Page MenuHomePhorge
Files F120836613

No OneTemporary
Actions

Authored By
Unknown
Size
20 KB
Referenced Files
None
Subscribers
None

View Options

diff --git a/docker/imap/Dockerfile b/docker/imap/Dockerfile
index 8e0667fe..c3b49b0e 100644
--- a/docker/imap/Dockerfile
+++ b/docker/imap/Dockerfile
@@ -1,80 +1,83 @@
FROM apheleia/almalinux9
WORKDIR /root/
RUN dnf -y install \
--setopt 'tsflags=nodocs' \
git \
autoconf \
automake \
bison \
cyrus-sasl-devel \
flex \
gcc \
gcc-c++ \
gperf \
jansson-devel \
libbsd-devel \
libtool \
libicu-devel \
libuuid-devel \
openssl-devel \
pkgconfig \
sqlite-devel \
brotli-devel \
libzstd-devel \
libical-devel \
libxml2-devel \
libnghttp2-devel \
shapelib \
zlib-devel \
pcre-devel \
perl-devel \
cyrus-sasl \
cyrus-sasl-plain \
perl-Cyrus \
rsync && \
dnf clean all
ARG GIT_REF=dev/kolab-3.6
ARG GIT_REMOTE=https://git.kolab.org/source/cyrus-imapd
ADD build.sh /build.sh
RUN /build.sh
COPY /rootfs /
VOLUME [ "/var/spool/imap" ]
VOLUME [ "/var/lib/imap" ]
RUN id default || (groupadd -g 1001 default && useradd -d /opt/app-root/ -u 1001 -g 1001 default)
RUN mkdir -p /opt/app-root/src
RUN PATHS=(/run /run/saslauthd /var/run /var/lib/imap /var/spool/imap /etc/pki/cyrus-imapd /opt/app-root) && \
mkdir -p ${PATHS[@]} && \
chmod 777 ${PATHS[@]} && \
chown -R 1001:0 ${PATHS[@]} && \
chmod -R g=u ${PATHS[@]}
RUN touch /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
RUN PATHS=(/etc /etc/passwd /etc/saslauthd.conf /etc/cyrus.conf /etc/imapd.conf /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem) && \
chown 1001:0 ${PATHS[@]} && \
chmod g=u ${PATHS[@]}
USER 1001
WORKDIR /opt/app-root/src
ENV SERVICES_PORT=8000
ENV IMAPD_CONF=/etc/imapd.conf
ENV CYRUS_CONF=/etc/cyrus.conf
ENV SERVERLIST=imap-backend
ENV MUPDATE=imap-mupdate
ENV SERVERNAME=imap-backend
+ENV MAXLOGINS_PER_USER=50
# Seems to be required on ppc64le only? Not sure why
ENV LD_LIBRARY_PATH=/usr/lib/
# ENV TLS_SERVER_CA_FILE
# ENV APP_SERVICES_DOMAIN
+# ENV ROLE
+# ENV WITH_TLS
CMD ["/init.sh"]
EXPOSE 11143/tcp 11993/tcp 11080/tcp 11443/tcp 11024/tcp 4190/tcp
diff --git a/docker/imap/rootfs/etc/cyrus-backend.conf b/docker/imap/rootfs/etc/cyrus-backend.conf
deleted file mode 100644
index a808e442..00000000
--- a/docker/imap/rootfs/etc/cyrus-backend.conf
+++ /dev/null
@@ -1,42 +0,0 @@
-START {
- # do not delete this entry!
- recover cmd="ctl_cyrusdb -r"
-
- mupdatepush cmd="ctl_mboxlist -m"
-}
-
-SERVICES {
-
- http cmd="httpd" listen="http" proto="tcp" prefork=5
- imap cmd="imapd" listen="imap" proto="tcp" prefork=5
- # https cmd="httpd -s" listen="https" proto="tcp" prefork=5
- # imaps cmd="imapd -s" listen="imaps" proto="tcp" prefork=1
- sieve cmd="timsieved" listen="sieve" proto="tcp" prefork=0
- lmtp cmd="lmtpd" listen="lmtp" proto="tcp" prefork=1
- # lmtpunix cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=1
- syncserver cmd="sync_server" listen="csync"
-}
-
-EVENTS {
- # this is required
- checkpoint cmd="ctl_cyrusdb -c" period="39"
-
- # Expire deleted folders older than 28 days.
