flywithu/kopano-docker
1
0
Fork 0
mirror of https://github.com/zokradonh/kopano-docker synced 2025-07-23 01:45:37 +00:00
Code Issues Releases Wiki Activity

Enforce .editorconfig by running eclint (#213)

Browse Source 
* tune .editorconfig for the existing files
* fix reported linting issues
* travis: switch language to node_js to be able to run npm
* travis: build on ubuntu bionic
This commit is contained in:
Felix Bartels 2019-08-12 16:14:45 +02:00 committed by GitHub
parent d901eb05b9
commit fb37723cc3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
30 changed files with 402 additions and 377 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
.editorconfig
View File

@ -5,6 +5,25 @@ root = true
[*]
charset = utf-8
indent_style = tab
end_of_line = lf
trim_trailing_whitespaces = true
indent_style = tab
[{*.{yml,yaml},.yamllint}]
indent_style = space
indent_size = 2
[*.{md,txt}]
indent_style = space
trim_trailing_whitespace = false
[Dockerfile*]
indent_style = space
indent_size = 4
[*.py]
indent_style = space
indent_size = 4
[*.ldif]
indent_style = space

8
.travis.yml
View File

@ -1,5 +1,10 @@
sudo: required
language: bash
dist: bionic
language: node_js
node_js:
- stable
env:
global:
- HADOLINT_VERSION=1.16.3
@ -20,6 +25,7 @@ before_install:
- sudo chmod +rx /usr/local/bin/docker-compose
- sudo apt update && sudo apt install -y expect
- sudo pip install --upgrade pip && sudo pip install yamllint
- npm install -g eclint
install:
- make lint
- "./test.exp"

72
.travis/docker-hub-helper.sh
View File

@ -18,17 +18,17 @@ docker_login=${docker_login:-""}
docker_pwd=${docker_pwd:-""}
if [ -z "$docker_login" ]; then
docker_login="$(<~/.docker-account-user)"
docker_login="$(<~/.docker-account-user)"
fi
if [ -z "$docker_pwd" ]; then
docker_pwd="$(<~/.docker-account-pwd)"
docker_pwd="$(<~/.docker-account-pwd)"
fi
image=${1:-""}
if [ -z "$image" ]; then
echo "ERROR: You must specify an image to modify."
exit 1
echo "ERROR: You must specify an image to modify."
exit 1
fi
# below code is based on https://github.com/moikot/golang-dep/blob/aab3ea8462a19407544f1ce9daa11c3f0924394c/.travis/push.sh
@ -43,41 +43,41 @@ fi
# push_readme "foo/bar" "token"
#
push_readme() {
declare -r image="${1}"
declare -r token="${2}"
declare -r readme="${3}"
declare -r image="${1}"
declare -r token="${2}"
declare -r readme="${3}"
local code
code=$(jq -n --arg msg "$(<"${readme}")" \
'{"registry":"registry-1.docker.io","full_description": $msg }' | \
curl -s -o /dev/null -L -w "%{http_code}" \
https://cloud.docker.com/v2/repositories/"${image}"/ \
-d @- -X PATCH \
-H "Content-Type: application/json" \
-H "Authorization: JWT ${token}")
local code
code=$(jq -n --arg msg "$(<"${readme}")" \
'{"registry":"registry-1.docker.io","full_description": $msg }' | \
curl -s -o /dev/null -L -w "%{http_code}" \
https://cloud.docker.com/v2/repositories/"${image}"/ \
-d @- -X PATCH \
-H "Content-Type: application/json" \
-H "Authorization: JWT ${token}")
if [[ "${code}" = "200" ]]; then
printf "Successfully pushed README to Docker Hub"
else
printf "Unable to push README to Docker Hub, response code: %s\n" "${code}"
exit 1
fi
if [[ "${code}" = "200" ]]; then
printf "Successfully pushed README to Docker Hub"
else
printf "Unable to push README to Docker Hub, response code: %s\n" "${code}"
exit 1
fi
local code
code=$(jq -n --arg msg "$(head -n 1 "${readme}" | cut -d' ' -f2-)" \
'{"registry":"registry-1.docker.io","description": $msg }' | \
curl -s -o /dev/null -L -w "%{http_code}" \
https://cloud.docker.com/v2/repositories/"${image}"/ \
-d @- -X PATCH \
-H "Content-Type: application/json" \
-H "Authorization: JWT ${token}")
local code
code=$(jq -n --arg msg "$(head -n 1 "${readme}" | cut -d' ' -f2-)" \
'{"registry":"registry-1.docker.io","description": $msg }' | \
curl -s -o /dev/null -L -w "%{http_code}" \
https://cloud.docker.com/v2/repositories/"${image}"/ \
-d @- -X PATCH \
-H "Content-Type: application/json" \
-H "Authorization: JWT ${token}")
if [[ "${code}" = "200" ]]; then
printf "Successfully pushed description to Docker Hub"
else
printf "Unable to push description to Docker Hub, response code: %s\n" "${code}"
exit 1
fi
if [[ "${code}" = "200" ]]; then
printf "Successfully pushed description to Docker Hub"
else
printf "Unable to push description to Docker Hub, response code: %s\n" "${code}"
exit 1
fi
}
# Login into Docker repository
@ -91,5 +91,5 @@ https://hub.docker.com/v2/users/login/ | jq -r .token)
push_readme "${docker_repo}"/kopano_"${image}" "${token}" "${image}"/README.md
if [ -e "$tmpfile" ]; then
rm "$tmpfile"
rm "$tmpfile"
fi

