flywithu/kopano-docker
1
0
Fork 0
mirror of https://github.com/zokradonh/kopano-docker synced 2025-06-08 16:36:19 +00:00
Code Issues Releases Wiki Activity

Minor changes

Browse Source
This commit is contained in:
Andre Zoledziowski 2018-07-01 12:16:53 +02:00
parent d535895cdc
commit 44eb4c8f52
No known key found for this signature in database
GPG Key ID: 2A72044119624966
3 changed files with 303 additions and 288 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

564
README.md
View File

@ -1,282 +1,282 @@
# KopanoDocker # KopanoDocker
Unofficial kopano docker images for all kopano services. Unofficial kopano docker images for all kopano services.
Use kopano_core image for server/spooler/dagent/search/monitor/ical/gateway services. Use kopano_core image for server/spooler/dagent/search/monitor/ical/gateway services.
Use kopano_webapp for web service. Use kopano_webapp for web service.
Example Example
======= =======
docker-compose.yml docker-compose.yml
``` ```
version: '3' version: '3'
services: services:
kserver: kserver:
image: zokradonh/kopano_core:${CORE_VERSION} image: zokradonh/kopano_core:${CORE_VERSION}
hostname: kserver hostname: kserver
container_name: kopano_server container_name: kopano_server
links: links:
- db - db
depends_on: depends_on:
- "kssl" - "kssl"
environment: environment:
- SERVICE_TO_START=server - SERVICE_TO_START=server
- TZ=Europe/Berlin - TZ=Europe/Berlin
- KCCONF_SERVER_COREDUMP_ENABLED=no - KCCONF_SERVER_COREDUMP_ENABLED=no
- KCCONF_SERVER_LOG_LEVEL=4 - KCCONF_SERVER_LOG_LEVEL=4
- KCCONF_SERVER_MYSQL_HOST=db - KCCONF_SERVER_MYSQL_HOST=db
- KCCONF_SERVER_MYSQL_PORT=3306 - KCCONF_SERVER_MYSQL_PORT=3306
- KCCONF_SERVER_MYSQL_DATABASE=kopano - KCCONF_SERVER_MYSQL_DATABASE=kopano
- KCCONF_SERVER_MYSQL_USERNAME=root - KCCONF_SERVER_MYSQL_USER=root
- KCCONF_SERVER_MYSQL_PASSWORD=YOUR_MYSQL_ROOT_PASSWORD #change here - KCCONF_SERVER_MYSQL_PASSWORD=YOUR_MYSQL_ROOT_PASSWORD #change here
- KCCONF_SERVER_SERVER_SSL_KEY_FILE=/kopano/ssl/kserver.pem - KCCONF_SERVER_SERVER_SSL_KEY_FILE=/kopano/ssl/kserver.pem
- KCCONF_SERVER_SERVER_SSL_CA_FILE=/kopano/ssl/ca.pem - KCCONF_SERVER_SERVER_SSL_CA_FILE=/kopano/ssl/ca.pem
- KCCONF_SERVER_SSLKEYS_PATH=/kopano/ssl/clients - KCCONF_SERVER_SSLKEYS_PATH=/kopano/ssl/clients
- KCCONF_SERVER_PROXY_HEADER=* # delete line if webapp is not behind reverse proxy - KCCONF_SERVER_PROXY_HEADER=* # delete line if webapp is not behind reverse proxy
- KCCONF_SERVER_SYSTEM_EMAIL_ADDRESS=hostmaster@domain.tld #change here - KCCONF_SERVER_SYSTEM_EMAIL_ADDRESS=hostmaster@domain.tld #change here
- KCCONF_SERVER_DISABLED_FEATURES=pop3 - KCCONF_SERVER_DISABLED_FEATURES=pop3
- KCCONF_SERVER_SEARCH_SOCKET=http://ksearch:2380/ - KCCONF_SERVER_SEARCH_SOCKET=http://ksearch:2380/
- KCCONF_LDAP_LDAP_URI=ldaps://ldapserver:ldapport #change here - KCCONF_LDAP_LDAP_URI=ldaps://ldapserver:ldapport #change here
- KCCONF_LDAP_LDAP_BIND_USER=cn=SOME_STANDARD_USER,OU=MyUsers,DC=domain,DC=tld #change here - KCCONF_LDAP_LDAP_BIND_USER=cn=SOME_STANDARD_USER,OU=MyUsers,DC=domain,DC=tld #change here
