From c134f0b5bab2178b28a512761e280a4f48c8bb4b Mon Sep 17 00:00:00 2001 From: DerLinkman Date: Wed, 3 May 2023 09:36:43 +0000 Subject: [PATCH] Changed Dovecot Base to Bullseye again (Self compile) --- data/Dockerfiles/dovecot/Dockerfile | 290 +++++++++++------- .../dovecot/syslog-ng-redis_slave.conf | 2 +- data/Dockerfiles/dovecot/syslog-ng.conf | 2 +- data/conf/dovecot/dovecot.conf | 4 +- 4 files changed, 186 insertions(+), 112 deletions(-) diff --git a/data/Dockerfiles/dovecot/Dockerfile b/data/Dockerfiles/dovecot/Dockerfile index 8e36fda0..0f1dced2 100644 --- a/data/Dockerfiles/dovecot/Dockerfile +++ b/data/Dockerfiles/dovecot/Dockerfile @@ -1,128 +1,202 @@ -FROM alpine:edge -LABEL maintainer "The Infrastructure Company GmbH " +FROM debian:bullseye-slim as build +LABEL maintainer "The Infrastructure Company " +ARG DEBIAN_FRONTEND=noninteractive ARG GOSU_VERSION=1.16 +ARG DOVECOT_VERSION=2.3.20 +ARG PIGEONHOLE_VERSION=0.5.20 +ENV LC_ALL C -ENV LANG C.UTF-8 -ENV LC_ALL C.UTF-8 # Add groups and users before installing Dovecot to not break compatibility -RUN addgroup -g 5000 vmail \ - && addgroup -g 401 dovecot \ - && addgroup -g 402 dovenull \ - && sed -i "s/999/99/" /etc/group \ - && addgroup -g 999 sogo \ - && addgroup nobody sogo \ - && adduser -D -u 5000 -G vmail -h /var/vmail vmail \ - && adduser -D -G dovecot -u 401 -h /dev/null -s /sbin/nologin dovecot \ - && adduser -D -G dovenull -u 402 -h /dev/null -s /sbin/nologin dovenull \ - && apk add --no-cache --update \ - build-base \ - bash \ - bind-tools \ +RUN touch /etc/default/locale \ + && apt-get update \ + && apt-get -y --no-install-recommends install \ + apt-transport-https \ ca-certificates \ curl \ - cyrus-sasl-dev \ - gcc \ - gettext-dev \ - gnupg \ - gnupg-dirmngr \ + dirmngr \ + gettext \ + gnupg2 \ jq \ - libintl \ - libssl1.1 \ - libstdc++ \ - libxml2-dev \ - lua \ - lua-cjson \ - lua-socket \ + libauthen-ntlm-perl \ + libcgi-pm-perl \ + libcrypt-openssl-rsa-perl \ + libcrypt-ssleay-perl \ + libdata-uniqid-perl \ + libdbd-mysql-perl \ + libdbi-perl \ + libdigest-hmac-perl \ + libdist-checkconflicts-perl \ + libencode-imaputf7-perl \ + libfile-copy-recursive-perl \ + libfile-tail-perl \ + libhtml-parser-perl \ + libio-compress-perl \ + libio-socket-inet6-perl \ + libio-socket-ssl-perl \ + libio-tee-perl \ + libipc-run-perl \ + libjson-webtoken-perl \ + liblockfile-simple-perl \ + libmail-imapclient-perl \ + libmodule-implementation-perl \ + libmodule-scandeps-perl \ + libnet-ssleay-perl \ + libpackage-stash-perl \ + libpackage-stash-xs-perl \ + libpar-packer-perl \ + libparse-recdescent-perl \ + libproc-processtable-perl \ + libreadonly-perl \ + libregexp-common-perl \ + libsys-meminfo-perl \ + libterm-readkey-perl \ + libtest-deep-perl \ + libtest-fatal-perl \ + libtest-mock-guard-perl \ + libtest-mockobject-perl \ + libtest-nowarnings-perl \ + libtest-pod-perl \ + libtest-requires-perl \ + libtest-simple-perl \ + libtest-warn-perl \ + libtry-tiny-perl \ + libunicode-string-perl \ + liburi-perl \ + libwww-perl \ + libstemmer-dev \ + libexttextcat-dev \ + libldap-dev \ + libghc-bzlib-dev \ lua-sql-mysql \ - lua5.3-sql-mysql \ - make \ - mariadb-connector-c \ - mariadb-dev \ - glib-dev \ - gcompat \ + liblz4-dev \ + libzstd-dev \ + libexpat-dev \ + lua-socket \ mariadb-client \ -# libressl-dev \ - openssl-dev \ - pcre-dev \ - perl \ - perl-dev \ - perl-ntlm \ - perl-cgi \ - perl-crypt-openssl-rsa \ - perl-utils \ - perl-crypt-ssleay \ - perl-data-uniqid \ - perl-dbd-mysql \ - perl-dbi \ - perl-digest-hmac \ - perl-dist-checkconflicts \ - perl-encode-imaputf7 \ - perl-file-copy-recursive \ - perl-file-tail \ - perl-io-socket-inet6 \ - perl-io-gzip \ - perl-io-socket-ssl \ - perl-io-tee \ - perl-ipc-run \ - perl-json-webtoken \ - perl-mail-imapclient \ - perl-module-implementation \ - perl-module-scandeps \ - perl-net-ssleay \ - perl-package-stash \ - perl-package-stash-xs \ - perl-par-packer \ - perl-parse-recdescent \ - libproc \ - perl-readonly \ - perl-regexp-common \ - perl-sys-meminfo \ - perl-term-readkey \ - perl-test-deep \ - perl-test-fatal \ - perl-test-mockobject \ - perl-test-mock-guard \ - perl-test-pod \ - perl-test-requires \ - perl-test-simple \ - perl-test-warn \ - perl-try-tiny \ - perl-unicode-string \ - perl-proc-processtable \ - perl-app-cpanminus \ procps \ - python3 \ - python3-dev \ - py3-pip \ - redis \ - syslog-ng \ - syslog-ng-redis \ - syslog-ng-json \ - supervisor \ - tzdata \ wget \ - dovecot \ - dovecot-dev \ - dovecot-lmtpd \ - dovecot-lua \ - dovecot-ldap \ - dovecot-mysql \ - dovecot-sql \ - dovecot-submissiond \ - dovecot-pigeonhole-plugin \ - dovecot-pop3d \ - dovecot-fts-solr \ - && arch=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) \ - && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch" \ + git \ + bison \ + flex \ + build-essential \ + autoconf \ + automake \ + libtool \ + make \ + default-libmysqlclient-dev \ + libicu-dev \ + zlib1g-dev \ + pkg-config \ + libsqlite3-dev \ + liblua5.3-dev \ + && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \ + && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \ && chmod +x /usr/local/bin/gosu \ && gosu nobody true -RUN cpan LockFile::Simple +RUN cd /tmp && wget https://github.com/dovecot/core/archive/refs/tags/${DOVECOT_VERSION}.tar.gz && tar -xzf ${DOVECOT_VERSION}.tar.gz && cd core-${DOVECOT_VERSION} \ + && ./autogen.sh \ + && PANDOC=false ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --with-ssldir=/etc/ssl --enable-maintainer-mode --with-sql=yes --with-lua=yes --with-mysql --with-ldap --with-solr --with-zstd --with-lz4 --with-ssl=openssl --with-notify=inotify --with-bzlib --with-zlib --enable-hardening --with-stemmer --with-textcat --with-icu \ + && make -j6 \ + && make install \ + && make clean -RUN pip3 install mysql-connector-python html2text jinja2 redis +RUN cd /tmp && wget https://github.com/dovecot/pigeonhole/archive/refs/tags/${PIGEONHOLE_VERSION}.tar.gz && tar -xzf ${PIGEONHOLE_VERSION}.tar.gz && cd pigeonhole-${PIGEONHOLE_VERSION} \ + && ./autogen.sh \ + && ./configure --with-dovecot=/usr/lib/dovecot --with-managesieve\ + && make -j6 \ + && make install \ + && make clean +FROM debian:bullseye-slim +RUN groupadd -g 5000 vmail \ + && groupadd -g 401 dovecot \ + && groupadd -g 402 dovenull \ + && groupadd -g 999 sogo \ + && usermod -a -G sogo nobody \ + && useradd -g vmail -u 5000 vmail -d /var/vmail \ + && useradd -c "Dovecot