Merged
Conversation
- Generate IAX2 RSA keys at container startup if not present - Uses astgenkey with fallback to openssl - Re-enable encryption=yes in iax.conf template - Keys stored in /var/lib/asterisk/keys/ (can be mounted for persistence) - Logs instructions for public key exchange with remote PBX https://claude.ai/code/session_01M7DJEAxrReANcMZ6SjChaG
Asterisk's res_crypto requires traditional RSA PEM format: - Private key: BEGIN RSA PRIVATE KEY (not BEGIN PRIVATE KEY) - Public key: BEGIN RSA PUBLIC KEY (not BEGIN PUBLIC KEY) Use -traditional and -RSAPublicKey_out flags in openssl fallback. Also pass output path to astgenkey so keys go directly to keys dir. https://claude.ai/code/session_01M7DJEAxrReANcMZ6SjChaG
Keys in /var/lib/asterisk/keys/ are now stored in a named Docker volume so they survive container rebuilds and recreates. This is essential for IAX2 encryption since both sides need stable key pairs. https://claude.ai/code/session_01M7DJEAxrReANcMZ6SjChaG
Asterisk 20+ uses PEM_read_PUBKEY() which expects BEGIN PUBLIC KEY (PKCS#8 SubjectPublicKeyInfo), not BEGIN RSA PUBLIC KEY (PKCS#1). Use -pubout instead of -RSAPublicKey_out for openssl fallback. https://claude.ai/code/session_01M7DJEAxrReANcMZ6SjChaG
IAX2 encryption=yes uses AES-128 with keys derived from the registration password (MD5 auth digest). RSA keys are only needed for auth=rsa, which we don't use. Removed unnecessary key generation from entrypoint and keys volume from docker-compose. https://claude.ai/code/session_01M7DJEAxrReANcMZ6SjChaG
Most Armbian images don't include Docker pre-installed. Added a section with step-by-step commands to install Docker CE from the official Docker repository on Debian-based Armbian systems. https://claude.ai/code/session_01M7DJEAxrReANcMZ6SjChaG
Moved Docker installation steps into docker/install-docker.sh and referenced it from the README. Most Armbian images don't ship with Docker pre-installed, so this gives users a one-liner to set it up. https://claude.ai/code/session_01M7DJEAxrReANcMZ6SjChaG
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.