Compare commits

..

28 Commits

Author SHA1 Message Date
Erik Huelsmann
7c89b26987 * Automatic Dockerfile update by release process 2021-07-08 18:07:40 -04:00
Erik Huelsmann
cd7f62abc6 * Automatic Dockerfile update by release process 2021-06-14 14:42:45 -04:00
Erik Huelsmann
d518733d23 * Automatic Dockerfile update by release process 2021-06-03 14:41:51 -04:00
Erik Huelsmann
53c4e6ac92 * Automatic Dockerfile update by release process 2021-05-29 15:02:16 -04:00
Erik Huelsmann
78b902ddc9 * Automatic Dockerfile update by release process 2021-05-02 12:54:03 -04:00
Erik Huelsmann
c1fee69d52 * Automatic Dockerfile update by release process 2021-03-21 08:26:45 -04:00
Erik Huelsmann
33d4019521 * Automatic Dockerfile update by release process 2021-01-31 18:28:17 +00:00
Erik Huelsmann
2a138c50f2 * Automatic Dockerfile update by release process 2020-12-14 22:00:15 +00:00
Erik Huelsmann
11baa4c0a0 * Automatic Dockerfile update by release process 2020-11-18 20:39:19 +00:00
Erik Huelsmann
7e914dbfd1 * Automatic Dockerfile update by release process 2020-09-27 18:57:27 +00:00
Erik Huelsmann
1a1d294e31 * Automatic Dockerfile update by release process 2020-09-18 07:49:04 +00:00
Erik Huelsmann
44b544c8ba * Automatic Dockerfile update by release process 2020-09-13 19:20:04 +00:00
Erik Huelsmann
5dc7176b3f * Automatic Dockerfile update by release process 2020-09-04 19:18:29 +00:00
Erik Huelsmann
f25dee9473 * Automatic Dockerfile update by release process 2020-08-28 21:35:51 +00:00
Erik Huelsmann
0332a27535 Re #23: Add dependency on texlive-fonts-recommended 2020-08-24 22:46:32 +02:00
Erik Huelsmann
19c6b2d6df * Automatic Dockerfile update by release process 2020-07-25 09:08:22 +00:00
Erik Huelsmann
6ff37dc952 * Automatic Dockerfile update by release process 2020-06-29 09:25:07 +00:00
Erik Huelsmann
da234d021d * Automatic Dockerfile update by release process 2020-06-21 21:05:58 +00:00
Erik Huelsmann
ffb7ff1a09 Map the LedgerSMB port (5762) explicitly to local loopback (only) 2020-06-17 21:44:13 +02:00
Erik Huelsmann
966c1fd043 * Automatic Dockerfile update by release process 2020-05-31 12:42:56 +00:00
Erik Huelsmann
ba98f4c5c0 Update README to include 1.8 tag 2020-05-31 11:22:32 +02:00
Erik Huelsmann
20bd26798a * Automatic Dockerfile update by release process 2020-05-23 21:50:43 +00:00
Erik Huelsmann
f4bc2c874f * Automatic Dockerfile update by release process 2020-05-06 19:12:40 +00:00
Erik Huelsmann
0897045096 * Automatic Dockerfile update by release process 2020-04-27 15:17:44 +00:00
Erik Huelsmann
53ab84cbaa Update README.md 2020-04-12 21:34:14 +02:00
Erik Huelsmann
760c5c0138 * Automatic Dockerfile update by release process 2020-04-11 18:39:34 +00:00
Erik Huelsmann
8930ac395d * Automatic Dockerfile update by release process 2020-03-07 15:14:25 +00:00
Erik Huelsmann
1bbf65543b Update README.md to set correct list of supported tags 2020-03-07 15:38:14 +01:00
8 changed files with 168 additions and 598 deletions

View File

@@ -1,26 +0,0 @@
name: No Response
# Both `issue_comment` and `scheduled` event types are required for this Action
# to work properly.
on:
issue_comment:
types: [created]
schedule:
# Schedule for five minutes after the hour, every hour
- cron: '5 3 * * *'
jobs:
noResponse:
if: github.repository_owner == 'ledgersmb'
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v9
with:
days-before-issue-stale: -1
days-before-pr-stale: -1
stale-issue-label: waiting-for-user
# Number of days of inactivity before an Issue is closed for lack of response
days-before-close: 90
# Label requiring a response
close-issue-message: >
Closing: more than 90 days without user response. Feel free to reopen with your comments.