1
Makefile
View File

@ -325,6 +325,7 @@ publish-zpush: tag-zpush
component=zpush make publish-container
lint:
git ls-files | xargs --max-lines=1 eclint check
grep -rIl '^#![[:blank:]]*/bin/\(bash\|sh\|zsh\)' \
--exclude-dir=.git --exclude=*.sw? \
| xargs shellcheck -x

60
base/create-kopano-repo.sh
View File

@ -6,49 +6,49 @@ set -eu
function urldecode { : "${*//+/ }"; echo -e "${_//%/\\x}"; }
function version_from_filename {
echo "$1" | sed -r 's#[a-z]+-([0-9_.+]+)-.*#\1#'
echo "$1" | sed -r 's#[a-z]+-([0-9_.+]+)-.*#\1#'
}
function h5ai_query {
component=${1:-core}
distribution=${2:-Debian_9.0}
component=${1:-core}
distribution=${2:-Debian_9.0}
filename=$(curl -s -S -L -d "action=get&items%5Bhref%5D=%2Fcommunity%2F$component%3A%2F&items%5Bwhat%5D=1" -H \
"Accept: application/json" https://download.kopano.io/community/ | jq -r '.items[].href' | \
grep "$distribution-all\|$distribution-amd64" | sed "s#/community/$component:/##")
filename=$(curl -s -S -L -d "action=get&items%5Bhref%5D=%2Fcommunity%2F$component%3A%2F&items%5Bwhat%5D=1" -H \
"Accept: application/json" https://download.kopano.io/community/ | jq -r '.items[].href' | \
grep "$distribution-all\|$distribution-amd64" | sed "s#/community/$component:/##")
if [ -z "${filename// }" ]; then
echo "unknown component"
exit 1
fi
if [ -z "${filename// }" ]; then
echo "unknown component"
exit 1
fi
filename=$(urldecode "$filename")
echo "$filename"
filename=$(urldecode "$filename")
echo "$filename"
}
function dl_and_package_community {
# take component as first argument and fallback to core if none given
component=${1:-core}
distribution=${2:-Debian_9.0}
# take component as first argument and fallback to core if none given
component=${1:-core}
distribution=${2:-Debian_9.0}
# query community server by h5ai API
filename=$(h5ai_query "$component" "$distribution")
# query community server by h5ai API
filename=$(h5ai_query "$component" "$distribution")
# download & extract packages
curl -s -S -L -o "$filename" https://download.kopano.io/community/"$component":/"${filename}"
tar xf "$filename"
# download & extract packages
curl -s -S -L -o "$filename" https://download.kopano.io/community/"$component":/"${filename}"
tar xf "$filename"
# save buildversion
currentVersion=$(version_from_filename "$filename")
echo "$component-$currentVersion" >> /kopano/buildversion
# save buildversion
currentVersion=$(version_from_filename "$filename")
echo "$component-$currentVersion" >> /kopano/buildversion
# save disk space
rm "$filename"
# save disk space
rm "$filename"
mv "${filename%.tar.gz}" "$component"
mv "${filename%.tar.gz}" "$component"
# prepare directory to be apt source
cd "$component"
apt-ftparchive packages . | gzip -9c > Packages.gz
cd ".."
# prepare directory to be apt source
cd "$component"
apt-ftparchive packages . | gzip -9c > Packages.gz
cd ".."
}

