[Dovecot] Dovecot 2.3.1, Pigeonhole 0.5.1

[ClamAV] 0.100.0, new log method without pipes [Compose] New images for Dovecot and ClamAV, add persistent tty to clamd-mailcow
2018-04-26 12:36:13 +02:00 · 2018-04-26 12:36:13 +02:00 · f53006f6ab
parent f036de706e
commit f53006f6ab
7 changed files with 32 additions and 29 deletions
--- a/data/Dockerfiles/clamd/Dockerfile
+++ b/data/Dockerfiles/clamd/Dockerfile
@ -6,7 +6,7 @@ LABEL maintainer "André Peters <andre.peters@servercow.de>"
 COPY dl_files.sh bootstrap.sh ./
 # Installation
-ENV CLAMAV 0.99.3
+ENV CLAMAV 0.100.0
 RUN apk add --no-cache --virtual build-dependencies alpine-sdk ncurses-dev zlib-dev bzip2-dev pcre-dev linux-headers fts-dev libxml2-dev libressl-dev \
  && apk add --no-cache curl bash tini libxml2 libbz2 pcre fts libressl \
@ -33,6 +33,7 @@ RUN apk add --no-cache --virtual build-dependencies alpine-sdk ncurses-dev zlib-
  && apk del build-dependencies \
  && addgroup -S clamav \
  && adduser -S -D -h /var/lib/clamav -s /sbin/nologin -G clamav -g clamav clamav \
  && adduser clamav tty \
  && mkdir -p /run/clamav \
  && chown clamav:clamav /run/clamav \
  && chmod +x /dl_files.sh \
--- a/data/Dockerfiles/clamd/bootstrap.sh
+++ b/data/Dockerfiles/clamd/bootstrap.sh
@ -7,18 +7,20 @@ if [[ "${SKIP_CLAMD}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
 fi
 # Create log pipes
-mkdir /var/log/clamav
+mkdir -p /var/log/clamav
 touch /var/log/clamav/clamd.log /var/log/clamav/freshclam.log
-mkfifo -m 600 /tmp/logpipe_clamd
+chown -R clamav:clamav /var/log/clamav/
 mkfifo -m 600 /tmp/logpipe_freshclam
 chown -R clamav:clamav /var/log/clamav/ /tmp/logpipe_*
 cat <> /tmp/logpipe_clamd 1>&2 &
 cat <> /tmp/logpipe_freshclam 1>&2 &
 # Prepare
 BACKGROUND_TASKS=()
-freshclam -d &
+(
 while true; do
  sleep 1m
  freshclam
  sleep 1h
 done
 ) &
 BACKGROUND_TASKS+=($!)
 clamd &
--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@ -3,8 +3,8 @@ LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
 ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
-ENV DOVECOT_VERSION 2.2.33.2
+ENV DOVECOT_VERSION 2.3.1
-ENV PIGEONHOLE_VERSION 0.4.21
+ENV PIGEONHOLE_VERSION 0.5.1
 RUN apt-get update && apt-get -y --no-install-recommends install \
  automake \
@ -27,9 +27,11 @@ RUN apt-get update && apt-get -y --no-install-recommends install \
  libauthen-ntlm-perl \
  libbz2-dev \
  libcrypt-ssleay-perl \
  libcurl4-openssl-dev \
  libdbd-mysql-perl \
  libdbi-perl \
  libdigest-hmac-perl \
  libexpat1-dev \
  libfile-copy-recursive-perl \
  libio-compress-perl \
  libio-socket-inet6-perl \
@ -63,24 +65,21 @@ RUN apt-get update && apt-get -y --no-install-recommends install \
  && rm -rf /var/lib/apt/lists/*
-RUN curl https://www.dovecot.org/releases/2.2/dovecot-$DOVECOT_VERSION.tar.gz | tar xvz  \
+RUN curl https://www.dovecot.org/releases/2.3/dovecot-$DOVECOT_VERSION.tar.gz | tar xvz  \
  && cd dovecot-$DOVECOT_VERSION \
-  && curl -o src/lib-auth/auth-client-request.c https://mailcow.email/dovecot-patch1/auth-client-request.c \
