/etc/ngcp-config/config.yml
is the main configuration YAML file used by Sipwise NGCP. After every changes it need to run the command ngcpcfg apply my commit message
to apply changes (followed by ngcpcfg push
in the PRO version to apply changes to sp2). The following is a brief description of the main variables contained into /etc/ngcp-config/config.yml
file.
This section contains parameters for the additional applications that may be activated
on sip:provider CE.
apps:
malicious_call: no
-
malicious_call: if set to yes, the Malicious Call Identification (MCID) application
will be enabled
The following is the asterisk section:
asterisk:
log:
facility: local6
rtp:
maxport: 20000
minport: 10000
sip:
bindport: 5070
dtmfmode: rfc2833
voicemail:
enable: 'no'
fromstring: 'Voicemail server'
greeting:
busy_custom_greeting: '/home/user/file_no_extension'
busy_overwrite_default: 'no'
busy_overwrite_subscriber: 'no'
unavail_custom_greeting: '/home/user/file_no_extension'
unavail_overwrite_default: 'no'
unavail_overwrite_subscriber: 'no'
mailbody: 'You have received a new message from ${VM_CALLERID} in voicebox ${VM_MAILBOX} on ${VM_DATE}.'
mailsubject: '[Voicebox] New message ${VM_MSGNUM} in voicebox ${VM_MAILBOX}'
max_msg_length: 180
maxgreet: 60
maxmsg: 30
maxsilence: 0
min_msg_length: 3
normalize_match: '^00|\+([1-9][0-9]+)$'
normalize_replace: '$1'
serveremail: voicebox@sip.sipwise.com
-
log.facility: rsyslog facility for asterisk log, defined in /etc/asterisk/logger.conf.
-
rtp.maxport: RTP maximum port used by asterisk.
-
rtp.minport: RTP minimun port used by asterisk.
-
sip.bindport: SIP asterisk internal bindport.
-
voicemail.greetings.*: set the audio file path for voicemail custom unavailable/busy greetings
-
voicemail.mailbody: Mail body for incoming voicemail.
-
voicemail.mailsubject: Mail subject for incoming voicemail.
-
voicemail.max_msg_length: Sets the maximum length of a voicemail message, in seconds.
-
voicemail.maxgreet: Sets the maximum length of voicemail greetings, in seconds.
-
voicemail.maxmsg: Sets the maximum number of messages that may be kept in any voicemail folder.
-
voicemail.min_msg_length: Sets the minimun length of a voicemail message, in seconds.
-
voicemail.maxsilence: Maxsilence defines how long Asterisk will wait for a contiguous period of silence before terminating an incoming call to voice mail. The default value is 0, which means the silence detector is disabled and the wait time is infinite.
-
voicemail.serveremail: Provides the email address from which voicemail notifications should be sent.
-
voicemail.normalize_match: Regular expression to match the From number for calls to voicebox.
-
voicemail.normalize_replace: Replacement string to return, in order to match an existing voicebox.
The following is the autoprovisioning section:
autoprov:
hardphone:
skip_vendor_redirect: 'no'
server:
bootstrap_port: 1445
ca_certfile: '/etc/ngcp-config/ssl/client-auth-ca.crt'
host: localhost
port: 1444
server_certfile: '/etc/ngcp-config/ssl/myserver.crt'
server_keyfile: '/etc/ngcp-config/ssl/myserver.key'
ssl_enabled: 'yes'
softphone:
config_lockdown: 0
webauth: 0
-
autoprov.skip_vendor_redirect: Skip phone vendor redirection to the vendor provisioning web site.
The following is the backup tools section:
backuptools:
cdrexport_backup:
enable: 'no'
etc_backup:
enable: 'no'
mail:
address: noc@company.org
error_subject: '[ngcp-backup] Problems detected during daily backup'
log_subject: '[ngcp-backup] Daily backup report'
send_errors: 'no'
send_log: 'no'
mysql_backup:
enable: 'no'
exclude_dbs: 'syslog sipstats information_schema'
rotate_days: 7
storage_dir: '/var/backup/ngcp_backup'
temp_backup_dir: '/tmp/ngcp_backup'
-
backuptools.cdrexport_backup.enable: Enable backup of cdrexport (.csv) directory.
-
backuptools.etc_backup.enable: Enable backup of /etc/* directory.
-
backuptools.mail.address: Destination email address for backup emails.
-
backuptools.mail.error_subject: Subject for error emails.
-
backuptools.mail.log_subjetc: Subject for daily backup report.
-
backuptools.mail.send_error: Send daily backup error report.
-
backuptools.mail.send_log: Send daily backup log report.
-
backuptools.mysql_backup.enable: Enable daily mysql backup.
-
backuptools.mysql_backup.exclude_dbs: exclude mysql databases from backup.
-
backuptools.rotate_days: Number of days backup files should be kept. All files older than specified number of days are deleted from the storage directory.
