From 110a1014f78841bbcfa802ee8995942a720850a6 Mon Sep 17 00:00:00 2001 From: nelu Date: Sun, 2 Feb 2025 10:16:53 +0200 Subject: [PATCH 01/10] declare volumes to create the persistent data from the image when volume is empty --- Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile b/Dockerfile index 27d9d8b..b570d32 100644 --- a/Dockerfile +++ b/Dockerfile @@ -117,6 +117,10 @@ EXPOSE 993 EXPOSE 995 # SMTP Port (used for internal delivery from amavis, do not expose to the outside world!) EXPOSE 10025 + +# populate persistent data +VOLUME ["/etc/postfix", "/var/spool/postfix", "/var/vmail"] + #CMD ["/usr/local/mailserver/loop.sh"] CMD ["/usr/local/mailserver/entrypoint.sh"] From 227d7e2bd22617fe15844ff994d3a820443a83c1 Mon Sep 17 00:00:00 2001 From: nelu Date: Sun, 2 Feb 2025 13:12:10 +0200 Subject: [PATCH 02/10] populate postfix config files multiple architecture build arg --- Dockerfile | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index b570d32..bc3bf67 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,6 @@ -FROM debian:12 +ARG ARCH + +FROM ${ARCH}debian:12 LABEL maintainer="Ralph Schuster " RUN echo "postfix postfix/mailname string mail.example.com" | debconf-set-selections @@ -70,7 +72,8 @@ RUN chmod 755 /usr/local/mailserver/*.sh \ && cd /etc/opendkim \ && opendkim-genkey --selector=key1 --bits=2048 --directory=keys \ && chown opendkim /etc/opendkim/keys/key1.private \ - && usermod -aG opendkim postfix + && usermod -aG opendkim postfix \ + && cp -rfp /etc/postfix /etc/postfix_orig ##################################################################### # Image OCI labels @@ -121,6 +124,9 @@ EXPOSE 10025 # populate persistent data VOLUME ["/etc/postfix", "/var/spool/postfix", "/var/vmail"] +CMD ["sh", "-c","[ -z \"$(ls -A /etc/postfix)\" ] && cp -arfp /etc/postfix_orig/. /etc/postfix/ ; /usr/local/mailserver/entrypoint.sh"] + +#CMD ["/usr/local/mailserver/entrypoint.sh"] #CMD ["/usr/local/mailserver/loop.sh"] -CMD ["/usr/local/mailserver/entrypoint.sh"] + From c7e01cf084f009e31542aa1ff1f265b840e7b5e5 Mon Sep 17 00:00:00 2001 From: nelu Date: Sun, 2 Feb 2025 20:28:54 +0200 Subject: [PATCH 03/10] Update Dockerfile used linked directories for persistent data --- Dockerfile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index bc3bf67..7a2c7aa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -73,7 +73,7 @@ RUN chmod 755 /usr/local/mailserver/*.sh \ && opendkim-genkey --selector=key1 --bits=2048 --directory=keys \ && chown opendkim /etc/opendkim/keys/key1.private \ && usermod -aG opendkim postfix \ - && cp -rfp /etc/postfix /etc/postfix_orig + && mv -f /etc/postfix /etc/postfix_orig && ln -s /etc/postfix_orig /etc/postfix ##################################################################### # Image OCI labels @@ -124,9 +124,7 @@ EXPOSE 10025 # populate persistent data VOLUME ["/etc/postfix", "/var/spool/postfix", "/var/vmail"] -CMD ["sh", "-c","[ -z \"$(ls -A /etc/postfix)\" ] && cp -arfp /etc/postfix_orig/. /etc/postfix/ ; /usr/local/mailserver/entrypoint.sh"] - -#CMD ["/usr/local/mailserver/entrypoint.sh"] +CMD ["/usr/local/mailserver/entrypoint.sh"] #CMD ["/usr/local/mailserver/loop.sh"] From d9209c52fe7a2fda8c5629f54b695c2491135365 Mon Sep 17 00:00:00 2001 From: nelu Date: Sun, 2 Feb 2025 20:32:58 +0200 Subject: [PATCH 04/10] Update entrypoint.sh copy postfix config on data volume --- src/entrypoint.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index 8b08015..ab48277 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -417,6 +417,10 @@ configure_sieve() { chown -R vmail:vmail /var/vmail/sieve } +create_persistent_data() { + [ -z "$(ls -A /etc/postfix)" ] && cp -arfp /etc/postfix_orig/. /etc/postfix/ +} + # Stopping all (we got a TERM signal at this point) _sigterm() { echo "Caught SIGTERM..." @@ -426,6 +430,9 @@ _sigterm() { kill -TERM "$TAIL_CHILD_PID" 2>/dev/null } +# bootstrap data +create_persistent_data + ######################### # Installation check ######################### From 387257ef2865fde2ff4f056876d43c37141e5df7 Mon Sep 17 00:00:00 2001 From: nelu Date: Mon, 3 Feb 2025 00:44:32 +0200 Subject: [PATCH 05/10] Update entrypoint.sh CHARACTER SET latin1 fix for postfixadmin migrations setup --- src/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index ab48277..e3b1ffd 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -343,7 +343,7 @@ check_database_user() { create_database() { echo "Creating database..." - echo "CREATE DATABASE IF NOT EXISTS $PF_DB_NAME;" | mysql -u root --password=$PF_SETUP_PASS -h $PF_DB_HOST + echo "CREATE DATABASE IF NOT EXISTS $PF_DB_NAME CHARACTER SET latin1 COLLATE latin1_general_ci;" | mysql -u root --password=$PF_SETUP_PASS -h $PF_DB_HOST if [[ $? -ne 0 ]] then echo "Cannot create database $PF_DB_NAME" 1>&2 From bd8cd912d040ca547137f17e51569f0dfdf5a83a Mon Sep 17 00:00:00 2001 From: nelu Date: Mon, 3 Feb 2025 00:50:42 +0200 Subject: [PATCH 06/10] Update entrypoint.sh --- src/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index e3b1ffd..17428f7 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -343,7 +343,7 @@ check_database_user() { create_database() { echo "Creating database..." - echo "CREATE DATABASE IF NOT EXISTS $PF_DB_NAME CHARACTER SET latin1 COLLATE latin1_general_ci;" | mysql -u root --password=$PF_SETUP_PASS -h $PF_DB_HOST + echo "CREATE DATABASE IF NOT EXISTS $PF_DB_NAME CHARACTER SET latin1 COLLATE latin1_swedish_ci;" | mysql -u root --password=$PF_SETUP_PASS -h $PF_DB_HOST if [[ $? -ne 0 ]] then echo "Cannot create database $PF_DB_NAME" 1>&2 From 317279338ef10faf45b48c31fc8199036ac372b2 Mon Sep 17 00:00:00 2001 From: nelu Date: Mon, 3 Feb 2025 01:30:22 +0200 Subject: [PATCH 07/10] Update entrypoint.sh --- src/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/entrypoint.sh b/src/entrypoint.sh index 17428f7..ab48277 100755 --- a/src/entrypoint.sh +++ b/src/entrypoint.sh @@ -343,7 +343,7 @@ check_database_user() { create_database() { echo "Creating database..." - echo "CREATE DATABASE IF NOT EXISTS $PF_DB_NAME CHARACTER SET latin1 COLLATE latin1_swedish_ci;" | mysql -u root --password=$PF_SETUP_PASS -h $PF_DB_HOST + echo "CREATE DATABASE IF NOT EXISTS $PF_DB_NAME;" | mysql -u root --password=$PF_SETUP_PASS -h $PF_DB_HOST if [[ $? -ne 0 ]] then echo "Cannot create database $PF_DB_NAME" 1>&2 From fc9f1d98dd842918308bb0a9e1750f5bfb1a284b Mon Sep 17 00:00:00 2001 From: nelu Date: Mon, 3 Feb 2025 01:31:30 +0200 Subject: [PATCH 08/10] Update create_tables.sql --- src/create_tables.sql | 73 ------------------------------------------- 1 file changed, 73 deletions(-) diff --git a/src/create_tables.sql b/src/create_tables.sql index 00f86c7..8b13789 100644 --- a/src/create_tables.sql +++ b/src/create_tables.sql @@ -1,74 +1 @@ -CREATE TABLE IF NOT EXISTS `accounts` ( - `id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT, - `username` varchar(64) NOT NULL, - `domain` varchar(255) NOT NULL, - `password` varchar(255) NOT NULL, - `quota` int(10) UNSIGNED DEFAULT 0, - `enabled` tinyint(1) DEFAULT 0, - `sendonly` tinyint(1) DEFAULT 0, - PRIMARY KEY (`id`), - UNIQUE KEY `username` (`username`,`domain`) -) ENGINE=InnoDB DEFAULT CHARSET=latin1; - -CREATE TABLE IF NOT EXISTS `alias` ( - `address` varchar(255) NOT NULL, - `goto` text NOT NULL, - `domain` varchar(255) NOT NULL, - `created` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - `modified` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - `active` tinyint(1) NOT NULL DEFAULT 1, - PRIMARY KEY (`address`) -) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='Postfix Admin - Virtual Aliases'; - -CREATE TABLE IF NOT EXISTS `alias_domain` ( - `alias_domain` varchar(255) NOT NULL DEFAULT '', - `target_domain` varchar(255) NOT NULL DEFAULT '', - `created` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - `modified` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - `active` tinyint(1) NOT NULL DEFAULT 1, - PRIMARY KEY (`alias_domain`) -) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='Postfix Admin - Domain Aliases'; - -CREATE TABLE IF NOT EXISTS `domain` ( - `domain` varchar(255) NOT NULL, - `description` varchar(255) CHARACTER SET utf8 NOT NULL, - `aliases` int(10) NOT NULL DEFAULT 0, - `mailboxes` int(10) NOT NULL DEFAULT 0, - `maxquota` bigint(20) NOT NULL DEFAULT 0, - `quota` bigint(20) NOT NULL DEFAULT 0, - `transport` varchar(255) NOT NULL, - `backupmx` tinyint(1) NOT NULL DEFAULT 0, - `created` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - `modified` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - `active` tinyint(1) NOT NULL DEFAULT 1, - PRIMARY KEY (`domain`) -) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='Postfix Admin - Virtual Domains'; - -CREATE TABLE IF NOT EXISTS `mailbox` ( - `username` varchar(255) NOT NULL, - `password` varchar(255) NOT NULL, - `name` varchar(255) CHARACTER SET utf8 NOT NULL, - `maildir` varchar(255) NOT NULL, - `quota` bigint(20) NOT NULL DEFAULT 0, - `local_part` varchar(255) NOT NULL, - `domain` varchar(255) NOT NULL, - `created` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - `modified` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - `active` tinyint(1) NOT NULL DEFAULT 1, - `phone` varchar(30) CHARACTER SET utf8 NOT NULL DEFAULT '', - `email_other` varchar(255) CHARACTER SET utf8 NOT NULL DEFAULT '', - `token` varchar(255) CHARACTER SET utf8 NOT NULL DEFAULT '', - `token_validity` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', - PRIMARY KEY (`username`) -) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='Postfix Admin - Virtual Mailboxes'; - -CREATE TABLE IF NOT EXISTS `tlspolicies` ( - `id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT, - `domain` varchar(255) NOT NULL, - `policy` enum('none','may','encrypt','dane','dane-only','fingerprint','verify','secure') NOT NULL, - `params` varchar(255) DEFAULT NULL, - PRIMARY KEY (`id`), - UNIQUE KEY `domain` (`domain`) -) ENGINE=InnoDB DEFAULT CHARSET=latin1; - From a3955f138ec139abc3080ec4094cf26c625f760f Mon Sep 17 00:00:00 2001 From: nelu Date: Tue, 4 Feb 2025 18:44:20 +0200 Subject: [PATCH 09/10] Create docker-publish.yml --- .github/workflows/docker-publish.yml | 58 ++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 .github/workflows/docker-publish.yml diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml new file mode 100644 index 0000000..2bfa3b0 --- /dev/null +++ b/.github/workflows/docker-publish.yml @@ -0,0 +1,58 @@ +name: Docker + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +on: + release: + types: [published] + # Publish semver tags as releases. + tags: [ 'v*.*.*' ] + +env: + # Use docker.io for Docker Hub if empty + REGISTRY: ghcr.io + # github.repository as / + IMAGE_NAME: ${{ github.repository }} + +jobs: + build: + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 #v3.5.0 + with: + cosign-release: 'v2.2.4' + + # Set up BuildKit Docker container builder to be able to build + # multi-platform images and export cache + # https://github.com/docker/setup-buildx-action + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GHTOKEN }} + + - name: Build the Docker images + run: docker buildx build --push --tag=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:$(basename ${GITHUB_REF}) --tag=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest ./ From 973931a6b4814e7d283324ddca1a862d940813e8 Mon Sep 17 00:00:00 2001 From: nelu Date: Wed, 5 Feb 2025 04:54:13 +0200 Subject: [PATCH 10/10] using postfix version from build args which is not mandatory anymore. since upstream updates the package regularly the version number should be a build-time env variable. or use an official postfix image versioned accordingly and use it with FROM --- Dockerfile | 13 ++++++------- build.sh | 6 +++++- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7a2c7aa..ae51390 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,22 +2,21 @@ ARG ARCH FROM ${ARCH}debian:12 LABEL maintainer="Ralph Schuster " +ARG PF_REVISION="0" +ARG PF_PACKAGE="" RUN echo "postfix postfix/mailname string mail.example.com" | debconf-set-selections RUN echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections -ENV PF_VERSION="3.7.9" -ENV PF_REVISION="0" -ENV PF_PACKAGE="3.7.9-0+deb12u1" RUN export DEBIAN_FRONTEND=noninteractive \ - && PF_VERSION=${PF_PACKAGE} \ + && { ! [ -z "${PF_PACKAGE}" ] && export PF_VERSION="=${PF_PACKAGE}" || export PF_VERSION=""; } \ && apt-get update \ && apt-get install -y --no-install-recommends \ default-mysql-client \ apt-utils \ procps \ - postfix=${PF_VERSION} \ - postfix-mysql=${PF_VERSION} \ + postfix${PF_VERSION} \ + postfix-mysql${PF_VERSION} \ dovecot-core \ dovecot-imapd \ dovecot-pop3d \ @@ -81,7 +80,7 @@ RUN chmod 755 /usr/local/mailserver/*.sh \ ARG ARG_CREATED ARG ARG_URL=https://github.com/technicalguru/docker-mailserver-postfix ARG ARG_SOURCE=https://github.com/technicalguru/docker-mailserver-postfix -ARG ARG_VERSION="${PF_VERSION}.${PF_REVISION}" +ARG ARG_VERSION="${PF_PACKAGE}.${PF_REVISION}" ARG ARG_REVISION="${PF_REVISION}" ARG ARG_VENDOR=technicalguru ARG ARG_TITLE=technicalguru/mailserver-postfix diff --git a/build.sh b/build.sh index cd988f7..b96cc71 100755 --- a/build.sh +++ b/build.sh @@ -1 +1,5 @@ -docker build --progress=plain -t technicalguru/mailserver-postfix:latest . +#!/bin/sh +docker build --progress=plain \ + -t technicalguru/mailserver-postfix:latest \ + --build-arg PF_PACKAGE="3.7.9-0+deb12u1" \ + .