- deleteprune cmd="cyr_expire -E 4 -D 28" at="0400"
-
- # Expire deleted messages older than 28 days.
- expungeprune cmd="cyr_expire -E 4 -X 28" at="0132"
-
- # this is only necessary if caching TLS sessions
- tlsprune cmd="tls_prune" at="0400"
-
- # this is only necessary if using duplicate delivery suppression
- delprune cmd="cyr_expire -E 3" at="0400"
-
-}
-
-DAEMON {
- # this is only necessary if using idled for IMAP IDLE
- idled cmd="idled"
-
-}
diff --git a/docker/imap/rootfs/etc/cyrus-frontend.conf b/docker/imap/rootfs/etc/cyrus-frontend.conf
deleted file mode 100644
index 7b614e7d..00000000
--- a/docker/imap/rootfs/etc/cyrus-frontend.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-START {
- # do not delete this entry!
- recover cmd="ctl_cyrusdb -r"
-
-
-}
-
-SERVICES {
- mupdate cmd="mupdate" listen=3905 prefork=1
-
- imap cmd="proxyd" listen="imap" proto="tcp" prefork=1 maxchild=4096
- # imaps cmd="proxyd -s" listen="imaps" proto="tcp" prefork=1 maxchild=4096
- http cmd="httpd" listen="http" prefork=0
- # https cmd="httpd -s" listen="https" prefork=0
- sieve cmd="timsieved" listen="sieve" proto="tcp" prefork=1
- lmtp cmd="lmtpproxyd -a" listen="lmtp" proto="tcp" prefork=2
-}
-
-EVENTS {
- # this is required
- checkpoint cmd="ctl_cyrusdb -c" period="30"
-
- # this is only necessary if caching TLS sessions
- tlsprune cmd="tls_prune" at="0400"
-}
diff --git a/docker/imap/rootfs/etc/cyrus.conf b/docker/imap/rootfs/etc/cyrus.conf
index 4ef209c2..cc01a17c 100644
--- a/docker/imap/rootfs/etc/cyrus.conf
+++ b/docker/imap/rootfs/etc/cyrus.conf
@@ -1,41 +1,44 @@
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
statscleanup cmd="promstatsd -c"
- #mupdatepush cmd="ctl_mboxlist -m"
+ # WITH_MUPDATE mupdatepush cmd="ctl_mboxlist -m"
}
SERVICES {
-
- http cmd="httpd" listen=0.0.0.0:11080 proto="tcp" prefork=5
- imap cmd="imapd" listen=0.0.0.0:11143 proto="tcp" prefork=5
- # https cmd="httpd -s" listen=0.0.0.0:11443 proto="tcp" prefork=5
- # imaps cmd="imapd -s" listen=0.0.0.0:11993 proto="tcp" prefork=1
+ # ROLE_FRONTEND mupdate cmd="mupdate" listen=3905 prefork=1
+ http cmd="httpd" listen=0.0.0.0:11080 proto="tcp" prefork=1
+ # ROLE_BACKEND imap cmd="imapd" listen=0.0.0.0:11143 proto="tcp" prefork=1
+ # ROLE_FRONTEND imap cmd="proxyd" listen=0.0.0.0:11143 proto="tcp" prefork=1
+ # WITH_TLS https cmd="httpd -s" listen=0.0.0.0:11443 proto="tcp" prefork=1
+ # ROLE_BACKEND_WITH_TLS imaps cmd="imapd -s" listen=0.0.0.0:11993 proto="tcp" prefork=1
+ # ROLE_FRONTEND_WITH_TLS imaps cmd="proxyd -s" listen=0.0.0.0:11993 proto="tcp" prefork=1
sieve cmd="timsieved" listen=0.0.0.0:4190 proto="tcp" prefork=0
# lmtp without authentication required (-a)
- lmtp cmd="lmtpd -a" listen=0.0.0.0:11024 proto="tcp" prefork=1
+ # ROLE_BACKEND lmtp cmd="lmtpd -a" listen=0.0.0.0:11024 proto="tcp" prefork=1
+ # ROLE_FRONTEND lmtp cmd="lmtpproxyd -a" listen=0.0.0.0:11024 proto="tcp" prefork=1
}
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period="39"