View File

@@ -1,72 +1,27 @@
FROM debian:stretch-slim
MAINTAINER Freelock john@freelock.com
# Build time variables # Build time variables
ARG LSMB_VERSION="1.7.32"
ARG SRCIMAGE=debian:bookworm-slim
FROM $SRCIMAGE AS builder
ARG LSMB_VERSION="1.11.22"
ARG LSMB_DL_DIR="Releases" ARG LSMB_DL_DIR="Releases"
ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz"
RUN set -x ; \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y dist-upgrade && \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y install dh-make-perl libmodule-cpanfile-perl git wget && \
apt-file update
RUN set -x ; \
wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "$ARTIFACT_LOCATION" && \
tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \
rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \
cd /srv/ledgersmb && \
( ( for lib in $( cpanfile-dump --with-all-features --recommends --no-configure --no-build --no-test ) ; \
do \
if dh-make-perl locate "$lib" 2>/dev/null ; \
then \
: \
else \
echo no : $lib ; \
fi ; \
done ) | grep -v dh-make-perl | grep -v 'not found' | grep -vi 'is in Perl ' | cut -d' ' -f4 | sort | uniq | tee /srv/derived-deps ) && \
cat /srv/derived-deps
#
#
# The real image build starts here
#
#
FROM $SRCIMAGE
LABEL org.opencontainers.image.authors="LedgerSMB project <devel@lists.ledgersmb.org>"
LABEL org.opencontainers.image.title="LedgerSMB double-entry accounting web-application"
LABEL org.opencontainers.image.description="LedgerSMB is a full featured double-entry financial accounting and Enterprise\
Resource Planning system accessed via a web browser (Perl/JS with a PostgreSQL\
backend) which offers 'Accounts Receivable', 'Accounts Payable' and 'General\
Ledger' tracking as well as inventory control and fixed assets handling. The\
LedgerSMB client can be a web browser or a programmed API call. The goal of\
the LedgerSMB project is to bring high quality ERP and accounting capabilities\
to Small and Midsize Businesses."
ARG LSMB_VERSION="1.11.22"
ARG LSMB_DL_DIR="Releases"
ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz"
# Install Perl, Tex, Starman, psql client, and all dependencies # Install Perl, Tex, Starman, psql client, and all dependencies
# Without libclass-c3-xs-perl, performance is terribly slow... # Without libclass-c3-xs-perl, performance is terribly slow...
# Without libclass-accessor-lite-perl, HTML::Entities won't build from CPAN
# libnet-cidr-lite-perl is a dependency for Plack::Builder::Conditionals
# which is being installed from CPAN
# libtest-requires-perl is a dependency of Module-Build-Pluggable-PPPort
# on which HTML::Escape depends
# Installing psql client directly from instructions at https://wiki.postgresql.org/wiki/Apt # Installing psql client directly from instructions at https://wiki.postgresql.org/wiki/Apt
# That mitigates issues where the PG instance is running a newer version than this container # That mitigates issues where the PG instance is running a newer version than this container
# for Buster, add:
COPY --from=builder /srv/derived-deps /tmp/derived-deps # libhtml-escape-perl \
# libplack-middleware-builder-conditionals-perl \
RUN set -x ; \ # libplack-request-withencoding-perl \
echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \ #libversion-compare-perl
RUN echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \
mkdir -p /usr/share/man/man1/ && \ mkdir -p /usr/share/man/man1/ && \
mkdir -p /usr/share/man/man2/ && \ mkdir -p /usr/share/man/man2/ && \
mkdir -p /usr/share/man/man3/ && \ mkdir -p /usr/share/man/man3/ && \
@@ -74,33 +29,55 @@ RUN set -x ; \
mkdir -p /usr/share/man/man5/ && \ mkdir -p /usr/share/man/man5/ && \
mkdir -p /usr/share/man/man6/ && \ mkdir -p /usr/share/man/man6/ && \
mkdir -p /usr/share/man/man7/ && \ mkdir -p /usr/share/man/man7/ && \
mkdir -p /usr/share/man/man8/ && \ DEBIAN_FRONTEND="noninteractive" apt-get update -q && \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ DEBIAN_FRONTEND="noninteractive" apt-get dist-upgrade -y -q && \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y dist-upgrade && \ DEBIAN_FRONTEND="noninteractive" apt-get -y -q install \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y install \ wget ca-certificates gnupg \
wget ca-certificates gnupg iproute2 \ libcgi-emulate-psgi-perl libconfig-inifiles-perl \
$( cat /tmp/derived-deps ) \ libdbd-pg-perl libdbi-perl libdata-uuid-perl libdatetime-perl \
