mirror of
				https://github.com/ledgersmb/ledgersmb-docker.git
				synced 2025-10-20 11:10:30 -04:00 
			
		
		
		
	Compare commits
	
		
			3 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | 760c5c0138 | ||
|  | 8930ac395d | ||
|  | 1bbf65543b | 
							
								
								
									
										18
									
								
								.github/workflows/images-cleanup.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										18
									
								
								.github/workflows/images-cleanup.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,18 +0,0 @@ | |||||||
| name: Docker Image cleanup |  | ||||||
|  |  | ||||||
| on: |  | ||||||
|   push: |  | ||||||
|   workflow_dispatch: |  | ||||||
|   schedule: |  | ||||||
|     # Schedule for five minutes after the hour, every Friday |  | ||||||
|     - cron: '10 3 * * 5' |  | ||||||
|  |  | ||||||
| jobs: |  | ||||||
|   cleanup: |  | ||||||
|     if: github.repository_owner == 'ledgersmb' |  | ||||||
|     runs-on: ubuntu-latest |  | ||||||
|     steps: |  | ||||||
|     - name: ghcr.io cleanup action |  | ||||||
|       uses: dataaxiom/ghcr-cleanup-action@v1 |  | ||||||
|       with: |  | ||||||
|         packages: ledgersmb |  | ||||||
							
								
								
									
										26
									
								
								.github/workflows/no-response.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										26
									
								
								.github/workflows/no-response.yml
									
									
									
									
										vendored
									
									
								
							| @@ -1,26 +0,0 @@ | |||||||
| name: No Response |  | ||||||
|  |  | ||||||
| # Both `issue_comment` and `scheduled` event types are required for this Action |  | ||||||
| # to work properly. |  | ||||||
| on: |  | ||||||
|   issue_comment: |  | ||||||
|     types: [created] |  | ||||||
|   schedule: |  | ||||||
|     # Schedule for five minutes after the hour, every hour |  | ||||||
|     - cron: '5 3 * * *' |  | ||||||
|  |  | ||||||
| jobs: |  | ||||||
|   noResponse: |  | ||||||
|     if: github.repository_owner == 'ledgersmb' |  | ||||||
|     runs-on: ubuntu-latest |  | ||||||
|     steps: |  | ||||||
|       - uses: actions/stale@v9 |  | ||||||
|         with: |  | ||||||
|           days-before-issue-stale: -1 |  | ||||||
|           days-before-pr-stale: -1 |  | ||||||
|           stale-issue-label: waiting-for-user |  | ||||||
|           # Number of days of inactivity before an Issue is closed for lack of response |  | ||||||
|           days-before-close: 90 |  | ||||||
|           # Label requiring a response |  | ||||||
|           close-issue-message: > |  | ||||||
|             Closing: more than 90 days without user response. Feel free to reopen with your comments. |  | ||||||
							
								
								
									
										118
									
								
								Dockerfile
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										118
									
								
								Dockerfile
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,118 @@ | |||||||
|  | FROM        debian:stretch-slim | ||||||
|  | MAINTAINER  Freelock john@freelock.com | ||||||
|  |  | ||||||
|  | # Build time variables | ||||||
|  | ARG LSMB_VERSION="1.7.11" | ||||||
|  | ARG LSMB_DL_DIR="Releases" | ||||||
|  |  | ||||||
|  | # Install Perl, Tex, Starman, psql client, and all dependencies | ||||||
|  | # Without libclass-c3-xs-perl, performance is terribly slow... | ||||||
|  | # Without libclass-accessor-lite-perl, HTML::Entities won't build from CPAN | ||||||
|  | # libnet-cidr-lite-perl is a dependency for Plack::Builder::Conditionals | ||||||
|  | #   which is being installed from CPAN | ||||||
|  | # libtest-requires-perl is a dependency of Module-Build-Pluggable-PPPort | ||||||
|  | #   on which HTML::Escape depends | ||||||
|  |  | ||||||
|  | # Installing psql client directly from instructions at https://wiki.postgresql.org/wiki/Apt | ||||||
|  | # That mitigates issues where the PG instance is running a newer version than this container | ||||||
|  |  | ||||||
|  | # for Buster, add: | ||||||
|  | #    libhtml-escape-perl \ | ||||||
|  | #    libplack-middleware-builder-conditionals-perl \ | ||||||
|  | #    libplack-request-withencoding-perl \ | ||||||
|  | #libversion-compare-perl | ||||||
|  | RUN echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \ | ||||||
|  |   mkdir -p /usr/share/man/man1/ && \ | ||||||
|  |   mkdir -p /usr/share/man/man2/ && \ | ||||||
|  |   mkdir -p /usr/share/man/man3/ && \ | ||||||
|  |   mkdir -p /usr/share/man/man4/ && \ | ||||||
|  |   mkdir -p /usr/share/man/man5/ && \ | ||||||
|  |   mkdir -p /usr/share/man/man6/ && \ | ||||||
|  |   mkdir -p /usr/share/man/man7/ && \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get update -q && \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get dist-upgrade -y -q && \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get -y -q install \ | ||||||
|  |     wget ca-certificates gnupg \ | ||||||
|  |     libcgi-emulate-psgi-perl libconfig-inifiles-perl \ | ||||||
|  |     libdbd-pg-perl libdbi-perl libdata-uuid-perl libdatetime-perl \ | ||||||
|  |     libdatetime-format-strptime-perl \ | ||||||
|  |     libio-stringy-perl \ | ||||||
|  |     libcpanel-json-xs-perl liblist-moreutils-perl \ | ||||||
|  |     liblocale-maketext-perl liblocale-maketext-lexicon-perl \ | ||||||
|  |     liblog-log4perl-perl libmime-lite-perl libmime-types-perl \ | ||||||
|  |     libmath-bigint-gmp-perl libmodule-runtime-perl libmoose-perl \ | ||||||
|  |     libmoosex-nonmoose-perl libnumber-format-perl \ | ||||||
|  |     libpgobject-perl libpgobject-simple-perl libpgobject-simple-role-perl \ | ||||||
|  |     libpgobject-type-bigfloat-perl libpgobject-type-datetime-perl \ | ||||||
|  |     libpgobject-type-bytestring-perl libpgobject-util-dbmethod-perl \ | ||||||
|  |     libpgobject-util-dbadmin-perl libplack-perl \ | ||||||
|  |     libplack-middleware-reverseproxy-perl \ | ||||||
|  |     libtemplate-perl libtext-csv-perl libtext-csv-xs-perl \ | ||||||
|  |     libtext-markdown-perl  libxml-simple-perl \ | ||||||
|  |     libnamespace-autoclean-perl \ | ||||||
|  |     libfile-find-rule-perl \ | ||||||
|  |     libtemplate-plugin-latex-perl libtex-encode-perl \ | ||||||
|  |     libclass-c3-xs-perl libclass-accessor-lite-perl \ | ||||||
|  |     libnet-cidr-lite-perl \ | ||||||
|  |     texlive-latex-recommended \ | ||||||
|  |     texlive-xetex fonts-liberation \ | ||||||
|  |     starman \ | ||||||
|  |     libopenoffice-oodoc-perl \ | ||||||
|  |     ssmtp \ | ||||||
|  |     lsb-release && \ | ||||||
|  |   echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \ | ||||||
|  |   (wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -) && \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install postgresql-client && \ | ||||||
|  |   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \ | ||||||
|  |   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" && \ | ||||||
|  |   tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ | ||||||
|  |   rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ | ||||||
|  |   cpanm --notest \ | ||||||
|  |     --with-feature=starman \ | ||||||
|  |     --with-feature=latex-pdf-ps \ | ||||||
|  |     --with-feature=openoffice \ | ||||||
|  |     --installdeps /srv/ledgersmb/ && \ | ||||||
|  |   apt-get purge -q -y git cpanminus make gcc libperl-dev && \ | ||||||
|  |   apt-get autoremove -q -y && \ | ||||||
|  |   apt-get autoclean -q && \ | ||||||
|  |   rm -rf ~/.cpanm/ && \ | ||||||
|  |   rm -rf /var/lib/apt/lists/* /usr/share/man/* | ||||||
|  |  | ||||||
|  |  | ||||||
|  | WORKDIR /srv/ledgersmb | ||||||
|  |  | ||||||
|  | # master requirements | ||||||
|  |  | ||||||
|  | # Configure outgoing mail to use host, other run time variable defaults | ||||||
|  |  | ||||||
|  | ## sSMTP | ||||||
|  | ENV SSMTP_ROOT ar@example.com | ||||||
|  | ENV SSMTP_MAILHUB 172.17.0.1 | ||||||
|  | ENV SSMTP_HOSTNAME 172.17.0.1 | ||||||
|  | #ENV SSMTP_USE_STARTTLS | ||||||
|  | #ENV SSMTP_AUTH_USER | ||||||
|  | #ENV SSMTP_AUTH_PASS | ||||||
|  | ENV SSMTP_FROMLINE_OVERRIDE YES | ||||||
|  | #ENV SSMTP_AUTH_METHOD | ||||||
|  |  | ||||||
|  | ENV POSTGRES_HOST postgres | ||||||
|  | ENV POSTGRES_PORT 5432 | ||||||
|  | ENV DEFAULT_DB lsmb | ||||||
|  |  | ||||||
|  | COPY start.sh /usr/local/bin/start.sh | ||||||
|  | COPY update_ssmtp.sh /usr/local/bin/update_ssmtp.sh | ||||||
|  |  | ||||||
|  | RUN chown www-data /etc/ssmtp /etc/ssmtp/ssmtp.conf && \ | ||||||
|  |   chmod +x /usr/local/bin/update_ssmtp.sh /usr/local/bin/start.sh && \ | ||||||
|  |   mkdir -p /var/www | ||||||
|  |  | ||||||
|  | # Work around an aufs bug related to directory permissions: | ||||||
|  | RUN mkdir -p /tmp && \ | ||||||
|  |   chmod 1777 /tmp | ||||||
|  |  | ||||||
|  | # Internal Port Expose | ||||||
|  | EXPOSE 5762 | ||||||
|  |  | ||||||
|  | USER www-data | ||||||
|  | CMD ["start.sh"] | ||||||
							
								
								
									
										188
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										188
									
								
								README.md
									
									
									
									
									
								
							| @@ -1,37 +1,14 @@ | |||||||
| # ledgersmb-docker | # ledgersmb-docker | ||||||
|  |  | ||||||
| Dockerfile for LedgerSMB Docker image | Dockerfile for LedgerSMB Docker image | ||||||
|  |  | ||||||
| ## Content |  | ||||||
|  |  | ||||||
|  1. [Supported tags](#supported-tags) |  | ||||||
|  2. [What is LedgerSMB](#what-is-ledgersmb) |  | ||||||
|  3. [How to use this image](#how-to-use-this-image) |  | ||||||
|  4. [Set up LedgerSMB](#set-up-ledgersmb) |  | ||||||
|  5. [Updating the LedgerSMB container](#updating-the-ledgersmb-container) |  | ||||||
|  6. [Environment Variables](#environment-variables) |  | ||||||
|  7. [Advanced setup](#advanced-setup) |  | ||||||
|  8. [Troubleshooting](#troubleshootingdeveloping) |  | ||||||
|  9. [User feedback](#user-feedback) |  | ||||||
|  |  | ||||||
| # Supported tags | # Supported tags | ||||||
|  |  | ||||||
| - `1.13`, `1.13.x`, `latest` - Latest official release from the 1.13 branch | - `1.7`, `1.7.x`, `latest` - Latest official release from 1.7 branch | ||||||
| - `1.12`, `1.12.x` - Latest official release from the 1.12 branch | - `1.6`, `1.6.x` - Latest official release from 1.6 branch | ||||||
| - `1.11`, `1.11.x` - Latest official release from the 1.11 branch | - `1.5`, `1.5.30` - Last official release from 1.5 branch | ||||||
| - `1.10`, `1.10.38` - Last official release from the 1.10 branch (End-of-Life) | - `1.4`, `1.4.42` - Last official release from 1.4 branch | ||||||
| - `1.9`, `1.9.30` - Last official release from the 1.9 branch (End-of-Life) |  | ||||||
| - `1.8`, `1.8.31` - Last official release from the 1.8 branch (End-of-Life) |  | ||||||
| - `1.7`, `1.7.41` - Last official release from the 1.7 branch (End-of-Life) |  | ||||||
| - `1.6`, `1.6.33` - Last official release from the 1.6 branch (End-of-Life) |  | ||||||
| - `1.5`, `1.5.30` - Last official release from the 1.5 branch (End-of-Life) |  | ||||||
| - `1.4`, `1.4.42` - Last official release from the 1.4 branch (End-of-Life) |  | ||||||
| - `master` - Master branch from git, unstable | - `master` - Master branch from git, unstable | ||||||
|  |  | ||||||
| Containers supporting the development process are provided |  | ||||||
| through the ledgersmb-dev-docker project. See [the development |  | ||||||
| container's README](https://github.com/ledgersmb/ledgersmb-dev-docker/blob/master/README.md#getting-started) |  | ||||||
| for more information. |  | ||||||
|  |  | ||||||
| # What is LedgerSMB? | # What is LedgerSMB? | ||||||
|  |  | ||||||
| @@ -48,70 +25,44 @@ This image is designed to be used in conjunction with a running PostgreSQL | |||||||
| instance (such as may be provided through a separate image). | instance (such as may be provided through a separate image). | ||||||
|  |  | ||||||
| This image exposes port 5762 running a Starman HTTP application server. We | This image exposes port 5762 running a Starman HTTP application server. We | ||||||
| do recommend not exposing this port publicly, because | do not recommend exposing this port publicly, because | ||||||
|  |  | ||||||
| 1. The Starman author recommends not exposing it | 1. The Starman author recommends it | ||||||
| 2. We strongly recommend TLS encryption of all application traffic | 2. We strongly recommend TLS encryption of all application traffic | ||||||
|  |  | ||||||
| While the exposed port can be used for quick evaluation, it's recommended | While the exposed port can be used for quick evaluation, it's recommended | ||||||
| to add TLS for production situations. | to add the TLS layer by applying Nginx or Apache as reverse proxy. | ||||||
|  |  | ||||||
| Enabling optional functionalities such as outgoing e-mail and printing | Enabling optional functionalities such as outgoing e-mail and printing | ||||||
| could require additional setup of a mail service or CUPS printer service. | could require additional setup of a mail service or CUPS printer service. | ||||||
|  |  | ||||||
| ❌ Do not use unofficial or AI-generated Docker Compose examples. These are often incomplete, break silently, or skip required services. | # Quickstart | ||||||
|  |  | ||||||
| # How to use this image | The quickest way to get this image up and running is by using the | ||||||
|  | `docker-compose` file available through the GitHub repository at: | ||||||
|  |  | ||||||
| This image can be installed either automatically with the Docker compose file |   https://github.com/ledgersmb/ledgersmb-docker/blob/1.7/docker-compose.yml | ||||||
| or manually with docker only. |  | ||||||
|  |  | ||||||
| ## Docker-Compose: Installation and start | which sets up both this image and a supporting database image for | ||||||
|  | production purposes (i.e. with persistent (database) data. The database | ||||||
| This repository provides a file named `docker-compose.yml` which can be used to | username and password are: | ||||||
| pull related images, install them, establish an internal network for their |  | ||||||
| communications, adjust environment variables, start and stop LedgerSMB. The |  | ||||||
| only instructions required, after the optional edition of the file to adjust |  | ||||||
| the environment variables, are: |  | ||||||
|  |  | ||||||
| ```plain |  | ||||||
|  $ docker-compose pull |  | ||||||
|  $ docker-compose up -d |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| Or use the following to set a different password and/or parallel processing |  | ||||||
| capacity (so called 'workers'): |  | ||||||
|  |  | ||||||
| ```plain |  | ||||||
|  $ docker-compose pull |  | ||||||
|  $ POSTGRES_PASSWORD=def \ |  | ||||||
|    LSMB_WORKERS=10 \ |  | ||||||
|    docker-compose up -d |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| This will set up two containers: (1) a PostgreSQL container with persistent |  | ||||||
| storage which is retained between container updates and (2) a LedgerSMB |  | ||||||
| container configured to connect to the PostgreSQL container as its database |  | ||||||
| server. Your LedgerSMB installation should now be accessible through |  | ||||||
| [http://localhost:5762/](http://localhost:5762/). |  | ||||||
|  |  | ||||||
| The default number of workers is 5. The default database username and password |  | ||||||
| are: |  | ||||||
|  |  | ||||||
| ```plain | ```plain | ||||||
|    username: postgres |    username: postgres | ||||||
|    password: abc |    password: abc | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| From here, follow the steps as detailed in the instructions for | The docker-compose file does *not* set up an Nginx or Apache reverse proxy | ||||||
| [preparing for first use](https://ledgersmb.org/content/preparing-ledgersmb-19-first-use). | with TLS 1.2/1.3 support -- a requirement if you want to access your | ||||||
|  | installation over any type of network (and especially the internet). | ||||||
|  |  | ||||||
|  |  | ||||||
| ## Manual installation | ## Manual installation | ||||||
|  |  | ||||||
| This section assumes availability of a PostgreSQL server to attach to the | This section assumes availability of a PostgreSQL server to attach to the | ||||||
| LedgerSMB image as the database server. | LedgerSMB image as the database server. | ||||||
|  |  | ||||||
| ### Start LedgerSMB | ## Start LedgerSMB | ||||||
|  |  | ||||||
| ```plain | ```plain | ||||||
|  $ docker run -d -p 5762:5762 --name myledger \ |  $ docker run -d -p 5762:5762 --name myledger \ | ||||||
| @@ -125,7 +76,7 @@ http://localhost:5762/setup.pl and http://localhost:5762/login.pl. | |||||||
| Below are more variables which determine container configuration, | Below are more variables which determine container configuration, | ||||||
| like `POSTGRES_HOST` above. | like `POSTGRES_HOST` above. | ||||||
|  |  | ||||||
| # Set up LedgerSMB | ## Set up LedgerSMB | ||||||
|  |  | ||||||
|  * Visit http://myledger:5762/setup.pl. |  * Visit http://myledger:5762/setup.pl. | ||||||
|  * Log in with the "postgres" user and the password `abc` as given above - |  * Log in with the "postgres" user and the password `abc` as given above - | ||||||
| @@ -143,13 +94,9 @@ Visit http://localhost:5762/login.pl to log in and get started. | |||||||
|  |  | ||||||
| No persistant data is stored in the LedgerSMB container. | No persistant data is stored in the LedgerSMB container. | ||||||
|  |  | ||||||
| All LedgerSMB data is stored in PostgreSQL, so you can stop/destroy/run a | All LedgerSMB data is stored in Postgres, so you can stop/destroy/run a | ||||||
| new LedgerSMB container as often as you want. | new LedgerSMB container as often as you want. | ||||||
|  |  | ||||||
| In case of the Docker Compose setup, all PostgreSQL data is stored on the |  | ||||||
| Docker volume with the name ending in `_pgdata`. This volume is not destroyed |  | ||||||
| when updating the containers; only explicit removal destroys the data. |  | ||||||
|  |  | ||||||
| # Environment Variables | # Environment Variables | ||||||
|  |  | ||||||
| The LedgerSMB image uses several environment variables. They are all optional. | The LedgerSMB image uses several environment variables. They are all optional. | ||||||
| @@ -185,80 +132,30 @@ affect the performance experience of users. | |||||||
|  |  | ||||||
| ## Mail configuration | ## Mail configuration | ||||||
|  |  | ||||||
| As of 1.8.0, the image is based on Debian Buster instead of Debian Stretch; | The docker image uses `ssmtp` to send mail. | ||||||
| with Buster, the `ssmtp` program has been removed from Debian, this image |  | ||||||
| had to change strategy. The main application always came with built-in e-mail |  | ||||||
| yet with the deprecation, the abilities have expanded. |  | ||||||
|  |  | ||||||
| The following parameters are now supported to set mail preferences: | * `SSMTP_ROOT` (config: `Root`) | ||||||
|  | * `SSMTP_MAILHUB` (config: `Mailhub`) | ||||||
|  | * `SSMTP_HOSTNAME` (config: `Hostname`) | ||||||
|  | * `SSMTP_USE_STARTTLS` (config: `UseSTARTTLS`) | ||||||
|  | * `SSMTP_AUTH_USER` (config: `AuthUser`) | ||||||
|  | * `SSMTP_AUTH_PASS` (config: `AuthPass`) | ||||||
|  | * `SSMTP_AUTH_METHOD` (config: `AuthMethod`) | ||||||
|  | * `SSMTP_FROMLINE_OVERRIDE` (config: `FromLineOverride`) | ||||||
|  |  | ||||||
| * `LSMB_MAIL_SMTPHOST` \ | These variables are used to set outgoing SMTP defaults. | ||||||
|   The host name/IP-address of the SMTP server that will forward mail from |  | ||||||
|   LedgerSMB to the outside world. |  | ||||||
| * `LSMB_MAIL_SMTPPORT` \ |  | ||||||
|   The port that the SMTP server in `LSMB_MAIL_SMTPHOST` listens to. |  | ||||||
| * `LSMB_MAIL_SMTPTLS` \ |  | ||||||
|   Can be one of `no` (default), `yes` or `raw`. `yes` indicates to use |  | ||||||
|   STARTTLS over a regular SMTP connection; `raw`' indicates an SMTP connection |  | ||||||
|   should be established over a TLS connection (a.k.a. smtps). |  | ||||||
| * `LSMB_MAIL_SMTPSENDER_HOSTNAME` (optional) \ |  | ||||||
|   When set, used to identify the host when connecting to an SMTP server. When |  | ||||||
|   not set, the host is queried for its host name. |  | ||||||
| * `LSMB_MAIL_SMTPUSER` \ |  | ||||||
|   Username to authenticate to the SMTP host in `LSMB_MAIL_SMTPHOST`. |  | ||||||
| * `LSMB_MAIL_SMTPPASS` \ |  | ||||||
|   Password to authenticate to the SMTP host in `LSMB_MAIL_SMTPHOST` with the |  | ||||||
|   user in `LSMB_MAIL_SMTPUSER`. |  | ||||||
| * `LSMB_MAIL_SMTPAUTHMECH` \ |  | ||||||
|   A space separated list of SASL mechanisms to be used for authentication of |  | ||||||
|   the smtp connection with the SMTP server. Available mechanisms depend on |  | ||||||
|   your installed environment, but the following mechanisms should be available |  | ||||||
|   in all of them: `PLAIN` `LOGIN` `CRAM_MD5` & `DIGEST_MD5`. **Note that** |  | ||||||
|   `PLAIN` or `LOGIN` send passwords in plain text over the wire to the SMTP |  | ||||||
|   server; only use these methods in combination with TLS encryption. |  | ||||||
|  |  | ||||||
| # Advanced setup | To set the outgoing email address, set `SSMTP_ROOT` and `SSMTP_HOSTNAME` at | ||||||
|  | a minimum. | ||||||
|  |  | ||||||
| ## Changing configuration | `SSMTP_MAILHUB` defaults to the default docker0 interface, so if your host is | ||||||
|  | already configured to relay mail, this should relay successfully with only | ||||||
|  | the root and hostname set. | ||||||
|  |  | ||||||
| The configuration file is stored in /srv/ledgersmb/local/conf/. By mounting | Use the other environment variables to relay mail through a different host. | ||||||
| that directory using a bind-mount to a location outside the container, | Use the [ssmtp.conf man | ||||||
| configuration can be changed between container starts: | page](https://www.systutorials.com/docs/linux/man/5-ssmtp.conf/) to look up | ||||||
|  | the meaning and function of each of the mail configuration keys. | ||||||
| ```plain |  | ||||||
|  $ docker run -d -p 5762:5762 --name myledger \ |  | ||||||
|      --mount 'type=bind,src=/home/ledgersmb/conf,dst=/srv/ledgersmb/local/conf \ |  | ||||||
|      -e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| ## Overriding or adding configuration |  | ||||||
|  |  | ||||||
| By pre-creating a configuration file in the mounted configuration directory, |  | ||||||
| the standard configuration generation process in the container can be overruled: |  | ||||||
|  |  | ||||||
| ```plain |  | ||||||
|  $ cat <<EOF > /home/ledgersmb/conf/ledgersmb.yaml |  | ||||||
|    ... YOUR CONFIG HERE ... |  | ||||||
|  EOF |  | ||||||
|  $ docker run -d -p 5762:5762 --name myledger \ |  | ||||||
|      --mount 'type=bind,src=/home/ledgersmb/conf,dst=/srv/ledgersmb/local/conf \ |  | ||||||
|      -e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| If you do not want to completely overrule the configuration generated, but instead |  | ||||||
| supplement the configuration, you can put incremental configuration snippets in |  | ||||||
| files named `ledgersmb.1XX.yaml` in the same folder. E.g.: |  | ||||||
|  |  | ||||||
| ```plain |  | ||||||
|  $ cat <<EOF > /home/ledgersmb/conf/ledgersmb.100.yaml |  | ||||||
|  logging: |  | ||||||
|    file: ledgersmb.logging |  | ||||||
|  EOF |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| [Documentation with respect to the available configuration |  | ||||||
| keys](https://github.com/ledgersmb/LedgerSMB/blob/master/doc/conf/ledgersmb.yaml) |  | ||||||
| is available in the LedgerSMB repository. |  | ||||||
|  |  | ||||||
| # Troubleshooting/Developing | # Troubleshooting/Developing | ||||||
|  |  | ||||||
| @@ -275,8 +172,9 @@ please contact us on the [mailing list](http://ledgersmb.org/topic/support/maili | |||||||
| or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). | or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). | ||||||
|  |  | ||||||
| You can also reach some of the official LedgerSMB maintainers via the | You can also reach some of the official LedgerSMB maintainers via the | ||||||
| [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). | `#ledgersmb` IRC channel on [Freenode](https://freenode.net), or on the | ||||||
| The [Element](https://app.element.io/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. | bridged [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). | ||||||
|  | The [Riot.im](https://riot.im/app/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. | ||||||
|  |  | ||||||
|  |  | ||||||
| ## Contributing | ## Contributing | ||||||
|   | |||||||
| @@ -1,83 +0,0 @@ | |||||||
| # Build time variables |  | ||||||
|  |  | ||||||
| ARG SRCIMAGE=debian:trixie-slim |  | ||||||
|  |  | ||||||
| FROM  $SRCIMAGE |  | ||||||
| LABEL org.opencontainers.image.authors="LedgerSMB project <devel@lists.ledgersmb.org>" |  | ||||||
| LABEL org.opencontainers.image.title="LedgerSMB double-entry accounting web-application" |  | ||||||
| LABEL org.opencontainers.image.description="LedgerSMB is a full featured double-entry financial accounting and Enterprise\ |  | ||||||
|  Resource Planning system accessed via a web browser (Perl/JS with a PostgreSQL\ |  | ||||||
|  backend) which offers 'Accounts Receivable', 'Accounts Payable' and 'General\ |  | ||||||
|  Ledger' tracking as well as inventory control and fixed assets handling. The\ |  | ||||||
|  LedgerSMB client can be a web browser or a programmed API call. The goal of\ |  | ||||||
|  the LedgerSMB project is to bring high quality ERP and accounting capabilities\ |  | ||||||
|  to Small and Midsize Businesses." |  | ||||||
|  |  | ||||||
| ARG LSMB_VERSION="1.13.0" |  | ||||||
| ARG ARTIFACT_PATH="https://download.ledgersmb.org/f/Releases/$LSMB_VERSION/" |  | ||||||
|  |  | ||||||
|  |  | ||||||
| # ARTIFACT_PATH is used to work around pre-1.13 Dockerfiles requiring |  | ||||||
| # the ARTIFACT_LOCATION to point to the artifact, not to its path |  | ||||||
| RUN set -x ; \ |  | ||||||
|   echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \ |  | ||||||
|   mkdir -p /usr/share/man/man1/ && \ |  | ||||||
|   mkdir -p /usr/share/man/man2/ && \ |  | ||||||
|   mkdir -p /usr/share/man/man3/ && \ |  | ||||||
|   mkdir -p /usr/share/man/man4/ && \ |  | ||||||
|   mkdir -p /usr/share/man/man5/ && \ |  | ||||||
|   mkdir -p /usr/share/man/man6/ && \ |  | ||||||
|   mkdir -p /usr/share/man/man7/ && \ |  | ||||||
|   mkdir -p /usr/share/man/man8/ && \ |  | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ |  | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y dist-upgrade && \ |  | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install \ |  | ||||||
|     wget curl ca-certificates libio-socket-ssl-perl postgresql-common && \ |  | ||||||
|   /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y && \ |  | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ |  | ||||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install postgresql-client && \ |  | ||||||
|   cd /srv && \ |  | ||||||
|   curl -s -o ledgersmb-installer -L https://get.ledgersmb.org/ledgersmb-installer && \ |  | ||||||
|   ARTIFACT_LOCATION="$ARTIFACT_PATH" perl ledgersmb-installer install --yes --log-level=trace $LSMB_VERSION && \ |  | ||||||
|   mv /srv/ledgersmb/server-start /usr/local/bin/run.sh && \ |  | ||||||
|   rm -rf ~/.cpanm/ /var/lib/apt/lists/* /usr/share/man/* |  | ||||||
|  |  | ||||||
| WORKDIR /srv/ledgersmb |  | ||||||
|  |  | ||||||
|  |  | ||||||
| # master requirements |  | ||||||
|  |  | ||||||
| # Configure outgoing mail to use host, other run time variable defaults |  | ||||||
|  |  | ||||||
| ## MAIL |  | ||||||
| # '__CONTAINER_GATEWAY__' is a magic value which will be substituted |  | ||||||
| # with the actual gateway IP address |  | ||||||
| ENV LSMB_MAIL_SMTPHOST=__CONTAINER_GATEWAY__ |  | ||||||
| #ENV LSMB_MAIL_SMTPPORT=25 |  | ||||||
| #ENV LSMB_MAIL_SMTPSENDER_HOSTNAME=(container hostname) |  | ||||||
| #ENV LSMB_MAIL_SMTPTLS= |  | ||||||
| #ENV LSMB_MAIL_SMTPUSER= |  | ||||||
| #ENV LSMB_MAIL_SMTPPASS= |  | ||||||
| #ENV LSMB_MAIL_SMTPAUTHMECH= |  | ||||||
|  |  | ||||||
| ## DATABASE |  | ||||||
| ENV POSTGRES_HOST=postgres |  | ||||||
| ENV POSTGRES_PORT=5432 |  | ||||||
| ENV DEFAULT_DB=lsmb |  | ||||||
|  |  | ||||||
| COPY start.sh /usr/local/bin/start.sh |  | ||||||
| COPY config.sh /usr/local/bin/config.sh |  | ||||||
|  |  | ||||||
| RUN chmod +x /usr/local/bin/start.sh /usr/local/bin/config.sh /usr/local/bin/run.sh && \ |  | ||||||
|   mkdir -p /var/www && \ |  | ||||||
|   mkdir -p /srv/ledgersmb/local/conf && \ |  | ||||||
|   chown -R www-data /srv/ledgersmb/local |  | ||||||
|  |  | ||||||
| # Work around an aufs bug related to directory permissions: |  | ||||||
| RUN mkdir -p /tmp && chmod 1777 /tmp |  | ||||||
|  |  | ||||||
| # Internal Port Expose |  | ||||||
| EXPOSE 5762 |  | ||||||
|  |  | ||||||
| USER www-data |  | ||||||
| CMD ["start.sh"] |  | ||||||
							
								
								
									
										162
									
								
								base/config.sh
									
									
									
									
									
								
							
							
						
						
									
										162
									
								
								base/config.sh
									
									
									
									
									
								
							| @@ -1,162 +0,0 @@ | |||||||
| #!/bin/bash |  | ||||||
|  |  | ||||||
| set -e |  | ||||||
|  |  | ||||||
| cd /srv/ledgersmb |  | ||||||
| [[ -d ./local/conf/ ]] || mkdir ./local/conf/ |  | ||||||
| if [[ -n "$SSMTP_ROOT" ]]; then |  | ||||||
|     echo "\$SSMTP_ROOT set; parameter is deprecated and will be ignored" |  | ||||||
|     LSMB_HAVE_DEPRECATED=1 |  | ||||||
| fi |  | ||||||
| if [[ -n "$SSMTP_FROMLINE_OVERRIDE" ]]; then |  | ||||||
|     echo "\$SSMTP_FROMLINE_OVERRIDE set; parameter is deprecated and will be ignored" |  | ||||||
|     LSMB_HAVE_DEPRECATED=1 |  | ||||||
| fi |  | ||||||
| if [[ -n "$SSMTP_MAILHUB" ]]; then |  | ||||||
|     echo "\$SSMTP_MAILHUB set; parameter is deprecated" |  | ||||||
|     if [[ -z "$LSMB_MAIL_SMTPHOST" ]]; then |  | ||||||
|         echo "  Deriving \$LSMB_MAIL_SMTPHOST setting from \$SSMTP_MAILHUB" |  | ||||||
|         LSMB_MAIL_SMTPHOST=${SSMTP_MAILHUB%:*} |  | ||||||
|     fi |  | ||||||
|     if [[ -z "$LSMB_MAIL_SMTPPORT" ]]; then |  | ||||||
|         echo "  Deriving \$LSMB_MAIL_SMTPPORT setting from \$SSMTP_MAILHUB" |  | ||||||
|         LSMB_MAIL_SMTPPORT=${SSMTP_MAILHUB#*:} |  | ||||||
|     fi |  | ||||||
|     LSMB_HAVE_DEPRECATED=1 |  | ||||||
| fi |  | ||||||
| if [[ -n "$SSMTP_HOSTNAME" ]]; then |  | ||||||
|     echo "\$SSMTP_HOSTNAME set; parameter is deprecated" |  | ||||||
|     if [[ -z "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]; then |  | ||||||
|         echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_HOSTNAME" |  | ||||||
|         LSMB_MAIL_SMTPSENDER_HOSTNAME=$SSMTP_HOSTNAME |  | ||||||
|     fi |  | ||||||
|     LSMB_HAVE_DEPRECATED=1 |  | ||||||
| fi |  | ||||||
| if [[ -n "$SSMTP_USE_STARTTLS" ]]; then |  | ||||||
|     echo "\$SSMTP_USE_STARTTLS set; parameter is deprecated" |  | ||||||
|     if [[ -z "$LSMB_MAIL_SMTPTLS" ]]; then |  | ||||||
|         echo "  Deriving \$LSMB_MAIL_SMTPTLS setting from \$SSMTP_USE_STARTTLS" |  | ||||||
|         LSMB_MAIL_SMTPTLS=$SSMTP_USE_STARTTLS |  | ||||||
|     fi |  | ||||||
|     LSMB_HAVE_DEPRECATED=1 |  | ||||||
| fi |  | ||||||
| if [[ -n "$SSMTP_AUTH_USER" ]]; then |  | ||||||
|     echo "\$SSMTP_AUTH_USER set; parameter is deprecated" |  | ||||||
|     if [[ -z "$LSMB_MAIL_SMTPUSER" ]]; then |  | ||||||
|         echo "  Deriving \$LSMB_MAIL_SMTPUSER setting from \$SSMTP_AUTH_USER" |  | ||||||
|         LSMB_MAIL_SMTPUSER=$SSMTP_AUTH_USER |  | ||||||
|     fi |  | ||||||
|     LSMB_HAVE_DEPRECATED=1 |  | ||||||
| fi |  | ||||||
| if [[ -n "$SSMTP_AUTH_PASS" ]]; then |  | ||||||
|     echo "\$SSMTP_AUTH_PASS set; parameter is deprecated" |  | ||||||
|     if [[ -z "$LSMB_MAIL_SMTPPASS" ]]; then |  | ||||||
|         echo "  Deriving \$LSMB_MAIL_SMTPPASS setting from \$SSMTP_AUTH_PASS" |  | ||||||
|         LSMB_MAIL_SMTPPASS=$SSMTP_AUTH_PASS |  | ||||||
|     fi |  | ||||||
|     LSMB_HAVE_DEPRECATED=1 |  | ||||||
| fi |  | ||||||
| if [[ -n "$SSMTP_AUTH_METHOD" ]]; then |  | ||||||
|     echo "\$SSMTP_AUTH_METHOD set; parameter is deprecated" |  | ||||||
|     if [[ -z "$LSMB_MAIL_SMTPAUTHMECH" ]]; then |  | ||||||
|         echo "  Deriving \$LSMB_MAIL_SMTPAUTHMECH setting from \$SSMTP_AUTH_METHOD" |  | ||||||
|         LSMB_MAIL_SMTPAUTHMECH=$SSMTP_AUTH_METHOD |  | ||||||
|     fi |  | ||||||
|     LSMB_HAVE_DEPRECATED=1 |  | ||||||
| fi |  | ||||||
|  |  | ||||||
| if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then |  | ||||||
|     echo "!!! DEPRECATED \$SSMTP_* PARAMETERS WILL BE REMOVED in the 1.9 image!!!" |  | ||||||
| fi |  | ||||||
|  |  | ||||||
| if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then |  | ||||||
|   if [[ "x$LSMB_MAIL_SMTPTLS" == "xyes" ]]; then |  | ||||||
|      tls_mode=starttls |  | ||||||
|   elif [[ "x$LSMB_MAIL_SMTPTLS" == "xraw" ]]; then |  | ||||||
|      tls_mode=ssl |  | ||||||
|   else |  | ||||||
|      tls_mode=none |  | ||||||
|   fi |  | ||||||
|   cat <<EOF >./local/conf/ledgersmb.yaml |  | ||||||
| paths: |  | ||||||
|   \$class: Beam::Wire |  | ||||||
|   config: |  | ||||||
|     UI: ./UI/ |  | ||||||
|     UI_cache: lsmb_templates/ |  | ||||||
|  |  | ||||||
| db: |  | ||||||
|   \$class: LedgerSMB::Database::Factory |  | ||||||
|   connect_data: |  | ||||||
|     host: ${POSTGRES_HOST:-postgres} |  | ||||||
|     port: ${POSTGRES_PORT:-5432} |  | ||||||
|  |  | ||||||
| mail: |  | ||||||
|   transport: |  | ||||||
|     \$class: Email::Sender::Transport::SMTP |  | ||||||
|     ssl: $tls_mode |  | ||||||
|  |  | ||||||
| miscellaneous: |  | ||||||
|   \$class: Beam::Wire |  | ||||||
|   config: |  | ||||||
|     proxy_ip: ${PROXY_IP:-172.17.0.1/12} |  | ||||||
|  |  | ||||||
| ui: |  | ||||||
|   class: LedgerSMB::Template::UI |  | ||||||
|   method: new_UI |  | ||||||
|   lifecycle: eager |  | ||||||
|   args: |  | ||||||
|     cache: |  | ||||||
|       \$ref: paths/UI_cache |  | ||||||
|     root: |  | ||||||
|       \$ref: paths/UI |  | ||||||
| EOF |  | ||||||
|  |  | ||||||
|   if [[ -n "$LSMB_MAIL_SMTPHOST" ]] |  | ||||||
|   then |  | ||||||
|       if [[ "$LSMB_MAIL_SMTPHOST" == "__CONTAINER_GATEWAY__" ]] |  | ||||||
|       then |  | ||||||
|          LSMB_MAIL_SMTPHOST="$(ip route | awk '/default/ { print $3 }')" |  | ||||||
|          export LSMB_MAIL_SMTPHOST |  | ||||||
|       fi |  | ||||||
|  |  | ||||||
|       cat <<EOF >./local/conf/ledgersmb.000.yaml |  | ||||||
| mail: |  | ||||||
|   transport: |  | ||||||
|     host: $LSMB_MAIL_SMTPHOST |  | ||||||
| EOF |  | ||||||
|   fi |  | ||||||
|  |  | ||||||
|   if [[ -n "$LSMB_MAIL_SMTPPORT" ]] |  | ||||||
|   then |  | ||||||
|       cat <<EOF >./local/conf/ledgersmb.001.yaml |  | ||||||
| mail: |  | ||||||
|   transport: |  | ||||||
|     port: $LSMB_MAIL_SMTPPORT |  | ||||||
| EOF |  | ||||||
|   fi |  | ||||||
|  |  | ||||||
|   if [[ -n "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]] |  | ||||||
|   then |  | ||||||
|       cat <<EOF >./local/conf/ledgersmb.002.yaml |  | ||||||
| mail: |  | ||||||
|   transport: |  | ||||||
|     helo: $LSMB_MAIL_SMTPSENDER_HOSTNAME |  | ||||||
| EOF |  | ||||||
|   fi |  | ||||||
|  |  | ||||||
|   if [[ -n "$LSMB_MAIL_SMTPUSER" ]] |  | ||||||
|   then |  | ||||||
|       cat <<EOF >./local/conf/ledgersmb.003.yaml |  | ||||||
| mail: |  | ||||||
|   transport: |  | ||||||
|     sasl_authenticator: |  | ||||||
|       \$class: Authen::SASL |  | ||||||
|       mechanism: $LSMB_MAIL_SMTPAUTHMECH |  | ||||||
|       callback: |  | ||||||
|         user: $LSMB_MAIL_SMTPUSER |  | ||||||
|         pass: $LSMB_MAIL_SMTPPASS |  | ||||||
| EOF |  | ||||||
|   fi |  | ||||||
| fi |  | ||||||
|  |  | ||||||
| exit 0 |  | ||||||
| @@ -1,81 +0,0 @@ | |||||||
| # This is a full (minimal) nginx configuration file |  | ||||||
|  |  | ||||||
| error_log /dev/stderr info; |  | ||||||
| pid /tmp/nginx.pid; |  | ||||||
| worker_processes 1; |  | ||||||
|  |  | ||||||
| events { |  | ||||||
|    worker_connections 1024; |  | ||||||
| } |  | ||||||
|  |  | ||||||
| http { |  | ||||||
|    client_body_temp_path /tmp/client_body; |  | ||||||
|    proxy_temp_path /tmp/proxy_temp; |  | ||||||
|    fastcgi_temp_path /tmp/fastcgi_temp; |  | ||||||
|    scgi_temp_path /tmp/scgi_temp; |  | ||||||
|    uwsgi_temp_path /tmp/uwsgi_temp; |  | ||||||
|  |  | ||||||
|    sendfile on; |  | ||||||
|    tcp_nopush on; |  | ||||||
|    tcp_nodelay on; |  | ||||||
|    keepalive_timeout 65; |  | ||||||
|    types_hash_max_size 2048; |  | ||||||
|    include /etc/nginx/mime.types; |  | ||||||
|    default_type application/octet-stream; |  | ||||||
|  |  | ||||||
|    access_log /dev/stdout; |  | ||||||
|    error_log /dev/stderr info; |  | ||||||
|  |  | ||||||
|    gzip off; |  | ||||||
|    gzip_static on; |  | ||||||
|  |  | ||||||
|    server { |  | ||||||
|       listen 8080 default_server; |  | ||||||
|       listen [::]:8080 default_server ipv6only=on; |  | ||||||
|  |  | ||||||
|       root /srv/ledgersmb/UI; |  | ||||||
|  |  | ||||||
|       access_log /dev/stdout; |  | ||||||
|       error_log /dev/stderr info; |  | ||||||
|  |  | ||||||
|       # Don't log status polls |  | ||||||
|       location /nginx_status { |  | ||||||
|                stub_status on; |  | ||||||
|                access_log off; |  | ||||||
|                allow 127.0.0.1; |  | ||||||
|                allow ::1; |  | ||||||
|                deny all; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       # Configuration files don't exist |  | ||||||
|       location ^~ \.conf$ { |  | ||||||
|          return 404; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       # 'Hidden' files don't exist |  | ||||||
|       location ~ /\. { |  | ||||||
|          return 404; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       location = / { |  | ||||||
|          return 301 /login.pl; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       # JS & CSS |  | ||||||
|       location ~* \.(js|css)$ { |  | ||||||
|          add_header Pragma "public"; |  | ||||||
|          add_header Cache-Control "public, must-revalidate, proxy-revalidate"; # Production |  | ||||||
|          expires     7d; # Indicate that the resource can be cached for 1 week # Production |  | ||||||
|          try_files $uri =404; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       location / { |  | ||||||
|          proxy_set_header        Host $host; |  | ||||||
|          proxy_set_header        X-Real-IP $remote_addr; |  | ||||||
|          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for; |  | ||||||
|          proxy_set_header        X-Forwarded-Proto $scheme; |  | ||||||
|          proxy_read_timeout      300; |  | ||||||
|          proxy_pass              http://lsmb:5762; |  | ||||||
|       } |  | ||||||
|    } |  | ||||||
| } |  | ||||||
| @@ -1,12 +0,0 @@ | |||||||
| #!/bin/bash |  | ||||||
|  |  | ||||||
| home_dir="$(dirname $(readlink -f $BASH_SOURCE))" |  | ||||||
| "$home_dir/config.sh" || { echo "Failed configuration" ; exit 1 } |  | ||||||
|  |  | ||||||
| LSMB_CONFIG_FILE="${LSMB_CONFIG_FILE:-/srv/ledgersmb/local/conf/ledgersmb.yaml}" |  | ||||||
| export LSMB_CONFIG_FILE |  | ||||||
| echo "--------- LEDGERSMB CONFIGURATION:  $LSMB_CONFIG_FILE" |  | ||||||
| cat "${LSMB_CONFIG_FILE}" |  | ||||||
| echo '--------- LEDGERSMB CONFIGURATION --- END' |  | ||||||
|  |  | ||||||
| exec "$home_dir/run.sh" |  | ||||||
							
								
								
									
										24
									
								
								build
									
									
									
									
									
								
							
							
						
						
									
										24
									
								
								build
									
									
									
									
									
								
							| @@ -1,24 +0,0 @@ | |||||||
| #!/bin/bash |  | ||||||
|  |  | ||||||
| set -euxo pipefail |  | ||||||
|  |  | ||||||
| ${DOCKER:-docker} buildx build \ |  | ||||||
|    --progress plain \ |  | ||||||
|    --platform ${PLATFORM:-linux/amd64,linux/arm64,linux/arm/v7} \ |  | ||||||
|    --build-arg "ARTIFACT_PATH=$ARTIFACT_PATH" \ |  | ||||||
|    -t ledgersmb/ledgersmb:$BRANCH-base \ |  | ||||||
|    -t ledgersmb/ledgersmb:$VERSION-base \ |  | ||||||
|    -t ghcr.io/ledgersmb/ledgersmb:$BRANCH-base \ |  | ||||||
|    -t ghcr.io/ledgersmb/ledgersmb:$VERSION-base \ |  | ||||||
|    ${SET_LATEST_TAG:+ -t ledgersmb/ledgersmb:latest-base -t ghcr.io/ledgersmb/ledgersmb:latest-base} \ |  | ||||||
|    --push base/ |  | ||||||
|  |  | ||||||
| ${DOCKER:-docker} buildx build \ |  | ||||||
|    --progress plain \ |  | ||||||
|    --platform ${PLATFORM:-linux/amd64,linux/arm64,linux/arm/v7} \ |  | ||||||
|    -t ledgersmb/ledgersmb:$BRANCH \ |  | ||||||
|    -t ledgersmb/ledgersmb:$VERSION \ |  | ||||||
|    -t ghcr.io/ledgersmb/ledgersmb:$BRANCH \ |  | ||||||
|    -t ghcr.io/ledgersmb/ledgersmb:$VERSION \ |  | ||||||
|    ${SET_LATEST_TAG:+ -t ledgersmb/ledgersmb:latest -t ghcr.io/ledgersmb/ledgersmb:latest} \ |  | ||||||
|    --push proxy/ |  | ||||||
| @@ -8,7 +8,7 @@ | |||||||
| # so no special care needs to be taken on | # so no special care needs to be taken on | ||||||
| # container upgrades.  With PostgreSQL, data is | # container upgrades.  With PostgreSQL, data is | ||||||
| # persisted across upgrades by the use of a | # persisted across upgrades by the use of a | ||||||
| # special 'pgdata' volume | # special 'dbdata' volume | ||||||
|  |  | ||||||
| version: "3.2" | version: "3.2" | ||||||
| services: | services: | ||||||
| @@ -16,48 +16,30 @@ services: | |||||||
|   # because that allows us to use the default hostname ("postgres") |   # because that allows us to use the default hostname ("postgres") | ||||||
|   # from the LedgerSMB configuration |   # from the LedgerSMB configuration | ||||||
|   postgres: |   postgres: | ||||||
|     image: postgres:15-alpine |     image: postgres:9.6-alpine | ||||||
|     environment: |     environment: | ||||||
|       # Replace the password below for a secure setup |       # Replace the password below for a secure setup | ||||||
|       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-abc} |       POSTGRES_PASSWORD: abc | ||||||
|       PGDATA: /var/lib/postgresql/data/pgdata |       PGDATA: /var/lib/postgresql/data/pgdata | ||||||
|     networks: |     networks: | ||||||
|       - internal |       - internal | ||||||
|     volumes: |     volumes: | ||||||
|       - "pgdata:/var/lib/postgresql/data" |       - "pgdata:/var/lib/postgresql/data" | ||||||
|     # Comment the line below to stop the container from restarting on boot |  | ||||||
|     # unless it was manually stopped |  | ||||||
|     restart: unless-stopped |  | ||||||
|   lsmb: |   lsmb: | ||||||
|     depends_on: |     depends_on: | ||||||
|       - postgres |       - postgres | ||||||
|     image: ghcr.io/ledgersmb/ledgersmb:1.13 |     image: ledgersmb/ledgersmb:1.7 | ||||||
|       # In order to store the configuration outside the image, allowing it to |  | ||||||
|       # be edited between container restarts, uncomment the section below and |  | ||||||
|       # change the 'source' to the directory where you want the configuration |  | ||||||
|       # to be stored. |  | ||||||
|     # volumes: |  | ||||||
|     #   # Override all configuration: |  | ||||||
|     #   - type: bind |  | ||||||
|     #     source: /home/ledgersmb/conf |  | ||||||
|     #     target: /srv/ledgersmb/local/conf |  | ||||||
|     #   # Add a snippet of configuration: |  | ||||||
|     #   - type: bind |  | ||||||
|     #     source: /home/ledgersmb/conf/ledgersmb.100.yaml |  | ||||||
|     #     target: /srv/ledgersmb/local/conf/ledgersmb.100.yaml |  | ||||||
|     networks: |     networks: | ||||||
|       - internal |       - internal | ||||||
|       - default |       - default | ||||||
|     # Comment the 'ports' section to disable mapping the LedgerSMB container |     # Uncomment the 'ports' section to map the LedgerSMB container port (5762) | ||||||
|     # ports (80 and 5762) to host ports of the same number. The mapping below |     #  to the host's port of the same number, thus making LedgerSMB | ||||||
|     # makes LedgerSMB available on http://localhost/ on the host. |     #  available on http://<host-dns-or-ip>:5762/ | ||||||
|     # |     #     SECURITY NOTE: Do this for evaluation purposes only! | ||||||
|     #     SECURITY NOTE:  Leave this uncommented for evaluation purposes only! |     #       In production, be sure to use SSL/TLS to protect user's passwords | ||||||
|     #       In production, be sure to use SSL/TLS (such as by reverse proxying) to protect |     #       and other sensitive data | ||||||
|     #       user's passwords and other sensitive data |     # ports: | ||||||
|     ports: |     #   - "5762:5762" | ||||||
|       - "80:80" |  | ||||||
|       - "5762:5762" |  | ||||||
|     environment: |     environment: | ||||||
|       # The LSMB_WORKERS environment variable lets you select the number |       # The LSMB_WORKERS environment variable lets you select the number | ||||||
|       # of processes serving HTTP requests. The default number of 2 workers |       # of processes serving HTTP requests. The default number of 2 workers | ||||||
| @@ -65,31 +47,19 @@ services: | |||||||
|       # improve the performance experience, increase memory and the |       # improve the performance experience, increase memory and the | ||||||
|       # number of workers |       # number of workers | ||||||
|       # |       # | ||||||
|       LSMB_WORKERS: ${LSMB_WORKERS:-5} |       LSMB_WORKERS: 2 | ||||||
|       # |       # | ||||||
|       # |       # | ||||||
|  |       # SSMTP_ROOT: | ||||||
|  |       # SSMTP_HOSTNAME: | ||||||
|  |       # SSMTP_MAILHUB: | ||||||
|  |       # SSMTP_AUTH_USER: | ||||||
|  |       # SSMTP_AUTH_PASS: | ||||||
|  |       # SSMTP_AUTH_METHOD: | ||||||
|  |       # SSMTP_USE_STARTTLS: | ||||||
|  |       # SSMTP_FROMLINE_OVERRIDE: | ||||||
|  |  | ||||||
|       # LSMB_MAIL_SMTPHOST: | # having the dbdata volume is required to persist our | ||||||
|       # LSMB_MAIL_SMTPPORT: |  | ||||||
|       # LSMB_MAIL_SMTPTLS: |  | ||||||
|       # LSMB_MAIL_SMTPSENDER_HOSTNAME: |  | ||||||
|       # LSMB_MAIL_SMTPUSER: |  | ||||||
|       # LSMB_MAIL_SMTPPASS: |  | ||||||
|       # LSMB_MAIL_SMTPAUTHMECH: |  | ||||||
|       # |  | ||||||
|       # |  | ||||||
|       # The PROXY_IP environment variable lets you set the IP address |  | ||||||
|       # (range) of the reverse proxy used for TLS termination, which forwards |  | ||||||
|       # its requests to this container. When this reverse proxy runs on the |  | ||||||
|       # Docker host, the default below applies. In case the reverse proxy is |  | ||||||
|       # hosted in a separate container, this setting needs to be adjusted. |  | ||||||
|       # |  | ||||||
|       # PROXY_IP: 172.17.0.1/12 |  | ||||||
