Setup Mumble Server on QNAP Container using Docker

Undefined Programming

Setup Mumble Server on QNAP Container using Docker

Basic set-up of using QNAP container interface to install Mumble in Docked, download Container Station from the AppStore and find coppit/mumble-server.

Get the latest tag build

You can edit the name, apply CPU and memory restrictions, I’ve decided to put 2GB of RAM.

Ensure that port 64738 with TCP and UDP is enabled via the port forwarding section

Make a volume name for the data folder, where mumble settings are defaulted

Upon making the docker, in the terminal you will notice that it has created the config file for you.

To find it, it be in

/Container/container-station-data/lib/docker/volumes/mumble-data/_data/

# Murmur configuration file.
#
# General notes:
# * Settings in this file are default settings and many of them can be overridden
#   with virtual server specific configuration via the Ice or DBus interface.
# * Due to the way this configuration file is read some rules have to be
#   followed when specifying variable values (as in variable = value):
#     * Make sure to quote the value when using commas in strings or passwords.
#        NOT variable = super,secret BUT variable = "super,secret"
#     * Make sure to escape special characters like '\' or '"' correctly
#        NOT variable = """ BUT variable = "\""
#        NOT regex = \w* BUT regex = \\w*

# Path to database. If blank, will search for
# murmur.sqlite in default locations or create it if not found.
database=/data/mumble-server.sqlite

# If you wish to use something other than SQLite, you'll need to set the name
# of the database above, and also uncomment the below.
# Sticking with SQLite is strongly recommended, as it's the most well tested
# and by far the fastest solution.
#
#dbDriver=QMYSQL
#dbUsername=
#dbPassword=
#dbHost=
#dbPort=
#dbPrefix=murmur_
#dbOpts=

# Murmur defaults to not using D-Bus. If you wish to use dbus, which is one of the
# RPC methods available in Murmur, please specify so here.
#
dbus=system

# Alternate D-Bus service name. Only use if you are running distinct
# murmurd processes connected to the same D-Bus daemon.
#dbusservice=net.sourceforge.mumble.murmur

# If you want to use ZeroC Ice to communicate with Murmur, you need
# to specify the endpoint to use. Since there is no authentication
# with ICE, you should only use it if you trust all the users who have
# shell access to your machine.
# Please see the ICE documentation on how to specify endpoints.
ice="tcp -h 127.0.0.1 -p 6502"

# Ice primarily uses local sockets. This means anyone who has a
# user account on your machine can connect to the Ice services.
# You can set a plaintext "secret" on the Ice connection, and
# any script attempting to access must then have this secret
# (as context with name "secret").
# Access is split in read (look only) and write (modify) 
# operations. Write access always includes read access,
# unless read is explicitly denied (see note below).
#
# Note that if this is uncommented and with empty content,
# access will be denied.

#icesecretread=
icesecretwrite=

# How many login attempts do we tolerate from one IP
# inside a given timeframe before we ban the connection?
# Note that this is global (shared between all virtual servers), and that
# it counts both successfull and unsuccessfull connection attempts.
# Set either Attempts or Timeframe to 0 to disable.
#autobanAttempts = 10
#autobanTimeframe = 120
#autobanTime = 300

# Specifies the file Murmur should log to. By default, Murmur
# logs to the file 'murmur.log'. If you leave this field blank
# on Unix-like systems, Murmur will force itself into foreground
# mode which logs to the console.
logfile=/data/mumble-server.log

# If set, Murmur will write its process ID to this file
# when running in daemon mode (when the -fg flag is not
# specified on the command line). Only available on
# Unix-like systems.
pidfile=/var/run/mumble-server/mumble-server.pid

# The below will be used as defaults for new configured servers.
# If you're just running one server (the default), it's easier to
# configure it here than through D-Bus or Ice.
#
# Welcome message sent to clients when they connect.
welcometext="<br />Welcome to this server running <b>Murmur</b>.<br />Enjoy your stay!<br />"

# Port to bind TCP and UDP sockets to.
port=64738

# Specific IP or hostname to bind to.
# If this is left blank (default), Murmur will bind to all available addresses.
#host=

# Password to join server.
serverpassword=

# Maximum bandwidth (in bits per second) clients are allowed
# to send speech at.
bandwidth=72000

# Maximum number of concurrent clients allowed.
users=100

# Amount of users with Opus support needed to force Opus usage, in percent.
# 0 = Always enable Opus, 100 = enable Opus if it's supported by all clients.
#opusthreshold=100