libclass-c3-xs-perl \ libdatetime-format-strptime-perl \
texlive-plain-generic texlive-latex-recommended texlive-fonts-recommended \ libio-stringy-perl \
libcpanel-json-xs-perl liblist-moreutils-perl \
liblocale-maketext-perl liblocale-maketext-lexicon-perl \
liblog-log4perl-perl libmime-lite-perl libmime-types-perl \
libmath-bigint-gmp-perl libmodule-runtime-perl libmoose-perl \
libmoosex-nonmoose-perl libnumber-format-perl \
libpgobject-perl libpgobject-simple-perl libpgobject-simple-role-perl \
libpgobject-type-bigfloat-perl libpgobject-type-datetime-perl \
libpgobject-type-bytestring-perl libpgobject-util-dbmethod-perl \
libpgobject-util-dbadmin-perl libplack-perl \
libplack-middleware-reverseproxy-perl \
libtemplate-perl libtext-csv-perl libtext-csv-xs-perl \
libtext-markdown-perl libxml-simple-perl \
libnamespace-autoclean-perl \
libfile-find-rule-perl \
libtemplate-plugin-latex-perl libtex-encode-perl \
libclass-c3-xs-perl libclass-accessor-lite-perl \
libnet-cidr-lite-perl \
texlive-latex-recommended texlive-fonts-recommended \
texlive-xetex fonts-liberation \ texlive-xetex fonts-liberation \
starman \
libopenoffice-oodoc-perl \
ssmtp \
lsb-release && \ lsb-release && \
echo "deb [signed-by=/etc/apt/keyrings/postgresql.asc] http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \ echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc > /etc/apt/keyrings/postgresql.asc && \ (wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -) && \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y install postgresql-client && \ DEBIAN_FRONTEND="noninteractive" apt-get -q -y install postgresql-client && \
DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \ DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \
wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "$ARTIFACT_LOCATION" && \ wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" && \
tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \
rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \
cpanm --metacpan --notest \ cpanm --notest \
--with-feature=starman \ --with-feature=starman \
--with-feature=latex-pdf-ps \ --with-feature=latex-pdf-ps \
--with-feature=openoffice \ --with-feature=openoffice \
--installdeps /srv/ledgersmb/ && \ --installdeps /srv/ledgersmb/ && \
DEBIAN_FRONTEND="noninteractive" apt-get purge -q -y git cpanminus make gcc libperl-dev && \ apt-get purge -q -y git cpanminus make gcc libperl-dev && \
DEBIAN_FRONTEND="noninteractive" apt-get autoremove -q -y && \ apt-get autoremove -q -y && \
DEBIAN_FRONTEND="noninteractive" apt-get clean -q && \ apt-get autoclean -q && \
rm -rf ~/.cpanm/ /var/lib/apt/lists/* /usr/share/man/* rm -rf ~/.cpanm/ && \
rm -rf /var/lib/apt/lists/* /usr/share/man/*
WORKDIR /srv/ledgersmb WORKDIR /srv/ledgersmb
@@ -109,31 +86,30 @@ WORKDIR /srv/ledgersmb
# Configure outgoing mail to use host, other run time variable defaults # Configure outgoing mail to use host, other run time variable defaults
## MAIL ## sSMTP
# '__CONTAINER_GATEWAY__' is a magic value which will be substituted ENV SSMTP_ROOT ar@example.com
# with the actual gateway IP address ENV SSMTP_MAILHUB 172.17.0.1
ENV LSMB_MAIL_SMTPHOST __CONTAINER_GATEWAY__ ENV SSMTP_HOSTNAME 172.17.0.1
#ENV LSMB_MAIL_SMTPPORT 25 #ENV SSMTP_USE_STARTTLS
#ENV LSMB_MAIL_SMTPSENDER_HOSTNAME (container hostname) #ENV SSMTP_AUTH_USER
#ENV LSMB_MAIL_SMTPTLS #ENV SSMTP_AUTH_PASS
#ENV LSMB_MAIL_SMTPUSER ENV SSMTP_FROMLINE_OVERRIDE YES
#ENV LSMB_MAIL_SMTPPASS #ENV SSMTP_AUTH_METHOD
#ENV LSMB_MAIL_SMTPAUTHMECH
## DATABASE
ENV POSTGRES_HOST postgres ENV POSTGRES_HOST postgres
ENV POSTGRES_PORT 5432 ENV POSTGRES_PORT 5432
ENV DEFAULT_DB lsmb ENV DEFAULT_DB lsmb
COPY start.sh /usr/local/bin/start.sh COPY start.sh /usr/local/bin/start.sh
COPY update_ssmtp.sh /usr/local/bin/update_ssmtp.sh
RUN chmod +x /usr/local/bin/start.sh && \ RUN chown www-data /etc/ssmtp /etc/ssmtp/ssmtp.conf && \
mkdir -p /var/www && \ chmod +x /usr/local/bin/update_ssmtp.sh /usr/local/bin/start.sh && \
mkdir -p /srv/ledgersmb/local/conf && \ mkdir -p /var/www
chown -R www-data /srv/ledgersmb/local
# Work around an aufs bug related to directory permissions: # Work around an aufs bug related to directory permissions:
RUN mkdir -p /tmp && chmod 1777 /tmp RUN mkdir -p /tmp && \
chmod 1777 /tmp
# Internal Port Expose # Internal Port Expose
EXPOSE 5762 EXPOSE 5762