-
backuptools.storage_dir: Storage directory of backups.
-
backuptools.temp_backup_dir: Temporary storage directory of backups.
The following is the cdr export section:
cdrexport:
daily_folder: 'yes'
export_failed: 'no'
export_incoming: 'no'
exportpath: '/home/jail/home/cdrexport'
full_names: 'yes'
monthly_folder: 'yes'
-
cdrexport.daily_folder:: Set yes if you want to create a daily folder for CDRs under the configured path.
-
cdrexport.export_failed: Export CDR for failed calls.
-
cdrexport.export_incoming: Export CDR for incoming calls.
-
cdrexport.exportpath: The path to store CDRs in .csv format.
-
cdrexport.full_names: Use full namen for CDRs instead of short ones.
-
cdrexport.monthly_folder: Set yes if you want to create a monthly folder (ex. 201301 for January 2013) for CDRs under configured path.
The following is the check tools section:
checktools:
collcheck:
cpuidle: 0.1
dfused: 0.9
eximmaxqueue: 15
loadlong: 2
loadmedium: 2
loadshort: 3
maxage: 600
memused: 0.7
siptimeout: 15
swapfree: 0.5
active_check_enable: 1
asr_ner_statistics: 1
exim_check_enable: 0
force: 0
kamailio_check_concurrent_calls_enable: 0
kamailio_check_dialog_active_enable: 1
kamailio_check_dialog_early_enable: 1
kamailio_check_dialog_incoming_enable: 1
kamailio_check_dialog_local_enable: 1
kamailio_check_dialog_outgoing_enable: 1
kamailio_check_dialog_relay_enable: 1
kamailio_check_shmem_enable: 1
kamailio_check_usrloc_regdevices_enable: 1
kamailio_check_usrloc_regusers_enable: 1
mpt_check_enable: 1
mysql_check_enable: 1
mysql_check_replication: 1
oss_check_provisioned_subscribers_enable: 1
sip_check_enable: 1
sipstats_check_num_packets: 1
sipstats_check_num_packets_perday: 1
sipstats_check_partition_size: 1
snmpd:
communities:
public:
- localhost
trap_communities:
public:
- localhost
-
checktools.collcheck.cpuidle: Sets the minimum value for CPU usage (0.1 means 10%).
-
checktools.collcheck.dfused: Sets the maximun value for DISK usage (0.9 means 90%).
-
checktools.collcheck.loadlong/loadlong/loadshort: Max values for load (long, short, medium term).
-
checktools.collcheck.maxage: Max age in seconds.
-
checktools.collcheck.memused: Sets the maximun value for MEM usage (0.7 means 70%).
-
checktools.collcheck.siptimeout: Max timeout for sip options.
-
checktools.collcheck.swapfree: Sets the minimun value for SWAP free (0.5 means 50%).
-
checktools.exim_check_enable: Exim queue check plugin for ngcp-witnessd.
-
checktools.active_check_enable: Active node check plugin for ngcp-witnessd.
-
checktools.asr_ner_statistics: enable/Disable ASR/NER statistics.
-
checktools.force: Perform checks even if not active from ngcp-check_active command.
-
checktools.kamailio_check_*: Enable/Disable SNMP collective check pluglin for Kamailio.
-
checktools.mpt_check_enable: MPT raid SNMP check plugin.
-
checktools.mysql_check_enable: MySQL SNMP check plugin.
-
checktools.mysql_check_replication: MySQL replication check.
-
checktools.oss_check_provisioned_subscribers_enable: OSS provisioned subscribers count plugin.
-
checktools.sip_check_enable/sipstats_check_*: Enable/Disable SIP check plugins.
-
checktools.snmpd.communities: Sets the SNMP community and sources (separated by comma , - ex. source: 127.0.0.1, 10.10.10.2, 10.10.10.3).
-
checktools.snmpd.trap_communities: Sets the SNMP TRAP community and destination sink (separated by comma , - ex. sink: 127.0.0.1, 10.10.10.2, 10.10.10.3).
The following is the cleanup tools section:
cleanuptools:
acc_cleanup_days: 90
archive_targetdir: '/var/backups/cdr'
binlog_days: 15
cdr_archive_months: 2
cdr_backup_months: 2
cdr_backup_retro: 3
compress: gzip
delete_old_cdr_files:
enabled: 'no'
max_age_days: 30
paths:
-
max_age_days: ~
path: '/home/jail/home/*/20[0-9][0-9][0-9][0-9]/[0-9][0-9]'
remove_empty_directories: 'yes'
wildcard: 'yes'
-
max_age_days: ~
path: '/home/jail/home/cdrexport/resellers/*/20[0-9][0-9][0-9][0-9]/[0-9][0-9]'
remove_empty_directories: 'yes'
wildcard: 'yes'
-
max_age_days: ~
path: '/home/jail/home/cdrexport/system/20[0-9][0-9][0-9][0-9]/[0-9][0-9]'
remove_empty_directories: 'yes'
wildcard: 'yes'
sql_batch: 10000
trash_cleanup_days: 30
For the description of cleanuptools please visit Cleanuptools Description
Section 13.4, “Accounting Data (CDR) Cleanup”
section of the handbook.
