From 659e8eeef73f6dfdeea65200bb3a42ea79205a6e Mon Sep 17 00:00:00 2001 From: Kyle Stapp Date: Fri, 27 Mar 2015 00:19:28 -0400 Subject: [PATCH] Initial mumble server commit --- LICENSE | 14 ++ README.rst | 27 +++ mumble-server/config.sls | 15 ++ mumble-server/files/mumble-server.ini | 230 ++++++++++++++++++++++++++ mumble-server/init.sls | 14 ++ mumble-server/map.jinja | 8 + pillar.example | 15 ++ 7 files changed, 323 insertions(+) create mode 100644 LICENSE create mode 100644 README.rst create mode 100644 mumble-server/config.sls create mode 100644 mumble-server/files/mumble-server.ini create mode 100644 mumble-server/init.sls create mode 100644 mumble-server/map.jinja create mode 100644 pillar.example diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..47d69b9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,14 @@ + Copyright (c) 2013-2014 Salt Stack Formulas + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..4d975c7 --- /dev/null +++ b/README.rst @@ -0,0 +1,27 @@ +mumble-server +======= +Install and configure a mumble-server instance. + +.. note:: + + See the full `Salt Formulas installation and usage instructions + `_. + +Available states +================ + +.. contents:: + :local: + +``mumble-server`` +----------- + +Installs the ``mumble-server`` server package and service. + +``mumble-server.config`` +------------------ + +Installs the mumble-server configuration file included in this formula +(under "mumble-server/files"). This configuration file is populated +by values from pillar. ``pillar.example`` results in the generation +of the default ``mumble-server.ini`` file on Ubuntu 14.04 Trusty Tahr . \ No newline at end of file diff --git a/mumble-server/config.sls b/mumble-server/config.sls new file mode 100644 index 0000000..648b888 --- /dev/null +++ b/mumble-server/config.sls @@ -0,0 +1,15 @@ +{% from "vsftpd/map.jinja" import vsftpd with context %} + +include: + - vsftpd + +vsftpd_config: + file.managed: + - name: {{ vsftpd.vsftpd_config }} + - source: {{ vsftpd.vsftpd_config_src }} + - template: jinja + - user: root + - mode: 644 + - watch_in: + - service: {{ vsftpd.service }} + diff --git a/mumble-server/files/mumble-server.ini b/mumble-server/files/mumble-server.ini new file mode 100644 index 0000000..5c01510 --- /dev/null +++ b/mumble-server/files/mumble-server.ini @@ -0,0 +1,230 @@ +{%- set mumbleserver_config = pillar.get('mumbleserver_config', {}) -%} +{#- present in mumbleserver_config and known in actual file options -#} +{%- set processed_options = [] -%} + +{#- generic renderer used for mumbleserver known options, -#} +{#- and unknown options -#} +{%- macro render_option(keyword, default, config_dict=mumbleserver_config) -%} + {%- set value = config_dict.get(keyword, default) -%} + {%- if value is string or value is number -%} +{{ keyword }}={{ value }} + {%- else -%} +{%- for single_value in value -%} +{{ keyword }}={{ single_value }} +{% endfor -%} + {%- endif -%} +{%- endmacro -%} + +{#- macros for render option according to present -#} +{%- macro option_impl(keyword, default, present) -%} + {%- if present -%} + {%- do processed_options.append(keyword) -%} + {%- set prefix='' -%} + {%- else -%} + {%- set prefix='#' -%} + {%- endif -%} + {#- add prefix to keyword -#} + {%- set keyword = prefix ~ keyword -%} +{{ render_option(keyword, default) }} +{%- endmacro -%} + +{#- macros for render option commented by default -#} +{%- macro option(keyword, default, present) -%} +{{ option_impl(keyword, default, keyword in mumbleserver_config) }} +{%- endmacro -%} + +{#- macros for render option uncommented by default -#} +{%- macro option_default_uncommented(keyword, default, present) -%} +{{ option_impl(keyword, default, True) }} +{%- endmacro -%} +# +# This file is managed by salt. Manual changes risk being overwritten. +# Murmur configuration file. +# +# General notes: +# * Settings in this file are default settings and many of them can be overridden +# with virtual server specific configuration via the Ice or DBus interface. +# * Due to the way this configuration file is read some rules have to be +# followed when specifying variable values (as in variable = value): +# * Make sure to quote the value when using commas in strings or passwords. +# NOT variable = super,secret BUT variable = "super,secret" +# * Make sure to escape special characters like '\' or '"' correctly +# NOT variable = """ BUT variable = "\"" +# NOT regex = \w* BUT regex = \\w* + +# Path to database. If blank, will search for +# murmur.sqlite in default locations or create it if not found. +{{ option_default_uncommented('database', '/var/lib/mumble-server/mumble-server.sqlite') }} + +# If you wish to use something other than SQLite, you'll need to set the name +# of the database above, and also uncomment the below. +# Sticking with SQLite is strongly recommended, as it's the most well tested +# and by far the fastest solution. +# +{{ option('dbDriver', '') }} +{{ option('dbUsername', '') }} +{{ option('dbPassword', '') }} +{{ option('dbHost', '') }} +{{ option('dbPort', '') }} +{{ option('dbPrefix', 'murmur_') }} +{{ option('dbOpts', '') }} + +# Murmur defaults to not using D-Bus. If you wish to use dbus, which is one of the +# RPC methods available in Murmur, please specify so here. +# +{{ option_default_uncommented('dbus', 'system') }} + +# Alternate D-Bus service name. Only use if you are running distinct +# murmurd processes connected to the same D-Bus daemon. +{{ option('dbusservice', 'net.sourceforge.mumble.murmur') }} + +# If you want to use ZeroC Ice to communicate with Murmur, you need +# to specify the endpoint to use. Since there is no authentication +# with ICE, you should only use it if you trust all the users who have +# shell access to your machine. +# Please see the ICE documentation on how to specify endpoints. +{{ option_default_uncommented('ice', '"tcp -h 127.0.0.1 -p 6502"') }} + +# Ice primarily uses local sockets. This means anyone who has a +# user account on your machine can connect to the Ice services. +# You can set a plaintext "secret" on the Ice connection, and +# any script attempting to access must then have this secret +# (as context with name "secret"). +# Access is split in read (look only) and write (modify) +# operations. Write access always includes read access, +# unless read is explicitly denied (see note below). +# +# Note that if this is uncommented and with empty content, +# access will be denied. + +{{ option('icesecretread', '') }} +{{ option_default_uncommented('icesecretwrite', '') }} + +# How many login attempts do we tolerate from one IP +# inside a given timeframe before we ban the connection? +# Note that this is global (shared between all virtual servers), and that +# it counts both successfull and unsuccessfull connection attempts. +# Set either Attempts or Timeframe to 0 to disable. +{{ option('autobanAttempts', '10') }} +{{ option('autobanTimeframe', '120') }} +{{ option('autobanTime', '300') }} + +# Specifies the file Murmur should log to. By default, Murmur +# logs to the file 'murmur.log'. If you leave this field blank +# on Unix-like systems, Murmur will force itself into foreground +# mode which logs to the console. +{{ option_default_uncommented('logfile', '/var/log/mumble-server/mumble-server.log') }} + +# If set, Murmur will write its process ID to this file +# when running in daemon mode (when the -fg flag is not +# specified on the command line). Only available on +# Unix-like systems. +{{ option_default_uncommented('pidfile', '/var/run/mumble-server/mumble-server.pid') }} + +# The below will be used as defaults for new configured servers. +# If you're just running one server (the default), it's easier to +# configure it here than through D-Bus or Ice. +# +# Welcome message sent to clients when they connect. +{{ option_default_uncommented('welcometext', '"
Welcome to this server running Murmur.
Enjoy your stay!
"') }} + +# Port to bind TCP and UDP sockets to. +{{ option_default_uncommented('port', '64738') }} + +# Specific IP or hostname to bind to. +# If this is left blank (default), Murmur will bind to all available addresses. +{{ option('host', '') }} + +# Password to join server. +{{ option_default_uncommented('serverpassword', '') }} + +# Maximum bandwidth (in bits per second) clients are allowed +# to send speech at. +{{ option_default_uncommented('bandwidth', '72000') }} + +# Maximum number of concurrent clients allowed. +{{ option_default_uncommented('users', '100') }} + +# Amount of users with Opus support needed to force Opus usage, in percent. +# 0 = Always enable Opus, 100 = enable Opus if it's supported by all clients. +{{ option('opusthreshold', '100') }} + +# Maximum depth of channel nesting. Note that some databases like MySQL using +# InnoDB will fail when operating on deeply nested channels. +{{ option('channelnestinglimit', '10') }} + +# Regular expression used to validate channel names. +# (Note that you have to escape backslashes with \ ) +{{ option('channelname', '[ \\-=\\w\\#\\[\\]\\{\\}\\(\\)\\@\\|]+') }} + +# Regular expression used to validate user names. +# (Note that you have to escape backslashes with \ ) +{{ option('username', '[-=\\w\\[\\]\\{\\}\\(\\)\\@\\|\\.]