From a57bcd1b3502948118687eec9d42e331b450a432 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Fri, 22 Sep 2017 13:14:50 +0200 Subject: [PATCH] use gitlab docker registry --- .gitlab-ci.yml | 10 +++++++++ Dockerfile | 21 ++++--------------- README.md | 13 +++--------- i_zero.patch | 12 ----------- rootfs/bin/restart-services | 3 +++ rootfs/etc/confd/templates/10-auth.conf.tmpl | 1 + rootfs/etc/confd/templates/10-ssl.conf.tmpl | 4 ++-- .../templates/dovecot-ldap.conf.ext.tmpl | 2 +- rootfs/var/spool/incron/root | 1 + 9 files changed, 25 insertions(+), 42 deletions(-) create mode 100644 .gitlab-ci.yml delete mode 100644 i_zero.patch create mode 100755 rootfs/bin/restart-services create mode 100644 rootfs/var/spool/incron/root diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..dfde774 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,10 @@ +build: + image: docker:latest + services: + - docker:dind + stage: build + script: + - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY + - docker build --pull --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA . + - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME + - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA diff --git a/Dockerfile b/Dockerfile index d8bab6c..755b5f1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,21 +1,8 @@ -FROM quay.io/thallian/confd-env:latest +FROM registry.gitlab.com/thallian/docker-confd-env:master -RUN apk add --no-cache dovecot dovecot-ldap libressl ssmtp g++ openldap-dev dovecot-dev make tar - -ADD i_zero.patch /usr/include/dovecot/i_zero.patch -WORKDIR /usr/include/dovecot -RUN patch -p1 < i_zero.patch -RUN rm /usr/include/dovecot/i_zero.patch - -RUN mkdir /tmp/pigeonhole -RUN wget -qO- https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.18.tar.gz | tar -xz -C /tmp/pigeonhole --strip 1 -WORKDIR /tmp/pigeonhole -RUN ./configure --with-ldap=yes --with-dovecot=/usr/lib/dovecot -RUN make && make install -RUN rm -r /tmp/pigeonhole -WORKDIR / - -RUN apk del g++ openldap-dev dovecot-dev make tar +RUN apk add --no-cache dovecot dovecot-ldap libressl ssmtp +RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/main \ + dovecot-pigeonhole-plugin-ldap RUN addgroup -g 1111 vmail RUN adduser -u 1111 -h /var/lib/vmail -D -G vmail vmail diff --git a/README.md b/README.md index 111fc3f..d99c1d5 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ Base DN to look for users on the ldap host. Search scope of ldap queries. ## LDAP_PASS_FILTER -Specifies the filter on how user is found on the ldap host. +Specifies the filter on how user is found on the ldap host. [Dovecot variables](http://wiki2.dovecot.org/Variables) can be used. ## LDAP_USER_ATTRIBUTE @@ -88,15 +88,8 @@ List of characters allowed in a username. Space seperated list of supported [authentication mechanisms](http://wiki2.dovecot.org/Authentication/Mechanisms). -## CERT_NAME -- default: fullchain.pem - -Name of the certificate file. - -## KEY_NAME -- default: privkey.pem - -Name of the key file. +## CERT_DOMAIN +Name of the certificate domain. ## SSL_DH_LENGTH - default: 2048 diff --git a/i_zero.patch b/i_zero.patch deleted file mode 100644 index ecef32e..0000000 --- a/i_zero.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/macros.h b/macros.h -index 566c176..ebbf480 100644 ---- a/macros.h -+++ b/macros.h -@@ -240,4 +240,7 @@ - # define STATIC_ARRAY - #endif - -+#define i_zero(p) memset(p, 0, sizeof(*(p))) -+#define i_zero_safe(p) safe_memset(p, 0, sizeof(*(p))) -+ - #endif diff --git a/rootfs/bin/restart-services b/rootfs/bin/restart-services new file mode 100755 index 0000000..bb0b976 --- /dev/null +++ b/rootfs/bin/restart-services @@ -0,0 +1,3 @@ +#!/usr/bin/with-contenv sh + +s6-svc -t /var/run/s6/services/dovecot diff --git a/rootfs/etc/confd/templates/10-auth.conf.tmpl b/rootfs/etc/confd/templates/10-auth.conf.tmpl index 5b59c14..e40f07c 100644 --- a/rootfs/etc/confd/templates/10-auth.conf.tmpl +++ b/rootfs/etc/confd/templates/10-auth.conf.tmpl @@ -1,3 +1,4 @@ auth_username_chars = {{getenv "ALLOWED_USERNAME_CHARS" "äöüabcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@"}} +auth_username_format = %Lu auth_mechanisms = {{getenv "AUTH_MECHANISMS" "plain login"}} !include auth-ldap.conf.ext diff --git a/rootfs/etc/confd/templates/10-ssl.conf.tmpl b/rootfs/etc/confd/templates/10-ssl.conf.tmpl index bb9f0a4..3d11a67 100644 --- a/rootfs/etc/confd/templates/10-ssl.conf.tmpl +++ b/rootfs/etc/confd/templates/10-ssl.conf.tmpl @@ -1,6 +1,6 @@ ssl = yes -ssl_cert =