diff --git a/.gitignore b/.gitignore index 55fb1db..fdfe662 100644 --- a/.gitignore +++ b/.gitignore @@ -8,7 +8,6 @@ **/.vscode apt_auth.conf build.tags -calendar/kopano-calendar-*/ data/* dive.log docker-compose.override.yml diff --git a/Makefile b/Makefile index b92a905..fcb56d4 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,7 @@ docker_repo := zokradonh base_download_version := $(shell ./version.sh core) core_download_version := $(shell ./version.sh core) +kapps_download_version := $(shell ./version.sh kapps) meet_download_version := $(shell ./version.sh meet) webapp_download_version := $(shell ./version.sh webapp) zpush_download_version := $(shell ./version.sh zpush) @@ -132,6 +133,9 @@ build-core-dagent: build-helper: component=build make build-simple +build-kapps: + component=kapps make build + build-konnect: component=konnect make build-simple diff --git a/base/Dockerfile b/base/Dockerfile index f1c8594..5014d2a 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -12,7 +12,7 @@ ARG KOPANO_UID=999 ARG KOPANO_GID=999 ENV \ - BASE_VERSION=2.0.0 \ + BASE_VERSION=2.1.0 \ DEBIAN_FRONTEND=noninteractive \ DEBUG="" @@ -73,7 +73,7 @@ RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ # get common utilities COPY create-kopano-repo.sh /kopano/helper/ -COPY kcconf.py /kopano/ +COPY kcconf.py defaultconfigs/ /kopano/ SHELL [ "/bin/bash", "-c"] diff --git a/meet/defaultconfigs/meet.py b/base/defaultconfigs/cfg-from-env.py similarity index 85% rename from meet/defaultconfigs/meet.py rename to base/defaultconfigs/cfg-from-env.py index 756042a..0cc1806 100644 --- a/meet/defaultconfigs/meet.py +++ b/base/defaultconfigs/cfg-from-env.py @@ -1,4 +1,4 @@ -import os +#!/usr/bin/env python3 import kcconf # Override configs from environment variables diff --git a/calendar/calendar.yml b/calendar/calendar.yml deleted file mode 100644 index 14023b5..0000000 --- a/calendar/calendar.yml +++ /dev/null @@ -1,10 +0,0 @@ -version: "3.5" -services: - web: - volumes: - - ./calendar/kweb-calendar.cfg:/etc/kweb-extras/kweb-calendar.cfg - - ./calendar/kopano-calendar-0.20.0/:/usr/share/kopano-calendar/ - - ./calendar/kopano-calendar-0.20.0/config.json.in:/var/www/api/config/v1/kopano/calendar/config.json - kopano_grapi: - environment: - - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=yes diff --git a/calendar/kweb-calendar.cfg b/calendar/kweb-calendar.cfg deleted file mode 100644 index 5987ed2..0000000 --- a/calendar/kweb-calendar.cfg +++ /dev/null @@ -1 +0,0 @@ -staticpwa /calendar /usr/share/kopano-calendar/calendar-webapp diff --git a/docker-compose.yml b/docker-compose.yml index 6be6d5b..a9d8e97 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -173,7 +173,7 @@ services: - kopanograpi/:/var/lib/kopano-grapi - kopanosocket/:/run/kopano environment: - - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=no + - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=no # needs to be set to yes for grapi versions prior to 10.3 to use calendar - KCCONF_GRAPI_INSECURE=${INSECURE} - KCCONF_GRAPI_PERSISTENCY_PATH=/var/lib/kopano-grapi - SERVICE_TO_START=grapi @@ -218,6 +218,26 @@ services: tmpfs: - /tmp + kopano_kapps: + image: ${docker_repo:-zokradonh}/kopano_kapps:${CORE_VERSION:-latest} + read_only: true + restart: unless-stopped + environment: + - SERVICE_TO_START=kapps + env_file: + - kopano_kapps.env + depends_on: + - kopano_kapi + - kopano_konnect + - web + volumes: + - /etc/machine-id:/etc/machine-id + - /etc/machine-id:/var/lib/dbus/machine-id + networks: + - web-net + tmpfs: + - /tmp + kopano_kdav: image: ${docker_repo:-zokradonh}/kopano_kdav:${KDAV_VERSION:-latest} read_only: true @@ -457,7 +477,6 @@ services: - KCCONF_MEET_guests_enabled=true - KCCONF_MEET_oidc_useImplicitFlow=true # workaround for guest login with meet https://stash.kopano.io/projects/KWM/repos/meet/pull-requests/102/overview - KCCONF_MEET_minimumVersion=20200121 # can be used force updates of Meet - - SERVICE_TO_START=meet env_file: - kopano_meet.env depends_on: diff --git a/kapps/Dockerfile b/kapps/Dockerfile new file mode 100644 index 0000000..e2bb17e --- /dev/null +++ b/kapps/Dockerfile @@ -0,0 +1,63 @@ +ARG docker_repo=zokradonh +FROM ${docker_repo}/kopano_base:latest + +ARG ADDITIONAL_KOPANO_PACKAGES="" +ARG DOWNLOAD_COMMUNITY_PACKAGES=1 +ARG KOPANO_REPOSITORY_FLAGS="trusted=yes" +ARG RELEASE_KEY_DOWNLOAD=0 +ARG DEBIAN_FRONTEND=noninteractive +ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo/core" +ARG KOPANO_CORE_VERSION=newest +ARG KOPANO_KAPPS_REPOSITORY_URL="file:/kopano/repo/kapps" +ARG KOPANO_KAPPS_VERSION=newest +ENV KOPANO_KAPPS_VERSION=$KOPANO_KAPPS_VERSION + +ENV \ + ADDITIONAL_KOPANO_PACKAGES=$ADDITIONAL_KOPANO_PACKAGES \ + DOWNLOAD_COMMUNITY_PACKAGES=$DOWNLOAD_COMMUNITY_PACKAGES \ + KOPANO_CORE_REPOSITORY_URL=$KOPANO_CORE_REPOSITORY_URL \ + KOPANO_CORE_VERSION=$KOPANO_CORE_VERSION \ + KOPANO_REPOSITORY_FLAGS=$KOPANO_REPOSITORY_FLAGS \ + RELEASE_KEY_DOWNLOAD=$RELEASE_KEY_DOWNLOAD + +LABEL maintainer=az@zok.xyz \ + org.label-schema.name="Kopano apps container" \ + org.label-schema.description="Container for running Kopano Apps" \ + org.label-schema.url="https://kopano.io" \ + org.label-schema.vcs-url="https://github.com/zokradonh/kopano-docker" \ + org.label-schema.version=$KOPANO_KAPPS_VERSION \ + org.label-schema.schema-version="1.0" + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# install Kopano Core and refresh ca-certificates +RUN \ + # community download and package as apt source repository + . /kopano/helper/create-kopano-repo.sh && \ + if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ + dl_and_package_community "kapps"; \ + fi; \ + echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_KAPPS_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ + # install + apt-get update && \ + # TODO mime-support could be remove once its an official dependency of kopano-kwebd + apt-get install --no-install-recommends -y \ + mime-support \ + kopano-kwebd \ + kopano-calendar \ + ${ADDITIONAL_KOPANO_PACKAGES} \ + && \ + rm -rf /var/cache/apt /var/lib/apt/lists && \ + # make configuration a symlink to prevent overwriting it + # TODO better would be to override its configuration in kweb.cfg + ln -s /tmp/calendar.json /usr/share/kopano-kweb/www/config/kopano/calendar.json + +COPY start-service.sh /kopano/ +COPY goss.yaml /goss/ +CMD [ "/kopano/start-service.sh" ] + +HEALTHCHECK --interval=1m --timeout=10s \ + CMD goss -g /goss/goss.yaml validate + +ARG VCS_REF +LABEL org.label-schema.vcs-ref=$VCS_REF \ No newline at end of file diff --git a/calendar/README.md b/kapps/README.md similarity index 100% rename from calendar/README.md rename to kapps/README.md diff --git a/kapps/goss.yaml b/kapps/goss.yaml new file mode 100644 index 0000000..579ba57 --- /dev/null +++ b/kapps/goss.yaml @@ -0,0 +1,18 @@ +file: + /tmp/calendar.json: + exists: true + mode: "0644" + owner: root + group: root + filetype: file + contains: [] +process: + kwebd: + running: true +http: + http://localhost:9080/calendar: + status: 200 + allow-insecure: false + no-follow-redirects: false + timeout: 5000 + body: [] diff --git a/kapps/start-service.sh b/kapps/start-service.sh new file mode 100755 index 0000000..f5de139 --- /dev/null +++ b/kapps/start-service.sh @@ -0,0 +1,78 @@ +#!