Process review feedback

3 years ago · 0fd97124f7
parent d472900efa
commit 0fd97124f7
4 changed files with 15 additions and 136 deletions
--- a/webmails/rainloop/Dockerfile
+++ b/webmails/rainloop/Dockerfile
@ -1,12 +1,14 @@
-ARG DISTRO=nginx:1.21-alpine
-FROM $DISTRO
+ARG ARCH=""
+
+# NOTE: only add file if building for arm
+FROM ${ARCH}alpine:3.14
+ONBUILD COPY --from=balenalib/rpi-alpine:3.14 /usr/bin/qemu-arm-static /usr/bin/qemu-arm-static

 # Shared later between dovecot postfix nginx rspamd rainloop and roundloop
 RUN apk add --no-cache \
    python3 py3-pip \
 && pip3 install socrate==0.2.0

-# Shared layer between rainloop and roundcube
 #  https://www.rainloop.net/docs/system-requirements/
 #  Rainloop:
 #     cURL            Builtin
@ -24,12 +26,15 @@ RUN apk add --no-cache \
 #     php7-pdo        Accessing databases in PHP
 #     php7-pdo_sqlite Access to SQLite 3 databases
 RUN apk add --no-cache \
- && apk add php7 php7-fpm php7-curl php7-iconv php7-json php7-xml php7-dom php7-openssl \
- && rm /etc/nginx/conf.d/default.conf \
- && rm /etc/php7/php-fpm.d/www.conf
+    nginx \
+    php7 php7-fpm php7-curl php7-iconv php7-json php7-xml php7-dom php7-openssl \
+ && rm /etc/nginx/http.d/default.conf \
+ && rm /etc/php7/php-fpm.d/www.conf \
+ && mkdir -p /run/nginx \
+ && mkdir -p /var/www/rainloop

 # nginx / PHP config files
-COPY config/nginx-rainloop.conf /etc/nginx/conf.d/rainloop.conf
+COPY config/nginx-rainloop.conf /etc/nginx/http.d/rainloop.conf
 COPY config/php-rainloop.conf /etc/php7/php-fpm.d/rainloop.conf

 # Rainloop login
@ -45,8 +50,7 @@ COPY defaults/default.ini /defaults/default.ini
 ENV RAINLOOP_URL https://github.com/RainLoop/rainloop-webmail/releases/download/v1.16.0/rainloop-community-1.16.0.zip

 RUN apk add --no-cache \
-      unzip py3-jinja2 \
- && mkdir -p /var/www/rainloop \
+      curl unzip \
 && cd /var/www/rainloop \
 && curl -L -O ${RAINLOOP_URL} \
 && unzip -q *.zip \
@ -55,7 +59,7 @@ RUN apk add --no-cache \
 && find . -type d -exec chmod 755 {} \; \
 && find . -type f -exec chmod 644 {} \; \
 && chown -R nginx:nginx /var/www/rainloop \
- && apk del unzip
+ && apk del curl unzip

 COPY start.py /start.py

--- a/webmails/rainloop/config/nginx-rainloop.conf
+++ b/webmails/rainloop/config/nginx-rainloop.conf
@ -13,7 +13,7 @@ server {
    index index.php;

    location / {
-        try_files $uri $uri/ /index.php?$query_string;
+        try_files $uri /index.php?$query_string;
    }

