diff --git a/freeswitch/,gitignore b/freeswitch/,gitignore new file mode 100644 index 0000000..d965bfd --- /dev/null +++ b/freeswitch/,gitignore @@ -0,0 +1 @@ +PASSWORDS.xml \ No newline at end of file diff --git a/freeswitch/PASSWORDS.xml.example b/freeswitch/PASSWORDS.xml.example new file mode 100644 index 0000000..697ba38 --- /dev/null +++ b/freeswitch/PASSWORDS.xml.example @@ -0,0 +1,14 @@ + + + + + + + + + + + + + + \ No newline at end of file diff --git a/freeswitch/README.md b/freeswitch/README.md new file mode 100644 index 0000000..8b0783c --- /dev/null +++ b/freeswitch/README.md @@ -0,0 +1,3 @@ +``` +kubectl -n freeswitch create secret generic freeswitch-passwords --from-file freeswitch/PASSWORDS.xml +``` \ No newline at end of file diff --git a/freeswitch/application.yaml b/freeswitch/application.yaml new file mode 100644 index 0000000..8df24d2 --- /dev/null +++ b/freeswitch/application.yaml @@ -0,0 +1,567 @@ +apiVersion: v1 +kind: Service +metadata: + name: freeswitch + namespace: freeswitch + annotations: + external-dns.alpha.kubernetes.io/hostname: freeswitch.k-space.ee + metallb.universe.tf/address-pool: eenet + metallb.universe.tf/ip-allocated-from-pool: eenet +spec: + ports: + - name: sip-internal-udp + protocol: UDP + port: 5060 + targetPort: 5060 + nodePort: 31787 + - name: sip-nat-udp + protocol: UDP + port: 5070 + targetPort: 5070 + nodePort: 32241 + - name: sip-external-udp + protocol: UDP + port: 5080 + targetPort: 5080 + nodePort: 31354 + - name: sip-data-10000 + protocol: UDP + port: 10000 + targetPort: 10000 + nodePort: 30786 + - name: sip-data-10001 + protocol: UDP + port: 10001 + targetPort: 10001 + nodePort: 31788 + - name: sip-data-10002 + protocol: UDP + port: 10002 + targetPort: 10002 + nodePort: 30247 + - name: sip-data-10003 + protocol: UDP + port: 10003 + targetPort: 10003 + nodePort: 32389 + - name: sip-data-10004 + protocol: UDP + port: 10004 + targetPort: 10004 + nodePort: 30723 + - name: sip-data-10005 + protocol: UDP + port: 10005 + targetPort: 10005 + nodePort: 30295 + - name: sip-data-10006 + protocol: UDP + port: 10006 + targetPort: 10006 + nodePort: 30782 + - name: sip-data-10007 + protocol: UDP + port: 10007 + targetPort: 10007 + nodePort: 32165 + - name: sip-data-10008 + protocol: UDP + port: 10008 + targetPort: 10008 + nodePort: 30282 + - name: sip-data-10009 + protocol: UDP + port: 10009 + targetPort: 10009 + nodePort: 31325 + - name: sip-data-10010 + protocol: UDP + port: 10010 + targetPort: 10010 + nodePort: 31234 + selector: + app: freeswitch + type: LoadBalancer + externalTrafficPolicy: Local + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + internalTrafficPolicy: Cluster +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: freeswitch-sounds + namespace: freeswitch +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 2Gi + storageClassName: longhorn +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: freeswitch + namespace: freeswitch + labels: + app: freeswitch + annotations: + reloader.stakater.com/auto: "true" +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: freeswitch + template: + metadata: + labels: + app: freeswitch + spec: + volumes: + - name: config + configMap: + name: freeswitch-config + defaultMode: 420 + - name: directory + configMap: + name: freeswitch-directory + defaultMode: 420 + - name: sounds + persistentVolumeClaim: + claimName: freeswitch-sounds + - name: passwords + secret: + secretName: freeswitch-passwords + containers: + - name: freeswitch + image: dheaps/freeswitch + env: + - name: SOUND_TYPES + value: en-us-callie + - name: SOUND_RATES + value: "32000" + resources: {} + volumeMounts: + - name: config + mountPath: /etc/freeswitch/sip_profiles/external/ipcall.xml + subPath: ipcall.xml + - name: config + mountPath: /etc/freeswitch/dialplan/default/00_outbound_ipcall.xml + subPath: 00_outbound_ipcall.xml + - name: config + mountPath: /etc/freeswitch/dialplan/public.xml + subPath: dialplan.xml + - name: config + mountPath: /etc/freeswitch/autoload_configs/switch.conf.xml + subPath: switch.xml + - name: config + mountPath: /etc/freeswitch/vars.xml + subPath: vars.xml + - name: passwords + mountPath: /etc/freeswitch/PASSWORDS.xml + subPath: PASSWORDS.xml + - name: directory + mountPath: /etc/freeswitch/directory/default + - name: sounds + mountPath: /usr/share/freeswitch/sounds +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: freeswitch-config + namespace: freeswitch +data: + dialplan.xml: | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ipcall.xml: | + + + + + + + + + + + + + 00_outbound_ipcall.xml: | + + + + + + + + switch.xml: | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + vars.xml: | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: freeswitch-directory + namespace: freeswitch +data: + 1000.xml: | + + + + + + + + + + + + + + + + + 1001.xml: | + + + + + + + + + + + + + + + + + 1002.xml: | + + + + + + + + + + + + + + + + + 1003.xml: | + + + + + + + + + + + + + + + + + 1004.xml: | + + + + + + + + + + + + + + + + + 1005.xml: | + + + + + + + + + + + + + + + + + 1006.xml: | + + + + + + + + + + + + + + + + + 1007.xml: | + + + + + + + + + + + + + + + + + 1008.xml: | + + + + + + + + + + + + + + + + + 1009.xml: | + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/freeswitch/network-policies.yml b/freeswitch/network-policies.yml new file mode 100644 index 0000000..98c1636 --- /dev/null +++ b/freeswitch/network-policies.yml @@ -0,0 +1,45 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: asterisk +spec: + podSelector: + matchLabels: + app: asterisk + policyTypes: + - Ingress + - Egress + ingress: + - from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: monitoring + podSelector: + matchLabels: + app.kubernetes.io/name: prometheus + - from: + - ipBlock: + cidr: 100.101.0.0/16 + - from: + - ipBlock: + cidr: 100.102.0.0/16 + - from: + - ipBlock: + cidr: 81.90.125.224/32 # Lauri home + - from: + - ipBlock: + cidr: 172.20.8.241/32 # Erki A + - from: + - ipBlock: + cidr: 212.47.211.10/32 # Elisa SIP + - from: + - ipBlock: + cidr: 212.47.211.10/32 # Elisa SIP + egress: + - to: + - ipBlock: + cidr: 212.47.211.10/32 # Elisa SIP + - to: + - ipBlock: + cidr: 195.222.16.38/32 # Elisa SIP