213
README.md
View File

@@ -2,35 +2,17 @@
Dockerfile for LedgerSMB Docker image Dockerfile for LedgerSMB Docker image
## Content
1. [Supported tags](#supported-tags)
2. [What is LedgerSMB](#what-is-ledgersmb)
3. [How to use this image](#how-to-use-this-image)
4. [Set up LedgerSMB](#set-up-ledgersmb)
5. [Updating the LedgerSMB container](#updating-the-ledgersmb-container)
6. [Environment Variables](#environment-variables)
7. [Advanced setup](#advanced-setup)
8. [Troubleshooting](#troubleshootingdeveloping)
9. [User feedback](#user-feedback)
# Supported tags # Supported tags
- `1.12`, `1.12.x`, `latest` - Latest official release from the 1.12 branch - `1.8` - Preview version for the 1.8 branch
- `1.11`, `1.11.x` - Latest official release from the 1.11 branch - `1.7`, `1.7.x`, `latest` - Latest official release from 1.7 branch
- `1.10`, `1.10.38` - Last official release from the 1.10 branch (End-of-Life) - `1.6`, `1.6.x` - Latest official release from 1.6 branch
- `1.9`, `1.9.30` - Last official release from the 1.9 branch (End-of-Life) - `1.5`, `1.5.30` - Last official release from 1.5 branch
- `1.8`, `1.8.31` - Last official release from the 1.8 branch (End-of-Life) - `1.4`, `1.4.42` - Last official release from 1.4 branch
- `1.7`, `1.7.41` - Last official release from the 1.7 branch (End-of-Life)
- `1.6`, `1.6.33` - Last official release from the 1.6 branch (End-of-Life)
- `1.5`, `1.5.30` - Last official release from the 1.5 branch (End-of-Life)
- `1.4`, `1.4.42` - Last official release from the 1.4 branch (End-of-Life)
- `master` - Master branch from git, unstable - `master` - Master branch from git, unstable
Containers supporting the development process are provided Containers supporting the development process are provided
through the ledgersmb-dev-docker project. See [the development through the ledgersmb-dev-docker project. See https://github.com/ledgersmb/ledgersmb-dev-docker/blob/master/README.md#getting-started.
container's README](https://github.com/ledgersmb/ledgersmb-dev-docker/blob/master/README.md#getting-started)
for more information.
# What is LedgerSMB? # What is LedgerSMB?
@@ -63,37 +45,25 @@ could require additional setup of a mail service or CUPS printer service.
This image can be installed either automatically with the Docker compose file This image can be installed either automatically with the Docker compose file
or manually with docker only. or manually with docker only.
## Docker-Compose: Installation and start ## Docker-Compose installation and start
This repository provides a file named `docker-compose.yml` which can be used to This image provides `docker-compose.yml` which can be used to pull related
pull related images, install them, establish an internal network for their images, install them, establish an internal network for their communications,
communications, adjust environment variables, start and stop LedgerSMB. The adjust environment variables, start and stop LedgerSMB. The only instructions
only instructions required, after the optional edition of the file to adjust required, after the optional edition of the file to adjust the environment
the environment variables, are: variables, are:
```plain ```plain
$ docker-compose pull $ docker-compose pull
$ docker-compose up -d $ docker-compose up
```
Or use the following to set a different password and/or parallel processing
capacity (so called 'workers'):
```plain
$ docker-compose pull
$ POSTGRES_PASSWORD=def \
LSMB_WORKERS=10 \
docker-compose up -d
``` ```
This will set up two containers: (1) a PostgreSQL container with persistent This will set up two containers: (1) a PostgreSQL container with persistent
storage which is retained between container updates and (2) a LedgerSMB storage which is retained between container updates and (2) a LedgerSMB
container configured to connect to the PostgreSQL container as its database container configured to connect to the PostgreSQL container as its database
server. Your LedgerSMB installation should now be accessible through server.
[http://localhost:5762/](http://localhost:5762/).
The default number of workers is 5. The default database username and password The database username and password are:
are:
```plain ```plain
username: postgres username: postgres
@@ -101,7 +71,7 @@ are:
``` ```
From here, follow the steps as detailed in the instructions for From here, follow the steps as detailed in the instructions for
[preparing for first use](https://ledgersmb.org/content/preparing-ledgersmb-19-first-use). [preparing for first use](https://ledgersmb.org/content/preparing-ledgersmb-17-first-use).
## Manual installation ## Manual installation
@@ -140,13 +110,9 @@ Visit http://localhost:5762/login.pl to log in and get started.
No persistant data is stored in the LedgerSMB container. No persistant data is stored in the LedgerSMB container.
All LedgerSMB data is stored in PostgreSQL, so you can stop/destroy/run a All LedgerSMB data is stored in Postgres, so you can stop/destroy/run a
new LedgerSMB container as often as you want. new LedgerSMB container as often as you want.
In case of the Docker Compose setup, all PostgreSQL data is stored on the
Docker volume with the name ending in `_pgdata`. This volume is not destroyed
when updating the containers; only explicit removal destroys the data.
# Environment Variables # Environment Variables
The LedgerSMB image uses several environment variables. They are all optional. The LedgerSMB image uses several environment variables. They are all optional.
@@ -182,6 +148,30 @@ affect the performance experience of users.
## Mail configuration ## Mail configuration
### Before 1.8.0
These variables are used to set outgoing SMTP defaults.
* `SSMTP_ROOT` (config: `Root` -- DEPRECATED)
* `SSMTP_MAILHUB` (config: `Mailhub`)
* `SSMTP_HOSTNAME` (config: `Hostname`)
* `SSMTP_USE_STARTTLS` (config: `UseSTARTTLS`)
* `SSMTP_AUTH_USER` (config: `AuthUser`)
* `SSMTP_AUTH_PASS` (config: `AuthPass`)
* `SSMTP_AUTH_METHOD` (config: `AuthMethod` -- DEPRECATED)
* `SSMTP_FROMLINE_OVERRIDE` (config: `FromLineOverride` -- DEPRECATED)
`SSMTP_MAILHUB` defaults to the default docker0 interface, so if your host is
already configured to relay mail, this should relay successfully with only
