kopia lustrzana https://github.com/mumble-voip/mumble-docker
First commit
rodzic
1df49348fc
commit
0ede318092
|
@ -0,0 +1,39 @@
|
|||
FROM alpine@sha256:b276d875eeed9c7d3f1cfa7edb06b22ed22b14219a7d67c52c56612330348239
|
||||
|
||||
# Set environment variables
|
||||
ENV MUMBLE_VERSION=1.3.3
|
||||
|
||||
# Copy project files into container
|
||||
COPY ./config /etc/murmur
|
||||
COPY ./docker-entrypoint.sh /usr/local/bin/
|
||||
|
||||
RUN apk --no-cache add \
|
||||
pwgen \
|
||||
libressl \
|
||||
qt5-qtbase-mysql \
|
||||
&& adduser -SDH murmur \
|
||||
&& mkdir -p \
|
||||
/data \
|
||||
/opt \
|
||||
/var/run/murmur \
|
||||
&& chown -R murmur:nobody \
|
||||
/data \
|
||||
/etc/murmur \
|
||||
/var/run/murmur \
|
||||
&& wget \
|
||||
https://github.com/mumble-voip/mumble/releases/download/${MUMBLE_VERSION}/murmur-static_x86-${MUMBLE_VERSION}.tar.bz2 -O - |\
|
||||
bzcat -f |\
|
||||
tar -x -C /opt -f - \
|
||||
&& mv /opt/murmur* /opt/murmur
|
||||
|
||||
# Exposed port should always match what is set in /murmur/murmur.ini
|
||||
EXPOSE 64738/tcp 64738/udp
|
||||
|
||||
# Set the working directory
|
||||
WORKDIR /etc/murmur
|
||||
|
||||
# Add the data volume for data persistence
|
||||
VOLUME ["/data/"]
|
||||
|
||||
# Configure runtime container and start murmur
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
177
README.md
177
README.md
|
@ -1,2 +1,175 @@
|
|||
# mumble-docker
|
||||
Docker support for Mumble
|
||||
**Mumble** is a VOIP application which allows users to talk to each other via
|
||||
the same server. It uses a client-server architecture, and encrypts all
|
||||
communication to ensure user privacy. **Murmur** is the name of the server
|
||||
component within the Mumble project.[Learn More][mumble-wiki].
|
||||
|
||||
`mumble-voip/mumble-server` enables you to easily run multiple (lightweight) murmur
|
||||
instances on the same host.
|
||||
|
||||
## Getting started
|
||||
|
||||
This guide assumes that you already have [Docker][docker-install-docs]
|
||||
installed.
|
||||
|
||||
### Pull the official image
|
||||
|
||||
An image is available from the [Docker Hub][docker-hub-repo-url] registry, built
|
||||
automatically from this repository. It's easy to get started:
|
||||
|
||||
```text
|
||||
docker pull mumble-voip/mumble-server[:tag]
|
||||
```
|
||||
|
||||
You don't _need_ to specify a tag, but it's a good idea to so that you don't
|
||||
pull `latest` and risk getting different versions on different hosts. Versions
|
||||
are kept in line with the [releases from mumble-voip/mumble][vendor-releases].
|
||||
|
||||
The examples throughout this document assume we are not using a tag for the sake
|
||||
of brevity. If you pull the image with a tag other than `latest`, you will need
|
||||
to use that tag number when running the image via `docker run`.
|
||||
|
||||
### Create a container
|
||||
|
||||
Now that you have the image pulled, it's time to get a container up and running.
|
||||
|
||||
```text
|
||||
docker run -d \
|
||||
-p 64738:64738/tcp \
|
||||
-p 64738:64738/udp \
|
||||
--name mumble-server-001 \
|
||||
mumble-voip/mumble-server[:tag]
|
||||
```
|
||||
|
||||
You should now be able to open up the Mumble client, and connect to the server
|
||||
running at `127.0.0.1:64738`.
|
||||
|
||||
### Configuration options
|
||||
|
||||
The following variables can be passed into the container (when you execute
|
||||
`docker run`) to change various configuration options.