The following is the cluster sets section:
cluster_sets:
default:
dispatcher_id: 50
default_set: default
type: central
-
cluster_sets.<label>: an arbitrary label of the cluster set; in the above example
we have
default
-
cluster_sets.<label>.dispatcher_id: a unique, numeric value that identifies a
particular cluster set
-
cluster_sets.default_set: selects the default cluster set
-
cluster_sets.type: the type of cluster set; can be
central
or distributed
The following is the database section:
database:
bufferpoolsize: 24768M
-
database.bufferpoolsize: Innodb_buffer_pool_size value in /etc/mysql/my.cnf
The following is the fax server section:
faxserver:
enable: yes
fail_attempts: '3'
fail_retry_secs: '60'
mail_from: 'Sipwise NGCP FaxServer <voipfax@ngcp.sipwise.local>'
-
faxserver.enable: yes/no to enable or disable ngcp-faxserver on the platform respectively.
-
faxserver.fail_attempts: Amount of attempts to send a fax after which it is marked as failed.
-
faxserver.fail_retry_secs: Amount of seconds to wait between "fail_attemts".
-
faxserver.mail_from: Sets the e-mail From Header for incoming fax.
The following is the general section:
general:
adminmail: adjust@example.org
companyname: sipwise
lang: en
-
general.adminmail: Email address used by monit to send notifications to.
-
general.lang: Sets sounds language (e.g: de for German)
The following is the heartbeat section:
heartbeat:
hb_watchdog:
action_max: 5
enable: 'yes'
interval: 10
transition_max: 10
pingnodes:
- 10.60.1.1
- 192.168.3.4
-
heartbeat.hb_watchdog.enable: Enable heartbeat watchdog in order to prevent and fix split brain scenario.
-
heartbeat.hb_watchdog.action_max: Max errors before taking any action.
-
heartbeat.hb_watchdog.interval: Interval in secs for the check.
-
heartbeat.hb_watchdog.transition_max: Max checks in transition state.
-
heartbeat.pingnodes: List of pingnodes for heartbeat. Minimun 2 entries, otherwise by default NGCP will set the default gateway and DNS servers as pingnodes.
The following is the legal intercept section:
intercept:
captagent:
port: 18090
schema: http
enabled: 'no'
-
intercept.captagent.enable: Enable captagent for Lawful Interception (addiotional NGCP module).
The following is the kamailio section:
kamailio:
lb:
debug: 'no'
extra_sockets: ~
max_forwards: 70
nattest_exception_ips:
- 1.2.3.4
- 5.6.7.8
pkg_mem: 16
port: 5060
security:
dos_ban_enable: 'yes'
dos_ban_time: 300
dos_reqs_density_per_unit: 50
dos_sampling_time_unit: 5
dos_whitelisted_ips: ~
dos_whitelisted_subnets: ~
failed_auth_attempts: 3
failed_auth_ban_enable: 'yes'
failed_auth_ban_time: 3600
shm_mem: 2012
start: 'yes'
strict_routing_safe: 'no'
tcp_children: 8
tcp_max_connections: 2048
tls:
enable: 'no'
port: 5061
sslcertfile: '/etc/kamailio/kamailio-selfsigned.pem'
sslcertkeyfile: '/etc/kamailio/kamailio-selfsigned.key'
udp_children: 8
use_dns_cache: 'on'
proxy:
allow_info_method: 'no'
allow_peer_relay: 'no'
allow_refer_method: 'no'
authenticate_bye: 'no'
cf_depth_limit: 10
children: 8
debug: 'no'
default_expires: 3600
enum_suffix: e164.arpa.
filter_100rel_from_supported: 'yes'
filter_failover_response: '408|500|503'
fritzbox:
enable: 'no'
prefixes:
- 0$avp(caller_ac)
- $avp(caller_cc)$avp(caller_ac)
- '\+$avp(caller_cc)$avp(caller_ac)'
- 00$avp(caller_cc)$avp(caller_ac)
special_numbers:
- 112
- 110
- 118[0-9]{2}
foreign_domain_via_peer: 'no'
ignore_auth_realm: 'no'
keep_original_to: 'no'
lnp:
api:
invalid_lnp_routing_codes:
- ^EE00
- ^DD00
lnp_request_blacklist: []
lnp_request_whitelist: []
request_timeout: '1000'
enabled: no
type: api
max_expires: 43200
max_gw_lcr: 128
max_registrations_per_subscriber: 5
min_expires: 60
nathelper_dbro: 'no'
natping_interval: 30
natping_processes: 7
nonce_expire: 300
pbx:
hunt_display_indicator: '[h]'
perform_peer_lcr: 0
pkg_mem: 16
port: 5062
presence:
enable: 'yes'
max_expires: '3600'
reginfo_domain: example.org
proxy_lookup: 'no'
set_ruri_to_peer_auth_realm: 'no'
shm_mem: 64
start: 'yes'
tcp_children: 4
use_enum: 'no'
usrloc_dbmode: 1
-
kamailio.lb.debug: Enable intensive debug level.
