Linux Failover Scripts

Linux Failover Scripts

Introduction

The following scripts can be used when setting up Failover between Passive/Active Linux PBXs.

  • DNSgoogle.sh
  • Kill3CXServices.sh
  • Shutdown3CXMainMachine.sh
  • Stop3CXServices.sh
  • StopsAndKill3CXServices.sh

In order for the scripts to work properly, you need to:

  1. Exchange SSH keys for phonesystem user across active and passive PBXs for passwordless SSH authentication
  2. Change permissions of uploaded script so they can be executed by the phonesystem user
  3. Allow all relevant commands to be executed on Active PBX for phonesystem user in sudoers configuration
  4. Only for DNSgoogle.sh script, Install gcloud cli and authenticate phonesystem user on the Passive PBX

The linux scripts for download can be found here.

Step 1: Allow scripts to be executed by phone system user

Needed for the following scripts:

  • Kill3CXServices.sh
  • Shutdown3CXMainMachine.sh
  • Stop3CXServices.sh
  • StopsAndKill3CXServices.sh
  1. Login to Management Console of the Passive PBX
  2. Navigate to Backup and Restore > Failover and upload your scripts in Before/After sections
  3. SSH on the Passive PBX and run the following commands to allow the scripts to be executed by the phonesystem user
  1. Make sure to replace before.sh and after.sh with the actual names of your scripts

cd /var/lib/3cxpbx/Instance1/Scripts

chmod 700 before.sh

chmod 700 after.sh

Step 2: Exchanging SSH keys for phone system user across Passive and Active PBX for passwordless SSH

  1. SSH on Passive PBX and run the following commands:

su phonesystem

ssh-keygen

cat ~/.ssh/id_rsa.pub

Notes:

  • When running the ssh-keygen command press enter to save the file to the default location. Press enter with an empty passphrase also.
  • Last command will print your public_key_string. Note it down as you'll need on step 2 below.
  1. SSH on Active PBX and run the following commands:

su phonesystem

mkdir -p ~/.ssh

echo public_key_string >> ~/.ssh/authorized_keys

chmod -R go= ~/.ssh

chown -R phonesystem:phonesystem ~/.ssh

Note: Make sure to replace public_key_string above with the one you noted down in step 1.

  1. SSH on Passive PBX again and run the following commands to test the connection:

su phonesystem

ssh phonesystem@activeIP

Note: Make sure to replace ActiveIP with the actual IP Address of your Active PBX.

         If asked, click y and enter to accept the authenticity of the connection.

Step 3: Allow execution of commands on Active PBX for phonesystem user in sudoers

  1. SSH on Active PBX
  2. Edit the following file by running this command:

nano /etc/sudoers.d/90-cloud-init-users

  1. Append the following 3 lines at the end of the file and save it (Ctrl-X, y, Enter to save in nano):

phonesystem ALL=(ALL) NOPASSWD: /usr/sbin/shutdown now

phonesystem ALL=(ALL) NOPASSWD: /usr/sbin/service *

phonesystem ALL=(ALL) NOPASSWD: /usr/bin/killall *

Step 4: DNS script

Allow scripts to be executed by phonesystem user

Needed only for the following scripts:

  • DNSgoogle.sh
  • Login to Management Console of the Passive PBX.
  • Navigate to Backup and Restore > Failover and upload your scripts in Before/After sections.
  • SSH on the Passive PBX and run the following commands to allow the scripts to be executed by the phonesystem user.

Note: Make sure to replace before.sh and after.sh with the actual names of your scripts.

cd /var/lib/3cxpbx/Instance1/Scripts

chmod 700 before.sh

chmod 700 after.sh

Install and authenticate gcloud CLI for phonesystem user

  1. SSH to the Passive machine and run the following commands to install gcloud cli:

sudo apt-get update

sudo apt-get install apt-transport-https ca-certificates gnupg curl sudo

echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list

curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -

sudo apt-get update && sudo apt-get install google-cloud-cli

  1. Run the following commands to authenticate gcloud cli as phonesystem user:

su phonesystem

gcloud init

Notes:

  • Follow the instructions to authenticate.
  • gcloud init will provide a url to open in a browser to sign in with your google account.
  • Once authenticated in your browser, google will provide a code to input back in gcloud init in your SSH terminal.
  • Refer to this guide for more info https://cloud.google.com/sdk/docs/install#deb

    • Related Articles

    • How to Migrate to 3CX Hosted

      Introduction Customers running 3CX on-premise or in the cloud (e.g Google or Amazon etc) can switch to 3CX Hosted and have us host your installation. Why should you do this: We deploy your instance and automatically configure the firewall rules. We ...

    • Sample Call Processing Script for PIN

      Introduction This script implements an IVR which asks the caller for a DTMF number which can then be used as a PIN or be verified against a database. Create a Call Processing Script in 3CX Login to your Admin Console, go to “Integrations” > “Call ...

    • Hardware Requirements

      Introduction Refer to these suggested 3CX Phone System usage scenarios based on the extensions used, to assist you to size the minimum required hardware to run 3CX. A user (extension) is typically defined to use the 3CX Web Client/Desktop App and a ...

    • Installing 3CX Phone System on a Hyper-V VM

      When running Microsoft Hyper-V, it is important to have the following settings configured on the 3CX Virtual Machine (VM) for optimal performance. General Settings Configuring a Static MAC address It is very important for licensing that the MAC ...

    • How to Upgrade to V20

      On this topic: Prerequisites Make sure you have 2 gig Ram and 2 vCPU. Check you have Split DNS configured. Read how to configure Split DNS Step 1 - Assign a System Owner This System Owner account will be used to login to the Admin Console! Ensure the ...