From 0561a979bc62633d60774599bb874b5b237ede01 Mon Sep 17 00:00:00 2001 From: Felix Bartels <1257835+fbartels@users.noreply.github.com> Date: Tue, 25 Feb 2020 13:31:54 +0100 Subject: [PATCH] update to Debian Buster (#253) * update to Debian Buster * update webapp container * update kdav image to buster * add some debug commands * use onbuild to specify building of core repository only in one place * remove ca-certificates and git from kdav image * git should not be needed since kdav has a builder stage * ca-certificates is already installed in an earlier stage * upgrade to Debian 10 for Z-Push * switch remaining Debian 9 repos in webapp * use a new major version for the base image * since its now based on buster * add new parameters to the onbuild step * update repos in setup.sh * switch default distribution in create repo script --- Makefile | 6 ++++-- base/Dockerfile | 16 ++++++++++++++-- base/create-kopano-repo.sh | 4 ++-- core/Dockerfile | 14 +++++--------- kdav/Dockerfile | 19 ++++++------------- php/Dockerfile | 13 ++++--------- python/Dockerfile | 5 ----- setup.sh | 17 ++++++++++------- ssl/start.sh | 2 +- webapp/Dockerfile | 8 ++++---- webapp/goss.yaml | 4 ++-- webapp/start.sh | 2 +- zpush/Dockerfile | 19 +++++++------------ 13 files changed, 60 insertions(+), 69 deletions(-) diff --git a/Makefile b/Makefile index 22af928..6556b9e 100644 --- a/Makefile +++ b/Makefile @@ -21,7 +21,7 @@ KOPANO_WEBAPP_REPOSITORY_URL := file:/kopano/repo/webapp KOPANO_WEBAPP_FILES_REPOSITORY_URL := file:/kopano/repo/files KOPANO_WEBAPP_MDM_REPOSITORY_URL := file:/kopano/repo/mdm KOPANO_WEBAPP_SMIME_REPOSITORY_URL := file:/kopano/repo/smime -KOPANO_ZPUSH_REPOSITORY_URL := http://repo.z-hub.io/z-push:/final/Debian_9.0/ +KOPANO_ZPUSH_REPOSITORY_URL := http://repo.z-hub.io/z-push:/final/Debian_10/ RELEASE_KEY_DOWNLOAD := 0 DOWNLOAD_COMMUNITY_PACKAGES := 1 KOPANO_UID := 999 @@ -113,7 +113,7 @@ endif -t $(docker_repo)/kopano_$(component):builder $(component)/ build-base: ## Build new base image. - docker pull debian:stretch + docker pull debian:buster component=base make build build-core: @@ -280,7 +280,9 @@ publish-container: ## Helper target to push a given image to a registry. Default version=$${version%.*} ; \ docker push $(docker_repo)/kopano_$(component):$$version ; \ done +ifdef PUBLISHLATEST docker push $(docker_repo)/kopano_$(component):latest +endif #ifdef DOCKERREADME # bash .ci/docker-hub-helper.sh $(component) #endif diff --git a/base/Dockerfile b/base/Dockerfile index 98d981a..6bd97f5 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -1,4 +1,4 @@ -FROM debian:stretch +FROM debian:buster ARG VCS_REF ARG ADDITIONAL_KOPANO_PACKAGES="" @@ -13,7 +13,7 @@ ARG KOPANO_UID=999 ARG KOPANO_GID=999 ENV \ - BASE_VERSION=1.4.0 \ + BASE_VERSION=2.0.0 \ DEBUG="" \ DEBIAN_FRONTEND=noninteractive @@ -40,6 +40,7 @@ RUN apt-get update && \ curl \ dumb-init \ gpg \ + gpg-agent \ jq \ locales \ moreutils \ @@ -77,3 +78,14 @@ COPY create-kopano-repo.sh /kopano/helper/ COPY kcconf.py /kopano/ SHELL [ "/bin/bash", "-c"] + +ONBUILD ARG DOWNLOAD_COMMUNITY_PACKAGES=1 +ONBUILD ARG DOWNLOAD_DISTRIBUTION="Debian_10" +ONBUILD ARG DOWNLOAD_CHANNEL="community" +ONBUILD ARG DOWNLOAD_BRANCH="" +ONBUILD RUN \ + # community download and package as apt source repository + . /kopano/helper/create-kopano-repo.sh && \ + if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ + dl_and_package_community "core" "$DOWNLOAD_DISTRIBUTION" "$DOWNLOAD_CHANNEL" "$DOWNLOAD_BRANCH"; \ + fi diff --git a/base/create-kopano-repo.sh b/base/create-kopano-repo.sh index d899180..09729fb 100755 --- a/base/create-kopano-repo.sh +++ b/base/create-kopano-repo.sh @@ -11,7 +11,7 @@ function version_from_filename { function h5ai_query { component=${1:-core} - distribution=${2:-Debian_9.0} + distribution=${2:-Debian_10} channel=${3:-community} # could either be community, supported or limited branch=${4:-""} # could either be empty, "master/tarballs/", "pre-final/tarballs/" or "final/tarballs/" @@ -31,7 +31,7 @@ function h5ai_query { function dl_and_package_community { # take component as first argument and fallback to core if none given component=${1:-core} - distribution=${2:-Debian_9.0} + distribution=${2:-Debian_10} channel=${3:-community} branch=${4:-""} diff --git a/core/Dockerfile b/core/Dockerfile index 3ca4da3..10f4998 100644 --- a/core/Dockerfile +++ b/core/Dockerfile @@ -13,7 +13,7 @@ ARG KOPANO_CORE_VERSION=newest ENV \ ADDITIONAL_KOPANO_PACKAGES=$ADDITIONAL_KOPANO_PACKAGES \ DOWNLOAD_COMMUNITY_PACKAGES=$DOWNLOAD_COMMUNITY_PACKAGES \ - DOWNLOAD_DISTRIBUTION="Debian_9.0" \ + DOWNLOAD_DISTRIBUTION="Debian_10" \ DOWNLOAD_CHANNEL="community" \ DOWNLOAD_BRANCH="" \ KOPANO_CORE_REPOSITORY_URL=$KOPANO_CORE_REPOSITORY_URL \ @@ -39,11 +39,6 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] # install Kopano Core and refresh ca-certificates RUN \ - # community download and package as apt source repository - . /kopano/helper/create-kopano-repo.sh && \ - if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ - dl_and_package_community "core" "$DOWNLOAD_DISTRIBUTION" "$DOWNLOAD_CHANNEL" "$DOWNLOAD_BRANCH"; \ - fi; \ # apt key has already been installed in base echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ # install @@ -65,9 +60,10 @@ RUN \ set +x && \ rm -rf /var/cache/apt /var/lib/apt/lists && \ touch /etc/kopano/admin.cfg && \ - cp /usr/share/doc/kopano/example-config/*.cfg /etc/kopano/ && \ - cp /usr/share/doc/kopano/example-config/*.cfg.gz /etc/kopano/ && \ - gzip -d -f /etc/kopano/*.gz + # with 9.0 config files are once again in /etc/kopano + (cp /usr/share/doc/kopano/example-config/*.cfg /etc/kopano/ || true) && \ + (cp /usr/share/doc/kopano/example-config/*.cfg.gz /etc/kopano/ || true) && \ + (gzip -d -f /etc/kopano/*.gz || true) ENV LANG=en_US.UTF-8 diff --git a/kdav/Dockerfile b/kdav/Dockerfile index c6d957e..b3f3e0b 100644 --- a/kdav/Dockerfile +++ b/kdav/Dockerfile @@ -32,18 +32,13 @@ LABEL maintainer=az@zok.xyz \ org.label-schema.vcs-url="https://github.com/zokradonh/kopano-docker" \ org.label-schema.schema-version="1.0" -# install Kopano kDAV and refresh ca-certificates +# install Kopano kDAV RUN \ - # community download and package as apt source repository - . /kopano/helper/create-kopano-repo.sh && \ - if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ - dl_and_package_community "core"; \ - fi; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ set -x && \ apt-get update && apt-get install -y --no-install-recommends \ apache2 \ - libapache2-mod-php7.0 \ + libapache2-mod-php7.3 \ crudini \ php7-mapi \ php-xml \ @@ -51,8 +46,6 @@ RUN \ php-zip \ sqlite \ php-sqlite3 \ - ca-certificates \ - git \ unzip \ ${ADDITIONAL_KOPANO_PACKAGES} \ && rm -rf /var/cache/apt /var/lib/apt/lists/* @@ -70,10 +63,10 @@ RUN \ echo "Listen 80" > /etc/apache2/ports.conf && \ # configure mod_php a2enmod rewrite && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP upload_max_filesize 500M && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP post_max_size 500M && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP max_input_vars 1800 && \ - crudini --set /etc/php/7.0/apache2/php.ini Session session.save_path /run/sessions && \ + crudini --set /etc/php/7.3/apache2/php.ini PHP upload_max_filesize 500M && \ + crudini --set /etc/php/7.3/apache2/php.ini PHP post_max_size 500M && \ + crudini --set /etc/php/7.3/apache2/php.ini PHP max_input_vars 1800 && \ + crudini --set /etc/php/7.3/apache2/php.ini Session session.save_path /run/sessions && \ mkdir -p /var/lib/kopano/kdav && \ chown www-data:www-data /var/lib/kopano/kdav && \ mkdir -p /var/log/kdav && \ diff --git a/php/Dockerfile b/php/Dockerfile index c3a2baf..21afc07 100644 --- a/php/Dockerfile +++ b/php/Dockerfile @@ -32,11 +32,6 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] # add install common php dependencies # hadolint ignore=SC2129 RUN \ - # community download and package as apt source repository - . /kopano/helper/create-kopano-repo.sh && \ - if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ - dl_and_package_community "core"; \ - fi; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ # install set -x && \ @@ -51,10 +46,10 @@ RUN \ # configure php-fpm RUN \ mkdir -p /run/php && chown www-data:www-data /run/php && \ - crudini --set /etc/php/7.0/fpm/php.ini PHP upload_max_filesize 500M && \ - crudini --set /etc/php/7.0/fpm/php.ini PHP post_max_size 500M && \ - crudini --set /etc/php/7.0/fpm/php.ini PHP max_input_vars 1800 && \ - crudini --set /etc/php/7.0/fpm/php.ini Session session.save_path /run/sessions + crudini --set /etc/php/7.3/fpm/php.ini PHP upload_max_filesize 500M && \ + crudini --set /etc/php/7.3/fpm/php.ini PHP post_max_size 500M && \ + crudini --set /etc/php/7.3/fpm/php.ini PHP max_input_vars 1800 && \ + crudini --set /etc/php/7.3/fpm/php.ini Session session.save_path /run/sessions EXPOSE 9080/tcp diff --git a/python/Dockerfile b/python/Dockerfile index c9d8850..851930f 100644 --- a/python/Dockerfile +++ b/python/Dockerfile @@ -31,11 +31,6 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] # hadolint ignore=SC2129 RUN \ - # community download and package as apt source repository - . /kopano/helper/create-kopano-repo.sh && \ - if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ - dl_and_package_community "core"; \ - fi; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ # install set -x && \ diff --git a/setup.sh b/setup.sh index 22c6068..593178c 100755 --- a/setup.sh +++ b/setup.sh @@ -329,16 +329,19 @@ COMPOSE_PROJECT_NAME=kopano COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml:docker-compose.db.yml:docker-compose.ldap.yml:docker-compose.mail.yml # Modify below to build a different version, than the kopano nightly release -#KOPANO_CORE_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/core:/final/Debian_9.0/ -#KOPANO_MEET_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/meet:/final/Debian_9.0/ -#KOPANO_WEBAPP_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/webapp:/final/Debian_9.0/ -#KOPANO_WEBAPP_FILES_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/files:/final/Debian_9.0/ -#KOPANO_WEBAPP_MDM_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/mdm:/final/Debian_9.0/ -#KOPANO_WEBAPP_SMIME_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/smime:/final/Debian_9.0/ -#KOPANO_ZPUSH_REPOSITORY_URL=http://repo.z-hub.io/z-push:/final/Debian_9.0/ +#KOPANO_CORE_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/core:/9.x/Debian_10/ +#KOPANO_MEET_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/meet:/final/Debian_10/ +#KOPANO_WEBAPP_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/webapp:/final/Debian_10/ +#KOPANO_WEBAPP_FILES_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/files:/final/Debian_10/ +#KOPANO_WEBAPP_MDM_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/mdm:/final/Debian_10/ +#KOPANO_WEBAPP_SMIME_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/smime:/final/Debian_10/ +#KOPANO_ZPUSH_REPOSITORY_URL=http://repo.z-hub.io/z-push:/final/Debian_10/ #RELEASE_KEY_DOWNLOAD=1 #DOWNLOAD_COMMUNITY_PACKAGES=0 +# Remove this variable to not push versioned containers with the :latest tag +PUBLISHLATEST=yes + # Additional packages to install ADDITIONAL_KOPANO_PACKAGES="" ADDITIONAL_KOPANO_WEBAPP_PLUGINS="$ADDITIONAL_KOPANO_WEBAPP_PLUGINS" diff --git a/ssl/start.sh b/ssl/start.sh index d9dd0a3..09cdabf 100755 --- a/ssl/start.sh +++ b/ssl/start.sh @@ -2,7 +2,7 @@ mkdir -p /kopano/ssl/clients/ -set -euo pipefail +set -euo # clean out any potential port numbers