the root and hostname set.
Use the other environment variables to relay mail through a different host.
Use the [ssmtp.conf man
page](https://www.systutorials.com/docs/linux/man/5-ssmtp.conf/) to look up
the meaning and function of each of the mail configuration keys.
### 1.8.0 and higher (under development)
As of 1.8.0, the image is based on Debian Buster instead of Debian Stretch; As of 1.8.0, the image is based on Debian Buster instead of Debian Stretch;
with Buster, the `ssmtp` program has been removed from Debian, this image with Buster, the `ssmtp` program has been removed from Debian, this image
had to change strategy. The main application always came with built-in e-mail had to change strategy. The main application always came with built-in e-mail
@@ -189,117 +179,15 @@ yet with the deprecation, the abilities have expanded.
The following parameters are now supported to set mail preferences: The following parameters are now supported to set mail preferences:
* `LSMB_MAIL_SMTPHOST` \ * `LSMB_MAIL_SMTPHOST`
The host name/IP-address of the SMTP server that will forward mail from * `LSMB_MAIL_SMTPPORT`
LedgerSMB to the outside world. * `LSMB_MAIL_SMTPTLS`
* `LSMB_MAIL_SMTPPORT` \ * `LSMB_MAIL_SMTPSENDER_HOSTNAME`
The port that the SMTP server in `LSMB_MAIL_SMTPHOST` listens to. * `LSMB_MAIL_SMTPUSER`
* `LSMB_MAIL_SMTPTLS` \ * `LSMB_MAIL_SMTPPASS`
Can be one of `no` (default), `yes` or `raw`. `yes` indicates to use * `LSMB_MAIL_SMTPAUTHMECH`
STARTTLS over a regular SMTP connection; `raw`' indicates an SMTP connection
should be established over a TLS connection (a.k.a. smtps).
* `LSMB_MAIL_SMTPSENDER_HOSTNAME` (optional) \
When set, used to identify the host when connecting to an SMTP server. When
not set, the host is queried for its host name.
* `LSMB_MAIL_SMTPUSER` \
Username to authenticate to the SMTP host in `LSMB_MAIL_SMTPHOST`.
* `LSMB_MAIL_SMTPPASS` \
Password to authenticate to the SMTP host in `LSMB_MAIL_SMTPHOST` with the
user in `LSMB_MAIL_SMTPUSER`.
* `LSMB_MAIL_SMTPAUTHMECH` \
A space separated list of SASL mechanisms to be used for authentication of
the smtp connection with the SMTP server. Available mechanisms depend on
your installed environment, but the following mechanisms should be available
in all of them: `PLAIN` `LOGIN` `CRAM_MD5` & `DIGEST_MD5`. **Note that**
`PLAIN` or `LOGIN` send passwords in plain text over the wire to the SMTP
server; only use these methods in combination with TLS encryption.
# Advanced setup
## Changing configuration
The configuration file is stored in /srv/ledgersmb/local/conf/. By mounting
that directory using a bind-mount to a location outside the container,
configuration can be changed between container starts:
```plain
$ docker run -d -p 5762:5762 --name myledger \
--mount 'type=bind,src=/home/ledgersmb/conf,dst=/srv/ledgersmb/local/conf \
-e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest
```
## Overriding or adding configuration
By pre-creating a configuration file in the mounted configuration directory,
the standard configuration generation process in the container can be overruled:
```plain
$ cat <<EOF > /home/ledgersmb/conf/ledgersmb.yaml
... YOUR CONFIG HERE ...
EOF
$ docker run -d -p 5762:5762 --name myledger \
--mount 'type=bind,src=/home/ledgersmb/conf,dst=/srv/ledgersmb/local/conf \
-e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest
```
If you do not want to completely overrule the configuration generated, but instead
supplement the configuration, you can put incremental configuration snippets in
files named `ledgersmb.1XX.yaml` in the same folder. E.g.:
```plain
$ cat <<EOF > /home/ledgersmb/conf/ledgersmb.100.yaml
logging:
file: ledgersmb.logging
EOF
```
[Documentation with respect to the available configuration
keys](https://github.com/ledgersmb/LedgerSMB/blob/master/doc/conf/ledgersmb.yaml)
is available in the LedgerSMB repository.
## Docker Compose with reverse proxy
The `docker-compose-reverseproxy.yml` file shows a docker-compose setup
which adds an Nginx reverse proxy configuration on top of the base
`docker-compose.yml` configuration file. If the content of this repository
is cloned into the current directory (`git clone https://github.com/ledgersmb/ledgersmb-docker.git ; cd ledgersmb-docker`), it can be used as:
```plain
$ docker-compose \
-f docker-compose.yml \
-f docker-compose-reverseproxy.yml \
up -d
```
This setup can be used in combination with an image which runs the
Certbot certificate renewal process *and* Nginx to do TLS termination. The
default reverse proxy is mostly an example; it publishes on
[http://localhost:8080/](http://localhost:8080/).
An example of such an image can be found at
[https://github.com/jonasalfredsson/docker-nginx-certbot](https://github.com/jonasalfredsson/docker-nginx-certbot),
which is published on Docker Hub as
[jonasal/nginx-certbot](https://hub.docker.com/r/jonasal/nginx-certbot).
**Upgrade note** When upgrading this setup, please remove the volume ending
in `_lsmbdata` before starting the upgraded containers. Without that, the
webcontent won't be upgraded! E.g.:
```plain
$ docker-compose \
-f docker-compose.yml \
-f docker-compose-reverseproxy.yml \
rm -s -f -v && \
docker volume rm ledgersmb-docker_lsmbdata && \
docker-compose \
-f docker-compose.yml \
-f docker-compose-reverseproxy.yml \
pull && \
docker-compose \
-f docker-compose.yml \
-f docker-compose-reverseproxy.yml \
up -d
```
# Troubleshooting/Developing # Troubleshooting/Developing
@@ -316,8 +204,9 @@ please contact us on the [mailing list](http://ledgersmb.org/topic/support/maili
or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues).
You can also reach some of the official LedgerSMB maintainers via the You can also reach some of the official LedgerSMB maintainers via the
[Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). `#ledgersmb` IRC channel on [Freenode](https://freenode.net), or on the
The [Element](https://app.element.io/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. bridged [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org).
The [Riot.im](https://riot.im/app/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended.
## Contributing ## Contributing

