diff --git a/core/admin/Dockerfile b/core/admin/Dockerfile index c1c63a29..ca98662d 100644 --- a/core/admin/Dockerfile +++ b/core/admin/Dockerfile @@ -1,29 +1,26 @@ # syntax=docker/dockerfile-upstream:1.4.3 +# admin image FROM base ARG VERSION=local LABEL version=$VERSION -COPY requirements-prod.txt requirements.txt RUN set -euxo pipefail \ - && apk add --no-cache libressl curl postgresql-libs mariadb-connector-c \ - && pip install --no-cache-dir -r requirements.txt --only-binary=:all: --no-binary=Flask-bootstrap,PyYAML,SQLAlchemy \ - || ( apk add --no-cache --virtual build-dep libressl-dev libffi-dev python3-dev build-base postgresql-dev mariadb-connector-c-dev cargo \ - && pip install -r requirements.txt \ - && apk del --no-cache build-dep ) + ; apk add --no-cache curl libressl mariadb-connector-c postgresql-libs -COPY mailu ./mailu -RUN pybabel compile -d mailu/translations +COPY mailu/ ./mailu/ +RUN set -euxo pipefail \ + ; venv/bin/pybabel compile -d mailu/translations -COPY migrations ./migrations +COPY migrations/ ./migrations/ -COPY start.py /start.py -COPY audit.py /audit.py +COPY audit.py / +COPY start.py / -COPY --from=assets /work/static ./mailu/static +COPY --from=assets /work/static/ ./mailu/static/ -RUN echo $VERSION >> /version +RUN echo $VERSION >/version EXPOSE 80/tcp HEALTHCHECK CMD curl -skfLo /dev/null http://localhost/sso/login?next=ui.index diff --git a/core/admin/assets/Dockerfile b/core/admin/assets/Dockerfile index 2fb6f9b6..c8556f47 100644 --- a/core/admin/assets/Dockerfile +++ b/core/admin/assets/Dockerfile @@ -4,7 +4,7 @@ FROM node:16-alpine3.16 WORKDIR /work -COPY content /work +COPY content/ ./ RUN set -euxo pipefail \ && npm config set update-notifier false \ @@ -14,4 +14,3 @@ RUN set -euxo pipefail \ cp node_modules/datatables.net-plugins/i18n/${l#*:}.json assets/${l%:*}.json; \ done \ && node_modules/.bin/webpack-cli --color - diff --git a/core/admin/audit.py b/core/admin/audit.py index 60583f83..31ee9665 100755 --- a/core/admin/audit.py +++ b/core/admin/audit.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import sys import tabulate diff --git a/core/admin/requirements-dev.txt b/core/admin/requirements-dev.txt new file mode 100644 index 00000000..5bf57874 --- /dev/null +++ b/core/admin/requirements-dev.txt @@ -0,0 +1,28 @@ +Flask +Flask-Login +Flask-SQLAlchemy +Flask-bootstrap +Flask-Babel +Flask-migrate +Flask-script +Flask-wtf +Flask-debugtoolbar +limits +redis +WTForms-Components +socrate +passlib +gunicorn +tabulate +PyYAML +PyOpenSSL +Pygments +dnspython +tenacity +mysql-connector-python +idna +srslib +marshmallow +flask-marshmallow +marshmallow-sqlalchemy +xmltodict diff --git a/core/admin/requirements-prod.txt b/core/admin/requirements-prod.txt deleted file mode 100644 index 297c6902..00000000 --- a/core/admin/requirements-prod.txt +++ /dev/null @@ -1,78 +0,0 @@ -alembic==1.7.4 -appdirs==1.4.4 -Babel==2.9.1 -bcrypt==3.2.0 -blinker==1.4 -CacheControl==0.12.9 -certifi==2021.10.8 -# cffi==1.15.0 -chardet==4.0.0 -click==8.0.3 -colorama==0.4.4 -contextlib2==21.6.0 -cryptography==35.0.0 -decorator==5.1.0 -# distlib==0.3.1 -# distro==1.5.0 -dnspython==2.1.0 -dominate==2.6.0 -email-validator==1.1.3 -Flask==2.0.2 -Flask-Babel==2.0.0 -Flask-Bootstrap==3.3.7.1 -Flask-DebugToolbar==0.11.0 -Flask-Limiter==1.4 -Flask-Login==0.5.0 -flask-marshmallow==0.14.0 -Flask-Migrate==3.1.0 -Flask-Script==2.0.6 -Flask-SQLAlchemy==2.5.1 -Flask-WTF==0.15.1 -greenlet==1.1.2 -gunicorn==20.1.0 -html5lib==1.1 -idna==3.3 -infinity==1.5 -intervals==0.9.2 -itsdangerous==2.0.1 -Jinja2==3.0.2 -limits==1.5.1 -lockfile==0.12.2 -Mako==1.1.5 -MarkupSafe==2.0.1 -marshmallow==3.14.0 -marshmallow-sqlalchemy==0.26.1 -msgpack==1.0.2 -# mysqlclient==2.0.3 -mysql-connector-python==8.0.25 -ordered-set==4.0.2 -# packaging==20.9 -passlib==1.7.4 -# pep517==0.10.0 -progress==1.6 -#psycopg2==2.9.1 -psycopg2-binary==2.9.3 -pycparser==2.20 -Pygments==2.10.0 -pyOpenSSL==21.0.0 -pyparsing==3.0.4 -pytz==2021.3 -PyYAML==6.0 -redis==3.5.3 -requests==2.26.0 -retrying==1.3.3 -# six==1.15.0 -socrate==0.2.0 -SQLAlchemy==1.4.26 -srslib==0.1.4 -tabulate==0.8.9 -tenacity==8.0.1 -toml==0.10.2 -urllib3==1.26.7 -validators==0.18.2 -visitor==0.1.3 -webencodings==0.5.1 -Werkzeug==2.0.2 -WTForms==2.3.3 -WTForms-Components==0.10.5 -xmltodict==0.12.0 diff --git a/core/admin/requirements.txt b/core/admin/requirements.txt index 5bf57874..297c6902 100644 --- a/core/admin/requirements.txt +++ b/core/admin/requirements.txt @@ -1,28 +1,78 @@ -Flask -Flask-Login -Flask-SQLAlchemy -Flask-bootstrap -Flask-Babel -Flask-migrate -Flask-script -Flask-wtf -Flask-debugtoolbar -limits -redis -WTForms-Components -socrate -passlib -gunicorn -tabulate -PyYAML -PyOpenSSL -Pygments -dnspython -tenacity -mysql-connector-python -idna -srslib -marshmallow -flask-marshmallow -marshmallow-sqlalchemy -xmltodict +alembic==1.7.4 +appdirs==1.4.4 +Babel==2.9.1 +bcrypt==3.2.0 +blinker==1.4 +CacheControl==0.12.9 +certifi==2021.10.8 +# cffi==1.15.0 +chardet==4.0.0 +click==8.0.3 +colorama==0.4.4 +contextlib2==21.6.0 +cryptography==35.0.0 +decorator==5.1.0 +# distlib==0.3.1 +# distro==1.5.0 +dnspython==2.1.0 +dominate==2.6.0 +email-validator==1.1.3 +Flask==2.0.2 +Flask-Babel==2.0.0 +Flask-Bootstrap==3.3.7.1 +Flask-DebugToolbar==0.11.0 +Flask-Limiter==1.4 +Flask-Login==0.5.0 +flask-marshmallow==0.14.0 +Flask-Migrate==3.1.0 +Flask-Script==2.0.6 +Flask-SQLAlchemy==2.5.1 +Flask-WTF==0.15.1 +greenlet==1.1.2 +gunicorn==20.1.0 +html5lib==1.1 +idna==3.3 +infinity==1.5 +intervals==0.9.2 +itsdangerous==2.0.1 +Jinja2==3.0.2 +limits==1.5.1 +lockfile==0.12.2 +Mako==1.1.5 +MarkupSafe==2.0.1 +marshmallow==3.14.0 +marshmallow-sqlalchemy==0.26.1 +msgpack==1.0.2 +# mysqlclient==2.0.3 +mysql-connector-python==8.0.25 +ordered-set==4.0.2 +# packaging==20.9 +passlib==1.7.4 +# pep517==0.10.0 +progress==1.6 +#psycopg2==2.9.1 +psycopg2-binary==2.9.3 +pycparser==2.20 +Pygments==2.10.0 +pyOpenSSL==21.0.0 +pyparsing==3.0.4 +pytz==2021.3 +PyYAML==6.0 +redis==3.5.3 +requests==2.26.0 +retrying==1.3.3 +# six==1.15.0 +socrate==0.2.0 +SQLAlchemy==1.4.26 +srslib==0.1.4 +tabulate==0.8.9 +tenacity==8.0.1 +toml==0.10.2 +urllib3==1.26.7 +validators==0.18.2 +visitor==0.1.3 +webencodings==0.5.1 +Werkzeug==2.0.2 +WTForms==2.3.3 +WTForms-Components==0.10.5 +xmltodict==0.12.0 diff --git a/core/admin/start.py b/core/admin/start.py index 8bb1cef1..ac8bd526 100755 --- a/core/admin/start.py +++ b/core/admin/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import logging as log diff --git a/core/base/Dockerfile b/core/base/Dockerfile index 71ac6e31..cd590596 100644 --- a/core/base/Dockerfile +++ b/core/base/Dockerfile @@ -1,30 +1,57 @@ # syntax=docker/dockerfile-upstream:1.4.3 +# base system image (intermediate) ARG DISTRO=alpine:3.14.5 -FROM $DISTRO +FROM $DISTRO as system ENV TZ Etc/UTC ENV LANG C.UTF-8 -# TODO: use intermediate image to build virtual env - RUN set -euxo pipefail \ - && adduser -s /bin/bash -Dh /app -k /var/empty -u 1000 -g mailu app \ - && apk add --no-cache bash ca-certificates tzdata python3 py3-pip py3-wheel \ - && pip3 install --no-cache-dir --upgrade pip + ; adduser -s /bin/bash -Dh /app -k /var/empty -u 1000 -g mailu app \ + ; apk add --no-cache bash ca-certificates python3 tzdata WORKDIR /app -COPY libs libs/ +CMD /bin/bash + + +# build virtual env (intermediate) +FROM system as build + +ENV VIRTUAL_ENV=/app/venv -# TODO: work in virtual env (see above) -# && python3 -m venv . \ RUN set -euxo pipefail \ - && pip3 install --no-cache-dir -r libs/requirements.txt --only-binary=:all: \ - || ( apk add --no-cache --virtual .build-deps gcc musl-dev python3-dev \ - && pip3 install --no-cache-dir -r libs/requirements.txt \ - && apk del --no-cache .build-deps ) + ; apk add --no-cache py3-pip \ + ; python3 -m venv ${VIRTUAL_ENV} \ + ; venv/bin/pip install --no-cache-dir --upgrade --no-warn-script-location pip wheel -# TODO: clean image (or use intermediate - see above) -# && bin/pip uninstall -y pip distribute setuptools wheel \ -# && rm -rf /tmp/* /root/.cache/pip +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" + +COPY libs/ libs/ +COPY --from=core ./ core/ +COPY --from=optional ./ optional/ + +RUN set -euxo pipefail \ + ; grep -hEv '(podop|socrate)==' core/*/requirements.txt optional/*/requirements.txt \ + | sort -u >libs/requirements.txt \ +\ + ; venv/bin/pip install --no-cache-dir -r libs/requirements.txt \ + || ( \ + apk add --no-cache --virtual .build-deps \ + build-base cargo gcc libffi-dev libressl-dev mariadb-connector-c-dev \ + musl-dev postgresql-dev python3-dev \ + ; venv/bin/pip install --no-cache-dir -r libs/requirements.txt \ + ; apk del .build-deps \ + ) \ +\ + ; venv/bin/pip freeze > venv/requirements.txt + + +# base mailu image +FROM system + +COPY --from=build /app/venv/ /app/venv/ + +ENV VIRTUAL_ENV=/app/venv +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" diff --git a/core/base/libs/requirements.txt b/core/base/requirements.txt similarity index 100% rename from core/base/libs/requirements.txt rename to core/base/requirements.txt diff --git a/core/dovecot/Dockerfile b/core/dovecot/Dockerfile index 2d74e59b..0796e587 100644 --- a/core/dovecot/Dockerfile +++ b/core/dovecot/Dockerfile @@ -1,18 +1,19 @@ # syntax=docker/dockerfile-upstream:1.4.3 +# dovecot image FROM base ARG VERSION LABEL version=$VERSION RUN set -euxo pipefail \ - && apk add --no-cache dovecot dovecot-lmtpd dovecot-pop3d dovecot-submissiond dovecot-pigeonhole-plugin rspamd-client xapian-core dovecot-fts-xapian \ - && mkdir /var/lib/dovecot + ; apk add --no-cache dovecot dovecot-fts-xapian dovecot-lmtpd dovecot-pigeonhole-plugin dovecot-pop3d dovecot-submissiond rspamd-client xapian-core \ + ; mkdir /var/lib/dovecot -COPY conf /conf -COPY start.py /start.py +COPY conf/ /conf/ +COPY start.py / -RUN echo $VERSION >> /version +RUN echo $VERSION >/version EXPOSE 110/tcp 143/tcp 993/tcp 4190/tcp 2525/tcp HEALTHCHECK --start-period=350s CMD