diff --git a/.gitea/workflows/container.yaml b/.gitea/workflows/container.yaml deleted file mode 100644 index e48b3fd..0000000 --- a/.gitea/workflows/container.yaml +++ /dev/null @@ -1,12 +0,0 @@ -name: Build Multiarch Container Image -on: [push] -jobs: - call-reusable-workflow: - uses: container/multiarch-build-workflow/.gitea/workflows/build.yaml@main - with: - repository: ${{ gitea.repository }} - ref_name: ${{ gitea.ref_name }} - sha: ${{ gitea.sha }} - registry_url: ${{ secrets.REGISTRY_URL }} - registry_user: ${{ secrets.REGISTRY_USER }} - registry_pw: ${{ secrets.REGISTRY_PW }} diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..c294e35 --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,11 @@ +pipeline: + publish-docker-image: + image: plugins/kaniko + settings: + repo: docker.io/thallian/dovecot + tags: latest,${CI_COMMIT_SHA:0:8},${CI_COMMIT_TAG=pre} + dockerfile: Dockerfile + username: + from_secret: DOCKER_USER + password: + from_secret: DOCKER_PW \ No newline at end of file diff --git a/Containerfile b/Dockerfile similarity index 53% rename from Containerfile rename to Dockerfile index 8debbfd..607024f 100644 --- a/Containerfile +++ b/Dockerfile @@ -1,62 +1,62 @@ -FROM docker.io/alpine:3.19 as builder +FROM docker.io/alpine:3.16 as builder RUN apk --no-cache add \ - rpcgen \ - g++ \ - make \ - openssl \ - openssl-dev \ - lua5.1-dev \ - libsodium-dev \ - linux-pam-dev \ - zlib-dev \ - bzip2-dev \ - xz-dev \ - lz4-dev \ - icu-dev \ - inotify-tools-dev + rpcgen \ + g++ \ + make \ + openssl \ + openssl-dev \ + lua-dev \ + libsodium-dev \ + linux-pam-dev \ + zlib-dev \ + bzip2-dev \ + xz-dev \ + lz4-dev \ + icu-dev \ + inotify-tools-dev -ENV SHA256_SUM_DOVECOT=05b11093a71c237c2ef309ad587510721cc93bbee6828251549fc1586c36502d -ENV DOVECOT_FILENAME=dovecot-2.3.21.tar.gz +ENV SHA256_SUM_DOVECOT=db5abcd87d7309659ea6b45b2cb6ee9c5f97486b2b719a5dd05a759e1f6a5c51 +ENV DOVECOT_FILENAME=dovecot-2.3.19.1.tar.gz RUN wget https://www.dovecot.org/releases/2.3/$DOVECOT_FILENAME RUN echo "$SHA256_SUM_DOVECOT $DOVECOT_FILENAME" | sha256sum -c - || exit 1 RUN mkdir /tmp/dovecot RUN tar xzf $DOVECOT_FILENAME -C /tmp/dovecot --strip 1 -ENV SHA256_SUM_PIGEONHOLE=1ca71d2659076712058a72030288f150b2b076b0306453471c5261498d3ded27 -ENV PIGEONHOLE_FILENAME=dovecot-2.3-pigeonhole-0.5.21.tar.gz +ENV SHA256_SUM_PIGEONHOLE=637709a83fb1338c918e5398049f96b7aeb5ae00696794ed1e5a4d4c0ca3f688 +ENV PIGEONHOLE_FILENAME=dovecot-2.3-pigeonhole-0.5.19.tar.gz RUN wget https://pigeonhole.dovecot.org/releases/2.3/$PIGEONHOLE_FILENAME RUN echo "$SHA256_SUM_PIGEONHOLE $PIGEONHOLE_FILENAME" | sha256sum -c - || exit 1 RUN mkdir /tmp/pigeonhole RUN tar xzf $PIGEONHOLE_FILENAME -C /tmp/pigeonhole --strip 1 RUN cd /tmp/dovecot && \ - ./configure --prefix '' \ - --with-notify=inotify \ - --with-lua \ - --with-zlib \ - --with-bzlib \ - --with-pam \ - --with-ssl=openssl \ - --with-sodium \ - --without-sql \ - --with-lzma \ - --with-lz4 \ - --with-icu \ - --without-shadow \ - --with-ssldir=/etc/ssl/mail \ - --with-rundir=/run/dovecot \ - --disable-static && \ - make && \ - make install + ./configure --prefix '' \ + --with-notify=inotify \ + --with-lua \ + --with-zlib \ + --with-bzlib \ + --with-pam \ + --with-ssl=openssl \ + --with-sodium \ + --without-sql \ + --with-lzma \ + --with-lz4 \ + --with-icu \ + --without-shadow \ + --with-ssldir=/etc/ssl/mail \ + --with-rundir=/run/dovecot \ + --disable-static && \ + make && \ + make install RUN cd /tmp/pigeonhole && \ - ./configure --prefix '' \ - --with-dovecot=/lib/dovecot \ - --disable-static && \ - make && make install + ./configure --prefix '' \ + --with-dovecot=/lib/dovecot \ + --disable-static && \ + make && make install -FROM docker.io/thallian/confd-env:3.19-3.1.6.2 +FROM docker.io/thallian/confd-env:3.16 COPY --from=builder /lib/dovecot/ /lib/dovecot/ COPY --from=builder /libexec/dovecot/ /libexec/dovecot/ @@ -67,21 +67,20 @@ COPY --from=builder /sbin/dovecot /sbin/dovecot COPY --from=builder /bin/sieve* /bin/ RUN apk --no-cache add \ - libsodium \ - libbz2 \ - zlib \ - xz-libs \ - lz4-libs \ - lz4 \ - linux-pam \ - openssl \ - ssmtp \ - ca-certificates \ - lua5.1-libs \ - lua5.1-rapidjson \ - curl \ - inotify-tools \ - libssl3 + libsodium \ + libbz2 \ + zlib \ + xz-libs \ + lz4-libs \ + lz4 \ + linux-pam \ + openssl \ + ssmtp \ + ca-certificates \ + lua \ + lua-rapidjson \ + curl \ + inotify-tools RUN addgroup -g 150 dovecot RUN adduser -u 140 -h /dev/null -H -s /sbin/nologin -D -G dovecot dovecot diff --git a/rootfs/etc/confd/templates/10-master.conf.tmpl b/rootfs/etc/confd/templates/10-master.conf.tmpl index 928ebf7..399dfed 100644 --- a/rootfs/etc/confd/templates/10-master.conf.tmpl +++ b/rootfs/etc/confd/templates/10-master.conf.tmpl @@ -21,16 +21,3 @@ service auth { service auth-worker { } - -service anvil { - chroot = -} -service imap-login { - chroot = -} -service pop3-login { - chroot = -} -service ipc { - chroot = -} diff --git a/rootfs/etc/confd/templates/dovecot.conf.tmpl b/rootfs/etc/confd/templates/dovecot.conf.tmpl index 31ec7f9..f4ebb87 100644 --- a/rootfs/etc/confd/templates/dovecot.conf.tmpl +++ b/rootfs/etc/confd/templates/dovecot.conf.tmpl @@ -1,4 +1,4 @@ protocols = imap lmtp sieve -listen = *, :: +listen = * !include conf.d/*.conf !include_try local.conf diff --git a/rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl b/rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl index cc97b81..0587b78 100644 --- a/rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl +++ b/rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl @@ -36,7 +36,7 @@ function auth_userdb_lookup(req) end if userJson[1].username == req.username then - return dovecot.auth.USERDB_RESULT_OK, "uid=vmail gid=vmail home=/var/lib/vmail/mail/" .. req.username + return dovecot.auth.USERDB_RESULT_OK, "uid=vmail gid=vmail home=/var/lib/vmail/mail/%n" end return dovecot.auth.USERDB_RESULT_USER_UNKNOWN, "no such user"