/bin/bash + +ADDITIONAL_KOPANO_PACKAGES=${ADDITIONAL_KOPANO_PACKAGES:-""} + +set -eu # unset variables are errors & non-zero return values exit the whole script +[ "$DEBUG" ] && set -x + +# copy configuration files to /tmp/kopano to prevent modification of mounted config files +mkdir -p /tmp/kopano +cp /etc/kopano/*.cfg /tmp/kopano + +echo "Applying cfg changes from env" +/usr/bin/python3 /kopano/cfg-from-env.py + +meetversion=$(dpkg-query --showformat='${Version}' --show kopano-calendar-webapp) +echo "Using Kopano Calendar: $meetversion" + +# allow helper commands given by "docker-compose run" +if [ $# -gt 0 ]; then + exec "$@" + exit +fi + +cp /usr/share/doc/kopano-calendar-webapp/config.json.in /tmp/calendar.json +CONFIG_JSON="/tmp/calendar.json" +# TODO move into extra file to make it easier to reuse +echo "Updating $CONFIG_JSON" +for setting in $(compgen -A variable KCCONF_CALENDAR); do + setting2=${setting#KCCONF_CALENDAR_} + # dots in setting2 need to be escaped to not be handled as separate entities in the json file + case ${!setting} in + true|TRUE|false|FALSE|[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]) + jq ".\"${setting2//_/\".\"}\" = ${!setting}" $CONFIG_JSON | sponge $CONFIG_JSON + ;; + *) + jq ".\"${setting2//_/\".\"}\" = \"${!setting}\"" $CONFIG_JSON | sponge $CONFIG_JSON + ;; + esac +done + +# Populate app grid +# TODO move into extra file to make it easier to reuse +# Note: if all of below variables are set to "no" kpop will fall back to its default behaviour and show all known apps. + +# enable Kopano Konnect in the app grid +if [ "${GRID_KONNECT:-yes}" = "yes" ]; then + jq '.apps.enabled += ["kopano-konnect"]' $CONFIG_JSON | sponge $CONFIG_JSON +fi + +# enable Kopano Meet in the app grid +if [ "${GRID_MEET:-yes}" = "yes" ]; then + jq '.apps.enabled += ["kopano-meet"]' $CONFIG_JSON | sponge $CONFIG_JSON +fi + +# enable Kopano WebApp in the app grid +if [ "${GRID_WEBAPP:-yes}" = "yes" ]; then + jq '.apps.enabled += ["kopano-webapp"]' $CONFIG_JSON | sponge $CONFIG_JSON +fi + +# enable Kopano WebApp in the app grid +if [ "${GRID_CALENDAR:-yes}" = "yes" ]; then + jq '.apps.enabled += ["kopano-calendar"]' $CONFIG_JSON | sponge $CONFIG_JSON +fi + +sed s/\ *=\ */=/g /tmp/kopano/kwebd.cfg > /tmp/kweb-env +# always disable tls +export tls=no +# shellcheck disable=SC2046 +export $(grep -v '^#' /tmp/kweb-env | xargs -d '\n') + +# services need to be aware of the machine-id +dockerize \ + -wait file:///etc/machine-id \ + -wait file:///var/lib/dbus/machine-id + +# cleaning up env variables +unset "${!KCCONF_@}" +exec kopano-kwebd serve diff --git a/meet/Dockerfile b/meet/Dockerfile index dc33e00..aaf3a31 100644 --- a/meet/Dockerfile +++ b/meet/Dockerfile @@ -19,7 +19,8 @@ ENV \ KOPANO_CORE_REPOSITORY_URL=$KOPANO_CORE_REPOSITORY_URL \ KOPANO_CORE_VERSION=$KOPANO_CORE_VERSION \ KOPANO_REPOSITORY_FLAGS=$KOPANO_REPOSITORY_FLAGS \ - RELEASE_KEY_DOWNLOAD=$RELEASE_KEY_DOWNLOAD + RELEASE_KEY_DOWNLOAD=$RELEASE_KEY_DOWNLOAD \ + SERVICE_TO_START=meet LABEL maintainer=az@zok.xyz \ org.label-schema.name="Kopano Meet container" \ @@ -54,7 +55,7 @@ RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ # TODO better would be to override its configuration in kweb.cfg ln -s /tmp/meet.json /usr/share/kopano-kweb/www/config/kopano/meet.json -COPY defaultconfigs/ start-service.sh /kopano/ +COPY start-service.sh /kopano/ COPY goss.yaml /goss/ CMD [ "/kopano/start-service.sh" ] diff --git a/meet/start-service.sh b/meet/start-service.sh index e9be8e9..9b5bc45 100755 --- a/meet/start-service.sh +++ b/meet/start-service.sh @@ -9,13 +9,8 @@ set -eu # unset variables are errors & non-zero return values exit the whole scr mkdir -p /tmp/kopano cp /etc/kopano/*.cfg /tmp/kopano -if [ ! -e /kopano/"$SERVICE_TO_START".py ]; then - echo "Invalid service specified: $SERVICE_TO_START" | ts - exit 1 -fi - -echo "Configure service '$SERVICE_TO_START'" | ts -/usr/bin/python3 /kopano/"$SERVICE_TO_START".py +echo "Applying cfg changes from env" +/usr/bin/python3 /kopano/cfg-from-env.py meetversion=$(dpkg-query --showformat='${Version}' --show kopano-meet-webapp) echo "Using Kopano Meet: $meetversion" @@ -59,6 +54,11 @@ if [ "${GRID_WEBAPP:-yes}" = "yes" ]; then jq '.apps.enabled += ["kopano-webapp"]' $CONFIG_JSON | sponge $CONFIG_JSON fi +# enable Kopano WebApp in the app grid +if [ "${GRID_CALENDAR:-yes}" = "yes" ]; then + jq '.apps.enabled += ["kopano-calendar"]' $CONFIG_JSON | sponge $CONFIG_JSON +fi + sed s/\ *=\ */=/g /tmp/kopano/kwebd.cfg > /tmp/kweb-env # always disable tls export tls=no diff --git a/setup.sh b/setup.sh index b148208..0dad004 100755 --- a/setup.sh +++ b/setup.sh @@ -41,7 +41,7 @@ if [ ! -e /etc/machine-id ]; then fi echo "Creating individual env files for containers (if they do not exist already)" -for dockerenv in ldap password-self-service mail db kopano_ssl kopano_server kopano_webapp kopano_zpush kopano_grapi kopano_kapi kopano_dagent kopano_spooler kopano_gateway kopano_ical kopano_monitor kopano_scheduler kopano_search kopano_konnect kopano_kwmserver kopano_meet; do +for dockerenv in ldap password-self-service mail db kopano_ssl kopano_server kopano_webapp kopano_zpush kopano_grapi kopano_kapi kopano_dagent kopano_spooler kopano_gateway kopano_ical kopano_monitor kopano_scheduler kopano_search kopano_konnect kopano_kwmserver kopano_meet kopano_kapps; do touch ./"$dockerenv".env done diff --git a/web/Dockerfile b/web/Dockerfile index d7019ba..d7dab04 100644 --- a/web/Dockerfile +++ b/web/Dockerfile @@ -22,17 +22,18 @@ ENV \ # This causes issues when using kweb in kubernetes. # Related issue https://github.com/docker/compose/issues/229 ENV \ - KWEBD_DNS_KONNECT="kopano_konnect" \ - KWEBD_DNS_MEET="kopano_meet" \ - KWEBD_DNS_KAPI="kopano_kapi" \ - KWEBD_DNS_PLAYGROUND="kopano_playground" \ - KWEBD_DNS_KWMSERVER="kopano_kwmserver" \ - KWEBD_DNS_WEBAPP="kopano_webapp" \ - KWEBD_DNS_ZPUSH="kopano_zpush" \ - KWEBD_DNS_ICAL="kopano_ical" \ - KWEBD_DNS_KDAV="kopano_kdav" \ KWEBD_DNS_GRAPI="kopano_grapi" \ - KWEBD_DNS_ICAL="kopano_ical" + KWEBD_DNS_ICAL="kopano_ical" \ + KWEBD_DNS_ICAL="kopano_ical" \ + KWEBD_DNS_KAPI="kopano_kapi" \ + KWEBD_DNS_KAPPS="kopano_kapps" \ + KWEBD_DNS_KDAV="kopano_kdav" \ + KWEBD_DNS_KONNECT="kopano_konnect" \ + KWEBD_DNS_KWMSERVER="kopano_kwmserver" \ + KWEBD_DNS_MEET="kopano_meet" \ + KWEBD_DNS_PLAYGROUND="kopano_playground" \ + KWEBD_DNS_WEBAPP="kopano_webapp" \ + KWEBD_DNS_ZPUSH="kopano_zpush" ENV DOCKERIZE_VERSION v0.6.1 RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ diff --git a/web/kweb.cfg b/web/kweb.cfg index 15c4ca3..400f12e 100644 --- a/web/kweb.cfg +++ b/web/kweb.cfg @@ -145,6 +145,21 @@ } folderish /meet + proxy /api/config/v1/kopano/calendar/ http://{%KWEBD_DNS_KAPPS%}:9080/ { + fail_timeout 10s + try_duration 30s + transparent + keepalive 100 + } + + proxy /calendar/ {%KWEBD_DNS_KAPPS%}:9080 { + fail_timeout 10s + try_duration 30s + transparent + keepalive 100 + } + folderish /calendar + proxy /webapp/ {%KWEBD_DNS_WEBAPP%}:9080 { fail_timeout 10s try_duration 30s