mirror of
				https://github.com/ledgersmb/ledgersmb-docker.git
				synced 2025-10-20 11:10:30 -04:00 
			
		
		
		
	Compare commits
	
		
			172 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | 0ff7a0671d | ||
|  | 188a9ae259 | ||
|  | 553ead9a18 | ||
|  | d63ca10ba4 | ||
|  | 196581f2ad | ||
|  | 304a253634 | ||
|  | 55582d08a1 | ||
|  | 1cd90e0e57 | ||
|  | 99161642eb | ||
|  | 90af6cd03f | ||
|  | 7cea8cfb8d | ||
|  | 5670f5760f | ||
|  | 4fb8f0fba8 | ||
|  | e329f0617a | ||
|  | ac2d4a8ae3 | ||
|  | e254cb705c | ||
|  | 5849b64fde | ||
|  | 791df8fd1f | ||
|  | 5110bfcbbc | ||
|  | c3f046baa9 | ||
|  | d78e166553 | ||
|  | 5a1fd390f1 | ||
|  | d5661d029f | ||
|  | 88c84967b9 | ||
|  | 3fec7b91b1 | ||
|  | 6d6ca05eb1 | ||
|  | b39d64964c | ||
|  | f697bb6b50 | ||
|  | dc4c2cf97a | ||
|  | 83fb7a4fde | ||
|  | 0dc6e65c51 | ||
|  | 51d1d1da0f | ||
|  | 9f7a4d1f8d | ||
|  | 7f3a3467f8 | ||
|  | 91a985bc31 | ||
|  | 413a63161c | ||
|  | 7f7aa41a27 | ||
|  | 6f4d5cba73 | ||
|  | 3f3ca9dd7f | ||
|  | 5d1823f88a | ||
|  | 81a38b3040 | ||
|  | 93c7b4c77e | ||
|  | 096350ad7b | ||
|  | 9cc752a0ff | ||
|  | 7a17a8630f | ||
|  | ee863b6f3d | ||
|  | eba882d12a | ||
|  | 016deec433 | ||
|  | 0f7242d559 | ||
|  | 59192ffd20 | ||
|  | 4ff785d101 | ||
|  | c7d22e2b6e | ||
|  | aa1cdc2dca | ||
|  | 1d1e029a71 | ||
|  | 06941025cd | ||
|  | 723202b5c4 | ||
|  | 59a542afc8 | ||
|  | 5b098c7b49 | ||
|  | 71e067d0a7 | ||
|  | 9f4b6b8580 | ||
|  | 3177ab415e | ||
|  | 7a2e6174a5 | ||
|  | c9b8719897 | ||
|  | deeecbcdf1 | ||
|  | e41eefd1c0 | ||
|  | b247132333 | ||
|  | 82fdc70f05 | ||
|  | 16e22ab5b6 | ||
|  | 2fd0e3a899 | ||
|  | 2c6e26e41c | ||
|  | 8abfb47e09 | ||
|  | c139863c85 | ||
|  | cad89f842c | ||
|  | dffd342880 | ||
|  | 3230ac320c | ||
|  | 9e0957127b | ||
|  | 6b4fd9c831 | ||
|  | 68461e62b0 | ||
|  | 6779e82743 | ||
|  | 6dfa51e6bf | ||
|  | 3edc3bfa83 | ||
|  | 6e2097eb2a | ||
|  | 2b2c2a86a7 | ||
|  | 2e703cf3b9 | ||
|  | 889fed85c9 | ||
|  | 3fd89bf933 | ||
|  | 2fd4d25b06 | ||
|  | 92483d9b69 | ||
|  | a7a1412cbd | ||
|  | 8974109e48 | ||
|  | 16b55ab3b4 | ||
|  | 0fabba4a66 | ||
|  | 6471736148 | ||
|  | c8368ce921 | ||
|  | 1806b8003b | ||
|  | d9163c1e65 | ||
|  | 9e88db52d9 | ||
|  | 230a7ddfae | ||
|  | 3a86482a97 | ||
|  | ae0cea34b3 | ||
|  | f37678c275 | ||
|  | b28f5b693b | ||
|  | 1f20ab08f1 | ||
|  | 34937fbd4f | ||
|  | c6968b5397 | ||
|  | 5168936493 | ||
|  | 49a448c732 | ||
|  | 27b3e40e72 | ||
|  | 6593d58698 | ||
|  | 5a7ec0a2ed | ||
|  | 236a25b767 | ||
|  | 943fa166e8 | ||
|  | a678ae39a0 | ||
|  | 3d12e4351d | ||
|  | ccd90f04a4 | ||
|  | 4d316f9019 | ||
|  | 71f876a253 | ||
|  | ab00872e02 | ||
|  | 483a1110ff | ||
|  | a2a625d193 | ||
|  | f10924cae9 | ||
|  | c13d20651c | ||
|  | 7771b8c03b | ||
|  | 1ba89cef50 | ||
|  | d7ad535199 | ||
|  | ac2553ea17 | ||
|  | 0205b40bd2 | ||
|  | 84130b47f3 | ||
|  | d27017e309 | ||
|  | f3420feb36 | ||
|  | 82445543de | ||
|  | 99a21f8e7d | ||
|  | 74aa2920da | ||
|  | 821d59fb79 | ||
|  | 409aeefd56 | ||
|  | 2608ff28bb | ||
|  | 9adee2d1ba | ||
|  | 89f9f5e449 | ||
|  | 77a6985f29 | ||
|  | f2a0c60b94 | ||
|  | b9c316569d | ||
|  | 907fc363af | ||
|  | 40ab4edab4 | ||
|  | dd6c18c5a6 | ||
|  | fe2ae210a2 | ||
|  | f8ef55726d | ||
|  | 05b8961242 | ||
|  | 385dd60c3f | ||
|  | 001e98ed38 | ||
|  | 1eb854f2d6 | ||
|  | 878111e7cd | ||
|  | 18980a353f | ||
|  | 46637422ee | ||
|  | ba202372fa | ||
|  | 3197f4feab | ||
|  | 46a5386e54 | ||
|  | 6122921674 | ||
|  | db957f3880 | ||
|  | 7e059e5dc1 | ||
|  | 421c153249 | ||
|  | 1f40452e92 | ||
|  | 98c38f998a | ||
|  | 6d3b30720c | ||
|  | aa66d87e15 | ||
|  | e06638b048 | ||
|  | d71609cae1 | ||
|  | 8bc4fd8583 | ||
|  | 52fdf5b65e | ||
|  | 29abd11efd | ||
|  | e9edcaf9ae | ||
|  | 3a74802fe1 | ||
|  | 1b9701511e | 
							
								
								
									
										26
									
								
								.github/workflows/no-response.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										26
									
								
								.github/workflows/no-response.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,26 @@ | ||||
| name: No Response | ||||
|  | ||||
| # Both `issue_comment` and `scheduled` event types are required for this Action | ||||
| # to work properly. | ||||
| on: | ||||
|   issue_comment: | ||||
|     types: [created] | ||||
|   schedule: | ||||
|     # Schedule for five minutes after the hour, every hour | ||||
|     - cron: '5 3 * * *' | ||||
|  | ||||
| jobs: | ||||
|   noResponse: | ||||
|     if: github.repository_owner == 'ledgersmb' | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: actions/stale@v9 | ||||
|         with: | ||||
|           days-before-issue-stale: -1 | ||||
|           days-before-pr-stale: -1 | ||||
|           stale-issue-label: waiting-for-user | ||||
|           # Number of days of inactivity before an Issue is closed for lack of response | ||||
|           days-before-close: 90 | ||||
|           # Label requiring a response | ||||
|           close-issue-message: > | ||||
|             Closing: more than 90 days without user response. Feel free to reopen with your comments. | ||||
							
								
								
									
										160
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										160
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -1,22 +1,72 @@ | ||||
| FROM        debian:stretch-slim | ||||
| MAINTAINER  Freelock john@freelock.com | ||||
|  | ||||
| # Build time variables | ||||
| ENV LSMB_VERSION 1.6.13 | ||||
|  | ||||
| ARG SRCIMAGE=debian:bookworm-slim | ||||
|  | ||||
|  | ||||
| FROM  $SRCIMAGE AS builder | ||||
|  | ||||
| ARG LSMB_VERSION="1.11.23" | ||||
| ARG LSMB_DL_DIR="Releases" | ||||
| ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" | ||||
|  | ||||
|  | ||||
| RUN set -x ; \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y dist-upgrade && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install dh-make-perl libmodule-cpanfile-perl git wget && \ | ||||
|   apt-file update | ||||
|  | ||||
| RUN set -x ; \ | ||||
|   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "$ARTIFACT_LOCATION" && \ | ||||
|   tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ | ||||
|   rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ | ||||
|   cd /srv/ledgersmb && \ | ||||
|   ( ( for lib in $( cpanfile-dump --with-all-features --recommends --no-configure --no-build --no-test ) ; \ | ||||
|     do \ | ||||
|       if dh-make-perl locate "$lib" 2>/dev/null ; \ | ||||
|       then  \ | ||||
|         : \ | ||||
|       else \ | ||||
|         echo no : $lib ; \ | ||||
|       fi ; \ | ||||
|     done ) | grep -v dh-make-perl | grep -v 'not found' | grep -vi 'is in Perl ' | cut -d' ' -f4 | sort | uniq | tee /srv/derived-deps ) && \ | ||||
|   cat /srv/derived-deps | ||||
|  | ||||
|  | ||||
| # | ||||
| # | ||||
| #  The real image build starts here | ||||
| # | ||||
| # | ||||
|  | ||||
|  | ||||
| FROM  $SRCIMAGE | ||||
| LABEL org.opencontainers.image.authors="LedgerSMB project <devel@lists.ledgersmb.org>" | ||||
| LABEL org.opencontainers.image.title="LedgerSMB double-entry accounting web-application" | ||||
| LABEL org.opencontainers.image.description="LedgerSMB is a full featured double-entry financial accounting and Enterprise\ | ||||
|  Resource Planning system accessed via a web browser (Perl/JS with a PostgreSQL\ | ||||
|  backend) which offers 'Accounts Receivable', 'Accounts Payable' and 'General\ | ||||
|  Ledger' tracking as well as inventory control and fixed assets handling. The\ | ||||
|  LedgerSMB client can be a web browser or a programmed API call. The goal of\ | ||||
|  the LedgerSMB project is to bring high quality ERP and accounting capabilities\ | ||||
|  to Small and Midsize Businesses." | ||||
|  | ||||
| ARG LSMB_VERSION="1.11.23" | ||||
| ARG LSMB_DL_DIR="Releases" | ||||
| ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" | ||||
|  | ||||
|  | ||||
| # Install Perl, Tex, Starman, psql client, and all dependencies | ||||
| # Without libclass-c3-xs-perl, performance is terribly slow... | ||||
| # Without libclass-accessor-lite-perl, HTML::Entities won't build from CPAN | ||||
| # libnet-cidr-lite-perl is a dependency for Plack::Builder::Conditionals | ||||
| #   which is being installed from CPAN | ||||
| # libtest-requires-perl is a dependency of Module-Build-Pluggable-PPPort | ||||
| #   on which HTML::Escape depends | ||||
|  | ||||
| # Installing psql client directly from instructions at https://wiki.postgresql.org/wiki/Apt | ||||
| # That mitigates issues where the PG instance is running a newer version than this container | ||||
|  | ||||
| RUN echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \ | ||||
|  | ||||
| COPY --from=builder /srv/derived-deps /tmp/derived-deps | ||||
|  | ||||
| RUN set -x ; \ | ||||
|   echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \ | ||||
|   mkdir -p /usr/share/man/man1/ && \ | ||||
|   mkdir -p /usr/share/man/man2/ && \ | ||||
|   mkdir -p /usr/share/man/man3/ && \ | ||||
| @@ -24,54 +74,33 @@ RUN echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> | ||||
|   mkdir -p /usr/share/man/man5/ && \ | ||||
|   mkdir -p /usr/share/man/man6/ && \ | ||||
|   mkdir -p /usr/share/man/man7/ && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get update -q && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get dist-upgrade -y -q && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -y -q install \ | ||||
|     wget ca-certificates gnupg \ | ||||
|     libcgi-emulate-psgi-perl libcgi-simple-perl libconfig-inifiles-perl \ | ||||
|     libdbd-pg-perl libdbi-perl libdata-uuid-perl libdatetime-perl \ | ||||
|     libdatetime-format-strptime-perl libio-stringy-perl \ | ||||
|     libjson-xs-perl libcpanel-json-xs-perl liblist-moreutils-perl \ | ||||
|     liblocale-maketext-perl liblocale-maketext-lexicon-perl \ | ||||
|     liblog-log4perl-perl libmime-lite-perl libmime-types-perl \ | ||||
|     libmath-bigint-gmp-perl libmodule-runtime-perl libmoose-perl \ | ||||
|     libmoosex-nonmoose-perl libnumber-format-perl \ | ||||
|     libpgobject-perl libpgobject-simple-perl libpgobject-simple-role-perl \ | ||||
|     libpgobject-type-bigfloat-perl libpgobject-type-datetime-perl \ | ||||
|     libpgobject-type-bytestring-perl libpgobject-util-dbmethod-perl \ | ||||
|     libpgobject-util-dbadmin-perl libplack-perl \ | ||||
|     libplack-middleware-reverseproxy-perl \ | ||||
|     libtemplate-perl libtext-csv-perl libtext-csv-xs-perl \ | ||||
|     libtext-markdown-perl libxml-simple-perl \ | ||||
|     libnamespace-autoclean-perl \ | ||||
|     libimage-size-perl \ | ||||
|     libtemplate-plugin-latex-perl libtex-encode-perl \ | ||||
|     libclass-c3-xs-perl libclass-accessor-lite-perl \ | ||||
|     libnet-cidr-lite-perl libtest-requires-perl \ | ||||
|     texlive-latex-recommended \ | ||||
|   mkdir -p /usr/share/man/man8/ && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y dist-upgrade && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install \ | ||||
|     wget ca-certificates gnupg iproute2 \ | ||||
|     $( cat /tmp/derived-deps ) \ | ||||
|     libclass-c3-xs-perl \ | ||||
|     texlive-plain-generic texlive-latex-recommended texlive-fonts-recommended \ | ||||
|     texlive-xetex fonts-liberation \ | ||||
|     starman \ | ||||
|     libopenoffice-oodoc-perl \ | ||||
|     ssmtp \ | ||||
|     lsb-release && \ | ||||
|   echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \ | ||||
|   (wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -) && \ | ||||
|   echo "deb [signed-by=/etc/apt/keyrings/postgresql.asc] http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \ | ||||
|   wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc > /etc/apt/keyrings/postgresql.asc && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install postgresql-client && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \ | ||||
|   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "https://download.ledgersmb.org/f/Releases/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" && \ | ||||
|   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "$ARTIFACT_LOCATION" && \ | ||||
|   tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ | ||||
|   rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ | ||||
|   cpanm --notest \ | ||||
|   cpanm --metacpan --notest \ | ||||
|     --with-feature=starman \ | ||||
|     --with-feature=latex-pdf-ps \ | ||||
|     --with-feature=openoffice \ | ||||
|     --installdeps /srv/ledgersmb/ && \ | ||||
|   apt-get purge -q -y git cpanminus make gcc libperl-dev && \ | ||||
|   apt-get autoremove -q -y && \ | ||||
|   apt-get autoclean -q && \ | ||||
|   rm -rf ~/.cpanm/ && \ | ||||
|   rm -rf /var/lib/apt/lists/* /usr/share/man/* | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get purge -q -y git cpanminus make gcc libperl-dev && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get autoremove -q -y && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get clean -q && \ | ||||
|   rm -rf ~/.cpanm/ /var/lib/apt/lists/* /usr/share/man/* | ||||
|  | ||||
|  | ||||
| WORKDIR /srv/ledgersmb | ||||
| @@ -80,30 +109,31 @@ WORKDIR /srv/ledgersmb | ||||
|  | ||||
| # Configure outgoing mail to use host, other run time variable defaults | ||||
|  | ||||
| ## sSMTP | ||||
| ENV SSMTP_ROOT ar@example.com | ||||
| ENV SSMTP_MAILHUB 172.17.0.1 | ||||
| ENV SSMTP_HOSTNAME 172.17.0.1 | ||||
| #ENV SSMTP_USE_STARTTLS | ||||
| #ENV SSMTP_AUTH_USER | ||||
| #ENV SSMTP_AUTH_PASS | ||||
| ENV SSMTP_FROMLINE_OVERRIDE YES | ||||
| #ENV SSMTP_AUTH_METHOD | ||||
| ## MAIL | ||||
| # '__CONTAINER_GATEWAY__' is a magic value which will be substituted | ||||
| # with the actual gateway IP address | ||||
| ENV LSMB_MAIL_SMTPHOST=__CONTAINER_GATEWAY__ | ||||
| #ENV LSMB_MAIL_SMTPPORT=25 | ||||
| #ENV LSMB_MAIL_SMTPSENDER_HOSTNAME=(container hostname) | ||||
| #ENV LSMB_MAIL_SMTPTLS= | ||||
| #ENV LSMB_MAIL_SMTPUSER= | ||||
| #ENV LSMB_MAIL_SMTPPASS= | ||||
| #ENV LSMB_MAIL_SMTPAUTHMECH= | ||||
|  | ||||
| ENV POSTGRES_HOST postgres | ||||
| ENV POSTGRES_PORT 5432 | ||||
| ENV DEFAULT_DB lsmb | ||||
| ## DATABASE | ||||
| ENV POSTGRES_HOST=postgres | ||||
| ENV POSTGRES_PORT=5432 | ||||
| ENV DEFAULT_DB=lsmb | ||||
|  | ||||
| COPY start.sh /usr/local/bin/start.sh | ||||
| COPY update_ssmtp.sh /usr/local/bin/update_ssmtp.sh | ||||
|  | ||||
| RUN chown www-data /etc/ssmtp /etc/ssmtp/ssmtp.conf && \ | ||||
|   chmod +x /usr/local/bin/update_ssmtp.sh /usr/local/bin/start.sh && \ | ||||
|   mkdir -p /var/www | ||||
| RUN chmod +x /usr/local/bin/start.sh && \ | ||||
|   mkdir -p /var/www && \ | ||||
|   mkdir -p /srv/ledgersmb/local/conf && \ | ||||
|   chown -R www-data /srv/ledgersmb/local | ||||
|  | ||||
| # Work around an aufs bug related to directory permissions: | ||||
| RUN mkdir -p /tmp && \ | ||||
|   chmod 1777 /tmp | ||||
| RUN mkdir -p /tmp && chmod 1777 /tmp | ||||
|  | ||||
| # Internal Port Expose | ||||
| EXPOSE 5762 | ||||
|   | ||||
							
								
								
									
										270
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										270
									
								
								README.md
									
									
									
									
									
								
							| @@ -1,12 +1,36 @@ | ||||
| # ledgersmb-docker | ||||
|  | ||||
| Dockerfile for LedgerSMB Docker image | ||||
|  | ||||
| ## Content | ||||
|  | ||||
|  1. [Supported tags](#supported-tags) | ||||
|  2. [What is LedgerSMB](#what-is-ledgersmb) | ||||
|  3. [How to use this image](#how-to-use-this-image) | ||||
|  4. [Set up LedgerSMB](#set-up-ledgersmb) | ||||
|  5. [Updating the LedgerSMB container](#updating-the-ledgersmb-container) | ||||
|  6. [Environment Variables](#environment-variables) | ||||
|  7. [Advanced setup](#advanced-setup) | ||||
|  8. [Troubleshooting](#troubleshootingdeveloping) | ||||
|  9. [User feedback](#user-feedback) | ||||
|  | ||||
| # Supported tags | ||||
|  | ||||
| - `1.6`, `1.6.x`, `latest` - Latest release tarball from 1.6 branch | ||||
| - `1.5`, `1.5.x` - Latest release tarball from 1.5 branch | ||||
| - `1.4`, `1.4.x` - Latest tagged release of git 1.4 branch | ||||
| - `1.12`, `1.12.x`, `latest` - Latest official release from the 1.12 branch | ||||
| - `1.11`, `1.11.x` - Latest official release from the 1.11 branch | ||||
| - `1.10`, `1.10.38` - Last official release from the 1.10 branch (End-of-Life) | ||||
| - `1.9`, `1.9.30` - Last official release from the 1.9 branch (End-of-Life) | ||||
| - `1.8`, `1.8.31` - Last official release from the 1.8 branch (End-of-Life) | ||||
| - `1.7`, `1.7.41` - Last official release from the 1.7 branch (End-of-Life) | ||||
| - `1.6`, `1.6.33` - Last official release from the 1.6 branch (End-of-Life) | ||||
| - `1.5`, `1.5.30` - Last official release from the 1.5 branch (End-of-Life) | ||||
| - `1.4`, `1.4.42` - Last official release from the 1.4 branch (End-of-Life) | ||||
| - `master` - Master branch from git, unstable | ||||
|  | ||||
| Containers supporting the development process are provided | ||||
| through the ledgersmb-dev-docker project. See [the development | ||||
| container's README](https://github.com/ledgersmb/ledgersmb-dev-docker/blob/master/README.md#getting-started) | ||||
| for more information. | ||||
|  | ||||
| # What is LedgerSMB? | ||||
|  | ||||
| @@ -23,9 +47,9 @@ This image is designed to be used in conjunction with a running PostgreSQL | ||||
| instance (such as may be provided through a separate image). | ||||
|  | ||||
| This image exposes port 5762 running a Starman HTTP application server. We | ||||
| do not recommend exposing this port publicly, because | ||||
| do recommend not exposing this port publicly, because | ||||
|  | ||||
| 1. The Starman author recommends it | ||||
| 1. The Starman author recommends not exposing it | ||||
| 2. We strongly recommend TLS encryption of all application traffic | ||||
|  | ||||
| While the exposed port can be used for quick evaluation, it's recommended | ||||
| @@ -34,61 +58,77 @@ to add the TLS layer by applying Nginx or Apache as reverse proxy. | ||||
| Enabling optional functionalities such as outgoing e-mail and printing | ||||
| could require additional setup of a mail service or CUPS printer service. | ||||
|  | ||||
| # Quickstart | ||||
|  | ||||
| The quickest way to get this image up and running is by using the | ||||
| `docker-compose` file available through the GitHub repository at: | ||||
|  | ||||
|   https://github.com/ledgersmb/ledgersmb-docker/blob/1.6/docker-compose.yml | ||||
|  | ||||
| which sets up both this image and a supporting database image for | ||||
| production purposes (i.e. with persistent (database) data, with the | ||||
| exception of one thing: setting up an Nginx or Apache reverse proxy | ||||
| with TLS 1.2/1.3 support -- a requirement if you want to access your | ||||
| installation over any type of network. | ||||
|  | ||||
| # How to use this image | ||||
|  | ||||
| ## Start a postgres instance | ||||
| This image can be installed either automatically with the Docker compose file | ||||
| or manually with docker only. | ||||
|  | ||||
| ## Docker-Compose: Installation and start | ||||
|  | ||||
| This repository provides a file named `docker-compose.yml` which can be used to | ||||
| pull related images, install them, establish an internal network for their | ||||
| communications, adjust environment variables, start and stop LedgerSMB. The | ||||
| only instructions required, after the optional edition of the file to adjust | ||||
| the environment variables, are: | ||||
|  | ||||
| ```plain | ||||
|  $ docker run -d --name postgres \ | ||||
|               -e POSTGRES_PASSWORD=mysecretpassword \ | ||||
|               postgres:latest | ||||
|  $ docker-compose pull | ||||
|  $ docker-compose up -d | ||||
| ``` | ||||
|  | ||||
| BEWARE: The command above creates a container with the database data stored | ||||
| *inside* the container. Upon removal of the container, the database data will | ||||
| be removed too! | ||||
|  | ||||
| To prevent destruction of the database data upon replacement of the container, | ||||
| please use these commands instead: | ||||
| Or use the following to set a different password and/or parallel processing | ||||
| capacity (so called 'workers'): | ||||
|  | ||||
| ```plain | ||||
|  $ docker volume create dbdata | ||||
|  $ docker run -d --name postgres \ | ||||
|               -e POSTGRES_PASSWORD=mysecretpassword \ | ||||
|               -e PGDATA=/var/lib/postgresql/data/pgdata \ | ||||
|               -v dbdata:/var/lib/postgresql/data \ | ||||
|               postgres:latest | ||||
|  $ docker-compose pull | ||||
|  $ POSTGRES_PASSWORD=def \ | ||||
|    LSMB_WORKERS=10 \ | ||||
|    docker-compose up -d | ||||
| ``` | ||||
|  | ||||
| ## Start LedgerSMB | ||||
| This will set up two containers: (1) a PostgreSQL container with persistent | ||||
| storage which is retained between container updates and (2) a LedgerSMB | ||||
| container configured to connect to the PostgreSQL container as its database | ||||
| server. Your LedgerSMB installation should now be accessible through | ||||
| [http://localhost:5762/](http://localhost:5762/). | ||||
|  | ||||
| The default number of workers is 5. The default database username and password | ||||
| are: | ||||
|  | ||||
| ```plain | ||||
|    username: postgres | ||||
|    password: abc | ||||
| ``` | ||||
|  | ||||
| From here, follow the steps as detailed in the instructions for | ||||
| [preparing for first use](https://ledgersmb.org/content/preparing-ledgersmb-19-first-use). | ||||
|  | ||||
| ## Manual installation | ||||
|  | ||||
| This section assumes availability of a PostgreSQL server to attach to the | ||||
| LedgerSMB image as the database server. | ||||
|  | ||||
| ### Start LedgerSMB | ||||
|  | ||||
| ```plain | ||||
|  $ docker run -d -p 5762:5762 --name myledger \ | ||||
|               ledgersmb/ledgersmb:latest | ||||
|               -e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest | ||||
| ``` | ||||
|  | ||||
| This command maps port 5762 of your container to port 5762 in your host. The | ||||
| web application inside the container should now be accessible through | ||||
| http://localhost:5762/setup.pl. | ||||
| http://localhost:5762/setup.pl and http://localhost:5762/login.pl. | ||||
|  | ||||
| ## Set up LedgerSMB | ||||
| Below are more variables which determine container configuration, | ||||
| like `POSTGRES_HOST` above. | ||||
|  | ||||
| # Set up LedgerSMB | ||||
|  | ||||
|  * Visit http://myledger:5762/setup.pl. | ||||
|  * Log in with the "postgres" user and the password `mysecretpassword` | ||||
|    and provide the name of a company (= database name) you want to create. | ||||
|  * Log in with the "postgres" user and the password `abc` as given above - | ||||
|    or with the credentials of your own database server in case of a manual | ||||
|    setup - and provide the name of a company (= database name) you want to | ||||
|    create. | ||||
|  * Go over the steps presented in the browser | ||||
|  | ||||
| Once you have completed the setup steps, you have a fully functional | ||||
| @@ -100,9 +140,13 @@ Visit http://localhost:5762/login.pl to log in and get started. | ||||
|  | ||||
| No persistant data is stored in the LedgerSMB container. | ||||
|  | ||||
| All LedgerSMB data is stored in Postgres, so you can stop/destroy/run a | ||||
| All LedgerSMB data is stored in PostgreSQL, so you can stop/destroy/run a | ||||
| new LedgerSMB container as often as you want. | ||||
|  | ||||
| In case of the Docker Compose setup, all PostgreSQL data is stored on the | ||||
| Docker volume with the name ending in `_pgdata`. This volume is not destroyed | ||||
| when updating the containers; only explicit removal destroys the data. | ||||
|  | ||||
| # Environment Variables | ||||
|  | ||||
| The LedgerSMB image uses several environment variables. They are all optional. | ||||
| @@ -138,30 +182,124 @@ affect the performance experience of users. | ||||
|  | ||||
| ## Mail configuration | ||||
|  | ||||
| The docker image uses `ssmtp` to send mail. | ||||
| As of 1.8.0, the image is based on Debian Buster instead of Debian Stretch; | ||||
| with Buster, the `ssmtp` program has been removed from Debian, this image | ||||
| had to change strategy. The main application always came with built-in e-mail | ||||
| yet with the deprecation, the abilities have expanded. | ||||
|  | ||||
| * `SSMTP_ROOT` (config: `Root`) | ||||
| * `SSMTP_MAILHUB` (config: `Mailhub`) | ||||
| * `SSMTP_HOSTNAME` (config: `Hostname`) | ||||
| * `SSMTP_USE_STARTTLS` (config: `UseSTARTTLS`) | ||||
| * `SSMTP_AUTH_USER` (config: `AuthUser`) | ||||
| * `SSMTP_AUTH_PASS` (config: `AuthPass`) | ||||
| * `SSMTP_AUTH_METHOD` (config: `AuthMethod`) | ||||
| * `SSMTP_FROMLINE_OVERRIDE` (config: `FromLineOverride`) | ||||
| The following parameters are now supported to set mail preferences: | ||||
|  | ||||
| These variables are used to set outgoing SMTP defaults. | ||||
| * `LSMB_MAIL_SMTPHOST` \ | ||||
|   The host name/IP-address of the SMTP server that will forward mail from | ||||
|   LedgerSMB to the outside world. | ||||
| * `LSMB_MAIL_SMTPPORT` \ | ||||
|   The port that the SMTP server in `LSMB_MAIL_SMTPHOST` listens to. | ||||
| * `LSMB_MAIL_SMTPTLS` \ | ||||
|   Can be one of `no` (default), `yes` or `raw`. `yes` indicates to use | ||||
|   STARTTLS over a regular SMTP connection; `raw`' indicates an SMTP connection | ||||
|   should be established over a TLS connection (a.k.a. smtps). | ||||
| * `LSMB_MAIL_SMTPSENDER_HOSTNAME` (optional) \ | ||||
|   When set, used to identify the host when connecting to an SMTP server. When | ||||
|   not set, the host is queried for its host name. | ||||
| * `LSMB_MAIL_SMTPUSER` \ | ||||
|   Username to authenticate to the SMTP host in `LSMB_MAIL_SMTPHOST`. | ||||
| * `LSMB_MAIL_SMTPPASS` \ | ||||
|   Password to authenticate to the SMTP host in `LSMB_MAIL_SMTPHOST` with the | ||||
|   user in `LSMB_MAIL_SMTPUSER`. | ||||
| * `LSMB_MAIL_SMTPAUTHMECH` \ | ||||
|   A space separated list of SASL mechanisms to be used for authentication of | ||||
|   the smtp connection with the SMTP server. Available mechanisms depend on | ||||
|   your installed environment, but the following mechanisms should be available | ||||
|   in all of them: `PLAIN` `LOGIN` `CRAM_MD5` & `DIGEST_MD5`. **Note that** | ||||
|   `PLAIN` or `LOGIN` send passwords in plain text over the wire to the SMTP | ||||
|   server; only use these methods in combination with TLS encryption. | ||||
|  | ||||
| To set the outgoing email address, set `SSMTP_ROOT` and `SSMTP_HOSTNAME` at | ||||
| a minimum. | ||||
| # Advanced setup | ||||
|  | ||||
| `SSMTP_MAILHUB` defaults to the default docker0 interface, so if your host is | ||||
| already configured to relay mail, this should relay successfully with only | ||||
| the root and hostname set. | ||||
| ## Changing configuration | ||||
|  | ||||
| Use the other environment variables to relay mail through a different host. | ||||
| Use the [ssmtp.conf man | ||||
| page](https://www.systutorials.com/docs/linux/man/5-ssmtp.conf/) to look up | ||||
| the meaning and function of each of the mail configuration keys. | ||||
| The configuration file is stored in /srv/ledgersmb/local/conf/. By mounting | ||||
| that directory using a bind-mount to a location outside the container, | ||||
| configuration can be changed between container starts: | ||||
|  | ||||
| ```plain | ||||
|  $ docker run -d -p 5762:5762 --name myledger \ | ||||
|      --mount 'type=bind,src=/home/ledgersmb/conf,dst=/srv/ledgersmb/local/conf \ | ||||
|      -e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest | ||||
| ``` | ||||
|  | ||||
| ## Overriding or adding configuration | ||||
|  | ||||
| By pre-creating a configuration file in the mounted configuration directory, | ||||
| the standard configuration generation process in the container can be overruled: | ||||
|  | ||||
| ```plain | ||||
|  $ cat <<EOF > /home/ledgersmb/conf/ledgersmb.yaml | ||||
|    ... YOUR CONFIG HERE ... | ||||
|  EOF | ||||
|  $ docker run -d -p 5762:5762 --name myledger \ | ||||
|      --mount 'type=bind,src=/home/ledgersmb/conf,dst=/srv/ledgersmb/local/conf \ | ||||
|      -e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest | ||||
| ``` | ||||
|  | ||||
| If you do not want to completely overrule the configuration generated, but instead | ||||
| supplement the configuration, you can put incremental configuration snippets in | ||||
| files named `ledgersmb.1XX.yaml` in the same folder. E.g.: | ||||
|  | ||||
| ```plain | ||||
|  $ cat <<EOF > /home/ledgersmb/conf/ledgersmb.100.yaml | ||||
|  logging: | ||||
|    file: ledgersmb.logging | ||||
|  EOF | ||||
| ``` | ||||
|  | ||||
| [Documentation with respect to the available configuration | ||||
| keys](https://github.com/ledgersmb/LedgerSMB/blob/master/doc/conf/ledgersmb.yaml) | ||||
| is available in the LedgerSMB repository. | ||||
|  | ||||
| ## Docker Compose with reverse proxy | ||||
|  | ||||
| The `docker-compose-reverseproxy.yml` file shows a docker-compose setup | ||||
| which adds an Nginx reverse proxy configuration on top of the base | ||||
| `docker-compose.yml` configuration file. If the content of this repository | ||||
| is cloned into the current directory (`git clone https://github.com/ledgersmb/ledgersmb-docker.git ; cd ledgersmb-docker`), it can be used as: | ||||
|  | ||||
| ```plain | ||||
|  $ docker-compose \ | ||||
|     -f docker-compose.yml \ | ||||
|     -f docker-compose-reverseproxy.yml \ | ||||
|        up -d | ||||
| ``` | ||||
|  | ||||
| This setup can be used in combination with an image which runs the | ||||
| Certbot certificate renewal process *and* Nginx to do TLS termination. The | ||||
| default reverse proxy is mostly an example; it publishes on | ||||
| [http://localhost:8080/](http://localhost:8080/). | ||||
|  | ||||
| An example of such an image can be found at | ||||
| [https://github.com/jonasalfredsson/docker-nginx-certbot](https://github.com/jonasalfredsson/docker-nginx-certbot), | ||||
| which is published on Docker Hub as | ||||
| [jonasal/nginx-certbot](https://hub.docker.com/r/jonasal/nginx-certbot). | ||||
|  | ||||
| **Upgrade note** When upgrading this setup, please remove the volume ending | ||||
| in `_lsmbdata` before starting the upgraded containers. Without that, the | ||||
| webcontent won't be upgraded! E.g.: | ||||
|  | ||||
| ```plain | ||||
|   $ docker-compose \ | ||||
|       -f docker-compose.yml \ | ||||
|       -f docker-compose-reverseproxy.yml \ | ||||
|         rm -s -f -v && \ | ||||
|     docker volume rm ledgersmb-docker_lsmbdata && \ | ||||
|     docker-compose \ | ||||
|       -f docker-compose.yml \ | ||||
|       -f docker-compose-reverseproxy.yml \ | ||||
|         pull && \ | ||||
|     docker-compose \ | ||||
|       -f docker-compose.yml \ | ||||
|       -f docker-compose-reverseproxy.yml \ | ||||
|         up -d | ||||
| ``` | ||||
|  | ||||
| # Troubleshooting/Developing | ||||
|  | ||||
| @@ -173,11 +311,17 @@ and the startup & config script is /usr/bin/start.sh. | ||||
|  | ||||
| ## Issues | ||||
|  | ||||
| If you have any problems with or questions about this image or LedgerSMB, please contact us on the [mailing list](http://ledgersmb.org/topic/support/mailing-lists-rss-and-nntp-feeds) or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). | ||||
| If you have any problems with or questions about this image or LedgerSMB, | ||||
| please contact us on the [mailing list](http://ledgersmb.org/topic/support/mailing-lists-rss-and-nntp-feeds) | ||||
| or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). | ||||
|  | ||||
| You can also reach some of the official LedgerSMB maintainers via the `#ledgersmb` IRC channel on [Freenode](https://freenode.net), or on the bridged [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). The [Riot.im](https://riot.im/app/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. | ||||
| You can also reach some of the official LedgerSMB maintainers via the | ||||
| [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). | ||||
| The [Element](https://app.element.io/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. | ||||
|  | ||||
|  | ||||
| ## Contributing | ||||
|  | ||||
| You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. | ||||
| You are invited to contribute new features, fixes, or updates, large or small; | ||||
| we are always thrilled to receive pull requests, and do our best to process | ||||
| them as fast as we can. | ||||
|   | ||||
							
								
								
									
										36
									
								
								docker-compose-reverseproxy.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								docker-compose-reverseproxy.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| # Use this docker-compose file as: | ||||
| # | ||||
| #  docker-compose -f docker-compose.yml -f docker-compose-reverseproxy.yml up -d | ||||
| # | ||||
| # | ||||
| # This command creates one | ||||
| # compose 'project' consisting of three containers | ||||
| # | ||||
| #  1. The PostgreSQL data  container | ||||
| #  2. The LedgerSMB application container | ||||
| #  3. The Nginx reverse proxy container | ||||
| # | ||||
| # In addition to publishing LedgerSMB on port 5762 on localhost, | ||||
| # this project also publishes Nginx's reverse proxied content on | ||||
| # port 8080 on localhost | ||||
|  | ||||
| version: "3.2" | ||||
| services: | ||||
|   proxy: | ||||
|     depends_on: | ||||
|       - lsmb | ||||
|     image: nginx:1-alpine | ||||
|     volumes: | ||||
|       - "lsmbdata:/srv/ledgersmb" | ||||
|       - "./nginx.conf:/etc/nginx/nginx.conf" | ||||
|     ports: | ||||
|       - "8080:8080" | ||||
|     # Comment the line below to stop the container from restarting on boot | ||||
|     # unless it was manually stopped | ||||
|     restart: unless-stopped | ||||
|   lsmb: | ||||
|     volumes: | ||||
|       - "lsmbdata:/srv/ledgersmb" | ||||
|  | ||||
| volumes: | ||||
|   lsmbdata: | ||||
| @@ -16,30 +16,46 @@ services: | ||||
|   # because that allows us to use the default hostname ("postgres") | ||||
|   # from the LedgerSMB configuration | ||||
|   postgres: | ||||
|     image: postgres:9.6-alpine | ||||
|     image: postgres:15-alpine | ||||
|     environment: | ||||
|       # Replace the password below for a secure setup | ||||
|       POSTGRES_PASSWORD: abc | ||||
|       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-abc} | ||||
|       PGDATA: /var/lib/postgresql/data/pgdata | ||||
|     networks: | ||||
|       - internal | ||||
|     volumes: | ||||
|       - "pgdata:/var/lib/postgresql/data" | ||||
|     # Comment the line below to stop the container from restarting on boot | ||||
|     # unless it was manually stopped | ||||
|     restart: unless-stopped | ||||
|   lsmb: | ||||
|     depends_on: | ||||
|       - postgres | ||||
|     image: ledgersmb/ledgersmb:1.6 | ||||
|     image: ghcr.io/ledgersmb/ledgersmb:1.11 | ||||
|       # In order to store the configuration outside the image, allowing it to | ||||
|       # be edited between container restarts, uncomment the section below and | ||||
|       # change the 'source' to the directory where you want the configuration | ||||
|       # to be stored. | ||||
|     # volumes: | ||||
|     #   # Override all configuration: | ||||
|     #   - type: bind | ||||
|     #     source: /home/ledgersmb/conf | ||||
|     #     target: /srv/ledgersmb/local/conf | ||||
|     #   # Add a snippet of configuration: | ||||
|     #   - type: bind | ||||
|     #     source: /home/ledgersmb/conf/ledgersmb.100.yaml | ||||
|     #     target: /srv/ledgersmb/local/conf/ledgersmb.100.yaml | ||||
|     networks: | ||||
|       - internal | ||||
|       - default | ||||
|     # Uncomment the 'ports' section to map the LedgerSMB container port (5762) | ||||
|     #  to the host's port of the same number, thus making LedgerSMB | ||||
|     # Comment the 'ports' section to disable mapping the LedgerSMB container port (5762) | ||||
|     #  to the host's port of the same number. Mapping "5762:5762" makes LedgerSMB | ||||
|     #  available on http://<host-dns-or-ip>:5762/ | ||||
|     #     SECURITY NOTE: Do this for evaluation purposes only! | ||||
|     #       In production, be sure to use SSL/TLS to protect user's passwords | ||||
|     #       and other sensitive data | ||||
|     # ports: | ||||
|     #   - "5762:5762" | ||||
|     #     SECURITY NOTE:  Leave this uncommented for evaluation purposes only! | ||||
|     #       In production, be sure to use SSL/TLS (such as by reverse proxying) to protect  | ||||
|     #       user's passwords and other sensitive data | ||||
|     ports: | ||||
|       - "5762:5762" | ||||
|     environment: | ||||
|       # The LSMB_WORKERS environment variable lets you select the number | ||||
|       # of processes serving HTTP requests. The default number of 2 workers | ||||
| @@ -47,17 +63,29 @@ services: | ||||
|       # improve the performance experience, increase memory and the | ||||
|       # number of workers | ||||
|       # | ||||
|       LSMB_WORKERS: 2 | ||||
|       LSMB_WORKERS: ${LSMB_WORKERS:-5} | ||||
|       # | ||||
|       # | ||||
|       # SSMTP_ROOT: | ||||
|       # SSMTP_HOSTNAME: | ||||
|       # SSMTP_MAILHUB: | ||||
|       # SSMTP_AUTH_USER: | ||||
|       # SSMTP_AUTH_PASS: | ||||
|       # SSMTP_AUTH_METHOD: | ||||
|       # SSMTP_USE_STARTTLS: | ||||
|       # SSMTP_FROMLINE_OVERRIDE: | ||||
|  | ||||
|       # LSMB_MAIL_SMTPHOST: | ||||
|       # LSMB_MAIL_SMTPPORT: | ||||
|       # LSMB_MAIL_SMTPTLS: | ||||
|       # LSMB_MAIL_SMTPSENDER_HOSTNAME: | ||||
|       # LSMB_MAIL_SMTPUSER: | ||||
|       # LSMB_MAIL_SMTPPASS: | ||||
|       # LSMB_MAIL_SMTPAUTHMECH: | ||||
|       # | ||||
|       # | ||||
|       # The PROXY_IP environment variable lets you set the IP address | ||||
|       # (range) of the reverse proxy used for TLS termination, which forwards | ||||
|       # its requests to this container. When this reverse proxy runs on the | ||||
|       # Docker host, the default below applies. In case the reverse proxy is | ||||
|       # hosted in a separate container, this setting needs to be adjusted. | ||||
|       # | ||||
|       # PROXY_IP: 172.17.0.1/12 | ||||
|     # Comment the line below to stop the container from restarting on boot | ||||
|     # unless it was manually stopped | ||||
|     restart: unless-stopped | ||||
|  | ||||
| # having the dbdata volume is required to persist our | ||||
| # data between PostgreSQL container updates; without | ||||
|   | ||||
							
								
								
									
										81
									
								
								nginx.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										81
									
								
								nginx.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,81 @@ | ||||
| # This is a full (minimal) nginx configuration file | ||||
|  | ||||
| error_log /dev/stderr info; | ||||
| pid /tmp/nginx.pid; | ||||
| worker_processes 1; | ||||
|  | ||||
| events { | ||||
|    worker_connections 1024; | ||||
| } | ||||
|  | ||||
| http { | ||||
|    client_body_temp_path /tmp/client_body; | ||||
|    proxy_temp_path /tmp/proxy_temp; | ||||
|    fastcgi_temp_path /tmp/fastcgi_temp; | ||||
|    scgi_temp_path /tmp/scgi_temp; | ||||
|    uwsgi_temp_path /tmp/uwsgi_temp; | ||||
|  | ||||
|    sendfile on; | ||||
|    tcp_nopush on; | ||||
|    tcp_nodelay on; | ||||
|    keepalive_timeout 65; | ||||
|    types_hash_max_size 2048; | ||||
|    include /etc/nginx/mime.types; | ||||
|    default_type application/octet-stream; | ||||
|  | ||||
|    access_log /dev/stdout; | ||||
|    error_log /dev/stderr info; | ||||
|  | ||||
|    gzip off; | ||||
|    gzip_static on; | ||||
|  | ||||
|    server { | ||||
|       listen 8080 default_server; | ||||
|       listen [::]:8080 default_server ipv6only=on; | ||||
|  | ||||
|       root /srv/ledgersmb/UI; | ||||
|  | ||||
|       access_log /dev/stdout; | ||||
|       error_log /dev/stderr info; | ||||
|  | ||||
|       # Don't log status polls | ||||
|       location /nginx_status { | ||||
|                stub_status on; | ||||
|                access_log off; | ||||
|                allow 127.0.0.1; | ||||
|                allow ::1; | ||||
|                deny all; | ||||
|       } | ||||
|  | ||||
|       # Configuration files don't exist | ||||
|       location ^~ \.conf$ { | ||||
|          return 404; | ||||
|       } | ||||
|  | ||||
|       # 'Hidden' files don't exist | ||||
|       location ~ /\. { | ||||
|          return 404; | ||||
|       } | ||||
|  | ||||
|       location = / { | ||||
|          return 301 /login.pl; | ||||
|       } | ||||
|  | ||||
|       # JS & CSS | ||||
|       location ~* \.(js|css)$ { | ||||
|          add_header Pragma "public"; | ||||
|          add_header Cache-Control "public, must-revalidate, proxy-revalidate"; # Production | ||||
|          expires     7d; # Indicate that the resource can be cached for 1 week # Production | ||||
|          try_files $uri =404; | ||||
|       } | ||||
|  | ||||
|       location / { | ||||
|          proxy_set_header        Host $host; | ||||
|          proxy_set_header        X-Real-IP $remote_addr; | ||||
|          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for; | ||||
|          proxy_set_header        X-Forwarded-Proto $scheme; | ||||
|          proxy_read_timeout      300; | ||||
|          proxy_pass              http://lsmb:5762; | ||||
|       } | ||||
|    } | ||||
| } | ||||
							
								
								
									
										190
									
								
								start.sh
									
									
									
									
									
								
							
							
						
						
									
										190
									
								
								start.sh
									
									
									
									
									
								
							| @@ -1,49 +1,169 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| update_ssmtp.sh | ||||
| cd /srv/ledgersmb | ||||
| [[ -d ./local/conf/ ]] || mkdir ./local/conf/ | ||||
| if [[ -n "$SSMTP_ROOT" ]]; then | ||||
|     echo "\$SSMTP_ROOT set; parameter is deprecated and will be ignored" | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_FROMLINE_OVERRIDE" ]]; then | ||||
|     echo "\$SSMTP_FROMLINE_OVERRIDE set; parameter is deprecated and will be ignored" | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_MAILHUB" ]]; then | ||||
|     echo "\$SSMTP_MAILHUB set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPHOST" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPHOST setting from \$SSMTP_MAILHUB" | ||||
|         LSMB_MAIL_SMTPHOST=${SSMTP_MAILHUB%:*} | ||||
|     fi | ||||
|     if [[ -z "$LSMB_MAIL_SMTPPORT" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPPORT setting from \$SSMTP_MAILHUB" | ||||
|         LSMB_MAIL_SMTPPORT=${SSMTP_MAILHUB#*:} | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_HOSTNAME" ]]; then | ||||
|     echo "\$SSMTP_HOSTNAME set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_HOSTNAME" | ||||
|         LSMB_MAIL_SMTPSENDER_HOSTNAME=$SSMTP_HOSTNAME | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_USE_STARTTLS" ]]; then | ||||
|     echo "\$SSMTP_USE_STARTTLS set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPTLS" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_USE_STARTTLS" | ||||
|         LSMB_MAIL_SMTPTLS=$SSMTP_USE_STARTTLS | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_AUTH_USER" ]]; then | ||||
|     echo "\$SSMTP_AUTH_USER set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPUSER" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPUSER setting from \$SSMTP_AUTH_USER" | ||||
|         LSMB_MAIL_SMTPUSER=$SSMTP_AUTH_USER | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_AUTH_PASS" ]]; then | ||||
|     echo "\$SSMTP_AUTH_PASS set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPPASS" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPPASS setting from \$SSMTP_AUTH_PASS" | ||||
|         LSMB_MAIL_SMTPPASS=$SSMTP_AUTH_PASS | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_AUTH_METHOD" ]]; then | ||||
|     echo "\$SSMTP_AUTH_METHOD set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPAUTHMECH" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPAUTHMECH setting from \$SSMTP_AUTH_METHOD" | ||||
|         LSMB_MAIL_SMTPAUTHMECH=$SSMTP_AUTH_METHOD | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
|  | ||||
| if [[ ! -f ledgersmb.conf ]]; then | ||||
|   cat <<EOF >/tmp/ledgersmb.conf | ||||
| [main] | ||||
| cache_templates = 1 | ||||
| if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then | ||||
|     echo "!!! DEPRECATED \$SSMTP_* PARAMETERS WILL BE REMOVED in the 1.9 image!!!" | ||||
| fi | ||||
|  | ||||
| [database] | ||||
| host = $POSTGRES_HOST | ||||
| port = $POSTGRES_PORT | ||||
| default_db = $DEFAULT_DB | ||||
| if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then | ||||
|   cat <<EOF >./local/conf/ledgersmb.yaml | ||||
| paths: | ||||
|   \$class: Beam::Wire | ||||
|   config: | ||||
|     UI: ./UI/ | ||||
|     UI_cache: lsmb_templates/ | ||||
|  | ||||
| [mail] | ||||
| sendmail   = /usr/sbin/ssmtp | ||||
| db: | ||||
|   \$class: LedgerSMB::Database::Factory | ||||
|   connect_data: | ||||
|     host: ${POSTGRES_HOST:-postgres} | ||||
|     port: ${POSTGRES_PORT:-5432} | ||||
|  | ||||
| mail: | ||||
|   transport: | ||||
|     \$class: LedgerSMB::Mailer::TransportSMTP | ||||
|     tls: $LSMB_MAIL_SMTPTLS | ||||
|  | ||||
| miscellaneous: | ||||
|   \$class: Beam::Wire | ||||
|   config: | ||||
|     proxy_ip: ${PROXY_IP:-172.17.0.1/12} | ||||
|  | ||||
| ui: | ||||
|   class: LedgerSMB::Template::UI | ||||
|   method: new_UI | ||||
|   lifecycle: eager | ||||
|   args: | ||||
|     cache: | ||||
|       \$ref: paths/UI_cache | ||||
|     root: | ||||
|       \$ref: paths/UI | ||||
| EOF | ||||
|   export LSMB_CONFIG_FILE='/tmp/ledgersmb.conf' | ||||
|  | ||||
|   if [[ -n "$LSMB_MAIL_SMTPHOST" ]] | ||||
|   then | ||||
|       if [[ "$LSMB_MAIL_SMTPHOST" == "__CONTAINER_GATEWAY__" ]] | ||||
|       then | ||||
|          LSMB_MAIL_SMTPHOST="$(ip route | awk '/default/ { print $3 }')" | ||||
|          export LSMB_MAIL_SMTPHOST | ||||
|       fi | ||||
|  | ||||
|       cat <<EOF >./local/conf/ledgersmb.000.yaml | ||||
| mail: | ||||
|   transport: | ||||
|     host: $LSMB_MAIL_SMTPHOST | ||||
| EOF | ||||
|   fi | ||||
|  | ||||
|   if [[ -n "$LSMB_MAIL_SMTPPORT" ]] | ||||
|   then | ||||
|       cat <<EOF >./local/conf/ledgersmb.001.yaml | ||||
| mail: | ||||
|   transport: | ||||
|     port: $LSMB_MAIL_SMTPPORT | ||||
| EOF | ||||
|   fi | ||||
|  | ||||
|   if [[ -n "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]] | ||||
|   then | ||||
|       cat <<EOF >./local/conf/ledgersmb.002.yaml | ||||
| mail: | ||||
|   transport: | ||||
|     helo: $LSMB_MAIL_SMTPSENDER_HOSTNAME | ||||
| EOF | ||||
|   fi | ||||
|  | ||||
|   if [[ -n "$LSMB_MAIL_SMTPUSER" ]] | ||||
|   then | ||||
|       cat <<EOF >./local/conf/ledgersmb.003.yaml | ||||
| mail: | ||||
|   transport: | ||||
|     sasl_password: '' | ||||
|     sasl_username: | ||||
|       \$class: Authen::SASL | ||||
|       mechanism: $LSMB_MAIL_SMTPAUTHMECH | ||||
|       callback: | ||||
|         user: $LSMB_MAIL_SMTPUSER | ||||
|         pass: $LSMB_MAIL_SMTPPASS | ||||
| EOF | ||||
|   fi | ||||
| fi | ||||
|  | ||||
| if [ ! -f "/tmp/ledgersmb" ]; then | ||||
|   mkdir /tmp/ledgersmb | ||||
| fi | ||||
| # Currently unmaintained/untested | ||||
| # if [ ! -z ${CREATE_DATABASE+x} ]; then | ||||
| #   perl tools/dbsetup.pl --company $CREATE_DATABASE \ | ||||
| #   --host $POSTGRES_HOST \ | ||||
| #   --postgres_password "$POSTGRES_PASS" | ||||
| #fi | ||||
|  | ||||
| # Needed for modules loaded by cpanm | ||||
| export PERL5LIB | ||||
|  | ||||
| for PerlLib in /usr/lib/perl5* /usr/local/lib/perl5*/site_perl/* ; do | ||||
|     [[ -d "$PerlLib" ]] && { | ||||
|         PERL5LIB="$PerlLib"; | ||||
|         echo -e "\tmaybe: $PerlLib"; | ||||
|     } | ||||
| done ; | ||||
| echo "Selected PERL5LIB=$PERL5LIB"; | ||||
|  | ||||
| # start ledgersmb | ||||
| # --preload-app allows application initialization to kill the entire | ||||
| # starman instance (instead of just the worker, which will immediately | ||||
| # get restarted); it also has a positive effect on memory use | ||||
| # get restarted) on error; it also has a positive effect on memory use | ||||
|  | ||||
| exec starman --port 5762 --workers ${LSMB_WORKERS:-5} --preload-app bin/ledgersmb-server.psgi | ||||
| LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml} | ||||
| export LSMB_CONFIG_FILE | ||||
| echo '--------- LEDGERSMB CONFIGURATION:  ledgersmb.conf' | ||||
| cat ${LSMB_CONFIG_FILE} | ||||
| echo '--------- LEDGERSMB CONFIGURATION --- END' | ||||
|  | ||||
| # ':5762:' suppresses an uninitialized variable warning in starman | ||||
| # the last colon means "don't connect using tls"; without it, there's a warning | ||||
| exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} \ | ||||
|              -I lib -I old/lib \ | ||||
|              --preload-app bin/ledgersmb-server.psgi | ||||
|   | ||||
| @@ -1,18 +0,0 @@ | ||||
| #!/bin/bash | ||||
| ConfiguredComment='# install script update_ssmtp.sh has configured ssmtp' | ||||
| grep -qc "$ConfiguredComment" /etc/ssmtp/ssmtp.conf && { | ||||
|     echo "smtp configured." | ||||
|     exit | ||||
| } | ||||
|  | ||||
| sed -i \ | ||||
|     -e "s/\(root=\).*\$/\1$SSMTP_ROOT/g" \ | ||||
|     -e "s/\(mailhub=\).*\$/\1$SSMTP_MAILHUB/g" \ | ||||
|     -e "s/\(hostname=\).*\$/\1$SSMTP_HOSTNAME/g" \ | ||||
|     /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_USE_STARTTLS" ] || echo "UseSTARTTLS=$SSMTP_USE_STARTTLS" >> /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_AUTH_USER" ] || echo "AuthUser=$SSMTP_AUTH_USER" >> /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_AUTH_PASS" ] || echo "AuthPass=$SSMTP_AUTH_PASS" >> /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_AUTH_METHOD" ] || echo "AuthMethod=$SSMTP_AUTH_METHOD" >> /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_FROMLINE_OVERRIDE" ] || echo "FromLineOverride=$SSMTP_FROMLINE_OVERRIDE" >> /etc/ssmtp/ssmtp.conf | ||||
| echo "$ConfiguredComment" >> /etc/ssmtp/ssmtp.conf | ||||
		Reference in New Issue
	
	Block a user