From cf5801415a319ba7070ba4580352cb6f710f5f18 Mon Sep 17 00:00:00 2001
From: Armin <armin.co@hs-bochum.de>
Date: Fri, 19 Jun 2020 12:40:07 +0200
Subject: [PATCH] Sample demployment with docker-compose sample murmur,
mumble-web and websockify deployment. Start with docker-compose up -d
---
docker-compose.yml | 33 +++++++
murmur/mumble-server.ini | 199 ++++++++++++++++++++++++++++++++++++++
webserver/conf/nginx.conf | 11 ++-
webserver/entrypoint.sh | 4 +-
4 files changed, 243 insertions(+), 4 deletions(-)
create mode 100644 docker-compose.yml
create mode 100644 murmur/mumble-server.ini
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..27d750e
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,33 @@
+version: '3.4'
+
+services:
+ mumble-web-nginx:
+ build:
+ context: ./
+ target: mumble-web-nginx
+ container_name: mumble-web-nginx
+ ports:
+ - 443:443
+ volumes:
+ - ./webserver:/data:ro
+ restart: unless-stopped
+ command: ["/data/entrypoint.sh"]
+
+ websockify:
+ build:
+ context: ./
+ target: websockify
+ container_name: websockify
+ ports:
+ - 64737:64737
+ restart: unless-stopped
+ command: websockify --ssl-target 64737 murmur:64738
+
+ murmur:
+ container_name: murmur
+ image: coppit/mumble-server
+ ports:
+ - 64738:64738
+ volumes:
+ - ./murmur:/data
+ restart: unless-stopped
diff --git a/murmur/mumble-server.ini b/murmur/mumble-server.ini
new file mode 100644
index 0000000..4c09b45
--- /dev/null
+++ b/murmur/mumble-server.ini
@@ -0,0 +1,199 @@
+# Murmur configuration file.
+#
+# General notes:
+# * Settings in this file are default settings and many of them can be overridden
+# with virtual server specific configuration via the Ice or DBus interface.
+# * Due to the way this configuration file is read some rules have to be
+# followed when specifying variable values (as in variable = value):
+# * Make sure to quote the value when using commas in strings or passwords.
+# NOT variable = super,secret BUT variable = "super,secret"
+# * Make sure to escape special characters like '\' or '"' correctly
+# NOT variable = """ BUT variable = "\""
+# NOT regex = \w* BUT regex = \\w*
+
+# Path to database. If blank, will search for
+# murmur.sqlite in default locations or create it if not found.
+database=
+
+# If you wish to use something other than SQLite, you'll need to set the name
+# of the database above, and also uncomment the below.
+# Sticking with SQLite is strongly recommended, as it's the most well tested
+# and by far the fastest solution.
+#
+#dbDriver=QMYSQL
+#dbUsername=
+#dbPassword=
+#dbHost=
+#dbPort=
+#dbPrefix=murmur_
+#dbOpts=
+
+# Murmur defaults to not using D-Bus. If you wish to use dbus, which is one of the
+# RPC methods available in Murmur, please specify so here.
+#
+dbus=system
+
+# Alternate D-Bus service name. Only use if you are running distinct
+# murmurd processes connected to the same D-Bus daemon.
+#dbusservice=net.sourceforge.mumble.murmur
+
+# If you want to use ZeroC Ice to communicate with Murmur, you need
+# to specify the endpoint to use. Since there is no authentication
+# with ICE, you should only use it if you trust all the users who have
+# shell access to your machine.
+# Please see the ICE documentation on how to specify endpoints.
+ice="tcp -h 127.0.0.1 -p 6502"
+
+# Ice primarily uses local sockets. This means anyone who has a
+# user account on your machine can connect to the Ice services.
+# You can set a plaintext "secret" on the Ice connection, and
+# any script attempting to access must then have this secret
+# (as context with name "secret").
+# Access is split in read (look only) and write (modify)
+# operations. Write access always includes read access,
+# unless read is explicitly denied (see note below).
+#
+# Note that if this is uncommented and with empty content,
+# access will be denied.
+
+#icesecretread=
+icesecretwrite=
+
+# How many login attempts do we tolerate from one IP
+# inside a given timeframe before we ban the connection?
+# Note that this is global (shared between all virtual servers), and that
+# it counts both successfull and unsuccessfull connection attempts.
+# Set either Attempts or Timeframe to 0 to disable.
+#autobanAttempts = 10
+#autobanTimeframe = 120
+#autobanTime = 300
+
+# Specifies the file Murmur should log to. By default, Murmur
+# logs to the file 'murmur.log'. If you leave this field blank
+# on Unix-like systems, Murmur will force itself into foreground
+# mode which logs to the console.
+logfile=/data/mumble-server.log
+
+# If set, Murmur will write its process ID to this file
+# when running in daemon mode (when the -fg flag is not
+# specified on the command line). Only available on
+# Unix-like systems.
+pidfile=/var/run/mumble-server/mumble-server.pid
+
+# The below will be used as defaults for new configured servers.
+# If you're just running one server (the default), it's easier to
+# configure it here than through D-Bus or Ice.
+#
+# Welcome message sent to clients when they connect.
+welcometext="<br />Welcome to this server running <b>Murmur</b>.<br />Enjoy your stay!<br />"
+
+# Port to bind TCP and UDP sockets to.
+port=64738
+
+# Specific IP or hostname to bind to.