4
core/Dockerfile
View File

@ -43,7 +43,7 @@ RUN \
set -x && \
apt-get install --no-install-recommends -y \
kopano-server-packages \
kopano-grapi kopano-kapid \
kopano-grapi kopano-kapid \
${ADDITIONAL_KOPANO_PACKAGES} \
&& \
set +x && \
@ -68,4 +68,4 @@ ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD [ "/kopano/start-service.sh" ]
HEALTHCHECK --interval=5m --timeout=60s \
CMD /kopano/healthcheck.sh
CMD /kopano/healthcheck.sh

2
core/README.md
View File

@ -16,7 +16,7 @@ KCCONF_SERVER_MYSQL_HOST=127.0.0.1
| | | |
General prefix |
| | |
Name of the relevant configuration file (server.cfg in this case)
Name of the relevant configuration file (server.cfg in this case)
| |
Name of the configuration option in the configuration file
|

2
core/defaultconfigs/server.py
View File

@ -12,7 +12,7 @@ kcconf.configkopano({
'server_listen': "*:236",
'server_listen_tls': "*:237",
'sync_gab_realtime': "no",
'softdelete_lifetime': "0",
'softdelete_lifetime': "0",
'kcoidc_initialize_timeout': "360"
}
})

40
kdav/apache2-kopano-kdav.conf
View File

@ -1,29 +1,29 @@
<VirtualHost *:80>
DocumentRoot /usr/share/kdav/
DocumentRoot /usr/share/kdav/
LogFormat "%{X-Forwarded-For}i %{%a %b %d %T %Y}t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
ErrorLog "|/bin/cat"
CustomLog "|/bin/cat" proxy
LogFormat "%{X-Forwarded-For}i %{%a %b %d %T %Y}t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
ErrorLog "|/bin/cat"
CustomLog "|/bin/cat" proxy
RewriteEngine On
# redirect well-known url http://sabre.io/dav/service-discovery/
# (redirect may need to be done to the absolute external url)
RewriteRule ^/.well-known/carddav$ / [R]
RewriteRule ^/.well-known/caldav$ / [R]
# This makes every request go to server.php
RewriteRule ^/(.*)$ /server.php [L]
RewriteEngine On
# redirect well-known url http://sabre.io/dav/service-discovery/
# (redirect may need to be done to the absolute external url)
RewriteRule ^/.well-known/carddav$ / [R]
RewriteRule ^/.well-known/caldav$ / [R]
# This makes every request go to server.php
RewriteRule ^/(.*)$ /server.php [L]
# Output buffering needs to be off, to prevent high memory usage
php_flag output_buffering off
# Output buffering needs to be off, to prevent high memory usage
php_flag output_buffering off
# This is also to prevent high memory usage
php_flag always_populate_raw_post_data off
# This is also to prevent high memory usage
php_flag always_populate_raw_post_data off
# SabreDAV is not compatible with mbstring function overloading
php_flag mbstring.func_overload off
# SabreDAV is not compatible with mbstring function overloading
php_flag mbstring.func_overload off
# set higher limits by default
php_value memory_limit 256M
php_value max_execution_time 259200
# set higher limits by default
php_value memory_limit 256M
php_value max_execution_time 259200
</VirtualHost>

