From 62142821df225d0c7bc54de163b5f95f783af4f3 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Fri, 26 Feb 2021 23:20:12 +0200
Subject: [PATCH] SOgo configuration.
- Configuration template.
- Render configuration template in entrypoint.
- Storage volumes.
- slapd volume for ldapi:/// connection.
- Execute the sogod instead of apache, not sure what I'm going to do
with Apache.
---
docker-compose.yml | 21 +++++++++--
sogo/.dockerignore | 2 ++
sogo/Dockerfile | 12 +++++--
sogo/entrypoint | 8 +++++
sogo/sogo.conf.template | 79 +++++++++++++++++++++++++++++++++++++++++
5 files changed, 117 insertions(+), 5 deletions(-)
create mode 100755 sogo/entrypoint
create mode 100644 sogo/sogo.conf.template
diff --git a/docker-compose.yml b/docker-compose.yml
index e9c2f09..b94b5fe 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -18,8 +18,9 @@ services:
postres:
environment:
- POSTGRES_PASSWORD: "${POSTGRES_PASSWORD:-foo}"
- POSTGRES_USER: sogo
+ # yamllint disable-line rule:line-length
+ POSTGRES_PASSWORD: &postgres_password "${POSTGRES_PASSWORD:-foo}" # pragma: allowlist secret
+ POSTGRES_USER: &postgres_user sogo
image: registry.hub.docker.com/library/postgres:13-alpine
healthcheck:
test:
@@ -39,10 +40,26 @@ services:
sogo:
build:
context: sogo/
+ environment:
+ IMAP_HOST: imaps://imap.shore.co.il
+ POSTGRES_DB: *postgres_user
+ POSTGRES_HOST: postgres
+ POSTGRES_PASSWORD: *postgres_password # pragma: allowlist secret
+ POSTGRES_USER: *postgres_user
+ SMTP_HOST: smtp://smtp.shore.co.il:587/?tls=YES
restart: always
+ volumes:
+ - sogo:/var/lib/sogo
+ - sogo_spool:/var/spool/sogo
+ - _run_slapd:/run/slapd
volumes:
postgres:
+ sogo:
+ sogo_spool:
+ _run_slapd:
+ external: true
+ name: run_slapd
networks:
default:
diff --git a/sogo/.dockerignore b/sogo/.dockerignore
index c42863b..117714b 100644
--- a/sogo/.dockerignore
+++ b/sogo/.dockerignore
@@ -1,2 +1,4 @@
*
+!entrypoint
!inverse.sources
+!sogo.conf.template
diff --git a/sogo/Dockerfile b/sogo/Dockerfile
index f446b6f..6d981b6 100644
--- a/sogo/Dockerfile
+++ b/sogo/Dockerfile
@@ -18,6 +18,7 @@ RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
apt-transport-https \
ca-certificates \
+ gettext-base \
&& \
rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
COPY --from=repo-key /gnupghome/inverse.gpg /usr/share/keyrings/
@@ -32,9 +33,14 @@ RUN apt-get update && \
sogo-activesync \
sogo \
&& \
+ chown sogo /etc/sogo/sogo.conf && \
rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* /var/cache/apt/archives/*
+COPY --chown=root:root entrypoint /usr/local/bin/docker-entrypoint
+COPY sogo.conf.template /usr/local/share/sogo/
+VOLUME /var/lib/sogo /var/spool/sogo /run/sogo
EXPOSE 20000
-USER "www-data"
-WORKDIR /var/www
-CMD [ "apache2", "-DFOREGROUND" ]
+USER "sogo"
+WORKDIR /var/lib/sogo
+ENTRYPOINT ["docker-entrypoint"]
+CMD ["sogod", "-WOWorkersCount", "3", "-WOPort", "0.0.0.0:20000", "-WOLogFile", "-"]
HEALTHCHECK CMD wget --spider --quiet http://localhost:20000/ --user-agent 'Healthcheck' || exit 1
diff --git a/sogo/entrypoint b/sogo/entrypoint
new file mode 100755
index 0000000..d2d00fc
--- /dev/null
+++ b/sogo/entrypoint
@@ -0,0 +1,8 @@
+#!/bin/sh
+set -eu
+
+# shellcheck disable=SC1091
+. /lib/lsb/init-functions
+envsubst < /usr/local/share/sogo/sogo.conf.template > /etc/sogo/sogo.conf
+
+eval exec "$@"
diff --git a/sogo/sogo.conf.template b/sogo/sogo.conf.template
new file mode 100644
index 0000000..023e5c3
--- /dev/null
+++ b/sogo/sogo.conf.template
@@ -0,0 +1,79 @@
+// vim: ft=objcpp
+// Based on https://github.com/inverse-inc/sogo/blob/master/Scripts/sogo.conf
+{
+
+ /* Database configuration (mysql://, postgresql:// or oracle://) */
+ SOGoProfileURL = "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:5432/${POSTGRES_DB}/sogo_user_profile";
+ OCSFolderInfoURL = "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:5432/${POSTGRES_DB}/sogo_folder_info";
+ OCSSessionsFolderURL = "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:5432/${POSTGRES_DB}/sogo_sessions_folder";
+
+ /* Mail */
+ //SOGoDraftsFolderName = Drafts;
+ //SOGoSentFolderName = Sent;
+ //SOGoTrashFolderName = Trash;
+ //SOGoJunkFolderName = Junk;
+ SOGoIMAPServer = "${IMAP_HOST}";
+ //SOGoSieveServer = "sieve://127.0.0.1:4190";
+ SOGoSMTPServer = "${SMPT_HOST}";
+ SOGoMailDomain = shore.co.il;
+ //SOGoMailingMechanism = smtp;
+ //SOGoForceExternalLoginWithEmail = NO;
+ //SOGoMailSpoolPath = /var/spool/sogo;
+ //NGImap4ConnectionStringSeparator = "/";
+
+ /* Notifications */
+ //SOGoAppointmentSendEMailNotifications = NO;
+ //SOGoACLsSendEMailNotifications = NO;
+ //SOGoFoldersSendEMailNotifications = NO;
+
+ /* LDAP authentication example */
+ SOGoUserSources = (
+ {
+ type = ldap;
+ CNFieldName = cn;
+ UIDFieldName = uid;
+ IDFieldName = uid; // first field of the DN for direct binds
+ bindFields = (uid, mail); // array of fields to use for indirect binds
+ baseDN = "ou=People,dc=shore,dc=co,dc=il";
+ // bindDN = "uid=sogo,ou=users,dc=acme,dc=com";
+ // bindPassword = qwerty; // pragma: allowlist secret
+ canAuthenticate = YES;
+ displayName = "Shore";
+ hostname = "ldapi:///";
+ id = public;
+ isAddressBook = NO;
+ }
+ );
+
+ /* Web Interface */
+ //SOGoPageTitle = SOGo;
+ SOGoVacationEnabled = NO;
+ SOGoForwardEnabled = NO;
+ SOGoSieveScriptsEnabled = NO;
+ //SOGoMailAuxiliaryUserAccountsEnabled = YES;
+ //SOGoTrustProxyAuthentication = NO;
+ //SOGoXSRFValidationEnabled = YES;
+
+ /* General - SOGoTimeZone *MUST* be defined */
+ //SOGoLanguage = English;
+ SOGoTimeZone = Etc/UTC;
+ //SOGoCalendarDefaultRoles = (
+ // PublicDAndTViewer,
+ // ConfidentialDAndTViewer
+ //);
+ //SOGoSuperUsernames = (sogo1, sogo2); // This is an array - keep the parens!
+ //SxVMemLimit = 384;
+ //WOPidFile = "/var/run/sogo/sogo.pid";
+ SOGoMemcachedHost = "${MEMCACHED_HOST}";
+
+ /* Debug */
+ //SOGoDebugRequests = YES;
+ //SoDebugBaseURL = YES;
+ //ImapDebugEnabled = YES;
+ //LDAPDebugEnabled = YES;
+ //PGDebugEnabled = YES;
+ //MySQL4DebugEnabled = YES;
+ //SOGoUIxDebugEnabled = YES;
+ //WODontZipResponse = YES;
+ //WOLogFile = /var/log/sogo/sogo.log;
+}
--
GitLab