|
||||
|
||||
For example:
|
||||
|
||||
```text
|
||||
docker run -d \
|
||||
-p 64738:64738/tcp \
|
||||
-p 64738:64738/udp
|
||||
-e MUMBLE_SERVERPASSWORD='superSecretPasswordHere' \
|
||||
--name mumble-server-001 \
|
||||
mumble-voip/mumble-server[:tag]
|
||||
```
|
||||
|
||||
Here is a list of all options supported through environment variables:
|
||||
|
||||
| Environment Variable | Default Value |
|
||||
| -------------------- | ------------- |
|
||||
| [`MUMBLE_ALLOWHTML`][mdoc-allowhtml] | `true`|
|
||||
| [`MUMBLE_ALLOWPING`][mdoc-allowping] | `true`|
|
||||
| [`MUMBLE_AUTOBANATTEMPTS`][mdoc-group-autoban] | `10` |
|
||||
| [`MUMBLE_AUTOBANTIMEFRAME`][mdoc-group-autoban] | `120` |
|
||||
| [`MUMBLE_AUTOBANTIME`][mdoc-group-autoban] | `300` |
|
||||
| [`MUMBLE_BANDWIDTH`][mdoc-bandwidth] | `7200`|
|
||||
| [`MUMBLE_CHANNELNAME`][mdoc-group-channelusername] | `[ \\-=\\w\\#\\[\\]\\{\\}\\(\\)\\@\\|]+` |
|
||||
| [`MUMBLE_DATABASE`][mdoc-group-database] | `/data/murmur.sqlite` |
|
||||
| [`MUMBLE_DB_DRIVER`][mdoc-group-database] | `QSQLITE` |
|
||||
| [`MUMBLE_DB_USERNAME`][mdoc-group-database] | `---` |
|
||||
| [`MUMBLE_DB_PASSWORD`][mdoc-group-database] | `---` |
|
||||
| [`MUMBLE_DEFAULTCHANNEL`][mdoc-defaultchannel] | `---` |
|
||||
| [`MUMBLE_ENABLESSL`](#ssl-certificates-murmurinissl) | `0` |
|
||||
| [`MUMBLE_ICE`][mdoc-ice] | `tcp -h 127.0.0.1 -p 6502` |
|
||||
| [`MUMBLE_ICESECRETREAD`][mdoc-group-icesecret] | `---` |
|
||||
| [`MUMBLE_ICESECRETWRITE`][mdoc-group-icesecret] | `---` |
|
||||
| [`MUMBLE_IMAGEMESSAGELENGTH`][mdoc-imagemessagelength] |`131072` |
|
||||
| [`MUMBLE_KDFITERATIONS`][mdoc-kdfIterations] | `-1`|
|
||||
| [`MUMBLE_LEGACYPASSWORDHASH`][mdoc-legacyPasswordHash] | `false` |
|
||||
| [`MUMBLE_MESSAGEBURST`][mdoc-ratelimit] | `5` |
|
||||
| [`MUMBLE_MESSAGELIMIT`][mdoc-ratelimit] | `1` |
|
||||
| [`MUMBLE_OBFUSCATE`][mdoc-obfuscate] | `false` |
|
||||
| [`MUMBLE_OPUSTHRESHOLD`][mdoc-opusthreshold] | `100` |
|
||||
| [`MUMBLE_REGISTERHOSTNAME`][mdoc-registerHostname] | `---` |
|
||||
| [`MUMBLE_REGISTERNAME`][mdoc-registerName] | `---`|
|
||||
| [`MUMBLE_REGISTERPASSWORD`][mdoc-registerPassword] | `---` |
|
||||
| [`MUMBLE_REGISTERURL`][mdoc-registerUrl] | `---` |
|
||||
| [`MUMBLE_REMEMBERCHANNEL`][mdoc-rememberchannel] | `true`|
|
||||
| [`MUMBLE_SENDVERSION`][mdoc-sendversion] | `false`|
|
||||
| [`MUMBLE_SERVERPASSWORD`][mdoc-serverpassword] | `---` |
|
||||
| [`MUMBLE_SSLCIPHERS`](#ssl-certificates-murmurinissl) | `---` |
|
||||
| [`MUMBLE_SSLPASSPHRASE`](#ssl-certificates-murmurinissl) | `---` |
|
||||
| [`MUMBLE_SUGGESTPOSITIONAL`][mdoc-suggestPositional] | `---` |
|
||||
| [`MUMBLE_SUGGESTPUSHTOTALK`][mdoc-suggestPushToTalk] | `---` |
