7x31
/
mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update generate_config.sh to support Podman

This commit is contained in:
Roy Lenferink 2023-01-09 14:36:40 +01:00
parent 399e831ce3
commit 13496998e6
4 changed files with 228 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -59,6 +59,7 @@ data/web/inc/vars.local.inc.php
data/web/inc/app_info.inc.php data/web/inc/app_info.inc.php
data/web/nextcloud*/ data/web/nextcloud*/
data/web/rc*/ data/web/rc*/
docker-compose.yml**.bak
docker-compose.override.yml docker-compose.override.yml
!helper-scripts/docker-compose.override.yml.d/**/docker-compose.override.yml !helper-scripts/docker-compose.override.yml.d/**/docker-compose.override.yml
mailcow.conf mailcow.conf

108
generate_config.sh
View File

@ -21,38 +21,61 @@ if grep --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox grep
if cp --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox cp detected, please install coreutils, \"apk add --no-cache --upgrade coreutils\""; exit 1; fi if cp --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox cp detected, please install coreutils, \"apk add --no-cache --upgrade coreutils\""; exit 1; fi
if sed --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox sed detected, please install gnu sed, \"apk add --no-cache --upgrade sed\""; exit 1; fi if sed --help 2>&1 | head -n 1 | grep -q -i "busybox"; then echo "BusyBox sed detected, please install gnu sed, \"apk add --no-cache --upgrade sed\""; exit 1; fi
for bin in openssl curl docker git awk sha1sum; do # Check which container engine is available.
# Check for podman first, because the 'podman-docker' package might be installed providing a dummy 'docker' command.
if command -v podman > /dev/null 2>&1; then
CONTAINER_ENGINE="podman"
echo -e "\e[32mFound Podman container engine.\e[0m"
if [[ -n "${DOCKER_HOST}" ]] && [[ "${DOCKER_HOST}" == "unix://"* ]]; then
CONTAINER_SOCKET="${DOCKER_HOST/"unix://"/}"
else
CONTAINER_SOCKET="/run/user/${UID}/podman/podman.sock"
fi
elif command -v docker > /dev/null 2>&1; then
CONTAINER_ENGINE="docker"
echo -e "\e[32mFound Docker container engine.\e[0m"
CONTAINER_SOCKET="/var/run/docker.sock"
else
echo "Cannot find container engine (Docker or Podman), exiting..."
exit 1
fi
for bin in openssl curl git awk sha1sum; do
if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi if [[ -z $(which ${bin}) ]]; then echo "Cannot find ${bin}, exiting..."; exit 1; fi
done done
if command -v docker compose > /dev/null 2>&1; then MAILCOW_DOCKER_COMPOSE=${MAILCOW_DOCKER_COMPOSE:-"docker-compose"}
if [[ "${CONTAINER_ENGINE}" == "docker" ]] && command -v docker compose > /dev/null 2>&1; then
version=$(docker compose version --short) version=$(docker compose version --short)
if [[ $version =~ ^2\.([0-9]+)\.([0-9]+) ]]; then if [[ $version =~ ^2\.([0-9]+)\.([0-9]+) ]]; then
COMPOSE_VERSION=native COMPOSE_VERSION=native
echo -e "\e[31mFound Docker Compose Plugin (native).\e[0m" echo -e "\e[31mFound Docker Compose Plugin (native).\e[0m"
echo -e "\e[31mSetting the DOCKER_COMPOSE_VERSION Variable to native\e[0m" echo -e "\e[31mSetting the DOCKER_COMPOSE_VERSION Variable to native\e[0m"
sleep 2 sleep 2
echo -e "\e[33mNotice: You´ll have to update this Compose Version via your Package Manager manually!\e[0m" echo -e "\e[33mNotice: You'll have to update this Compose Version via your Package Manager manually! \e[0m"
else else
echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m" echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m"
echo -e "\e[31mPlease update/install manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" echo -e "\e[31mPlease update/install manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m"
exit 1 exit 1
fi fi
elif command -v docker-compose > /dev/null 2>&1; then elif command -v $MAILCOW_DOCKER_COMPOSE > /dev/null 2>&1; then
version=$(docker-compose version --short) version=$($MAILCOW_DOCKER_COMPOSE version --short)
if [[ $version =~ ^2\.([0-9]+)\.([0-9]+) ]]; then if [[ $version =~ ^2\.([0-9]+)\.([0-9]+) ]]; then
COMPOSE_VERSION=standalone COMPOSE_VERSION=standalone
echo -e "\e[31mFound Docker Compose Standalone.\e[0m" echo -e "\e[31mFound Docker Compose Standalone.\e[0m"
echo -e "\e[31mSetting the DOCKER_COMPOSE_VERSION Variable to standalone\e[0m" echo -e "\e[31mSetting the DOCKER_COMPOSE_VERSION Variable to standalone\e[0m"
sleep 2 sleep 2
echo -e "\e[33mNotice: For an automatic update of docker-compose please use the update_compose.sh scripts located at the helper-scripts folder.\e[0m" echo -e "\e[33mNotice: For an automatic update of ${MAILCOW_DOCKER_COMPOSE} please use the update_compose.sh scripts located at the helper-scripts folder.\e[0m"
else else
echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m" echo -e "\e[31mCannot find Docker Compose with a Version Higher than 2.X.X.\e[0m"
echo -e "\e[31mPlease update/install manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" echo -e "\e[31mPlease update/install manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m"