echo QUIT|nc localhost 110|grep "Dovecot ready." diff --git a/core/dovecot/requirements.txt b/core/dovecot/requirements.txt new file mode 100644 index 00000000..16005f74 --- /dev/null +++ b/core/dovecot/requirements.txt @@ -0,0 +1,2 @@ +podop==0.2.5 +socrate==0.2.0 diff --git a/core/dovecot/start.py b/core/dovecot/start.py index 03bdfa80..a8c85ebf 100755 --- a/core/dovecot/start.py +++ b/core/dovecot/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import glob diff --git a/core/nginx/Dockerfile b/core/nginx/Dockerfile index 2a34403f..cbb9cd7c 100644 --- a/core/nginx/Dockerfile +++ b/core/nginx/Dockerfile @@ -1,29 +1,29 @@ # syntax=docker/dockerfile-upstream:1.4.3 +# build static assets (intermediate) FROM base as static -COPY static /static +COPY static/ /static/ RUN set -euxo pipefail \ - && gzip -k9 /static/*.ico /static/*.txt \ - && chmod a+rX-w -R /static + ; gzip -k9 /static/*.ico /static/*.txt \ + ; chmod a+rX-w -R /static +# nginx image FROM base ARG VERSION LABEL version=$VERSION -# Image specific layers under this line RUN set -euxo pipefail \ - && apk add --no-cache certbot nginx nginx-mod-mail openssl curl \ - && pip3 install --no-cache-dir watchdog + ; apk add --no-cache certbot curl nginx nginx-mod-mail openssl -COPY conf /conf -COPY --from=static /static /static +COPY conf/ /conf/ +COPY --from=static /static/ /static/ COPY *.py / -RUN echo $VERSION >> /version +RUN echo $VERSION >/version EXPOSE 80/tcp 443/tcp 110/tcp 143/tcp 465/tcp 587/tcp 993/tcp 995/tcp 25/tcp 10025/tcp 10143/tcp HEALTHCHECK --start-period=60s CMD curl -skfLo /dev/null http://localhost/health diff --git a/core/nginx/certwatcher.py b/core/nginx/certwatcher.py index 96ccdd7c..e86fc9ec 100755 --- a/core/nginx/certwatcher.py +++ b/core/nginx/certwatcher.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 """ Certificate watcher which reloads nginx or reconfigures it, depending on what happens to externally supplied certificates. Only executed by start.py in case diff --git a/core/nginx/config.py b/core/nginx/config.py index e9c4b50e..7930ff12 100755 --- a/core/nginx/config.py +++ b/core/nginx/config.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import logging as log diff --git a/core/nginx/letsencrypt.py b/core/nginx/letsencrypt.py index e636dac9..993e7f9f 100755 --- a/core/nginx/letsencrypt.py +++ b/core/nginx/letsencrypt.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import time diff --git a/core/nginx/requirements.txt b/core/nginx/requirements.txt new file mode 100644 index 00000000..c96c3bb8 --- /dev/null +++ b/core/nginx/requirements.txt @@ -0,0 +1,2 @@ +socrate==0.2.0 +watchdog==2.1.9 diff --git a/core/nginx/start.py b/core/nginx/start.py index 8673f148..07932211 100755 --- a/core/nginx/start.py +++ b/core/nginx/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import subprocess diff --git a/core/none/Dockerfile b/core/none/Dockerfile index 058b18c5..f06cc31c 100644 --- a/core/none/Dockerfile +++ b/core/none/Dockerfile @@ -1,12 +1,12 @@ # syntax=docker/dockerfile-upstream:1.4.3 -# This is an idle image to dynamically replace any component if disabled. +# idle image (to dynamically replace any disabled component) FROM base ARG VERSION=local LABEL version=$VERSION -RUN echo $VERSION >> /version +RUN echo $VERSION >/version HEALTHCHECK CMD true diff --git a/core/postfix/Dockerfile b/core/postfix/Dockerfile index 66adbde3..dab4396c 100644 --- a/core/postfix/Dockerfile +++ b/core/postfix/Dockerfile @@ -1,21 +1,18 @@ # syntax=docker/dockerfile-upstream:1.4.3 +# postfix image FROM base ARG VERSION=local LABEL version=$VERSION RUN set -euxo pipefail \ - && apk add --no-cache postfix postfix-pcre cyrus-sasl-login rsyslog logrotate \ - && pip install --no-cache-dir --only-binary=:all: postfix-mta-sts-resolver==1.0.1 \ - || ( apk add --no-cache --virtual .build-deps gcc musl-dev python3-dev py3-wheel libffi-dev \ - && pip3 install postfix-mta-sts-resolver==1.0.1 \ - && apk del .build-deps ) + ; apk add --no-cache cyrus-sasl-login logrotate postfix postfix-pcre rsyslog -COPY conf /conf -COPY start.py /start.py +COPY conf/ /conf/ +COPY start.py / -RUN echo $VERSION >> /version +RUN echo $VERSION >/version EXPOSE 25/tcp 10025/tcp HEALTHCHECK --start-period=350s CMD echo QUIT|nc localhost 25|grep "220 .* ESMTP Postfix" diff --git a/core/postfix/requirements.txt b/core/postfix/requirements.txt new file mode 100644 index 00000000..2d9b8135 --- /dev/null +++ b/core/postfix/requirements.txt @@ -0,0 +1,3 @@ +podop==0.2.5 +postfix-mta-sts-resolver==1.1.4 +socrate==0.2.0 diff --git a/core/postfix/start.py b/core/postfix/start.py index 4faf2e2d..b12d0b54 100755 --- a/core/postfix/start.py +++ b/core/postfix/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import glob diff --git a/core/rspamd/Dockerfile b/core/rspamd/Dockerfile index 5ee922e5..2ccb5307 100644 --- a/core/rspamd/Dockerfile +++ b/core/rspamd/Dockerfile @@ -1,18 +1,19 @@ # syntax=docker/dockerfile-upstream:1.4.3 +# rspamd image FROM base ARG VERSION=local LABEL version=$VERSION RUN set -euxo pipefail \ - && apk add --no-cache rspamd rspamd-controller rspamd-proxy rspamd-fuzzy ca-certificates curl \ - && mkdir /run/rspamd + ; apk add --no-cache curl rspamd rspamd-controller rspamd-fuzzy rspamd-proxy \ + ; mkdir /run/rspamd -COPY conf/ /conf -COPY start.py /start.py +COPY conf/ /conf/ +COPY start.py / -RUN echo $VERSION >> /version +RUN echo $VERSION >/version EXPOSE 11332/tcp 11334/tcp 11335/tcp HEALTHCHECK --start-period=350s CMD curl -skfLo /dev/null http://localhost:11334/ diff --git a/core/rspamd/requirements.txt b/core/rspamd/requirements.txt new file mode 100644 index 00000000..be4b0107 --- /dev/null +++ b/core/rspamd/requirements.txt @@ -0,0 +1 @@ +socrate==0.2.0 diff --git a/core/rspamd/start.py b/core/rspamd/start.py index fcb33a97..58ec89ca 100755 --- a/core/rspamd/start.py +++ b/core/rspamd/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import glob diff --git a/optional/clamav/Dockerfile b/optional/clamav/Dockerfile index e0ed0cdc..9beded99 100644 --- a/optional/clamav/Dockerfile +++ b/optional/clamav/Dockerfile @@ -1,26 +1,22 @@ -ARG DISTRO=alpine:3.14.5 -FROM $DISTRO -ARG VERSION +# syntax=docker/dockerfile-upstream:1.4.3 -ENV TZ Etc/UTC +# clamav image +FROM base +ARG VERSION=local LABEL version=$VERSION -# python3 shared with most images -RUN apk add --no-cache \ - python3 py3-pip bash tzdata \ - && pip3 install --upgrade pip -# Image specific layers under this line -RUN apk add --no-cache clamav rsyslog wget clamav-libunrar +RUN set -euxo pipefail \ + ; apk add --no-cache clamav clamav-libunrar rsyslog wget -COPY conf /etc/clamav -COPY start.py /start.py -COPY health.sh /health.sh +COPY conf/ /etc/clamav/ +COPY start.py / + +RUN echo $VERSION >/version EXPOSE 3310/tcp +HEALTHCHECK --start-period=350s CMD echo PING|nc localhost 3310|grep "PONG" + VOLUME ["/data"] CMD /start.py - -HEALTHCHECK --start-period=350s CMD /health.sh -RUN echo $VERSION >> /version \ No newline at end of file diff --git a/optional/clamav/health.sh b/optional/clamav/health.sh deleted file mode 100755 index c4c55044..00000000 --- a/optional/clamav/health.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -if [ "$(echo PING | nc localhost 3310)" = "PONG" ]; then - echo "ping successful" -else - echo "ping failed" - exit 1 -fi diff --git a/optional/clamav/start.py b/optional/clamav/start.py index 56e1bcfe..3d0c306d 100755 --- a/optional/clamav/start.py +++ b/optional/clamav/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import logging as log diff --git a/optional/fetchmail/Dockerfile b/optional/fetchmail/Dockerfile index 71075ced..12488213 100644 --- a/optional/fetchmail/Dockerfile +++ b/optional/fetchmail/Dockerfile @@ -1,23 +1,21 @@ -ARG DISTRO=alpine:3.14.5 -FROM $DISTRO -ARG VERSION +# syntax=docker/dockerfile-upstream:1.4.3 -ENV TZ Etc/UTC +# fetchmail image +FROM base +ARG VERSION=local LABEL version=$VERSION -# python3 shared with most images -RUN apk add --no-cache \ - python3 py3-pip bash tzdata \ - && pip3 install --upgrade pip +RUN set -euxo pipefail \ + ; apk add --no-cache fetchmail openssl \ + ; mkdir -p /data -# Image specific layers under this line -RUN apk add --no-cache fetchmail ca-certificates openssl \ - && pip3 install requests +COPY fetchmail.py / -RUN mkdir -p /data +RUN echo $VERSION >/version -COPY fetchmail.py /fetchmail.py +HEALTHCHECK --start-period=350s CMD ["/bin/sh", "-c", "ps ax | grep [/]fetchmail.py"] + +VOLUME ["/var/lib/rspamd"] CMD ["/fetchmail.py"] -RUN echo $VERSION >> /version \ No newline at end of file diff --git a/optional/fetchmail/fetchmail.py b/optional/fetchmail/fetchmail.py index 5459de59..32751ed7 100755 --- a/optional/fetchmail/fetchmail.py +++ b/optional/fetchmail/fetchmail.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import time import os diff --git a/optional/fetchmail/requirements.txt b/optional/fetchmail/requirements.txt new file mode 100644 index 00000000..a8ed785e --- /dev/null +++ b/optional/fetchmail/requirements.txt @@ -0,0 +1 @@ +requests==2.26.0 diff --git a/optional/radicale/Dockerfile b/optional/radicale/Dockerfile index 30055a14..f9fd7598 100644 --- a/optional/radicale/Dockerfile +++ b/optional/radicale/Dockerfile @@ -1,27 +1,21 @@ -ARG DISTRO=alpine:3.14.5 -FROM $DISTRO -ARG VERSION +# syntax=docker/dockerfile-upstream:1.4.3 -ENV TZ Etc/UTC +# webdav image +FROM base +ARG VERSION=local LABEL version=$VERSION -# python3 shared with most images -RUN apk add --no-cache \ - python3 py3-pip bash tzdata \ - && pip3 install --upgrade pip +RUN set -euxo pipefail \ + ; apk add --no-cache curl -# Image specific layers under this line -RUN apk add --no-cache curl \ - && pip3 install pytz radicale~=3.0 +COPY radicale.conf / - -COPY radicale.conf /radicale.conf +RUN echo $VERSION >/version EXPOSE 5232/tcp +HEALTHCHECK CMD curl -f -L http://localhost:5232/ || exit 1 + VOLUME ["/data"] CMD radicale -S -C /radicale.conf - -HEALTHCHECK