Update the webmail images:

Roundcube
  - Switch to base image (alpine)
  - Switch to php-fpm
SnappyMail
  - Switch to base image
  - Upgrade php7 to php8.
main
Dimitri Huisman 2 years ago
parent 745c211c4a
commit 92f270c94e
No known key found for this signature in database

@ -174,12 +174,18 @@ target "smtp" {
target "snappymail" { target "snappymail" {
inherits = ["defaults"] inherits = ["defaults"]
context = "webmails/snappymail/" context = "webmails/snappymail/"
contexts = {
base = "target:base"
}
tags = tag("snappymail") tags = tag("snappymail")
} }
target "roundcube" { target "roundcube" {
inherits = ["defaults"] inherits = ["defaults"]
context = "webmails/roundcube/" context = "webmails/roundcube/"
contexts = {
base = "target:base"
}
tags = tag("roundcube") tags = tag("roundcube")
} }

@ -0,0 +1,7 @@
Update the webmail images.
Roundcube
- Switch to base image (alpine)
- Switch to php-fpm
SnappyMail
- Switch to base image
- Upgrade php7 to php8.

@ -1,65 +1,49 @@
FROM php:8.0-apache # syntax=docker/dockerfile-upstream:1.4.3
#roundcube image
FROM base
ARG VERSION ARG VERSION
ENV TZ Etc/UTC
LABEL version=$VERSION LABEL version=$VERSION
RUN set -eu \ RUN apk add --no-cache \
&& apt-get update \ nginx gpg gpg-agent \
&& echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections \ php8 php8-fpm php8-mbstring php8-zip php8-xml php8-simplexml \
&& apt-get install -y --no-install-recommends \ php8-dom php8-curl php8-exif gd php8-gd php8-iconv php8-intl php8-openssl \
python3 curl python3-pip git python3-multidict \ php8-pdo_sqlite php8-pdo_mysql php8-pdo_pgsql php8-pdo php8-sodium libsodium php8-tidy php8-pecl-uuid \
python3-jinja2 gpg gpg-agent tzdata \ php8-pspell php8-pecl-imagick php8-opcache php8-session php8-sockets php8-fileinfo \
&& pip3 install socrate \ && rm /etc/nginx/http.d/default.conf \
&& echo date.timezone=UTC > /usr/local/etc/php/conf.d/timezone.ini \ && rm /etc/php8/php-fpm.d/www.conf \
&& echo "ServerSignature Off\nServerName roundcube" >> /etc/apache2/apache2.conf \ && mkdir -p /run/nginx \
&& sed -i '/CustomLog.*combined$/d' /etc/apache2/sites-available/000-default.conf \ && mkdir -p /conf
\
&& mark="$(apt-mark showmanual)" \
&& apt-get install -y --no-install-recommends \
libfreetype6-dev libicu-dev libjpeg62-turbo-dev libldap2-dev libmagickwand-dev \
libpng-dev libpq-dev libsqlite3-dev libzip-dev libpspell-dev libonig-dev \
&& ln -s php.ini-production /usr/local/etc/php/php.ini \
&& docker-php-ext-configure gd --with-jpeg --with-freetype \
&& docker-php-ext-install exif gd intl zip pspell pdo_mysql pdo_pgsql pdo_sqlite \
&& pecl install imagick \
&& docker-php-ext-enable imagick opcache \
&& apt-mark auto '.*' >/dev/null \
&& apt-mark manual ${mark} >/dev/null \
&& ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so | awk '/=>/ { print $3 }' | sort -u | \
xargs -r dpkg-query -S | cut -d: -f1 | sort -u | xargs -r apt-mark manual >/dev/null \
