Differences

This shows you the differences between two versions of the page.

--- servers:murmur [2016/11/22 17:27] – Sean Rhone
+++ servers:murmur [2016/11/22 17:32] (current) – Sean Rhone
@@ Line 1: / Line 1: @@
+====== Information ======
+  * Murmur
+  * [[Information:Realm of Espionage]]
+  * voice.realmofespionage.xyz ((Mumble))
+===== Prerequisites =====
+  * [[distros:fedora_server | Fedora Server]]
+  * [[servers:nginx:lets_encrypt | Let's Encrypt]]
+====== Dependencies ======
+****
+  sudo dnf install 'murmur'
+====== Firewall ======
+  * 64738/tcp and 64738/udp is Murmur Server
+  sudo firewall-cmd --add-port='64738'/'tcp' --permanent && sudo firewall-cmd --add-port='64738'/'udp' --permanent && sudo firewall-cmd --reload
+====== Settings ======
+  sudo -e '/etc/murmur/murmur.ini'
+  autobanAttempts = 5
+  autobanTimeframe = 120
+  autobanTime = 300
+  welcometext="Welcome to the Realm of Espionage Mumble server!"
+  serverpassword=x
+  registerName=RoE | Mumble
+  sslCert=/etc/murmur/certs/fullchain.pem
+  sslKey=/etc/murmur/certs/privkey.pem
+  sslCiphers="PROFILE=SYSTEM"
+  certrequired=True
+  sendversion=True
+====== Let's Encrypt SSL Cert ======
+===== Initial =====
+****
+  sudo mkdir -p '/etc/murmur/certs' && sudo cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/murmur/certs' && sudo chgrp 'mumble-server' '/etc/murmur/certs/fullchain.pem' '/etc/murmur/certs/privkey.pem'
+===== Certbot Automation =====
+****
+  sudo -e '/etc/letsencrypt/cli.ini'
+==== Murmur ====
+****
+  post-hook = cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/murmur/certs' && chgrp 'mumble-server' '/etc/murmur/certs/fullchain.pem' '/etc/murmur/certs/privkey.pem' && systemctl restart 'murmur'
+==== nginx + Murmur ====
+  * Requires [[servers:nginx_php_php-fpm | nginx]]
+  post-hook = systemctl start 'nginx' && cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/murmur/certs' && chgrp 'mumble-server' '/etc/murmur/certs/fullchain.pem' '/etc/murmur/certs/privkey.pem' && systemctl restart 'murmur'
+==== nginx + Prosody + Murmur ====
+  * Requires [[servers:nginx_php_php-fpm | nginx]] and [[servers:prosody | Prosody]]
+  post-hook = systemctl start 'nginx' && cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/prosody/certs' && chgrp 'prosody' '/etc/prosody/certs/fullchain.pem' '/etc/prosody/certs/privkey.pem' && systemctl restart 'prosody' && cp '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem' '/etc/letsencrypt/live/realmofespionage.xyz/privkey.pem' '/etc/murmur/certs' && chgrp 'mumble-server' '/etc/murmur/certs/fullchain.pem' '/etc/murmur/certs/privkey.pem' && systemctl restart 'murmur'
+====== Administrative User ======
+===== Set SuperUser Password =====
+****
+  sudo -u 'mumble-server' murmurd -ini '/etc/murmur/murmur.ini' -supw 'x'
+===== Grant Account Admin =====
+  * Log into account to be granted administrative rights
+  * Register the user
+  * Log out and into the **SuperUser** account with the recently-created password from above
+  * Edit the **Root** channel and set the **Group** to **admin**
+  * Add the account to be granted administrative rights to the **Members** list
+  * Log out and back into the account granted administrative rights
+====== Services ======
+===== Initial =====
+****
+  sudo systemctl enable 'murmur' --now
+===== Backup =====
+==== Service ====
+  mkdir -p ~/'backups' && sudo -e '/etc/systemd/system/voice-b.service' && sudo sed -i 's/CHANGEME/'$USER'/g' '/etc/systemd/system/voice-b.service'
+  [Service]
+  Type=oneshot
+  WorkingDirectory=/var/lib
+  ExecStart='/usr/bin/bash' -c '"/usr/bin/tar" -cvzf "/home/CHANGEME/backups/voice-"$$(date +%%Y-%%m-%%d)".tar.gz" "mumble-server"'
+  ExecStart='/usr/bin/sync'
+==== Timer ====
+  sudo -e '/etc/systemd/system/voice-b.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'voice-b.timer' --now && sudo systemctl start 'voice-b' && sudo systemctl status 'voice-b' -l
+  [Unit]
+  Description=Murmur Database Backup
+  [Timer]
+  OnCalendar=*-*-* 02:05:00
+  Persistent=true
+  [Install]
+  WantedBy=timers.target
+====== Backup ======
+  * Create backup archive on server and transfer to client computer
+===== Server =====
+==== Archive Folders ====
+****
+  cd '/var/lib' && sudo tar -cvzf ~/'voice-manual.tar.gz' 'mumble-server' && cd ~ && sync
+===== Client =====
+==== Transfer Archive to Client ====
+****
+  scp espionage724@192.168.1.153:~/'voice-manual.tar.gz' ~/'Downloads' && sync
+====== Restore ======
+===== Client =====
+==== Transfer Archive to Server ====
+****
+  scp ~/'Downloads/voice-manual.tar.gz' espionage724@192.168.1.153:~
+==== Remove Archive ====
+****
+  rm ~/'Downloads/voice-manual.tar.gz' && sync
+===== Server =====
+==== Stop Murmur ====
+****
+  sudo systemctl stop 'murmur'
+==== Remove Previous Folders ====
+****
+  sudo rm -Rf '/var/lib/mumble-server'
+==== Restore Folders ====
+****
+  cd '/var/lib' && sudo tar -xvzf ~/'voice-manual.tar.gz' 'mumble-server' && sudo chown -R 'mumble-server':'mumble-server' '/var/lib/mumble-server' && cd ~ && sync
+==== Start Murmur ====
+****
+  sudo systemctl start 'murmur'
+==== Remove Archive ====
+  * Verify that Murmur works before running
+  rm -R ~/'voice-manual.tar.gz' && sync