|     # Comment the line below to stop the container from restarting on boot |  | ||||||
|     # unless it was manually stopped |  | ||||||
|     restart: unless-stopped |  | ||||||
|  |  | ||||||
| # having the pgdata volume is required to persist our |  | ||||||
| # data between PostgreSQL container updates; without | # data between PostgreSQL container updates; without | ||||||
| # that, the data is contained in the same volume as | # that, the data is contained in the same volume as | ||||||
| # the rest of the image and on update/upgrade, the | # the rest of the image and on update/upgrade, the | ||||||
|   | |||||||
| @@ -1,47 +0,0 @@ | |||||||
| # Install LedgerSMB version |  | ||||||
| ARG LSMB_VERSION="1.13.0" |  | ||||||
| # Install s6-overlay |  | ||||||
| ARG S6_OVERLAY_VERSION=3.2.0.2 |  | ||||||
|  |  | ||||||
| FROM ledgersmb/ledgersmb:$LSMB_VERSION-base |  | ||||||
|  |  | ||||||
| # Repeat args if we still want to use them |  | ||||||
| ARG LSMB_VERSION |  | ||||||
| ARG S6_OVERLAY_VERSION |  | ||||||
|  |  | ||||||
| # Install nginx and other dependencies |  | ||||||
| USER root |  | ||||||
| RUN set -x && \ |  | ||||||
|     DEBIAN_FRONTEND=noninteractive apt-get update -y && \ |  | ||||||
|     DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y && \ |  | ||||||
|     DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends nginx wget xz-utils && \ |  | ||||||
|     mkdir -p /var/lib/nginx/body /var/cache/nginx && \ |  | ||||||
|     DEBIAN_FRONTEND=noninteractive apt-get autoremove -q -y && \ |  | ||||||
|     DEBIAN_FRONTEND=noninteractive apt-get clean -q && \ |  | ||||||
|     ARCH="$(case "$(dpkg --print-architecture)" in armv7*|armhf) echo "armhf" ;; arm64) echo "aarch64" ;; amd64) echo "x86_64" ;; *) exit 1 ;; esac)" && \ |  | ||||||
|     wget -O /tmp/s6-overlay-noarch.tar.xz https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz && \ |  | ||||||
|     wget -O /tmp/s6-overlay-noarch.tar.xz.sha256 https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz.sha256 && \ |  | ||||||
|     wget -O /tmp/s6-overlay-${ARCH}.tar.xz https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${ARCH}.tar.xz && \ |  | ||||||
|     wget -O /tmp/s6-overlay-${ARCH}.tar.xz.sha256 https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${ARCH}.tar.xz.sha256 && \ |  | ||||||
|     wget -O /tmp/s6-overlay-symlinks-noarch.tar.xz https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-noarch.tar.xz && \ |  | ||||||
|     wget -O /tmp/s6-overlay-symlinks-noarch.tar.xz.sha256 https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-noarch.tar.xz.sha256 && \ |  | ||||||
|     cd /tmp && \ |  | ||||||
|     sha256sum -c *.sha256 && \ |  | ||||||
|     tar -C / -Jxpf /tmp/s6-overlay-noarch.tar.xz && \ |  | ||||||
|     tar -C / -Jxpf /tmp/s6-overlay-${ARCH}.tar.xz && \  |  | ||||||
|     tar -C / -Jxpf /tmp/s6-overlay-symlinks-noarch.tar.xz && \ |  | ||||||
|     rm -rf ~/.cpanm/ /var/lib/apt/lists/* /usr/share/man/* /usr/share/doc/* /tmp/s6-overlay-*.tar.xz* |  | ||||||
|  |  | ||||||
| COPY nginx.conf /etc/nginx/nginx.conf |  | ||||||
|  |  | ||||||
| # Configure nginx and starman with s6 |  | ||||||
| COPY services/starman/run /etc/services.d/starman/run |  | ||||||
| COPY services/nginx/run /etc/services.d/nginx/run |  | ||||||
| COPY scripts/ledgersmb_config /etc/s6-overlay/s6-rc.d/ledgersmb_config |  | ||||||
|  |  | ||||||
| RUN chmod +x /etc/services.d/starman/run /etc/services.d/nginx/run /etc/s6-overlay/s6-rc.d/ledgersmb_config/up && \ |  | ||||||
|     touch /etc/s6-overlay/s6-rc.d/user/contents.d/ledgersmb_config |  | ||||||
|  |  | ||||||
| EXPOSE 80 |  | ||||||
|  |  | ||||||
| ENTRYPOINT ["/init"] |  | ||||||
| @@ -1,76 +0,0 @@ | |||||||
| # This is a full (minimal) nginx configuration file |  | ||||||
|  |  | ||||||
| error_log /dev/stderr info; |  | ||||||
| pid /tmp/nginx.pid; |  | ||||||
| worker_processes 1; |  | ||||||
| user www-data; |  | ||||||
|  |  | ||||||
|  |  | ||||||
| events { |  | ||||||
|    worker_connections 1024; |  | ||||||
| } |  | ||||||
|  |  | ||||||
| http { |  | ||||||
|    client_body_temp_path /tmp/client_body; |  | ||||||
|    proxy_temp_path /tmp/proxy_temp; |  | ||||||
|    fastcgi_temp_path /tmp/fastcgi_temp; |  | ||||||
|    scgi_temp_path /tmp/scgi_temp; |  | ||||||
|    uwsgi_temp_path /tmp/uwsgi_temp; |  | ||||||
|  |  | ||||||
|    sendfile on; |  | ||||||
|    tcp_nopush on; |  | ||||||
|    tcp_nodelay on; |  | ||||||
|    keepalive_timeout 65; |  | ||||||
|    types_hash_max_size 2048; |  | ||||||
|    include /etc/nginx/mime.types; |  | ||||||
|    default_type application/octet-stream; |  | ||||||
|  |  | ||||||
|    access_log /dev/stdout; |  | ||||||
|    error_log /dev/stderr info; |  | ||||||
|  |  | ||||||
|    gzip off; |  | ||||||
|    gzip_static on; |  | ||||||
|  |  | ||||||
|    server { |  | ||||||
|       listen 80 default_server; |  | ||||||
|       listen [::]:80 default_server ipv6only=on; |  | ||||||
|  |  | ||||||
|       root /srv/ledgersmb/UI; |  | ||||||
|  |  | ||||||
|       access_log /dev/stdout; |  | ||||||
|       error_log /dev/stderr info; |  | ||||||
|  |  | ||||||
|       # Configuration files don't exist |  | ||||||
|       location ^~ \.conf$ { |  | ||||||
|          return 404; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       # 'Hidden' files don't exist |  | ||||||
|       location ~ /\. { |  | ||||||
|          return 404; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       location = / { |  | ||||||
|          return 301 login.pl; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       location / { |  | ||||||
|          try_files $uri @strippedprefix @starman; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       location @strippedprefix { |  | ||||||
|          rewrite ^/([a-z0-9A-Z]+)/(.*) /$2 break; |  | ||||||
|       } |  | ||||||
|  |  | ||||||
|       location @starman { |  | ||||||
|          proxy_pass              http://127.0.0.1:5762; |  | ||||||
|          proxy_read_timeout      300; |  | ||||||
|          proxy_set_header        Host $host; |  | ||||||
|          proxy_set_header        X-Real-IP $remote_addr; |  | ||||||
|          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for; |  | ||||||
|          proxy_set_header        X-Forwarded-Host $host; |  | ||||||
|          proxy_set_header        X-Forwarded-Server $host; |  | ||||||
|          proxy_set_header        X-Forwarded-Proto $scheme; |  | ||||||
|       } |  | ||||||
|    } |  | ||||||
| } |  | ||||||
| @@ -1 +0,0 @@ | |||||||
| oneshot |  | ||||||
| @@ -1,4 +0,0 @@ | |||||||
| foreground { echo "Running config..." } |  | ||||||
|  |  | ||||||
| with-contenv |  | ||||||
| /usr/local/bin/config.sh |  | ||||||
| @@ -1,3 +0,0 @@ | |||||||
| #!/usr/bin/with-contenv /bin/bash |  | ||||||
|  |  | ||||||
| exec nginx -g "daemon off;" |  | ||||||
| @@ -1,10 +0,0 @@ | |||||||
| #!/usr/bin/with-contenv /bin/bash |  | ||||||
|  |  | ||||||
|  |  | ||||||
| LSMB_CONFIG_FILE="${LSMB_CONFIG_FILE:-/srv/ledgersmb/local/conf/ledgersmb.yaml}" |  | ||||||
| export LSMB_CONFIG_FILE |  | ||||||
| echo "--------- LEDGERSMB CONFIGURATION:  $LSMB_CONFIG_FILE" |  | ||||||
| cat "${LSMB_CONFIG_FILE}" |  | ||||||
| echo '--------- LEDGERSMB CONFIGURATION --- END' |  | ||||||
|  |  | ||||||
| s6-setuidgid www-data /usr/local/bin/run.sh |  | ||||||
							