2
kdav/start.sh
View File

@ -23,7 +23,7 @@ if [ "$KCCONF_SERVERHOSTNAME" == "127.0.0.1" ]; then
else
echo "kDAV is using an ip connection"
sed -e "s#define([\"']MAPI_SERVER[\"'],\s*[\"']default:[\"'])#define('MAPI_SERVER', 'https://${KCCONF_SERVERHOSTNAME}:${KCCONF_SERVERPORT}/kopano')#" \
-i /usr/share/kdav/config.php
-i /usr/share/kdav/config.php
fi
# change root uri to /kdav

10
konnect/Dockerfile
View File

@ -16,11 +16,11 @@ LABEL maintainer=az@zok.xyz \
org.label-schema.schema-version="1.0"
RUN apk add --no-cache \
jq \
moreutils \
openssl \
py-pip \
&& pip install yq==2.7.2
jq \
moreutils \
openssl \
py-pip \
&& pip install yq==2.7.2
ENV DOCKERIZE_VERSION v0.6.1
RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz \

2
kwmserver/wrapper.sh
View File

@ -72,7 +72,7 @@ export registration_conf=/kopano/ssl/konnectd-identifier-registration.yaml
# so the konnect container (since the startup is running as nobody) can write to it.
exec dockerize \
-wait http://kopano_konnect:8777/.well-known/openid-configuration \
-timeout 360s \
-timeout 360s \
/usr/local/bin/docker-entrypoint.sh serve \
--registration-conf /kopano/ssl/konnectd-identifier-registration.yaml \
"$@"

4
ldap/bootstrap/schema/mmc/kopano.schema
View File

@ -320,7 +320,7 @@ objectclass ( 1.3.6.1.4.1.47732.1.5.0.0
DESC 'KOPANO: a Kopano Addresslist'
SUP top STRUCTURAL
MUST ( cn )
MAY (
MAY (
kopanoAccount $ kopanoHidden $ kopanoFilter $ kopanoBase
)
)
@ -330,7 +330,7 @@ objectclass ( 1.3.6.1.4.1.47732.1.7.0.0
DESC 'KOPANO: a Kopano dynamic group'
SUP top STRUCTURAL
MUST ( cn )
MAY (
MAY (
kopanoAccount $ kopanoHidden $ mail $ kopanoAliases $ kopanoFilter $ kopanoBase
)
)

4
meet/Dockerfile
View File

@ -45,9 +45,9 @@ RUN \
set -x && \
# TODO mime-support could be remove once its an official dependency of kopano-kwebd
apt-get install --no-install-recommends -y \
mime-support \
mime-support \
kopano-kwebd \
kopano-meet kopano-meet-webapp \
kopano-meet kopano-meet-webapp \
${ADDITIONAL_KOPANO_PACKAGES} \
&& \
cp /usr/share/doc/kopano-meet-webapp/config.json.in /usr/share/kopano-kweb/www/config/kopano/meet.json && \

1
meet/README.md
View File

@ -21,5 +21,4 @@ General prefix |
Name of the configuration option in the configuration file
|
Value of the configuration option
```

4
php/README.md
View File

@ -30,8 +30,8 @@ General prefix | | |
Special value to signal the change should go into config-$identifier.php (located in /etc/kopano/webapp)
| | |
Identifier for the configuration file (config-$identifier.php)
| |
Name of the configuration option in the configuration file
| |
Name of the configuration option in the configuration file
|
Value of the configuration option
```

