From 42e2dbe35d97dbdea05d60bb8443058d5c7d6b9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20M=C3=B6hlmann?= Date: Wed, 31 Oct 2018 19:17:23 +0200 Subject: [PATCH] Standarize image by using shared / similair layers --- core/admin/Dockerfile | 12 ++++++++---- core/admin/start.py | 8 ++++---- core/dovecot/Dockerfile | 16 +++++++++++----- core/nginx/Dockerfile | 12 ++++++++---- core/nginx/config.py | 2 +- core/nginx/letsencrypt.py | 2 +- core/nginx/start.py | 2 +- core/postfix/Dockerfile | 13 ++++++++++--- optional/clamav/Dockerfile | 8 ++++++-- optional/clamav/start.py | 4 ++-- services/fetchmail/Dockerfile | 10 +++++++--- services/fetchmail/fetchmail.py | 2 +- services/rspamd/Dockerfile | 14 ++++++++++---- services/rspamd/start.py | 2 +- services/unbound/Dockerfile | 11 ++++++++--- services/unbound/start.py | 2 +- webmails/rainloop/Dockerfile | 6 +++++- webmails/roundcube/Dockerfile | 6 +++++- 18 files changed, 90 insertions(+), 42 deletions(-) diff --git a/core/admin/Dockerfile b/core/admin/Dockerfile index 3d08984f..315b2e39 100644 --- a/core/admin/Dockerfile +++ b/core/admin/Dockerfile @@ -1,12 +1,16 @@ -FROM python:3-alpine - +FROM alpine:3.8 +# python3 shared with most images +RUN apk add --no-cache \ + python3 py3-pip \ + && pip3 install --upgrade pip +# Image specific layers under this line RUN mkdir -p /app WORKDIR /app COPY requirements-prod.txt requirements.txt RUN apk add --no-cache openssl curl \ - && apk add --no-cache --virtual build-dep openssl-dev libffi-dev python-dev build-base \ - && pip install -r requirements.txt \ + && apk add --no-cache --virtual build-dep openssl-dev libffi-dev python3-dev build-base \ + && pip3 install -r requirements.txt \ && apk del --no-cache build-dep COPY mailu ./mailu diff --git a/core/admin/start.py b/core/admin/start.py index e8b59ff4..59c97686 100755 --- a/core/admin/start.py +++ b/core/admin/start.py @@ -1,7 +1,7 @@ -#!/usr/local/bin/python3 +#!/usr/bin/python3 import os -os.system("python manage.py advertise") -os.system("python manage.py db upgrade") -os.system("gunicorn -w 4 -b :80 --access-logfile - --error-logfile - --preload mailu:app") \ No newline at end of file +os.system("python3 manage.py advertise") +os.system("python3 manage.py db upgrade") +os.system("gunicorn -w 4 -b :80 --access-logfile - --error-logfile - --preload mailu:app") diff --git a/core/dovecot/Dockerfile b/core/dovecot/Dockerfile index da29756f..1d4f7b91 100644 --- a/core/dovecot/Dockerfile +++ b/core/dovecot/Dockerfile @@ -1,10 +1,16 @@ FROM alpine:3.8 - +# python3 shared with most images RUN apk add --no-cache \ - dovecot dovecot-pigeonhole-plugin dovecot-fts-lucene rspamd-client \ - bash python3 py3-pip \ - && pip3 install --upgrade pip \ - && pip3 install jinja2 podop tenacity + python3 py3-pip \ + && pip3 install --upgrade pip +# Shared layer between rspamd, postfix, dovecot, unbound and nginx +RUN pip3 install jinja2 +# Shared layer between rspamd, postfix, dovecot +RUN pip3 install tenacity +# Image specific layers under this line +RUN apk add --no-cache \ + dovecot dovecot-pigeonhole-plugin dovecot-fts-lucene rspamd-client bash \ + && pip3 install podop COPY conf /conf COPY start.py /start.py diff --git a/core/nginx/Dockerfile b/core/nginx/Dockerfile index 00ecf84e..7181487e 100644 --- a/core/nginx/Dockerfile +++ b/core/nginx/Dockerfile @@ -1,9 +1,13 @@ FROM alpine:3.8 - +# python3 shared with most images +RUN apk add --no-cache \ + python3 py3-pip \ + && pip3 install --upgrade pip +# Shared layer between rspamd, postfix, dovecot, unbound and nginx +RUN pip3 install jinja2 +# Image specific layers under this line RUN apk add --no-cache certbot nginx nginx-mod-mail openssl curl \ - python py-jinja2 py-requests-toolbelt py-pip \ - && pip install --upgrade pip \ - && pip install idna + && pip3 install idna requests COPY conf /conf COPY *.py / diff --git a/core/nginx/config.py b/core/nginx/config.py index 33071d01..07b7ea32 100755 --- a/core/nginx/config.py +++ b/core/nginx/config.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 import jinja2 import os diff --git a/core/nginx/letsencrypt.py b/core/nginx/letsencrypt.py index b6044eca..3fe8ea92 100755 --- a/core/nginx/letsencrypt.py +++ b/core/nginx/letsencrypt.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 import os import time diff --git a/core/nginx/start.py b/core/nginx/start.py index b63b64a2..7c5fa71e 100755 --- a/core/nginx/start.py +++ b/core/nginx/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 import os import subprocess diff --git a/core/postfix/Dockerfile b/core/postfix/Dockerfile index e0529e01..ac9c8159 100644 --- a/core/postfix/Dockerfile +++ b/core/postfix/Dockerfile @@ -1,9 +1,16 @@ FROM alpine:3.8 +# python3 shared with most images +RUN apk add --no-cache \ + python3 py3-pip \ + && pip3 install --upgrade pip +# Shared layer between rspamd, postfix, dovecot, unbound and nginx +RUN pip3 install jinja2 +# Shared layer between rspamd, postfix, dovecot +RUN pip3 install tenacity +# Image specific layers under this line RUN apk add --no-cache postfix postfix-pcre rsyslog \ - python3 py3-pip \ - && pip3 install --upgrade pip \ - && pip3 install jinja2 podop tenacity + && pip3 install podop COPY conf /conf COPY start.py /start.py diff --git a/optional/clamav/Dockerfile b/optional/clamav/Dockerfile index fa5f0016..b3df2d45 100644 --- a/optional/clamav/Dockerfile +++ b/optional/clamav/Dockerfile @@ -1,5 +1,9 @@ -FROM python:3-alpine - +FROM alpine:3.8 +# python3 shared with most images +RUN apk add --no-cache \ + python3 py3-pip \ + && pip3 install --upgrade pip +# Image specific layers under this line RUN apk add --no-cache clamav rsyslog wget clamav-libunrar COPY conf /etc/clamav diff --git a/optional/clamav/start.py b/optional/clamav/start.py index e9df3f6e..d4701d2d 100755 --- a/optional/clamav/start.py +++ b/optional/clamav/start.py @@ -1,4 +1,4 @@ -#!/usr/local/bin/python3 +#!/usr/bin/python3 import os @@ -9,4 +9,4 @@ os.system("[ -f /data/main.cvd ] || freshclam") os.system("freshclam -d -c 6") # Run clamav -os.system("clamd") \ No newline at end of file +os.system("clamd") diff --git a/services/fetchmail/Dockerfile b/services/fetchmail/Dockerfile index 33f8a7de..52f794d5 100644 --- a/services/fetchmail/Dockerfile +++ b/services/fetchmail/Dockerfile @@ -1,7 +1,11 @@ -FROM python:3-alpine - +FROM alpine:3.8 +# python3 shared with most images +RUN apk add --no-cache \ + python3 py3-pip \ + && pip3 install --upgrade pip +# Image specific layers under this line RUN apk add --no-cache fetchmail ca-certificates \ - && pip install requests + && pip3 install requests COPY fetchmail.py /fetchmail.py USER fetchmail diff --git a/services/fetchmail/fetchmail.py b/services/fetchmail/fetchmail.py index 8e006f84..9b1bcc4f 100755 --- a/services/fetchmail/fetchmail.py +++ b/services/fetchmail/fetchmail.