- KCCONF_LDAP_LDAP_BIND_PASSWD=PASSWORD_OF_STANDARD_USER #change here - KCCONF_LDAP_LDAP_BIND_PASSWD=PASSWORD_OF_STANDARD_USER #change here
- KCCONF_LDAP_LDAP_SEARCH_BASE=OU=MyUsers,dc=domain,dc=tld #change here - KCCONF_LDAP_LDAP_SEARCH_BASE=OU=MyUsers,dc=domain,dc=tld #change here
- KCCOMMENT_LDAP_1=!include /usr/share/kopano/ldap.openldap.cfg #delete if you want openldap - KCCOMMENT_LDAP_1=!include /usr/share/kopano/ldap.openldap.cfg #delete if you want openldap
- KCUNCOMMENT_LDAP_1=!include /usr/share/kopano/ldap.active-directory.cfg #delete if you want openldap - KCUNCOMMENT_LDAP_1=!include /usr/share/kopano/ldap.active-directory.cfg #delete if you want openldap
networks: networks:
- kopanonet - kopanonet
volumes: volumes:
- data:/kopano/data - data:/kopano/data
- sslcerts:/kopano/ssl - sslcerts:/kopano/ssl
kdagent: kdagent:
image: zokradonh/kopano_core:${CORE_VERSION} image: zokradonh/kopano_core:${CORE_VERSION}
container_name: kopano_dagent container_name: kopano_dagent
links: links:
- kserver - kserver
volumes: volumes:
- sslcerts:/kopano/ssl - sslcerts:/kopano/ssl
environment: environment:
- SERVICE_TO_START=dagent - SERVICE_TO_START=dagent
- TZ=Europe/Berlin - TZ=Europe/Berlin
- KCCONF_DAGENT_LOG_LEVEL=6 - KCCONF_DAGENT_LOG_LEVEL=6
- KCCONF_DAGENT_SERVER_SOCKET=https://kserver:237/ - KCCONF_DAGENT_SERVER_SOCKET=https://kserver:237/
- KCCONF_DAGENT_SSLKEY_FILE=/kopano/ssl/kdagent.pem - KCCONF_DAGENT_SSLKEY_FILE=/kopano/ssl/kdagent.pem
networks: networks:
- kopanonet - kopanonet
kgateway: kgateway:
image: zokradonh/kopano_core:${CORE_VERSION} image: zokradonh/kopano_core:${CORE_VERSION}
container_name: kopano_gateway container_name: kopano_gateway
links: links:
- kserver - kserver
volumes: volumes:
- ./gatewaycerts/:/kopano/certs/ - ./gatewaycerts/:/kopano/certs/
environment: environment:
- SERVICE_TO_START=gateway - SERVICE_TO_START=gateway
- TZ=Europe/Berlin - TZ=Europe/Berlin
- KCCONF_GATEWAY_SERVER_SOCKET=http://kserver:236/ - KCCONF_GATEWAY_SERVER_SOCKET=http://kserver:236/
- KCCONF_GATEWAY_SSL_PRIVATE_KEY_FILE=/kopano/certs/yourcert.key # change here - KCCONF_GATEWAY_SSL_PRIVATE_KEY_FILE=/kopano/certs/yourcert.key # change here
- KCCONF_GATEWAY_SSL_CERTIFICATE_FILE=/kopano/certs/yourcert.pem # change here - KCCONF_GATEWAY_SSL_CERTIFICATE_FILE=/kopano/certs/yourcert.pem # change here
networks: networks:
- kopanonet - kopanonet
kical: kical:
image: zokradonh/kopano_core:${CORE_VERSION} image: zokradonh/kopano_core:${CORE_VERSION}
container_name: kopano_ical container_name: kopano_ical
links: links:
- kserver - kserver
environment: environment:
- SERVICE_TO_START=ical - SERVICE_TO_START=ical
- TZ=Europe/Berlin - TZ=Europe/Berlin
- KCCONF_ICAL_SERVER_SOCKET=http://kserver:236/ - KCCONF_ICAL_SERVER_SOCKET=http://kserver:236/
networks: networks:
- kopanonet - kopanonet
kmonitor: kmonitor:
image: zokradonh/kopano_core:${CORE_VERSION} image: zokradonh/kopano_core:${CORE_VERSION}
container_name: kopano_monitor container_name: kopano_monitor
links: links:
- kserver - kserver
volumes: volumes:
- sslcerts:/kopano/ssl - sslcerts:/kopano/ssl
environment: environment:
- SERVICE_TO_START=monitor - SERVICE_TO_START=monitor
- TZ=Europe/Berlin - TZ=Europe/Berlin
- KCCONF_MONITOR_SERVER_SOCKET=https://kserver:237/ - KCCONF_MONITOR_SERVER_SOCKET=https://kserver:237/
- KCCONF_MONITOR_SSLKEY_FILE=/kopano/ssl/kmonitor.pem - KCCONF_MONITOR_SSLKEY_FILE=/kopano/ssl/kmonitor.pem
networks: networks:
- kopanonet - kopanonet
ksearch: ksearch:
image: zokradonh/kopano_core:${CORE_VERSION} image: zokradonh/kopano_core:${CORE_VERSION}
container_name: kopano_search container_name: kopano_search
links: links:
- kserver - kserver
volumes: volumes:
- sslcerts:/kopano/ssl - sslcerts:/kopano/ssl
environment: environment:
- SERVICE_TO_START=search - SERVICE_TO_START=search
- TZ=Europe/Berlin - TZ=Europe/Berlin
- KCCONF_SEARCH_SERVER_BIND_NAME=http://ksearch:2380 - KCCONF_SEARCH_SERVER_BIND_NAME=http://ksearch:2380
- KCCONF_SEARCH_SERVER_SOCKET=https://kserver:237/ - KCCONF_SEARCH_SERVER_SOCKET=https://kserver:237/
- KCCONF_SEARCH_SSLKEY_FILE=/kopano/ssl/ksearch.pem - KCCONF_SEARCH_SSLKEY_FILE=/kopano/ssl/ksearch.pem
networks: networks:
- kopanonet - kopanonet
kspooler: kspooler:
image: zokradonh/kopano_core:${CORE_VERSION} image: zokradonh/kopano_core:${CORE_VERSION}
container_name: kopano_spooler container_name: kopano_spooler
links: links:
- kserver - kserver
volumes: volumes:
- sslcerts:/kopano/ssl - sslcerts:/kopano/ssl
environment: environment:
- SERVICE_TO_START=spooler - SERVICE_TO_START=spooler
- TZ=Europe/Berlin - TZ=Europe/Berlin
- KCCONF_SPOOLER_SERVER_SOCKET=https://kserver:237/ - KCCONF_SPOOLER_SERVER_SOCKET=https://kserver:237/
- KCCONF_SPOOLER_LOG_LEVEL=4 - KCCONF_SPOOLER_LOG_LEVEL=4
- KCCONF_SPOOLER_SMTP_SERVER=kmta - KCCONF_SPOOLER_SMTP_SERVER=kmta
- KCCONF_SPOOLER_SSLKEY_FILE=/kopano/ssl/kspooler.pem - KCCONF_SPOOLER_SSLKEY_FILE=/kopano/ssl/kspooler.pem
networks: networks:
- kopanonet - kopanonet
kwebapp: kwebapp:
image: zokradonh/kopano_webapp:${WEBAPP_VERSION} image: zokradonh/kopano_webapp:${WEBAPP_VERSION}
hostname: kwebapp hostname: kwebapp
container_name: kopano_webapp container_name: kopano_webapp
links: links:
- kserver - kserver
#ports: #ports:
# - "8236:80" # - "8236:80"
# - "8237:443" # - "8237:443"
volumes: volumes:
- syncstates:/var/lib/z-push/ - syncstates:/var/lib/z-push/
- sslcerts:/kopano/ssl - sslcerts:/kopano/ssl
environment: environment:
- TZ=Europe/Berlin - TZ=Europe/Berlin
- KCCONF_SERVERHOSTNAME=kserver - KCCONF_SERVERHOSTNAME=kserver
- KCCONF_SERVERPORT=237 - KCCONF_SERVERPORT=237
networks: networks:
- web - web
- kopanonet - kopanonet
kssl: kssl:
image: zokradonh/kopano_ssl image: zokradonh/kopano_ssl
container_name: kopano_ssl container_name: kopano_ssl
volumes: volumes:
- sslcerts:/kopano/ssl - sslcerts:/kopano/ssl
kmta: kmta:
image: tvial/docker-mailserver:latest image: tvial/docker-mailserver:latest
hostname: myhost #change here hostname: myhost #change here
domainname: domain.tld #change here domainname: domain.tld #change here