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
&& rm -rf /var/lib/apt/lists
ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.5.3/roundcubemail-1.5.3-complete.tar.gz ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.5.3/roundcubemail-1.5.3-complete.tar.gz
ENV CARDDAV_URL https://github.com/mstilkerich/rcmcarddav/releases/download/v4.4.2/carddav-v4.4.2.tar.gz ENV CARDDAV_URL https://github.com/mstilkerich/rcmcarddav/releases/download/v4.4.3/carddav-v4.4.3.tar.gz
RUN set -eu \ RUN \
&& rm -rf /var/www/html/ \ cd /var/www \
&& cd /var/www \
&& curl -sL ${ROUNDCUBE_URL} | tar xz \ && curl -sL ${ROUNDCUBE_URL} | tar xz \
&& curl -sL ${CARDDAV_URL} | tar xz \ && curl -sL ${CARDDAV_URL} | tar xz \
&& mv roundcubemail-* html \ && mv roundcubemail-* webmail \
&& mv carddav html/plugins/ \ && mkdir -p /var/www/webmail/config \
&& cd html \ && mv carddav webmail/plugins/ \
&& cd webmail \
&& rm -rf CHANGELOG.md SECURITY.md INSTALL LICENSE README.md UPGRADING composer.json-dist installer composer.* \ && rm -rf CHANGELOG.md SECURITY.md INSTALL LICENSE README.md UPGRADING composer.json-dist installer composer.* \
&& ln -sf index.php /var/www/html/sso.php \ && ln -sf index.php /var/www/webmail/sso.php \
&& ln -sf /dev/stderr /var/www/html/logs/errors.log \ && chmod -R u+w,a+rX /var/www/webmail \
&& chown -R root:root . \ && chown -R nginx:nginx /var/www/webmail \
&& chown www-data:www-data logs temp \
&& chmod -R a+rX . \
&& a2enmod rewrite deflate expires headers \
&& echo date.timezone=${TZ} > /usr/local/etc/php/conf.d/timezone.ini \
&& rm -rf plugins/{autologon,example_addressbook,http_authentication,krb_authentication,new_user_identity,password,redundant_attachments,squirrelmail_usercopy,userinfo,virtuser_file,virtuser_query} && rm -rf plugins/{autologon,example_addressbook,http_authentication,krb_authentication,new_user_identity,password,redundant_attachments,squirrelmail_usercopy,userinfo,virtuser_file,virtuser_query}
# enable database_attachments (and memcache?)
COPY mailu.php /var/www/html/plugins/mailu/mailu.php # nginx / PHP config files
COPY php.ini / COPY config/nginx-roundcube.conf /conf/nginx-roundcube.conf
COPY config.inc.php / COPY config/php-roundcube.conf /etc/php8/php-fpm.d/roundcube.conf
COPY config/php.ini /conf/php.ini
COPY config/config.inc.php /conf/config.inc.php
COPY login/mailu.php /var/www/webmail/plugins/mailu/mailu.php
COPY config/config.inc.carddav.php /var/www/webmail/plugins/carddav/config.inc.php
COPY start.py / COPY start.py /
COPY config.inc.carddav.php /var/www/html/plugins/carddav/config.inc.php
EXPOSE 80/tcp EXPOSE 80/tcp
VOLUME /data VOLUME /data
@ -67,6 +51,6 @@ VOLUME /overrides
CMD /start.py CMD /start.py
HEALTHCHECK CMD curl -f -L -H 'User-Agent: health' http://localhost/ || exit 1 HEALTHCHECK CMD curl -f -L http://localhost/ping || exit 1
RUN echo $VERSION >> /version RUN echo $VERSION >> /version

