Linking a Discourse User db with a Mumble server (Murmur)


(Travis) #1

I absolutely love Discourse! My gaming community uses it and love it as well. We also use Mumble religiously.

My current setup is 2 servers, both hosted by Digital Ocean, one running Discourse and one running Mumble. Murmur can apparently use any db driver but defaults to SQLite. I’ve been a part of some other communities that use various php forums which do something similar to my goal.

What I would like is to share the user database and allow users for Discourse to authenticate on Mumble using their username/password. If they change their password on Discourse, it will sync, etc.

I’ve been looking around for clues or ideas but haven’t turned up much. I was wondering if anyone has any hints or advice they might be able to share. Of course, if anyone has experience with this, I’d love to hear from you.

Thanks in advance!


$100 Bounty: Create script or plugin that links Mumble to Discourse's user db
(Jacob) #2

I have the same setup, any integration would be great.


(Kane York) #3

If you can write Ruby code, you can definitely set up your own auth provider.


(Travis) #4

I take this to mean another sign in provider like an oAuth Goolge, Twitter, etc. Is that correct?

I’m actually trying to go the opposite direction. I wan Mumble to use Discourse’s users by creating something that synchronizes the two dbs.


(Jens Maier) #5

You could try to hack an existing authenticator service to talk to PostgreSQL and pull password salts and hashes from the Discourse database.

By the way, how does Discourse store passwords? SHA1(salt || password)?


(Jeff Atwood) #6

See the docs folder in the source tree, specifically the one titled security.md


(Travis) #7

Ah ha! That’s exactly what I’m looking for. If I could gather enough information about how to translate that to Discourse I think I could hack up one of these.


(Jens Maier) #8

Basically, adjust the code starting at line 465 to understand Discourse’s database schema and change phpbb_check_hash (line 814) to hash the password with PBKDF as per the file Jeff linked.

Good luck with Python, tho. That’s not one of my languages. :expressionless:


(Travis) #9

Been trying to get this working but I’m a bit lost when it comes to changing the password hash stuff.

There’s a murmur manager made with Ruby that communicates with the server but it doesn’t include the auth stuff. I’m not sure if that would be a better place to start: murmur-manager/ice.rb at master · cheald/murmur-manager · GitHub

I think I might open up a Marketplace job for getting this going.


(Jens Maier) #10

I’ve hacked the phpBB authenticator for Discourse:

Aside from the PBKDF2 function, however, that code is completely untested as I don’t have Mumble installed. It might not even run – or spontaneously combust, for all I know. If all you needed was the function that checks Discourse passwords, that part Should Work™.


(Travis) #11

Just thought I would note, I’ve posted a $100 bounty for this task: Bountify | Create Ruby (others accepted) script that links Mumble to Discourse’s user db

I think others would find such a script useful and I know I really need it. So I figured I’d go ahead and pay to get something out there.


(Jens Maier) #12

… and now it actually works. :blush:

Getting the necessary packages installed on my Gentoo box was a bit painful, so I didn’t test it at all before and made a huge mess. But this time I actually tested the script successfully against a minimal local murmur server and my Discourse test-app (running in production mode).

Instructions:

  1. Install Ice for Python and Psycopg2 via your distro’s package manager.
  2. Create a INI-style config file or edit the default configuration section in the script, e.g.
    [database] user = your_username password = totally_secure_password
  3. Note of config options: ice.slice should point to the Murmur.ice file that came with your Murmur package, ice.secret is Murmur’s icesecretwrite setting.

(Travis) #13

Sign up for the bounty and claim it, otherwise the money goes to charity automatically so either way. You did the work though so if it works you should get the reward!

I’m testing it now.


(Travis) #14

First of all, I really appreciate your help with this!

I think I almost have it. At least, it doesn’t give me any errors which is what was happening when I tried to do it myself.

A couple questions:

  • What did you set serverpassword to in mumble-server.ini? Blank? Commented out?
  • It feels like something is happening when I connect since it lags a bit more than it usually takes to connect to the server. However, I don’t get prompted for a password. I’m using a username from the forum and this is a fresh install. I tried reloading my cert from the cert wizard.

(Jens Maier) #15

The script, by default, writes everything into a log file, not to stdout or stderr. Make sure the user running the script has privileges to create and write to discourseauth.log in the script’s current directory, and check that file for error messages. It should log quite a bit, as the default log level is set to debug.

The lag while connecting to murmur is weird. It would be expected if the user had entered a password (Discourse hashes user passwords with PBKDF2, a hash algorithm that is specifically designed to be slow, and the Python implementation in the script is much slower then an optimized native implementation would be…), but this looks like an error.

Can you post the contents of the log file?


(Travis) #16

Ah, I see the log now, awesome.

Looks like the issue is that postgres is not accepting incoming connections on the private digital ocean network ip (or at all, considering i set it to the external as well).

2014-05-06 20:26:43,077 INFO Connecting to database server (psycopg2 10.x.x.x:5432 discourse) for thread 140000244741888
2014-05-06 20:26:46,076 ERROR Could not connect to database: could not connect to server: No route to host
        Is the server running on host "10.x.x.x" and accepting
        TCP/IP connections on port 5432?

Can I enable this without screwing up the docker install?


(Jens Maier) #17

See here:


(Travis) #18

Perfect. I’m assuming I need to rebootstrap? Is that launcher destroy then launcher start? I’ve been wearing to do destory as it seems so… destructive. This is production.


(Jens Maier) #19

Hm, I have no idea, actually… :confounded: I am not (yet) using docker, so I have no experience with it, sorry.


(Travis) #20

Argh, yeah. Seems so close! :smile:

Looks like from this that’s what I’m to do: GitHub - discourse/discourse_docker: A Docker image for Discourse

Seems like now I must deal with a whole new set of Docker issues.

ERROR:  While executing gem ... (Gem::SpecificGemNotFoundException)
    Could not find a valid gem 'bundler' (= 1.6.2) locally or in a repository
I, [2014-05-07T01:34:18.126665 #42]  INFO -- : Updating installed gems

Can’t understand why bootstrap would work before and not now. Argh! I just want to get that - expose in there.