#dns: 127.0.0.1 #dns: 127.0.0.1
container_name: kopano_mta container_name: kopano_mta
#links: #links:
# - adtunnel # - adtunnel
ports: ports:
- "25:25" - "25:25"
# - "143:143" # - "143:143"
# - "587:587" # - "587:587"
# - "993:993" # - "993:993"
volumes: volumes:
- tmpmaildata:/var/mail - tmpmaildata:/var/mail
- tmpmailstate:/var/mail-state - tmpmailstate:/var/mail-state
- ./mtaconfig/:/tmp/docker-mailserver/ # create this dir - ./mtaconfig/:/tmp/docker-mailserver/ # create this dir
environment: environment:
- TZ=Europe/Berlin - TZ=Europe/Berlin
- ENABLE_SPAMASSASSIN=1 - ENABLE_SPAMASSASSIN=1
- ENABLE_CLAMAV=1 - ENABLE_CLAMAV=1
- ENABLE_FAIL2BAN=1 - ENABLE_FAIL2BAN=1
- ENABLE_POSTGREY=1 - ENABLE_POSTGREY=1
- TLS_LEVEL=intermediate - TLS_LEVEL=intermediate
- POSTGREY_DELAY=10 - POSTGREY_DELAY=10
- ONE_DIR=1 - ONE_DIR=1
- DMS_DEBUG=0 - DMS_DEBUG=0
- ENABLE_LDAP=1 - ENABLE_LDAP=1
- LDAP_SERVER_HOST=ldaps://ldapserver:ldapport #change here - LDAP_SERVER_HOST=ldaps://ldapserver:ldapport #change here
- LDAP_SEARCH_BASE=OU=MyUsers,DC=domain,DC=tld #change here - LDAP_SEARCH_BASE=OU=MyUsers,DC=domain,DC=tld #change here
- LDAP_BIND_DN=cn=SOME_STANDARD_USER,OU=MyUsers,DC=domain,DC=tld #change here - LDAP_BIND_DN=cn=SOME_STANDARD_USER,OU=MyUsers,DC=domain,DC=tld #change here
- LDAP_BIND_PW=PASSWORD_OF_SOME_STANDARD_USER #change here - LDAP_BIND_PW=PASSWORD_OF_SOME_STANDARD_USER #change here
- LDAP_QUERY_FILTER_USER=(&(objectClass=user)(|(mail=%s)(otherMailbox=%s))) - LDAP_QUERY_FILTER_USER=(&(objectClass=user)(|(mail=%s)(otherMailbox=%s)))
- LDAP_QUERY_FILTER_GROUP=(&(objectclass=group)(mail=%s)) - LDAP_QUERY_FILTER_GROUP=(&(objectclass=group)(mail=%s))
- LDAP_QUERY_FILTER_ALIAS=(&(objectClass=user)(otherMailbox=%s)) - LDAP_QUERY_FILTER_ALIAS=(&(objectClass=user)(otherMailbox=%s))
- LDAP_QUERY_FILTER_DOMAIN=(&(|(mail=*@%s)(otherMailbox=*@%s)(mailGroupMember=*@%s))(kopanoAccount=1)(|(objectClass=user)(objectclass=group))) - LDAP_QUERY_FILTER_DOMAIN=(&(|(mail=*@%s)(otherMailbox=*@%s)(mailGroupMember=*@%s))(kopanoAccount=1)(|(objectClass=user)(objectclass=group)))
- ENABLE_SASLAUTHD=1 - ENABLE_SASLAUTHD=1
- SASLAUTHD_LDAP_SERVER=ldaps://ldapserver:ldapport #change here - SASLAUTHD_LDAP_SERVER=ldaps://ldapserver:ldapport #change here
- SASLAUTHD_LDAP_BIND_DN=cn=SOME_STANDARD_USER,OU=MyUsers,DC=domain,DC=tld #change here - SASLAUTHD_LDAP_BIND_DN=cn=SOME_STANDARD_USER,OU=MyUsers,DC=domain,DC=tld #change here
- SASLAUTHD_LDAP_PASSWORD=PASSWORD_OF_SOME_STANDARD_USER #change here - SASLAUTHD_LDAP_PASSWORD=PASSWORD_OF_SOME_STANDARD_USER #change here
- SASLAUTHD_LDAP_SEARCH_BASE=OU=MyUsers,DC=domain,DC=tld #change here - SASLAUTHD_LDAP_SEARCH_BASE=OU=MyUsers,DC=domain,DC=tld #change here
- SASLAUTHD_LDAP_FILTER=(&(sAMAccountName=%U)(objectClass=person)) - SASLAUTHD_LDAP_FILTER=(&(sAMAccountName=%U)(objectClass=person))
- SASLAUTHD_MECHANISMS=ldap - SASLAUTHD_MECHANISMS=ldap
- POSTMASTER_ADDRESS=postmaster@domain.tld #change here - POSTMASTER_ADDRESS=postmaster@domain.tld #change here
- SMTP_ONLY=1 - SMTP_ONLY=1
- PERMIT_DOCKER=network - PERMIT_DOCKER=network
- ENABLE_POSTFIX_VIRTUAL_TRANSPORT=1 - ENABLE_POSTFIX_VIRTUAL_TRANSPORT=1
- POSTFIX_DAGENT=lmtp:kdagent:2003 - POSTFIX_DAGENT=lmtp:kdagent:2003
- REPORT_RECIPIENT=1 - REPORT_RECIPIENT=1
networks: networks:
- kopanonet - kopanonet
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
- SYS_PTRACE - SYS_PTRACE
db: db:
image: mariadb image: mariadb
restart: always restart: always
container_name: kopano_db container_name: kopano_db
volumes: volumes:
- db:/var/lib/mysql - db:/var/lib/mysql
environment: environment:
- MYSQL_ROOT_PASSWORD=YOUR_MYSQL_ROOT_PASSWORD #change here - MYSQL_ROOT_PASSWORD=YOUR_MYSQL_ROOT_PASSWORD #change here
- MYSQL_PASSWORD=YOUR_PASSWORD #change here - MYSQL_PASSWORD=YOUR_PASSWORD #change here
- MYSQL_DATABASE=kopano - MYSQL_DATABASE=kopano
- MYSQL_USER=kopano - MYSQL_USER=kopano
networks: networks:
- kopanonet - kopanonet
volumes: volumes:
db: db:
data: data:
syncstates: syncstates:
sslcerts: sslcerts:
tmpmaildata: tmpmaildata:
tmpmailstate: tmpmailstate:
networks: networks:
web: # this requires an external docker container that is a http reverse proxy (e.g. haproxy) web: # this requires an external docker container that is a http reverse proxy (e.g. haproxy)
external: external:
name: haproxy_webrproxynet name: haproxy_webrproxynet
kopanonet: kopanonet:
driver: bridge driver: bridge
``` ```
Requires haproxy network for http reverse proxy. Requires haproxy network for http reverse proxy.
Change all lines which are commented especially those with #change here Change all lines which are commented especially those with #change here
This is just a quick example docker-compose.yml made in some minutes to provide a better start. This is just a quick example docker-compose.yml made in some minutes to provide a better start.
Requires `.env` file next to docker-compose.yml with content like this Requires `.env` file next to docker-compose.yml with content like this
``` ```
CORE_VERSION=8.6.80.1055-0plus156.1 CORE_VERSION=8.6.80.1055-0plus156.1
WEBAPP_VERSION=3.4.17.1565plus895.1 WEBAPP_VERSION=3.4.17.1565plus895.1
``` ```
Requires `ldap-groups.cf` in ./mtaconfig directory next to docker-compose.yml Requires `ldap-groups.cf` in ./mtaconfig directory next to docker-compose.yml
``` ```
bind = yes bind = yes
bind_dn = cn=admin,dc=domain,dc=com bind_dn = cn=admin,dc=domain,dc=com
bind_pw = admin bind_pw = admin
query_filter = (&(mailGroupMember=%s)(mailEnabled=TRUE)) query_filter = (&(mailGroupMember=%s)(mailEnabled=TRUE))
result_attribute = mail result_attribute = mail
search_base = ou=people,dc=domain,dc=com search_base = ou=people,dc=domain,dc=com
server_host = mail.domain.com server_host = mail.domain.com
start_tls = no start_tls = no
version = 3 version = 3
leaf_result_attribute = mail leaf_result_attribute = mail
special_result_attribute = member special_result_attribute = member
``` ```
Now group members of Active Directory groups can be found by postfix. Now group members of Active Directory groups can be found by postfix.
