diff --git a/Makefile b/Makefile index 08afa3e..6d916f0 100644 --- a/Makefile +++ b/Makefile @@ -3,14 +3,17 @@ docker_login := `cat ~/.docker-account-user` docker_pwd := `cat ~/.docker-account-pwd` base_version = $(shell docker run --rm $(docker_repo)/kopano_base cat /kopano/buildversion) -base_download_version = $(shell ./version.sh core) +base_download_version := $(shell ./version.sh core) core_version = $(shell docker run --rm $(docker_repo)/kopano_core cat /kopano/buildversion | grep -o -P '(?<=-).*(?=\+)') -core_download_version = $(shell ./version.sh core) +core_download_version := $(shell ./version.sh core) webapp_version = $(shell docker run --rm $(docker_repo)/kopano_webapp cat /kopano/buildversion | tail -n 1 | grep -o -P '(?<=-).*(?=\+)') -webapp_download_version = $(shell ./version.sh webapp) +webapp_download_version := $(shell ./version.sh webapp) +zpush_version = $(shell docker run --rm $(docker_repo)/kopano_zpush cat /kopano/buildversion | tail -n 1 | grep -o -P '(?<=-).*(?=\+)') +zpush_download_version := $(shell ./version.sh zpush) KOPANO_CORE_REPOSITORY_URL := file:/kopano/repo/core KOPANO_WEBAPP_REPOSITORY_URL := file:/kopano/repo/webapp +KOPANO_ZPUSH_REPOSITORY_URL := http://repo.z-hub.io/z-push:/final/Debian_9.0/ RELEASE_KEY_DOWNLOAD := 0 DOWNLOAD_COMMUNITY_PACKAGES := 1 @@ -20,7 +23,7 @@ export # convert lowercase componentname to uppercase COMPONENT = $(shell echo $(component) | tr a-z A-Z) -build-all: build-ssl build-base build-core build-webapp +build-all: build-ssl build-base build-core build-webapp build-zpush build: component ?= base build: @@ -30,6 +33,7 @@ build: --build-arg KOPANO_$(COMPONENT)_VERSION=${$(component)_download_version} \ --build-arg KOPANO_CORE_REPOSITORY_URL=$(KOPANO_CORE_REPOSITORY_URL) \ --build-arg KOPANO_WEBAPP_REPOSITORY_URL=$(KOPANO_WEBAPP_REPOSITORY_URL) \ + --build-arg KOPANO_ZPUSH_REPOSITORY_URL=$(KOPANO_ZPUSH_REPOSITORY_URL) \ --build-arg RELEASE_KEY_DOWNLOAD=$(RELEASE_KEY_DOWNLOAD) \ --build-arg DOWNLOAD_COMMUNITY_PACKAGES=$(DOWNLOAD_COMMUNITY_PACKAGES) \ -t $(docker_repo)/kopano_$(component) $(component)/ @@ -43,6 +47,9 @@ build-core: build-webapp: component=webapp make build +build-zpush: + component=zpush make build + build-ssl: docker build -t $(docker_repo)/kopano_ssl ssl/ @@ -64,6 +71,9 @@ tag-core: tag-webapp: component=webapp make tag +tag-zpush: + component=zpush make tag + # Docker publish repo-login: docker login -u $(docker_login) -p $(docker_pwd) @@ -87,6 +97,9 @@ publish-core: build-core tag-core publish-webapp: build-webapp tag-webapp component=webapp make publish-container +publish-zpush: build-zpush tag-zpush + component=zpush make publish-container + publish-ssl: build-ssl docker push $(docker_repo)/kopano_ssl:latest diff --git a/docker-compose.yml-example b/docker-compose.yml-example index 63c2acc..318b3f4 100644 --- a/docker-compose.yml-example +++ b/docker-compose.yml-example @@ -198,6 +198,25 @@ services: - web - kopanonet + kzpush: + image: ${docker_repo:?err}/kopano_zpush:${WEBAPP_VERSION} + hostname: kzpush + container_name: kopano_zpush + links: + - kserver + volumes: + - ./data/z-push-states/:/var/lib/z-push/ + - ./data/ssl/:/kopano/ssl + - ./data/socket/:/run/kopano + environment: + - TZ=${TZ} + - CADDY_HOST=${ZPUSH_HOST} + - CADDY_PROXY_PARAMS=transparent + - CADDY_TLS_SELFSIGNED + networks: + - web + - kopanonet + kdagent: image: ${docker_repo:?err}/kopano_core:${CORE_VERSION} container_name: kopano_dagent diff --git a/setup.sh b/setup.sh index 58467d5..fea189d 100755 --- a/setup.sh +++ b/setup.sh @@ -20,7 +20,7 @@ if [ ! -e ./.env ]; then LDAP_ORGANISATION=${new_value:-$value_default} value_default="kopano.demo" - read -p "Name of the Domain for LDAP [$value_default]: " new_value + read -p "Domain to be used (for LDAP and reverse proxy) [$value_default]: " new_value LDAP_DOMAIN=${new_value:-$value_default} value_default="dc=kopano,dc=demo" @@ -116,6 +116,7 @@ TZ=$TZ # Defines how Kopano can be accessed from the outside world WEBAPP_HOST=webapp.