+') }} + +# Maximum length of text messages in characters. 0 for no limit. +{{ option('textmessagelength', '5000') }} + +# Maximum length of text messages in characters, with image data. 0 for no limit. +{{ option('imagemessagelength', '131072') }} + +# Allow clients to use HTML in messages, user comments and channel descriptions? +{{ option('allowhtml', 'true') }} + +# Murmur retains the per-server log entries in an internal database which +# allows it to be accessed over D-Bus/ICE. +# How many days should such entries be kept? +# Set to 0 to keep forever, or -1 to disable logging to the DB. +{{ option('logdays', '31') }} + +# To enable public server registration, the serverpassword must be blank, and +# this must all be filled out. +# The password here is used to create a registry for the server name; subsequent +# updates will need the same password. Don't lose your password. +# The URL is your own website, and only set the registerHostname for static IP +# addresses. +# Only uncomment the 'registerName' parameter if you wish to give your "Root" channel a custom name. +# +{{ option('registerName', 'Mumble Server') }} +{{ option('registerPassword', 'secret') }} +{{ option('registerUrl', 'http://mumble.sourceforge.net/') }} +{{ option('registerHostname', '') }} + +# If this option is enabled, the server will announce its presence via the +# bonjour service discovery protocol. To change the name announced by bonjour +# adjust the registerName variable. +# See http://developer.apple.com/networking/bonjour/index.html for more information +# about bonjour. +{{ option('bonjour', 'True') }} + +# If you have a proper SSL certificate, you can provide the filenames here. +# Otherwise, Murmur will create it's own certificate automatically. +{{ option('sslCert', '') }} +{{ option('sslKey', '') }} + +# If Murmur is started as root, which user should it switch to? +# This option is ignored if Murmur isn't started with root privileges. +{{ option_default_uncommented('uname', 'mumble-server') }} + +# If this options is enabled, only clients which have a certificate are allowed +# to connect. +{{ option('certrequired', 'False') }} + +# If enabled, clients are sent information about the servers version and operating +# system. +{{ option('sendversion', 'True') }} + +# You can configure any of the configuration options for Ice here. We recommend +# leave the defaults as they are. +# Please note that this section has to be last in the configuration file. +# +[Ice] +{{ option_default_uncommented('Ice.Warn.UnknownProperties', '1') }} +{{ option_default_uncommented('Ice.MessageSizeMax', '65536') }} + +{# Handling unknown in salt template options #} +{%- for keyword in mumbleserver_config.keys() %} + {%- if not keyword in processed_options -%} +{#- send a blank default as it doesn't matter #} +{{ render_option(keyword, '') }} + {%- endif -%} +{%- endfor %} \ No newline at end of file diff --git a/mumble-server/init.sls b/mumble-server/init.sls new file mode 100644 index 0000000..474a7ef --- /dev/null +++ b/mumble-server/init.sls @@ -0,0 +1,14 @@ +{% from "mumbleserver/map.jinja" import mumbleserver with context %} + +mumbleserver: + {% if mumbleserver.server is defined %} + pkg.installed: + - name: {{ mumbleserver.server }} + {% endif %} + service.running: + - enable: True + - name: {{ mumbleserver.service }} + {% if mumbleserver.server is defined %} + - require: + - pkg: {{ mumbleserver.server }} + {% endif %} diff --git a/mumble-server/map.jinja b/mumble-server/map.jinja new file mode 100644 index 0000000..0a44a65 --- /dev/null +++ b/mumble-server/map.jinja @@ -0,0 +1,8 @@ +{% set mumbleserver = salt['grains.filter_by']({ + 'Debian': { + 'server': 'mumble-server', + 'service': 'mumble-server', + 'mumbleserver_config': '/etc/mumble-server.ini', + 'mumbleserver_config_src': 'salt://mumble-server/files/mumble-server.ini', + }, +}, merge=salt['pillar.get']('mumbleserver:lookup')) %} \ No newline at end of file diff --git a/pillar.example b/pillar.example new file mode 100644 index 0000000..e4500d7 --- /dev/null +++ b/pillar.example @@ -0,0 +1,15 @@ +mumbleserver_config: + database: '/var/lib/mumble-server/mumble-server.sqlite' + dbus: 'system' + ice: '"tcp -h 127.0.0.1 -p 6502"' + icesecretwrite: '' + logfile: '/var/log/mumble-server/mumble-server.log' + pidfile: '/var/run/mumble-server/mumble-server.pid' + welcometext: '"
Welcome to this server running Murmur.
Enjoy your stay!
"' + port: '64738' + serverpassword: '' + bandwidth: '72000' + users: '100' + uname: 'mumble-server' + Ice.Warn.UnknownProperties: '1' + Ice.MessageSizeMax: '65536'