exit 1 exit 1
fi fi
else else
echo -e "\e[31mCannot find Docker Compose.\e[0m" echo -e "\e[31mCannot find Docker Compose.\e[0m"
echo -e "\e[31mPlease install it manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m" echo -e "\e[31mPlease install it manually regarding to this doc site: https://mailcow.github.io/mailcow-dockerized-docs/i_u_m/i_u_m_install/\e[0m"
exit 1 exit 1
fi fi
@ -172,7 +195,7 @@ else
echo -e "\033[31mCould not determine branch input..." echo -e "\033[31mCould not determine branch input..."
echo -e "\033[31mExiting." echo -e "\033[31mExiting."
exit 1 exit 1
fi fi
if [ ! -z "${MAILCOW_BRANCH}" ]; then if [ ! -z "${MAILCOW_BRANCH}" ]; then
git_branch=${MAILCOW_BRANCH} git_branch=${MAILCOW_BRANCH}
@ -180,6 +203,17 @@ fi
[ ! -f ./data/conf/rspamd/override.d/worker-controller-password.inc ] && echo '# Placeholder' > ./data/conf/rspamd/override.d/worker-controller-password.inc [ ! -f ./data/conf/rspamd/override.d/worker-controller-password.inc ] && echo '# Placeholder' > ./data/conf/rspamd/override.d/worker-controller-password.inc
if [[ "${CONTAINER_ENGINE}" == "podman" ]]; then
MAILCOW_HTTP_BIND="127.0.0.1"
MAILCOW_HTTPS_BIND="127.0.0.1"
# Patch the docker-compose.yml for usage with Podman
bash ./patch-docker-compose-for-podman.sh
else
MAILCOW_HTTP_BIND=""
MAILCOW_HTTPS_BIND=""
fi
cat << EOF > mailcow.conf cat << EOF > mailcow.conf
# ------------------------------ # ------------------------------
# mailcow web ui configuration # mailcow web ui configuration
@ -195,6 +229,9 @@ MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
# see https://mailcow.github.io/mailcow-dockerized-docs/models/model-passwd/ # see https://mailcow.github.io/mailcow-dockerized-docs/models/model-passwd/
MAILCOW_PASS_SCHEME=BLF-CRYPT MAILCOW_PASS_SCHEME=BLF-CRYPT
# The directory used to store the data of the used containers
MAILCOW_STORAGE_DIR=
# ------------------------------ # ------------------------------
# SQL database configuration # SQL database configuration
# ------------------------------ # ------------------------------
@ -221,10 +258,42 @@ DBROOT=$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 28)
# For IPv6 see https://mailcow.github.io/mailcow-dockerized-docs/post_installation/firststeps-ip_bindings/ # For IPv6 see https://mailcow.github.io/mailcow-dockerized-docs/post_installation/firststeps-ip_bindings/
HTTP_PORT=80 HTTP_PORT=80
HTTP_BIND= HTTP_BIND=${MAILCOW_HTTP_BIND}
HTTPS_PORT=443 HTTPS_PORT=443
HTTPS_BIND= HTTPS_BIND=${MAILCOW_HTTPS_BIND}
# ------------------------------
# Container environment
# ------------------------------
# The container engine to use to run this project (docker or podman).
MAILCOW_CONTAINER_ENGINE=${CONTAINER_ENGINE}
# The location of the container socket to use for volume mounts.
MAILCOW_CONTAINER_SOCKET=${CONTAINER_SOCKET}
# Fixed project name
# Please use lowercase letters only
COMPOSE_PROJECT_NAME=mailcowdockerized
# Used Docker Compose version
# Switch here between native (compose plugin) and standalone
# For more information take a look at the mailcow docs regarding the configuration options.
# Normally this should be untouched but if you decided to use either of those you can switch it manually here.
# Please be aware that at least one of those variants should be installed on your machine or mailcow will fail.
DOCKER_COMPOSE_VERSION=${COMPOSE_VERSION}
# The name of the docker-compose binary to use. This option can be used in case both
# docker-compose v1 and docker-compose v2 need to be installed.
# Default: docker-compose
# Example: docker-compose-v2
MAILCOW_DOCKER_COMPOSE=${MAILCOW_DOCKER_COMPOSE}
# ------------------------------ # ------------------------------
# Other bindings # Other bindings
@ -251,22 +320,9 @@ REDIS_PORT=127.0.0.1:7654
TZ=${MAILCOW_TZ} TZ=${MAILCOW_TZ}
# Fixed project name
# Please use lowercase letters only
COMPOSE_PROJECT_NAME=mailcowdockerized
# Used Docker Compose version
# Switch here between native (compose plugin) and standalone
# For more informations take a look at the mailcow docs regarding the configuration options.
# Normally this should be untouched but if you decided to use either of those you can switch it manually here.
# Please be aware that at least one of those variants should be installed on your maschine or mailcow will fail.
DOCKER_COMPOSE_VERSION=${COMPOSE_VERSION}
# Set this to "allow" to enable the anyone pseudo user. Disabled by default. # Set this to "allow" to enable the anyone pseudo user. Disabled by default.
# When enabled, ACL can be created, that apply to "All authenticated users" # When enabled, ACL can be created, that apply to "All authenticated users"
# This should probably only be activated on mail hosts, that are used exclusivly by one organisation. # This should probably only be activated on mail hosts, that are used exclusively by one organisation.
# Otherwise a user might share data with too many other users. # Otherwise a user might share data with too many other users.
ACL_ANYONE=disallow ACL_ANYONE=disallow