$LDAP_DOMAIN +ZPUSH_HOST=zpush.$LDAP_DOMAIN LDAP_HOST=ldap.$LDAP_DOMAIN HTTP=80 HTTPS=443 @@ -126,6 +127,7 @@ docker_repo=zokradonh # modify below to build a different version, than the kopano nightly release #KOPANO_CORE_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/core:/final/Debian_9.0/ #KOPANO_WEBAPP_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/webapp:/final/Debian_9.0/ +#KOPANO_ZPUSH_REPOSITORY_URL=http://repo.z-hub.io/z-push:/final/Debian_9.0/ #RELEASE_KEY_DOWNLOAD=1 #DOWNLOAD_COMMUNITY_PACKAGES=0 diff --git a/version.sh b/version.sh index 5d9b402..b21f812 100755 --- a/version.sh +++ b/version.sh @@ -7,26 +7,38 @@ fi source base/create-kopano-repo.sh component=${1:-core} +COMPONENT=$(echo $component | tr a-z A-Z) if [ -e ./env ]; then source ./env fi -KOPANO_CORE_REPOSITORY_URL=${KOPANO_CORE_REPOSITORY_URL:-""} -KOPANO_WEBAPP_REPOSITORY_URL=${KOPANO_WEBAPP_REPOSITORY_URL:-""} -if [[ $KOPANO_CORE_REPOSITORY_URL == http* ]] || [[ $KOPANO_WEBAPP_REPOSITORY_URL == http* ]]; then - case $component in - core) +case $component in +core) + KOPANO_CORE_REPOSITORY_URL=${KOPANO_CORE_REPOSITORY_URL:-""} + if [[ $KOPANO_CORE_REPOSITORY_URL == http* ]]; then version=$(curl -s -S -L $KOPANO_CORE_REPOSITORY_URL/Packages | grep -A2 "Package: kopano-server-packages") echo "${version##* }" - ;; - webapp) + exit + fi + ;; +webapp) + KOPANO_WEBAPP_REPOSITORY_URL=${KOPANO_WEBAPP_REPOSITORY_URL:-""} + if [[ $KOPANO_WEBAPP_REPOSITORY_URL == http* ]]; then version=$(curl -s -S -L $KOPANO_WEBAPP_REPOSITORY_URL/Packages | grep -m1 -A1 "Package: kopano-webapp") echo "${version##* }" - ;; - esac - exit -fi + exit + fi + ;; +zpush) + KOPANO_ZPUSH_REPOSITORY_URL=${KOPANO_ZPUSH_REPOSITORY_URL:-"http://repo.z-hub.io/z-push:/final/Debian_9.0/"} + if [[ $KOPANO_ZPUSH_REPOSITORY_URL == http* ]]; then + version=$(curl -s -S -L $KOPANO_ZPUSH_REPOSITORY_URL/Packages | grep -m2 -A2 "Package: z-push-kopano") + echo "${version##* }" + exit + fi + ;; +esac # query community server by h5ai API filename=$(h5ai_query "$component") diff --git a/webapp/Dockerfile b/webapp/Dockerfile index f5bfacc..a2daf23 100644 --- a/webapp/Dockerfile +++ b/webapp/Dockerfile @@ -26,21 +26,13 @@ RUN \ # install apt keys if supported kopano if [ ${RELEASE_KEY_DOWNLOAD} -eq 1 ]; then \ curl -s -S -o - "${KOPANO_CORE_REPOSITORY_URL}/Release.key" | apt-key add -; \ - curl -s -S -o - "${KOPANO_WEBAPP_REPOSITORY_URL}/Release.key" | apt-key add -; \ fi; \ - # TODO separate out z-push? - # prepare z-push installation - echo "deb http://repo.z-hub.io/z-push:/final/Debian_9.0/ /" > /etc/apt/sources.list.d/zpush.list && \ - curl -s -S -o - "http://repo.z-hub.io/z-push:/final/Debian_9.0/Release.key" | apt-key add - && \ # install set -x && \ apt-get update && apt-get install -y --no-install-recommends \ apache2 \ libapache2-mod-php7.0 \ crudini \ - z-push-backend-kopano \ - z-push-config-apache \ - z-push-ipc-sharedmemory \ ca-certificates \ kopano-webapp \ kopano-webapp-plugin-contactfax \ @@ -96,11 +88,6 @@ RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ crudini --set /etc/php/7.0/apache2/php.ini PHP post_max_size 500M && \ crudini --set /etc/php/7.0/apache2/php.ini PHP max_input_vars 1800 && \ crudini --set /etc/php/7.0/apache2/php.ini Session session.save_path /run/sessions && \ - # configure z-push - mkdir -p /var/lib/z-push /var/log/z-push && \ - chown www-data:www-data /var/lib/z-push /var/log/z-push - -VOLUME /var/lib/z-push/ EXPOSE 80/tcp diff --git a/webapp/start.sh b/webapp/start.sh index dcbbb83..ba3c2f9 100755 --- a/webapp/start.sh +++ b/webapp/start.sh @@ -2,7 +2,7 @@ # define default value for serverhostname and serverport if not passed into container KCCONF_SERVERHOSTNAME=${KCCONF_SERVERHOSTNAME:-127.0.0.1} -KCCONF_SERVERPORT=${KCCONF_SERVERPORT:-237} +KCCONF_SERVERPORT=${KCCONF_SERVERPORT:-236} ADDITIONAL_KOPANO_PACKAGES=${ADDITIONAL_KOPANO_PACKAGES:-""} set -eu # unset variables are errors & non-zero return values exit the whole script @@ -31,28 +31,9 @@ sed \ -e "s#define(\"INSECURE_COOKIES\",\s*.*)#define(\"INSECURE_COOKIES\", true)#" \ -i /etc/kopano/webapp/config.php -if [ "$KCCONF_SERVERHOSTNAME" == "127.0.0.1" ]; then - echo "Z-Push is using the default: connection" -else - echo "Z-Push is using an ip connection" - sed -e "s#define([\"']MAPI_SERVER[\"'],\s*[\"']default:[\"'])#define('MAPI_SERVER', 'https://${KCCONF_SERVERHOSTNAME}:${KCCONF_SERVERPORT}/kopano')#" \ - -i /etc/z-push/kopano.conf.php -fi - -echo "Configuring Z-Push for use behind a reverse proxy" -sed -e "s#define([\"']USE_CUSTOM_REMOTE_IP_HEADER[\"'],\s*false)#define('USE_CUSTOM_REMOTE_IP_HEADER', true)#" \ - -i /etc/z-push/z-push.conf.php - echo "Ensure config ownership" chown -R www-data:www-data /run/sessions /tmp/webapp -echo "Activate z-push log rerouting" -touch /var/log/z-push/z-push.log -touch /var/log/z-push/z-push-error.log -chown www-data:www-data /var/log/z-push/z-push.log /var/log/z-push/z-push-error.log -tail --pid=$$ -F --lines=0 -q /var/log/z-push/z-push.log & -tail --pid=$$ -F --lines=0 -q /var/log/z-push/z-push-error.log & - echo "Starting Apache" rm -f /run/apache2/apache2.pid set +u diff --git a/zpush/Dockerfile b/zpush/Dockerfile new file mode 100644 index 0000000..7fbc4ee --- /dev/null +++ b/zpush/Dockerfile @@ -0,0 +1,72 @@ +ARG docker_repo=zokradonh +FROM ${docker_repo}/kopano_base + +ARG ADDITIONAL_KOPANO_PACKAGES="" +ARG DOWNLOAD_COMMUNITY_PACKAGES=1 +ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo/core" +ARG KOPANO_ZPUSH_REPOSITORY_URL="http://repo.z-hub.io/z-push:/final/Debian_9.0/" +ARG KOPANO_REPOSITORY_FLAGS="trusted=yes" +ARG KOPANO_CORE_VERSION=newest +ARG KOPANO_ZPUSH_VERSION=newest +ARG RELEASE_KEY_DOWNLOAD=0 + +# install Kopano WebApp and refresh ca-certificates +RUN \ + # community download and package as apt source repository + . /kopano/helper/create-kopano-repo.sh && \ + if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ + dl_and_package_community "core"; \ + fi; \ + echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ + # save kopano version + echo "core-${KOPANO_CORE_VERSION}" > /kopano/buildversion; \ + echo "zpush-${KOPANO_ZPUSH_VERSION}" >> /kopano/buildversion; \ + # prepare z-push installation + echo "deb ${KOPANO_ZPUSH_REPOSITORY_URL} /" > /etc/apt/sources.list.d/zpush.list && \ + curl -s -S -o - "${KOPANO_ZPUSH_REPOSITORY_URL}/Release.key" | apt-key add - && \ + # install + set -x && \ + apt-get update && apt-get install -y --no-install-recommends \ + apache2 \ + libapache2-mod-php7.0 \ + crudini \ + z-push-kopano \ + z-push-config-apache \ + ca-certificates \ + ${ADDITIONAL_KOPANO_PACKAGES} \ + && rm -rf /var/cache/apt /var/lib/apt/lists + +COPY apache2-kopano.conf /etc/apache2/sites-available/kopano.conf + +# configure basics +RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ + sed -i -e 's/# de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen && \ + dpkg-reconfigure --frontend=noninteractive locales && \ + update-locale LANG=en_US.UTF-8 && \ + # configure apache + rm /etc/apache2/sites-enabled/* && \ + sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf && \ + sed -e "s,MaxSpareServers[^:].