Move to stalwartlabs

.env.dist

@@ -9,15 +9,14 @@ LDAP_MONITOR_PASSWORD=
 DOCKER_LDAP_HEALTHCHECK_USERNAME=monitor
 DOCKER_LDAP_HEALTHCHECK_PASSWORD=PasswordLdapMonitor
 
-MAIL_DATA_DIR=
-MAIL_STATE_DIR=
+MAILSERVER_DATA_DIR=
+MAILSERVER_KEYS_DIR=
 MAIL_LOGS_DIR=
-MAIL_CONFIGS_DIR=
+
 LDAP_DATA_DIR=
 ACME_HOME_DIR=
 # web UI (phpldapadmin-ca.crt, phpldapadmin-certificate.key, phpldapadmin-certificate.crt)
 PHP_LDAP_ADMIN_CERTS_DIR=
-SASLAUTHD_SOCKET_FILE=
 
 # API keys for acme container
 CF_API_EMAIL=
@@ -29,42 +28,10 @@ LDAP_BASE_DN="dc=example,dc=com"
 OVERRIDE_HOSTNAME=
 DOMAIN_NAMES=
 ACME_COMMAND_ARGUMENTS=
-POSTFIX_VIRTUAL_ALIAS_DOMAINS=
 LDAP_PORT=
 LDAPS_PORT=
 PHPLDAPADMIN_SSL_PORT=8080
 
-# Replication
-DOVECOT_REPLICATION_SSL_VOLUME=
-DOVECOT_REPLICATION_SERVER=
-DOVECOT_REPLICATION_ADM_PASS=
-DOVECOT_REPLICATION_SSL_CA_FILE=/etc/ssl/replication/ca.pem
-DOVECOT_REPLICATION_SSL_CA_DIR=/etc/ssl/replication/
-DOVECOT_REPLICATION_SSL_CERT_FILE=/etc/ssl/replication/cert.pem
-DOVECOT_REPLICATION_SSL_KEY_FILE=/etc/ssl/replication/key.pem
-
-CRON_MAILFROM=
-CRON_MAILTO=
-POSTMASTER_ADDRESS=
-PFLOGSUMM_RECIPIENT=
-LOGWATCH_RECIPIENT=
-# The @ must be escaped like \@
-VIRUS_ADMIN_EMAIL=
-VIRUS_X_HEADER_LINE=
-
-# Fail2ban config to allow IPs to make failed attempts
-FAIL2BAN_IGNORE_IPS=
-FAIL2BAN_DST_EMAIL=
-FAIL2BAN_SENDER_EMAIL=
-FAIL2BAN_SENDER_NAME=
-
-# Fail2ban reporting
-FAIL2BAN_BLOCKLIST_DE_API_KEY=
-FAIL2BAN_BLOCKLIST_DE_EMAIL=
-FAIL2BAN_IPTHREAT_API_KEY=
-FAIL2BAN_IPTHREAT_SYSTEM_NAME=
-FAIL2BAN_ABUSEIPDB_API_KEY=
-
 DNS_SERVER=1.1.1.1
 
 # CrowdSec

.github/workflows/full.yml

@@ -2,7 +2,8 @@ name: run full tests
 on: [push]
 
 permissions:
-  contents: read
+    contents: read
+    packages: read
 
 jobs:
     lint:
@@ -19,11 +20,19 @@ jobs:
             - uses: actions/checkout@v4
             - name: Docker compose version
               run: docker compose version
+            - name: Login to GitHub registry
+              uses: docker/login-action@v2
+              with:
+                  registry: ghcr.io
+                  username: ${{ github.repository_owner }}
+                  password: ${{ secrets.GITHUB_TOKEN }}
             - name: create temp folder
               run: make create-temp-env
             - name: setup for tests
               run: make setup-test
             - name: run docker-test
               run: make run-test
+              env:
+                  IMAGE_TAG: ghcr.io/datacenters-network/mails/mailserver
             - name: teardown tests
               run: make cleanup-test

.github/workflows/publish.yml

@@ -0,0 +1,43 @@
+name: Publish Docker image
+
+permissions:
+    contents: read
+    packages: write
+
+on:
+    workflow_dispatch:
+    release:
+        types: [published]
+
+jobs:
+    push_to_registry:
+        name: Push Docker image to GitHub Packages
+        runs-on: ubuntu-latest
+        steps:
+            - name: Check out the repo
+              uses: actions/checkout@v4
+            # https://github.com/docker/setup-qemu-action
+            - name: Set up QEMU
+              uses: docker/setup-qemu-action@v2
+            # https://github.com/docker/setup-buildx-action
+            - name: Set up Docker Buildx
+              uses: docker/setup-buildx-action@v2
+            - name: Login to GitHub registry
+              uses: docker/login-action@v2
+              with:
+                  registry: ghcr.io
+                  username: ${{ github.repository_owner }}
+                  password: ${{ secrets.GITHUB_TOKEN }}
+
+            - name: Build image
+              run: make docker-build
+              env:
+                  DOCKER_BUILDKIT: 1
+                  PLATFORM: linux/amd64
+                  IMAGE_TAG: ghcr.io/datacenters-network/mails/mailserver
+                  ACTION: push
+
+            - name: Test image
+              run: make docker-test
+              env:
+                  IMAGE_TAG: ghcr.io/datacenters-network/mails/mailserver

Makefile

@@ -9,9 +9,21 @@ PROGRESS_MODE ?= plain
 ACME_DOMAIN = emails.mail-server.intranet
 DKIM_DOMAIN = mail-server.intranet
 
-.PHONY: docker-test run-test cleanup-test test
+.PHONY: docker-build docker-test run-test cleanup-test test
 
-all: docker-test
+all: docker-build docker-test
+
+docker-build:
+	# https://github.com/docker/buildx#building
+	docker buildx build \
+		--build-arg VCS_REF="$(shell git rev-parse HEAD)" \
+		--build-arg BUILD_DATE="$(shell date -u +"%Y-%m-%dT%H:%M:%SZ")" \
+		--tag $(IMAGE_TAG) \
+		--progress $(PROGRESS_MODE) \
+		--platform $(PLATFORM) \
+		--pull \
+		--$(ACTION) \
+		./docker
 
 docker-test: test
 
@@ -39,13 +51,15 @@ create-temp-env:
 
 setup-test-files: check-env
 	set -eu
-	cp -rv docker-compose.yml dockerl user-patches.sh rspamd internal-dns $(TEMP_DIR)
+	cp -rv docker-compose.yml dockerl config.toml docker internal-dns $(TEMP_DIR)
 	cp tests/.env.test1 $(TEMP_DIR)/.env
 	rm -vf tests/data/acme.sh/*/*.csr
 	rm -vf tests/data/acme.sh/*/*.cer
 	rm -vf tests/data/acme.sh/*/ca.*
 	mkdir $(TEMP_DIR)/tests
 	mkdir -p $(TEMP_DIR)/tests/data/acme.sh/$(ACME_DOMAIN)
+	mkdir -p $(TEMP_DIR)/tests/data/maildata
+	mkdir $(TEMP_DIR)/tests/data/maildata/queue $(TEMP_DIR)/tests/data/maildata/reports $(TEMP_DIR)/tests/data/maildata/data $(TEMP_DIR)/tests/data/maildata/data/blobs
 	cp tests/make-certs.sh $(TEMP_DIR)/tests/
 	cp -rp tests/php $(TEMP_DIR)/tests/
 	cp -rp tests/seeding $(TEMP_DIR)/tests/