unprivileged user" -d /dev/null -u 401 -g dovecot -s /bin/false dovecot \ + && useradd -c "Dovecot login user" -d /dev/null -u 402 -g dovenull -s /bin/false dovenull \ + && apt update && apt install lua-socket \ + mariadb-client \ + libstemmer-dev \ + libexttextcat-dev \ + libicu-dev \ + libsqlite3-dev \ + liblua5.3-dev \ + lua-sql-mysql \ + libldap-dev \ + libssl-dev \ + procps \ + python3-pip \ + redis-server \ + supervisor \ + syslog-ng \ + syslog-ng-core \ + syslog-ng-mod-redis \ + cpanminus \ + curl \ + libauthen-ntlm-perl \ + libcgi-pm-perl \ + libcrypt-openssl-rsa-perl \ + libcrypt-ssleay-perl \ + libdata-uniqid-perl \ + libdbd-mysql-perl \ + libdbi-perl \ + libdigest-hmac-perl \ + libdist-checkconflicts-perl \ + libencode-imaputf7-perl \ + libfile-copy-recursive-perl \ + libfile-tail-perl \ + libhtml-parser-perl \ + libio-compress-perl \ + libio-socket-inet6-perl \ + libio-socket-ssl-perl \ + libio-tee-perl \ + libipc-run-perl \ + libjson-webtoken-perl \ + liblockfile-simple-perl \ + libmail-imapclient-perl \ + libmodule-implementation-perl \ + libmodule-scandeps-perl \ + libnet-ssleay-perl \ + libpackage-stash-perl \ + libpackage-stash-xs-perl \ + libpar-packer-perl \ + libparse-recdescent-perl \ + libproc-processtable-perl \ + libreadonly-perl \ + libregexp-common-perl \ + libsys-meminfo-perl \ + libterm-readkey-perl \ + libtest-deep-perl \ + libtest-fatal-perl \ + libtest-mock-guard-perl \ + libtest-mockobject-perl \ + libtest-nowarnings-perl \ + libtest-pod-perl \ + libtest-requires-perl \ + libtest-simple-perl \ + libtest-warn-perl \ + libtry-tiny-perl \ + libunicode-string-perl \ + liburi-perl \ + libwww-perl \ + dnsutils \ + build-essential \ + gettext-base -y --no-install-recommends \ + && pip3 install mysql-connector-python html2text jinja2 redis +# imapsync dependencies +RUN cpan Crypt::OpenSSL::PKCS12 +COPY --from=build /usr/lib/dovecot /usr/lib/dovecot +COPY --from=build /usr/bin/doveconf /usr/bin/doveconf +COPY --from=build /usr/bin/doveadm /usr/bin/doveadm +COPY --from=build /usr/bin/dovecot-sysreport /usr/bin/dovecot-sysreport +COPY --from=build /usr/sbin/dovecot /usr/sbin/dovecot +COPY --from=build /usr/libexec/dovecot/ /usr/libexec/dovecot/ +COPY --from=build /usr/local/bin /usr/local/bin COPY trim_logs.sh /usr/local/bin/trim_logs.sh COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf diff --git a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf index ab7f3aa6..ea2bcfbf 100644 --- a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf +++ b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf @@ -1,4 +1,4 @@ -@version: 3.38 +@version: 3.28 @include "scl.conf" options { chain_hostnames(off); diff --git a/data/Dockerfiles/dovecot/syslog-ng.conf b/data/Dockerfiles/dovecot/syslog-ng.conf index 59d4f513..2ee4f624 100644 --- a/data/Dockerfiles/dovecot/syslog-ng.conf +++ b/data/Dockerfiles/dovecot/syslog-ng.conf @@ -1,4 +1,4 @@ -@version: 3.38 +@version: 3.28 @include "scl.conf" options { chain_hostnames(off); diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf index 159e39f4..8a8728db 100644 --- a/data/conf/dovecot/dovecot.conf +++ b/data/conf/dovecot/dovecot.conf @@ -241,8 +241,8 @@ plugin { mail_crypt_global_public_key =