Skip to content

Cloud Services

Overview

All services run on the cloud server at 89.116.31.109 (Debian 13). This page documents each service, its role, and the firewall configuration.

Services

Asterisk

Property Value
Type systemd service
Unit asterisk.service
Role PBX engine -- handles SIP, media, dialplan
Version 20.18.2 
systemctl status asterisk
systemctl restart asterisk

AstraPBX API

Property Value
Type Node.js application
Unit astrapbx.service
Port 8000
Path /opt/astrapbx
Role REST API for managing organizations, DIDs, trunks, and config 
systemctl status astrapbx
systemctl restart astrapbx

Nginx

Property Value
Type systemd service
Unit nginx.service
Role Reverse proxy for AstraPBX API and web interface

Nginx proxies requests from devpbx.astradial.com to the Node.js API on port 8000.

systemctl status nginx
systemctl restart nginx

MariaDB

Property Value
Type systemd service
Unit mariadb.service
Version 11.8.6
Database pbx_api_db
Role Stores organizations, DIDs, trunks, extensions, config 
systemctl status mariadb
systemctl restart mariadb

WireGuard

Property Value
Type systemd service
Unit wg-quick@wg0.service
Role VPN tunnel to on-premise NUC
Cloud IP 10.10.10.1
NUC IP 10.10.10.2 
systemctl status wg-quick@wg0
wg show wg0

Netdata

Property Value
Type systemd service
Unit netdata.service
Port 19999
URL http://89.116.31.109:19999
Role Real-time system monitoring 
systemctl status netdata
systemctl restart netdata

Security Warning

Netdata is publicly accessible on port 19999 without authentication. This needs to be secured -- either restrict access via firewall rules, add authentication, or place behind a reverse proxy with auth.

UFW Firewall Rules

Port Protocol Purpose
22 TCP SSH
80 TCP HTTP (Nginx)
443 TCP HTTPS (Nginx)
5060 UDP SIP (primary)
5060 TCP SIP (TCP transport)
5080 UDP SIP (alternate, ISP bypass)
8089 TCP WSS (WebRTC)
19999 TCP Netdata monitoring
51820 UDP WireGuard VPN 
# Check current rules
ufw status verbose

# Example: add a new rule
ufw allow 5080/udp comment "SIP alternate port"