use gitlab docker registry
This commit is contained in:
parent
7d24cae345
commit
a57bcd1b35
10
.gitlab-ci.yml
Normal file
10
.gitlab-ci.yml
Normal file
@ -0,0 +1,10 @@
|
||||
build:
|
||||
image: docker:latest
|
||||
services:
|
||||
- docker:dind
|
||||
stage: build
|
||||
script:
|
||||
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
|
||||
- docker build --pull --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .
|
||||
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
|
||||
- docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
|
21
Dockerfile
21
Dockerfile
@ -1,21 +1,8 @@
|
||||
FROM quay.io/thallian/confd-env:latest
|
||||
FROM registry.gitlab.com/thallian/docker-confd-env:master
|
||||
|
||||
RUN apk add --no-cache dovecot dovecot-ldap libressl ssmtp g++ openldap-dev dovecot-dev make tar
|
||||
|
||||
ADD i_zero.patch /usr/include/dovecot/i_zero.patch
|
||||
WORKDIR /usr/include/dovecot
|
||||
RUN patch -p1 < i_zero.patch
|
||||
RUN rm /usr/include/dovecot/i_zero.patch
|
||||
|
||||
RUN mkdir /tmp/pigeonhole
|
||||
RUN wget -qO- https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.18.tar.gz | tar -xz -C /tmp/pigeonhole --strip 1
|
||||
WORKDIR /tmp/pigeonhole
|
||||
RUN ./configure --with-ldap=yes --with-dovecot=/usr/lib/dovecot
|
||||
RUN make && make install
|
||||
RUN rm -r /tmp/pigeonhole
|
||||
WORKDIR /
|
||||
|
||||
RUN apk del g++ openldap-dev dovecot-dev make tar
|
||||
RUN apk add --no-cache dovecot dovecot-ldap libressl ssmtp
|
||||
RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/main \
|
||||
dovecot-pigeonhole-plugin-ldap
|
||||
|
||||
RUN addgroup -g 1111 vmail
|
||||
RUN adduser -u 1111 -h /var/lib/vmail -D -G vmail vmail
|
||||
|
13
README.md
13
README.md
@ -50,7 +50,7 @@ Base DN to look for users on the ldap host.
|
||||
Search scope of ldap queries.
|
||||
|
||||
## LDAP_PASS_FILTER
|
||||
Specifies the filter on how user is found on the ldap host.
|
||||
Specifies the filter on how user is found on the ldap host.
|
||||
[Dovecot variables](http://wiki2.dovecot.org/Variables) can be used.
|
||||
|
||||
## LDAP_USER_ATTRIBUTE
|
||||
@ -88,15 +88,8 @@ List of characters allowed in a username.
|
||||
|
||||
Space seperated list of supported [authentication mechanisms](http://wiki2.dovecot.org/Authentication/Mechanisms).
|
||||
|
||||
## CERT_NAME
|
||||
- default: fullchain.pem
|
||||
|
||||
Name of the certificate file.
|
||||
|
||||
## KEY_NAME
|
||||
- default: privkey.pem
|
||||
|
||||
Name of the key file.
|
||||
## CERT_DOMAIN
|
||||
Name of the certificate domain.
|
||||
|
||||
## SSL_DH_LENGTH
|
||||
- default: 2048
|
||||
|
12
i_zero.patch
12
i_zero.patch
@ -1,12 +0,0 @@
|
||||
diff --git a/macros.h b/macros.h
|
||||
index 566c176..ebbf480 100644
|
||||
--- a/macros.h
|
||||
+++ b/macros.h
|
||||
@@ -240,4 +240,7 @@
|
||||
# define STATIC_ARRAY
|
||||
#endif
|
||||
|
||||
+#define i_zero(p) memset(p, 0, sizeof(*(p)))
|
||||
+#define i_zero_safe(p) safe_memset(p, 0, sizeof(*(p)))
|
||||
+
|
||||
#endif
|
3
rootfs/bin/restart-services
Executable file
3
rootfs/bin/restart-services
Executable file
@ -0,0 +1,3 @@
|
||||
#!/usr/bin/with-contenv sh
|
||||
|
||||
s6-svc -t /var/run/s6/services/dovecot
|
@ -1,3 +1,4 @@
|
||||
auth_username_chars = {{getenv "ALLOWED_USERNAME_CHARS" "äöüabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@"}}
|
||||
auth_username_format = %Lu
|
||||
auth_mechanisms = {{getenv "AUTH_MECHANISMS" "plain login"}}
|
||||
!include auth-ldap.conf.ext
|
||||
|
@ -1,6 +1,6 @@
|
||||
ssl = yes
|
||||
ssl_cert = </etc/ssl/mail/{{ getenv "CERT_NAME" "fullchain.pem"}}
|
||||
ssl_key = </etc/ssl/mail/{{ getenv "KEY_NAME" "privkey.pem"}}
|
||||
ssl_cert = </etc/ssl/mail/{{ getenv "CERT_DOMAIN"}}.crt
|
||||
ssl_key = </etc/ssl/mail/{{ getenv "CERT_DOMAIN"}}.key
|
||||
ssl_dh_parameters_length = {{getenv "SSL_DH_LENGTH" "2048"}}
|
||||
ssl_protocols = {{getenv "SSL_PROTOCOLS" "!SSLv2 !SSLv3"}}
|
||||
ssl_cipher_list = {{getenv "SSL_CIPHERLIST" "ALL:!ADH:!LOW:!SSLv2:!EXP:!aNULL:!RC4:+HIGH:+MEDIUM"}}
|
||||
|
@ -7,4 +7,4 @@ base = {{getenv "LDAP_BASE_DN"}}
|
||||
scope = {{getenv "LDAP_SCOPE" "subtree"}}
|
||||
pass_attrs = {{getenv "LDAP_USER_ATTRIBUTE" "cn"}}=user,{{getenv "LDAP_PASSWORD_ATTRIBUTE" "userPassword"}}=password
|
||||
pass_filter = {{getenv "LDAP_PASS_FILTER"}}
|
||||
default_pass_scheme = {{getenv "LDAP_DEFAULT_PASSSCHEME" "SSHA"}}
|
||||
default_pass_scheme = {{getenv "LDAP_DEFAULT_PASSSCHEME" "PBKDF2"}}
|
||||
|
1
rootfs/var/spool/incron/root
Normal file
1
rootfs/var/spool/incron/root
Normal file
@ -0,0 +1 @@
|
||||
/etc/ssl/mail IN_ATTRIB /bin/restart-services
|
Loading…
Reference in New Issue
Block a user