[ICE]

# Examples:
#   fqdn.domain.tld
#   127.0.0.1
#   shorthost
#   ::1
host = localhost

# The port ICE is running on
port = 6502

# One of udp or tcp. You probably want to use tcp.
proto = tcp

# You probably will need to change this.
# If you need a copy, you can get the most recent at:
# https://github.com/mumble-voip/mumble/blob/master/src/murmur/Murmur.ice
# If you leave this empty ("slice = "), we will attempt to fetch the slice from the remote
# instance ("host" above).
slice = /usr/local/lib/optools/mumble/murmur.ice

# The maximum size for ICE Messages (in KB)
# You're probably fine with the default.
max_size = 1024


[AUTH]

# The Ice secret for read-only operations.
# Set to a blank string if you want to only make a write-only connection.
read =

# The Ice secret for write-only operations.
# Set to a blank string if you want to only make a read-only connection.
write =

[TUNNEL]
# NOTE: TO USE SSH TUNNELING, YOU MUST HAVE THE PARAMIKO PYTHON MODULE INSTALLED.
# If enabled, we will bind the remote port to the host and port given in the [ICE] section.
# So you probably want to use localhost/127.0.0.1/::1 up there, and if you're
# running this script as a non-root user (you should be), then you'll want an
# ephemeral/non-privileged port that doesn't have anything bound to it.

# If this is enabled, we will try to initiate an SSH tunnel to the remote server,
# and use the Ice interface through that. Probably only works with TCP Ice instances.
# "enable" should be true or false. If blank, assume true. It's a VERY GOOD IDEA
# to use this feature, as it greatly heightens the security.
enable = true

# The remote host to bind a port with. In most cases, this is going to be the host
# that your Murmur instance is running on.
host = your.murmur.server.tld

# The remote user to auth as. If blank, use the current (local) username.
user =

# The port for SSH. In most cases, 22 is what you want. You can leave it blank,
# we'll use the default in that case.
port = 22

# The authentication method. Currently supported methods are "key" and "passphrase".
# Key is recommended (and the default). See:
# https://sysadministrivia.com/news/hardening-ssh-security#auth_client
# (and/or a multitude of other resources) on how to set up pubkey auth for SSH.
auth = key

# If "auth" is "password", enter the password here. If password auth is used
# and no password is provided, you will be prompted to enter it.
passphrase =

# If "auth" is "key", enter the path to the *private* (not public) key here.
# If none is provided, we'll use the default of ~/.ssh/id_rsa.
# Note that if your key is password-protected, you should enable "key_passphrase".
key = ~/.ssh/id_rsa

# Should we (securely) prompt for a key_passphrase? This is REQUIRED if your key
# is password-protected and you're using key authentication. Can be "true" or "false".
key_passphrase = false