Commit cbe0eaca authored by David's avatar David
Browse files

Docker container for roundcubemail!

parents
Pipeline #232 passed with stage
in 4 minutes and 49 seconds
.env
roundcubemail/
logs/
# Created by https://www.gitignore.io/api/code
# Edit at https://www.gitignore.io/?templates=code
### Code ###
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
# End of https://www.gitignore.io/api/code
\ No newline at end of file
variables:
REGISTRY_IMAGE: registry.dark.kow.is/kowis/roundcubemail
build:
image: docker:stable
stage: build
script:
- docker login -u $REGISTRY_USER -p $REGISTRY_PASS registry.dark.kow.is
- docker pull roundcube/roundcubemail:latest-fpm-alpine
- cd roundcube
- docker build --tag $REGISTRY_IMAGE:latest .
- docker push $REGISTRY_IMAGE:latest
<?php
$config['product_name'] = 'Kow.is Webmail';
$config['junk_mbox'] = 'Spam';
$config['spellcheck_engine'] = 'pspell';
$config['plugins'] = array(
'enigma', 'filesystem_attachments', 'identity_select',
'managesieve', 'markasjunk',
'zipdownload', 'contextmenu', 'automatic_addressbook',
'html5_notifier', 'show_folder_size'
);
$config['managesieve_host'] = 'soulreaver.dark.kow.is';
$config['managesieve_usetls'] = true;
$config['managesieve_default'] = '/etc/dovecot/sieve/global';
$config['managesieve_script_name'] = 'managesieve';
$config['managesieve_mbox_encoding'] = 'UTF-8';
$config['managesieve_replace_delimiter'] = '';
$config['managesieve_disabled_extensions'] = array();
$config['managesieve_debug'] = false;
$config['managesieve_kolab_master'] = false;
$config['managesieve_filename_extension'] = '.sieve';
$config['managesieve_filename_exceptions'] = array();
$config['managesieve_domains'] = array();
$config['managesieve_vacation'] = 0;
$config['managesieve_vacation_interval'] = 0;
$config['managesieve_vacation_addresses_init'] = false;
$config['managesieve_notify_methods'] = array('mailto');
version: '3.1'
services:
nginx:
container_name: roundcubemail_nginx
depends_on:
- roundcubemail
image: nginx:latest
restart: always
ports:
- '8080:80'
volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf
- ./logs:/var/log/nginx
- ./roundcubemail:/var/www/html
networks:
- roundcube_net
roundcubemail:
image: registry.dark.kow.is/kowis/roundcubemail:latest
restart: unless-stopped
environment:
ROUNDCUBEMAIL_DEFAULT_HOST: tls://soulreaver.dark.kow.is
ROUNDCUBEMAIL_DEFAULT_PORT: "143"
ROUNDCUBEMAIL_SMTP_SERVER: tls://soulreaver.dark.kow.is
ROUNDCUBEMAIL_SMTP_PORT: "587"
ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE: 10M
ROUNDCUBEMAIL_DB_TYPE: pgsql
ROUNDCUBEMAIL_DB_HOST: sarafan.dark.kow.is
ROUNDCUBEMAIL_DB_PORT: "5432"
ROUNDCUBEMAIL_DB_USER: roundcube
ROUNDCUBEMAIL_DB_PASSWORD: ${ROUNDCUBEMAIL_DB_PASSWORD}
ROUNDCUBEMAIL_DB_NAME: roundcube
volumes:
# Can include config.php files in this directory to merge
- ./roundcubemail:/var/www/html
- ./config/:/var/roundcube/config/
# Can set custom php config using
#- ./roundcube-custom.ini:/usr/local/etc/php/conf.d/zzz_roundcube-custom.ini
networks:
- roundcube_net
networks:
roundcube_net:
server {
listen 80;
root /var/www/html;
index index.php;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
include mime.types;
default_type application/octet-stream;
gzip on;
#
# Allow larger file uploads
#
client_max_body_size 64M;
