From 842385ee34416d97f91962dfd8cd3ce2411f7301 Mon Sep 17 00:00:00 2001
From: Felix Bartels <felix@host-consultants.de>
Date: Tue, 5 Mar 2019 17:03:22 +0100
Subject: [PATCH] add Kdav (#83)

* add a kdav image
* do not install composer into the docker image
instead use a multi stage build that copies the resulting directory into the final image
* set default version in compose

resolves #54
---
 Makefile                      | 11 ++++-
 base/Dockerfile               |  2 +-
 docker-compose.yml            | 15 +++++++
 kdav/Dockerfile               | 80 +++++++++++++++++++++++++++++++++++
 kdav/apache2-kopano-kdav.conf | 29 +++++++++++++
 kdav/start.sh                 | 46 ++++++++++++++++++++
 setup.sh                      |  5 +++
 version.sh                    |  3 ++
 web/kweb.cfg                  | 12 ++++++
 9 files changed, 200 insertions(+), 3 deletions(-)
 create mode 100644 kdav/Dockerfile
 create mode 100644 kdav/apache2-kopano-kdav.conf
 create mode 100755 kdav/start.sh

diff --git a/Makefile b/Makefile
index bdd6662..a2cba8b 100644
--- a/Makefile
+++ b/Makefile
@@ -28,7 +28,7 @@ export
 # convert lowercase componentname to uppercase
 COMPONENT = $(shell echo $(component) | tr a-z A-Z)
 
-build-all: build-base build-core build-konnect build-kwmserver build-ldap-demo build-meet build-playground build-ssl build-utils build-web build-webapp build-zpush
+build-all: build-base build-core build-kdav build-konnect build-kwmserver build-ldap-demo build-meet build-playground build-ssl build-utils build-web build-webapp build-zpush
 
 .PHONY: build
 build: component ?= base
@@ -76,6 +76,9 @@ build-meet:
 build-playground:
 	component=playground make build-simple
 
+build-kdav:
+	component=kdav make build
+
 build-ssl:
 	component=ssl make build-simple
 
@@ -149,7 +152,7 @@ tag-zpush:
 repo-login:
 	@docker login -u $(docker_login) -p $(docker_pwd)
 
-publish: repo-login publish-base publish-core publish-konnect publish-kwmserver publish-meet publish-playground publish-ssl publish-utils publish-web publish-webapp publish-zpush
+publish: repo-login publish-base publish-core publish-kdav publish-konnect publish-kwmserver publish-meet publish-playground publish-ssl publish-utils publish-web publish-webapp publish-zpush
 
 publish-container: component ?= base
 publish-container:
@@ -175,6 +178,10 @@ publish-meet: build-meet tag-meet
 publish-playground: build-playground
 	docker push $(docker_repo)/kopano_playground:latest
 
+
+publish-kdav: build-kdav tag-kdav
+	component=zpush make publish-container
+
 publish-ssl: build-ssl
 	docker push $(docker_repo)/kopano_ssl:latest
 
diff --git a/base/Dockerfile b/base/Dockerfile
index 1add679..2a4c4bc 100644
--- a/base/Dockerfile
+++ b/base/Dockerfile
@@ -24,7 +24,7 @@ RUN apt-get update && \
         moreutils \
         python3 \
         && \
-    rm -rf /var/cache/apt /var/lib/apt/lists
+    rm -rf /var/cache/apt /var/lib/apt/lists/*
 
 RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
     sed -i -e 's/# de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen && \
diff --git a/docker-compose.yml b/docker-compose.yml
index c3aca71..ddbd092 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -307,6 +307,20 @@ services:
       - kopano-net
       - web-net
 
+  kopano_kdav:
+    image: ${docker_repo:?err}/kopano_kdav:${KDAV_VERSION:-latest}
+    hostname: kopano_kdav
+    container_name: kopano_kdav
+    volumes:
+      - kopanossl/:/kopano/ssl
+      - kopanosocket/:/run/kopano
+      - kdavstates/:/var/lib/kopano/kdav
+    environment:
+      - TZ=${TZ}
+    networks:
+      - kopano-net
+      - web-net
+
   kopano_dagent:
     image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
     container_name: kopano_dagent
@@ -467,6 +481,7 @@ volumes:
   kopanossl:
   kopanosocket:
   zpushstates:
+  kdavstates:
 