@ -16,20 +16,23 @@ $config['spellcheck_engine'] = 'pspell';
$config['session_lifetime'] = {{ SESSION_TIMEOUT_MINUTES | int }}; $config['session_lifetime'] = {{ SESSION_TIMEOUT_MINUTES | int }};
// Mail servers // Mail servers
$config['default_host'] = '{{ FRONT_ADDRESS or "front" }}'; $config['imap_host'] = '{{ FRONT_ADDRESS or "front" }}:10143';
$config['default_port'] = 10143; $config['smtp_host'] = '{{ FRONT_ADDRESS or "front" }}:10025';
$config['smtp_server'] = '{{ FRONT_ADDRESS or "front" }}';
$config['smtp_port'] = 10025;
$config['smtp_user'] = '%u'; $config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p'; $config['smtp_pass'] = '%p';
#old deprecated settings will be replaced from roundcube 1.6.
$config['smtp_server'] = '{{ FRONT_ADDRESS or "front" }}';
$config['smtp_port'] = '10025';
$config['default_host'] = '{{ FRONT_ADDRESS or "front" }}';
$config['default_port'] = '10143';
// Sieve script management // Sieve script management
$config['managesieve_host'] = '{{ IMAP_ADDRESS or "imap" }}'; $config['managesieve_host'] = '{{ IMAP_ADDRESS or "imap" }}';
$config['managesieve_usetls'] = false;
// We access the IMAP and SMTP servers locally with internal names, SSL // We access the IMAP and SMTP servers locally with internal names, SSL
// will obviously fail but this sounds better than allowing insecure login // will obviously fail but this sounds better than allowing insecure login
// from the outer world // from the outter world
$ssl_no_check = array( $ssl_no_check = array(
'ssl' => array( 'ssl' => array(
'verify_peer' => false, 'verify_peer' => false,

@ -0,0 +1,62 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/webmail;
include /etc/nginx/mime.types;
# /dev/stdout (Default), <path>, off
access_log off;
# /dev/stderr (Default), <path>, debug, info, notice, warn, error, crit, alert, emerg
error_log /dev/stderr notice;
index index.php;
# set maximum body size to configured limit
client_max_body_size {{ MESSAGE_SIZE_LIMIT|int + 8388608 }};
location / {
try_files $uri $uri/ /index.php$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_index index.php;
fastcgi_keep_conn on;
fastcgi_pass unix:/var/run/php8-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
{% if WEB_WEBMAIL == '/' %}
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
{% else %}
fastcgi_param SCRIPT_NAME {{WEB_WEBMAIL}}/$fastcgi_script_name;
{% endif %}
}
location ~ /\. {
deny all;
}
location ^~ /data {
deny all;
}
location = /ping {
allow 127.0.0.1;
deny all;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php8-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}

@ -0,0 +1,118 @@
; Start a new pool named 'roundcube'.
; the variable $pool can be used in any directive and will be replaced by the
; pool name ('roundcube' here)
[roundcube]
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Default value: no.
catch_workers_output = 1
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = nginx
group = nginx
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php8-fpm.sock
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = ondemand
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
; pm.start_servers = 2
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
; pm.min_spare_servers = 1
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
; pm.max_spare_servers = 3
; This sets the maximum time in seconds a script is allowed to run before it is
; terminated by the parser. This helps prevent poorly written scripts from tying up
; the server. The default setting is 30s.
; Note: Used only when pm is set to 'ondemand'
pm.process_idle_timeout = 10s
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For endless
; request processing specify '0'.
; Equivalent to PHP_FCGI_MAX_REQUESTS. Default value: 0.
; Noted: Used only when pm is set to 'ondemand'
pm.max_requests = 200
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong

@ -2,3 +2,7 @@ expose_php=Off
date.timezone={{ TZ }} date.timezone={{ TZ }}
upload_max_filesize = {{ MAX_FILESIZE }}M upload_max_filesize = {{ MAX_FILESIZE }}M
post_max_size = {{ MAX_FILESIZE }}M post_max_size = {{ MAX_FILESIZE }}M
suhosin.session.encrypt=Off
session.auto_start=Off
mbstring.func_overload=Off
file_uploads=On

@ -1,2 +0,0 @@
#!/bin/sh
SCRIPT_NAME=/ping SCRIPT_FILENAME=/ping REQUEST_METHOD=GET cgi-fcgi -bind -connect 127.0.0.1:9000 2>/dev/null | grep -qFx pong

