Simplified build.sh. Updated Readme.

README.md

@@ -3,11 +3,50 @@ Unofficial kopano docker images for all kopano services.
 Use kopano_core image for server/spooler/dagent/search/monitor/ical/gateway services.
 Use kopano_webapp for web service.
 
+Building
+=======
+You may use `build.sh` script but you can also invoke `docker build` directly to build community or supported kopano components.
+Currently there are the following components implemented by this project:
+- core (server/spooler/dagent/search/monitor/ical/gateway services)
+- webapp (apache server for kopano webapp and z-push)
+
+### Building community Kopano
+Example:
+
+`docker build https://github.com/zokradonh/kopano-docker.git#:core`
+
+Or use the build.sh script:
+
+`build.sh -c core`
+
+### Building supported Kopano
+If you have an active Kopano subscription you need specify the following build time arguments:
+- KOPANO_CORE_REPOSITORY_URL to `https://serial:<YOURSERIAL>@download.kopano.io/supported/core:/final/Debian_9.0`
+- RELEASE_KEY_DOWNLOAD to 1
+- DOWNLOAD_COMMUNITY_PACKAGES to 0
+
+Example:
+
+`docker build --build-arg KOPANO_CORE_REPOSITORY_URL=https://serial:ABC123456789@download.kopano.io/supported/core:/final/Debian_9.0 --build-arg RELEASE_KEY_DOWNLOAD=1 --build-arg DOWNLOAD_COMMUNITY_PACKAGES=0 https://github.com/zokradonh/kopano-docker.git#:core`
+
+Or use the build.sh script:
+
+`build.sh -c core -s ABC123456789 -b final`
+
+Replace `ABC123456789` with your serial.
+
+---
+***WARNING***
+
+The built image now includes your serial. Do not push this image to any public registry like `hub.docker.com`.
+
+---
+
 Example
 =======
 
 docker-compose.yml
-```
+```YAML
 version: '3'
 
 services:
@@ -258,13 +297,13 @@ Change all lines which are commented especially those with #change here
 This is just a quick example docker-compose.yml made in some minutes to provide a better start.
 
 Requires `.env` file next to docker-compose.yml with content like this
-```
+```INI
 CORE_VERSION=8.6.80.1055-0plus156.1
 WEBAPP_VERSION=3.4.17.1565plus895.1
 ```
 
 Requires `ldap-groups.cf` in ./mtaconfig directory next to docker-compose.yml
-```
+```INI
 bind                     = yes
 bind_dn                  = cn=admin,dc=domain,dc=com
 bind_pw                  = admin

build.sh

@@ -4,22 +4,23 @@ set -eu
 
 branch="master"
 buildcontext_base="https://github.com/zokradonh/kopano-docker.git#:"
-networkname="buildproxy_net"
 customBuildArgs=()
 serial=""
 component=""
-proxyContainerId=""
 nocache=""
 
+function urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }
+
 function _usage()
 {
-    echo "Usage: build.sh -c core|webapp [-s serial] [-b master|final|pre-final] [-p buildcontext] [-n networkname] [[-a buildarg] ...] [-i]"
+    echo "Usage: build.sh -c core|webapp [-s serial] [-b master|final|pre-final] [-p buildcontext] [[-a buildarg] ...] [-i]"
     echo "Example: build.sh -c core -s ABC123456789DEF -b final"
+    echo "-c   The Kopano component to be built."
+    echo "-s   Provide serial if you want to build from supported repository."
     echo "-i   Do not use cache on docker build."
     echo "-b   If no branch is specified, 'master' will be built by default."
     echo "-p   If no buildcontext is specified, it will be built from git repository. Normally, you do not need to specify this."
-    echo "-n   If no networkname is specified, it will create and use a network named 'buildproxy_net'."
-    echo "-a   You can specify custom build args via e.g. -a KOPANO_CORE_REPOSITORY_URL=http://thisismy/url -a KOPANO_WEBAPP_REPOSITORY_URL=http://thisismy/url."
+    echo "-a   You can specify custom build args via e.g. -a ADDITIONAL_KOPANO_PACKAGES=kopano-migration-imap"
 }
 
 while getopts ":s:c:b:p:n:a:i" opt; do
@@ -36,9 +37,6 @@ while getopts ":s:c:b:p:n:a:i" opt; do
         p)
             buildcontext_base=$OPTARG
         ;;
-        n)
-            networkname=$OPTARG
-        ;;
         a)
             customBuildArgs[${#customBuildArgs[*]}]=$OPTARG
         ;;
@@ -56,8 +54,6 @@ while getopts ":s:c:b:p:n:a:i" opt; do
     esac
 done
 
-
-
 case "$component" in
     core)
         mainpackage="kopano-server"
@@ -70,68 +66,77 @@ case "$component" in
         exit 1
 esac
 
+customBuildString=""
+# prepare custom build args
+if [[ ${customBuildArgs[@]:+${customBuildArgs[@]}} ]];
+then
+    for buildArg in "${customBuildArgs[@]}"
+    do
+        customBuildString="$customBuildString --build-arg $buildArg"
+    done
+fi
+
 if [ ! -z "$serial" ]
 then
+
+    # start build of supported kopano
     # get current version to brand and tag the image correctly
     currentVersion=$(curl -s -S -L https://serial:$serial@download.kopano.io/supported/$component:/$branch/Debian_9.0/Packages.gz |\
                         gzip -d | grep -A 8 "^Package: $mainpackage$" | awk '/Version/ { print $2 }')
 
     currentVersionDocker=$(echo $currentVersion | sed 's/+/plus/')
 
-    # check existence of network
-    isnetup=$(docker network ls | grep $networkname | wc -l)
 
-    if [ $isnetup -eq 0 ]
+    # webapp also needs core repository
+    if [ "$component" == "webapp" ]
     then
-        echo "Missing build network. Creating network $networkname..."
-        docker network create --attachable $networkname
+        customBuildString="$customBuildString --build-arg KOPANO_CORE_REPOSITORY_URL=https://serial:$serial@download.kopano.io/supported/core:/$branch/Debian_9.0"
     fi
 
-    # check if buildproxy helper container is running
-    isproxyup=$(docker ps | grep kopano_buildproxy | wc -l)
+    echo "Start building supported kopano $component image version ($currentVersion)..."
 
-    if [ $isproxyup -eq 0 ]
-    then
-        echo "Build proxy container not runnning - now building..."
-        docker build -t kopano_buildproxy ${buildcontext_base}repoproxy
-        echo "Start buildproxy helper..."
-        proxyContainerId=$(docker run --rm -ti -d -e KOPANO_SERIAL=$serial --network $networkname --network-alias buildproxy kopano_buildproxy)
+    # build it
+    docker build --build-arg KOPANO_${component^^}_REPOSITORY_URL=https://serial:$serial@download.kopano.io/supported/$component:/$branch/Debian_9.0 \
+                 --build-arg RELEASE_KEY_DOWNLOAD=1 \
+                 --build-arg DOWNLOAD_COMMUNITY_PACKAGES=0 \
+                 --build-arg KOPANO_${component^^}_VERSION=$currentVersion \
+                 -t zokradonh/kopano_$component:$currentVersionDocker \
+                 -t zokradonh/kopano_$component:latest-$branch \
+                 $nocache \
+                 $customBuildString \
+                 ${buildcontext_base}${component}
+    if [ $? -eq 0 ]
+    then 
+        echo "Please note that this image does include your serial. If you publish this image then your serial is exposed to public."
     fi
 else
-    currentVersion="newest"
-    currentVersionDocker="custom"
-fi
+    # start build of community kopano
 
-# only tag the master branch with ":latest"
-if [ "$branch" == "master" ]
-then
-    tagLatest="-t zokradonh/kopano_$component:latest"
-else
-    tagLatest=" "
-fi
+    hash jq > /dev/null
+    if [ $? -ne 0 ]
+    then
+        echo "Please install jq in order to run this build script."
+        exit 1
+    fi
 
-customBuildString=""
-# prepare custom build args
-for buildArg in "${customBuildArgs[@]}"
-do
-    customBuildString="$customBuildString --build-arg $buildArg"
-done
+    # query community server by h5ai API
+    filename=$(curl -s -S -L -d "action=get&items%5Bhref%5D=%2Fcommunity%2F$component%3A%2F&items%5Bwhat%5D=1" -H \
+                    "Accept: application/json" https://download.kopano.io/community/ | jq '.items[].href' | \
+                    grep Debian_9.0-amd64 | sed 's#"##g' | sed "s#/community/$component:/##")
 
-# build it
-echo "Start building kopano $component image version ($currentVersion)..."
-docker build \
-    --build-arg KOPANO_REPOSITORY_BRANCH=$branch \
-    --build-arg KOPANO_${component^^}_VERSION=$currentVersion \
-    $customBuildString \
-    $tagLatest \
-    $nocache \
-    -t zokradonh/kopano_$component:$currentVersionDocker \
-    -t zokradonh/kopano_$component:latest-$branch \
-    --network $networkname \
-    ${buildcontext_base}${component}
+    filename=$(urldecode $filename)
 
-# stop proxy container if we started it
-if [ ! -z "$proxyContainerId" ]
-then 
-    docker stop $proxyContainerId
+    currentVersion=$(echo $filename | sed -r 's#[a-z]+-([0-9_.+]+)-.*#\1#')
+    currentVersionDocker=$(echo $currentVersion | sed 's/+/plus/')
+
+    echo "Start building community kopano $component image version ($currentVersion)..."
+
+    # build it
+    docker build -t zokradonh/kopano_$component:$currentVersionDocker \
+                 -t zokradonh/kopano_$component:latest-$branch \
+                 -t zokradonh/kopano_$component:latest \
+                 --build-arg KOPANO_${component^^}_VERSION=$currentVersion \
+                 $nocache \
+                 $customBuildString \
+                 ${buildcontext_base}${component}
 fi

core/Dockerfile

@@ -10,6 +10,7 @@ ARG DEBIAN_FRONTEND=noninteractive
 
 # install basics
 RUN apt-get update && \
+    apt-get upgrade -y && \
     apt-get install --no-install-recommends -y \
         curl \
         gpg \
@@ -28,7 +29,6 @@ RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
     update-locale LANG=en_US.UTF-8
 
 ARG KOPANO_CORE_VERSION=newest
-ARG KOPANO_REPOSITORY_BRANCH=master
 ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo"
 ARG KOPANO_REPOSITORY_FLAGS="trusted=yes"
 ARG DOWNLOAD_COMMUNITY_PACKAGES=1
@@ -51,7 +51,7 @@ RUN \
     [ ${RELEASE_KEY_DOWNLOAD} -eq 1 ] && curl -s -S -o - "${KOPANO_CORE_REPOSITORY_URL}/Release.key" | apt-key add -; \
     apt-get update && \
     apt-get install --no-install-recommends -y \
-        kopano-server-packages="${KOPANO_CORE_VERSION}" \
+        kopano-server-packages \
         ${ADDITIONAL_KOPANO_PACKAGES} \
         php7.0-cli && \
     rm -rf /var/cache/apt /var/lib/apt/lists && \

core/README.md

@@ -21,16 +21,4 @@ See: https://documentation.kopano.io/kopanocore_administrator_manual/configure_k
 
 Example:
 
-`docker-compose exec kserver kopano-cli --list-users` (This may last very long without any console output.)
-
-
-Building supported Kopano
-=====
-If you have an active Kopano subscription you need specify the following build time arguments:
-- KOPANO_CORE_REPOSITORY_URL to `https://serial:<YOURSERIAL>@download.kopano.io/supported/core:/final/Debian_9.0`
-- RELEASE_KEY_DOWNLOAD to 1
-- DOWNLOAD_COMMUNITY_PACKAGES to 0
-
-Example:
-
-`docker build --build-arg KOPANO_CORE_REPOSITORY_URL=https://serial:ABC123456789@download.kopano.io/supported/core:/final/Debian_9.0 --build-arg RELEASE_KEY_DOWNLOAD=1 --build-arg DOWNLOAD_COMMUNITY_PACKAGES=0 https://github.com/zokradonh/kopano-docker.git#:core`
+`docker-compose exec kserver kopano-cli --list-users` (This may last very long without any console output.)

repoproxy/Dockerfile

@@ -1,6 +0,0 @@
-FROM nginx:alpine
-
-COPY default.conf start.sh /buildproxy/
-RUN chmod a+x /buildproxy/start.sh
-
-CMD ["/buildproxy/start.sh"]

repoproxy/README.md

@@ -1,4 +0,0 @@
-This image is simply for building the Kopano images. It allows building Kopano from repositories that need a serial key without 
-exposing the serial key in the image metadata.
-
-Never publish an image of this proxy as this will include your serial.

repoproxy/default.conf

@@ -1,24 +0,0 @@
-server {
-    listen       80;
-    server_name  _;
-
-    #charset koi8-r;
-    # redirect server error pages to the static page /50x.html
-    #
-    error_page   500 502 503 504  /50x.html;
-    location = /50x.html {
-        root   /usr/share/nginx/html;
-    }
-
-    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
-    #
-    #location ~ \.php$ {
-    #    proxy_pass   http://127.0.0.1;
-    #}
-
-    location / {
-        proxy_pass ${KOPANO_REPOSITORY_BASE_URL};
-        proxy_set_header Authorization "Basic ${B64_CREDS}";
-    }
-
-}

repoproxy/start.sh

@@ -1,13 +0,0 @@
-#!/bin/ash
-
-KOPANO_USER=serial
-
-export KOPANO_REPOSITORY_BASE_URL="https://download.kopano.io/"
-
-export B64_CREDS=$(echo "$KOPANO_USER:$KOPANO_SERIAL" | base64)
-
-# inject the secrets into config file
-cat /buildproxy/default.conf | envsubst > /etc/nginx/conf.d/default.conf
-
-# run reverse proxy
-exec nginx -g "daemon off;"

webapp/Dockerfile

@@ -10,6 +10,7 @@ ENV DEBIAN_FRONTEND noninteractive
 
 # install basics
 RUN apt-get update && \
+    apt-get upgrade -y && \
     apt-get install --no-install-recommends -y \
         curl \
         gpg \
@@ -29,19 +30,30 @@ RUN apt-get update && \
 # If you want to use community version please use images from hub.docker.com.
 # Changing KOPANO_WEBAPP_VERSION does not really change the resulting image.
 ARG KOPANO_WEBAPP_VERSION=newest
-ARG KOPANO_REPOSITORY_BRANCH=master
-ARG KOPANO_WEBAPP_REPOSITORY_URL="http://buildproxy/supported/webapp:/${KOPANO_REPOSITORY_BRANCH}/Debian_9.0"
-ARG KOPANO_CORE_REPOSITORY_URL="http://buildproxy/supported/core:/${KOPANO_REPOSITORY_BRANCH}/Debian_9.0"
+ARG KOPANO_WEBAPP_REPOSITORY_URL="file:/kopano/repo"
+ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo"
 ARG KOPANO_REPOSITORY_FLAGS="trusted=yes"
-ARG NO_RELEASE_KEY_DOWNLOAD=0
+ARG DOWNLOAD_COMMUNITY_PACKAGES=1
+ARG RELEASE_KEY_DOWNLOAD=0
+ARG ADDITIONAL_KOPANO_PACKAGES
 
 # install kopano web app and refresh ca-certificates
-RUN echo ${KOPANO_WEBAPP_VERSION} > /kopano/buildversion && \
-    echo "deb http://repo.z-hub.io/z-push:/final/Debian_9.0/ /" > /etc/apt/sources.list.d/zpush.list && \
-    echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano-webapp.list && \
+RUN \
+    # community download 
+    [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ] && \
+    chmod a+x /kopano/download_community.sh && \
+    /kopano/download_community.sh core && \
+    /kopano/download_community.sh webapp && \
+    gzip -f9 Packages; \
+    # install
+    set -x && \
+    echo ${KOPANO_CORE_VERSION} > /kopano/buildversion && \
+    echo ${KOPANO_WEBAPP_VERSION} >> /kopano/buildversion && \
     echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano-core.list; \
-    (exit ${NO_RELEASE_KEY_DOWNLOAD}) && curl -s -S -o - "${KOPANO_WEBAPP_REPOSITORY_URL}/Release.key" | apt-key add -; \
-    (exit ${NO_RELEASE_KEY_DOWNLOAD}) && curl -s -S -o - "${KOPANO_CORE_REPOSITORY_URL}/Release.key" | apt-key add -; \
+    [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 0 ] && echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano-webapp.list; \
+    [ ${RELEASE_KEY_DOWNLOAD} -eq 1 ] && curl -s -S -o - "${KOPANO_CORE_REPOSITORY_URL}/Release.key" | apt-key add -; \
+    [ ${RELEASE_KEY_DOWNLOAD} -eq 1 ] && curl -s -S -o - "${KOPANO_WEBAPP_REPOSITORY_URL}/Release.key" | apt-key add -; \
+    echo "deb http://repo.z-hub.io/z-push:/final/Debian_9.0/ /" > /etc/apt/sources.list.d/zpush.list && \
     curl -s -S -o - "http://repo.z-hub.io/z-push:/final/Debian_9.0/Release.key" | apt-key add - && \
     apt-get update && apt-get install -y --no-install-recommends \
         apache2 \
@@ -81,7 +93,7 @@ RUN echo ${KOPANO_WEBAPP_VERSION} > /kopano/buildversion && \
         kopano-webapp-plugin-titlecounter \
         kopano-webapp-plugin-webappmanual \
         kopano-webapp-plugin-zdeveloper \
-        #threema4deskapp \
+        ${ADDITIONAL_KOPANO_PACKAGES} \
         whatsapp4deskapp \
     && rm -rf /var/cache/apt /var/lib/apt/lists
 

webapp/download_community.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+
+function urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }
+
+# query community server by h5ai API
+filename=$(curl -s -S -L -d "action=get&items%5Bhref%5D=%2Fcommunity%2F$1%3A%2F&items%5Bwhat%5D=1" -H \
+                "Accept: application/json" https://download.kopano.io/community/ | jq '.items[].href' | \
+                grep Debian_9.0-amd64 | sed 's#"##g' | sed "s#/community/$1:/##")
+
+filename=$(urldecode $filename)
+
+# download & extract packages
+curl -s -S -L -o $filename https://download.kopano.io/community/$1:/${filename}
+
+tar xf $filename
+
+# save disk space
+rm $filename
+
+# prepare directory to be apt source
+apt-ftparchive packages ${filename%.tar.gz} >> Packages
+