# Expire deleted folders older than 28 days.
- deleteprune cmd="cyr_expire -E 4 -D 28" at="0400"
+ # ROLE_BACKEND deleteprune cmd="cyr_expire -E 4 -D 28" at="0400"
# Expire deleted messages older than 28 days.
- expungeprune cmd="cyr_expire -E 4 -X 28" at="0132"
+ # ROLE_BACKEND expungeprune cmd="cyr_expire -E 4 -X 28" at="0132"
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at="0400"
# this is only necessary if using duplicate delivery suppression
- delprune cmd="cyr_expire -E 3" at="0400"
+ # ROLE_BACKEND delprune cmd="cyr_expire -E 3" at="0400"
}
DAEMON {
# this is only necessary if using idled for IMAP IDLE
idled cmd="idled"
promstatsd cmd="promstatsd"
}
diff --git a/docker/imap/rootfs/etc/imapd-backend.conf b/docker/imap/rootfs/etc/imapd-backend.conf
deleted file mode 100644
index d15c169b..00000000
--- a/docker/imap/rootfs/etc/imapd-backend.conf
+++ /dev/null
@@ -1,104 +0,0 @@
-servername: imap-backend
-configdirectory: /var/lib/imap
-defaultpartition: default
-metapartition_files: annotations cache expunge header index
-partition-default: /var/spool/imap/
-sievedir: /var/lib/imap/sieve
-annotation_definitions: /etc/imapd.annotations.conf
-
-autocreate_quota: 5242880
-autocreate_inbox_folders: Drafts | Trash | Sent
-autocreate_subscribe_folders: Drafts | Trash | Sent
-# Set specialuse flags
-xlist-drafts: Drafts
-xlist-sent: Sent
-xlist-trash: Trash
-
-idlesocket: /var/lib/imap/socket/idle
-disable_shared_namespace: 0
-disable_user_namespace: 0
-duplicate_db_path: /run/cyrus/db/deliver.db
-mboxname_lockpath: /run/cyrus/lock
-proc_path: /run/cyrus/proc
-# Apparently does not work
-##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db
-statuscache_db_path: /run/cyrus/db/statuscache.db
-temp_path: /tmp
-tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
-
-sendmail: /usr/sbin/sendmail
-admins: IMAP_ADMIN_LOGIN
-sasl_pwcheck_method: saslauthd
-sasl_mech_list: PLAIN LOGIN
-allowplaintext: yes
-
-lmtp_over_quota_perm_failure: 1
-
-# tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
-# tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
-# tls_server_ca_file: /etc/pki/tls/certs/cyrus-imapd.ca.cert
-
-# tls_client_certs: off
-
-# tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
-
-# tls_prefer_server_ciphers: 1
-# tls_versions: tls1_3
-
-maxlogins_per_user: 50
-proxyd_disable_mailbox_referrals: 0
-
-
-httpmodules: caldav carddav domainkey freebusy ischedule rss webdav
-
-
-
-unixhierarchysep: 1
-virtdomains: userid
-sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date
-allowallsubscribe: 0
-anyoneuseracl: 0
-allowusermoves: 1
-altnamespace: 1
-disconnect_on_vanished_mailbox: 1
-hashimapspool: 1
-anysievefolder: 1
-fulldirhash: 0
-sieve_maxscripts: 150
-sieve_maxscriptsize: 128
-sieveusehomedir: 0
-sieve_allowreferrals: 0
-sieve_utf8fileinto: 1
-lmtp_downcase_rcpt: 1
-lmtp_fuzzy_mailbox_match: 1
-username_tolower: 1
-deletedprefix: DELETED
-delete_mode: delayed
-expunge_mode: delayed
-postuser: shared
-tcp_keepalive: 1
-
-syslog_prefix: cyrus-imapd
-
-calendar_default_displayname: test
-addressbook_default_displayname: test
-
-# mupdate is enabled
