infrastructure/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2025-06-27 21:48:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

add ":z" to docker-compose volumes and remove deprecated version field from yml files

Browse Source 
the ":z" is required on selinux systems, like fedora. and doesn't seem
to hurt on other systems.
This commit is contained in:
Mechiel Lukkien 2025-05-12 10:29:22 +02:00
parent 2e0eea88b0
commit aff279711c
3 changed files with 26 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docker-compose-imaptest.yml
View File

@ -1,13 +1,12 @@
version: '3.7'
services: services:
mox: mox:
build: build:
context: . context: .
dockerfile: Dockerfile.moximaptest dockerfile: Dockerfile.moximaptest
volumes: volumes:
- ./testdata/imaptest/config:/mox/config - ./testdata/imaptest/config:/mox/config:z
- ./testdata/imaptest/data:/mox/data - ./testdata/imaptest/data:/mox/data:z
- ./testdata/imaptest/imaptest.mbox:/mox/imaptest.mbox - ./testdata/imaptest/imaptest.mbox:/mox/imaptest.mbox:z
working_dir: /mox working_dir: /mox
tty: true # For job control with set -m. tty: true # For job control with set -m.
command: sh -c 'set -m; mox serve & sleep 1; echo testtest | mox setaccountpassword mjl; fg' command: sh -c 'set -m; mox serve & sleep 1; echo testtest | mox setaccountpassword mjl; fg'
@ -24,7 +23,7 @@ services:
command: host=mox port=1143 'user=mjl@mox.example' pass=testtest mbox=/imaptest/imaptest.mbox command: host=mox port=1143 'user=mjl@mox.example' pass=testtest mbox=/imaptest/imaptest.mbox
working_dir: /imaptest working_dir: /imaptest
volumes: volumes:
- ./testdata/imaptest:/imaptest - ./testdata/imaptest:/imaptest:z
depends_on: depends_on:
mox: mox:
condition: service_healthy condition: service_healthy