@ -1,12 +1,13 @@
#!/usr/bin/python3 #!/usr/bin/env python3
import os import os
import logging import logging
import sys import sys
from socrate import conf
import subprocess import subprocess
import hmac import hmac
from socrate import conf
env = os.environ env = os.environ
logging.basicConfig(stream=sys.stderr, level=env.get("LOG_LEVEL", "WARNING")) logging.basicConfig(stream=sys.stderr, level=env.get("LOG_LEVEL", "WARNING"))
@ -51,7 +52,7 @@ context['SECRET_KEY'] = hmac.new(bytearray(secret_key, 'utf-8'), bytearray('ROUN
# roundcube plugins # roundcube plugins
# (using "dict" because it is ordered and "set" is not) # (using "dict" because it is ordered and "set" is not)
plugins = dict((p, None) for p in env.get("ROUNDCUBE_PLUGINS", "").replace(" ", "").split(",") if p and os.path.isdir(os.path.join("/var/www/html/plugins", p))) plugins = dict((p, None) for p in env.get("ROUNDCUBE_PLUGINS", "").replace(" ", "").split(",") if p and os.path.isdir(os.path.join("/var/www/webmail/plugins", p)))
if plugins: if plugins:
plugins["mailu"] = None plugins["mailu"] = None
else: else:
@ -60,52 +61,56 @@ else:
context["PLUGINS"] = ",".join(f"'{p}'" for p in plugins) context["PLUGINS"] = ",".join(f"'{p}'" for p in plugins)
# add overrides # add overrides
context["INCLUDES"] = sorted(inc for inc in os.listdir("/overrides") if inc.endswith((".inc", ".inc.php"))) if os.path.isdir("/overrides") else [] context["INCLUDES"] = sorted(inc for inc in os.listdir("/overrides") if inc.endswith(".inc")) if os.path.isdir("/overrides") else []
# calculate variables for config file # calculate variables for config file
context["SESSION_TIMEOUT_MINUTES"] = max(int(env.get("SESSION_TIMEOUT", "3600")) // 60, 1) context["SESSION_TIMEOUT_MINUTES"] = max(int(env.get("SESSION_TIMEOUT", "3600")) // 60, 1)
# create config files # create config files
conf.jinja("/php.ini", context, "/usr/local/etc/php/conf.d/roundcube.ini") conf.jinja("/conf/php.ini", context, "/etc/php8/php.ini")
conf.jinja("/config.inc.php", context, "/var/www/html/config/config.inc.php") conf.jinja("/conf/config.inc.php", context, "/var/www/webmail/config/config.inc.php")
# create dirs # create dirs
os.system("mkdir -p /data/gpg") os.system("mkdir -p /data/gpg")
# disable access log for VirtualHosts that don't define their own logfile
os.system("a2disconf other-vhosts-access-log")
print("Initializing database") print("Initializing database")
try: try:
result = subprocess.check_output(["/var/www/html/bin/initdb.sh", "--dir", "/var/www/html/SQL"], result = subprocess.check_output(["/var/www/webmail/bin/initdb.sh", "--dir", "/var/www/webmail/SQL"],
stderr=subprocess.STDOUT) stderr=subprocess.STDOUT)
print(result.decode()) print(result.decode())
except subprocess.CalledProcessError as exc: except subprocess.CalledProcessError as exc:
err = exc.stdout.decode() err = exc.stdout.decode()
if "already exists" in err: if "already exists" in err:
print("Already initialized") print("Already initialzed")
else: else:
print(err) print(err)
exit(3) exit(3)
print("Upgrading database") print("Upgrading database")
try: try:
subprocess.check_call(["/var/www/html/bin/update.sh", "--version=?", "-y"], stderr=subprocess.STDOUT) subprocess.check_call(["/var/www/webmail/bin/update.sh", "--version=?", "-y"], stderr=subprocess.STDOUT)
except subprocess.CalledProcessError as exc: except subprocess.CalledProcessError as exc:
exit(4) exit(4)
else: else:
print("Cleaning database") print("Cleaning database")
try: try:
subprocess.check_call(["/var/www/html/bin/cleandb.sh"], stderr=subprocess.STDOUT) subprocess.check_call(["/var/www/webmail/bin/cleandb.sh"], stderr=subprocess.STDOUT)
except subprocess.CalledProcessError as exc: except subprocess.CalledProcessError as exc:
exit(5) exit(5)
# setup permissions # setup permissions
os.system("chown -R www-data:www-data /data") os.system("chown -R nginx:nginx /data")
os.system("chmod -R a+rX /var/www/webmail/")
# Configure nginx
conf.jinja("/conf/nginx-roundcube.conf", context, "/etc/nginx/http.d/roundcube.conf")
if os.path.exists("/var/run/nginx.pid"):
os.system("nginx -s reload")
# clean env # clean env
[env.pop(key, None) for key in env.keys() if key == "SECRET_KEY" or key.startswith("ROUNDCUBE_")] [env.pop(key, None) for key in env.keys() if key == "SECRET_KEY" or key.startswith("ROUNDCUBE_")]
# run apache # run nginx
os.execve("/usr/local/bin/apache2-foreground", ["apache2-foreground"], env) os.system("php-fpm8")
os.execv("/usr/sbin/nginx", ["nginx", "-g", "daemon off;"])