-mupdate_config: standard
-mupdate_server: imap-mupdate
-mupdate_port: 3905
-mupdate_authname: IMAP_ADMIN_LOGIN
-mupdate_username: IMAP_ADMIN_LOGIN
-mupdate_password: IMAP_ADMIN_PASSWORD
-
-# proxy authentication for these users
-proxyservers: IMAP_ADMIN_LOGIN
-
-# sync is enabled
-#sync_try_imap: 0
-#sync_log_chain: false
-#sync_authname: cyrus
-#sync_password: simple123
-#sync_log: 1
-#sync_repeat_interval: 10
-#sync_shutdown_file: /var/lib/imap/sync_shutdown
diff --git a/docker/imap/rootfs/etc/imapd-frontend.conf b/docker/imap/rootfs/etc/imapd-frontend.conf
deleted file mode 100644
index 1810f637..00000000
--- a/docker/imap/rootfs/etc/imapd-frontend.conf
+++ /dev/null
@@ -1,82 +0,0 @@
-servername: SERVERNAME
-configdirectory: /var/lib/imap
-
-autocreate_quota: 5242880
-
-idlesocket: /var/lib/imap/socket/idle
-disable_shared_namespace: 0
-disable_user_namespace: 0
-duplicate_db_path: /var/lib/imap/deliver.db
-mboxname_lockpath: /var/lib/imap/lock
-proc_path: /var/lib/imap/proc
-# Apparently does not work
-##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db
-statuscache_db_path: /var/lib/imap/statuscache.db
-temp_path: /tmp
-tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
-annotation_definitions: /etc/imapd.annotations.conf
-
-sendmail: /usr/sbin/sendmail
-admins: IMAP_ADMIN_LOGIN
-sasl_pwcheck_method: saslauthd
-sasl_mech_list: PLAIN LOGIN
-allowplaintext: yes
-
-lmtp_over_quota_perm_failure: 1
-
-tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
-tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
-tls_server_ca_file: TLS_SERVER_CA_FILE
-
-tls_client_certs: off
-tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
-tls_prefer_server_ciphers: 1
-sieve_tls_versions: tls1_0 tls1_1 tls1_2
-tls_versions: tls1_3
-maxlogins_per_user: 50
-# Disable mailbox referrals for all clients, as the referrals will point
-# addresses the client cannot reach.
-proxyd_disable_mailbox_referrals: 1
-
-serverlist: SERVERLIST
-
-httpmodules: caldav carddav domainkey freebusy ischedule rss webdav
-
-unixhierarchysep: 1
-virtdomains: userid
-sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date
-allowallsubscribe: 0
-anyoneuseracl: 0
-allowusermoves: 1
-altnamespace: 1
-disconnect_on_vanished_mailbox: 1
-hashimapspool: 1
-anysievefolder: 1
-fulldirhash: 0
-sieve_maxscripts: 150
-sieve_maxscriptsize: 128
-sieveusehomedir: 0
-sieve_allowreferrals: 0
-sieve_utf8fileinto: 1
-lmtp_downcase_rcpt: 1
-lmtp_fuzzy_mailbox_match: 1
-username_tolower: 1
-deletedprefix: DELETED
-delete_mode: delayed
-expunge_mode: delayed
-postuser: shared
-tcp_keepalive: 1
-
-syslog_prefix: cyrus-imapd
-
-# mupdate is enabled
-#mupdate_config: standard
-mupdate_server: MUPDATE
-mupdate_port: 3905
-mupdate_authname: IMAP_ADMIN_LOGIN
-mupdate_username: IMAP_ADMIN_LOGIN
-mupdate_password: IMAP_ADMIN_PASSWORD
-
-# proxy authentication against backends
-proxy_authname: IMAP_ADMIN_LOGIN
-proxy_password: IMAP_ADMIN_PASSWORD
diff --git a/docker/imap/rootfs/etc/imapd.conf b/docker/imap/rootfs/etc/imapd.conf
index 423a5fbb..34f78884 100644
--- a/docker/imap/rootfs/etc/imapd.conf
+++ b/docker/imap/rootfs/etc/imapd.conf
@@ -1,79 +1,104 @@
servername: SERVERNAME
configdirectory: /var/lib/imap
defaultpartition: default
metapartition_files: annotations cache expunge header index
partition-default: /var/spool/imap/
metapartition-default: /var/spool/imap/
sievedir: /var/lib/imap/sieve
annotation_definitions: /etc/imapd.annotations.conf
autocreate_quota: 5242880
autocreate_inbox_folders: Drafts | Trash | Sent
autocreate_subscribe_folders: Drafts | Trash | Sent
# Set specialuse flags
xlist-drafts: Drafts
xlist-sent: Sent
xlist-trash: Trash
+#
+# WITH_TLS tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
+# WITH_TLS tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
+# WITH_TLS tls_server_ca_file: TLS_SERVER_CA_FILE
+# WITH_TLS
+# WITH_TLS tls_client_certs: off
+# WITH_TLS tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
+# WITH_TLS tls_prefer_server_ciphers: 1
+# WITH_TLS sieve_tls_versions: tls1_0 tls1_1 tls1_2
+# WITH_TLS tls_versions: tls1_3
idlesocket: /var/lib/imap/socket/idle
disable_shared_namespace: 0
disable_user_namespace: 0
duplicate_db_path: /run/cyrus/db/deliver.db
mboxname_lockpath: /run/cyrus/lock
proc_path: /run/cyrus/proc
# Apparently does not work
##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db
statuscache_db_path: /run/cyrus/db/statuscache.db
temp_path: /tmp
tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
sendmail: /usr/sbin/sendmail
admins: IMAP_ADMIN_LOGIN
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN
sasl_saslauthd_path: /run/saslauthd/mux
allowplaintext: yes
lmtp_over_quota_perm_failure: 1
-maxlogins_per_user: 50
+maxlogins_per_user: MAXLOGINS_PER_USER
+# Disable mailbox referrals for all clients, as the referrals will point
+# addresses the client cannot reach.
proxyd_disable_mailbox_referrals: 0
httpmodules: caldav carddav domainkey freebusy ischedule rss webdav prometheus
caldav_allowcalendaradmin: 1
unixhierarchysep: 1
virtdomains: userid
sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date
allowallsubscribe: 0
anyoneuseracl: 0
allowusermoves: 1
altnamespace: 1
disconnect_on_vanished_mailbox: 1
hashimapspool: 1
anysievefolder: 1
fulldirhash: 0
sieve_maxscripts: 150
sieve_maxscriptsize: 128
sieveusehomedir: 0
sieve_allowreferrals: 0
sieve_utf8fileinto: 1
lmtp_downcase_rcpt: 1
lmtp_fuzzy_mailbox_match: 1
username_tolower: 1
deletedprefix: DELETED
delete_mode: delayed
expunge_mode: delayed
postuser: shared
tcp_keepalive: 1
prometheus_enabled: 1
syslog_prefix: cyrus-imapd
calendar_default_displayname: Calendar
addressbook_default_displayname: Addressbook
debug: 0
chatty: 1
+
+# proxy authentication for these users
+# ROLE_BACKEND proxyservers: IMAP_ADMIN_LOGIN
+
+# WITH_MUPDATE mupdate_server: MUPDATE
+# WITH_MUPDATE mupdate_port: 3905
+# WITH_MUPDATE mupdate_authname: IMAP_ADMIN_LOGIN
+# WITH_MUPDATE mupdate_username: IMAP_ADMIN_LOGIN
+# WITH_MUPDATE mupdate_password: IMAP_ADMIN_PASSWORD
+#
+# ROLE_FRONTEND # proxy authentication against backends
+# ROLE_FRONTEND proxy_authname: IMAP_ADMIN_LOGIN
+# ROLE_FRONTEND proxy_password: IMAP_ADMIN_PASSWORD
diff --git a/docker/imap/rootfs/init.sh b/docker/imap/rootfs/init.sh