FQDN=${FQDN%:*} diff --git a/webapp/Dockerfile b/webapp/Dockerfile index 1d0a314..ae6e2b3 100644 --- a/webapp/Dockerfile +++ b/webapp/Dockerfile @@ -47,10 +47,10 @@ RUN \ # community download and package as apt source repository . /kopano/helper/create-kopano-repo.sh && \ if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ - dl_and_package_community "webapp"; \ - dl_and_package_community "files"; \ - dl_and_package_community "mdm"; \ - dl_and_package_community "smime"; \ + dl_and_package_community "webapp" "Debian_10"; \ + dl_and_package_community "files" "Debian_10"; \ + dl_and_package_community "mdm" "Debian_10"; \ + dl_and_package_community "smime" "Debian_10"; \ fi; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_REPOSITORY_URL} ./" >> /etc/apt/sources.list.d/kopano.list; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_SMIME_REPOSITORY_URL} ./" >> /etc/apt/sources.list.d/kopano.list; \ diff --git a/webapp/goss.yaml b/webapp/goss.yaml index 0162233..f45d3db 100644 --- a/webapp/goss.yaml +++ b/webapp/goss.yaml @@ -7,7 +7,7 @@ file: group: www-data filetype: directory contains: [] - /usr/lib/php/20151012/mapi.so: + /usr/lib/php/20180731/mapi.so: exists: true mode: "0644" owner: root @@ -25,7 +25,7 @@ file: process: kwebd: running: true - php-fpm7.0: + php-fpm7.3: running: true http: http://localhost:9080/status: diff --git a/webapp/start.sh b/webapp/start.sh index 0e9254b..77dd903 100755 --- a/webapp/start.sh +++ b/webapp/start.sh @@ -82,5 +82,5 @@ set +u # cleaning up env variables unset "${!KCCONF_@}" echo "Starting php-fpm" -php-fpm7.0 -F & +php-fpm7.3 -F & exec /usr/libexec/kopano/kwebd caddy -conf /etc/kweb.cfg diff --git a/zpush/Dockerfile b/zpush/Dockerfile index 142327c..f8e8c23 100644 --- a/zpush/Dockerfile +++ b/zpush/Dockerfile @@ -9,7 +9,7 @@ ARG RELEASE_KEY_DOWNLOAD=0 ARG DEBIAN_FRONTEND=noninteractive ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo/core" ARG KOPANO_CORE_VERSION=newest -ARG KOPANO_ZPUSH_REPOSITORY_URL="http://repo.z-hub.io/z-push:/final/Debian_9.0/" +ARG KOPANO_ZPUSH_REPOSITORY_URL="http://repo.z-hub.io/z-push:/final/Debian_10/" ARG KOPANO_ZPUSH_VERSION=newest ENV \ @@ -33,13 +33,8 @@ LABEL maintainer=az@zok.xyz \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] -# install Kopano WebApp and refresh ca-certificates +# install Z-Push RUN \ - # community download and package as apt source repository - . /kopano/helper/create-kopano-repo.sh && \ - if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ - dl_and_package_community "core"; \ - fi; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ # prepare z-push installation echo "deb ${KOPANO_ZPUSH_REPOSITORY_URL} /" > /etc/apt/sources.list.d/zpush.list && \ @@ -50,7 +45,7 @@ RUN \ # TODO set IGNORE_FIXSTATES_ON_UPGRADE https://jira.z-hub.io/browse/ZP-1164 apt-get update && apt-get install -y --no-install-recommends \ apache2 \ - libapache2-mod-php7.0 \ + libapache2-mod-php7.3 \ crudini \ z-push-kopano \ z-push-config-apache \ @@ -81,10 +76,10 @@ RUN \ echo "Listen 80" > /etc/apache2/ports.conf && \ # configure mod_php a2enmod rewrite && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP upload_max_filesize 500M && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP post_max_size 500M && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP max_input_vars 1800 && \ - crudini --set /etc/php/7.0/apache2/php.ini Session session.save_path /run/sessions && \ + crudini --set /etc/php/7.3/apache2/php.ini PHP upload_max_filesize 500M && \ + crudini --set /etc/php/7.3/apache2/php.ini PHP post_max_size 500M && \ + crudini --set /etc/php/7.3/apache2/php.ini PHP max_input_vars 1800 && \ + crudini --set /etc/php/7.3/apache2/php.ini Session session.save_path /run/sessions && \ # configure z-push mkdir -p /var/lib/z-push /var/log/z-push && \ chown www-data:www-data /var/lib/z-push /var/log/z-push