								
								
									
										33
									
								
								start.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										33
									
								
								start.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,33 @@ | |||||||
|  | #!/bin/bash | ||||||
|  |  | ||||||
|  | update_ssmtp.sh | ||||||
|  | cd /srv/ledgersmb | ||||||
|  |  | ||||||
|  | if [[ ! -f ledgersmb.conf ]]; then | ||||||
|  |   cat <<EOF >/tmp/ledgersmb.conf | ||||||
|  | [main] | ||||||
|  | cache_templates = 1 | ||||||
|  |  | ||||||
|  | [database] | ||||||
|  | host = $POSTGRES_HOST | ||||||
|  | port = $POSTGRES_PORT | ||||||
|  | default_db = $DEFAULT_DB | ||||||
|  |  | ||||||
|  | [mail] | ||||||
|  | sendmail   = /usr/sbin/ssmtp | ||||||
|  |  | ||||||
|  | EOF | ||||||
|  |   export LSMB_CONFIG_FILE='/tmp/ledgersmb.conf' | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | if [ ! -d "/tmp/ledgersmb" ]; then | ||||||
|  |   mkdir -p /tmp/ledgersmb | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | # start ledgersmb | ||||||
|  | # --preload-app allows application initialization to kill the entire | ||||||
|  | # starman instance (instead of just the worker, which will immediately | ||||||
|  | # get restarted); it also has a positive effect on memory use | ||||||
|  |  | ||||||
|  | exec starman --port 5762 --workers ${LSMB_WORKERS:-5} -I lib -I old/lib \ | ||||||
|  |         --preload-app bin/ledgersmb-server.psgi | ||||||
							
								
								
									
										18
									
								
								update_ssmtp.sh
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								update_ssmtp.sh
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,18 @@ | |||||||
|  | #!/bin/bash | ||||||
|  | ConfiguredComment='# install script update_ssmtp.sh has configured ssmtp' | ||||||
|  | grep -qc "$ConfiguredComment" /etc/ssmtp/ssmtp.conf && { | ||||||
|  |     echo "smtp configured." | ||||||
|  |     exit | ||||||
|  | } | ||||||
|  |  | ||||||
|  | sed -i \ | ||||||
|  |     -e "s/\(root=\).*\$/\1$SSMTP_ROOT/g" \ | ||||||
|  |     -e "s/\(mailhub=\).*\$/\1$SSMTP_MAILHUB/g" \ | ||||||
|  |     -e "s/\(hostname=\).*\$/\1$SSMTP_HOSTNAME/g" \ | ||||||
|  |     /etc/ssmtp/ssmtp.conf | ||||||
|  | [ -z "$SSMTP_USE_STARTTLS" ] || echo "UseSTARTTLS=$SSMTP_USE_STARTTLS" >> /etc/ssmtp/ssmtp.conf | ||||||
|  | [ -z "$SSMTP_AUTH_USER" ] || echo "AuthUser=$SSMTP_AUTH_USER" >> /etc/ssmtp/ssmtp.conf | ||||||
|  | [ -z "$SSMTP_AUTH_PASS" ] || echo "AuthPass=$SSMTP_AUTH_PASS" >> /etc/ssmtp/ssmtp.conf | ||||||
|  | [ -z "$SSMTP_AUTH_METHOD" ] || echo "AuthMethod=$SSMTP_AUTH_METHOD" >> /etc/ssmtp/ssmtp.conf | ||||||
|  | [ -z "$SSMTP_FROMLINE_OVERRIDE" ] || echo "FromLineOverride=$SSMTP_FROMLINE_OVERRIDE" >> /etc/ssmtp/ssmtp.conf | ||||||
|  | echo "$ConfiguredComment" >> /etc/ssmtp/ssmtp.conf | ||||||
		Reference in New Issue
	
	Block a user