digital Ocean, but I needed to upgrade to 2GB to be able to make this adjustment.
|
1 2 3 4 |
sudo nano /usr/lib/unifi/data/system.properties unifi.xmx=2048 unifi.xms=2048 sudo service unifi restart |
While I didn’t make this additional adjustment, Unifi says you can enable a high-performance garbage collector with the following setting.
|
1 |
unifi.G1GC.enabled=true |
It looked good for about 4 hours, but then it spiked to 100% again. I tried upgrading MongoDB, so we will see
|
1 2 3 4 5 6 7 |
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927 echo "deb http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list sudo apt-get update echo "manual" | sudo tee /etc/init/mongod.override sudo service unifi stop sudo apt-get install -y mongodb-org sudo service unifi start |
If you have a controller on a Linux box, use the following commands to update the system and install the new update
|
1 2 3 4 5 6 7 8 9 |
sudo apt-get update sudo apt-get upgrade -y sudo apt-get dist-upgrade -y #https://www.ui.com/download/unifi/ #SOFTWARE #UniFi Network Application 6.5.55 for Debian/Ubuntu Linux and UniFi Cloud Key wget https://dl.ui.com/unifi/6.5.55/unifi_sysvinit_all.deb sudo dpkg -i unifi_sysvinit_all.deb sudo reboot |
|
1 |
touch /usr/local/sbin/firewall_dynamic_update.bash |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
#!/bin/bash HOSTNAME=yourhost.ddns.net LOGFILE=$HOME/ufw.$HOSTNAME.log Current_IP=$(host $HOSTNAME | head -n1 | cut -f4 -d ' ') if [ ! -f $LOGFILE ]; then /usr/sbin/ufw allow from $Current_IP to any port 2222 /usr/sbin/ufw allow from $Current_IP to any port 9090 /usr/sbin/ufw allow from $Current_IP to any port 8443 echo $Current_IP > $LOGFILE else Old_IP=$(cat $LOGFILE) if [ "$Current_IP" = "$Old_IP" ] ; then echo IP address has not changed else /usr/sbin/ufw delete allow from $Current_IP to any port 2222 /usr/sbin/ufw delete allow from $Current_IP to any port 9090 /usr/sbin/ufw delete allow from $Current_IP to any port 8443 /usr/sbin/ufw allow from $Current_IP to any port 2222 /usr/sbin/ufw allow from $Current_IP to any port 9090 /usr/sbin/ufw allow from $Current_IP to any port 8443 echo $Current_IP > $LOGFILE echo iptables have been updated fi fi |
|
1 2 |
sudo chown root:root /usr/local/sbin/firewall_dynamic_update.bash sudo chmod +x /usr/local/sbin/firewall_dynamic_update.bash |
|
1 2 |
sudo crontab -e */5 * * * * /usr/local/sbin/firewall_dynamic_update.bash > /dev/null 2>&1 |
After you use your custom image to install freePBX, you will want to do a couple of things.
|
1 |
passwrd root |
2. Connect via SSH and disable password ssh connection
|
1 2 3 4 |
nano /root/.ssh/authorized_key nano /etc/ssh/sshd_config #change PasswordAuthentication no service sshd restart |