119 lines
4.5 KiB
Docker
119 lines
4.5 KiB
Docker
ARG UNIT_VERSION=1.11.0
|
|
FROM eumau/nginx-unit:${UNIT_VERSION}-php7.3
|
|
|
|
RUN set -ex; \
|
|
apt-get update; \
|
|
apt-get install -y --no-install-recommends \
|
|
php-exif \
|
|
php-gd \
|
|
php-intl \
|
|
php-ldap \
|
|
# php-opcache \
|
|
php-mysql \
|
|
php-pgsql \
|
|
php-sqlite3 \
|
|
php-zip \
|
|
# php-imagick \
|
|
php-xml \
|
|
php-mbstring \
|
|
php-curl \
|
|
;
|
|
|
|
ENV ROUNDCUBEMAIL_VERSION=1.3.10
|
|
|
|
# Download package and extract to web volume
|
|
RUN set -ex; \
|
|
fetchDeps="gnupg dirmngr ssl-cert"; \
|
|
apt-get -qq update; \
|
|
apt-get install -y --no-install-recommends $fetchDeps; \
|
|
curl -o roundcubemail.tar.gz -fSL https://github.com/roundcube/roundcubemail/releases/download/${ROUNDCUBEMAIL_VERSION}/roundcubemail-${ROUNDCUBEMAIL_VERSION}-complete.tar.gz; \
|
|
curl -o roundcubemail.tar.gz.asc -fSL https://github.com/roundcube/roundcubemail/releases/download/${ROUNDCUBEMAIL_VERSION}/roundcubemail-${ROUNDCUBEMAIL_VERSION}-complete.tar.gz.asc; \
|
|
export GNUPGHOME="$(mktemp -d)"; \
|
|
# workaround for "Cannot assign requested address", see e.g. https://github.com/inversepath/usbarmory-debian-base_image/issues/9
|
|
echo "disable-ipv6" > "$GNUPGHOME/dirmngr.conf"; \
|
|
# ha.pool.sks-keyservers.net seems to be unreliable, use pgp.mit.edu as fallback
|
|
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys F3E4C04BB3DB5D4215C45F7F5AB2BAA141C4F7D5 || gpg --batch --keyserver pgp.mit.edu --recv-keys F3E4C04BB3DB5D4215C45F7F5AB2BAA141C4F7D5; \
|
|
gpg --batch --verify roundcubemail.tar.gz.asc roundcubemail.tar.gz; \
|
|
tar -xf roundcubemail.tar.gz -C /usr/src/; \
|
|
gpgconf --kill all; \
|
|
rm -r "$GNUPGHOME" roundcubemail.tar.gz.asc roundcubemail.tar.gz; \
|
|
# upstream tarballs include ./roundcubemail-${ROUNDCUBEMAIL_VERSION}/ so this gives us /usr/src/roundcubemail-${ROUNDCUBEMAIL_VERSION}
|
|
mv /usr/src/roundcubemail-${ROUNDCUBEMAIL_VERSION} /usr/src/roundcubemail; \
|
|
rm -rf /usr/src/roundcubemail/installer
|
|
|
|
# include the wait-for-it.sh script
|
|
RUN curl -fL https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh > /wait-for-it.sh && chmod +x /wait-for-it.sh
|
|
|
|
# use custom PHP settings
|
|
COPY php.ini /etc/php/7.3/embed/conf.d/roundcube-defaults.ini
|
|
|
|
COPY docker-entrypoint.sh /
|
|
|
|
# expose these volumes
|
|
VOLUME /var/roundcube/config
|
|
VOLUME /var/www/html
|
|
VOLUME /tmp/roundcube-temp
|
|
|
|
# launch and configure Unit
|
|
RUN \
|
|
# generate self-signed certificate bundle
|
|
mkdir -p /ssl; \
|
|
cat /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key > /ssl/bundle.pem; \
|
|
chmod 600 /ssl/bundle.pem; \
|
|
# create mock index files for configuring unit
|
|
[ -d /var/www/html/public_html ] || { \
|
|
mkdir -p /var/www/html/public_html /var/www/html/public_html.remove; \
|
|
}; \
|
|
[ -f /var/www/html/public_html/index.php ] || { \
|
|
touch /var/www/html/public_html/index.php /var/www/html/public_html/index.php.remove; \
|
|
}; \
|
|
# configure unit
|
|
unitd --control unix:/var/run/control.unit.sock; \
|
|
curl -X PUT --data-binary @/ssl/bundle.pem --unix-socket \
|
|
/var/run/control.unit.sock http://localhost/certificates/default; \
|
|
curl -X PUT --data-binary \
|
|
'{ \
|
|
"listeners": { \
|
|
"*:9080": { "pass": "routes" }, \
|
|
"*:9443": { "pass": "routes", "tls": { "certificates": "default" } } \
|
|
}, \
|
|
"routes": [ \
|
|
{ "match": { "uri": "/plugins/*.php" }, "action": { "pass": "applications/direct_php" } }, \
|
|
{ "match": { "uri": "/skins/*" }, "action": { "share": "/var/www/html/public_html" } }, \
|
|
{ "match": { "uri": "/program/*" }, "action": { "share": "/var/www/html/public_html" } }, \
|
|
{ "action": { "pass": "applications/index_php" } } \
|
|
], \
|
|
"applications": { \
|
|
"index_php": { \
|
|
"type": "php", \
|
|
"processes": { "max": 20, "spare": 5 }, \
|
|
"user": "www-data", \
|
|
"group": "www-data", \
|
|
"root": "/var/www/html/public_html", \
|
|
"script": "index.php" \
|
|
}, \
|
|
"direct_php": { \
|
|
"type": "php", \
|
|
"processes": { "max": 5, "spare": 0 }, \
|
|
"user": "www-data", \
|
|
"group": "www-data", \
|
|
"root": "/var/www/html/public_html", \
|
|
"index": "index.php" \
|
|
} \
|
|
} \
|
|
}' \
|
|
--unix-socket /var/run/control.unit.sock http://localhost/config/; \
|
|
[ -f /var/www/html/public_html/index.php.remove ] && { \
|
|
rm /var/www/html/public_html/index.php /var/www/html/public_html/index.php.remove; \
|
|
}; \
|
|
[ -d /var/www/html/public_html.remove ] && { \
|
|
rm -rf /var/www/html/public_html /var/www/html/public_html.remove; \
|
|
}
|
|
|
|
|
|
WORKDIR /var/www/html
|
|
EXPOSE 9000
|
|
ENTRYPOINT ["/docker-entrypoint.sh"]
|
|
STOPSIGNAL SIGTERM
|
|
CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"]
|