[Dovecot] Dovecot 2.3.1, Pigeonhole 0.5.1

[ClamAV] 0.100.0, new log method without pipes
[Compose] New images for Dovecot and ClamAV, add persistent tty to clamd-mailcow
master
André 2018-04-26 12:36:13 +02:00
parent f036de706e
commit f53006f6ab
7 changed files with 32 additions and 29 deletions

View File

@ -6,7 +6,7 @@ LABEL maintainer "André Peters <andre.peters@servercow.de>"
COPY dl_files.sh bootstrap.sh ./ COPY dl_files.sh bootstrap.sh ./
# Installation # Installation
ENV CLAMAV 0.99.3 ENV CLAMAV 0.100.0
RUN apk add --no-cache --virtual build-dependencies alpine-sdk ncurses-dev zlib-dev bzip2-dev pcre-dev linux-headers fts-dev libxml2-dev libressl-dev \ RUN apk add --no-cache --virtual build-dependencies alpine-sdk ncurses-dev zlib-dev bzip2-dev pcre-dev linux-headers fts-dev libxml2-dev libressl-dev \
&& apk add --no-cache curl bash tini libxml2 libbz2 pcre fts libressl \ && apk add --no-cache curl bash tini libxml2 libbz2 pcre fts libressl \
@ -33,11 +33,12 @@ RUN apk add --no-cache --virtual build-dependencies alpine-sdk ncurses-dev zlib-
&& apk del build-dependencies \ && apk del build-dependencies \
&& addgroup -S clamav \ && addgroup -S clamav \
&& adduser -S -D -h /var/lib/clamav -s /sbin/nologin -G clamav -g clamav clamav \ && adduser -S -D -h /var/lib/clamav -s /sbin/nologin -G clamav -g clamav clamav \
&& adduser clamav tty \
&& mkdir -p /run/clamav \ && mkdir -p /run/clamav \
&& chown clamav:clamav /run/clamav \ && chown clamav:clamav /run/clamav \
&& chmod +x /dl_files.sh \ && chmod +x /dl_files.sh \
&& set -ex; /bin/bash /dl_files.sh \ && set -ex; /bin/bash /dl_files.sh \
&& chmod 750 /run/clamav && chmod 750 /run/clamav
# Port provision # Port provision
EXPOSE 3310 EXPOSE 3310

View File

@ -7,18 +7,20 @@ if [[ "${SKIP_CLAMD}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
fi fi
# Create log pipes # Create log pipes
mkdir /var/log/clamav mkdir -p /var/log/clamav
touch /var/log/clamav/clamd.log /var/log/clamav/freshclam.log touch /var/log/clamav/clamd.log /var/log/clamav/freshclam.log
mkfifo -m 600 /tmp/logpipe_clamd chown -R clamav:clamav /var/log/clamav/
mkfifo -m 600 /tmp/logpipe_freshclam
chown -R clamav:clamav /var/log/clamav/ /tmp/logpipe_*
cat <> /tmp/logpipe_clamd 1>&2 &
cat <> /tmp/logpipe_freshclam 1>&2 &
# Prepare # Prepare
BACKGROUND_TASKS=() BACKGROUND_TASKS=()
freshclam -d & (
while true; do
sleep 1m
freshclam
sleep 1h
done
) &
BACKGROUND_TASKS+=($!) BACKGROUND_TASKS+=($!)
clamd & clamd &

