* move all env definition in same block
* implement EXE env variable for kopano-core
* Obsoletes parts of https://github.com/zokradonh/kopano-docker/pull/366
* use EXE in konnect container
* add exe for web
* make it possible to docker-composer run commands in web container
* check if oidc provider is reachable
Relates to https://github.com/zokradonh/kopano-docker/issues/376
Signed-off-by: Felix Bartels <felix@host-consultants.de>
* compare issuer in the discovery document with the configured one
Signed-off-by: Felix Bartels <felix@host-consultants.de>
Allow external configuration of --signed-out-uri in konnect
Signed-off-by: Felix Bartels <felix@host-consultants.de>
Co-authored-by: Erik Damrose <damrose@univention.de>
* comment currently broken tests (because of read-only container)
* move initial creation out of guest or authority configuration
* instead of copying merge files into destination with slurp
* failsafe authority registration
* switch containers in compose file to read-only
related to https://github.com/zokradonh/kopano-docker/issues/310
* make scheduler container read-only
* make meet container read-only
* fix konnect for read-only
* make core mostly read-only
* add custom location for ldap.cfg to default config
* sort config option for readability
* update makefile pull workaround
* make kdav read-only
* remove locale generation code from core startup
* fix commander tests
* fix store language tests
* add test for a dutch mailbox
* make it possible to run webapp read-only
* add locale hint to the compose file
* finish read-only mode for z-push
* update konnect to 0.28.0
* make signing_method configurable
* instruct npm to run with unsafe permissions (fixes error on jenkins)
* https://github.com/npm/npm/issues/20861
* split up installation for core and kapi+grapi
* add some debug output in case package installation fails
* let konnect run as nobody
* add code to check writing permissions for certificates and create certificates in container if possible
* add tests to check on failed and successful certificate creation
* add certificate creation logic from the konnect binfile
* add env for custom dockerize timeout (to fail earlier in tests)
* add mount for machine-id
* services should check the availability of the machine id before starting
* add a note to the readme
* add new mounts to the multiserver example
* add dockerize to kweb
* fix meet demo
* add option to change base path
* fix env name
* add kweb configuration for using konnect in a subpath
* make webapp display configurable
* more explicit startup messages
* add ability to use an external oidc provider
* install the grapi ldap backend in the image when building with a recent enough kopano version
* add the ability to run test in the konnect container
* the startup script gets more and more complicated, there should be a way to test it
* test some values and add test helper
* do not simply cat the registration, but call with yq
* update kweb and konnect
* fixes for setup-tools.sh
fixes https://github.com/zokradonh/kopano-docker/issues/266
* add startup tests for meet demo
* add architecture to contributing file
* define ical_listen for kopano-ical
* precreate database if it does not yet exist
* fix spelling
* precreate meet keys in ssl, but do the actual action in konnect
* generate all keys for meet within Konnect
* incorporate explicit logging and settings set by ucs app
* make konnect container more dynamic
* set default oidc_issuer_identifier
* print size of container
* builder image is not required for security scanning
* define entrypoint instead of using command
* more cleanup of testing containers
* give logs in case of error
* Add example compose file to run Meet without Kopano
* add readme
* add an example env file
* add setup.sh so user can easily create their own
* use kopano repo by default
* make konnect url configurable
* switch to fork of dockerize as it allows to skip ssl verification
since the address of the oidc issuer is now dynamic it could point to an invalid ssl certificate (the self signed cert is by default "valid" for *)
* update hadolint
* add more scopes
* only skip ssl verification when running insecure
* tune .editorconfig for the existing files
* fix reported linting issues
* travis: switch language to node_js to be able to run npm
* travis: build on ubuntu bionic
* Update konnect and kwmserver
Signed-off-by: Felix Bartels <felix@host-consultants.de>
* readd mime type workaround to web container
Signed-off-by: Felix Bartels <felix@host-consultants.de>
* update supercronic to the latest release
* update tagging for base
* fix version tag for core
* put versions for all containers into labels instead
* define vcf_ref once
* remove cache-from as caches will be invalidated early on because of passing the git ref early on
* do not rebuild when publishing
* do not rebuild when publishing
* reduce layers required for env assignment
* pull newer base images for kdav, scheduler and ssl if available
* alsp publish tag for ldap containers
* fix publishing of ssl container
* remove surplus locale configuration (should only be in base image)
update konnect
add version to ldap and ldap_demo images
* also create a tag for the ldap images
* add ldap version to compose file
switch kopano_ssl from apline:latest to alpine:3.9
add tagging and publishing of tag to Makefile
update version of Konnect and Kweb since they have been update meanwhile
* get settings for meet from env
* prepare ssl container for device registration for konnect/kwmserver
* move device registry modification to konnect container
* enable WebApp in the app switcher
* upstream docker container has been updated to alpine 3.9
* update konnect
* add further config for guest mode
* replace the check for the file with a check for konnect startup
* fix kwmserver wrapper
* add possibility to change logging in kwmserver
* add hadolint for dockerfile linting
* add hadofile config
* add checks for dockerfiles and shellcheck into makefile
* shellcheck fixes
* add workaround so that .env can be sourced again from version.sh
* hadolint fixes
* print progress of build/run.sh
* fix check for jq in setup.sh
relates to #41 and #26