|
||||
| [`MUMBLE_SUGGESTVERSION`][mdoc-suggestVersion] | `false` |
|
||||
| [`MUMBLE_TEXTMESSAGELENGTH`][mdoc-textmessagelength] | `5000`|
|
||||
| [`MUMBLE_TIMEOUT`][mdoc-timeout] | `30`|
|
||||
| [`MUMBLE_USERNAME`][mdoc-group-channelusername] | `[-=\\w\\[\\]\\{\\}\\(\\)\\@\\|\\.]+` |
|
||||
| [`MUMBLE_USERS`][mdoc-users] | `100` |
|
||||
| [`MUMBLE_USERSPERCHANNEL`][mdoc-usersperchannel] | `0` |
|
||||
| [`MUMBLE_WELCOMETEXT`][mdoc-welcometext] | `<br />Welcome...` |
|
||||
| `SUPERUSER_PASSWORD` | If not defined, a password will be auto-generated. |
|
||||
|
||||
### Custom welcome text ([Murmur.ini::welcometext][mdoc-welcometext])
|
||||
|
||||
If the environnement variable `MUMBLE_WELCOMETEXT` will produce to big config for you,
|
||||
you can customize the welcome text with a separate file.
|
||||
Add the contents to `welcometext` and mount that
|
||||
into the container at `/data/welcometext`. Double quote characters (`"`) are
|
||||
escaped automatically, but you may want to confirm that your message was parsed
|
||||
correctly.
|
||||
|
||||
### Custom configuration file
|
||||
If you want to use a fully set murmur configuration file,
|
||||
you can mount the file into the container at `/data/murmur.ini`
|
||||
You cannot have both environment variables AND config file. The config file override everything.
|
||||
|
||||
### SSL Certificates ([Murmur.ini::SSL][mdoc-sslcertkey])
|
||||
|
||||
The server will generate its own SSL certificates when the daemon is started. If
|
||||
you wish to provide your own certificates and ciphers instead, you can do so by
|
||||
following the instructions below.
|
||||
|
||||
If `MUMBLE_ENABLESSL` is set to `1`, custom SSL is enabled, as long as you have
|
||||
mounted a certificate and key at the following locations:
|
||||
|
||||
- SSL certificate should be mounted at `/data/cert.pem`
|
||||
|
||||
- If your certificate is signed by an authority that uses a sub-signed or
|
||||
"intermediate" certificate, you should either bundle that with your
|
||||
certificate, or mount it in separately at `/data/intermediate.pem` - this
|
||||
will be automatically detected.
|
||||
|
||||
- SSL key should be mounted at `/data/key.pem`
|
||||
|
||||
- If the key has a passphrase, you should define the environment variable
|
||||
`MUMBLE_SSLPASSPHRASE` with the passphrase. This variable does not have any
|
||||
effect if you have not mounted a key *and* enabled SSL.
|
||||
|
||||
- Set your preferred cipher suite using `MUMBLE_SSLCIPHERS`
|
||||
|
||||
- This option chooses the cipher suites to make available for use in SSL/TLS.
|
||||
See the [official documentation][mdoc-sslCiphers] for more information.