    location ~ \.php$ {
--- a/webmails/roundcube/config.inc.php
+++ b/webmails/roundcube/config.inc.php
@ -1,66 +0,0 @@
-<?php
-
-$config = array();
-
-// Generals
-$config['db_dsnw'] = getenv('DB_DSNW');;
-$config['temp_dir'] = '/tmp/';
-$config['des_key'] = getenv('SECRET_KEY') ? getenv('SECRET_KEY') : trim(file_get_contents(getenv('SECRET_KEY_FILE')));
-$config['cipher_method'] = 'AES-256-CBC';
-$config['identities_level'] = 0;
-$config['reply_all_mode'] = 1;
-
-// List of active plugins (in plugins/ directory)
-$config['plugins'] = array(
-    'archive',
-    'zipdownload',
-    'markasjunk',
-    'managesieve',
-    'enigma',
-    'carddav'
-);
-
-$front = getenv('FRONT_ADDRESS') ? getenv('FRONT_ADDRESS') : 'front';
-$imap  = getenv('IMAP_ADDRESS')  ? getenv('IMAP_ADDRESS')  : 'imap';
-
-// Mail servers
-$config['default_host'] = $front;
-$config['default_port'] = 10143;
-$config['smtp_server'] = $front;
-$config['smtp_port'] = 10025;
-$config['smtp_user'] = '%u';
-$config['smtp_pass'] = '%p';
-
-// Sieve script management
-$config['managesieve_host'] = $imap;
-$config['managesieve_usetls'] = false;
-
-// Customization settings
-if (filter_var(getenv('ADMIN'), FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE)) {
-	array_push($config['plugins'], 'mailu');
-	$config['support_url'] = getenv('WEB_ADMIN') ? '../..' . getenv('WEB_ADMIN') : '';
-	$config['sso_logout_url'] = getenv('WEB_ADMIN').'/ui/logout';
-}
-$config['product_name'] = 'Mailu Webmail';
-
-// We access the IMAP and SMTP servers locally with internal names, SSL
-// will obviously fail but this sounds better than allowing insecure login
-// from the outter world
-$ssl_no_check = array(
- 'ssl' => array(
-     'verify_peer' => false,
-     'verify_peer_name' => false,
-  ),
-);
-$config['imap_conn_options'] = $ssl_no_check;
-$config['smtp_conn_options'] = $ssl_no_check;
-$config['managesieve_conn_options'] = $ssl_no_check;
-
-// skin name: folder from skins/
-$config['skin'] = 'elastic';
-
-// Enigma gpg plugin
-$config['enigma_pgp_homedir'] = '/data/gpg';
-
-// Set From header for DKIM signed message delivery reports
-$config['mdn_use_from'] = true;
--- a/webmails/roundcube/mailu.php
+++ b/webmails/roundcube/mailu.php
@ -1,59 +0,0 @@
-<?php
-
-class mailu extends rcube_plugin
-{
-
-  function init()
-  {
-    $this->add_hook('startup', array($this, 'startup'));
-    $this->add_hook('authenticate', array($this, 'authenticate'));
-    $this->add_hook('login_after', array($this, 'login'));
-    $this->add_hook('login_failed', array($this, 'login_failed'));
-    $this->add_hook('logout_after', array($this, 'logout'));
-  }
-
-  function startup($args)
-  {
-    if (empty($_SESSION['user_id'])) {
-        $args['action'] = 'login';
-    }
-
-    return $args;
-  }
-
-  function authenticate($args)
-  {
-    if (!in_array('HTTP_X_REMOTE_USER', $_SERVER) || !in_array('HTTP_X_REMOTE_USER_TOKEN', $_SERVER)) {
-        header('HTTP/1.0 403 Forbidden');
-        die();
-    }
-    $args['user'] = $_SERVER['HTTP_X_REMOTE_USER'];
-    $args['pass'] = $_SERVER['HTTP_X_REMOTE_USER_TOKEN'];
-
-    $args['cookiecheck'] = false;
-    $args['valid'] = true;
-
-    return $args;
-  }
-
-  function logout($args) {
-    // Redirect to global SSO logout path.
-    $this->load_config();
-
-    $sso_logout_url = rcmail::get_instance()->config->get('sso_logout_url');
-    header("Location: " . $sso_logout_url, true);
-    exit;
-  }
-
-  function login($args)
-  {
-      header('Location: index.php');
-      exit();
-  }
-  function login_failed($args)
-  {
-      header('Location: sso.php');
-      exit();
-  }
-
-}