-
kamailio.lb.extra_sockets: Add here extra sockets for Load Balancer.
-
kamailio.lb.max_forwards: Set the value for the Max Forwards SIP header for outgoing messages.
-
kamailio.lb.nattest_exception_ips: List of IPs that don’t need the NAT test.
-
kamailio.lb.shm_mem: Shared memory used by Kamailio Load Balancer.
-
kamailio.lb.pkg_mem: PKG memory used by Kamailio Load Balancer.
-
kamailio.lb.security.dos_ban_enable: Enable/Disable DoS Ban.
-
kamailio.lb.security.dos_ban_time: Sets the ban time.
-
kamailio.lb.security.dos_reqs_density_per_unit:: Sets the requests density per unit (if we receive more then * lb.dos_reqs_density_per_unit within dos_sampling_time_unit the user will be banned).
-
kamailio.lb.security.dos_sampling_time_unit: Sets the DoS unit time.
-
kamailio.lb.security.dos_whitelisted_ips: Write here the whitelisted IPs.
-
kamailio.lb.security.failed_auth_attempts: Sets how many authentication attempts allowed before ban.
-
kamailio.lb.security.failed_auth_ban_enable: Enable/Disable authentication ban.
-
kamailio.lb.security.failed_auth_ban_time: Sets how long a user/IP has be banned.
-
kamailio.lb.strict_routing_safe: Enable strict routing handle feature.
-
kamailio.lb.tls.enable: Enable TLS socket.
-
kamailio.lb.tls.port: Set TLS listening port.
-
kamailio.lb.tls.sslcertificate: Path for the SSL certificate.
-
kamailio.lb.tls.sslcertkeyfile: Path for the SSL key file.
-
kamailio.proxy.allow_info_method: Allow INFO method.
-
kamailio.proxy.allow_peer_relay: Allow peer relay. Call coming from a peer that doesn’t matcha a local subscriber will try to go out again, matching the peering rules.
-
kamailio.proxy.allow_refer_method: Allow REFER method. Enable it with caution.
-
kamailio.proxy.authenticate_bye: Enable BYE authentication.
-
kamailio.proxy.cf_depth_limit: CF loop detector. How many CF loops are allowed before drop the call.
-
kamailio.proxy.debug: Enable intensive debug level.
-
kamailio.proxy.default_expires: Default expires value in seconds for REGISTER messages.
-
kamailio.proxy.foreign_domain_via_peer: Enable calls to foreign domains via peers.
-
kamailio.proxy.shm_mem: Shared memory used by Kamailio Proxy.
-
kamailio.proxy.pkg_mem: PKG memory used by Kamailio Proxy.
-
kamailio.proxy.enum_suffix: Sets ENUM suffix - don’t forget . (dot).
-
kamailio.proxy.filter_100rel_from_supported: Enable filtering of 100rel from Supported header, to disable PRACK.
-
kamailio.proxy.filter_failover_response: Response codes with no failover routing required.
-
kamailio.proxy.fritzbox.enable: Enable detection for Fritzbox special numbers. Ex. Fritzbox add some prefix to emergency numbers.
-
kamailio.proxy.fritzbox.prefixes: Fritybox prefixes to check. Ex. 0$avp(caller_ac)
-
kamailio.proxy.fritzbox.special_numbers: Specifies Fritzbox special number patterns. They will be checked with the prefixes defined. Ex. 112, so the performed check will be sip:0$avp(caller_ac)112@ if prefix is 0$avp(caller_ac)
-
kamailio.proxy.ignore_auth_realm: Ignore SIP authentication realm.
-
kamailio.proxy.keep_original_to: Not used now.
-
kamailio.proxy.lnp.enabled: Enable/disable LNP (local number portability) lookup during call setup
-
kamailio.proxy.lnp.type: method of LNP lookup; valid values are:
local
(local LNP database) and api
(LNP lookup through external gateways). PLEASE NOTE: the api
type of LNP lookup is only available for NGCP PRO / CARRIER installations.