@ -1,26 +1,18 @@
ARG ARCH="" # syntax=docker/dockerfile-upstream:1.4.3
#snappymail image
FROM base
# NOTE: only add file if building for arm
FROM ${ARCH}alpine:3.14
ARG VERSION ARG VERSION
ONBUILD COPY --from=balenalib/rpi-alpine:3.14 /usr/bin/qemu-arm-static /usr/bin/qemu-arm-static
ENV TZ Etc/UTC
LABEL version=$VERSION LABEL version=$VERSION
# Shared later between dovecot postfix nginx rspamd snappymail and roundloop
RUN apk add --no-cache \
python3 py3-pip tzdata \
&& pip3 install socrate==0.2.0
# https://github.com/the-djmaze/snappymail/wiki/Installation-instructions#requirements # https://github.com/the-djmaze/snappymail/wiki/Installation-instructions#requirements
# SnappyMail: # SnappyMail:
# SnappyMail requires PHP 7.4 (or a newer version) with the following extensions: # SnappyMail requires PHP 7.4 (or a newer version) with the following extensions:
# #
# mbstring php7-mbstring # mbstring php7-mbstring
# Zlib built-in OR php7-zip???? # Zlib built-in OR php7-zip????
# json php7-json # json php7-json > php8-json is built-in php8 in alpine
# libxml php7-xml # libxml php7-xml
# dom php7-dom # dom php7-dom
@ -44,18 +36,18 @@ RUN apk add --no-cache \
#php7-curl php7-iconv php7-json php7-xml php7-simplexml php7-dom php7-openssl php7-pdo php7-pdo_sqlite php7-mbstring \ #php7-curl php7-iconv php7-json php7-xml php7-simplexml php7-dom php7-openssl php7-pdo php7-pdo_sqlite php7-mbstring \
RUN apk add --no-cache \ RUN apk add --no-cache \
nginx curl \ nginx curl \
php7 php7-fpm php7-mbstring php7-zip php7-json php7-xml php7-simplexml \ php8 php8-fpm php8-mbstring php8-zip php8-xml php8-simplexml \
php7-dom php7-curl php7-exif gd php7-gd php7-iconv php7-intl php7-openssl \ php8-dom php8-curl php8-exif gd php8-gd php8-iconv php8-intl php8-openssl \
php7-pdo_sqlite php7-pdo php7-sodium libsodium php7-tidy php7-pecl-uuid \ php8-pdo_sqlite php8-pdo php8-sodium libsodium php8-tidy php8-pecl-uuid \
&& rm /etc/nginx/http.d/default.conf \ && rm /etc/nginx/http.d/default.conf \
&& rm /etc/php7/php-fpm.d/www.conf \ && rm /etc/php8/php-fpm.d/www.conf \
&& mkdir -p /run/nginx \ && mkdir -p /run/nginx \
&& mkdir -p /var/www/webmail \ && mkdir -p /var/www/webmail \
&& mkdir -p /config && mkdir -p /config
# nginx / PHP config files # nginx / PHP config files
COPY config/nginx-snappymail.conf /config/nginx-snappymail.conf COPY config/nginx-snappymail.conf /config/nginx-snappymail.conf
COPY config/php-snappymail.conf /etc/php7/php-fpm.d/snappymail.conf COPY config/php-snappymail.conf /etc/php8/php-fpm.d/snappymail.conf
# Parsed and moved at startup # Parsed and moved at startup
COPY defaults/php.ini /defaults/php.ini COPY defaults/php.ini /defaults/php.ini
@ -74,7 +66,7 @@ RUN cd /var/www/webmail \
COPY login/include.php /var/www/webmail/include.php COPY login/include.php /var/www/webmail/include.php
COPY login/sso.php /var/www/webmail/sso.php COPY login/sso.php /var/www/webmail/sso.php
COPY start.py /start.py COPY start.py /
COPY config.py /config.py COPY config.py /config.py
EXPOSE 80/tcp EXPOSE 80/tcp