344
web/kweb.cfg
View File

@ -1,200 +1,200 @@
{%FQDN%}:80, :80 {
redir / https://{host}{uri}
redir / https://{host}{uri}
}
# kweb >=0.7.0 needs the explicit hostname to be set
{%FQDN%}, *:2015, *:443 {
log stdout
errors stdout
log stdout
errors stdout
gzip
header / Server kweb
gzip
header / Server kweb
tls {%EMAIL%}
tls {%EMAIL%}
limits {
header 1MB
body 50MB
}
limits {
header 1MB
body 50MB
}
redir 302 {
if {path} is /
/ /webapp/
}
redir 302 {
if {path} is /
/ /webapp/
}
# Config
proxy /api/config/v1/kopano/meet/ http://kopano_meet:9080/ {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
# Config
proxy /api/config/v1/kopano/meet/ http://kopano_meet:9080/ {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
# Konnect
proxy /upstreams/konnect/ {
without /upstreams/konnect/
upstream kopano_konnect:8777
policy least_conn
health_check /health-check
fail_timeout 10s
try_duration 30s
keepalive 100
transparent
header_downstream Feature-Policy "midi 'none'"
header_downstream X-Frame-Options "sameorigin"
}
ratelimit * 100 200 minute {
/upstreams/konnect/v1/
/signin/v1/identifier/_/
whitelist 127.0.0.1/8
}
rewrite /.well-known/openid-configuration {
to /upstreams/konnect/{path}
}
rewrite /konnect/v1/ {
to /upstreams/konnect/{path}
}
rewrite /signin/v1/ {
to /upstreams/konnect/{path}
}
redir /signin /signin/v1/identifier
# Konnect
proxy /upstreams/konnect/ {
without /upstreams/konnect/
upstream kopano_konnect:8777
policy least_conn
health_check /health-check
fail_timeout 10s
try_duration 30s
keepalive 100
transparent
header_downstream Feature-Policy "midi 'none'"
header_downstream X-Frame-Options "sameorigin"
}
ratelimit * 100 200 minute {
/upstreams/konnect/v1/
/signin/v1/identifier/_/
whitelist 127.0.0.1/8
}
rewrite /.well-known/openid-configuration {
to /upstreams/konnect/{path}
}
rewrite /konnect/v1/ {
to /upstreams/konnect/{path}
}
rewrite /signin/v1/ {
to /upstreams/konnect/{path}
}
redir /signin /signin/v1/identifier
# Kapi
proxy /upstreams/kapi/ {
without /upstreams/kapi/
upstream kopano_kapi:8039
policy least_conn
health_check /health-check
fail_timeout 10s
try_duration 30s
keepalive 100
transparent
websocket
}
ratelimit * 100 200 minute {
/upstreams/kapi/api/
whitelist 127.0.0.1/8
}
rewrite /api/gc/v1/ {
to /upstreams/kapi/{path}
}
rewrite /api/pubs/v1/ {
to /upstreams/kapi/{path}
}
rewrite /api/kvs/v1/ {
to /upstreams/kapi/{path}
}
# Kapi
proxy /upstreams/kapi/ {
without /upstreams/kapi/
upstream kopano_kapi:8039
policy least_conn
health_check /health-check
fail_timeout 10s
try_duration 30s
keepalive 100
transparent
websocket
}
ratelimit * 100 200 minute {
/upstreams/kapi/api/
whitelist 127.0.0.1/8
}
rewrite /api/gc/v1/ {
to /upstreams/kapi/{path}
}
rewrite /api/pubs/v1/ {
to /upstreams/kapi/{path}
}
rewrite /api/kvs/v1/ {
to /upstreams/kapi/{path}
}
# playground for oidc
proxy /oidc-playground/ http://kopano_playground:8888/ {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
folderish /oidc-playground
# playground for oidc
proxy /oidc-playground/ http://kopano_playground:8888/ {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
folderish /oidc-playground
# playground for Kapi
proxy /kapi-playground/ http://kopano_playground:8888/ {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
folderish /kapi-playground
# playground for Kapi
proxy /kapi-playground/ http://kopano_playground:8888/ {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
