-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathDockerfile
130 lines (115 loc) · 3.4 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
ARG DIST=alpine
ARG REL=latest
#
#
# target: full
#
# Install anti-spam, anti-virus mail filters and dkim.
#
#
FROM $DIST:$REL AS full
LABEL maintainer=mlan
ENV SVDIR=/etc/service \
DOCKER_PERSIST_DIR=/srv \
DOCKER_BIN_DIR=/usr/local/bin \
DOCKER_ENTRY_DIR=/etc/docker/entry.d \
DOCKER_MILT_DIR=/etc/rspamd \
DOCKER_MILT_LIB=/var/lib/rspamd \
DOCKER_MILT_CLIB=/var/cache/rspamd \
DOCKER_DB_DIR=/etc/redis \
DOCKER_DB_LIB=/var/lib/redis \
DOCKER_AV_DIR=/etc/clamav \
DOCKER_AV_LIB=/var/lib/clamav \
DOCKER_UNLOCK_FILE=/srv/etc/.docker.unlock \
DOCKER_MILT_RUNAS=rspamd \
DOCKER_AV_RUNAS=clamav \
DOCKER_DB_RUNAS=redis \
SYSLOG_LEVEL=5 \
SYSLOG_OPTIONS=-SDt
ENV DOCKER_MILT_LOCAL_DIR=$DOCKER_MILT_DIR/local.d \
DOCKER_MILT_FILE=$DOCKER_MILT_DIR/rspamd.conf \
DOCKER_DKIM_LIB=$DOCKER_MILT_LIB/dkim \
DOCKER_DB_FILE=$DOCKER_DB_DIR/redis.conf \
DOCKER_AVNGN_FILE=$DOCKER_AV_DIR/clamd.conf \
DOCKER_AVSIG_FILE=$DOCKER_AV_DIR/freshclam.conf
#
# Copy utility scripts including docker-entrypoint.sh to image
#
COPY src/*/bin $DOCKER_BIN_DIR/
COPY src/*/entry.d $DOCKER_ENTRY_DIR/
COPY src/*/etc /etc/
#
# Install
#
# Configure Runit, a process manager
#
# Essential configuration of: rspamd and clamav
#
#
RUN source docker-common.sh \
&& source docker-config.sh \
&& dc_persist_dirs \
$DOCKER_APPL_SSL_DIR \
$DOCKER_AV_DIR \
$DOCKER_AV_LIB \
$DOCKER_CONF_DIR \
$DOCKER_IMAP_DIR \
$DOCKER_MILT_DIR \
$DOCKER_MILT_LIB \
$DOCKER_DB_DIR \
$DOCKER_DB_LIB \
&& apk --no-cache --update add \
runit \
rspamd \
rspamd-client \
rspamd-controller \
rspamd-fuzzy \
rspamd-proxy \
rspamd-utils \
clamav \
clamav-libunrar \
unzip \
p7zip \
ncurses \
redis \
&& docker-service.sh \
"syslogd -nO- -l$SYSLOG_LEVEL $SYSLOG_OPTIONS" \
"crond -f -c /etc/crontabs" \
"rspamd -f -u $DOCKER_MILT_RUNAS -g $DOCKER_MILT_RUNAS" \
"freshclam -d --quiet" \
"-q clamd" \
"-n redis -u $DOCKER_DB_RUNAS redis-server $DOCKER_DB_FILE" \
&& source docker-common.sh \
&& source docker-config.sh \
&& addgroup $DOCKER_AV_RUNAS $DOCKER_MILT_RUNAS \
&& addgroup $DOCKER_MILT_RUNAS $DOCKER_AV_RUNAS \
&& addgroup $DOCKER_MILT_RUNAS $DOCKER_DB_RUNAS \
&& chown $DOCKER_MILT_RUNAS: ${DOCKER_PERSIST_DIR}$DOCKER_MILT_LIB \
&& chown $DOCKER_AV_RUNAS: ${DOCKER_PERSIST_DIR}$DOCKER_AV_LIB \
&& chown $DOCKER_DB_RUNAS: ${DOCKER_PERSIST_DIR}$DOCKER_DB_LIB \
&& mkdir /run/clamav && chown $DOCKER_AV_RUNAS: /run/clamav \
&& mkdir /run/rspamd && chown $DOCKER_MILT_RUNAS: /run/rspamd \
&& mkdir $DOCKER_MILT_CLIB && chown $DOCKER_MILT_RUNAS: $DOCKER_MILT_CLIB \
&& dc_modify $DOCKER_AVNGN_FILE Foreground yes \
&& dc_modify $DOCKER_AVNGN_FILE LogSyslog yes \
&& dc_modify $DOCKER_AVNGN_FILE LogFacility LOG_MAIL \
&& dc_comment $DOCKER_AVNGN_FILE LogFile \
&& dc_modify $DOCKER_AVNGN_FILE TCPSocket 3310 \
&& dc_modify $DOCKER_AVSIG_FILE Foreground yes \
&& dc_modify $DOCKER_AVSIG_FILE LogSyslog yes \
&& dc_comment $DOCKER_AVSIG_FILE UpdateLogFile \
&& dc_modify $DOCKER_AVSIG_FILE LogFacility LOG_MAIL \
&& echo '.include(try=true; priority=1,duplicate=merge) "$CONFDIR/rspamd.conf.docker"' >> $DOCKER_MILT_FILE \
&& echo "This file unlocks the configuration, so it will be deleted after initialization." > $DOCKER_UNLOCK_FILE
#
# Rudimentary healthcheck
#
HEALTHCHECK CMD sv status ${SVDIR}/*
#
# Entrypoint, how container is run
#
ENTRYPOINT ["docker-entrypoint.sh"]
#
# Have runit's runsvdir start all services
#
CMD runsvdir -P ${SVDIR}