Resolve merge conflicts

Signed-off-by: Akhil <akhil@e.email>
the-djmaze · Sep 2, 2024 · f4ad959 · f4ad959
2 parents 022bf43 + 0db6c6a
commit f4ad959
Show file tree

Hide file tree

Showing 1,730 changed files with 118,840 additions and 63,055 deletions.
diff --git a/.docker/release/Dockerfile b/.docker/release/Dockerfile
@@ -1,51 +1,188 @@
+# syntax=docker/dockerfile:1
+
+FROM alpine:3.18.5 AS builder
+RUN apk add --no-cache php82 php82-json php-phar php-zip
+RUN apk add --no-cache npm
+RUN npm install -g gulp yarn
+WORKDIR /source
+COPY package.json yarn.lock ./
+RUN yarn install
+COPY . .
+# Patch release.php with hotfix from: https://github.com/xgbstar1/snappymail-docker/blob/main/Dockerfile, so that release.php doesn't fail with error
+RUN sed -i 's_^if.*rename.*snappymail.v.0.0.0.*$_if (!!system("mv snappymail/v/0.0.0 snappymail/v/{$package->version}")) {_' cli/release.php  || true
+RUN php release.php
+RUN set -eux; \
+    VERSION=$( ls build/dist/releases/webmail ); \
+    ls -al build/dist/releases/webmail/$VERSION/snappymail-$VERSION.tar.gz; \
+    mkdir -p /snappymail; \
+    tar -zxvf build/dist/releases/webmail/$VERSION/snappymail-$VERSION.tar.gz -C /snappymail; \
+    find /snappymail -type d -exec chmod 550 {} \; ; \
+    find /snappymail -type f -exec chmod 440 {} \; ; \
+    find /snappymail/data -type d -exec chmod 750 {} \; ; \
+    # Remove unneeded files
+    rm -v /snappymail/README.md /snappymail/_include.php
+
 # Inspired by the original Rainloop dockerfile from youtous on GitLab
-FROM php:8.1-fpm-bullseye
+FROM php:8.2-fpm-alpine AS final
 
-ARG FILES_ZIP
+LABEL org.label-schema.description="SnappyMail webmail client image using nginx, php-fpm on Alpine"
 
+# Install dependencies such as nginx
+RUN apk add --no-cache ca-certificates nginx supervisor bash
 
+# Install PHP extensions
+# apcu
+RUN set -eux; \
+    apk add --no-cache --virtual .build-dependencies $PHPIZE_DEPS; \
+    pecl install apcu; \
+    docker-php-ext-enable apcu; \
+    docker-php-source delete; \
+    apk del .build-dependencies;
 
-LABEL org.label-schema.description="SnappyMail webmail client image using nginx, php-fpm based on Debian Buster"
+# gd
+RUN set -eux; \
+    apk add --no-cache freetype libjpeg-turbo libpng; \
+    apk add --no-cache --virtual .deps freetype-dev libjpeg-turbo-dev libpng-dev; \
+    docker-php-ext-configure gd --with-freetype --with-jpeg; \
+    docker-php-ext-install gd; \
+    apk del .deps
 
-ENV UID=991 GID=991 UPLOAD_MAX_SIZE=25M LOG_TO_STDERR=true MEMORY_LIMIT=128M SECURE_COOKIES=true
-ENV fpm.pool.clear_env=false
+# gmagick
+# RUN set -eux; \
+#     apk add --no-cache graphicsmagick libgomp; \
+#     apk add --no-cache --virtual .deps graphicsmagick-dev libtool; \
+#     apk add --no-cache --virtual .build-dependencies $PHPIZE_DEPS; \
+#     pecl install gmagick-2.0.6RC1; \
+#     docker-php-ext-enable gmagick; \
+#     docker-php-source delete; \
+#     apk del .build-dependencies; \
+#     apk del .deps
 