 networks:
   web-net:
diff --git a/kdav/Dockerfile b/kdav/Dockerfile
new file mode 100644
index 0000000..b0d86f7
--- /dev/null
+++ b/kdav/Dockerfile
@@ -0,0 +1,80 @@
+ARG docker_repo=zokradonh
+FROM composer:1.8.4 as composer
+
+RUN git clone --depth 1 https://stash.kopano.io/scm/kc/kdav.git /usr/share/kdav && \
+    cd /usr/share/kdav && \
+    composer install
+
+FROM ${docker_repo}/kopano_base
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+ARG ADDITIONAL_KOPANO_PACKAGES=""
+ARG DOWNLOAD_COMMUNITY_PACKAGES=1
+ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo/core"
+ARG KOPANO_REPOSITORY_FLAGS="trusted=yes"
+ARG KOPANO_CORE_VERSION=newest
+ARG RELEASE_KEY_DOWNLOAD=0
+
+# install Kopano WebApp and refresh ca-certificates
+RUN \
+    # community download and package as apt source repository
+    . /kopano/helper/create-kopano-repo.sh && \
+    if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \
+        dl_and_package_community "core"; \
+    fi; \
+    echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \
+    # save kopano version
+    echo "core-${KOPANO_CORE_VERSION}" > /kopano/buildversion; \
+    set -x && \
+    apt-get update && apt-get install -y --no-install-recommends \
+        apache2 \
+        libapache2-mod-php7.0 \
+        crudini \
+        php7-mapi \
+        php-xml \
+        php-mbstring \
+	php-zip \
+        sqlite \
+        php-sqlite3 \
+        ca-certificates \
+        git \
+        unzip \
+        ${ADDITIONAL_KOPANO_PACKAGES} \
+    && rm -rf /var/cache/apt /var/lib/apt/lists/*
+
+COPY apache2-kopano-kdav.conf /etc/apache2/sites-available/kopano-kdav.conf
+
+# configure basics
+RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
+    sed -i -e 's/# de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen && \
+    dpkg-reconfigure --frontend=noninteractive locales && \
+    update-locale LANG=en_US.UTF-8 && \
+    # configure apache
+    rm /etc/apache2/sites-enabled/* && \
+    sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf && \
+    sed -e "s,MaxSpareServers[^:].*,MaxSpareServers 5," -i /etc/apache2/mods-available/mpm_prefork.conf && \
+    a2disconf other-vhosts-access-log && \
+    a2ensite kopano-kdav && \
+    echo "Listen 80" > /etc/apache2/ports.conf && \
+    # configure mod_php
+    a2enmod rewrite && \
+    crudini --set /etc/php/7.0/apache2/php.ini PHP upload_max_filesize 500M && \
+    crudini --set /etc/php/7.0/apache2/php.ini PHP post_max_size 500M && \
+    crudini --set /etc/php/7.0/apache2/php.ini PHP max_input_vars 1800 && \
+    crudini --set /etc/php/7.0/apache2/php.ini Session session.save_path /run/sessions && \
+    mkdir -p /var/lib/kopano/kdav && \
+    chown www-data:www-data /var/lib/kopano/kdav && \
+    mkdir -p /var/log/kdav && \
+    chown www-data:www-data /var/log/kdav
+
+COPY --from=composer /usr/share/kdav /usr/share/kdav
+
+EXPOSE 80/tcp
+
+COPY start.sh /kopano/start.sh
+
+ENV LANG en_US.UTF-8
+
+ENTRYPOINT ["/usr/bin/dumb-init", "--"]
+CMD [ "/kopano/start.sh" ]
diff --git a/kdav/apache2-kopano-kdav.conf b/kdav/apache2-kopano-kdav.conf
new file mode 100644
index 0000000..4d99305
--- /dev/null
+++ b/kdav/apache2-kopano-kdav.conf
@@ -0,0 +1,29 @@
+<VirtualHost *:80>
+    DocumentRoot /usr/share/kdav/
+
+    LogFormat "%{X-Forwarded-For}i %{%a %b %d %T %Y}t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+    ErrorLog "|/bin/cat"
+    CustomLog "|/bin/cat" proxy
+
+    RewriteEngine On
+    # redirect well-known url http://sabre.io/dav/service-discovery/
+    # (redirect may need to be done to the absolute external url)
+    RewriteRule ^/.well-known/carddav$ / [R]
+    RewriteRule ^/.well-known/caldav$ / [R]
+    # This makes every request go to server.php
+    RewriteRule ^/(.*)$ /server.php [L]
+
+    # Output buffering needs to be off, to prevent high memory usage
+    php_flag output_buffering off
+
+    # This is also to prevent high memory usage
+    php_flag always_populate_raw_post_data off
+
+    # SabreDAV is not compatible with mbstring function overloading
+    php_flag mbstring.func_overload off
+
+    # set higher limits by default
+    php_value memory_limit 256M
+    php_value max_execution_time 259200
+
+</VirtualHost>
diff --git a/kdav/start.sh b/kdav/start.sh
new file mode 100755
index 0000000..649bf0d
--- /dev/null
+++ b/kdav/start.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+
+# define default value for serverhostname and serverport if not passed into container
+KCCONF_SERVERHOSTNAME=${KCCONF_SERVERHOSTNAME:-127.0.0.1}
+KCCONF_SERVERPORT=${KCCONF_SERVERPORT:-236}
+ADDITIONAL_KOPANO_PACKAGES=${ADDITIONAL_KOPANO_PACKAGES:-""}
+
+set -eu # unset variables are errors & non-zero return values exit the whole script
+
+[ ! -z "$ADDITIONAL_KOPANO_PACKAGES" ] && apt update
+[ ! -z "$ADDITIONAL_KOPANO_PACKAGES" ] && for installpkg in "$ADDITIONAL_KOPANO_PACKAGES"; do
+	if [ $(dpkg-query -W -f='${Status}' $installpkg 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
+		apt --assume-yes install $installpkg;
+	fi
+done
+
+echo "Ensure directories"
+mkdir -p /run/sessions
+
+if [ "$KCCONF_SERVERHOSTNAME" == "127.0.0.1" ]; then
+	echo "kDAV is using the default: connection"
+else
+	echo "kDAV is using an ip connection"
+	sed -e "s#define([\"']MAPI_SERVER[\"'],\s*[\"']default:[\"'])#define('MAPI_SERVER', 'https://${KCCONF_SERVERHOSTNAME}:${KCCONF_SERVERPORT}/kopano')#" \
+	    -i /usr/share/kdav/config.php
+fi
+
+# change root uri to /kdav
+sed -e "s#define('DAV_ROOT_URI', '/');#define('DAV_ROOT_URI', '/kdav/');#" -i /usr/share/kdav/config.php
+
+echo "Ensure config ownership"
+chown -R www-data:www-data /run/sessions
+
+touch /var/log/kdav/kdav.log
+touch /var/log/kdav/kdav-error.log
+chown www-data:www-data /var/log/kdav/kdav.log /var/log/kdav/kdav-error.log
+tail --pid=$$ -F --lines=0 -q /var/log/kdav/kdav.log &
+tail --pid=$$ -F --lines=0 -q /var/log/kdav/kdav-error.log &
+
+echo "Starting Apache"
+rm -f /run/apache2/apache2.pid
+set +u
+source /etc/apache2/envvars
+# cleaning up env variables
+unset "${!KCCONF_@}"
+exec /usr/sbin/apache2 -DFOREGROUND
diff --git a/setup.sh b/setup.sh
index acb39d8..775bc1b 100755
--- a/setup.sh
+++ b/setup.sh
@@ -109,6 +109,10 @@ if [ ! -e ./.env ]; then
 	read -p "Which tag do you want to use for Kopano Meet? [$value_default]: " new_value
 	MEET_VERSION=${new_value:-$value_default}
 