+# If this is left blank (default), Murmur will bind to all available addresses.
+#host=
+
+# Password to join server.
+serverpassword=
+
+# Maximum bandwidth (in bits per second) clients are allowed
+# to send speech at.
+bandwidth=72000
+
+# Maximum number of concurrent clients allowed.
+users=100
+
+# Amount of users with Opus support needed to force Opus usage, in percent.
+# 0 = Always enable Opus, 100 = enable Opus if it's supported by all clients.
+#opusthreshold=100
+
+# Maximum depth of channel nesting. Note that some databases like MySQL using
+# InnoDB will fail when operating on deeply nested channels.
+#channelnestinglimit=10
+
+# Regular expression used to validate channel names.
+# (Note that you have to escape backslashes with \ )
+#channelname=[ \\-=\\w\\#\\[\\]\\{\\}\\(\\)\\@\\|]+
+
+# Regular expression used to validate user names.
+# (Note that you have to escape backslashes with \ )
+#username=[-=\\w\\[\\]\\{\\}\\(\\)\\@\\|\\.]+
+
+# Maximum length of text messages in characters. 0 for no limit.
+#textmessagelength=5000
+
+# Maximum length of text messages in characters, with image data. 0 for no limit.
+#imagemessagelength=131072
+
+# Allow clients to use HTML in messages, user comments and channel descriptions?
+#allowhtml=true
+
+# Murmur retains the per-server log entries in an internal database which
+# allows it to be accessed over D-Bus/ICE.
+# How many days should such entries be kept?
+# Set to 0 to keep forever, or -1 to disable logging to the DB.
+#logdays=31
+
+# To enable public server registration, the serverpassword must be blank, and
+# this must all be filled out.
+# The password here is used to create a registry for the server name; subsequent
+# updates will need the same password. Don't lose your password.
+# The URL is your own website, and only set the registerHostname for static IP
+# addresses.
+# Only uncomment the 'registerName' parameter if you wish to give your "Root" channel a custom name.
+#
+#registerName=Mumble Server
+#registerPassword=secret
+#registerUrl=https://www.mumble.info/
+#registerHostname=
+
+# If this option is enabled, the server will announce its presence via the
+# bonjour service discovery protocol. To change the name announced by bonjour
+# adjust the registerName variable.
+# See http://developer.apple.com/networking/bonjour/index.html for more information
+# about bonjour.
+#bonjour=True
+
+# If you have a proper SSL certificate, you can provide the filenames here.
+# Otherwise, Murmur will create it's own certificate automatically.
+#sslCert=
+#sslKey=
+
+# The sslCiphers option chooses the cipher suites to make available for use
+# in SSL/TLS. This option is server-wide, and cannot be set on a
+# per-virtual-server basis.
+#
+# This option is specified using OpenSSL cipher list notation (see
+# https://www.openssl.org/docs/apps/ciphers.html#CIPHER-LIST-FORMAT).
+#
+# It is recommended that you try your cipher string using 'openssl ciphers <string>'
+# before setting it here, to get a feel for which cipher suites you will get.
+#
+# After setting this option, it is recommend that you inspect your Murmur log
+# to ensure that Murmur is using the cipher suites that you expected it to.
+#
+# Note: Changing this option may impact the backwards compatibility of your
+# Murmur server, and can remove the ability for older Mumble clients to be able
+# to connect to it.
+#sslCiphers=EECDH+AESGCM:AES256-SHA:AES128-SHA
+
+# If Murmur is started as root, which user should it switch to?
+# This option is ignored if Murmur isn't started with root privileges.
+uname=mumble-server
+
+# If this options is enabled, only clients which have a certificate are allowed
+# to connect.
+#certrequired=False
+
+# If enabled, clients are sent information about the servers version and operating
+# system.
+#sendversion=True
+
+# You can configure any of the configuration options for Ice here. We recommend
+# leave the defaults as they are.
+# Please note that this section has to be last in the configuration file.
+#
+[Ice]
+Ice.Warn.UnknownProperties=1
+Ice.MessageSizeMax=65536
diff --git a/webserver/conf/nginx.conf b/webserver/conf/nginx.conf
index 754b765..3236f87 100644
--- a/webserver/conf/nginx.conf
+++ b/webserver/conf/nginx.conf
@@ -17,15 +17,20 @@ http {
server {
listen 443 ssl;
server_name localhost;
- ssl_certificate /config/certs/test.crt;
- ssl_certificate_key /config/certs/test.key;
+ ssl_certificate /data/certs/test.crt;
+ ssl_certificate_key /data/certs/test.key;
location / {
root /home/node/dist;
}
location /demo {
- proxy_pass http://192.168.188.20:64737;
+ resolver 127.0.0.11 valid=30s;
+ # get websockify ip address
+ # of the container it is running in
+ # name of the container has to be websockify
+ set $websock_address websockify;
+ proxy_pass http://$websock_address:64737;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
diff --git a/webserver/entrypoint.sh b/webserver/entrypoint.sh
index 5459c70..a49bd00 100755
--- a/webserver/entrypoint.sh
+++ b/webserver/entrypoint.sh
@@ -1,2 +1,4 @@
-mv /config/conf/nginx.conf /etc/nginx/nginx.conf;
+# copy config for nginx
+cp /data/conf/nginx.conf /etc/nginx/nginx.conf;
+# start nginx
nginx -g 'daemon off;'; nginx -s reload;
\ No newline at end of file
--
GitLab