-# Install dependencies such as nginx
-RUN mkdir -p /usr/share/man/man1/ /usr/share/man/man3/ /usr/share/man/man7/ && \
-    apt-get update -q --fix-missing && \
-    apt-get -y upgrade && \
-    apt-get install --no-install-recommends -y \
-        apt-transport-https gnupg openssl wget curl ca-certificates nginx supervisor sudo \
-        unzip libzip-dev libxml2-dev libldb-dev libldap2-dev \
-        sqlite3 libsqlite3-dev libsqlite3-0 libpq-dev postgresql-client mariadb-client logrotate \
-        zip mlocate libpcre3-dev libicu-dev \
-        build-essential chrpath libssl-dev \
-        libxft-dev libfreetype6 libfreetype6-dev \
-        libpng-dev libjpeg62-turbo-dev \
-        libfontconfig1 libfontconfig1-dev \
-        && \
-    rm -rf /var/lib/apt/lists/*
+# gnupg
+RUN set -eux; \
+    apk add --no-cache gnupg gpgme; \
+    apk add --no-cache --virtual .deps gpgme-dev; \
+    apk add --no-cache --virtual .build-dependencies $PHPIZE_DEPS; \
+    pecl install gnupg; \
+    docker-php-ext-enable gnupg; \
+    docker-php-source delete; \
+    apk del .build-dependencies; \
+    apk del .deps
 
-# Install PHP extensions
-RUN php -m && \
-    docker-php-ext-configure ldap --with-libdir=lib/$(uname -m)-linux-gnu/ && \
-    docker-php-ext-configure intl && \
-    docker-php-ext-configure gd --with-freetype --with-jpeg && \
-    docker-php-ext-install ldap opcache pdo_mysql pdo_pgsql zip intl gd && \
-    php -m
+# imagick
+RUN set -eux; \
+    apk add --no-cache imagemagick libgomp; \
+    apk add --no-cache --virtual .deps imagemagick-dev; \
+    apk add --no-cache --virtual .build-dependencies $PHPIZE_DEPS; \
+    echo | pecl install imagick; \
+    docker-php-ext-enable imagick; \
+    docker-php-source delete; \
+    apk del .build-dependencies; \
+    apk del .deps
+
+# intl
+RUN set -eux; \
+    apk add --no-cache icu-libs; \
+    apk add --no-cache --virtual .deps icu-dev; \
+    docker-php-ext-configure intl; \
+    docker-php-ext-install intl; \
+    apk del .deps
+
+# ldap
+RUN set -eux; \
+    apk add --no-cache libldap; \
+    apk add --no-cache --virtual .deps openldap-dev; \
+    docker-php-ext-configure ldap; \
+    docker-php-ext-install ldap; \
+    apk del .deps
+
+# mysql
+RUN docker-php-ext-install pdo_mysql
+
+# opcache
+RUN docker-php-ext-install opcache
+
+# postgres
+RUN set -eux; \
+    apk add --no-cache postgresql-libs; \
+    apk add --no-cache --virtual .deps postgresql-dev; \
+    docker-php-ext-install pdo_pgsql; \
+    apk del .deps
+
+# redis
+RUN set -eux; \
+    apk add --no-cache liblzf zstd-libs; \
+    apk add --no-cache --virtual .deps zstd-dev; \
+    apk add --no-cache --virtual .build-dependencies $PHPIZE_DEPS; \
+    pecl install igbinary; \
+    docker-php-ext-enable igbinary; \
+    pecl install --configureoptions 'enable-redis-igbinary="yes" enable-redis-lzf="yes" enable-redis-zstd="yes"' redis; \
+    docker-php-ext-enable redis; \
+    docker-php-source delete; \
+    apk del .build-dependencies; \
+    apk del .deps
+
+# tidy
+RUN set -eux; \
+    apk add --no-cache tidyhtml; \
+    apk add --no-cache --virtual .deps tidyhtml-dev; \
+    docker-php-ext-install tidy; \
+    apk del .deps
+
+# uuid
+RUN set -eux; \
+    apk add --no-cache libuuid; \
+    apk add --no-cache --virtual .deps util-linux-dev; \
+    apk add --no-cache --virtual .build-dependencies $PHPIZE_DEPS; \
+    pecl install uuid; \
+    docker-php-ext-enable uuid; \
+    docker-php-source delete; \
+    apk del .build-dependencies; \
+    apk del .deps
+
+# xxtea - Manually install php8 compatible version from https://github.com/xxtea/xxtea-pecl master branch
+RUN set -eux; \
+    apk add --no-cache --virtual .build-dependencies $PHPIZE_DEPS; \
+    wget -q https://github.com/xxtea/xxtea-pecl/tarball/3f5888a29045e12301254151737c5dab4523a1c1 -O xxtea.tar; \
+    echo '9cbfd9c27255767deb26ddedf69e738d401d88ac9762d82c8510f9768842ca18  xxtea.tar' | sha256sum -c -; \
+    tar -C /usr/src -xvf xxtea.tar; \
+    cd /usr/src/xxtea-xxtea-pecl-3f5888a; \
+    phpize; \
+    ./configure --with-php-config=/usr/local/bin/php-config --enable-xxtea=yes; \
+    make install; \
+    docker-php-ext-enable xxtea; \
+    cd -; \
+    rm -fv xxtea.tar; \
+    rm -rfv /usr/src/xxtea*; \
+    apk del .build-dependencies;
+
+# zip
+RUN set -eux; \
+    apk add --no-cache libzip; \
+    apk add --no-cache --virtual .deps libzip-dev; \
+    docker-php-ext-install zip; \
+    apk del .deps
 
 # Install snappymail
-WORKDIR /tmp
-COPY ${FILES_ZIP} .
-RUN mkdir /snappymail && \
-    unzip -q ${FILES_ZIP} -d /snappymail && \
-    find /snappymail -type d -exec chmod 755 {} \; && \
-    find /snappymail -type f -exec chmod 644 {} \; && \
-    rm -rf ${FILES_ZIP}
-
-# Install other content
-COPY files /
-RUN chmod +x /entrypoint.sh && chmod +x /logrotate-loop.sh
-VOLUME /snappymail/data
+# The 'www-data' user/group in alpine is 82:82. The 'nginx' user/group in alpine is 101:101, and is part of www-data group
+COPY --chown=www-data:www-data --from=builder /snappymail /snappymail
+# Use a custom snappymail data folder
+RUN mv -v /snappymail/data /var/lib/snappymail;
+# Setup configs
+COPY --chown=root:root .docker/release/files /
+RUN set -eux; \
+    chown www-data:www-data /snappymail/include.php; \
+    chmod 440 /snappymail/include.php; \
+    chmod +x /entrypoint.sh; \
+    # Disable the built-in php-fpm configs, since we're using our own config
+    mv -v /usr/local/etc/php-fpm.d/docker.conf /usr/local/etc/php-fpm.d/docker.conf.disabled; \
+    mv -v /usr/local/etc/php-fpm.d/www.conf /usr/local/etc/php-fpm.d/www.conf.disabled; \
+    mv -v /usr/local/etc/php-fpm.d/zz-docker.conf /usr/local/etc/php-fpm.d/zz-docker.conf.disabled;
+
+USER root
+WORKDIR /snappymail
+VOLUME /var/lib/snappymail
 EXPOSE 8888
+EXPOSE 9000
+ENTRYPOINT []
 CMD ["/entrypoint.sh"]
diff --git a/.docker/release/files/entrypoint.sh b/.docker/release/files/entrypoint.sh
@@ -1,23 +1,20 @@
 #!/bin/sh
+set -eu
 
-# Create not root user
-groupadd --gid "$GID" php-cli -f
-adduser --uid "$UID" --disabled-password --gid "$GID" --shell /bin/bash --home /home/php-cli php-cli --force --gecos ""
-
+DEBUG=${DEBUG:-}
+if [ "$DEBUG" = 'true' ]; then
+    set -x
+fi
+UPLOAD_MAX_SIZE=${UPLOAD_MAX_SIZE:-25M}
+MEMORY_LIMIT=${MEMORY_LIMIT:-128M}
+SECURE_COOKIES=${SECURE_COOKIES:-true}
 
 # Set attachment size limit
 sed -i "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /usr/local/etc/php-fpm.d/php-fpm.conf /etc/nginx/nginx.conf
 sed -i "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /usr/local/etc/php-fpm.d/php-fpm.conf
 
-# Set log output to STDERR if wanted (LOG_TO_STDERR=true)
-if [ "$LOG_TO_STDERR" = true ]; then
-  echo "[INFO] Logging to stderr activated"
-  sed -i "s/.*error_log.*$/error_log \/dev\/stderr warn;/" /etc/nginx/nginx.conf
-  sed -i "s/.*error_log.*$/php_admin_value[error_log] = \/dev\/stderr/" /usr/local/etc/php-fpm.d/php-fpm.conf
-fi
-
 # Secure cookies
-if [ "${SECURE_COOKIES}" = true ]; then
+if [ "${SECURE_COOKIES}" = 'true' ]; then
     echo "[INFO] Secure cookies activated"
         {
         	echo 'session.cookie_httponly = On';
@@ -26,43 +23,58 @@ if [ "${SECURE_COOKIES}" = true ]; then
         } > /usr/local/etc/php/conf.d/cookies.ini;
 fi
 
-# Copy snappymail default config if absent
-SNAPPYMAIL_CONFIG_FILE=/snappymail/data/_data_/_default_/configs/application.ini
+echo "[INFO] Snappymail version: $( ls /snappymail/snappymail/v )"
+
+# Set permissions on snappymail data
+echo "[INFO] Setting permissions on /var/lib/snappymail"
+chown -R www-data:www-data /var/lib/snappymail/
+chmod 550 /var/lib/snappymail/
+find /var/lib/snappymail/ -type d -exec chmod 750 {} \;
+
+# Create snappymail default config if absent
+SNAPPYMAIL_CONFIG_FILE=/var/lib/snappymail/_data_/_default_/configs/application.ini
 if [ ! -f "$SNAPPYMAIL_CONFIG_FILE" ]; then
-    echo "[INFO] Creating default Snappymail configuration"
-    mkdir -p $(dirname $SNAPPYMAIL_CONFIG_FILE)
-    cp /usr/local/include/application.ini $SNAPPYMAIL_CONFIG_FILE
+    echo "[INFO] Creating default Snappymail configuration: $SNAPPYMAIL_CONFIG_FILE"
+    # Run snappymail and exit. This populates the snappymail data directory and generates the config file
+    # On error, print php exception and exit
+    EXITCODE=
+    su - www-data -s /bin/sh -c 'php /snappymail/index.php' > /tmp/out || EXITCODE=$?
+    if [ -n "$EXITCODE" ]; then
+        cat /tmp/out
+        exit "$EXITCODE"
+    fi
 fi
 
+echo "[INFO] Overriding values in snappymail configuration: $SNAPPYMAIL_CONFIG_FILE"
 # Enable output of snappymail logs
-if [ "${LOG_TO_STDERR}" = true ]; then
-  sed -z 's/\; Enable logging\nenable = Off/\; Enable logging\nenable = On/' -i $SNAPPYMAIL_CONFIG_FILE
-  sed 's/^filename = .*/filename = "errors.log"/' -i $SNAPPYMAIL_CONFIG_FILE
-  sed 's/^write_on_error_only = .*/write_on_error_only = Off/' -i $SNAPPYMAIL_CONFIG_FILE
-  sed 's/^write_on_php_error_only = .*/write_on_php_error_only = On/' -i $SNAPPYMAIL_CONFIG_FILE
-else
-    sed -z 's/\; Enable logging\nenable = On/\; Enable logging\nenable = Off/' -i $SNAPPYMAIL_CONFIG_FILE
-fi
+sed '/^\; Enable logging/{
+N
+s/enable = Off/enable = On/
+}' -i $SNAPPYMAIL_CONFIG_FILE
+# Redirect snappymail logs to stderr /stdout
+sed 's/^filename = .*/filename = "stderr"/' -i $SNAPPYMAIL_CONFIG_FILE
+sed 's/^write_on_error_only = .*/write_on_error_only = Off/' -i $SNAPPYMAIL_CONFIG_FILE
+sed 's/^write_on_php_error_only = .*/write_on_php_error_only = On/' -i $SNAPPYMAIL_CONFIG_FILE
 # Always enable snappymail Auth logging
 sed 's/^auth_logging = .*/auth_logging = On/' -i $SNAPPYMAIL_CONFIG_FILE
 sed 's/^auth_logging_filename = .*/auth_logging_filename = "auth.log"/' -i $SNAPPYMAIL_CONFIG_FILE
 sed 's/^auth_logging_format = .*/auth_logging_format = "[{date:Y-m-d H:i:s}] Auth failed: ip={request:ip} user={imap:login} host={imap:host} port={imap:port}"/' -i $SNAPPYMAIL_CONFIG_FILE
-# Redirect snappymail logs to stderr /stdout
-mkdir -p /snappymail/data/_data_/_default_/logs/
-# empty logs
-cp /dev/null /snappymail/data/_data_/_default_/logs/errors.log
-cp /dev/null /snappymail/data/_data_/_default_/logs/auth.log
-chown -R php-cli:php-cli /snappymail/data/
-
-# Fix permissions
-chown -R $UID:$GID /snappymail/data /var/log /var/lib/nginx
-chmod o+w /dev/stdout
-chmod o+w /dev/stderr
+sed 's/^auth_syslog = .*/auth_syslog = Off/' -i $SNAPPYMAIL_CONFIG_FILE
 