39
docker-compose-integration.yml
View File

@ -1,4 +1,3 @@
version: '3.7'
services: services:
# We run integration_test.go from this container, it connects to the other mox instances. # We run integration_test.go from this container, it connects to the other mox instances.
test: test:
@ -9,11 +8,11 @@ services:
# dials in integration_test.go succeed. # dials in integration_test.go succeed.
command: ["sh", "-c", "set -ex; cat /integration/tmp-pebble-ca.pem /integration/tls/ca.pem >>/etc/ssl/certs/ca-certificates.crt; go test -tags integration"] command: ["sh", "-c", "set -ex; cat /integration/tmp-pebble-ca.pem /integration/tls/ca.pem >>/etc/ssl/certs/ca-certificates.crt; go test -tags integration"]
volumes: volumes:
- ./.go:/.go - ./.go:/.go:z
- ./testdata/integration/resolv.conf:/etc/resolv.conf - ./testdata/integration/resolv.conf:/etc/resolv.conf:z
- ./testdata/integration:/integration - ./testdata/integration:/integration:z
- ./testdata/integration/moxsubmit.conf:/etc/moxsubmit.conf - ./testdata/integration/moxsubmit.conf:/etc/moxsubmit.conf:z
- .:/mox - .:/mox:z
environment: environment:
GOCACHE: /.go/.cache/go-build GOCACHE: /.go/.cache/go-build
depends_on: depends_on:
@ -41,8 +40,8 @@ services:
MOX_UID: "${MOX_UID}" MOX_UID: "${MOX_UID}"
command: ["sh", "-c", "/integration/moxacmepebble.sh"] command: ["sh", "-c", "/integration/moxacmepebble.sh"]
volumes: volumes:
- ./testdata/integration/resolv.conf:/etc/resolv.conf - ./testdata/integration/resolv.conf:/etc/resolv.conf:z
- ./testdata/integration:/integration - ./testdata/integration:/integration:z
healthcheck: healthcheck:
test: netstat -nlt | grep ':25 ' test: netstat -nlt | grep ':25 '
interval: 1s interval: 1s
@ -66,8 +65,8 @@ services:
MOX_UID: "${MOX_UID}" MOX_UID: "${MOX_UID}"
command: ["sh", "-c", "/integration/moxmail2.sh"] command: ["sh", "-c", "/integration/moxmail2.sh"]
volumes: volumes:
- ./testdata/integration/resolv.conf:/etc/resolv.conf - ./testdata/integration/resolv.conf:/etc/resolv.conf:z
- ./testdata/integration:/integration - ./testdata/integration:/integration:z
healthcheck: healthcheck:
test: netstat -nlt | grep ':25 ' test: netstat -nlt | grep ':25 '
interval: 1s interval: 1s
@ -94,8 +93,8 @@ services:
MOX_UID: "${MOX_UID}" MOX_UID: "${MOX_UID}"
command: ["sh", "-c", "/integration/moxacmepebblealpn.sh"] command: ["sh", "-c", "/integration/moxacmepebblealpn.sh"]
volumes: volumes:
- ./testdata/integration/resolv.conf:/etc/resolv.conf - ./testdata/integration/resolv.conf:/etc/resolv.conf:z
- ./testdata/integration:/integration - ./testdata/integration:/integration:z
healthcheck: healthcheck:
test: netstat -nlt | grep ':25 ' test: netstat -nlt | grep ':25 '
interval: 1s interval: 1s
@ -116,9 +115,9 @@ services:
image: mox_integration_moxmail image: mox_integration_moxmail
command: ["sh", "-c", "set -e; chmod o+r /etc/resolv.conf; mox -checkconsistency localserve -ip 172.28.1.60"] command: ["sh", "-c", "set -e; chmod o+r /etc/resolv.conf; mox -checkconsistency localserve -ip 172.28.1.60"]
volumes: volumes:
- ./.go:/.go - ./.go:/.go:z
- ./testdata/integration/resolv.conf:/etc/resolv.conf - ./testdata/integration/resolv.conf:/etc/resolv.conf:z
- .:/mox - .:/mox:z
environment: environment:
GOCACHE: /.go/.cache/go-build GOCACHE: /.go/.cache/go-build
healthcheck: healthcheck:
@ -141,7 +140,7 @@ services:
context: testdata/integration context: testdata/integration
volumes: volumes:
# todo: figure out how to mount files with a uid that the process in the container can read... # todo: figure out how to mount files with a uid that the process in the container can read...
- ./testdata/integration/resolv.conf:/etc/resolv.conf - ./testdata/integration/resolv.conf:/etc/resolv.conf:z
command: ["sh", "-c", "set -e; chmod o+r /etc/resolv.conf; (echo 'maillog_file = /dev/stdout'; echo 'mydestination = $$myhostname, localhost.$$mydomain, localhost, $$mydomain'; echo 'smtp_tls_security_level = may') >>/etc/postfix/main.cf; echo 'root: postfix@mox1.example' >>/etc/postfix/aliases; newaliases; postfix start-fg"] command: ["sh", "-c", "set -e; chmod o+r /etc/resolv.conf; (echo 'maillog_file = /dev/stdout'; echo 'mydestination = $$myhostname, localhost.$$mydomain, localhost, $$mydomain'; echo 'smtp_tls_security_level = may') >>/etc/postfix/main.cf; echo 'root: postfix@mox1.example' >>/etc/postfix/aliases; newaliases; postfix start-fg"]
healthcheck: healthcheck:
test: netstat -nlt | grep ':25 ' test: netstat -nlt | grep ':25 '
@ -162,8 +161,8 @@ services:
# todo: figure out how to build from dockerfile with empty context without creating empty dirs in file system. # todo: figure out how to build from dockerfile with empty context without creating empty dirs in file system.
context: testdata/integration context: testdata/integration
volumes: volumes:
- ./testdata/integration/resolv.conf:/etc/resolv.conf - ./testdata/integration/resolv.conf:/etc/resolv.conf:z
- ./testdata/integration:/integration - ./testdata/integration:/integration:z
# We start with a base example.zone, but moxacmepebble appends its records, # We start with a base example.zone, but moxacmepebble appends its records,
# followed by moxmail2. They restart unbound after appending records. # followed by moxmail2. They restart unbound after appending records.
command: ["sh", "-c", "set -ex; ls -l /etc/resolv.conf; chmod o+r /etc/resolv.conf; install -m 640 -o unbound /integration/unbound.conf /etc/unbound/; chmod 755 /integration; chmod 644 /integration/*.zone; cp /integration/example.zone /integration/example-integration.zone; ls -ld /integration /integration/reverse.zone; unbound -d -p -v"] command: ["sh", "-c", "set -ex; ls -l /etc/resolv.conf; chmod o+r /etc/resolv.conf; install -m 640 -o unbound /integration/unbound.conf /etc/unbound/; chmod 755 /integration; chmod 644 /integration/*.zone; cp /integration/example.zone /integration/example-integration.zone; ls -ld /integration /integration/reverse.zone; unbound -d -p -v"]
@ -183,8 +182,8 @@ services:
hostname: acmepebble.example hostname: acmepebble.example
image: docker.io/letsencrypt/pebble:v2.3.1@sha256:fc5a537bf8fbc7cc63aa24ec3142283aa9b6ba54529f86eb8ff31fbde7c5b258 image: docker.io/letsencrypt/pebble:v2.3.1@sha256:fc5a537bf8fbc7cc63aa24ec3142283aa9b6ba54529f86eb8ff31fbde7c5b258
volumes: volumes:
- ./testdata/integration/resolv.conf:/etc/resolv.conf - ./testdata/integration/resolv.conf:/etc/resolv.conf:z
- ./testdata/integration:/integration - ./testdata/integration:/integration:z
command: ["sh", "-c", "set -ex; mount; ls -l /etc/resolv.conf; chmod o+r /etc/resolv.conf; pebble -config /integration/pebble-config.json"] command: ["sh", "-c", "set -ex; mount; ls -l /etc/resolv.conf; chmod o+r /etc/resolv.conf; pebble -config /integration/pebble-config.json"]
ports: ports:
- 14000:14000 # ACME port - 14000:14000 # ACME port

7
docker-compose.yml
View File

@ -27,7 +27,6 @@
# The -ip flag ensures connections to the published ports make it to mox, and it # The -ip flag ensures connections to the published ports make it to mox, and it
# prevents listening on ::1 (IPv6 is not enabled in docker by default). # prevents listening on ::1 (IPv6 is not enabled in docker by default).
version: '3.7'
services: services:
mox: mox:
# Replace "latest" with the version you want to run, see https://r.xmox.nl/r/mox/. # Replace "latest" with the version you want to run, see https://r.xmox.nl/r/mox/.
@ -39,11 +38,11 @@ services:
# machine, and the IPs of incoming connections for spam filtering. # machine, and the IPs of incoming connections for spam filtering.
network_mode: 'host' network_mode: 'host'
volumes: volumes:
- ./config:/mox/config - ./config:/mox/config:z
- ./data:/mox/data - ./data:/mox/data:z
# web is optional but recommended to bind in, useful for serving static files with # web is optional but recommended to bind in, useful for serving static files with
# the webserver. # the webserver.
- ./web:/mox/web - ./web:/mox/web:z
working_dir: /mox working_dir: /mox
restart: on-failure restart: on-failure
healthcheck: healthcheck: