From 501c47ec9e6e0078db6f9acf007c7c4615b7734f Mon Sep 17 00:00:00 2001 From: Andre Zoledziowski Date: Fri, 12 Oct 2018 15:00:34 +0200 Subject: [PATCH] Simplified build.sh. Updated Readme. --- README.md | 45 +++++++++++++- build.sh | 115 ++++++++++++++++++----------------- core/Dockerfile | 4 +- core/README.md | 14 +---- repoproxy/Dockerfile | 6 -- repoproxy/README.md | 4 -- repoproxy/default.conf | 24 -------- repoproxy/start.sh | 13 ---- webapp/Dockerfile | 32 +++++++--- webapp/download_community.sh | 23 +++++++ 10 files changed, 150 insertions(+), 130 deletions(-) delete mode 100644 repoproxy/Dockerfile delete mode 100644 repoproxy/README.md delete mode 100644 repoproxy/default.conf delete mode 100644 repoproxy/start.sh create mode 100644 webapp/download_community.sh diff --git a/README.md b/README.md index 22e0256..3841f84 100644 --- a/README.md +++ b/README.md @@ -3,11 +3,50 @@ Unofficial kopano docker images for all kopano services. Use kopano_core image for server/spooler/dagent/search/monitor/ical/gateway services. Use kopano_webapp for web service. +Building +======= +You may use `build.sh` script but you can also invoke `docker build` directly to build community or supported kopano components. +Currently there are the following components implemented by this project: +- core (server/spooler/dagent/search/monitor/ical/gateway services) +- webapp (apache server for kopano webapp and z-push) + +### Building community Kopano +Example: + +`docker build https://github.com/zokradonh/kopano-docker.git#:core` + +Or use the build.sh script: + +`build.sh -c core` + +### Building supported Kopano +If you have an active Kopano subscription you need specify the following build time arguments: +- KOPANO_CORE_REPOSITORY_URL to `https://serial:@download.kopano.io/supported/core:/final/Debian_9.0` +- RELEASE_KEY_DOWNLOAD to 1 +- DOWNLOAD_COMMUNITY_PACKAGES to 0 + +Example: + +`docker build --build-arg KOPANO_CORE_REPOSITORY_URL=https://serial:ABC123456789@download.kopano.io/supported/core:/final/Debian_9.0 --build-arg RELEASE_KEY_DOWNLOAD=1 --build-arg DOWNLOAD_COMMUNITY_PACKAGES=0 https://github.com/zokradonh/kopano-docker.git#:core` + +Or use the build.sh script: + +`build.sh -c core -s ABC123456789 -b final` + +Replace `ABC123456789` with your serial. + +--- +***WARNING*** + +The built image now includes your serial. Do not push this image to any public registry like `hub.docker.com`. + +--- + Example ======= docker-compose.yml -``` +```YAML version: '3' services: @@ -258,13 +297,13 @@ Change all lines which are commented especially those with #change here This is just a quick example docker-compose.yml made in some minutes to provide a better start. Requires `.env` file next to docker-compose.yml with content like this -``` +```INI CORE_VERSION=8.6.80.1055-0plus156.1 WEBAPP_VERSION=3.4.17.1565plus895.1 ``` Requires `ldap-groups.cf` in ./mtaconfig directory next to docker-compose.yml -``` +```INI bind = yes bind_dn = cn=admin,dc=domain,dc=com bind_pw = admin diff --git a/build.sh b/build.sh index 87be0fe..2da4ad7 100644 --- a/build.sh +++ b/build.sh @@ -4,22 +4,23 @@ set -eu branch="master" buildcontext_base="https://github.com/zokradonh/kopano-docker.git#:" -networkname="buildproxy_net" customBuildArgs=() serial="" component="" -proxyContainerId="" nocache="" +function urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; } + function _usage() { - echo "Usage: build.sh -c core|webapp [-s serial] [-b master|final|pre-final] [-p buildcontext] [-n networkname] [[-a buildarg] ...] [-i]" + echo "Usage: build.sh -c core|webapp [-s serial] [-b master|final|pre-final] [-p buildcontext] [[-a buildarg] ...] [-i]" echo "Example: build.sh -c core -s ABC123456789DEF -b final" + echo "-c The Kopano component to be built." + echo "-s Provide serial if you want to build from supported repository." echo "-i Do not use cache on docker build." echo "-b If no branch is specified, 'master' will be built by default." echo "-p If no buildcontext is specified, it will be built from git repository. Normally, you do not need to specify this." - echo "-n If no networkname is specified, it will create and use a network named 'buildproxy_net'." - echo "-a You can specify custom build args via e.g. -a KOPANO_CORE_REPOSITORY_URL=http://thisismy/url -a KOPANO_WEBAPP_REPOSITORY_URL=http://thisismy/url." + echo "-a You can specify custom build args via e.g. -a ADDITIONAL_KOPANO_PACKAGES=kopano-migration-imap" } while getopts ":s:c:b:p:n:a:i" opt; do @@ -36,9 +37,6 @@ while getopts ":s:c:b:p:n:a:i" opt; do p) buildcontext_base=$OPTARG ;; - n) - networkname=$OPTARG - ;; a) customBuildArgs[${#customBuildArgs[*]}]=$OPTARG ;; @@ -56,8 +54,6 @@ while getopts ":s:c:b:p:n:a:i" opt; do esac done - - case "$component" in core) mainpackage="kopano-server" @@ -70,68 +66,77 @@ case "$component" in exit 1 esac +customBuildString="" +# prepare custom build args +if [[ ${customBuildArgs[@]:+${customBuildArgs[@]}} ]]; +then + for buildArg in "${customBuildArgs[@]}" + do + customBuildString="$customBuildString --build-arg $buildArg" + done +fi + if [ ! -z "$serial" ] then + + # start build of supported kopano # get current version to brand and tag the image correctly currentVersion=$(curl -s -S -L https://serial:$serial@download.kopano.io/supported/$component:/$branch/Debian_9.0/Packages.gz |\ gzip -d | grep -A 8 "^Package: $mainpackage$" | awk '/Version/ { print $2 }') currentVersionDocker=$(echo $currentVersion | sed 's/+/plus/') - # check existence of network - isnetup=$(docker network ls | grep $networkname | wc -l) - if [ $isnetup -eq 0 ] + # webapp also needs core repository + if [ "$component" == "webapp" ] then - echo "Missing build network. Creating network $networkname..." - docker network create --attachable $networkname + customBuildString="$customBuildString --build-arg KOPANO_CORE_REPOSITORY_URL=https://serial:$serial@download.kopano.io/supported/core:/$branch/Debian_9.0" fi - # check if buildproxy helper container is running - isproxyup=$(docker ps | grep kopano_buildproxy | wc -l) + echo "Start building supported kopano $component image version ($currentVersion)..." - if [ $isproxyup -eq 0 ] - then - echo "Build proxy container not runnning - now building..." - docker build -t kopano_buildproxy ${buildcontext_base}repoproxy - echo "Start buildproxy helper..." - proxyContainerId=$(docker run --rm -ti -d -e KOPANO_SERIAL=$serial --network $networkname --network-alias buildproxy kopano_buildproxy) + # build it + docker build --build-arg KOPANO_${component^^}_REPOSITORY_URL=https://serial:$serial@download.kopano.io/supported/$component:/$branch/Debian_9.0 \ + --build-arg RELEASE_KEY_DOWNLOAD=1 \ + --build-arg DOWNLOAD_COMMUNITY_PACKAGES=0 \ + --build-arg KOPANO_${component^^}_VERSION=$currentVersion \ + -t zokradonh/kopano_$component:$currentVersionDocker \ + -t zokradonh/kopano_$component:latest-$branch \ + $nocache \ + $customBuildString \ + ${buildcontext_base}${component} + if [ $? -eq 0 ] + then + echo "Please note that this image does include your serial. If you publish this image then your serial is exposed to public." fi else - currentVersion="newest" - currentVersionDocker="custom" -fi + # start build of community kopano -# only tag the master branch with ":latest" -if [ "$branch" == "master" ] -then - tagLatest="-t zokradonh/kopano_$component:latest" -else - tagLatest=" " -fi + hash jq > /dev/null + if [ $? -ne 0 ] + then + echo "Please install jq in order to run this build script." + exit 1 + fi -customBuildString="" -# prepare custom build args -for buildArg in "${customBuildArgs[@]}" -do - customBuildString="$customBuildString --build-arg $buildArg" -done + # query community server by h5ai API + filename=$(curl -s -S -L -d "action=get&items%5Bhref%5D=%2Fcommunity%2F$component%3A%2F&items%5Bwhat%5D=1" -H \ + "Accept: application/json" https://download.kopano.io/community/ | jq '.items[].href' | \ + grep Debian_9.0-amd64 | sed 's#"##g' | sed "s#/community/$component:/##") -# build it -echo "Start building kopano $component image version ($currentVersion)..." -docker build \ - --build-arg KOPANO_REPOSITORY_BRANCH=$branch \ - --build-arg KOPANO_${component^^}_VERSION=$currentVersion \ - $customBuildString \ - $tagLatest \ - $nocache \ - -t zokradonh/kopano_$component:$currentVersionDocker \ - -t zokradonh/kopano_$component:latest-$branch \ - --network $networkname \ - ${buildcontext_base}${component} + filename=$(urldecode $filename) -# stop proxy container if we started it -if [ ! -z "$proxyContainerId" ] -then - docker stop $proxyContainerId + currentVersion=$(echo $filename | sed -r 's#[a-z]+-([0-9_.+]+)-.*#\1#') + currentVersionDocker=$(echo $currentVersion | sed 's/+/plus/') + + echo "Start building community kopano $component image version ($currentVersion)..." + + # build it + docker build -t zokradonh/kopano_$component:$currentVersionDocker \ + -t zokradonh/kopano_$component:latest-$branch \ + -t zokradonh/kopano_$component:latest \ + --build-arg KOPANO_${component^^}_VERSION=$currentVersion \ + $nocache \ + $customBuildString \ + ${buildcontext_base}${component} fi \ No newline at end of file diff --git a/core/Dockerfile b/core/Dockerfile index 348a0eb..0c83ca5 100644 --- a/core/Dockerfile +++ b/core/Dockerfile @@ -10,6 +10,7 @@ ARG DEBIAN_FRONTEND=noninteractive # install basics RUN apt-get update && \ + apt-get upgrade -y && \ apt-get install --no-install-recommends -y \ curl \ gpg \ @@ -28,7 +29,6 @@ RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ update-locale LANG=en_US.UTF-8 ARG KOPANO_CORE_VERSION=newest -ARG KOPANO_REPOSITORY_BRANCH=master ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo" ARG KOPANO_REPOSITORY_FLAGS="trusted=yes" ARG DOWNLOAD_COMMUNITY_PACKAGES=1 @@ -51,7 +51,7 @@ RUN \ [ ${RELEASE_KEY_DOWNLOAD} -eq 1 ] && curl -s -S -o - "${KOPANO_CORE_REPOSITORY_URL}/Release.key" | apt-key add -; \ apt-get update && \ apt-get install --no-install-recommends -y \ - kopano-server-packages="${KOPANO_CORE_VERSION}" \ + kopano-server-packages \ ${ADDITIONAL_KOPANO_PACKAGES} \ php7.0-cli && \ rm -rf /var/cache/apt /var/lib/apt/lists && \ diff --git a/core/README.md b/core/README.md index 449d618..29982b2 100644 --- a/core/README.md +++ b/core/README.md @@ -21,16 +21,4 @@ See: https://documentation.kopano.io/kopanocore_administrator_manual/configure_k Example: -`docker-compose exec kserver kopano-cli --list-users` (This may last very long without any console output.) - - -Building supported Kopano -===== -If you have an active Kopano subscription you need specify the following build time arguments: -- KOPANO_CORE_REPOSITORY_URL to `https://serial:@download.kopano.io/supported/core:/final/Debian_9.0` -- RELEASE_KEY_DOWNLOAD to 1 -- DOWNLOAD_COMMUNITY_PACKAGES to 0 - -Example: - -`docker build --build-arg KOPANO_CORE_REPOSITORY_URL=https://serial:ABC123456789@download.kopano.io/supported/core:/final/Debian_9.0 --build-arg RELEASE_KEY_DOWNLOAD=1 --build-arg DOWNLOAD_COMMUNITY_PACKAGES=0 https://github.com/zokradonh/kopano-docker.git#:core` \ No newline at end of file +`docker-compose exec kserver kopano-cli --list-users` (This may last very long without any console output.) \ No newline at end of file diff --git a/repoproxy/Dockerfile b/repoproxy/Dockerfile deleted file mode 100644 index 9c15d9b..0000000 --- a/repoproxy/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM nginx:alpine - -COPY default.conf start.sh /buildproxy/ -RUN chmod a+x /buildproxy/start.sh - -CMD ["/buildproxy/start.sh"] \ No newline at end of file diff --git a/repoproxy/README.md b/repoproxy/README.md deleted file mode 100644 index dafb166..0000000 --- a/repoproxy/README.md +++ /dev/null @@ -1,4 +0,0 @@ -This image is simply for building the Kopano images. It allows building Kopano from repositories that need a serial key without -exposing the serial key in the image metadata. - -Never publish an image of this proxy as this will include your serial. \ No newline at end of file diff --git a/repoproxy/default.conf b/repoproxy/default.conf deleted file mode 100644 index 0e408d7..0000000 --- a/repoproxy/default.conf +++ /dev/null @@ -1,24 +0,0 @@ -server { - listen 80; - server_name _; - - #charset koi8-r; - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - location / { - proxy_pass ${KOPANO_REPOSITORY_BASE_URL}; - proxy_set_header Authorization "Basic ${B64_CREDS}"; - } - -} \ No newline at end of file diff --git a/repoproxy/start.sh b/repoproxy/start.sh deleted file mode 100644 index 88bb0da..0000000 --- a/repoproxy/start.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/ash - -KOPANO_USER=serial - -export KOPANO_REPOSITORY_BASE_URL="https://download.kopano.io/" - -export B64_CREDS=$(echo "$KOPANO_USER:$KOPANO_SERIAL" | base64) - -# inject the secrets into config file -cat /buildproxy/default.conf | envsubst > /etc/nginx/conf.d/default.conf - -# run reverse proxy -exec nginx -g "daemon off;" diff --git a/webapp/Dockerfile b/webapp/Dockerfile index 42cb619..862c6bd 100644 --- a/webapp/Dockerfile +++ b/webapp/Dockerfile @@ -10,6 +10,7 @@ ENV DEBIAN_FRONTEND noninteractive # install basics RUN apt-get update && \ + apt-get upgrade -y && \ apt-get install --no-install-recommends -y \ curl \ gpg \ @@ -29,19 +30,30 @@ RUN apt-get update && \ # If you want to use community version please use images from hub.docker.com. # Changing KOPANO_WEBAPP_VERSION does not really change the resulting image. ARG KOPANO_WEBAPP_VERSION=newest -ARG KOPANO_REPOSITORY_BRANCH=master -ARG KOPANO_WEBAPP_REPOSITORY_URL="http://buildproxy/supported/webapp:/${KOPANO_REPOSITORY_BRANCH}/Debian_9.0" -ARG KOPANO_CORE_REPOSITORY_URL="http://buildproxy/supported/core:/${KOPANO_REPOSITORY_BRANCH}/Debian_9.0" +ARG KOPANO_WEBAPP_REPOSITORY_URL="file:/kopano/repo" +ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo" ARG KOPANO_REPOSITORY_FLAGS="trusted=yes" -ARG NO_RELEASE_KEY_DOWNLOAD=0 +ARG DOWNLOAD_COMMUNITY_PACKAGES=1 +ARG RELEASE_KEY_DOWNLOAD=0 +ARG ADDITIONAL_KOPANO_PACKAGES # install kopano web app and refresh ca-certificates -RUN echo ${KOPANO_WEBAPP_VERSION} > /kopano/buildversion && \ - echo "deb http://repo.z-hub.io/z-push:/final/Debian_9.0/ /" > /etc/apt/sources.list.d/zpush.list && \ - echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano-webapp.list && \ +RUN \ + # community download + [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ] && \ + chmod a+x /kopano/download_community.sh && \ + /kopano/download_community.sh core && \ + /kopano/download_community.sh webapp && \ + gzip -f9 Packages; \ + # install + set -x && \ + echo ${KOPANO_CORE_VERSION} > /kopano/buildversion && \ + echo ${KOPANO_WEBAPP_VERSION} >> /kopano/buildversion && \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano-core.list; \ - (exit ${NO_RELEASE_KEY_DOWNLOAD}) && curl -s -S -o - "${KOPANO_WEBAPP_REPOSITORY_URL}/Release.key" | apt-key add -; \ - (exit ${NO_RELEASE_KEY_DOWNLOAD}) && curl -s -S -o - "${KOPANO_CORE_REPOSITORY_URL}/Release.key" | apt-key add -; \ + [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 0 ] && echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano-webapp.list; \ + [ ${RELEASE_KEY_DOWNLOAD} -eq 1 ] && curl -s -S -o - "${KOPANO_CORE_REPOSITORY_URL}/Release.key" | apt-key add -; \ + [ ${RELEASE_KEY_DOWNLOAD} -eq 1 ] && curl -s -S -o - "${KOPANO_WEBAPP_REPOSITORY_URL}/Release.key" | apt-key add -; \ + echo "deb http://repo.z-hub.io/z-push:/final/Debian_9.0/ /" > /etc/apt/sources.list.d/zpush.list && \ curl -s -S -o - "http://repo.z-hub.io/z-push:/final/Debian_9.0/Release.key" | apt-key add - && \ apt-get update && apt-get install -y --no-install-recommends \ apache2 \ @@ -81,7 +93,7 @@ RUN echo ${KOPANO_WEBAPP_VERSION} > /kopano/buildversion && \ kopano-webapp-plugin-titlecounter \ kopano-webapp-plugin-webappmanual \ kopano-webapp-plugin-zdeveloper \ - #threema4deskapp \ + ${ADDITIONAL_KOPANO_PACKAGES} \ whatsapp4deskapp \ && rm -rf /var/cache/apt /var/lib/apt/lists diff --git a/webapp/download_community.sh b/webapp/download_community.sh new file mode 100644 index 0000000..a8cc17e --- /dev/null +++ b/webapp/download_community.sh @@ -0,0 +1,23 @@ +#!/bin/bash + + +function urldecode() { : "${*//+/ }"; echo -e "${_//%/\\x}"; } + +# query community server by h5ai API +filename=$(curl -s -S -L -d "action=get&items%5Bhref%5D=%2Fcommunity%2F$1%3A%2F&items%5Bwhat%5D=1" -H \ + "Accept: application/json" https://download.kopano.io/community/ | jq '.items[].href' | \ + grep Debian_9.0-amd64 | sed 's#"##g' | sed "s#/community/$1:/##") + +filename=$(urldecode $filename) + +# download & extract packages +curl -s -S -L -o $filename https://download.kopano.io/community/$1:/${filename} + +tar xf $filename + +# save disk space +rm $filename + +# prepare directory to be apt source +apt-ftparchive packages ${filename%.tar.gz} >> Packages +