+	value_default=latest
+	read -p "Which tag do you want to use for Kopano kDAV? [$value_default]: " new_value
+	KDAV_VERSION=${new_value:-$value_default}
+
 	value_default="Kopano Demo"
 	read -p "Name of the Organisation for LDAP [$value_default]: " new_value
 	LDAP_ORGANISATION=${new_value:-$value_default}
@@ -265,6 +269,7 @@ ZPUSH_VERSION=$ZPUSH_VERSION
 KONNECT_VERSION=$KONNECT_VERSION
 KWM_VERSION=$KWM_VERSION
 MEET_VERSION=$MEET_VERSION
+KDAV_VERSION=$KDAV_VERSION
 
 LDAP_ORGANISATION="$LDAP_ORGANISATION"
 LDAP_DOMAIN=$FQDN
diff --git a/version.sh b/version.sh
index 3e4503b..364c0c0 100755
--- a/version.sh
+++ b/version.sh
@@ -38,6 +38,9 @@ zpush)
 		exit
 	fi
 	;;
+kdav)
+	git ls-remote --tags https://stash.kopano.io/scm/kc/kdav.git | awk -F/ '{ print $3 }' | tail -1 | sed 's/^.//'
+	exit
 esac
 
 # query community server by h5ai API
diff --git a/web/kweb.cfg b/web/kweb.cfg
index bdc370a..d4a9e06 100644
--- a/web/kweb.cfg
+++ b/web/kweb.cfg
@@ -159,6 +159,18 @@
     }
     folderish /caldav
 
+    proxy /kdav/ kopano_kdav:80 {
+        transparent
+        keepalive 0
+        fail_timeout 10s
+        try_duration 30s
+    }
+
+    redir 301 {
+        /.well-known/carddav /kdav/
+        /.well-known/caldav  /kdav/
+    }
+
     proxy /ldap-admin/ ldap-admin:80 {
         without /ldap-admin
         transparent