-
kamailio.proxy.lnp.api.invalid_lnp_routing_codes [only for
api
type]: number matching pattern for routing numbers that represent invalid call destinations; an announcement is played in that case and the call is dropped
-
kamailio.proxy.lnp.api.lnp_request_whitelist [only for
api
type]: list of matching patterns of called numbers for which LNP lookup must be done
-
kamailio.proxy.lnp.api.lnp_request_blacklist [only for
api
type]: list of matching patterns of called numbers for which LNP lookup must not be done
-
kamailio.proxy.lnp.api.request_timeout [only for
api
type]: timeout in milliseconds while Proxy waits for the response of an LNP query from Sipwise LNP daemon
-
kamailio.proxy.max_expires: Sets the maximum expires in seconds for registration.
-
kamailio.proxy.max_gw_lcr: Defines the maximum number of gateways in lcr_gw table
-
kamailio.proxy.max_registrations_per_subscriber: Sets the maximum registration per subscribers.
-
kamailio.proxy.min_expires: Sets the minimum expires in seconds for registration.
-
kamailio.proxy.natping_interval: Sets the NAT ping interval in seconds.
-
kamailio.proxy.nathelper_dbro: Defaul is "no". This will be "yes" on CARRIER in order to activate the use of a read-only connection using LOCAL_URL
-
kamailio.proxy.nonce_expire: Nonce expire time in seconds.
-
kamailio.proxy.perform_peer_lcr: Enable/Disable Least Cost Routing based on peering fees.
-
kamailio.proxy.port: SIP listening port.
-
kamailio.proxy.presence.enable: Enable/disable presence feature
-
kamailio.proxy.presence.max_expires: Sets the maximum expires value for PUBLISH/SUBSCRIBE message. Defines expiration of the presentity record.
-
kamailio.proxy.presence.reginfo_domain: Set FQDN of the NGCP domain used in callback for mobile push.
-
kamailio.proxy.set_ruri_to_peer_auth_realm: Set R-URI using peer auth realm
-
kamailio.proxy.use_enum: Enable/Disable ENUM feature.
The following is the mediator section:
mediator:
interval: 10
-
mediator.interval: Running interval of mediator.
The following is the modules section:
modules:
- enable: no
name: dummy
options: numdummies=2
-
modules: list of configs needed for load kernel modules on boot.
-
enable: Enable/disable loading of the specific module (yes/no)
-
name: kernel module name
-
options: kernel module options if needed
The following is the nginx section:
nginx:
status_port: 8081
xcap_port: 1080
-
nginx.status_port: Status port used by nginx server
-
nginx.xcap_port: XCAP port used by nginx server
The following is the ntp server section:
ntp:
servers:
- 0.debian.pool.ntp.org
- 1.debian.pool.ntp.org
- 2.debian.pool.ntp.org
- 3.debian.pool.ntp.org
-
ntp.servers: Define your NTP server list.
The following is the ossbss section:
ossbss:
apache:
port: 2443
proxyluport: 1080
restapi:
sslcertfile: '/etc/ngcp-panel/api_ssl/api_ca.crt'
sslcertkeyfile: '/etc/ngcp-panel/api_ssl/api_ca.key'
serveradmin: support@sipwise.com
servername: "\"myserver\""
ssl_enable: 'yes'
sslcertfile: '/etc/ngcp-config/ssl/myserver.crt'
sslcertkeyfile: '/etc/ngcp-config/ssl/myserver.key'
frontend: 'no'
htpasswd:
-
pass: '{SHA}w4zj3mxbmynIQ1jsUEjSkN2z2pk='
user: ngcpsoap
logging:
apache:
acc:
facility: daemon
identity: oss
level: info
err:
facility: local7
level: info
ossbss:
facility: local0
identity: provisioning
level: DEBUG
web:
facility: local0
level: DEBUG
provisioning:
allow_ip_as_domain: 1
allow_numeric_usernames: 0
auto_allow_cli: 1
carrier:
account_distribution_function: roundrobin
prov_distribution_function: roundrobin
credit_warnings:
-
domain: example.com
recipients:
- nobody@example.com
threshold: 1000
faxpw_min_char: 0
log_passwords: 0
no_logline_truncate: 0
pw_min_char: 6
routing:
ac_regex: '[1-9]\d{0,4}'
cc_regex: '[1-9]\d{0,3}'
sn_regex: '[1-9]\d+'
tmpdir: '/tmp'
-
ossbss.frontend: Enable disable SOAP interface. Set value to fcgi to enable old SOAP interface.
-
ossbss.htpasswd: Sets the username and SHA hashed password for SOAP access. You can generate the password using the following command: htpasswd -nbs myuser mypassword.
-
ossbss.provisioning.allow_ip_as_domain: Allow or not allow IP address as SIP domain (0 is not allowed).
-
ossbss.provisioning.allow_numeric_usernames: Allow or not allow numeric SIP username (0 is not allowed).
-
ossbss.provisioning.faxpw_min_char: Minimum number of characters for fax passwords.
-
ossbss.provisioning.pw_min_char: Minimum number of characters for sip passwords.
