SOgo configuration.

- Configuration template. - Render configuration template in entrypoint. - Storage volumes. - slapd volume for ldapi:/// connection. - Execute the sogod instead of apache, not sure what I'm going to do with Apache.

SOgo configuration.
62142821 · nimrod · 3e0e20c7 · 62142821 · 62142821 · 62142821
Commit 62142821 authored 4 years ago by nimrod
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -18,8 +18,9 @@ services:

  postres:
    environment:
-      POSTGRES_PASSWORD: "${POSTGRES_PASSWORD:-foo}"
-      POSTGRES_USER: sogo
+      # yamllint disable-line rule:line-length
+      POSTGRES_PASSWORD: &postgres_password "${POSTGRES_PASSWORD:-foo}"  # pragma: allowlist secret
+      POSTGRES_USER: &postgres_user sogo
    image: registry.hub.docker.com/library/postgres:13-alpine
    healthcheck:
      test:
@@ -39,10 +40,26 @@ services:
  sogo:
    build:
      context: sogo/
+    environment:
+      IMAP_HOST: imaps://imap.shore.co.il
+      POSTGRES_DB: *postgres_user
+      POSTGRES_HOST: postgres
+      POSTGRES_PASSWORD: *postgres_password  # pragma: allowlist secret
+      POSTGRES_USER: *postgres_user
+      SMTP_HOST: smtp://smtp.shore.co.il:587/?tls=YES
    restart: always
+    volumes:
+      - sogo:/var/lib/sogo
+      - sogo_spool:/var/spool/sogo
+      - _run_slapd:/run/slapd

 volumes:
  postgres:
+  sogo:
+  sogo_spool:
+  _run_slapd:
+    external: true
+    name: run_slapd

 networks:
  default:

--- a/sogo/.dockerignore
+++ b/sogo/.dockerignore
 *
+!entrypoint
 !inverse.sources
+!sogo.conf.template
--- a/sogo/Dockerfile
+++ b/sogo/Dockerfile
@@ -18,6 +18,7 @@ RUN apt-get update && \
    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        apt-transport-https \
        ca-certificates \
+        gettext-base \
    && \
    rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
 COPY --from=repo-key /gnupghome/inverse.gpg /usr/share/keyrings/
@@ -32,9 +33,14 @@ RUN apt-get update && \
        sogo-activesync \
        sogo \
    && \
+    chown sogo /etc/sogo/sogo.conf && \
    rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
+COPY --chown=root:root entrypoint /usr/local/bin/docker-entrypoint
+COPY sogo.conf.template /usr/local/share/sogo/
+VOLUME /var/lib/sogo /var/spool/sogo /run/sogo
 EXPOSE 20000
-USER "www-data"
-WORKDIR /var/www
-CMD [ "apache2", "-DFOREGROUND" ]
+USER "sogo"
+WORKDIR /var/lib/sogo
+ENTRYPOINT ["docker-entrypoint"]
+CMD ["sogod", "-WOWorkersCount", "3", "-WOPort", "0.0.0.0:20000", "-WOLogFile", "-"]
 HEALTHCHECK CMD wget --spider --quiet http://localhost:20000/ --user-agent 'Healthcheck' || exit 1
--- a/sogo/entrypoint
+++ b/sogo/entrypoint
+#!/bin/sh
+set -eu
+
+# shellcheck disable=SC1091
+. /lib/lsb/init-functions
+envsubst < /usr/local/share/sogo/sogo.conf.template > /etc/sogo/sogo.conf
+
+eval exec "$@"
--- a/sogo/sogo.conf.template
+++ b/sogo/sogo.conf.template
+// vim: ft=objcpp
+// Based on https://github.com/inverse-inc/sogo/blob/master/Scripts/sogo.conf
+{
+
+  /* Database configuration (mysql://, postgresql:// or oracle://) */
+  SOGoProfileURL = "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:5432/${POSTGRES_DB}/sogo_user_profile";
+  OCSFolderInfoURL = "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:5432/${POSTGRES_DB}/sogo_folder_info";
+  OCSSessionsFolderURL = "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:5432/${POSTGRES_DB}/sogo_sessions_folder";
+
+  /* Mail */
+  //SOGoDraftsFolderName = Drafts;
+  //SOGoSentFolderName = Sent;
+  //SOGoTrashFolderName = Trash;
+  //SOGoJunkFolderName = Junk;
+  SOGoIMAPServer = "${IMAP_HOST}";
+  //SOGoSieveServer = "sieve://127.0.0.1:4190";
+  SOGoSMTPServer = "${SMPT_HOST}";
+  SOGoMailDomain = shore.co.il;
+  //SOGoMailingMechanism = smtp;
+  //SOGoForceExternalLoginWithEmail = NO;
+  //SOGoMailSpoolPath = /var/spool/sogo;
+  //NGImap4ConnectionStringSeparator = "/";
+
+  /* Notifications */
+  //SOGoAppointmentSendEMailNotifications = NO;
+  //SOGoACLsSendEMailNotifications = NO;
+  //SOGoFoldersSendEMailNotifications = NO;
+
+  /* LDAP authentication example */
+  SOGoUserSources = (
+    {
+      type = ldap;
+      CNFieldName = cn;
+      UIDFieldName = uid;
+      IDFieldName = uid; // first field of the DN for direct binds
+      bindFields = (uid, mail); // array of fields to use for indirect binds
+      baseDN = "ou=People,dc=shore,dc=co,dc=il";
+  //    bindDN = "uid=sogo,ou=users,dc=acme,dc=com";
+  //    bindPassword = qwerty; // pragma: allowlist secret
+      canAuthenticate = YES;
+      displayName = "Shore";
+      hostname = "ldapi:///";
+      id = public;
+      isAddressBook = NO;
+    }
+  );
+
+  /* Web Interface */
+  //SOGoPageTitle = SOGo;
+  SOGoVacationEnabled = NO;
+  SOGoForwardEnabled = NO;
+  SOGoSieveScriptsEnabled = NO;
+  //SOGoMailAuxiliaryUserAccountsEnabled = YES;
+  //SOGoTrustProxyAuthentication = NO;
+  //SOGoXSRFValidationEnabled = YES;
+
+  /* General - SOGoTimeZone *MUST* be defined */
+  //SOGoLanguage = English;
+  SOGoTimeZone = Etc/UTC;
+  //SOGoCalendarDefaultRoles = (
+  //  PublicDAndTViewer,
+  //  ConfidentialDAndTViewer
+  //);
+  //SOGoSuperUsernames = (sogo1, sogo2); // This is an array - keep the parens!
+  //SxVMemLimit = 384;
+  //WOPidFile = "/var/run/sogo/sogo.pid";
+  SOGoMemcachedHost = "${MEMCACHED_HOST}";
+
+  /* Debug */
+  //SOGoDebugRequests = YES;
+  //SoDebugBaseURL = YES;
+  //ImapDebugEnabled = YES;
+  //LDAPDebugEnabled = YES;
+  //PGDebugEnabled = YES;
+  //MySQL4DebugEnabled = YES;
+  //SOGoUIxDebugEnabled = YES;
+  //WODontZipResponse = YES;
+  //WOLogFile = /var/log/sogo/sogo.log;
+}