@ -1,8 +1,9 @@
#!/usr/bin/python3 #!/usr/bin/env python3
import os import os
import logging as log import logging as log
import sys import sys
from socrate import system, conf from socrate import system, conf
args = os.environ.copy() args = os.environ.copy()

@ -33,7 +33,7 @@ server {
fastcgi_keep_conn on; fastcgi_keep_conn on;
fastcgi_pass unix:/var/run/php7-fpm.sock; fastcgi_pass unix:/var/run/php8-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
{% if WEB_WEBMAIL == '/' %} {% if WEB_WEBMAIL == '/' %}
fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name;
@ -56,7 +56,7 @@ server {
include /etc/nginx/fastcgi_params; include /etc/nginx/fastcgi_params;
fastcgi_index index.php; fastcgi_index index.php;
fastcgi_pass unix:/var/run/php7-fpm.sock; fastcgi_pass unix:/var/run/php8-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
} }
} }

@ -24,7 +24,7 @@ group = nginx
; (IPv6 and IPv4-mapped) on a specific port; ; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket. ; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory. ; Note: This value is mandatory.
listen = /var/run/php7-fpm.sock listen = /var/run/php8-fpm.sock
; Set permissions for unix socket, if one is used. In Linux, read/write ; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many ; permissions must be set in order to allow connections from a web server. Many

@ -1,10 +1,11 @@
#!/usr/bin/python3 #!/usr/bin/env python3
import os import os
import shutil import shutil
import logging as log import logging as log
import sys import sys
import subprocess import subprocess
from socrate import system, conf from socrate import system, conf
log.basicConfig(stream=sys.stderr, level=os.environ.get("LOG_LEVEL", "WARNING")) log.basicConfig(stream=sys.stderr, level=os.environ.get("LOG_LEVEL", "WARNING"))
@ -22,9 +23,9 @@ os.makedirs(base + "configs", exist_ok=True)
conf.jinja("/defaults/default.ini", os.environ, "/data/_data_/_default_/domains/default.ini") conf.jinja("/defaults/default.ini", os.environ, "/data/_data_/_default_/domains/default.ini")
conf.jinja("/defaults/application.ini", os.environ, "/data/_data_/_default_/configs/application.ini") conf.jinja("/defaults/application.ini", os.environ, "/data/_data_/_default_/configs/application.ini")
conf.jinja("/defaults/php.ini", os.environ, "/etc/php7/php.ini") conf.jinja("/defaults/php.ini", os.environ, "/etc/php8/php.ini")
# Start the fastcgi process manager now that config files have been adjusted # Start the fastcgi process manager now that config files have been adjusted
os.system("php-fpm7") os.system("php-fpm8")
os.system("chown -R nginx:nginx /data") os.system("chown -R nginx:nginx /data")
os.system("chmod -R a+rX /var/www/webmail/") os.system("chmod -R a+rX /var/www/webmail/")

Loading…
Cancel
Save