mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2026-04-02 20:22:34 +02:00
chore: update base image in Dockerfile and associated scripts
Signed-off-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
This commit is contained in:
Georg Lauterbach
parent
b81e2b526f
commit
00e133ca4f
@ -7,7 +7,7 @@ ARG DEBIAN_FRONTEND=noninteractive
|
||||
ARG DOVECOT_COMMUNITY_REPO=0
|
||||
ARG LOG_LEVEL=trace
|
||||
|
||||
FROM docker.io/debian:12-slim AS stage-base
|
||||
FROM docker.io/debian:13-slim AS stage-base
|
||||
|
||||
ARG DEBIAN_FRONTEND
|
||||
ARG DOVECOT_COMMUNITY_REPO
|
||||
@ -20,11 +20,6 @@ SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
|
||||
# -----------------------------------------------
|
||||
|
||||
COPY target/bin/sedfile /usr/local/bin/sedfile
|
||||
RUN <<EOF
|
||||
chmod +x /usr/local/bin/sedfile
|
||||
adduser --quiet --system --group --disabled-password --home /var/lib/clamav --no-create-home --uid 200 clamav
|
||||
EOF
|
||||
|
||||
COPY target/scripts/build/packages.sh /build/
|
||||
COPY target/scripts/helpers/log.sh /usr/local/bin/helpers/log.sh
|
||||
|
||||
@ -193,7 +188,7 @@ COPY target/postfix/main.cf target/postfix/master.cf /etc/postfix/
|
||||
|
||||
# DH parameters for DHE cipher suites, ffdhe4096 is the official standard 4096-bit DH params now part of TLS 1.3
|
||||
# This file is for TLS <1.3 handshakes that rely on DHE cipher suites
|
||||
# Handled at build to avoid failures by doveadm validating ssl_dh filepath in 10-ssl.auth (eg generate-accounts)
|
||||
# Handled at build to avoid failures by doveadm validating ssl_server_dh_file filepath in 10-ssl.auth (eg generate-accounts)
|
||||
COPY target/shared/ffdhe4096.pem /etc/postfix/dhparams.pem
|
||||
COPY target/shared/ffdhe4096.pem /etc/dovecot/dh.pem
|
||||
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
# -o pipefail :: exit on error in pipes
|
||||
set -eE -u -o pipefail
|
||||
|
||||
VERSION_CODENAME='bookworm'
|
||||
VERSION_CODENAME='trixie'
|
||||
|
||||
# shellcheck source=../helpers/log.sh
|
||||
source /usr/local/bin/helpers/log.sh
|
||||
@ -28,12 +28,17 @@ function _pre_installation_steps() {
|
||||
local EARLY_PACKAGES=(
|
||||
# Avoid logging unnecessary warnings:
|
||||
apt-utils
|
||||
# we need this early for the creation of accounts like 'clamav'
|
||||
adduser
|
||||
# Required for adding third-party repos (/etc/apt/sources.list.d) as alternative package sources (eg: Dovecot CE and Rspamd):
|
||||
apt-transport-https ca-certificates curl gnupg
|
||||
# Avoid problems with SA / Amavis (https://github.com/docker-mailserver/docker-mailserver/pull/3403#pullrequestreview-1596689953):
|
||||
systemd-standalone-sysusers
|
||||
)
|
||||
apt-get "${QUIET}" install --no-install-recommends "${EARLY_PACKAGES[@]}" 2>/dev/null
|
||||
|
||||
chmod +x /usr/local/bin/sedfile
|
||||
adduser --quiet --system --group --disabled-password --home /var/lib/clamav --no-create-home --uid 200 clamav
|
||||
}
|
||||
|
||||
# Install third-party commands to /usr/local/bin
|
||||
@ -91,7 +96,7 @@ function _install_packages() {
|
||||
local CODECS_PACKAGES=(
|
||||
altermime arj bzip2
|
||||
cabextract cpio file
|
||||
gzip lhasa liblz4-tool
|
||||
gzip lhasa lz4
|
||||
lrzip lzop nomarch
|
||||
p7zip-full pax rpm2cpio
|
||||
unrar-free unzip xz-utils
|
||||
@ -154,7 +159,7 @@ function _install_dovecot() {
|
||||
# NOTE: AMD64 / x86_64 is the only supported arch from the Dovecot CE repo (thus noDMS built for ARM64 / aarch64)
|
||||
# Repo: https://repo.dovecot.org/ce-2.4-latest/debian/bookworm/dists/bookworm/main/
|
||||
# Docs: https://repo.dovecot.org/#debian
|
||||
if [[ ${DOVECOT_COMMUNITY_REPO} -eq 1 ]] && [[ "$(uname --machine)" == "x86_64" ]]; then
|
||||
if [[ ${DOVECOT_COMMUNITY_REPO:-0} -eq 1 ]] && [[ $(uname --machine) == x86_64 ]]; then
|
||||
# WARNING: Repo only provides Debian Bookworm package support for Dovecot CE 2.4+.
|
||||
# As Debian Bookworm only packages Dovecot 2.3.x, building DMS with this alternative package repo may not yet be compatible with DMS:
|
||||
# - 2.3.19: https://salsa.debian.org/debian/dovecot/-/tree/stable/bookworm
|
||||
@ -187,14 +192,15 @@ EOF
|
||||
}
|
||||
|
||||
function _install_rspamd() {
|
||||
# NOTE: DMS only supports the rspamd package via using the third-party repo maintained by Rspamd (AMD64 + ARM64):
|
||||
# Repo: https://rspamd.com/apt-stable/dists/bookworm/main/
|
||||
# Docs: https://rspamd.com/downloads.html#debian-and-ubuntu-linux
|
||||
# NOTE: Debian 12 provides Rspamd 3.4 (too old) and Rspamd discourages it's use
|
||||
# NOTE: DMS only supports the Rspamd package by using the
|
||||
# third-party repo maintained by Rspamd (AMD64 + ARM64)
|
||||
#
|
||||
# REF: https://rspamd.com/apt-stable/dists/trixie/main/
|
||||
# https://rspamd.com/downloads.html#debian-and-ubuntu-linux
|
||||
|
||||
_log 'trace' 'Adding third-party package repository (Rspamd)'
|
||||
curl -fsSL https://rspamd.com/apt-stable/gpg.key \
|
||||
| gpg --dearmor >/usr/share/keyrings/upstream-rspamd.gpg
|
||||
| gpg --dearmor > /usr/share/keyrings/upstream-rspamd.gpg
|
||||
cat >/etc/apt/sources.list.d/upstream-rspamd.sources <<EOF
|
||||
Types: deb
|
||||
URIs: https://rspamd.com/apt-stable/
|
||||
@ -203,10 +209,8 @@ Components: main
|
||||
Signed-By: /usr/share/keyrings/upstream-rspamd.gpg
|
||||
EOF
|
||||
|
||||
# Refresh package index:
|
||||
apt-get "${QUIET}" update
|
||||
|
||||
_log 'debug' 'Installing Rspamd'
|
||||
apt-get "${QUIET}" update
|
||||
apt-get "${QUIET}" install rspamd redis-server
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user