CMD curl -f -L http://localhost:5232/ || exit 1 -RUN echo $VERSION >> /version diff --git a/optional/radicale/requirements.txt b/optional/radicale/requirements.txt new file mode 100644 index 00000000..fc61502c --- /dev/null +++ b/optional/radicale/requirements.txt @@ -0,0 +1,2 @@ +pytz==2021.3 +radicale~=3.0 diff --git a/optional/traefik-certdumper/Dockerfile b/optional/traefik-certdumper/Dockerfile index 829655f0..a94f32ba 100644 --- a/optional/traefik-certdumper/Dockerfile +++ b/optional/traefik-certdumper/Dockerfile @@ -1,16 +1,22 @@ +# syntax=docker/dockerfile-upstream:1.4.3 + +# cert dumper image FROM ldez/traefik-certs-dumper -ARG VERSION ENV TZ Etc/UTC +ENV LANG C.UTF-8 +ARG VERSION LABEL version=$VERSION -RUN apk --no-cache add inotify-tools util-linux bash tzdata +RUN set -euxo pipefail \ + ; apk add --no-cache bash inotify-tools tzdata util-linux COPY run.sh / +RUN echo $VERSION >/version + VOLUME ["/traefik"] VOLUME ["/output"] ENTRYPOINT ["/run.sh"] -RUN echo $VERSION >> /version \ No newline at end of file diff --git a/optional/unbound/Dockerfile b/optional/unbound/Dockerfile index 342ceebc..343326fe 100644 --- a/optional/unbound/Dockerfile +++ b/optional/unbound/Dockerfile @@ -1,33 +1,25 @@ -ARG DISTRO=alpine:3.14.5 -FROM $DISTRO -ARG VERSION +# syntax=docker/dockerfile-upstream:1.4.3 -ENV TZ Etc/UTC +# resolver image +FROM base +ARG VERSION=local LABEL version=$VERSION -# python3 shared with most images -RUN apk add --no-cache \ - python3 py3-pip git bash py3-multidict tzdata \ - && pip3 install --upgrade pip +RUN set -euxo pipefail \ + ; apk add --no-cache bind-tools curl unbound \ + ; curl -so /etc/unbound/root.hints https://www.internic.net/domain/named.cache \ + ; chown root:unbound /etc/unbound \ + ; chmod 775 /etc/unbound \ + ; apk del --no-cache curl \ + ; /usr/sbin/unbound-anchor -a /etc/unbound/trusted-key.key || true -# Shared layer between nginx, dovecot, postfix, postgresql, rspamd, unbound, snappymail, roundcube -RUN pip3 install socrate==0.2.0 +COPY unbound.conf / +COPY start.py / -# Image specific layers under this line -RUN apk add --no-cache unbound curl bind-tools \ - && curl -o /etc/unbound/root.hints https://www.internic.net/domain/named.cache \ - && chown root:unbound /etc/unbound \ - && chmod 775 /etc/unbound \ - && apk del --no-cache curl \ - && /usr/sbin/unbound-anchor -a /etc/unbound/trusted-key.key | true - -COPY start.py /start.py -COPY unbound.conf /unbound.conf +RUN echo $VERSION >/version EXPOSE 53/udp 53/tcp +HEALTHCHECK CMD dig @127.0.0.1 || exit 1 CMD /start.py - -HEALTHCHECK CMD dig @127.0.0.1 || exit 1 -RUN echo $VERSION >> /version \ No newline at end of file diff --git a/optional/unbound/start.py b/optional/unbound/start.py index 0e7d0fdc..f3a5bee7 100755 --- a/optional/unbound/start.py +++ b/optional/unbound/start.py @@ -1,4 +1,4 @@ -#!/usr/bin/python3 +#!