+(
+    while ! nc -vz -w 1 127.0.0.1 8888 > /dev/null 2>&1; do echo "[INFO] Checking whether nginx is alive"; sleep 1; done
+    while ! nc -vz -w 1 127.0.0.1 9000 > /dev/null 2>&1; do echo "[INFO] Checking whether php-fpm is alive"; sleep 1; done
+    # Create snappymail admin password if absent
+    SNAPPYMAIL_ADMIN_PASSWORD_FILE=/var/lib/snappymail/_data_/_default_/admin_password.txt
+    if [ ! -f "$SNAPPYMAIL_ADMIN_PASSWORD_FILE" ]; then
+        echo "[INFO] Creating Snappymail admin password file: $SNAPPYMAIL_ADMIN_PASSWORD_FILE"
+        wget -T 1 -qO- 'http://127.0.0.1:8888/?/AdminAppData/0/12345/' > /dev/null
+        echo "[INFO] Snappymail Admin Panel ready at http://localhost:8888/?admin. Login using password in $SNAPPYMAIL_ADMIN_PASSWORD_FILE"
+    fi
 
-# Touch supervisord PID file in order to fix permissions
-touch /run/supervisord.pid
-chown php-cli:php-cli /run/supervisord.pid
+    wget -T 1 -qO- 'http://127.0.0.1:8888/' > /dev/null
+    echo "[INFO] Snappymail ready at http://localhost:8888/"
+) &
 
 # RUN !
-exec sudo -u php-cli -g php-cli /usr/bin/supervisord -c '/supervisor.conf' --pidfile '/run/supervisord.pid'
+exec /usr/bin/supervisord -c /supervisor.conf --pidfile /run/supervisord.pid
diff --git a/.docker/release/files/etc/logrotate.d/snappymail b/.docker/release/files/etc/logrotate.d/snappymail
diff --git a/.docker/release/files/etc/nginx/nginx.conf b/.docker/release/files/etc/nginx/nginx.conf
@@ -11,7 +11,7 @@ http {
   default_type  application/octet-stream;
 
   access_log off;
-  error_log /tmp/ngx_error.log error;
+  error_log /dev/stderr error;
 
   sendfile on;
   keepalive_timeout 15;
@@ -95,7 +95,7 @@ http {
       fastcgi_param PATH_INFO $fastcgi_path_info;
       fastcgi_param HTTP_PROXY "";
       fastcgi_index index.php;
-      fastcgi_pass unix:/tmp/php-fpm.sock;
+      fastcgi_pass 127.0.0.1:9000;
       fastcgi_intercept_errors on;
       fastcgi_request_buffering off;
       fastcgi_param REMOTE_ADDR $http_x_real_ip;