+  && ./configure --with-solr --with-mysql --with-lzma --with-lz4 --with-ssl=openssl --with-notify=inotify --with-storages=mdbox,sdbox,maildir,mbox,imapc,pop3c --with-bzlib --with-zlib \
  && curl -o src/lib-auth/auth-server-connection.c https://mailcow.email/dovecot-patch1/auth-server-connection.c \
  && curl -o src/lib-auth/auth-server-connection.h https://mailcow.email/dovecot-patch1/auth-server-connection.h \
  && ./configure --with-mysql --with-lzma --with-lz4 --with-ssl=openssl --with-notify=inotify --with-storages=mdbox,sdbox,maildir,mbox,imapc,pop3c --with-bzlib --with-zlib \
  && make -j3 \
  && make install \
  && make clean \
  && cd .. && rm -rf dovecot-$DOVECOT_VERSION \
-  && curl https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION.tar.gz | tar xvz  \
+  && curl https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-$PIGEONHOLE_VERSION.tar.gz | tar xvz  \
-  && cd dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION \
+  && cd dovecot-2.3-pigeonhole-$PIGEONHOLE_VERSION \
  && ./configure \
  && make -j3 \
  && make install \
  && make clean \
  && cd .. \
-  && rm -rf dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION
+  && rm -rf dovecot-2.3-pigeonhole-$PIGEONHOLE_VERSION
 RUN cpanm Data::Uniqid Mail::IMAPClient String::Util
 RUN echo '* * * * *   root   /usr/local/bin/imapsync_cron.pl' > /etc/cron.d/imapsync
--- a/data/conf/clamav/clamd.conf
+++ b/data/conf/clamav/clamd.conf
@ -1,4 +1,4 @@
-LogFile /tmp/logpipe_clamd
+LogFile /dev/console
 LogTime yes
 LogClean yes
 ExtendedDetectionInfo yes
--- a/data/conf/clamav/freshclam.conf
+++ b/data/conf/clamav/freshclam.conf
@ -1,4 +1,4 @@
-UpdateLogFile /tmp/logpipe_freshclam
+UpdateLogFile /var/log/clamav/freshclam.log
 LogTime yes
 PidFile /run/clamav/freshclam.pid
 DatabaseOwner clamav
--- a/data/conf/dovecot/dovecot.conf
+++ b/data/conf/dovecot/dovecot.conf
@ -17,9 +17,9 @@ mail_location = maildir:~/
 mail_plugins = quota acl zlib listescape #mail_crypt
 # Dovecot 2.2
-ssl_protocols = !SSLv3
+#ssl_protocols = !SSLv3
 # Dovecot 2.3
-#ssl_min_protocol = TLSv1
+ssl_min_protocol = TLSv1
 ssl_prefer_server_ciphers = yes
 ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
@ -28,9 +28,9 @@ ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECD
 ssl_options = no_compression
 # New in Dovecot 2.3
-#ssl_dh=</etc/ssl/mail/dhparams.pem
+ssl_dh=</etc/ssl/mail/dhparams.pem
 # Dovecot 2.2
-ssl_dh_parameters_length = 2048
+#ssl_dh_parameters_length = 2048
 log_timestamp = "%Y-%m-%d %H:%M:%S "
 recipient_delimiter = +
 auth_master_user_separator = *
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -59,9 +59,10 @@ services:
            - redis
    clamd-mailcow:
-      image: mailcow/clamd:1.9
+      image: mailcow/clamd:1.10
      build: ./data/Dockerfiles/clamd
      restart: always
      tty: true
      environment:
        - TZ=${TZ}
        - SKIP_CLAMD=${SKIP_CLAMD:-n}
@ -166,7 +167,7 @@ services:
            - sogo
    dovecot-mailcow:
-      image: mailcow/dovecot:1.24
+      image: mailcow/dovecot:1.25
      build: ./data/Dockerfiles/dovecot
      cap_add:
        - NET_BIND_SERVICE