====== Information ====== * Murmur * [[Information:Realm of Espionage]] * voice.realmofespionage.xyz ((Mumble)) ===== Prerequisites ===== * [[distros:fedora_server | Fedora Server]] * [[servers:nginx:lets_encrypt | Let's Encrypt]] ====== Dependencies ====== **** sudo dnf install 'murmur' ====== Firewall ====== * 64738/tcp and 64738/udp is Murmur Server sudo firewall-cmd --add-port='64738'/'tcp' --permanent && sudo firewall-cmd --add-port='64738'/'udp' --permanent && sudo firewall-cmd --reload ====== Settings ====== sudo -e '/etc/murmur/murmur.ini' autobanAttempts = 5 autobanTimeframe = 120 autobanTime = 300 welcometext="Welcome to the Realm of Espionage Mumble server!" serverpassword=x registerName=RoE | Mumble sslCert=/etc/murmur/certs/fullchain.pem sslKey=/etc/murmur/certs/privkey.pem sslCiphers="PROFILE=SYSTEM" certrequired=True sendversion=True ====== Let's Encrypt SSL Cert ====== ===== Initial ===== **** sudo mkdir -p '/etc/murmur/certs' && sudo cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/murmur/certs' && sudo chgrp 'mumble-server' '/etc/murmur/certs/fullchain.pem' '/etc/murmur/certs/privkey.pem' ===== Certbot Automation ===== **** sudo -e '/etc/letsencrypt/cli.ini' ==== Murmur ==== **** post-hook = cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/murmur/certs' && chgrp 'mumble-server' '/etc/murmur/certs/fullchain.pem' '/etc/murmur/certs/privkey.pem' && systemctl restart 'murmur' ==== nginx + Murmur ==== * Requires [[servers:nginx_php_php-fpm | nginx]] post-hook = systemctl start 'nginx' && cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/murmur/certs' && chgrp 'mumble-server' '/etc/murmur/certs/fullchain.pem' '/etc/murmur/certs/privkey.pem' && systemctl restart 'murmur' ==== nginx + Prosody + Murmur ==== * Requires [[servers:nginx_php_php-fpm | nginx]] and [[servers:prosody | Prosody]] post-hook = systemctl start 'nginx' && cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/prosody/certs' && chgrp 'prosody' '/etc/prosody/certs/fullchain.pem' '/etc/prosody/certs/privkey.pem' && systemctl restart 'prosody' && cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/murmur/certs' && chgrp 'mumble-server' '/etc/murmur/certs/fullchain.pem' '/etc/murmur/certs/privkey.pem' && systemctl restart 'murmur' ====== Administrative User ====== ===== Set SuperUser Password ===== **** sudo -u 'mumble-server' murmurd -ini '/etc/murmur/murmur.ini' -supw 'x' ===== Grant Account Admin ===== * Log into account to be granted administrative rights * Register the user * Log out and into the **SuperUser** account with the recently-created password from above * Edit the **Root** channel and set the **Group** to **admin** * Add the account to be granted administrative rights to the **Members** list * Log out and back into the account granted administrative rights ====== Services ====== ===== Initial ===== **** sudo systemctl enable 'murmur' --now ===== Backup ===== ==== Service ==== mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/voice-b.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/voice-b.service' [Service] Type=oneshot WorkingDirectory=/var/lib ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -cvzf "/home/CHANGEME/backups/voice-"$$(date +%%Y-%%m-%%d)".tar.gz" "mumble-server"' ExecStart='/usr/bin/sync' ==== Timer ==== sudo -e '/etc/systemd/system/voice-b.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'voice-b.timer' --now && sudo systemctl start 'voice-b' && sudo systemctl status 'voice-b' -l [Unit] Description=Murmur Database Backup [Timer] OnCalendar=*-*-* 02:05:00 Persistent=true [Install] WantedBy=timers.target ====== Backup ====== * Create backup archive on server and transfer to client computer ===== Server ===== ==== Archive Folders ==== **** cd '/var/lib' && sudo tar -cvzf ~/'voice-manual.tar.gz' 'mumble-server' && cd ~ && sync ===== Client ===== ==== Transfer Archive to Client ==== **** scp espionage724@192.168.1.153:~/'voice-manual.tar.gz' ~/'Downloads' && sync ====== Restore ====== ===== Client ===== ==== Transfer Archive to Server ==== **** scp ~/'Downloads/voice-manual.tar.gz' espionage724@192.168.1.153:~ ==== Remove Archive ==== **** rm ~/'Downloads/voice-manual.tar.gz' && sync ===== Server ===== ==== Stop Murmur ==== **** sudo systemctl stop 'murmur' ==== Remove Previous Folders ==== **** sudo rm -Rf '/var/lib/mumble-server' ==== Restore Folders ==== **** cd '/var/lib' && sudo tar -xvzf ~/'voice-manual.tar.gz' 'mumble-server' && sudo chown -R 'mumble-server':'mumble-server' '/var/lib/mumble-server' && cd ~ && sync ==== Start Murmur ==== **** sudo systemctl start 'murmur' ==== Remove Archive ==== * Verify that Murmur works before running rm -R ~/'voice-manual.tar.gz' && sync