|
||||
|
||||
### Logging in as SuperUser
|
||||
|
||||
If the environment variable `SUPERUSER_PASSWORD` is not defined when creating
|
||||
the container, a password will be automatically generated. To view the password
|
||||
for any container at any time, look at the container's logs. As an example, to
|
||||
view the SuperUser password is for an instance running in a container named
|
||||
`mumble-server-001`:
|
||||
|
||||
```text
|
||||
$ docker logs mumble-server-001 2>&1 | grep SUPERUSER_PASSWORD
|
||||
> SUPERUSER_PASSWORD: <value>
|
||||
```
|
||||
|
||||
|
||||
### Numbered tags
|
||||
|
||||
For a full list of tags, please see the [tags page][tags] on Docker Hub.
|
||||
|
||||
Numbered tags follow the pattern:
|
||||
|
||||
```
|
||||
<MUMBLE_VERSION>-<RELEASE>
|
||||
│ └─ the release number specific to this repository
|
||||
│
|
||||
└──── the version of mumble for this release
|
||||
```
|
|
@ -0,0 +1,5 @@
|
|||
# ICE CONFIGURATION
|
||||
########################################
|
||||
[Ice]
|
||||
Ice.Warn.UnknownProperties=1
|
||||
Ice.MessageSizeMax=65536
|
|
@ -0,0 +1,102 @@
|
|||
# MURMUR SETTINGS
|
||||
# https://github.com/mumble-voip/mumble/blob/master/scripts/murmur.ini
|
||||
###############################################################################
|
||||
#
|
||||
# The settings below are what the contributors to the docker-murmur
|
||||
# project recommend. They have been organized in the same order as the
|
||||
# official documentation (URL above), however, it is important to note
|
||||
# that some settings may not be present in this file due to the
|
||||
# nature of the project running in a container.
|
||||
#
|
||||
# This file should be used to determine what the current settings
|
||||
# for a container is, as well as updating the settings via RPC.
|
||||
# It is NOT recommended to edit settings or add new settings here. Instead,
|
||||
# create a ticket at the url below:
|
||||
#
|
||||
# https://github.com/mumble-voip/mumble-docker/issues
|
||||
#
|
||||
###############################################################################
|
||||
|
||||
# DATABASE CONFIGURATION
|
||||
########################################
|
||||
database=/data/murmur.sqlite
|
||||
dbDriver=QSQLITE
|
||||
#dbUsername=
|
||||
#dbPassword=
|
||||
#dbHost=
|
||||
|
||||
|
||||
# RPC CONFIGURATION
|
||||
########################################
|
||||
#ice="tcp -h 127.0.0.1 -p 6502"
|
||||
#icesecretread=
|
||||
#icesecretwrite=
|
||||
|
||||
# SECURITY CONFIGURATION
|
||||
########################################
|
||||
#autobanAttempts=10
|
||||
#autobanTimeframe=120
|
||||
#autobanTime=300
|
||||
#serverpassword=
|
||||
uname=murmur
|
||||
#obfuscate=false
|
||||
#sendversion=false
|
||||
#legacyPasswordHash=false
|
||||
#kdfIterations=-1
|
||||
#allowping=true
|
||||
|
||||
# PROCESS ADMINISTRIVIA
|
