Pre-requisitos¶
It is assumed that we have an instance of CentOS-7 or Amazon Linux, on which the installation will run. But before this we must carry out a series of necessary steps, therefore through an SSH connection to the host we proceed with:
Hostname configuration¶
Before proceeding with the installation do not forget to configure the hostname of the host. OMniLeads uses this value as a parameter when configuring some services related to the SIP (Telephony) part.
Disabled firewalld and SELinux¶
systemctl disable firewalld
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
Run upgrades and install kernel-devel paq.¶
yum update -y && yum install kernel-devel git -y
reboot
Important
Check that the kernel-devel package matches the kernel.
Run the commands
uname -r
rpm -qa |grep kernel-devel
Provide reliable SSL Certificates¶
OMniLeads is deployed with SSLv3 certificates for HTTPS conecction between the browser and web server (Nginx), using a self-signed cert/key in PEM format. The issued certificate uses SHA-512 with RSA encryption as the signing algorithm and a key size of 4096 bits. As it is a self-signed certificate, it produces an Unsure Site Warning in the browser when accessing the system for the first time (since the certifying authority or CA is not within the Repository of Trusted CAs of the Browser). Once the exception is added to trust it securely, the certificate is now configured for acceptance.
However, it is recommended to load your trusted SSL certificates during the installation of the App. You must locate your cert and key files in .pem format inside the ominicontacto/deploy/certs folder. To add the certificates, you must erase the cert.pem and key.pem files in the folder and place yours. During the deploy process, the files are detected in this location and therefore they are provided at the web and webtrc levels, so that when the deploy ends, the platform is available and using its own trusted certificates.
Run deploy.sh¶
Once the host is available, the installation proceeds. This is where we must choose the type of OMniLeads installation and architecture to deploy.
OMniLeads behind NAT¶
OMniLeads behind NAT is when the agents connect to an URL formed by https://external_hostname:external_port, from Internet.
How you can see in image, the remote users access the App with the URL (domain, port) that resolves in the public IP of WAN interface of router/firewall.
Then, the firewall must redirect voice and data traffic to UDP ports: 20000-30000 and TCP: 443 of the host hosting the App.
Important
You must insert two inbound and un outbound firewall rules:
- Forward incoming traffic from ports 20,000 to 30,000 UDP to ports 20,000 to 30,000 on the OMniLeads host
- Forward traffic from the chosen external port to port 443 of the OMniLeads host
- Permit outbound traffic from OMniLeads to internet, port range: 10000-30000 UDP
Note
You can use public IP instead of hostname