How to run Murmur

2020-04-06

(last time edited: 2021-02-16)

tags: linux, services, voip

Murmur (also called Mumble-Server) is the server component for Mumble. Mumble is an open source, cross platform, low-latency, high quality voice over IP (VoIP) client. Mumble uses a client/server architecture and is primarily used by gamers, but can be used for any VoIP purpose.

I personally prefer to use uMurmur, which is a minimal server based on Murmur.

Install uMurmur and start it if you won't set up SSL certificates. It's just that easy! The connection port should be 64738 by default.

Setting up Let's Encrypt SSL/TLS certificates

Add your personal domain Let's Encrypt SSL/TLS certificates to the umurmur.conf configuration file. It's usually located at /etc/umurmur.

The certificate settings of the file should look something like this:

sslCert=/etc/letsencrypt/live/your_domain.com/fullchain.pem
sslKey=/etc/letsencrypt/live/your_domain.com/privkey.pem

The umurmur unprivileged user won't be able to read the certificates because they have root permissions. There are multiple ways to change permissions.

Create a ssl-certs group.

# groupadd ssl-certs

Add the umurmur user to the ssl-certs group.

# usermod -aG ssl-certs umurmur

Change group recursively to every file and directory inside /etc/letsencrypt.

# chgrp -R ssl-certs /etc/letsencrypt

Modify permissions recursively so users inside ssl-certs group can only read and execute.

# chmod -R g=rx /etc/letsencrypt

If you only share your Mumble server with your friends, don't forget to set a server password in the same murmur.conf file.

It's nice to set up a log file in order to debug if any errors occur.

logfile = "/var/log/umurmurd.log"

Read them using tail.

# tail -f /var/log/umurmurd.log

You can set it anywhere you want. Usually /var/log is a good place to store all your logs.