||||
########################################
|
||||
logfile=
|
||||
logdays=-1
|
||||
pidfile=/var/run/murmur/murmur.pid
|
||||
|
||||
# CONNECTIVITY
|
||||
########################################
|
||||
#port=64738
|
||||
#host=0.0.0.0
|
||||
#bandwidth=72000
|
||||
#timeout=30
|
||||
|
||||
# SSL SETTINGS
|
||||
########################################
|
||||
#certrequired=false
|
||||
#sslCert=
|
||||
#sslKey=
|
||||
#sslPassPhrase=
|
||||
#sslCA=
|
||||
#sslCiphers=
|
||||
#sslDHParams=
|
||||
|
||||
# USERS AND CHANNELS
|
||||
########################################
|
||||
users=100
|
||||
#usersperchannel=0
|
||||
#username=[-=\\w\\[\\]\\{\\}\\(\\)\\@\\|\\.]+
|
||||
#channelname=[ \\-=\\w\\#\\[\\]\\{\\}\\(\\)\\@\\|]+
|
||||
#channelnestinglimit=10
|
||||
#defaultchannel=
|
||||
#rememberchannel=true
|
||||
#textmessagelength=5000
|
||||
#imagemessagelength=131072
|
||||
#allowhtml=false
|
||||
#opusthreshold=100
|
||||
#messageburst=5
|
||||
#messagelimit=1
|
||||
|
||||
# SERVER REGISTRATION
|
||||
########################################
|
||||
#registerName=
|
||||
#registerPassword=
|
||||
#registerUrl=
|
||||
#registerHostname=
|
||||
|
||||
# MISCELLANEOUS
|
||||
########################################
|
||||
#suggestVersion=
|
||||
#suggestPositional=
|
||||
#suggestPushToTalk=
|
||||
|
||||
# WELCOME MESSAGE
|
||||
########################################
|
||||
welcometext="<br />Welcome to this server running <b>sudoforge/mumble-server</b>. <br />Enjoy your stay!<br />"
|
|
@ -0,0 +1,108 @@
|
|||
#!/usr/bin/env sh
|
||||
set -e
|
||||
|
||||
CONFIGFILE="/etc/murmur/murmur.ini"
|
||||
ICEFILE="/etc/murmur/ice.ini"
|
||||
WELCOMEFILE="/data/welcometext"
|
||||
CUSTOM_CONFIG_FILE="/data/murmur.ini"
|
||||
|
||||
setVal() {
|
||||
if [ -n "${1}" ] && [ -n "${2}" ]; then
|
||||
echo "update setting: ${1} with: ${2}"
|
||||
tmp=$(echo $2 | sed 's,\\,\\\\,g') # Double every \ for next sed
|
||||
sed -i -E 's#;?('"${1}"'=).*#\1'"${tmp}"'#' "${CONFIGFILE}"
|
||||
fi
|
||||
}
|
||||
|
||||
setVal database "${MUMBLE_DATABASE}"
|
||||
setVal dbDriver "${MUMBLE_DB_DRIVER}"
|
||||
setVal dbUsername "${MUMBLE_DB_USERNAME}"
|
||||
setVal dbPassword "${MUMBLE_DB_PASSWORD}"
|
||||
setVal dbHost "${MUMBLE_DB_HOST}"
|
||||
setVal ice "${MUMBLE_ICE}"
|
||||
setVal icesecretread "${MUMBLE_ICESECRETREAD}"
|
||||
setVal icesecretwrite "${MUMBLE_ICESECRETWRITE}"
|
||||
setVal autobanAttempts "${MUMBLE_AUTOBANATTEMPTS}"
|
||||
setVal autobanTimeframe "${MUMBLE_AUTOBANTIMEFRAME}"
|
||||
setVal autobanTime "${MUMBLE_AUTOBANTIME}"
|
||||
setVal serverpassword "${MUMBLE_SERVERPASSWORD}"
|
||||
setVal obfuscate "${MUMBLE_OBFUSCATE}"
|
||||
setVal sendversion "${MUMBLE_SENDVERSION}"
|
||||
setVal legacyPasswordHash "${MUMBLE_LEGACYPASSWORDHASH}"
|
||||
setVal kdfIterations "${MUMBLE_KDFITERATIONS}"
|
||||
setVal allowping "${MUMBLE_ALLOWPING}"