# Maximum depth of channel nesting. Note that some databases like MySQL using
# InnoDB will fail when operating on deeply nested channels.
#channelnestinglimit=10

# Regular expression used to validate channel names.
# (Note that you have to escape backslashes with \ )
#channelname=[ \\-=\\w\\#\\[\\]\\{\\}\\(\\)\\@\\|]+

# Regular expression used to validate user names.
# (Note that you have to escape backslashes with \ )
#username=[-=\\w\\[\\]\\{\\}\\(\\)\\@\\|\\.]+

# Maximum length of text messages in characters. 0 for no limit.
#textmessagelength=5000

# Maximum length of text messages in characters, with image data. 0 for no limit.
#imagemessagelength=131072

# Allow clients to use HTML in messages, user comments and channel descriptions?
#allowhtml=true

# Murmur retains the per-server log entries in an internal database which
# allows it to be accessed over D-Bus/ICE.
# How many days should such entries be kept?
# Set to 0 to keep forever, or -1 to disable logging to the DB.
#logdays=31

# To enable public server registration, the serverpassword must be blank, and
# this must all be filled out.
# The password here is used to create a registry for the server name; subsequent
# updates will need the same password. Don't lose your password.
# The URL is your own website, and only set the registerHostname for static IP
# addresses.
# Only uncomment the 'registerName' parameter if you wish to give your "Root" channel a custom name.
#
#registerName=Mumble Server
#registerPassword=secret
#registerUrl=https://www.mumble.info/
#registerHostname=

# If this option is enabled, the server will announce its presence via the 
# bonjour service discovery protocol. To change the name announced by bonjour
# adjust the registerName variable.
# See http://developer.apple.com/networking/bonjour/index.html for more information
# about bonjour.
#bonjour=True

# If you have a proper SSL certificate, you can provide the filenames here.
# Otherwise, Murmur will create it's own certificate automatically.
#sslCert=
#sslKey=

# The sslCiphers option chooses the cipher suites to make available for use
# in SSL/TLS. This option is server-wide, and cannot be set on a
# per-virtual-server basis.
#
# This option is specified using OpenSSL cipher list notation (see
# https://www.openssl.org/docs/apps/ciphers.html#CIPHER-LIST-FORMAT).
#
# It is recommended that you try your cipher string using 'openssl ciphers <string>'
# before setting it here, to get a feel for which cipher suites you will get.
#
# After setting this option, it is recommend that you inspect your Murmur log
# to ensure that Murmur is using the cipher suites that you expected it to.
#
# Note: Changing this option may impact the backwards compatibility of your
# Murmur server, and can remove the ability for older Mumble clients to be able
# to connect to it.
#sslCiphers=EECDH+AESGCM:AES256-SHA:AES128-SHA

# If Murmur is started as root, which user should it switch to?
# This option is ignored if Murmur isn't started with root privileges.
uname=mumble-server

# If this options is enabled, only clients which have a certificate are allowed
# to connect.
#certrequired=False

# If enabled, clients are sent information about the servers version and operating
# system.
#sendversion=True

# You can configure any of the configuration options for Ice here. We recommend
# leave the defaults as they are.
# Please note that this section has to be last in the configuration file.
#
[Ice]
Ice.Warn.UnknownProperties=1
Ice.MessageSizeMax=65536

Recommend that you apply a password to your server on line 98

serverpassword=

Also add in your SSL certificate location on line 160 and 161, remember that you need to use a fullchain and a priv.key. Just add the required files in the /data folder where the mumble-server.ini is located.

sslCert=/data/fullchain.pem
sslKey=/data/privkey.pem

Once you edited the mumble default settings, you will notice that you will have this error ‘ServerDB: Failed initialization: unable to open database file Error opening database’ in the terminal. The issue is that the /data folder does not have the same permission as the default user:group mumble-server:mumble-server. This prevents the mumble-server.log to be written in the /data folder, to apply the permission you need a terminal use Telnet or SSH.

Only the account admin can login remotely.

This is a Telnet example

o [I.P address] [port]

docker exec -it [Docker ID] bash

chown -R mumble-server:mumble-server /data

All done ready to go, make sure you port-forward it correctly

Leave a Reply

Your e-mail address will not be published. Required fields are marked *