View File

@@ -1,36 +0,0 @@
# Use this docker-compose file as:
#
# docker-compose -f docker-compose.yml -f docker-compose-reverseproxy.yml up -d
#
#
# This command creates one
# compose 'project' consisting of three containers
#
# 1. The PostgreSQL data container
# 2. The LedgerSMB application container
# 3. The Nginx reverse proxy container
#
# In addition to publishing LedgerSMB on port 5762 on localhost,
# this project also publishes Nginx's reverse proxied content on
# port 8080 on localhost
version: "3.2"
services:
proxy:
depends_on:
- lsmb
image: nginx:1-alpine
volumes:
- "lsmbdata:/srv/ledgersmb"
- "./nginx.conf:/etc/nginx/nginx.conf"
ports:
- "8080:8080"
# Comment the line below to stop the container from restarting on boot
# unless it was manually stopped
restart: unless-stopped
lsmb:
volumes:
- "lsmbdata:/srv/ledgersmb"
volumes:
lsmbdata:

View File

@@ -16,46 +16,24 @@ services:
# because that allows us to use the default hostname ("postgres") # because that allows us to use the default hostname ("postgres")
# from the LedgerSMB configuration # from the LedgerSMB configuration
postgres: postgres:
image: postgres:15-alpine image: postgres:9.6-alpine
environment: environment:
# Replace the password below for a secure setup # Replace the password below for a secure setup
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-abc} POSTGRES_PASSWORD: abc
PGDATA: /var/lib/postgresql/data/pgdata PGDATA: /var/lib/postgresql/data/pgdata
networks: networks:
- internal - internal
volumes: volumes:
- "pgdata:/var/lib/postgresql/data" - "pgdata:/var/lib/postgresql/data"
# Comment the line below to stop the container from restarting on boot
# unless it was manually stopped
restart: unless-stopped
lsmb: lsmb:
depends_on: depends_on:
- postgres - postgres
image: ghcr.io/ledgersmb/ledgersmb:1.11 image: ledgersmb/ledgersmb:1.7
# In order to store the configuration outside the image, allowing it to
# be edited between container restarts, uncomment the section below and
# change the 'source' to the directory where you want the configuration
# to be stored.
# volumes:
# # Override all configuration:
# - type: bind
# source: /home/ledgersmb/conf
# target: /srv/ledgersmb/local/conf
# # Add a snippet of configuration:
# - type: bind
# source: /home/ledgersmb/conf/ledgersmb.100.yaml
# target: /srv/ledgersmb/local/conf/ledgersmb.100.yaml
networks: networks:
- internal - internal
- default - default
# Comment the 'ports' section to disable mapping the LedgerSMB container port (5762)
# to the host's port of the same number. Mapping "5762:5762" makes LedgerSMB
# available on http://<host-dns-or-ip>:5762/
# SECURITY NOTE: Leave this uncommented for evaluation purposes only!
# In production, be sure to use SSL/TLS (such as by reverse proxying) to protect
# user's passwords and other sensitive data
ports: ports:
- "5762:5762" - "127.0.0.1:5762:5762"
environment: environment:
# The LSMB_WORKERS environment variable lets you select the number # The LSMB_WORKERS environment variable lets you select the number
# of processes serving HTTP requests. The default number of 2 workers # of processes serving HTTP requests. The default number of 2 workers
@@ -63,29 +41,17 @@ services:
# improve the performance experience, increase memory and the # improve the performance experience, increase memory and the
# number of workers # number of workers
# #
LSMB_WORKERS: ${LSMB_WORKERS:-5} LSMB_WORKERS: 2
# #
# #
# SSMTP_ROOT:
# LSMB_MAIL_SMTPHOST: # SSMTP_HOSTNAME:
# LSMB_MAIL_SMTPPORT: # SSMTP_MAILHUB:
# LSMB_MAIL_SMTPTLS: # SSMTP_AUTH_USER:
# LSMB_MAIL_SMTPSENDER_HOSTNAME: # SSMTP_AUTH_PASS:
# LSMB_MAIL_SMTPUSER: # SSMTP_AUTH_METHOD:
# LSMB_MAIL_SMTPPASS: # SSMTP_USE_STARTTLS:
# LSMB_MAIL_SMTPAUTHMECH: # SSMTP_FROMLINE_OVERRIDE:
#
#
# The PROXY_IP environment variable lets you set the IP address
# (range) of the reverse proxy used for TLS termination, which forwards
# its requests to this container. When this reverse proxy runs on the
# Docker host, the default below applies. In case the reverse proxy is
# hosted in a separate container, this setting needs to be adjusted.
#
# PROXY_IP: 172.17.0.1/12
# Comment the line below to stop the container from restarting on boot
# unless it was manually stopped
restart: unless-stopped
# having the dbdata volume is required to persist our # having the dbdata volume is required to persist our
# data between PostgreSQL container updates; without # data between PostgreSQL container updates; without