folderish /kapi-playground
# Kwmserver
proxy /upstreams/kwmserver/ {
without /upstreams/kwmserver/
upstream kopano_kwmserver:8778
policy least_conn
health_check /health-check
fail_timeout 10s
try_duration 30s
keepalive 100
transparent
websocket
}
ratelimit * 100 200 minute {
/upstreams/kwmserver/
whitelist 127.0.0.1/8
}
rewrite /api/kwm/v2/ {
to /upstreams/kwmserver/{path}
}
# Kwmserver
proxy /upstreams/kwmserver/ {
without /upstreams/kwmserver/
upstream kopano_kwmserver:8778
policy least_conn
health_check /health-check
fail_timeout 10s
try_duration 30s
keepalive 100
transparent
websocket
}
ratelimit * 100 200 minute {
/upstreams/kwmserver/
whitelist 127.0.0.1/8
}
rewrite /api/kwm/v2/ {
to /upstreams/kwmserver/{path}
}
proxy /meet/ kopano_meet:9080 {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
folderish /meet
proxy /meet/ kopano_meet:9080 {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
folderish /meet
proxy /webapp/ kopano_webapp:9080 {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
folderish /webapp
proxy /webapp/ kopano_webapp:9080 {
fail_timeout 10s
try_duration 30s
transparent
keepalive 100
}
folderish /webapp
proxy /Microsoft-Server-ActiveSync kopano_zpush:80 {
transparent
keepalive 0
timeout 3540s
}
proxy /Microsoft-Server-ActiveSync kopano_zpush:80 {
transparent
keepalive 0
timeout 3540s
}
proxy /AutoDiscover/AutoDiscover.xml kopano_zpush:80 {
transparent
keepalive 0
fail_timeout 10s
try_duration 30s
}
proxy /AutoDiscover/AutoDiscover.xml kopano_zpush:80 {
transparent
keepalive 0
fail_timeout 10s
try_duration 30s
}
proxy /Autodiscover/Autodiscover.xml kopano_zpush:80 {
transparent
keepalive 0
fail_timeout 10s
try_duration 30s
}
proxy /Autodiscover/Autodiscover.xml kopano_zpush:80 {
transparent
keepalive 0
fail_timeout 10s
try_duration 30s
}
proxy /autodiscover/autodiscover.xml kopano_zpush:80 {
transparent
keepalive 0
fail_timeout 10s
try_duration 30s
}
proxy /autodiscover/autodiscover.xml kopano_zpush:80 {
transparent
keepalive 0
fail_timeout 10s
try_duration 30s
}
proxy /caldav/ kopano_ical:8080 {
fail_timeout 10s
try_duration 30s
transparent
}
folderish /caldav
proxy /caldav/ kopano_ical:8080 {
fail_timeout 10s
try_duration 30s
transparent
}
folderish /caldav
proxy /kdav/ kopano_kdav:80 {
transparent
keepalive 0
fail_timeout 10s
try_duration 30s
}
proxy /kdav/ kopano_kdav:80 {
transparent
keepalive 0
fail_timeout 10s
try_duration 30s
}
redir 301 {
/.well-known/carddav /kdav/
/.well-known/caldav /kdav/
}
redir 301 {
/.well-known/carddav /kdav/
/.well-known/caldav /kdav/
}
proxy /ldap-admin/ ldap-admin:80 {
without /ldap-admin
transparent
}
redir /ldap-admin /ldap-admin/
proxy /ldap-admin/ ldap-admin:80 {
without /ldap-admin
transparent
}
redir /ldap-admin /ldap-admin/
proxy /password-reset/ password-self-service:80 {
without /password-reset
transparent
}
redir /password-reset /password-reset/
proxy /password-reset/ password-self-service:80 {
without /password-reset
transparent
}
redir /password-reset /password-reset/
}

8
zpush/apache2-kopano.conf
View File

@ -1,8 +1,8 @@
<VirtualHost *:80>
DocumentRoot /var/www/
DocumentRoot /var/www/
LogFormat "%{X-Forwarded-For}i %{%a %b %d %T %Y}t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
ErrorLog "|/bin/cat"
CustomLog "|/bin/cat" proxy
LogFormat "%{X-Forwarded-For}i %{%a %b %d %T %Y}t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
ErrorLog "|/bin/cat"
CustomLog "|/bin/cat" proxy
</VirtualHost>