125
patch-docker-compose-for-podman.patch Normal file
View File

@ -0,0 +1,125 @@
--- docker-compose-original.yml 2023-01-09 13:46:07.792778709 +0100
+++ docker-compose.yml 2023-01-09 13:45:20.828836564 +0100
@@ -55,8 +55,8 @@
- "${REDIS_PORT:-127.0.0.1:7654}:6379"
environment:
- TZ=${TZ}
- sysctls:
- - net.core.somaxconn=4096
+# sysctls:
+# - net.core.somaxconn=4096
networks:
mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.249
@@ -68,8 +68,8 @@
restart: always
depends_on:
- unbound-mailcow
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
environment:
- TZ=${TZ}
- SKIP_CLAMD=${SKIP_CLAMD:-n}
@@ -108,8 +108,8 @@
- label=disable
restart: always
hostname: rspamd
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
networks:
mailcow-network:
aliases:
@@ -140,8 +140,8 @@
- ./data/conf/nginx/:/etc/nginx/conf.d/
security_opt:
- label=disable
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
environment:
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
@@ -198,8 +198,8 @@
- MASTER=${MASTER:-y}
- REDIS_SLAVEOF_IP=${REDIS_SLAVEOF_IP:-}
- REDIS_SLAVEOF_PORT=${REDIS_SLAVEOF_PORT:-}
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
volumes:
- ./data/hooks/sogo:/hooks
- ./data/conf/sogo/:/etc/sogo/
@@ -233,8 +233,8 @@
image: mailcow/dovecot:1.21
depends_on:
- mysql-mailcow
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
cap_add:
- NET_BIND_SERVICE
volumes:
@@ -341,8 +341,8 @@
- "${SMTPS_PORT:-465}:465"
- "${SUBMISSION_PORT:-587}:587"
restart: always
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
networks:
mailcow-network:
ipv4_address: ${IPV4_NETWORK:-172.22.1}.253
@@ -367,8 +367,8 @@
- php-fpm-mailcow
- redis-mailcow
image: nginx:mainline-alpine
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
command: /bin/sh -c "envsubst < /etc/nginx/conf.d/templates/listen_plain.template > /etc/nginx/conf.d/listen_plain.active &&
envsubst < /etc/nginx/conf.d/templates/listen_ssl.template > /etc/nginx/conf.d/listen_ssl.active &&
envsubst < /etc/nginx/conf.d/templates/sogo.template > /etc/nginx/conf.d/sogo.active &&
@@ -412,8 +412,8 @@
depends_on:
- nginx-mailcow
image: mailcow/acme:1.83
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
environment:
- LOG_LINES=${LOG_LINES:-9999}
- ACME_CONTACT=${ACME_CONTACT:-}
@@ -475,8 +475,8 @@
watchdog-mailcow:
image: mailcow/watchdog:1.97
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
tmpfs:
- /tmp
volumes:
@@ -542,9 +542,9 @@
security_opt:
- label=disable
restart: always
- oom_kill_disable: true
- dns:
- - ${IPV4_NETWORK:-172.22.1}.254
+# oom_kill_disable: true
+# dns:
+# - ${IPV4_NETWORK:-172.22.1}.254
environment:
- DBROOT=${DBROOT}
- TZ=${TZ}

20
patch-docker-compose-for-podman.sh Executable file
View File

@ -0,0 +1,20 @@
#!/usr/bin/env bash
#
# This script patches the docker-compose.yml for usage with podman.
# This is necessary because not all options (e.g. DNS) can be overwritten by docker-compose, see
# https://github.com/docker/compose/issues/3729
set -e
PATCH_FILE="patch-docker-compose-for-podman.patch"
TIMESTAMP="$(date +'%Y%m%d%H%M')"
# Create a backup (in case custom changes are made)
cp docker-compose.yml docker-compose.yml.${TIMESTAMP}.bak
# Detect whether the patch has been applied by trying to reverse the patch in a dry-run scenario
if ! patch -R -s -f --dry-run docker-compose.yml < ${PATCH_FILE} > /dev/null 2>&1; then
patch docker-compose.yml < ${PATCH_FILE}
else
echo "Patch file already applied or custom changes prevent applying the patch"
fi