-
ossbss.provisioning.log_password: Enable logging of passwords.
-
ossbss.provisioning.routing: Regexp for allowed AC (Area Code), CC (Country Code) and SN (Subscriber Number).
1.20. pbx (only with additional cloud PBX module installed)
The following is the PBX section:
pbx:
bindport: 5085
enable: 'no'
highport: 55000
lowport: 50001
media_processor_threads: 10
session_processor_threads: 10
xmlrpcport: 8095
-
pbx.enable: Enable Cloud PBX module.
The following is the prosody section:
prosody:
ctrl_port: 5582
log_level: info
-
prosody.ctrl_port: XMPP server control port.
-
prosody.log_level: Prosody loglevel.
The following is the pushd section:
pushd:
apns:
certificate: '/etc/ngcp-config/ssl/PushChatCert.pem'
enable: yes
endpoint: gateway.push.apple.com
feedback_endpoint: feedback.push.apple.com
feedback_interval: 3600
key: '/etc/ngcp-config/ssl/PushChatKey.pem'
socket_timeout: 0
enable: yes
gcm:
enable: yes
key: 'google_api_key_here'
priority:
call: high
groupchat: normal
invite: normal
message: normal
muc:
exclude: []
force_persistent: 'true'
owner_on_join: 'true'
one_device_per_subscriber: no
port: 45060
processes: 4
ssl: yes
sslcertfile: /etc/ngcp-config/ssl/CAsigned.crt
sslcertkeyfile: /etc/ngcp-config/ssl/CAsigned.key
unique_device_ids: no
-
pushd.enable: Enable/Disable the Push Notification feature.
-
pushd.apns.certificate: Specify the Apple certificate for push notification https requests from the NGCP to an endpoint.
-
pushd.apns.enable: Enable/Disable Apple push notification.
-
pushd.apns.key: Specify the Apple key for push notification https requests from the NGCP to an endpoint.
-
pushd.gcm.enable: Enable/Disable Google push notification.
-
pushd.gcm.key: Specify the Google key for push notification https requests from the NGCP to an endpoint.
-
pushd.muc.exclude: list of MUC room jids excluded from sending push notifications.
-
pushd.muc.force_persistent: Enable/Disable MUC rooms to be persistent. Needed for NGCP app to work with other clients.
-
pushd.muc.owner_on_join: Enable/Disable all MUC participants to be owners of the MUC room. Needed for NGCP app to work with other clients.
-
pushd.ssl: The security protocol the NGCP uses for https requests from the app in the push notification process.
-
pushd.sslcertfile: The trusted certificate file purchased from a CA
-
pushd.sslcertkeyfile: The key file that purchased from a CA
-
pushd.unique_device_ids: Allows a subscriber to register the app and have the push notification enabled on more than one mobile device.
The following is the QOS section:
qos:
tos_rtp: 184
tos_sip: 184
-
qos.tos_rtp: TOS value for RTP traffic.
-
qos.tos_sip: TOS value for SIP traffic.
The following is the rate-o-mat section:
rateomat:
enable: 'yes'
loopinterval: 10
splitpeakparts: 0
-
rateomat.enable: Enable/Disable Rate-o-mat
-
rateomat.loopinterval: How long we shall sleep before looking for unrated CDRs again.
-
rateomat.splitpeakparts: Whether we should split CDRs on peaktime borders.
The following is the redis section:
redis:
database_amount: 16
port: 6379
syslog_ident: redis
-
redis.database_amout: Set the number of databases in redis. The default database is DB 0.
-
redis.port: Accept connections on the specified port, default is 6379
-
redis.syslog_ident: Specify the syslog identity.
The following is the reminder section:
reminder:
retries: 2
retry_time: 60
sip_fromdomain: voicebox.sipwise.local
sip_fromuser: reminder
wait_time: 30
weekdays: '2, 3, 4, 5, 6, 7'
-
reminder.retries: How many times the reminder feature have to try to call you.
-
reminder.retry_time: Seconds between retries.
-
reminder.wait_time: Seconds to wait for an answer.
The following is the rsyslog section:
rsyslog:
elasticsearch:
action:
resumeretrycount: '-1'
bulkmode: 'on'
dynSearchIndex: 'on'
enable: 'yes'
queue:
dequeuebatchsize: 300
size: 5000
type: linkedlist
external_address:
external_log: 0
external_loglevel: warning
external_port: 514
external_proto: udp
ngcp_logs_preserve_days: 93
-
rsyslog.elasticsearch.enable: Enable/Disable Elasticsearch web interface
-
rsyslog.external_address: Set the remote rsyslog server.
-
rsyslog.ngcp_logs_preserve_days: Specify how many days to preserve old rotated log files in /var/log/ngcp/old path.
