paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #267 from michael-k/dockerfiles 

Follow best practices in Dockerfiles
master
André Peters 2017-05-13 21:50:31 +02:00 committed by GitHub
parent 0a90bdc4df 766a986f27
commit 5e537825e8
7 changed files with 100 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
data/Dockerfiles/clamav/Dockerfile
View File

@ -1,26 +1,34 @@
FROM debian:stretch-slim FROM debian:stretch-slim
MAINTAINER https://m-ko.de Markus Kosmal <code@cnfg.io> LABEL maintainer "https://m-ko.de Markus Kosmal <code@cnfg.io>"
# Debian Base to use # Debian Base to use
ENV DEBIAN_VERSION stretch ENV DEBIAN_VERSION stretch
ARG DEBIAN_FRONTEND=noninteractive
# initial install of av daemon # initial install of av daemon
RUN echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION main contrib non-free" > /etc/apt/sources.list && \ RUN echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION main contrib non-free" > /etc/apt/sources.list && \
echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION-updates main contrib non-free" >> /etc/apt/sources.list && \ echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION-updates main contrib non-free" >> /etc/apt/sources.list && \
echo "deb http://security.debian.org/ $DEBIAN_VERSION/updates main contrib non-free" >> /etc/apt/sources.list && \ echo "deb http://security.debian.org/ $DEBIAN_VERSION/updates main contrib non-free" >> /etc/apt/sources.list && \
apt-get update && \ apt-get update && apt-get install -y -qq --no-install-recommends \
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y -qq \
clamav-daemon \ clamav-daemon \
clamav-freshclam \ clamav-freshclam \
libclamunrar7 \ libclamunrar7 \
curl && \ && rm -rf /var/lib/apt/lists/*
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# initial update of av databases # initial update of av databases
COPY dl_files.sh /dl_files.sh COPY dl_files.sh /dl_files.sh
RUN chmod +x /dl_files.sh RUN chmod +x /dl_files.sh
RUN /dl_files.sh
RUN set -ex; \
\
fetchDeps=' \
curl \
'; \
apt-get update; \
apt-get install -y --no-install-recommends $fetchDeps; \
rm -rf /var/lib/apt/lists/*; \
/dl_files.sh \
apt-get purge -y --auto-remove $fetchDeps
# permission juggling # permission juggling
RUN mkdir /var/run/clamav && \ RUN mkdir /var/run/clamav && \