View File

@@ -1,81 +0,0 @@
# This is a full (minimal) nginx configuration file
error_log /dev/stderr info;
pid /tmp/nginx.pid;
worker_processes 1;
events {
worker_connections 1024;
}
http {
client_body_temp_path /tmp/client_body;
proxy_temp_path /tmp/proxy_temp;
fastcgi_temp_path /tmp/fastcgi_temp;
scgi_temp_path /tmp/scgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stdout;
error_log /dev/stderr info;
gzip off;
gzip_static on;
server {
listen 8080 default_server;
listen [::]:8080 default_server ipv6only=on;
root /srv/ledgersmb/UI;
access_log /dev/stdout;
error_log /dev/stderr info;
# Don't log status polls
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
allow ::1;
deny all;
}
# Configuration files don't exist
location ^~ \.conf$ {
return 404;
}
# 'Hidden' files don't exist
location ~ /\. {
return 404;
}
location = / {
return 301 /login.pl;
}
# JS & CSS
location ~* \.(js|css)$ {
add_header Pragma "public";
add_header Cache-Control "public, must-revalidate, proxy-revalidate"; # Production
expires 7d; # Indicate that the resource can be cached for 1 week # Production
try_files $uri =404;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300;
proxy_pass http://lsmb:5762;
}
}
}

170
start.sh
View File

@@ -1,169 +1,33 @@
#!/bin/bash #!/bin/bash
update_ssmtp.sh
cd /srv/ledgersmb cd /srv/ledgersmb
[[ -d ./local/conf/ ]] || mkdir ./local/conf/
if [[ -n "$SSMTP_ROOT" ]]; then
echo "\$SSMTP_ROOT set; parameter is deprecated and will be ignored"
LSMB_HAVE_DEPRECATED=1
fi
if [[ -n "$SSMTP_FROMLINE_OVERRIDE" ]]; then
echo "\$SSMTP_FROMLINE_OVERRIDE set; parameter is deprecated and will be ignored"
LSMB_HAVE_DEPRECATED=1
fi
if [[ -n "$SSMTP_MAILHUB" ]]; then
echo "\$SSMTP_MAILHUB set; parameter is deprecated"
if [[ -z "$LSMB_MAIL_SMTPHOST" ]]; then
echo " Deriving \$LSMB_MAIL_SMTPHOST setting from \$SSMTP_MAILHUB"
LSMB_MAIL_SMTPHOST=${SSMTP_MAILHUB%:*}
fi
if [[ -z "$LSMB_MAIL_SMTPPORT" ]]; then
echo " Deriving \$LSMB_MAIL_SMTPPORT setting from \$SSMTP_MAILHUB"
LSMB_MAIL_SMTPPORT=${SSMTP_MAILHUB#*:}
fi
LSMB_HAVE_DEPRECATED=1
fi
if [[ -n "$SSMTP_HOSTNAME" ]]; then
echo "\$SSMTP_HOSTNAME set; parameter is deprecated"
if [[ -z "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]; then
echo " Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_HOSTNAME"
LSMB_MAIL_SMTPSENDER_HOSTNAME=$SSMTP_HOSTNAME
fi
LSMB_HAVE_DEPRECATED=1
fi
if [[ -n "$SSMTP_USE_STARTTLS" ]]; then
echo "\$SSMTP_USE_STARTTLS set; parameter is deprecated"
if [[ -z "$LSMB_MAIL_SMTPTLS" ]]; then
echo " Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_USE_STARTTLS"
LSMB_MAIL_SMTPTLS=$SSMTP_USE_STARTTLS
fi
LSMB_HAVE_DEPRECATED=1
fi
if [[ -n "$SSMTP_AUTH_USER" ]]; then
echo "\$SSMTP_AUTH_USER set; parameter is deprecated"
if [[ -z "$LSMB_MAIL_SMTPUSER" ]]; then
echo " Deriving \$LSMB_MAIL_SMTPUSER setting from \$SSMTP_AUTH_USER"
LSMB_MAIL_SMTPUSER=$SSMTP_AUTH_USER
fi
LSMB_HAVE_DEPRECATED=1
fi
if [[ -n "$SSMTP_AUTH_PASS" ]]; then
echo "\$SSMTP_AUTH_PASS set; parameter is deprecated"
if [[ -z "$LSMB_MAIL_SMTPPASS" ]]; then
echo " Deriving \$LSMB_MAIL_SMTPPASS setting from \$SSMTP_AUTH_PASS"
LSMB_MAIL_SMTPPASS=$SSMTP_AUTH_PASS
fi
LSMB_HAVE_DEPRECATED=1
fi
if [[ -n "$SSMTP_AUTH_METHOD" ]]; then
echo "\$SSMTP_AUTH_METHOD set; parameter is deprecated"
if [[ -z "$LSMB_MAIL_SMTPAUTHMECH" ]]; then
echo " Deriving \$LSMB_MAIL_SMTPAUTHMECH setting from \$SSMTP_AUTH_METHOD"
LSMB_MAIL_SMTPAUTHMECH=$SSMTP_AUTH_METHOD
fi
LSMB_HAVE_DEPRECATED=1
fi
if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then if [[ ! -f ledgersmb.conf ]]; then
echo "!!! DEPRECATED \$SSMTP_* PARAMETERS WILL BE REMOVED in the 1.9 image!!!" cat <<EOF >/tmp/ledgersmb.conf
fi [main]
cache_templates = 1
if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then [database]
cat <<EOF >./local/conf/ledgersmb.yaml host = $POSTGRES_HOST
paths: port = $POSTGRES_PORT
\$class: Beam::Wire default_db = $DEFAULT_DB
config:
UI: ./UI/
UI_cache: lsmb_templates/
db: [mail]
\$class: LedgerSMB::Database::Factory sendmail = /usr/sbin/ssmtp
connect_data:
host: ${POSTGRES_HOST:-postgres}
port: ${POSTGRES_PORT:-5432}
mail:
transport:
\$class: LedgerSMB::Mailer::TransportSMTP
tls: $LSMB_MAIL_SMTPTLS
miscellaneous:
\$class: Beam::Wire
config:
proxy_ip: ${PROXY_IP:-172.17.0.1/12}
ui:
class: LedgerSMB::Template::UI
method: new_UI
lifecycle: eager
args:
cache:
\$ref: paths/UI_cache
root:
\$ref: paths/UI
EOF EOF
export LSMB_CONFIG_FILE='/tmp/ledgersmb.conf'
fi
if [[ -n "$LSMB_MAIL_SMTPHOST" ]] if [ ! -d "/tmp/ledgersmb" ]; then
then mkdir -p /tmp/ledgersmb
if [[ "$LSMB_MAIL_SMTPHOST" == "__CONTAINER_GATEWAY__" ]]
then
LSMB_MAIL_SMTPHOST="$(ip route | awk '/default/ { print $3 }')"
export LSMB_MAIL_SMTPHOST
fi
cat <<EOF >./local/conf/ledgersmb.000.yaml
mail:
transport:
host: $LSMB_MAIL_SMTPHOST
EOF
fi
if [[ -n "$LSMB_MAIL_SMTPPORT" ]]
then
cat <<EOF >./local/conf/ledgersmb.001.yaml
mail:
transport:
port: $LSMB_MAIL_SMTPPORT
EOF
fi
if [[ -n "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]
then
cat <<EOF >./local/conf/ledgersmb.002.yaml
mail:
transport:
helo: $LSMB_MAIL_SMTPSENDER_HOSTNAME
EOF
fi
if [[ -n "$LSMB_MAIL_SMTPUSER" ]]
then
cat <<EOF >./local/conf/ledgersmb.003.yaml
mail:
transport:
sasl_password: ''
sasl_username:
\$class: Authen::SASL
mechanism: $LSMB_MAIL_SMTPAUTHMECH
callback:
user: $LSMB_MAIL_SMTPUSER
pass: $LSMB_MAIL_SMTPPASS
EOF
fi
fi fi
# start ledgersmb # start ledgersmb
# --preload-app allows application initialization to kill the entire # --preload-app allows application initialization to kill the entire
# starman instance (instead of just the worker, which will immediately # starman instance (instead of just the worker, which will immediately
# get restarted) on error; it also has a positive effect on memory use # get restarted); it also has a positive effect on memory use
LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml} exec starman --port 5762 --workers ${LSMB_WORKERS:-5} -I lib -I old/lib \
export LSMB_CONFIG_FILE
echo '--------- LEDGERSMB CONFIGURATION: ledgersmb.conf'
cat ${LSMB_CONFIG_FILE}
echo '--------- LEDGERSMB CONFIGURATION --- END'
# ':5762:' suppresses an uninitialized variable warning in starman
# the last colon means "don't connect using tls"; without it, there's a warning
exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} \
-I lib -I old/lib \
--preload-app bin/ledgersmb-server.psgi --preload-app bin/ledgersmb-server.psgi

18
update_ssmtp.sh Normal file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
ConfiguredComment='# install script update_ssmtp.sh has configured ssmtp'
grep -qc "$ConfiguredComment" /etc/ssmtp/ssmtp.conf && {
echo "smtp configured."
exit
}
sed -i \
-e "s/\(root=\).*\$/\1$SSMTP_ROOT/g" \
-e "s/\(mailhub=\).*\$/\1$SSMTP_MAILHUB/g" \
-e "s/\(hostname=\).*\$/\1$SSMTP_HOSTNAME/g" \
/etc/ssmtp/ssmtp.conf
[ -z "$SSMTP_USE_STARTTLS" ] || echo "UseSTARTTLS=$SSMTP_USE_STARTTLS" >> /etc/ssmtp/ssmtp.conf
[ -z "$SSMTP_AUTH_USER" ] || echo "AuthUser=$SSMTP_AUTH_USER" >> /etc/ssmtp/ssmtp.conf
[ -z "$SSMTP_AUTH_PASS" ] || echo "AuthPass=$SSMTP_AUTH_PASS" >> /etc/ssmtp/ssmtp.conf
[ -z "$SSMTP_AUTH_METHOD" ] || echo "AuthMethod=$SSMTP_AUTH_METHOD" >> /etc/ssmtp/ssmtp.conf
[ -z "$SSMTP_FROMLINE_OVERRIDE" ] || echo "FromLineOverride=$SSMTP_FROMLINE_OVERRIDE" >> /etc/ssmtp/ssmtp.conf
echo "$ConfiguredComment" >> /etc/ssmtp/ssmtp.conf