/usr/bin/env python3 import os import logging as log diff --git a/tests/build.hcl b/tests/build.hcl index c32da8d5..75e4f996 100644 --- a/tests/build.hcl +++ b/tests/build.hcl @@ -83,12 +83,16 @@ function "tag" { # ----------------------------------------------------------------------------------------- target "base" { inherits = ["defaults"] - context="core/base" + context = "core/base/" + contexts = { + core = "core/" + optional = "optional/" + } } target "assets" { inherits = ["defaults"] - context="core/admin/assets" + context = "core/admin/assets/" } # ----------------------------------------------------------------------------------------- @@ -96,7 +100,7 @@ target "assets" { # ----------------------------------------------------------------------------------------- target "docs" { inherits = ["defaults"] - context = "docs" + context = "docs/" tags = tag("docs") args = { version = "${MAILU_VERSION}" @@ -106,7 +110,7 @@ target "docs" { target "setup" { inherits = ["defaults"] - context="setup" + context = "setup/" tags = tag("setup") } @@ -115,8 +119,8 @@ target "setup" { # ----------------------------------------------------------------------------------------- target "none" { inherits = ["defaults"] - context="core/none" - contexts= { + context = "core/none/" + contexts = { base = "target:base" } tags = tag("none") @@ -124,8 +128,8 @@ target "none" { target "admin" { inherits = ["defaults"] - context="core/admin" - contexts= { + context = "core/admin/" + contexts = { base = "target:base" assets = "target:assets" } @@ -134,8 +138,8 @@ target "admin" { target "antispam" { inherits = ["defaults"] - context="core/rspamd" - contexts= { + context = "core/rspamd/" + contexts = { base = "target:base" } tags = tag("rspamd") @@ -143,8 +147,8 @@ target "antispam" { target "front" { inherits = ["defaults"] - context="core/nginx" - contexts= { + context = "core/nginx/" + contexts = { base = "target:base" } tags = tag("nginx") @@ -152,8 +156,8 @@ target "front" { target "imap" { inherits = ["defaults"] - context="core/dovecot" - contexts= { + context = "core/dovecot/" + contexts = { base = "target:base" } tags = tag("dovecot") @@ -161,8 +165,8 @@ target "imap" { target "smtp" { inherits = ["defaults"] - context="core/postfix" - contexts= { + context = "core/postfix/" + contexts = { base = "target:base" } tags = tag("postfix") @@ -173,13 +177,13 @@ target "smtp" { # ----------------------------------------------------------------------------------------- target "snappymail" { inherits = ["defaults"] - context="webmails/snappymail" + context = "webmails/snappymail/" tags = tag("snappymail") } target "roundcube" { inherits = ["defaults"] - context="webmails/roundcube" + context = "webmails/roundcube/" tags = tag("roundcube") } @@ -188,30 +192,42 @@ target "roundcube" { # ----------------------------------------------------------------------------------------- target "antivirus" { inherits = ["defaults"] - context="optional/clamav" + context = "optional/clamav/" + contexts = { + base = "target:base" + } tags = tag("clamav") } target "fetchmail" { inherits = ["defaults"] - context="optional/fetchmail" + context = "optional/fetchmail/" + contexts = { + base = "target:base" + } tags = tag("fetchmail") } target "resolver" { inherits = ["defaults"] - context="optional/unbound" + context = "optional/unbound/" + contexts = { + base = "target:base" + } tags = tag("unbound") } target "traefik-certdumper" { inherits = ["defaults"] - context="optional/traefik-certdumper" + context = "optional/traefik-certdumper/" tags = tag("traefik-certdumper") } target "webdav" { inherits = ["defaults"] - context="optional/radicale" + context = "optional/radicale/" + contexts = { + base = "target:base" + } tags = tag("radicale") }