The following is the rtp proxy section:
rtpproxy:
allow_userspace_only: yes
enabled: yes
log_level: '6'
maxport: '40000'
minport: '30000'
prefer_bind_on_internal: no
recording:
enabled: no
mp3_bitrate: '48000'
nfs_host: 192.168.1.1
nfs_remote_path: /var/recordings
output_dir: /var/lib/rtpengine-recording
output_format: wav
output_mixed: yes
output_single: yes
resample: no
resample_to: '16000'
spool_dir: /var/spool/rtpengine
rtp_timeout: '60'
rtp_timeout_onhold: '3600'
-
rtpproxy.allow_userspace_only: Enable/Disable the user space failover for rtpengine (yes means enable). By default rtpengine works in kernel space.
-
rtpproxy.log_level: Verbosity of log messages. The default 6 logs everything except debug messages. Increase to 7 to log everything, or decrease to make logging more quiet.
-
rtpproxy.maxport: Maximum port used by rtpengine for RTP traffic.
-
rtpproxy.minport: Minimum port used by rtpengine for RTP traffic.
-
rtpproxy.recording.enabled: Enable support for call recording.
-
rtpproxy.recording.mp3_bitrate: If saving audio as MP3, bitrate of the output file.
-
rtpproxy.recording.nfs_host: Mount an NFS share from this host for storage.
-
rtpproxy.recording.nfs_remote_path: Remote path of the NFS share to mount.
-
rtpproxy.recording.output_dir: Local mount point for the NFS share.
-
rtpproxy.recording.output_format: Either wav for PCM output or mp3.
-
rtpproxy.recording.output_mixed: Create output audio files with all contributing audio streams mixed together.
-
rtpproxy.recording.output_single: Create separate audio files for each contributing audio stream.
-
rtpproxy.recording.resample: Resample all audio to a fixed bitrate (yes or no).
-
rtpproxy.recording.resample_to: If resampling is enabled, resample to this sample rate.
-
rtpproxy.recording.spool_dir: Local directory for temporary metadata file storage.
-
rtpproxy.rtp_timeout: Consider a call dead if no RTP is received for this long (60 seconds).
-
rtpproxy.rtp_timeout_onhold: Maximum limit in seconds for an onhold (1h).
The following is the security section. Usage of the firewall subsection is described in Section 14.2, “Firewalling”:
security:
firewall:
enable: no
logging:
days_kept: '7'
enable: yes
file: /var/log/firewall.log
tag: NGCPFW
nat_rules4: ~
nat_rules6: ~
policies:
forward: DROP
input: DROP
output: ACCEPT
rules4: ~
rules6: ~
-
security.firewall.enable: Enable/disable iptables configuration and rule generation for IPv4 and IPv6 (default:
no
)
-
security.firewall.logging.days_kept: Number of days logfiles are kept on the system before being deleted (log files are rotated daily, default:
7
)
-
security.firewall.logging.enable: Enables/disables logging of all packets dropped by the NGCP firewall (default:
yes
)
-
security.firewall.logging.file: File firewall log messages go to (default:
/var/log/firewall.log
)
-
security.firewall.logging.tag: String prepended to all log messages (internally
DROP
is added to any tag indicating the action triggering the message, default: NGCPFW
)
-
security.firewall.nat_rules4: Optional list of IPv4 firewall rules added to table
nat
using iptables-persistent syntax (default: undef
)
-
security.firewall.nat_rules6: Optional list of IPv6 firewall rules added to table
nat
using iptables-persistent syntax (default: undef
)
-
security.firewall.policies.forward: Default policy for iptables
FORWARD
chain (default: DROP
)
-
security.firewall.policies.input: Default policy for iptables
INPUT
chain (default: DROP
)
-
security.firewall.policies.output: Default policy for iptables
OUTPUT
chain (default: ACCEPT
)
-
security.firewall.rules4: Optional list of IPv4 firewall rules added to table
filter
using iptables-persistent syntax (default: undef
)
-
security.firewall.rules6: Optional list of IPv6 firewall rules added to table
filter
using iptables-persistent syntax (default: undef
)
The following is the SEMS section:
sems:
bindport: 5080
conference:
enable: 'yes'
max_participants: 10
debug: 'no'
highport: 50000
lowport: 40001
media_processor_threads: 10
prepaid:
enable: 'yes'
sbc:
calltimer_enable: 'yes'
calltimer_max: 3600
outbound_timeout: 6000
sdp_filter:
codecs: PCMA,PCMU,telephone-event
enable: 'yes'
mode: whitelist
session_timer:
enable: 'yes'
max_timer: 7200
min_timer: 90
session_expires: 300
session_processor_threads: 10
vsc:
block_override_code: 80
cfb_code: 90
cfna_code: 93
cft_code: 92
cfu_code: 72
clir_code: 31
directed_pickup_code: 99
enable: 'yes'
park_code: 97
reminder_code: 55
speedial_code: 50
unpark_code: 98
voicemail_number: 2000
xmlrpcport: 8090
-
sems.conference.enable: Enable/Disable conference feature.