Furthermore you can use this directory for opendkim - see kmta's image for details. Furthermore you can use this directory for opendkim - see kmta's image for details.

19
build.sh
View File

@ -8,18 +8,21 @@ networkname="buildproxy_net"
customBuildArgs=() customBuildArgs=()
serial="" serial=""
component="" component=""
proxyContainerId=""
nocache=""
function _usage() function _usage()
{ {
echo "Usage: build.sh -c core|webapp [-s serial] [-b master|final|pre-final] [-p buildcontext] [-n networkname] [[-a buildarg] ...]" echo "Usage: build.sh -c core|webapp [-s serial] [-b master|final|pre-final] [-p buildcontext] [-n networkname] [[-a buildarg] ...] [-i]"
echo "Example: build.sh -c core -s ABC123456789DEF -b final" echo "Example: build.sh -c core -s ABC123456789DEF -b final"
echo "If no branch is specified, 'master' will be built by default." echo "-i Do not use cache on docker build."
echo "If no buildcontext is specified, it will be built from git repository. Normally, you do not need to specify this." echo "-b If no branch is specified, 'master' will be built by default."
echo "If no networkname is specified, it will create and use a network named 'buildproxy_net'." echo "-p If no buildcontext is specified, it will be built from git repository. Normally, you do not need to specify this."
echo "You can specify custom build args via e.g. -a KOPANO_CORE_REPOSITORY_URL=http://thisismy/url -a KOPANO_WEBAPP_REPOSITORY_URL=http://thisismy/url." echo "-n If no networkname is specified, it will create and use a network named 'buildproxy_net'."
echo "-a You can specify custom build args via e.g. -a KOPANO_CORE_REPOSITORY_URL=http://thisismy/url -a KOPANO_WEBAPP_REPOSITORY_URL=http://thisismy/url."
} }
while getopts ":s:c:b:p:n:a:" opt; do while getopts ":s:c:b:p:n:a:i" opt; do
case $opt in case $opt in
s) s)
serial=$OPTARG serial=$OPTARG
@ -39,6 +42,9 @@ while getopts ":s:c:b:p:n:a:" opt; do
a) a)
customBuildArgs[${#customBuildArgs[*]}]=$OPTARG customBuildArgs[${#customBuildArgs[*]}]=$OPTARG
;; ;;
i)
nocache="--no-cache"
;;
\?) \?)
_usage _usage
exit 1 exit 1
@ -118,6 +124,7 @@ docker build \
--build-arg KOPANO_${component^^}_VERSION=$currentVersion \ --build-arg KOPANO_${component^^}_VERSION=$currentVersion \
$customBuildString \ $customBuildString \
$tagLatest \ $tagLatest \
$nocache \
-t zokradonh/kopano_$component:$currentVersionDocker \ -t zokradonh/kopano_$component:$currentVersionDocker \
-t zokradonh/kopano_$component:latest-$branch \ -t zokradonh/kopano_$component:latest-$branch \
--network $networkname \ --network $networkname \

8
core/start-service.sh
View File

@ -19,6 +19,14 @@ chown -R kopano:kopano /kopano/data /run /tmp
echo "Clean old pid files and sockets" | ts echo "Clean old pid files and sockets" | ts
rm -f /var/run/kopano/* rm -f /var/run/kopano/*
# allow helper commands given by "docker-compose run"
if [ $# -gt 0 ]
then
exec "$@"
exit
fi
# start regular service
case "$SERVICE_TO_START" in case "$SERVICE_TO_START" in
server) server)
exec /usr/sbin/kopano-server -F exec /usr/sbin/kopano-server -F