View File

@ -3,8 +3,8 @@ LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
ENV LC_ALL C ENV LC_ALL C
ENV DOVECOT_VERSION 2.2.33.2 ENV DOVECOT_VERSION 2.3.1
ENV PIGEONHOLE_VERSION 0.4.21 ENV PIGEONHOLE_VERSION 0.5.1
RUN apt-get update && apt-get -y --no-install-recommends install \ RUN apt-get update && apt-get -y --no-install-recommends install \
automake \ automake \
@ -27,9 +27,11 @@ RUN apt-get update && apt-get -y --no-install-recommends install \
libauthen-ntlm-perl \ libauthen-ntlm-perl \
libbz2-dev \ libbz2-dev \
libcrypt-ssleay-perl \ libcrypt-ssleay-perl \
libcurl4-openssl-dev \
libdbd-mysql-perl \ libdbd-mysql-perl \
libdbi-perl \ libdbi-perl \
libdigest-hmac-perl \ libdigest-hmac-perl \
libexpat1-dev \
libfile-copy-recursive-perl \ libfile-copy-recursive-perl \
libio-compress-perl \ libio-compress-perl \
libio-socket-inet6-perl \ libio-socket-inet6-perl \
@ -63,24 +65,21 @@ RUN apt-get update && apt-get -y --no-install-recommends install \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
RUN curl https://www.dovecot.org/releases/2.2/dovecot-$DOVECOT_VERSION.tar.gz | tar xvz \ RUN curl https://www.dovecot.org/releases/2.3/dovecot-$DOVECOT_VERSION.tar.gz | tar xvz \
&& cd dovecot-$DOVECOT_VERSION \ && cd dovecot-$DOVECOT_VERSION \
&& curl -o src/lib-auth/auth-client-request.c https://mailcow.email/dovecot-patch1/auth-client-request.c \ && ./configure --with-solr --with-mysql --with-lzma --with-lz4 --with-ssl=openssl --with-notify=inotify --with-storages=mdbox,sdbox,maildir,mbox,imapc,pop3c --with-bzlib --with-zlib \
&& curl -o src/lib-auth/auth-server-connection.c https://mailcow.email/dovecot-patch1/auth-server-connection.c \
&& curl -o src/lib-auth/auth-server-connection.h https://mailcow.email/dovecot-patch1/auth-server-connection.h \
&& ./configure --with-mysql --with-lzma --with-lz4 --with-ssl=openssl --with-notify=inotify --with-storages=mdbox,sdbox,maildir,mbox,imapc,pop3c --with-bzlib --with-zlib \
&& make -j3 \ && make -j3 \
&& make install \ && make install \
&& make clean \ && make clean \
&& cd .. && rm -rf dovecot-$DOVECOT_VERSION \ && cd .. && rm -rf dovecot-$DOVECOT_VERSION \
&& curl https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION.tar.gz | tar xvz \ && curl https://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-$PIGEONHOLE_VERSION.tar.gz | tar xvz \
&& cd dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION \ && cd dovecot-2.3-pigeonhole-$PIGEONHOLE_VERSION \
&& ./configure \ && ./configure \
&& make -j3 \ && make -j3 \
&& make install \ && make install \
&& make clean \ && make clean \
&& cd .. \ && cd .. \
&& rm -rf dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION && rm -rf dovecot-2.3-pigeonhole-$PIGEONHOLE_VERSION
RUN cpanm Data::Uniqid Mail::IMAPClient String::Util RUN cpanm Data::Uniqid Mail::IMAPClient String::Util
RUN echo '* * * * * root /usr/local/bin/imapsync_cron.pl' > /etc/cron.d/imapsync RUN echo '* * * * * root /usr/local/bin/imapsync_cron.pl' > /etc/cron.d/imapsync

View File

@ -1,4 +1,4 @@
LogFile /tmp/logpipe_clamd LogFile /dev/console
LogTime yes LogTime yes
LogClean yes LogClean yes
ExtendedDetectionInfo yes ExtendedDetectionInfo yes

View File

@ -1,4 +1,4 @@
UpdateLogFile /tmp/logpipe_freshclam UpdateLogFile /var/log/clamav/freshclam.log
LogTime yes LogTime yes
PidFile /run/clamav/freshclam.pid PidFile /run/clamav/freshclam.pid
DatabaseOwner clamav DatabaseOwner clamav

View File

@ -17,9 +17,9 @@ mail_location = maildir:~/
mail_plugins = quota acl zlib listescape #mail_crypt mail_plugins = quota acl zlib listescape #mail_crypt
# Dovecot 2.2 # Dovecot 2.2
ssl_protocols = !SSLv3 #ssl_protocols = !SSLv3
# Dovecot 2.3 # Dovecot 2.3
#ssl_min_protocol = TLSv1 ssl_min_protocol = TLSv1
ssl_prefer_server_ciphers = yes ssl_prefer_server_ciphers = yes
ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
@ -28,9 +28,9 @@ ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECD
ssl_options = no_compression ssl_options = no_compression
# New in Dovecot 2.3 # New in Dovecot 2.3
#ssl_dh=</etc/ssl/mail/dhparams.pem ssl_dh=</etc/ssl/mail/dhparams.pem
# Dovecot 2.2 # Dovecot 2.2
ssl_dh_parameters_length = 2048 #ssl_dh_parameters_length = 2048
log_timestamp = "%Y-%m-%d %H:%M:%S " log_timestamp = "%Y-%m-%d %H:%M:%S "
recipient_delimiter = + recipient_delimiter = +
auth_master_user_separator = * auth_master_user_separator = *

View File

@ -59,9 +59,10 @@ services:
- redis - redis
clamd-mailcow: clamd-mailcow:
image: mailcow/clamd:1.9 image: mailcow/clamd:1.10
build: ./data/Dockerfiles/clamd build: ./data/Dockerfiles/clamd
restart: always restart: always
tty: true
environment: environment:
- TZ=${TZ} - TZ=${TZ}
- SKIP_CLAMD=${SKIP_CLAMD:-n} - SKIP_CLAMD=${SKIP_CLAMD:-n}
@ -166,7 +167,7 @@ services:
- sogo - sogo
dovecot-mailcow: dovecot-mailcow:
image: mailcow/dovecot:1.24 image: mailcow/dovecot:1.25
build: ./data/Dockerfiles/dovecot build: ./data/Dockerfiles/dovecot
cap_add: cap_add:
- NET_BIND_SERVICE - NET_BIND_SERVICE