-
sems.conference.max_participants: Sets the number of concurrent participant.
-
sems.highport: Maximum ports used by sems for RTP traffic.
-
sems.debug: Enable/Disable debug mode.
-
sems.lowport: Minimum ports used by sems for RTP traffic.
-
sems.prepaid.enable: Enable/Disable prepaid feature.
-
sems.sbc.calltimer_max: Sets the maximum call duration for inter-domain calls.
-
sems.sbc.outbound_timeout:: Sets the maximum call duration for outboud calls.
-
sems.sbc.session_timer.enable: Enable/Disable session timers (deprecated, use the web interface configuration).
-
sems.vsc.*: Define here the VSC codes.
The following is the SNMP Agent section:
snmpagent:
daemonize: '1'
debug: '0'
update_interval: '30'
-
daemonize: Enable/Disable ngcp-snmp-agent daemonization.
-
debug: Enable/Disable debug output.
-
update_interval: Sets the interval in seconds used to update the fetched data.
The following is the sshd section:
sshd:
listen_addresses:
- 0.0.0.0
-
sshd: specify interface where SSHD should run on. By default sshd listens on all IPs found in network.yml with type ssh_ext. Unfortunately sshd can be limited to IPs only and not to interfaces. The current option makes it possible to specify allowed IPs (or all IPs with 0.0.0.0).
The following is the voice sniffer section:
voisniff:
admin_panel: 'no'
daemon:
bpf: 'port 5060 or 5062 or ip6 proto 44 or ip[6:2] & 0x1fff != 0'
external_interfaces: 'eth0 eth1'
filter:
exclude:
-
active: 0
case_insensitive: 1
pattern: '\ncseq: *\d+ +(register|notify|options)'
include: []
internal_interfaces: lo
mysql_dump_threads: 4
start: 'no'
threads_per_interface: 10
partitions:
increment: 700000
keep: 10
-
voisniff.admin_panel: Enable/Disable SIP STATS on Admin interface. Default is no.
-
voisniff.deamon.external_interfaces: Define binding interfaces.
-
voisniff.deamon.start: Change to yes if you want voisniff start at boot. Default is no.
The following is the WEB Admin interface (www_admin) section:
www_admin:
ac_dial_prefix: 0
apache:
autoprov_port: 1444
billing_features: 1
callingcard_features: 0
callthru_features: 0
cc_dial_prefix: 00
conference_features: 1
contactmail: adjust@example.org
dashboard:
enabled: 1
default_admin_settings:
call_data: 0
is_active: 1
is_master: 0
read_only: 0
show_passwords: 1
domain:
preference_features: 1
rewrite_features: 1
vsc_features: 0
fastcgi_workers: 2
fax_features: 1
fees_csv:
element_order:
- source
- destination
- direction
- zone
- zone_detail
- onpeak_init_rate
- onpeak_init_interval
- onpeak_follow_rate
- onpeak_follow_interval
- offpeak_init_rate
- offpeak_init_interval
- offpeak_follow_rate
- offpeak_follow_interval
- use_free_time
http_admin:
autoprov_port: 1444
port: 1443
serveradmin: support@sipwise.com
servername: "\"myserver\""
ssl_enable: 'yes'
sslcertfile: '/etc/ngcp-config/ssl/myserver.crt'
sslcertkeyfile: '/etc/ngcp-config/ssl/myserver.key'
http_csc:
autoprov_bootstrap_port: 1445
autoprov_port: 1444
port: 443
serveradmin: support@sipwise.com
servername: "\"myserver\""
ssl_enable: 'yes'
sslcertfile: '/etc/ngcp-config/ssl/myserver.crt'
sslcertkeyfile: '/etc/ngcp-config/ssl/myserver.key'
logging:
apache:
acc:
facility: daemon
identity: oss
level: info
err:
facility: local7
level: info
peer:
preference_features: 1
peering_features: 1
security:
password_allow_recovery: 0
password_max_length: 40
password_min_length: 6
password_musthave_digit: 0
password_musthave_lowercase: 1
password_musthave_specialchar: 0
password_musthave_uppercase: 0
password_sip_autogenerate: 0
password_sip_expose_subadmin: 1
password_web_autogenerate: 0
password_web_expose_subadmin: 1
speed_dial_vsc_presets:
vsc:
- '*0'
- '*1'
- '*2'
- '*3'
- '*4'
- '*5'
- '*6'
- '*7'
- '*8'
- '*9'
subscriber:
auto_allow_cli: 0
extension_features: 0
voicemail_features: 1
-
www_admin.http_admin.*: Define the Administration interface and certificates.
-
www_admin.http_csc.*: Define the Customers interface and certificates.
-
www_admin.contactmail: Email to show in the GUI’s Error page.