Mumble Open Source, Low Latency, High Quality Voice Chat

Using Glacier2 with Ice

Improve this page

NOTE: Since Mumble 1.2.2 you can set icesecretread and icesecretwrite in your server configuration and use it as a password. This is a lot easier to set up and use than Glacier2.

Glacier2 is a Ice routing and firewall utility, and allows you to securely run the server on one machine and murmur on another. Note that if both server and client are on a secure LAN, you can just use iptables to protect the Ice port, which is a lot easier than setting up Glacier2.

The examples here assume that 1.2.3.4 is the public IP address of the server running Murmur. We’re going to use the username magic with the password pink.

Configuring Glacier2

Create a config file called config.glacier2 and put the following in it:

Glacier2.Client.Endpoints=tcp -h 1.2.3.4 -p 4063
Glacier2.SessionTimeout=60
Glacier2.CryptPasswords=passwords.txt

Your endpoint host should be the public IP that you are running Glacier on. If you don’t specify a client via -h, then Glacier will bind to all listening interfaces.

Then, create a password hash using the OpenSSL utility.

openssl passwd pink

this will spit out a hash, which looks something like CTThafhdv9Lz2

Create a file called passwords.txt containing:

magic CTThafhdv9Lz2

Start glacier2 as this:

glacier2router --Ice.Config=config.glacier2

You will need to have Ice installed (download). glacier2router is a binary that is located in <location_of_Ice_installation>/bin/glacier2router.exe.

Configuring Murmur

There is nothing to do in murmur. Seriously. Leave the default setting of binding to 127.0.0.1 alone.

Configuring Client (PHP)

This is where it starts getting slightly ugly. Note that this requires Ice >= 3.3.1, as Ice 3.3.0 has a bug in it which prevents this from working. The following is the adaptation necessary to weblist.php to get it to work:

try {
  $router = $ICE->stringToProxy("Glacier2/router:tcp -p 4063 -h 1.2.3.4");
  $router = $router->ice_uncheckedCast("::Glacier2::Router")->ice_router(null);
  $session = $router->createSession("magic", "pink");
  $base = $ICE->stringToProxy("Meta:tcp -h 127.0.0.1 -p 6502")->ice_router($router);
  $meta = $base->ice_checkedCast("::Murmur::Meta")->ice_router($router);

For each object you get a proxy to (including the return from $meta->getServer), you need to add ->ice_router($router)

Configuring Client (Ruby)

There is a set of classes for easily working with Ice directly and through Glacier available at GitHub. However, if you want to do it manually, it’s not too hard.

glacierHost = "example.com"
glacierPort = 1234
user = "glacieruser"
pass = "glacierpass"
server_id = 1

prx = ic.stringToProxy("Glacier2/router:tcp -h #{glacierHost} -p #{glacierPort}")
router = ::Glacier2::RouterPrx::uncheckedCast(prx).ice_router(nil)
router.createSession(user, pass)
meta = Murmur::MetaPrx::checkedCast(ic.stringToProxy("Meta:tcp -h #{host} -p #{port}")).ice_router(router)
server = meta.getServer(server_id).ice_router(router)

For each object you get a proxy to (including the return from Murmur::MetaPrx::getServer), you need to add #ice_router(router).