Multi Build Dovecot Building + Config Optimizations

2022-07-18 18:35:22 +02:00 · 2022-07-18 18:35:22 +02:00 · df3de09050
parent 86079429b3
commit df3de09050
5 changed files with 95 additions and 31 deletions
--- a/.gitignore
+++ b/.gitignore
@ -13,6 +13,7 @@ data/conf/dovecot/acl_anyone
 data/conf/dovecot/dovecot-master.passwd
 data/conf/dovecot/dovecot-master.userdb
 data/conf/dovecot/extra.conf
 data/conf/dovecot/dovecot-fts-flatcurve.conf
 data/conf/dovecot/global_sieve_*
 data/conf/dovecot/last_login
 data/conf/dovecot/lua
--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@ -1,22 +1,14 @@
-FROM debian:bullseye-slim
+FROM debian:bullseye-slim as build
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
 ARG DEBIAN_FRONTEND=noninteractive
 ARG DOVECOT=2.3.18
-ARG XAPIAN=1.4.19
+ARG XAPIAN=1.4.20
 ENV LC_ALL C
 ENV GOSU_VERSION 1.14
 # Add groups and users before installing Dovecot to not break compatibility
-RUN groupadd -g 5000 vmail \
+RUN touch /etc/default/locale \
  && groupadd -g 401 dovecot \
  && groupadd -g 402 dovenull \
  && groupadd -g 999 sogo \
  && usermod -a -G sogo nobody \
  && useradd -g vmail -u 5000 vmail -d /var/vmail \
  && useradd -c "Dovecot unprivileged user" -d /dev/null -u 401 -g dovecot -s /bin/false dovecot \
  && useradd -c "Dovecot login user" -d /dev/null -u 402 -g dovenull -s /bin/false dovenull \
  && touch /etc/default/locale \
  && apt-get update \
  && apt-get -y --no-install-recommends install \
  apt-transport-https \
@ -125,14 +117,13 @@ RUN groupadd -g 5000 vmail \
 #  dovecot-imapd \
 #  dovecot-dev
-RUN cd /tmp && git clone --depth 1 --branch release-2.3 https://github.com/dovecot/core.git dovecot/core && cd dovecot/core \
+RUN cd /tmp && git clone --depth 1 --branch release-2.3.19 https://github.com/dovecot/core.git dovecot/core && cd dovecot/core \
  && ./autogen.sh \
-  && PANDOC=false ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --with-ssldir=/etc/ssl --enable-maintainer-mode --with-sql=yes --with-lua=yes --with-mysql --with-ldap=yes --with-zstd --with-lz4 --with-ssl=openssl --with-notify=inotify --with-bzlib --with-zlib --enable-hardening --with-stemmer --with-textcat --with-icu \
+  && PANDOC=false ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --with-ssldir=/etc/ssl --enable-maintainer-mode --with-sql=yes --with-lua=yes --with-mysql --with-ldap --with-zstd --with-lz4 --with-ssl=openssl --with-notify=inotify --with-bzlib --with-zlib --enable-hardening --with-stemmer --with-textcat --with-icu \
  && make -j6 \
  && make install \
  && make clean
 RUN cd /tmp && git clone --depth 1 --branch release-0.5 https://github.com/dovecot/pigeonhole dovecot/pigeonhole && cd dovecot/pigeonhole \
  && ./autogen.sh \
  && ./configure --with-dovecot=/usr/lib/dovecot --with-managesieve\ 
@ -141,7 +132,7 @@ RUN cd /tmp && git clone --depth 1 --branch release-0.5 https://github.com/dovec
  && make clean
 RUN  cd /tmp && wget https://oligarchy.co.uk/xapian/${XAPIAN}/xapian-core-${XAPIAN}.tar.xz && tar xf xapian-core-${XAPIAN}.tar.xz && cd xapian-core-${XAPIAN} \
-  && ./configure --prefix=/opt \
+  && ./configure --prefix=/usr/local/xapian \
  && make -j6 \
  && make install \
  && make clean
@ -153,21 +144,90 @@ RUN cd /tmp && git clone https://github.com/slusarz/dovecot-fts-flatcurve.git do
  && make install \
  && make clean
-RUN pip3 install mysql-connector-python html2text jinja2 redis \
+FROM debian:bullseye-slim
-  && apt-get autoremove --purge -y \
+RUN groupadd -g 5000 vmail \
-  && apt-get purge -y \   
+  && groupadd -g 401 dovecot \
-     make \
+  && groupadd -g 402 dovenull \
-     libxapian-dev \
+  && groupadd -g 999 sogo \
-     libicu-dev \
+  && usermod -a -G sogo nobody \
-     zlib1g-dev \
+  && useradd -g vmail -u 5000 vmail -d /var/vmail \
-     pkg-config \
+  && useradd -c "Dovecot unprivileged user" -d /dev/null -u 401 -g dovecot -s /bin/false dovecot \
-     build-essential \
+  && useradd -c "Dovecot login user" -d /dev/null -u 402 -g dovenull -s /bin/false dovenull \
-     libsqlite3-dev \
+  && apt update && apt install lua-socket \
-  && apt-get autoclean \
+  mariadb-client \
-  && rm -rf /var/lib/apt/lists/*
+  libstemmer-dev \
-  
+  libexttextcat-dev \
-RUN rm -rf /tmp/* /var/tmp/* /root/.cache/ 
+  libicu-dev \
-
+  libxapian-dev \
  libsqlite3-dev \
  liblua5.3-dev \
  lua-sql-mysql \
  libldap-dev \
  procps \
  python3-pip \
  redis-server \
  supervisor \
  syslog-ng \
  syslog-ng-core \
  syslog-ng-mod-redis \
  cpanminus \
  curl \
  libauthen-ntlm-perl \
  libcgi-pm-perl \
  libcrypt-openssl-rsa-perl \
  libcrypt-ssleay-perl \
  libdata-uniqid-perl \
  libdbd-mysql-perl \
  libdbi-perl \
  libdigest-hmac-perl \
  libdist-checkconflicts-perl \
  libencode-imaputf7-perl \
  libfile-copy-recursive-perl \
  libfile-tail-perl \
  libhtml-parser-perl \
  libio-compress-perl \
  libio-socket-inet6-perl \
  libio-socket-ssl-perl \
  libio-tee-perl \
  libipc-run-perl \
  libjson-webtoken-perl \
  liblockfile-simple-perl \
  libmail-imapclient-perl \
  libmodule-implementation-perl \
  libmodule-scandeps-perl \
  libnet-ssleay-perl \
  libpackage-stash-perl \
  libpackage-stash-xs-perl \
  libpar-packer-perl \
  libparse-recdescent-perl \
  libproc-processtable-perl \
  libreadonly-perl \
  libregexp-common-perl \
  libsys-meminfo-perl \
  libterm-readkey-perl \
  libtest-deep-perl \
  libtest-fatal-perl \
  libtest-mock-guard-perl \
  libtest-mockobject-perl \
  libtest-nowarnings-perl \
  libtest-pod-perl \
  libtest-requires-perl \
  libtest-simple-perl \
  libtest-warn-perl \
  libtry-tiny-perl \
  libunicode-string-perl \
  liburi-perl \
  libwww-perl \
  dnsutils -y --no-install-recommends \
  && pip3 install mysql-connector-python html2text jinja2 redis
 COPY --from=build /usr/lib/dovecot /usr/lib/dovecot
 COPY --from=build /usr/bin/doveconf /usr/bin/doveconf
 COPY --from=build /usr/bin/doveadm /usr/bin/doveadm
 COPY --from=build /usr/bin/dovecot-sysreport /usr/bin/dovecot-sysreport
 COPY --from=build /usr/sbin/dovecot /usr/sbin/dovecot
 COPY --from=build /usr/libexec/dovecot/ /usr/libexec/dovecot/
 COPY --from=build /usr/local/bin /usr/local/bin
 COPY --from=build /usr/local/xapian/ /usr/local/xapian
 COPY trim_logs.sh /usr/local/bin/trim_logs.sh
 COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh
 COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
--- a/data/Dockerfiles/dovecot/docker-entrypoint.sh
+++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh
@ -120,7 +120,7 @@ echo -n 'quota sieve acl zlib mail_crypt mail_crypt_acl fts fts_flatcurve notify
 fi
 chmod 644 /etc/dovecot/mail_plugins /etc/dovecot/mail_plugins_imap /etc/dovecot/mail_plugins_lmtp /templates/quarantine.tpl
-#sed -i 's/vsz_limit.*/vsz_limit = '${XAPIAN_HEAP}m/g /etc/dovecot/FTS-Xapian.conf
+sed -i 's/vsz_limit.*/vsz_limit = '${XAPIAN_HEAP}m/g /etc/dovecot/dovecot-fts-flatcurve.conf
 cat <<EOF > /etc/dovecot/sql/dovecot-dict-sql-userdb.conf
 # Autogenerated by mailcow
--- a/data/conf/dovecot/dovecot-fts-flatcurve.conf
+++ b/data/conf/dovecot/dovecot-fts-flatcurve.conf
@ -1,5 +1,6 @@
 plugin {
  fts = flatcurve
  fts_autoindex = yes
  fts_languages = en de  
--- a/data/conf/dovecot/dovecot.conf
+++ b/data/conf/dovecot/dovecot.conf
@ -11,6 +11,7 @@ auth_mechanisms = plain login
 #mail_debug = yes
 #auth_debug = yes
 log_path = syslog
 log_debug = category=fts-flatcurve
 disable_plaintext_auth = yes
 # Uncomment on NFS share
 #mmap_disable = yes
@ -239,6 +240,7 @@ plugin {
  mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  mail_log_fields = uid box msgid size
  mail_log_cached_only = yes
 }
 service quota-warning {
  executable = script /usr/local/bin/quota_notify.py