*,MaxSpareServers 5," -i /etc/apache2/mods-available/mpm_prefork.conf && \ + a2disconf other-vhosts-access-log && \ + a2ensite kopano && \ + echo "Listen 80" > /etc/apache2/ports.conf && \ + # configure mod_php + a2enmod rewrite && \ + crudini --set /etc/php/7.0/apache2/php.ini PHP upload_max_filesize 500M && \ + crudini --set /etc/php/7.0/apache2/php.ini PHP post_max_size 500M && \ + crudini --set /etc/php/7.0/apache2/php.ini PHP max_input_vars 1800 && \ + crudini --set /etc/php/7.0/apache2/php.ini Session session.save_path /run/sessions && \ + # configure z-push + mkdir -p /var/lib/z-push /var/log/z-push && \ + chown www-data:www-data /var/lib/z-push /var/log/z-push + +VOLUME /var/lib/z-push/ + +EXPOSE 80/tcp + +COPY start.sh /kopano/start.sh + +ENV LANG en_US.UTF-8 + +ENTRYPOINT ["/usr/bin/dumb-init", "--"] +CMD [ "/kopano/start.sh" ] diff --git a/zpush/apache2-kopano.conf b/zpush/apache2-kopano.conf new file mode 100644 index 0000000..6245ad7 --- /dev/null +++ b/zpush/apache2-kopano.conf @@ -0,0 +1,8 @@ + + DocumentRoot /var/www/ + + LogFormat "%{X-Forwarded-For}i %{%a %b %d %T %Y}t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy + ErrorLog "|/bin/cat" + CustomLog "|/bin/cat" proxy + + diff --git a/zpush/start.sh b/zpush/start.sh new file mode 100755 index 0000000..23e4746 --- /dev/null +++ b/zpush/start.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +# define default value for serverhostname and serverport if not passed into container +KCCONF_SERVERHOSTNAME=${KCCONF_SERVERHOSTNAME:-127.0.0.1} +KCCONF_SERVERPORT=${KCCONF_SERVERPORT:-236} +ADDITIONAL_KOPANO_PACKAGES=${ADDITIONAL_KOPANO_PACKAGES:-""} + +set -eu # unset variables are errors & non-zero return values exit the whole script + +[ ! -z "$ADDITIONAL_KOPANO_PACKAGES" ] && apt update +[ ! -z "$ADDITIONAL_KOPANO_PACKAGES" ] && for installpkg in "$ADDITIONAL_KOPANO_PACKAGES"; do + if [ $(dpkg-query -W -f='${Status}' $installpkg 2>/dev/null | grep -c "ok installed") -eq 0 ]; then + apt --assume-yes install $installpkg; + fi +done + +echo "Ensure directories" +mkdir -p /run/sessions + +if [ "$KCCONF_SERVERHOSTNAME" == "127.0.0.1" ]; then + echo "Z-Push is using the default: connection" +else + echo "Z-Push is using an ip connection" + sed -e "s#define([\"']MAPI_SERVER[\"'],\s*[\"']default:[\"'])#define('MAPI_SERVER', 'https://${KCCONF_SERVERHOSTNAME}:${KCCONF_SERVERPORT}/kopano')#" \ + -i /etc/z-push/kopano.conf.php +fi + +echo "Configuring Z-Push for use behind a reverse proxy" +sed -e "s#define([\"']USE_CUSTOM_REMOTE_IP_HEADER[\"'],\s*false)#define('USE_CUSTOM_REMOTE_IP_HEADER', true)#" \ + -i /etc/z-push/z-push.conf.php + +echo "Ensure config ownership" +chown -R www-data:www-data /run/sessions + +echo "Activate z-push log rerouting" +touch /var/log/z-push/z-push.log +touch /var/log/z-push/z-push-error.log +chown www-data:www-data /var/log/z-push/z-push.log /var/log/z-push/z-push-error.log +tail --pid=$$ -F --lines=0 -q /var/log/z-push/z-push.log & +tail --pid=$$ -F --lines=0 -q /var/log/z-push/z-push-error.log & + +echo "Starting Apache" +rm -f /run/apache2/apache2.pid +set +u +source /etc/apache2/envvars +exec /usr/sbin/apache2 -DFOREGROUND