|
||||
setVal bandwidth "${MUMBLE_BANDWIDTH}"
|
||||
setVal timeout "${MUMBLE_TIMEOUT}"
|
||||
setVal certrequired "${MUMBLE_CERTREQUIRED}"
|
||||
setVal users "${MUMBLE_USERS}"
|
||||
setVal usersperchannel "${MUMBLE_USERSPERCHANNEL}"
|
||||
setVal username "${MUMBLE_USERNAME}"
|
||||
setVal channelname "${MUMBLE_CHANNELNAME}"
|
||||
setVal channelnestinglimit "${MUMBLE_CHANNELNESTINGLIMIT}"
|
||||
setVal defaultchannel "${MUMBLE_DEFAULTCHANNEL}"
|
||||
setVal rememberchannel "${MUMBLE_REMEMBERCHANNEL}"
|
||||
setVal textmessagelength "${MUMBLE_TEXTMESSAGELENGTH}"
|
||||
setVal imagemessagelength "${MUMBLE_IMAGEMESSAGELENGTH}"
|
||||
setVal allowhtml "${MUMBLE_ALLOWHTML}"
|
||||
setVal opusthreshold "${MUMBLE_OPUSTHRESHOLD}"
|
||||
setVal messagelimit "${MUMBLE_MESSAGELIMIT}"
|
||||
setVal messageburst "${MUMBLE_MESSAGEBURST}"
|
||||
setVal registerHostname "${MUMBLE_REGISTERHOSTNAME}"
|
||||
setVal registerPassword "${MUMBLE_REGISTERPASSWORD}"
|
||||
setVal registerUrl "${MUMBLE_REGISTERURL}"
|
||||
setVal registerName "${MUMBLE_REGISTERNAME}"
|
||||
setVal suggestVersion "${MUMBLE_SUGGESTVERSION}"
|
||||
setVal suggestPositional "${MUMBLE_SUGGESTPOSITIONAL}"
|
||||
setVal suggestPushToTalk "${MUMBLE_SUGGESTPUSHTOTALK}"
|
||||
setVal welcometext "${MUMBLE_WELCOMETEXT}"
|
||||
|
||||
|
||||
if [ -n "${MUMBLE_ENABLESSL}" ] && [ "${MUMBLE_ENABLESSL}" -eq 1 ]; then
|
||||
SSL_CERTFILE=${MUMBLE_CERTFILE:-/data/cert.pem}
|
||||
SSL_KEYFILE=${MUMBLE_KEYFILE:-/data/key.pem}
|
||||
SSL_CAFILE=${MUMBLE_CAFILE:-/data/intermediate.pem}
|
||||
SSL_DHFILE=${MUMBLE_DHFILE:-/data/dh.pem}
|
||||
|
||||
if [ -f "${SSL_CERTFILE}" ]; then
|
||||
setVal sslCert "${SSL_CERTFILE}"
|
||||
fi
|
||||
|
||||
if [ -f "${SSL_KEYFILE}" ]; then
|
||||
setVal sslKey "${SSL_KEYFILE}"
|
||||
setVal sslPassPhrase "${MUMBLE_SSLPASSPHRASE}"
|
||||
fi
|
||||
|
||||
if [ -f "${SSL_CAFILE}" ]; then
|
||||
setVal sslCA "${SSL_CAFILE}"
|
||||
fi
|
||||
|
||||
if [ -f "${SSL_DHFILE}" ]; then
|
||||
setVal sslDHParams "${SSL_DHFILE}"
|
||||
fi
|
||||
|
||||
setVal sslCiphers "${MUMBLE_SSLCIPHERS}"
|
||||
fi
|
||||
|
||||
if [ -f "${WELCOMEFILE}" ]; then
|
||||
parsedContent=$(sed -E 's/"/\\"/g' "${WELCOMEFILE}")
|
||||
setVal welcometext "\"$parsedContent\""
|
||||
fi
|
||||
|
||||
if ! grep -q '\[Ice\]' "${CONFIGFILE}"; then
|
||||
echo "" >> "${CONFIGFILE}"
|
||||
cat "${ICEFILE}" >> "${CONFIGFILE}"
|
||||
fi
|
||||
|
||||
chown -R murmur:nobody /data/
|
||||
|
||||
if [ -f "${CUSTOM_CONFIG_FILE}" ]; then
|
||||
CONFIGFILE="${CUSTOM_CONFIG_FILE}"
|
||||
fi
|
||||
|
||||
# Run murmur if not in debug mode
|
||||
if [ -z "$DEBUG" ] || [ "$DEBUG" -ne 1 ]; then
|
||||
exec /opt/murmur/murmur.x86 -fg -ini "${CONFIGFILE}"
|
||||
else
|
||||
exec /opt/murmur/murmur.x86 -fg -ini "${CONFIGFILE}" -v
|
||||
fi
|
||||
|
Ładowanie…
Reference in New Issue