index 38050195..feae66f7 100755
--- a/docker/imap/rootfs/init.sh
+++ b/docker/imap/rootfs/init.sh
@@ -1,49 +1,99 @@
#!/bin/bash
set -e
sed -i -r \
-e "s|IMAP_ADMIN_LOGIN|$IMAP_ADMIN_LOGIN|g" \
-e "s|IMAP_ADMIN_PASSWORD|$IMAP_ADMIN_PASSWORD|g" \
-e "s|MUPDATE|$MUPDATE|g" \
-e "s|SERVERLIST|$SERVERLIST|g" \
-e "s|SERVERNAME|$SERVERNAME|g" \
+ -e "s|MAXLOGINS_PER_USER|$MAXLOGINS_PER_USER|g" \
-e "s|TLS_SERVER_CA_FILE|$TLS_SERVER_CA_FILE|g" \
$IMAPD_CONF
+
sed -i -r \
-e "s|APP_SERVICES_DOMAIN|$APP_SERVICES_DOMAIN|g" \
-e "s|SERVICES_PORT|$SERVICES_PORT|g" \
/etc/saslauthd.conf
if [[ "$CYRUS_CONF" != "/etc/cyrus.conf" ]]; then
cp "$CYRUS_CONF" /etc/cyrus.conf
fi
if [[ "$IMAPD_CONF" != "/etc/imapd.conf" ]]; then
cp "$IMAPD_CONF" /etc/imapd.conf
fi
mkdir -p /var/lib/imap/socket
mkdir -p /var/lib/imap/db
-if [[ -f ${SSL_CERTIFICATE} ]]; then
- cat ${SSL_CERTIFICATE} ${SSL_CERTIFICATE_FULLCHAIN} ${SSL_CERTIFICATE_KEY} > /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
+if [[ "$WITH_TLS" == "true" ]]; then
+ if [[ -f ${SSL_CERTIFICATE} ]]; then
+ cat ${SSL_CERTIFICATE} ${SSL_CERTIFICATE_FULLCHAIN} ${SSL_CERTIFICATE_KEY} > /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
+ fi
+ sed -i \
+ -e "s|# WITH_TLS ||g" \
+ /etc/imapd.conf
+ sed -i \
+ -e "s|# WITH_TLS ||g" \
+ /etc/cyrus.conf
+fi
+if [[ "$ROLE" == "frontend" ]]; then
+ sed -i \
+ -e "s|# WITH_MUPDATE ||g" \
+ -e "s|# ROLE_FRONTEND ||g" \
+ /etc/imapd.conf
+ sed -i \
+ -e "s|# ROLE_FRONTEND ||g" \
+ /etc/cyrus.conf
+ if [[ "$WITH_TLS" == "true" ]]; then
+ sed -i \
+ -e "s|# ROLE_FRONTEND_WITH_TLS ||g" \
+ /etc/cyrus.conf
+ fi
+elif [[ "$ROLE" == "backend" ]]; then
+ sed -i \
+ -e "s|# WITH_MUPDATE ||g" \
+ -e "s|# ROLE_BACKEND ||g" \
+ /etc/imapd.conf
+ sed -i \
+ -e "s|# WITH_MUPDATE ||g" \
+ -e "s|# ROLE_BACKEND ||g" \
+ /etc/cyrus.conf
+ if [[ "$WITH_TLS" == "true" ]]; then
+ sed -i \
+ -e "s|# ROLE_BACKEND_WITH_TLS ||g" \
+ /etc/cyrus.conf
+ fi
+else
+ sed -i \
+ -e "s|# ROLE_BACKEND ||g" \
+ /etc/imapd.conf
+ sed -i \
+ -e "s|# ROLE_BACKEND ||g" \
+ /etc/cyrus.conf
+ if [[ "$WITH_TLS" == "true" ]]; then
+ sed -i \
+ -e "s|# ROLE_BACKEND_WITH_TLS ||g" \
+ /etc/cyrus.conf
+ fi
fi
/usr/sbin/saslauthd -m /run/saslauthd -a httpform -d &
# Can't run as user because of /dev/ permissions so far.
# Cyrus imap only logs to /dev/log, no way around it it seems.
# sudo rsyslogd
-# Cyrus needs an entry in /etc/passwd. THe alternative would be perhaps the nss_wrapper
+# Cyrus needs an entry in /etc/passwd. The alternative would perhaps be the nss_wrapper.
# https://docs.openshift.com/container-platform/3.11/creating_images/guidelines.html#openshift-specific-guidelines
# FIXME: This probably currently just works because we make /etc/ writable, which I suppose we shouldn't.
ID=$(id -u)
GID=$(id -g)
echo "$ID:x:$ID:$GID::/opt/app-root/:/bin/bash" > /etc/passwd
exec env CYRUS_VERBOSE=1 CYRUS_USER="$ID" /usr/libexec/master -D -p /var/run/master.pid

File Metadata

Mime Type
text/x-diff
Expires
Fri, Apr 24, 1:33 PM (1 d, 20 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
18866546
Default Alt Text
(20 KB)

Event Timeline