7x31
/
mailcow-dockerized
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rebased Dovecot on Alpine + fixed logging

This commit is contained in:
DerLinkman 2023-08-03 09:29:23 +00:00
parent 384307b35c
commit ed491fbf10
4 changed files with 134 additions and 213 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

323
data/Dockerfiles/dovecot/Dockerfile
View File

@ -1,211 +1,128 @@
FROM debian:bullseye-slim as build FROM alpine:3.18
LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
ARG DEBIAN_FRONTEND=noninteractive
ARG DOVECOT_VERSION=2.3.20
ARG PIGEONHOLE_VERSION=0.5.20
ENV LC_ALL C
# Add groups and users before installing Dovecot to not break compatibility
RUN touch /etc/default/locale \
&& apt-get update \
&& apt-get -y --no-install-recommends install \
apt-transport-https \
ca-certificates \
curl \
dirmngr \
gettext \
gnupg2 \
jq \
libauthen-ntlm-perl \
libcgi-pm-perl \
libcrypt-openssl-rsa-perl \
libcrypt-ssleay-perl \
libdata-uniqid-perl \
libdbd-mysql-perl \
libdbi-perl \
libdigest-hmac-perl \
libdist-checkconflicts-perl \
libencode-imaputf7-perl \
libfile-copy-recursive-perl \
libfile-tail-perl \
libhtml-parser-perl \
libio-compress-perl \
libio-socket-inet6-perl \
libio-socket-ssl-perl \
libio-tee-perl \
libipc-run-perl \
libjson-webtoken-perl \
liblockfile-simple-perl \
libmail-imapclient-perl \
libmodule-implementation-perl \
libmodule-scandeps-perl \
libnet-ssleay-perl \
libpackage-stash-perl \
libpackage-stash-xs-perl \
libpar-packer-perl \
libparse-recdescent-perl \
libproc-processtable-perl \
libreadonly-perl \
libregexp-common-perl \
libsys-meminfo-perl \
libterm-readkey-perl \
libtest-deep-perl \
libtest-fatal-perl \
libtest-mock-guard-perl \
libtest-mockobject-perl \
libtest-nowarnings-perl \
libtest-pod-perl \
libtest-requires-perl \
libtest-simple-perl \
libtest-warn-perl \
libtry-tiny-perl \
libunicode-string-perl \
liburi-perl \
libwww-perl \
libstemmer-dev \
libexttextcat-dev \
libldap-dev \
libghc-bzlib-dev \
lua-sql-mysql \
liblz4-dev \
libzstd-dev \
libexpat-dev \
lua-socket \
mariadb-client \
procps \
wget \
git \
bison \
flex \
build-essential \
autoconf \
automake \
libtool \
make \
default-libmysqlclient-dev \
libicu-dev \
zlib1g-dev \
pkg-config \
libsqlite3-dev \
liblua5.3-dev
RUN cd /tmp && wget https://github.com/dovecot/core/archive/refs/tags/${DOVECOT_VERSION}.tar.gz && tar -xzf ${DOVECOT_VERSION}.tar.gz && cd core-${DOVECOT_VERSION} \
&& ./autogen.sh \
&& PANDOC=false ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --with-ssldir=/etc/ssl --enable-maintainer-mode --with-sql=yes --with-lua=yes --with-mysql --with-ldap --with-solr --with-zstd --with-lz4 --with-ssl=openssl --with-notify=inotify --with-bzlib --with-zlib --enable-hardening --with-stemmer --with-textcat --with-icu \
&& make -j6 \
&& make install \
&& make clean
RUN cd /tmp && wget https://github.com/dovecot/pigeonhole/archive/refs/tags/${PIGEONHOLE_VERSION}.tar.gz && tar -xzf ${PIGEONHOLE_VERSION}.tar.gz && cd pigeonhole-${PIGEONHOLE_VERSION} \
&& ./autogen.sh \
&& ./configure --with-dovecot=/usr/lib/dovecot --with-managesieve\
&& make -j6 \
&& make install \
&& make clean
FROM debian:bullseye-slim
LABEL maintainer "The Infrastructure Company <info@servercow.de>"
ARG GOSU_VERSION=1.16 ARG GOSU_VERSION=1.16
RUN groupadd -g 5000 vmail \ ENV LANG C.UTF-8
&& groupadd -g 401 dovecot \ ENV LC_ALL C.UTF-8
&& groupadd -g 402 dovenull \
&& groupadd -g 999 sogo \ # Add groups and users before installing Dovecot to not break compatibility
&& usermod -a -G sogo nobody \ RUN addgroup -g 5000 vmail \
&& useradd -g vmail -u 5000 vmail -d /var/vmail \ && addgroup -g 401 dovecot \
&& useradd -c "Dovecot unprivileged user" -d /dev/null -u 401 -g dovecot -s /bin/false dovecot \ && addgroup -g 402 dovenull \
&& useradd -c "Dovecot login user" -d /dev/null -u 402 -g dovenull -s /bin/false dovenull \ && sed -i "s/999/99/" /etc/group \
&& apt update && apt install lua-socket \ && addgroup -g 999 sogo \
mariadb-client \ && addgroup nobody sogo \
libstemmer-dev \ && adduser -D -u 5000 -G vmail -h /var/vmail vmail \
libexttextcat-dev \ && adduser -D -G dovecot -u 401 -h /dev/null -s /sbin/nologin dovecot \
libicu-dev \ && adduser -D -G dovenull -u 402 -h /dev/null -s /sbin/nologin dovenull \
libsqlite3-dev \ && apk add --no-cache --update \
liblua5.3-dev \ build-base \
lua-sql-mysql \ bash \
libldap-dev \ bind-tools \
libssl-dev \ ca-certificates \
wget \
procps \
python3-pip \
redis-server \
supervisor \
syslog-ng \
syslog-ng-core \
syslog-ng-mod-redis \
cpanminus \
curl \ curl \
libauthen-ntlm-perl \ cyrus-sasl-dev \
libcgi-pm-perl \ gcc \
libcrypt-openssl-rsa-perl \ gettext-dev \
libcrypt-ssleay-perl \ gnupg \
libdata-uniqid-perl \ gnupg-dirmngr \
libdbd-mysql-perl \ jq \
libdbi-perl \ libintl \
libdigest-hmac-perl \ libssl1.1 \
libdist-checkconflicts-perl \ libstdc++ \
libencode-imaputf7-perl \ libxml2-dev \
libfile-copy-recursive-perl \ lua \
libfile-tail-perl \ lua-cjson \
libhtml-parser-perl \ lua-socket \
libio-compress-perl \ lua-sql-mysql \
libio-socket-inet6-perl \ lua5.3-sql-mysql \
libio-socket-ssl-perl \ make \
libio-tee-perl \ mariadb-connector-c \
libipc-run-perl \ mariadb-dev \
libjson-webtoken-perl \ glib-dev \
liblockfile-simple-perl \ gcompat \
libmail-imapclient-perl \ mariadb-client \
libmodule-implementation-perl \ # libressl-dev \
libmodule-scandeps-perl \ openssl-dev \
libnet-ssleay-perl \ pcre-dev \
libpackage-stash-perl \ perl \
libpackage-stash-xs-perl \ perl-dev \
libpar-packer-perl \ perl-ntlm \
libparse-recdescent-perl \ perl-cgi \
libproc-processtable-perl \ perl-crypt-openssl-rsa \
libreadonly-perl \ perl-utils \
libregexp-common-perl \ perl-crypt-ssleay \
libsys-meminfo-perl \ perl-data-uniqid \
libterm-readkey-perl \ perl-dbd-mysql \
libtest-deep-perl \ perl-dbi \
libtest-fatal-perl \ perl-digest-hmac \
libtest-mock-guard-perl \ perl-dist-checkconflicts \
libtest-mockobject-perl \ perl-encode-imaputf7 \
libtest-nowarnings-perl \ perl-file-copy-recursive \
libtest-pod-perl \ perl-file-tail \
libtest-requires-perl \ perl-io-socket-inet6 \
libtest-simple-perl \ perl-io-gzip \
libtest-warn-perl \ perl-io-socket-ssl \
libtry-tiny-perl \ perl-io-tee \
libunicode-string-perl \ perl-ipc-run \
liburi-perl \ perl-json-webtoken \
libwww-perl \ perl-mail-imapclient \
dnsutils \ perl-module-implementation \
build-essential \ perl-module-scandeps \
gettext-base -y --no-install-recommends \ perl-net-ssleay \
&& dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \ perl-package-stash \
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \ perl-package-stash-xs \
perl-par-packer \
perl-parse-recdescent \
libproc \
perl-readonly \
perl-regexp-common \
perl-sys-meminfo \
perl-term-readkey \
perl-test-deep \
perl-test-fatal \
perl-test-mockobject \
perl-test-mock-guard \
perl-test-pod \
perl-test-requires \
perl-test-simple \
perl-test-warn \
perl-try-tiny \
perl-unicode-string \
perl-proc-processtable \
perl-app-cpanminus \
procps \
python3 \
python3-dev \
py3-pip \
redis \
syslog-ng \
syslog-ng-redis \
syslog-ng-json \
supervisor \
tzdata \
wget \
dovecot \
dovecot-dev \
dovecot-lmtpd \
dovecot-lua \
dovecot-ldap \
dovecot-mysql \
dovecot-sql \
dovecot-submissiond \
dovecot-pigeonhole-plugin \
dovecot-pop3d \
dovecot-fts-solr \
&& arch=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) \
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch" \
&& chmod +x /usr/local/bin/gosu \ && chmod +x /usr/local/bin/gosu \
&& gosu nobody true \ && gosu nobody true
&& pip3 install mysql-connector-python html2text jinja2 redis \
&& apt-get autoremove --purge -y \ RUN cpan LockFile::Simple
&& apt-get autoclean
# imapsync dependencies RUN pip3 install mysql-connector-python html2text jinja2 redis
RUN cpan Crypt::OpenSSL::PKCS12
RUN rm -rf /var/lib/apt/lists/* \
&& rm -rf /tmp/* /var/tmp/* /root/.cache/
COPY --from=build /usr/lib/dovecot /usr/lib/dovecot
COPY --from=build /usr/bin/doveconf /usr/bin/doveconf
COPY --from=build /usr/bin/doveadm /usr/bin/doveadm
COPY --from=build /usr/bin/dovecot-sysreport /usr/bin/dovecot-sysreport
COPY --from=build /usr/sbin/dovecot /usr/sbin/dovecot
COPY --from=build /usr/libexec/dovecot/ /usr/libexec/dovecot/
COPY --from=build /usr/local/bin/sieve-dump /usr/local/bin/sieve-dump
COPY --from=build /usr/local/bin/sieve-filter /usr/local/bin/sieve-filter
COPY --from=build /usr/local/bin/sieve-test /usr/local/bin/sieve-test
COPY --from=build /usr/local/bin/sievec /usr/local/bin/sievec
COPY trim_logs.sh /usr/local/bin/trim_logs.sh COPY trim_logs.sh /usr/local/bin/trim_logs.sh
COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh
COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf

4
data/Dockerfiles/dovecot/supervisord.conf
View File

@ -13,6 +13,10 @@ autostart=true
[program:dovecot] [program:dovecot]
command=/usr/sbin/dovecot -F command=/usr/sbin/dovecot -F
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autorestart=true autorestart=true
[eventlistener:processes] [eventlistener:processes]

10
data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
View File

@ -1,4 +1,4 @@
@version: 3.28 @version: 4.1
@include "scl.conf" @include "scl.conf"
options { options {
chain_hostnames(off); chain_hostnames(off);
@ -6,11 +6,11 @@ options {
use_dns(no); use_dns(no);
use_fqdn(no); use_fqdn(no);
owner("root"); group("adm"); perm(0640); owner("root"); group("adm"); perm(0640);
stats_freq(0); stats(freq(0));
bad_hostname("^gconfd$"); bad_hostname("^gconfd$");
}; };
source s_src { source s_dgram {
unix-stream("/dev/log"); unix-dgram("/dev/log");
internal(); internal();
}; };
destination d_stdout { pipe("/dev/stdout"); }; destination d_stdout { pipe("/dev/stdout"); };
@ -36,7 +36,7 @@ filter f_replica {
not match("Error: sync: Unknown user in remote" value("MESSAGE")); not match("Error: sync: Unknown user in remote" value("MESSAGE"));
}; };
log { log {
source(s_src); source(s_dgram);
filter(f_replica); filter(f_replica);
destination(d_stdout); destination(d_stdout);
filter(f_mail); filter(f_mail);

10
data/Dockerfiles/dovecot/syslog-ng.conf
View File

@ -1,4 +1,4 @@
@version: 3.28 @version: 4.1
@include "scl.conf" @include "scl.conf"
options { options {
chain_hostnames(off); chain_hostnames(off);
@ -6,11 +6,11 @@ options {
use_dns(no); use_dns(no);
use_fqdn(no); use_fqdn(no);
owner("root"); group("adm"); perm(0640); owner("root"); group("adm"); perm(0640);
stats_freq(0); stats(freq(0));
bad_hostname("^gconfd$"); bad_hostname("^gconfd$");
}; };
source s_src { source s_dgram {
unix-stream("/dev/log"); unix-dgram("/dev/log");
internal(); internal();
}; };
destination d_stdout { pipe("/dev/stdout"); }; destination d_stdout { pipe("/dev/stdout"); };
@ -36,7 +36,7 @@ filter f_replica {
not match("Error: sync: Unknown user in remote" value("MESSAGE")); not match("Error: sync: Unknown user in remote" value("MESSAGE"));
}; };
log { log {
source(s_src); source(s_dgram);
filter(f_replica); filter(f_replica);
destination(d_stdout); destination(d_stdout);
filter(f_mail); filter(f_mail);