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/python3 import time import os diff --git a/services/rspamd/Dockerfile b/services/rspamd/Dockerfile index 76731c9a..6d0cb5d0 100644 --- a/services/rspamd/Dockerfile +++ b/services/rspamd/Dockerfile @@ -1,8 +1,14 @@ FROM alpine:3.8 - -RUN apk add --no-cache python py-jinja2 rspamd rspamd-controller rspamd-proxy rspamd-fuzzy ca-certificates py-pip curl\ - && pip install --upgrade pip \ - && pip install tenacity +# python3 shared with most images +RUN apk add --no-cache \ + python3 py3-pip \ + && pip3 install --upgrade pip +# Shared layer between rspamd, postfix, dovecot, unbound and nginx +RUN pip3 install jinja2 +# Shared layer between rspamd, postfix, dovecot +RUN pip3 install tenacity +# Image specific layers under this line +RUN apk add --no-cache rspamd rspamd-controller rspamd-proxy rspamd-fuzzy ca-certificates curl RUN mkdir /run/rspamd diff --git a/services/rspamd/start.py b/services/rspamd/start.py index 015f3063..0b3c48a8 100755 --- a/services/rspamd/start.py +++ b/services/rspamd/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 import jinja2 import os diff --git a/services/unbound/Dockerfile b/services/unbound/Dockerfile index 1b84855c..dbf8a3a9 100644 --- a/services/unbound/Dockerfile +++ b/services/unbound/Dockerfile @@ -1,7 +1,12 @@ -FROM python:3-alpine - +FROM alpine:3.8 +# python3 shared with most images +RUN apk add --no-cache \ + python3 py3-pip \ + && pip3 install --upgrade pip +# Shared layer between rspamd, postfix, dovecot, unbound and nginx +RUN pip3 install jinja2 +# Image specific layers under this line RUN apk add --no-cache unbound curl bind-tools \ - && pip3 install jinja2 \ && curl -o /etc/unbound/root.hints https://www.internic.net/domain/named.cache \ && chown root:unbound /etc/unbound \ && chmod 775 /etc/unbound \ diff --git a/services/unbound/start.py b/services/unbound/start.py index 82e017f7..6f494762 100755 --- a/services/unbound/start.py +++ b/services/unbound/start.py @@ -1,4 +1,4 @@ -#!/usr/local/bin/python3 +#!/usr/bin/python3 import jinja2 import os diff --git a/webmails/rainloop/Dockerfile b/webmails/rainloop/Dockerfile index 5d751716..db7403f5 100644 --- a/webmails/rainloop/Dockerfile +++ b/webmails/rainloop/Dockerfile @@ -1,9 +1,13 @@ FROM php:7.2-apache +#Shared layer between rainloop and roundcube +RUN apt-get update && apt-get install -y \ + python3 curl \ + && rm -rf /var/lib/apt/lists ENV RAINLOOP_URL https://github.com/RainLoop/rainloop-webmail/releases/download/v1.12.1/rainloop-community-1.12.1.zip RUN apt-get update && apt-get install -y \ - unzip python3 python3-jinja2 curl \ + unzip python3-jinja2 \ && rm -rf /var/www/html/ \ && mkdir /var/www/html \ && cd /var/www/html \ diff --git a/webmails/roundcube/Dockerfile b/webmails/roundcube/Dockerfile index 0c3a0a55..14bee56e 100644 --- a/webmails/roundcube/Dockerfile +++ b/webmails/roundcube/Dockerfile @@ -1,9 +1,13 @@ FROM php:7.2-apache +#Shared layer between rainloop and roundcube +RUN apt-get update && apt-get install -y \ + python3 curl \ + && rm -rf /var/lib/apt/lists ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.3.8/roundcubemail-1.3.8-complete.tar.gz RUN apt-get update && apt-get install -y \ - zlib1g-dev curl python3 \ + zlib1g-dev \ && docker-php-ext-install zip \ && echo date.timezone=UTC > /usr/local/etc/php/conf.d/timezone.ini \ && rm -rf /var/www/html/ \