63
data/Dockerfiles/dovecot/Dockerfile
View File

@ -1,69 +1,71 @@
FROM debian:stretch-slim FROM debian:stretch-slim
#ubuntu:xenial #ubuntu:xenial
MAINTAINER Andre Peters <andre.peters@servercow.de> LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV DEBIAN_FRONTEND noninteractive ARG DEBIAN_FRONTEND=noninteractive
ENV LC_ALL C ENV LC_ALL C
ENV DOVECOT_VERSION 2.2.29.1 ENV DOVECOT_VERSION 2.2.29.1
ENV PIGEONHOLE_VERSION 0.4.18 ENV PIGEONHOLE_VERSION 0.4.18
RUN apt-get update \ RUN apt-get update && apt-get -y install \
&& apt-get -y install libpam-dev \
default-libmysqlclient-dev \
lzma-dev \
liblz-dev \
libbz2-dev \
liblz4-dev \
liblzma-dev \
build-essential \
autotools-dev \
automake \ automake \
syslog-ng \ autotools-dev \
syslog-ng-core \ build-essential \
syslog-ng-mod-redis \
ca-certificates \ ca-certificates \
supervisor \ cpanminus \
wget \
curl \ curl \
libssl-dev \ default-libmysqlclient-dev \
libauthen-ntlm-perl \ libauthen-ntlm-perl \
libbz2-dev \
libcrypt-ssleay-perl \ libcrypt-ssleay-perl \
libdbd-mysql-perl \
libdbi-perl \
libdigest-hmac-perl \ libdigest-hmac-perl \
libfile-copy-recursive-perl \ libfile-copy-recursive-perl \
libio-compress-perl \ libio-compress-perl \
libio-socket-inet6-perl \ libio-socket-inet6-perl \
libio-socket-ssl-perl \ libio-socket-ssl-perl \
libio-tee-perl \ libio-tee-perl \
libipc-run-perl \
liblockfile-simple-perl \
liblz-dev \
liblz4-dev \
liblzma-dev \
libmodule-scandeps-perl \ libmodule-scandeps-perl \
libnet-ssleay-perl \ libnet-ssleay-perl \
libpam-dev \
libpar-packer-perl \ libpar-packer-perl \
libreadonly-perl \ libreadonly-perl \
libssl-dev \
libterm-readkey-perl \ libterm-readkey-perl \
libtest-pod-perl \ libtest-pod-perl \
libtest-simple-perl \ libtest-simple-perl \
libunicode-string-perl \ libunicode-string-perl \
liburi-perl \ liburi-perl \
libdbi-perl \ lzma-dev \
liblockfile-simple-perl \
libdbd-mysql-perl \
libipc-run-perl \
make \ make \
cpanminus supervisor \
syslog-ng \
syslog-ng-core \
syslog-ng-mod-redis \
&& rm -rf /var/lib/apt/lists/*
RUN wget https://www.dovecot.org/releases/2.2/dovecot-$DOVECOT_VERSION.tar.gz -O - | tar xvz \ RUN curl https://www.dovecot.org/releases/2.2/dovecot-$DOVECOT_VERSION.tar.gz | tar xvz \
&& cd dovecot-$DOVECOT_VERSION \ && cd dovecot-$DOVECOT_VERSION \
&& ./configure --with-mysql --with-lzma --with-lz4 --with-ssl=openssl --with-notify=inotify --with-storages=mdbox,sdbox,maildir,mbox,imapc,pop3c --with-bzlib --with-zlib \ && ./configure --with-mysql --with-lzma --with-lz4 --with-ssl=openssl --with-notify=inotify --with-storages=mdbox,sdbox,maildir,mbox,imapc,pop3c --with-bzlib --with-zlib \
&& make -j3 \ && make -j3 \
&& make install \ && make install \
&& make clean && make clean \
&& cd .. && rm -rf dovecot-$DOVECOT_VERSION
RUN wget https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION.tar.gz -O - | tar xvz \ RUN curl https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION.tar.gz | tar xvz \
&& cd dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION \ && cd dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION \
&& ./configure \ && ./configure \
&& make -j3 \ && make -j3 \
&& make install \ && make install \
&& make clean && make clean \
&& cd .. && rm -rf dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION
RUN cpanm Data::Uniqid Mail::IMAPClient String::Util RUN cpanm Data::Uniqid Mail::IMAPClient String::Util
RUN echo '* * * * * root /usr/local/bin/imapsync_cron.pl' > /etc/cron.d/imapsync RUN echo '* * * * * root /usr/local/bin/imapsync_cron.pl' > /etc/cron.d/imapsync
@ -100,9 +102,6 @@ EXPOSE 24 10001
ENTRYPOINT ["/docker-entrypoint.sh"] ENTRYPOINT ["/docker-entrypoint.sh"]
CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
RUN apt-get clean \ RUN rm -rf \
&& rm -rf /var/lib/apt/lists/* \
/tmp/* \ /tmp/* \
/var/tmp/* \ /var/tmp/*
/dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION \
/dovecot-$DOVECOT_VERSION

13
data/Dockerfiles/php-fpm/Dockerfile
View File

@ -1,16 +1,17 @@
FROM php:7.1-fpm FROM php:7.1-fpm
MAINTAINER Andre Peters <andre.peters@servercow.de> LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV DEBIAN_FRONTEND noninteractive ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update \ RUN apt-get update && apt-get install -y \
&& apt-get install -y zlib1g-dev \
libicu-dev \
g++ \ g++ \
libicu-dev \
libidn11-dev \ libidn11-dev \
libxml2-dev \ libxml2-dev \
mysql-client \
redis-tools \ redis-tools \
mysql-client zlib1g-dev \
&& rm -rf /var/lib/apt/lists/*
RUN docker-php-ext-configure intl RUN docker-php-ext-configure intl
RUN docker-php-ext-install intl pdo pdo_mysql xmlrpc RUN docker-php-ext-install intl pdo pdo_mysql xmlrpc

27
data/Dockerfiles/postfix/Dockerfile
View File

@ -1,7 +1,7 @@
FROM debian:stretch-slim FROM debian:stretch-slim
MAINTAINER Andre Peters <andre.peters@servercow.de> LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV DEBIAN_FRONTEND noninteractive ARG DEBIAN_FRONTEND=noninteractive
ENV LC_ALL C ENV LC_ALL C
RUN dpkg-divert --local --rename --add /sbin/initctl \ RUN dpkg-divert --local --rename --add /sbin/initctl \
@ -9,23 +9,24 @@ RUN dpkg-divert --local --rename --add /sbin/initctl \
&& dpkg-divert --local --rename --add /usr/bin/ischroot \ && dpkg-divert --local --rename --add /usr/bin/ischroot \
&& ln -sf /bin/true /usr/bin/ischroot && ln -sf /bin/true /usr/bin/ischroot
RUN apt-get update RUN apt-get update && apt-get install -y --no-install-recommends \
RUN apt-get install -y --no-install-recommends supervisor \ ca-certificates \
postfix \ curl \
sasl2-bin \ dirmngr \
gnupg \
libsasl2-modules \ libsasl2-modules \
postfix \ postfix \
postfix \
postfix-mysql \ postfix-mysql \
postfix-pcre \ postfix-pcre \
python-gpgme \
sasl2-bin \
sudo \
supervisor \
syslog-ng \ syslog-ng \
syslog-ng-core \ syslog-ng-core \
syslog-ng-mod-redis \ syslog-ng-mod-redis \
ca-certificates \ && rm -rf /var/lib/apt/lists/*
gnupg \
python-gpgme \
sudo \
curl \
dirmngr
RUN addgroup --system --gid 600 zeyple RUN addgroup --system --gid 600 zeyple
RUN adduser --system --home /var/lib/zeyple --no-create-home --uid 600 --gid 600 --disabled-login zeyple RUN adduser --system --home /var/lib/zeyple --no-create-home --uid 600 --gid 600 --disabled-login zeyple
@ -44,4 +45,4 @@ EXPOSE 588
CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* RUN rm -rf /tmp/* /var/tmp/*

15
data/Dockerfiles/rmilter/Dockerfile
View File

@ -1,13 +1,18 @@
FROM debian:jessie-slim FROM debian:jessie-slim
MAINTAINER Andre Peters <andre.peters@servercow.de> LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV DEBIAN_FRONTEND noninteractive ARG DEBIAN_FRONTEND=noninteractive
ENV LC_ALL C ENV LC_ALL C
RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \ RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \
&& echo "deb http://rspamd.com/apt-stable/ jessie main" > /etc/apt/sources.list.d/rspamd.list \ && echo "deb http://rspamd.com/apt-stable/ jessie main" > /etc/apt/sources.list.d/rspamd.list \
&& apt-get update \ && apt-get update && apt-get install -y --force-yes --no-install-recommends \
&& apt-get --no-install-recommends -y --force-yes install rmilter cron syslog-ng syslog-ng-core supervisor cron \
rmilter \
supervisor \
syslog-ng \
syslog-ng-core \
&& rm -rf /var/lib/apt/lists/*
COPY supervisord.conf /etc/supervisor/supervisord.conf COPY supervisord.conf /etc/supervisor/supervisord.conf
@ -18,4 +23,4 @@ RUN touch /var/log/mail.log && chmod 640 /var/log/mail.log && chown root:adm /va
CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* RUN rm -rf /tmp/* /var/tmp/*

13
data/Dockerfiles/rspamd/Dockerfile
View File

@ -1,13 +1,16 @@
FROM debian:jessie-slim FROM debian:jessie-slim
MAINTAINER Andre Peters <andre.peters@servercow.de> LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV DEBIAN_FRONTEND noninteractive ARG DEBIAN_FRONTEND=noninteractive
ENV LC_ALL C ENV LC_ALL C
RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \ RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \
&& echo "deb http://rspamd.com/apt-stable/ jessie main" > /etc/apt/sources.list.d/rspamd.list \ && echo "deb http://rspamd.com/apt-stable/ jessie main" > /etc/apt/sources.list.d/rspamd.list \
&& apt-get update \ && apt-get update && apt-get install -y \
&& apt-get -y install rspamd ca-certificates python-pip ca-certificates \
python-pip \
rspamd \
&& rm -rf /var/lib/apt/lists/*
RUN echo '.include $LOCAL_CONFDIR/local.d/rspamd.conf.local' > /etc/rspamd/rspamd.conf.local RUN echo '.include $LOCAL_CONFDIR/local.d/rspamd.conf.local' > /etc/rspamd/rspamd.conf.local
@ -18,7 +21,7 @@ RUN pip install -U oletools
CMD /usr/bin/rspamd -f -u _rspamd -g _rspamd CMD /usr/bin/rspamd -f -u _rspamd -g _rspamd
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* RUN rm -rf /tmp/* /var/tmp/*
USER _rspamd USER _rspamd

26
data/Dockerfiles/sogo/Dockerfile
View File

@ -1,19 +1,21 @@
FROM debian:jessie-slim FROM debian:jessie-slim
MAINTAINER Andre Peters <andre.peters@servercow.de> LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ENV DEBIAN_FRONTEND noninteractive ARG DEBIAN_FRONTEND=noninteractive
ENV LC_ALL C ENV LC_ALL C
ENV GOSU_VERSION 1.9 ENV GOSU_VERSION 1.9
RUN apt-get update \ RUN apt-get update && apt-get install -y --no-install-recommends \
&& apt-get install -y --no-install-recommends apt-transport-https gnupg \ apt-transport-https \
ca-certificates \ ca-certificates \
wget \ cron \
gnupg \
mysql-client \
supervisor \
syslog-ng \ syslog-ng \
syslog-ng-core \ syslog-ng-core \
supervisor \ wget \
mysql-client \ && rm -rf /var/lib/apt/lists/* \
cron \
&& dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \ && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \ && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \ && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
@ -29,8 +31,10 @@ RUN touch /usr/share/doc/sogo/empty.sh
RUN apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4 \ RUN apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4 \
&& echo "deb http://packages.inverse.ca/SOGo/nightly/3/debian/ jessie jessie" > /etc/apt/sources.list.d/sogo.list \ && echo "deb http://packages.inverse.ca/SOGo/nightly/3/debian/ jessie jessie" > /etc/apt/sources.list.d/sogo.list \
&& apt-get update \ && apt-get update && apt-get install -y --force-yes \
&& apt-get -y --force-yes install sogo sogo-activesync sogo \
sogo-activesync \
&& rm -rf /var/lib/apt/lists/*
RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf
RUN echo '* * * * * sogo /usr/sbin/sogo-ealarms-notify' > /etc/cron.d/sogo RUN echo '* * * * * sogo /usr/sbin/sogo-ealarms-notify' > /etc/cron.d/sogo
@ -42,4 +46,4 @@ COPY supervisord.conf /etc/supervisor/supervisord.conf
CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* RUN rm -rf /tmp/* /var/tmp/*