From 520761083f42cf09e03e316d8efdd03ff0c518cd Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Sun, 13 Nov 2022 10:18:21 +0100 Subject: [PATCH 01/10] listen on all interfaces --- rootfs/etc/confd/templates/dovecot.conf.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootfs/etc/confd/templates/dovecot.conf.tmpl b/rootfs/etc/confd/templates/dovecot.conf.tmpl index f4ebb87..8313627 100644 --- a/rootfs/etc/confd/templates/dovecot.conf.tmpl +++ b/rootfs/etc/confd/templates/dovecot.conf.tmpl @@ -1,4 +1,4 @@ protocols = imap lmtp sieve -listen = * +listen = [::] !include conf.d/*.conf !include_try local.conf From b589e7f94f8a190580edce8204f6b1bfba5b4bbf Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Sun, 13 Nov 2022 12:39:17 +0100 Subject: [PATCH 02/10] listen on all interfaces --- rootfs/etc/confd/templates/dovecot.conf.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rootfs/etc/confd/templates/dovecot.conf.tmpl b/rootfs/etc/confd/templates/dovecot.conf.tmpl index 8313627..31ec7f9 100644 --- a/rootfs/etc/confd/templates/dovecot.conf.tmpl +++ b/rootfs/etc/confd/templates/dovecot.conf.tmpl @@ -1,4 +1,4 @@ protocols = imap lmtp sieve -listen = [::] +listen = *, :: !include conf.d/*.conf !include_try local.conf From 92667207e48de175081c79c6c0f9d429ade04b06 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Wed, 23 Nov 2022 14:27:31 +0100 Subject: [PATCH 03/10] use alpine 3.17 --- Dockerfile | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/Dockerfile b/Dockerfile index 607024f..6acc65c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,20 +1,20 @@ -FROM docker.io/alpine:3.16 as builder +FROM docker.io/alpine:3.17 as builder RUN apk --no-cache add \ - rpcgen \ - g++ \ - make \ - openssl \ - openssl-dev \ - lua-dev \ - libsodium-dev \ - linux-pam-dev \ - zlib-dev \ - bzip2-dev \ - xz-dev \ - lz4-dev \ - icu-dev \ - inotify-tools-dev + rpcgen \ + g++ \ + make \ + openssl \ + openssl-dev \ + lua-dev \ + libsodium-dev \ + linux-pam-dev \ + zlib-dev \ + bzip2-dev \ + xz-dev \ + lz4-dev \ + icu-dev \ + inotify-tools-dev ENV SHA256_SUM_DOVECOT=db5abcd87d7309659ea6b45b2cb6ee9c5f97486b2b719a5dd05a759e1f6a5c51 ENV DOVECOT_FILENAME=dovecot-2.3.19.1.tar.gz From 8a8aa6f0778f22b9fd1edc70fb961b087b434b19 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Wed, 23 Nov 2022 14:46:31 +0100 Subject: [PATCH 04/10] add libssl3 --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 6acc65c..8682454 100644 --- a/Dockerfile +++ b/Dockerfile @@ -80,7 +80,8 @@ RUN apk --no-cache add \ lua \ lua-rapidjson \ curl \ - inotify-tools + inotify-tools \ + libssl3 RUN addgroup -g 150 dovecot RUN adduser -u 140 -h /dev/null -H -s /sbin/nologin -D -G dovecot dovecot From 87adbb9b0c22e7089121f0d40684c150bedf2865 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Wed, 25 Jan 2023 08:33:01 +0100 Subject: [PATCH 05/10] push to 2.3.20 --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8682454..4dc1943 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,15 +16,15 @@ RUN apk --no-cache add \ icu-dev \ inotify-tools-dev -ENV SHA256_SUM_DOVECOT=db5abcd87d7309659ea6b45b2cb6ee9c5f97486b2b719a5dd05a759e1f6a5c51 -ENV DOVECOT_FILENAME=dovecot-2.3.19.1.tar.gz +ENV SHA256_SUM_DOVECOT=caa832eb968148abdf35ee9d0f534b779fa732c0ce4a913d9ab8c3469b218552 +ENV DOVECOT_FILENAME=dovecot-2.3.20.tar.gz RUN wget https://www.dovecot.org/releases/2.3/$DOVECOT_FILENAME RUN echo "$SHA256_SUM_DOVECOT $DOVECOT_FILENAME" | sha256sum -c - || exit 1 RUN mkdir /tmp/dovecot RUN tar xzf $DOVECOT_FILENAME -C /tmp/dovecot --strip 1 -ENV SHA256_SUM_PIGEONHOLE=637709a83fb1338c918e5398049f96b7aeb5ae00696794ed1e5a4d4c0ca3f688 -ENV PIGEONHOLE_FILENAME=dovecot-2.3-pigeonhole-0.5.19.tar.gz +ENV SHA256_SUM_PIGEONHOLE=ae32bd4870ea2c1328ae09ba206e9ec12128046d6afca52fbbc9ef7f75617c98 +ENV PIGEONHOLE_FILENAME=dovecot-2.3-pigeonhole-0.5.20.tar.gz RUN wget https://pigeonhole.dovecot.org/releases/2.3/$PIGEONHOLE_FILENAME RUN echo "$SHA256_SUM_PIGEONHOLE $PIGEONHOLE_FILENAME" | sha256sum -c - || exit 1 RUN mkdir /tmp/pigeonhole From 5724cc82ebd0303bc4b04edea1fd18daf2a0b756 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Thu, 16 Feb 2023 22:15:08 +0100 Subject: [PATCH 06/10] disable service chroots until I understand the problems properly --- Dockerfile | 2 +- rootfs/etc/confd/templates/10-master.conf.tmpl | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4dc1943..86a644a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -56,7 +56,7 @@ RUN cd /tmp/pigeonhole && \ --disable-static && \ make && make install -FROM docker.io/thallian/confd-env:3.16 +FROM docker.io/thallian/confd-env:3.17-3.1.3.0 COPY --from=builder /lib/dovecot/ /lib/dovecot/ COPY --from=builder /libexec/dovecot/ /libexec/dovecot/ diff --git a/rootfs/etc/confd/templates/10-master.conf.tmpl b/rootfs/etc/confd/templates/10-master.conf.tmpl index 399dfed..928ebf7 100644 --- a/rootfs/etc/confd/templates/10-master.conf.tmpl +++ b/rootfs/etc/confd/templates/10-master.conf.tmpl @@ -21,3 +21,16 @@ service auth { service auth-worker { } + +service anvil { + chroot = +} +service imap-login { + chroot = +} +service pop3-login { + chroot = +} +service ipc { + chroot = +} From 8fa36e7ded0051f81efb6cfd4927a1ae58d99100 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Thu, 16 Feb 2023 22:39:21 +0100 Subject: [PATCH 07/10] fix lua dependencies to lua 5.1 --- Dockerfile | 50 +++++++++++++++++++++++++------------------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/Dockerfile b/Dockerfile index 86a644a..e51bff6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ RUN apk --no-cache add \ make \ openssl \ openssl-dev \ - lua-dev \ + lua5.1-dev \ libsodium-dev \ linux-pam-dev \ zlib-dev \ @@ -31,30 +31,30 @@ RUN mkdir /tmp/pigeonhole RUN tar xzf $PIGEONHOLE_FILENAME -C /tmp/pigeonhole --strip 1 RUN cd /tmp/dovecot && \ - ./configure --prefix '' \ - --with-notify=inotify \ - --with-lua \ - --with-zlib \ - --with-bzlib \ - --with-pam \ - --with-ssl=openssl \ - --with-sodium \ - --without-sql \ - --with-lzma \ - --with-lz4 \ - --with-icu \ - --without-shadow \ - --with-ssldir=/etc/ssl/mail \ - --with-rundir=/run/dovecot \ - --disable-static && \ - make && \ - make install + ./configure --prefix '' \ + --with-notify=inotify \ + --with-lua \ + --with-zlib \ + --with-bzlib \ + --with-pam \ + --with-ssl=openssl \ + --with-sodium \ + --without-sql \ + --with-lzma \ + --with-lz4 \ + --with-icu \ + --without-shadow \ + --with-ssldir=/etc/ssl/mail \ + --with-rundir=/run/dovecot \ + --disable-static && \ + make && \ + make install RUN cd /tmp/pigeonhole && \ - ./configure --prefix '' \ - --with-dovecot=/lib/dovecot \ - --disable-static && \ - make && make install + ./configure --prefix '' \ + --with-dovecot=/lib/dovecot \ + --disable-static && \ + make && make install FROM docker.io/thallian/confd-env:3.17-3.1.3.0 @@ -77,8 +77,8 @@ RUN apk --no-cache add \ openssl \ ssmtp \ ca-certificates \ - lua \ - lua-rapidjson \ + lua5.1-libs \ + lua5.1-rapidjson curl \ inotify-tools \ libssl3 From edb0b700b0f528fb20527e5c66adf570504603b8 Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Thu, 16 Feb 2023 22:40:37 +0100 Subject: [PATCH 08/10] add missig continuation line --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e51bff6..9247748 100644 --- a/Dockerfile +++ b/Dockerfile @@ -78,7 +78,7 @@ RUN apk --no-cache add \ ssmtp \ ca-certificates \ lua5.1-libs \ - lua5.1-rapidjson + lua5.1-rapidjson \ curl \ inotify-tools \ libssl3 From 09cf75eccb0a9bd56cbae0a7cc0ab78b008523bc Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Tue, 26 Sep 2023 16:05:12 +0200 Subject: [PATCH 09/10] push to 2.3.21 --- Dockerfile | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9247748..4f6372e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM docker.io/alpine:3.17 as builder +FROM docker.io/alpine:3.18 as builder RUN apk --no-cache add \ rpcgen \ @@ -16,15 +16,15 @@ RUN apk --no-cache add \ icu-dev \ inotify-tools-dev -ENV SHA256_SUM_DOVECOT=caa832eb968148abdf35ee9d0f534b779fa732c0ce4a913d9ab8c3469b218552 -ENV DOVECOT_FILENAME=dovecot-2.3.20.tar.gz +ENV SHA256_SUM_DOVECOT=05b11093a71c237c2ef309ad587510721cc93bbee6828251549fc1586c36502d +ENV DOVECOT_FILENAME=dovecot-2.3.21.tar.gz RUN wget https://www.dovecot.org/releases/2.3/$DOVECOT_FILENAME RUN echo "$SHA256_SUM_DOVECOT $DOVECOT_FILENAME" | sha256sum -c - || exit 1 RUN mkdir /tmp/dovecot RUN tar xzf $DOVECOT_FILENAME -C /tmp/dovecot --strip 1 -ENV SHA256_SUM_PIGEONHOLE=ae32bd4870ea2c1328ae09ba206e9ec12128046d6afca52fbbc9ef7f75617c98 -ENV PIGEONHOLE_FILENAME=dovecot-2.3-pigeonhole-0.5.20.tar.gz +ENV SHA256_SUM_PIGEONHOLE=1ca71d2659076712058a72030288f150b2b076b0306453471c5261498d3ded27 +ENV PIGEONHOLE_FILENAME=dovecot-2.3-pigeonhole-0.5.21.tar.gz RUN wget https://pigeonhole.dovecot.org/releases/2.3/$PIGEONHOLE_FILENAME RUN echo "$SHA256_SUM_PIGEONHOLE $PIGEONHOLE_FILENAME" | sha256sum -c - || exit 1 RUN mkdir /tmp/pigeonhole @@ -56,7 +56,7 @@ RUN cd /tmp/pigeonhole && \ --disable-static && \ make && make install -FROM docker.io/thallian/confd-env:3.17-3.1.3.0 +FROM docker.io/thallian/confd-env:3.18-3.1.5.0 COPY --from=builder /lib/dovecot/ /lib/dovecot/ COPY --from=builder /libexec/dovecot/ /libexec/dovecot/ @@ -67,21 +67,21 @@ COPY --from=builder /sbin/dovecot /sbin/dovecot COPY --from=builder /bin/sieve* /bin/ RUN apk --no-cache add \ - libsodium \ - libbz2 \ - zlib \ - xz-libs \ - lz4-libs \ - lz4 \ - linux-pam \ - openssl \ - ssmtp \ - ca-certificates \ - lua5.1-libs \ - lua5.1-rapidjson \ - curl \ - inotify-tools \ - libssl3 + libsodium \ + libbz2 \ + zlib \ + xz-libs \ + lz4-libs \ + lz4 \ + linux-pam \ + openssl \ + ssmtp \ + ca-certificates \ + lua5.1-libs \ + lua5.1-rapidjson \ + curl \ + inotify-tools \ + libssl3 RUN addgroup -g 150 dovecot RUN adduser -u 140 -h /dev/null -H -s /sbin/nologin -D -G dovecot dovecot From 659e14a87de50f9ce8f2e563e022c7a4ca0d061b Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Sun, 18 Feb 2024 11:57:05 +0100 Subject: [PATCH 10/10] return proper home dir from userdb --- .gitea/workflows/container.yaml | 12 ++++++++++++ .woodpecker.yml | 11 ----------- Dockerfile => Containerfile | 4 ++-- rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl | 2 +- 4 files changed, 15 insertions(+), 14 deletions(-) create mode 100644 .gitea/workflows/container.yaml delete mode 100644 .woodpecker.yml rename Dockerfile => Containerfile (96%) diff --git a/.gitea/workflows/container.yaml b/.gitea/workflows/container.yaml new file mode 100644 index 0000000..e48b3fd --- /dev/null +++ b/.gitea/workflows/container.yaml @@ -0,0 +1,12 @@ +name: Build Multiarch Container Image +on: [push] +jobs: + call-reusable-workflow: + uses: container/multiarch-build-workflow/.gitea/workflows/build.yaml@main + with: + repository: ${{ gitea.repository }} + ref_name: ${{ gitea.ref_name }} + sha: ${{ gitea.sha }} + registry_url: ${{ secrets.REGISTRY_URL }} + registry_user: ${{ secrets.REGISTRY_USER }} + registry_pw: ${{ secrets.REGISTRY_PW }} diff --git a/.woodpecker.yml b/.woodpecker.yml deleted file mode 100644 index c294e35..0000000 --- a/.woodpecker.yml +++ /dev/null @@ -1,11 +0,0 @@ -pipeline: - publish-docker-image: - image: plugins/kaniko - settings: - repo: docker.io/thallian/dovecot - tags: latest,${CI_COMMIT_SHA:0:8},${CI_COMMIT_TAG=pre} - dockerfile: Dockerfile - username: - from_secret: DOCKER_USER - password: - from_secret: DOCKER_PW \ No newline at end of file diff --git a/Dockerfile b/Containerfile similarity index 96% rename from Dockerfile rename to Containerfile index 4f6372e..8debbfd 100644 --- a/Dockerfile +++ b/Containerfile @@ -1,4 +1,4 @@ -FROM docker.io/alpine:3.18 as builder +FROM docker.io/alpine:3.19 as builder RUN apk --no-cache add \ rpcgen \ @@ -56,7 +56,7 @@ RUN cd /tmp/pigeonhole && \ --disable-static && \ make && make install -FROM docker.io/thallian/confd-env:3.18-3.1.5.0 +FROM docker.io/thallian/confd-env:3.19-3.1.6.2 COPY --from=builder /lib/dovecot/ /lib/dovecot/ COPY --from=builder /libexec/dovecot/ /libexec/dovecot/ diff --git a/rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl b/rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl index 0587b78..cc97b81 100644 --- a/rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl +++ b/rootfs/etc/confd/templates/oauth2-userdb.lua.tmpl @@ -36,7 +36,7 @@ function auth_userdb_lookup(req) end if userJson[1].username == req.username then - return dovecot.auth.USERDB_RESULT_OK, "uid=vmail gid=vmail home=/var/lib/vmail/mail/%n" + return dovecot.auth.USERDB_RESULT_OK, "uid=vmail gid=vmail home=/var/lib/vmail/mail/" .. req.username end return dovecot.auth.USERDB_RESULT_USER_UNKNOWN, "no such user"