# Global restrictions configuration file.
# Designed to be included in any server {} block.
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# Original non-cached logic
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass roundcubemail:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
\ No newline at end of file
FROM roundcube/roundcubemail:latest-fpm-alpine
RUN apk update \
&& apk add ca-certificates git \
&& rm -rf /var/cache/apk/*
COPY dark.kow.is.crt /usr/local/share/ca-certificates
RUN update-ca-certificates
RUN set -ex; \
curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer; \
mv /usr/src/roundcubemail/composer.json-dist /usr/src/roundcubemail/composer.json; \
composer \
--working-dir=/usr/src/roundcubemail/ \
--prefer-dist --prefer-stable \
--no-update --no-interaction \
--optimize-autoloader --apcu-autoloader \
require \
johndoh/contextmenu \
sblaisot/automatic_addressbook \
kitist/html5_notifier \
jfcherng/show-folder-size \
; \
composer \
--working-dir=/usr/src/roundcubemail/ \
--prefer-dist --no-dev \
--no-interaction \
--optimize-autoloader --apcu-autoloader \
update;
# TODO: internal SSL would be nice too
\ No newline at end of file
FROM roundcube/roundcubemail:1.4.x-apache
RUN set -ex; \
apt-get update; \
apt-get install -y --no-install-recommends git; \
curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer; \
mv /usr/src/roundcubemail/composer.json-dist /usr/src/roundcubemail/composer.json; \
composer \
--working-dir=/usr/src/roundcubemail/ \
--prefer-dist --prefer-stable \
--no-update --no-interaction \
--optimize-autoloader --apcu-autoloader \
require \
johndoh/contextmenu \
sblaisot/automatic_addressbook \
kitist/html5_notifier \
jfcherng/show-folder-size \
; \
composer \
--working-dir=/usr/src/roundcubemail/ \
--prefer-dist --no-dev \
--no-interaction \
--optimize-autoloader --apcu-autoloader \
update;
ADD dark.kow.is.crt /usr/local/share/ca-certificates
RUN update-ca-certificates
# TODO: internal SSL would be nice too
\ No newline at end of file
-----BEGIN CERTIFICATE-----
MIIDPjCCAiagAwIBAgIJANDXUrpSl6dwMA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNV
BAMMDmRhcmsua293LmlzIENBMB4XDTE2MTIyNDE3NDkzMFoXDTI2MTIyMjE3NDkz
MFowGTEXMBUGA1UEAwwOZGFyay5rb3cuaXMgQ0EwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDb9rIvbOLgvPw7uh1+aidsL4IN1Cv0kIUyABZkdlMNk4Bc
eFhsb/Xe3MmSNFsFcW0IeruLoMT9TV0YgrMFkfqB61DLujLrlXh5BT9T5uXo2Zw6
ZXtoIL2MGVr3prTuibGhfdGtUb0MexvO4a5KtuCtguCHWihhlHqaA/6HtUphuMi+
7gBVtRwe3gnQUx/7lvI0dHnsSWiiZ4kXV9SU/bsWCeu9acmvbuA4Pl04qPzvbFoX
iQMDsapWYElkDW32ur7PerXrCZn6p2X97wPyfwOMvU8R2fZ8LBZtEVOlna8lsSGa
RRw6cnQUPDpBE2VosGcmLVfXK2RkQpNJt2/gRE+PAgMBAAGjgYgwgYUwHQYDVR0O
BBYEFJODqBRgdyu2UWTsCAOlJOuKCx9hMEkGA1UdIwRCMECAFJODqBRgdyu2UWTs
CAOlJOuKCx9hoR2kGzAZMRcwFQYDVQQDDA5kYXJrLmtvdy5pcyBDQYIJANDXUrpS
l6dwMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IB
AQCRkR7sI+80A/1TpOBdL/TddGuAzljs15HkV8iHGtG0X2/j55bRnxVsj6Gx9LU6
qbfhoNSUjNSVxlZHTu+OYEwnP4Hdz4pEH/eM7gKrCeGylDSHvXVr13Ju8OnRzCgu
/j9ziwjhmq3xSoaCEyvqnfUlpiH7fEiV3I6Uz8P8ze3E8YB+W1v3/KP0iMl/OgDc
Cc3MBEirn4aVxtiaJPB1v5HLg/fvvmBK4l8/Q90w07wR9WJT7JTuX6oHM7ClLzub
+9gCP6ZYpyXsU64D7Tj95qrxd1u8a7068PIvE3mERGLn+SS6T1CQEDx9px7QuvfO
Ung7qf+LQXz4gGxQp58+VN8d
-----END CERTIFICATE-----
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment