mirror of
				https://github.com/ledgersmb/ledgersmb-docker.git
				synced 2025-10-20 11:10:30 -04:00 
			
		
		
		
	Compare commits
	
		
			284 Commits
		
	
	
		
			1.7.0-beta
			...
			1.12.13
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | 2ed65fd331 | ||
|  | 8227099206 | ||
|  | 3a28ec4f27 | ||
|  | ac608a9d7e | ||
|  | f0f7676e30 | ||
|  | 85871e77fd | ||
|  | 4f9af73c13 | ||
|  | 87baa6c4b3 | ||
|  | 1ec5bf1ef4 | ||
|  | 987ff7e540 | ||
|  | f311ceeb80 | ||
|  | 12e8cfa41b | ||
|  | 7c54656362 | ||
|  | 6dd3c079fe | ||
|  | a60308f288 | ||
|  | c2475afab5 | ||
|  | 20bf57b4f8 | ||
|  | 942b098a7f | ||
|  | 50cdfc2145 | ||
|  | 6c1602051f | ||
|  | 7e937b8e8c | ||
|  | 86885f20f7 | ||
|  | 7af784a491 | ||
|  | d2b7939206 | ||
|  | 5226a66d35 | ||
|  | 40a2a27902 | ||
|  | 880df4b5ad | ||
|  | 1cd90e0e57 | ||
|  | 99161642eb | ||
|  | 90af6cd03f | ||
|  | 7cea8cfb8d | ||
|  | 5670f5760f | ||
|  | 4fb8f0fba8 | ||
|  | e329f0617a | ||
|  | ac2d4a8ae3 | ||
|  | e254cb705c | ||
|  | 5849b64fde | ||
|  | 791df8fd1f | ||
|  | 5110bfcbbc | ||
|  | c3f046baa9 | ||
|  | d78e166553 | ||
|  | 5a1fd390f1 | ||
|  | d5661d029f | ||
|  | 88c84967b9 | ||
|  | 3fec7b91b1 | ||
|  | 6d6ca05eb1 | ||
|  | b39d64964c | ||
|  | f697bb6b50 | ||
|  | dc4c2cf97a | ||
|  | 83fb7a4fde | ||
|  | 0dc6e65c51 | ||
|  | 51d1d1da0f | ||
|  | 9f7a4d1f8d | ||
|  | 7f3a3467f8 | ||
|  | 91a985bc31 | ||
|  | 413a63161c | ||
|  | 7f7aa41a27 | ||
|  | 6f4d5cba73 | ||
|  | 3f3ca9dd7f | ||
|  | 5d1823f88a | ||
|  | 81a38b3040 | ||
|  | 93c7b4c77e | ||
|  | 096350ad7b | ||
|  | 9cc752a0ff | ||
|  | 7a17a8630f | ||
|  | ee863b6f3d | ||
|  | eba882d12a | ||
|  | 016deec433 | ||
|  | 0f7242d559 | ||
|  | 59192ffd20 | ||
|  | 4ff785d101 | ||
|  | c7d22e2b6e | ||
|  | aa1cdc2dca | ||
|  | 1d1e029a71 | ||
|  | 06941025cd | ||
|  | 723202b5c4 | ||
|  | 59a542afc8 | ||
|  | 5b098c7b49 | ||
|  | 71e067d0a7 | ||
|  | 9f4b6b8580 | ||
|  | 3177ab415e | ||
|  | 7a2e6174a5 | ||
|  | c9b8719897 | ||
|  | deeecbcdf1 | ||
|  | e41eefd1c0 | ||
|  | b247132333 | ||
|  | 82fdc70f05 | ||
|  | 16e22ab5b6 | ||
|  | 2fd0e3a899 | ||
|  | 2c6e26e41c | ||
|  | 8abfb47e09 | ||
|  | c139863c85 | ||
|  | cad89f842c | ||
|  | dffd342880 | ||
|  | 3230ac320c | ||
|  | 9e0957127b | ||
|  | 6b4fd9c831 | ||
|  | 68461e62b0 | ||
|  | 6779e82743 | ||
|  | 6dfa51e6bf | ||
|  | 3edc3bfa83 | ||
|  | 6e2097eb2a | ||
|  | 2b2c2a86a7 | ||
|  | 2e703cf3b9 | ||
|  | 889fed85c9 | ||
|  | 3fd89bf933 | ||
|  | 2fd4d25b06 | ||
|  | 92483d9b69 | ||
|  | a7a1412cbd | ||
|  | 8974109e48 | ||
|  | 16b55ab3b4 | ||
|  | 0fabba4a66 | ||
|  | 6471736148 | ||
|  | c8368ce921 | ||
|  | 1806b8003b | ||
|  | d9163c1e65 | ||
|  | 9e88db52d9 | ||
|  | 230a7ddfae | ||
|  | 3a86482a97 | ||
|  | ae0cea34b3 | ||
|  | f37678c275 | ||
|  | b28f5b693b | ||
|  | 1f20ab08f1 | ||
|  | 34937fbd4f | ||
|  | c6968b5397 | ||
|  | 5168936493 | ||
|  | 49a448c732 | ||
|  | 27b3e40e72 | ||
|  | 6593d58698 | ||
|  | 5a7ec0a2ed | ||
|  | 236a25b767 | ||
|  | 943fa166e8 | ||
|  | a678ae39a0 | ||
|  | 3d12e4351d | ||
|  | ccd90f04a4 | ||
|  | 4d316f9019 | ||
|  | 71f876a253 | ||
|  | ab00872e02 | ||
|  | 483a1110ff | ||
|  | a2a625d193 | ||
|  | f10924cae9 | ||
|  | c13d20651c | ||
|  | 7771b8c03b | ||
|  | 1ba89cef50 | ||
|  | d7ad535199 | ||
|  | ac2553ea17 | ||
|  | 0205b40bd2 | ||
|  | 84130b47f3 | ||
|  | d27017e309 | ||
|  | f3420feb36 | ||
|  | 82445543de | ||
|  | 99a21f8e7d | ||
|  | 74aa2920da | ||
|  | 821d59fb79 | ||
|  | 409aeefd56 | ||
|  | 2608ff28bb | ||
|  | 9adee2d1ba | ||
|  | 89f9f5e449 | ||
|  | 77a6985f29 | ||
|  | f2a0c60b94 | ||
|  | b9c316569d | ||
|  | 907fc363af | ||
|  | 40ab4edab4 | ||
|  | dd6c18c5a6 | ||
|  | fe2ae210a2 | ||
|  | f8ef55726d | ||
|  | 05b8961242 | ||
|  | 385dd60c3f | ||
|  | 001e98ed38 | ||
|  | 1eb854f2d6 | ||
|  | 878111e7cd | ||
|  | 18980a353f | ||
|  | 46637422ee | ||
|  | ba202372fa | ||
|  | 3197f4feab | ||
|  | 46a5386e54 | ||
|  | 6122921674 | ||
|  | db957f3880 | ||
|  | 7e059e5dc1 | ||
|  | 421c153249 | ||
|  | 1f40452e92 | ||
|  | 98c38f998a | ||
|  | 6d3b30720c | ||
|  | aa66d87e15 | ||
|  | e06638b048 | ||
|  | d71609cae1 | ||
|  | 8bc4fd8583 | ||
|  | 52fdf5b65e | ||
|  | 29abd11efd | ||
|  | e9edcaf9ae | ||
|  | 3a74802fe1 | ||
|  | 1b9701511e | ||
|  | 1ff4cc42c3 | ||
|  | 26b679fe7d | ||
|  | 82e2dd4839 | ||
|  | 4cb2cad5c1 | ||
|  | c5c0575c94 | ||
|  | b4ed837573 | ||
|  | fae1cd333e | ||
|  | 75f3dfd642 | ||
|  | 5afb58f246 | ||
|  | a5d89bc9fe | ||
|  | b8795c4811 | ||
|  | b828cffad3 | ||
|  | 36bc6d5ffc | ||
|  | 59be4f4afa | ||
|  | f898c2bb63 | ||
|  | c2573f6a7e | ||
|  | 38ab58e93a | ||
|  | d45d0a7182 | ||
|  | d640f5e6a0 | ||
|  | d7c3bd6038 | ||
|  | 9c2c5a20c6 | ||
|  | ebb6a521ef | ||
|  | 058848a29a | ||
|  | a0053b33b6 | ||
|  | a5ca6aa894 | ||
|  | c616d6f8ab | ||
|  | f69a36a5d3 | ||
|  | dbed029289 | ||
|  | dfa82a63bf | ||
|  | 9353e8187f | ||
|  | a1ea9d9895 | ||
|  | 0f8af754bd | ||
|  | da48259b68 | ||
|  | 774e6ef6e2 | ||
|  | 0d8517ebc4 | ||
|  | f7cfcc72ec | ||
|  | 847efed2d0 | ||
|  | 9d5b62b6bb | ||
|  | e23e85fea8 | ||
|  | c4a1a6f1cc | ||
|  | 90764650c5 | ||
|  | 795fdf3f95 | ||
|  | 6cceef46f6 | ||
|  | e29aa14d57 | ||
|  | a22ed7ac49 | ||
|  | 1f1df000b8 | ||
|  | fe867c9925 | ||
|  | 9ff64318ab | ||
|  | 46ae598da0 | ||
|  | 1387c10fd1 | ||
|  | cbb3a0d843 | ||
|  | 0e41af2b67 | ||
|  | a30d23bbb6 | ||
|  | e10bd36b80 | ||
|  | 1a56d1523d | ||
|  | aa260dcec9 | ||
|  | 402f541a5e | ||
|  | 9499b6ffc1 | ||
|  | d0384889a8 | ||
|  | 2d4bb886f8 | ||
|  | 8e3f80f65f | ||
|  | cd29bd895f | ||
|  | 42e6eb783e | ||
|  | 09cf2e16b7 | ||
|  | 2a5dff2dd7 | ||
|  | e2bf781058 | ||
|  | 1148c219ec | ||
|  | e5c6072505 | ||
|  | 728840ce4c | ||
|  | 5f45abdf2d | ||
|  | 8afea54d65 | ||
|  | 326790de44 | ||
|  | c4a5359b25 | ||
|  | 79be91758b | ||
|  | 4706963a2b | ||
|  | 2c22bd6bbb | ||
|  | d3897c8439 | ||
|  | 6d4d4fa927 | ||
|  | 8f911b4d3e | ||
|  | 60af8d5d49 | ||
|  | 2bf51fb145 | ||
|  | 6e41334061 | ||
|  | f3f924eab9 | ||
|  | e456434514 | ||
|  | 71de84bd9e | ||
|  | 262bf6e1f4 | ||
|  | fdd2eed8a6 | ||
|  | 76c35fa0d5 | ||
|  | dc0770e367 | ||
|  | 3839f3b105 | ||
|  | 9839ceaa2b | ||
|  | 48f1e0d7bb | 
							
								
								
									
										18
									
								
								.github/workflows/images-cleanup.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								.github/workflows/images-cleanup.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,18 @@ | ||||
| name: Docker Image cleanup | ||||
|  | ||||
| on: | ||||
|   push: | ||||
|   workflow_dispatch: | ||||
|   schedule: | ||||
|     # Schedule for five minutes after the hour, every Friday | ||||
|     - cron: '10 3 * * 5' | ||||
|  | ||||
| jobs: | ||||
|   cleanup: | ||||
|     if: github.repository_owner == 'ledgersmb' | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|     - name: ghcr.io cleanup action | ||||
|       uses: dataaxiom/ghcr-cleanup-action@v1 | ||||
|       with: | ||||
|         packages: ledgersmb | ||||
							
								
								
									
										26
									
								
								.github/workflows/no-response.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										26
									
								
								.github/workflows/no-response.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,26 @@ | ||||
| name: No Response | ||||
|  | ||||
| # Both `issue_comment` and `scheduled` event types are required for this Action | ||||
| # to work properly. | ||||
| on: | ||||
|   issue_comment: | ||||
|     types: [created] | ||||
|   schedule: | ||||
|     # Schedule for five minutes after the hour, every hour | ||||
|     - cron: '5 3 * * *' | ||||
|  | ||||
| jobs: | ||||
|   noResponse: | ||||
|     if: github.repository_owner == 'ledgersmb' | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: actions/stale@v9 | ||||
|         with: | ||||
|           days-before-issue-stale: -1 | ||||
|           days-before-pr-stale: -1 | ||||
|           stale-issue-label: waiting-for-user | ||||
|           # Number of days of inactivity before an Issue is closed for lack of response | ||||
|           days-before-close: 90 | ||||
|           # Label requiring a response | ||||
|           close-issue-message: > | ||||
|             Closing: more than 90 days without user response. Feel free to reopen with your comments. | ||||
							
								
								
									
										178
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										178
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -1,76 +1,138 @@ | ||||
| FROM        perl:5 | ||||
| MAINTAINER  Freelock john@freelock.com | ||||
|  | ||||
| # Install Perl, Tex, Starman, psql client, and all dependencies | ||||
| RUN DEBIAN_FRONTENT=noninteractive && \ | ||||
|   apt-get update && apt-get -y install \ | ||||
|   git \ | ||||
|   libdatetime-perl libdbi-perl libdbd-pg-perl \ | ||||
|   libcgi-simple-perl libtemplate-perl libmime-lite-perl \ | ||||
|   liblocale-maketext-lexicon-perl libtest-exception-perl \ | ||||
|   libtest-trap-perl liblog-log4perl-perl libmath-bigint-gmp-perl \ | ||||
|   libfile-mimeinfo-perl libtemplate-plugin-number-format-perl \ | ||||
|   libdatetime-format-strptime-perl libconfig-general-perl \ | ||||
|   libdatetime-format-strptime-perl libio-stringy-perl libmoose-perl \ | ||||
|   libconfig-inifiles-perl libnamespace-autoclean-perl \ | ||||
|   libcarp-always-perl libjson-perl \ | ||||
|   libtemplate-plugin-latex-perl texlive-latex-recommended \ | ||||
|   libnet-tclink-perl \ | ||||
|   libxml-twig-perl \ | ||||
|   starman \ | ||||
|   postgresql-client-9.4 \ | ||||
|   ssmtp | ||||
|  | ||||
| # Nodejs for doing Dojo build | ||||
| RUN curl -sL https://deb.nodesource.com/setup_6.x | bash - && \ | ||||
|     apt-get install -y nodejs | ||||
|  | ||||
| # Java is required for closure compiler in Dojo build | ||||
| RUN DEBIAN_FRONTENT=noninteractive && apt-get install -y openjdk-7-jre | ||||
|  | ||||
| # Build time variables | ||||
| ENV LSMB_VERSION 1.5.0-beta-5 | ||||
|  | ||||
| # Install LedgerSMB | ||||
| RUN cd /srv && \ | ||||
|   git clone --recursive -b master https://github.com/ledgersmb/LedgerSMB.git ledgersmb | ||||
| ARG SRCIMAGE=debian:bookworm-slim | ||||
|  | ||||
|  | ||||
| FROM  $SRCIMAGE AS builder | ||||
|  | ||||
| ARG LSMB_VERSION="1.12.13" | ||||
| ARG LSMB_DL_DIR="Releases" | ||||
| ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" | ||||
|  | ||||
|  | ||||
| RUN set -x ; \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y dist-upgrade && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install dh-make-perl libmodule-cpanfile-perl git wget && \ | ||||
|   apt-file update | ||||
|  | ||||
| RUN set -x ; \ | ||||
|   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "$ARTIFACT_LOCATION" && \ | ||||
|   tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ | ||||
|   rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ | ||||
|   cd /srv/ledgersmb && \ | ||||
|   ( ( for lib in $( cpanfile-dump --with-all-features --recommends --no-configure --no-build --no-test ) ; \ | ||||
|     do \ | ||||
|       if dh-make-perl locate "$lib" 2>/dev/null ; \ | ||||
|       then  \ | ||||
|         : \ | ||||
|       else \ | ||||
|         echo no : $lib ; \ | ||||
|       fi ; \ | ||||
|     done ) | grep -v dh-make-perl | grep -v 'not found' | grep -vi 'is in Perl ' | cut -d' ' -f4 | sort | uniq | tee /srv/derived-deps ) && \ | ||||
|   cat /srv/derived-deps | ||||
|  | ||||
|  | ||||
| # | ||||
| # | ||||
| #  The real image build starts here | ||||
| # | ||||
| # | ||||
|  | ||||
|  | ||||
| FROM  $SRCIMAGE | ||||
| LABEL org.opencontainers.image.authors="LedgerSMB project <devel@lists.ledgersmb.org>" | ||||
| LABEL org.opencontainers.image.title="LedgerSMB double-entry accounting web-application" | ||||
| LABEL org.opencontainers.image.description="LedgerSMB is a full featured double-entry financial accounting and Enterprise\ | ||||
|  Resource Planning system accessed via a web browser (Perl/JS with a PostgreSQL\ | ||||
|  backend) which offers 'Accounts Receivable', 'Accounts Payable' and 'General\ | ||||
|  Ledger' tracking as well as inventory control and fixed assets handling. The\ | ||||
|  LedgerSMB client can be a web browser or a programmed API call. The goal of\ | ||||
|  the LedgerSMB project is to bring high quality ERP and accounting capabilities\ | ||||
|  to Small and Midsize Businesses." | ||||
|  | ||||
| ARG LSMB_VERSION="1.12.13" | ||||
| ARG LSMB_DL_DIR="Releases" | ||||
| ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz" | ||||
|  | ||||
|  | ||||
| ### PACKAGE REQUIREMENTS RATIONALE | ||||
| # | ||||
| # postgresql-client(from apt.postgresql.org): reduces chances running a newer server than this client | ||||
| # fonts-liberation: installed for compatibility with templates from 1.8 and earlier | ||||
|  | ||||
| COPY --from=builder /srv/derived-deps /tmp/derived-deps | ||||
|  | ||||
| RUN set -x ; \ | ||||
|   echo -n "APT::Install-Recommends \"0\";\nAPT::Install-Suggests \"0\";\n" >> /etc/apt/apt.conf && \ | ||||
|   mkdir -p /usr/share/man/man1/ && \ | ||||
|   mkdir -p /usr/share/man/man2/ && \ | ||||
|   mkdir -p /usr/share/man/man3/ && \ | ||||
|   mkdir -p /usr/share/man/man4/ && \ | ||||
|   mkdir -p /usr/share/man/man5/ && \ | ||||
|   mkdir -p /usr/share/man/man6/ && \ | ||||
|   mkdir -p /usr/share/man/man7/ && \ | ||||
|   mkdir -p /usr/share/man/man8/ && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y dist-upgrade && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install \ | ||||
|     wget ca-certificates gnupg iproute2 \ | ||||
|     $( cat /tmp/derived-deps ) \ | ||||
|     texlive-plain-generic texlive-latex-recommended texlive-fonts-recommended \ | ||||
|     texlive-xetex fonts-liberation \ | ||||
|     lsb-release postgresql-common && \ | ||||
|   /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install postgresql-client && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \ | ||||
|   wget --quiet -O /tmp/ledgersmb-$LSMB_VERSION.tar.gz "$ARTIFACT_LOCATION" && \ | ||||
|   tar -xzf /tmp/ledgersmb-$LSMB_VERSION.tar.gz --directory /srv && \ | ||||
|   rm -f /tmp/ledgersmb-$LSMB_VERSION.tar.gz && \ | ||||
|   cpanm --metacpan --notest \ | ||||
|     --with-feature=starman \ | ||||
|     --with-feature=latex-pdf-ps \ | ||||
|     --with-feature=openoffice \ | ||||
|     --installdeps /srv/ledgersmb/ && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get purge -q -y git cpanminus make gcc libperl-dev && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get autoremove -q -y && \ | ||||
|   DEBIAN_FRONTEND="noninteractive" apt-get clean -q && \ | ||||
|   rm -rf ~/.cpanm/ /var/lib/apt/lists/* /usr/share/man/* | ||||
|  | ||||
|  | ||||
| WORKDIR /srv/ledgersmb | ||||
|  | ||||
| # 1.5 requirements | ||||
| RUN cpanm --quiet --notest \ | ||||
|   --with-feature=starman \ | ||||
|   --with-feature=latex-pdf-ps \ | ||||
|   --with-feature=openoffice \ | ||||
|   --installdeps . | ||||
|  | ||||
| # Build dojo | ||||
| RUN make dojo | ||||
| # master requirements | ||||
|  | ||||
| # Configure outgoing mail to use host, other run time variable defaults | ||||
|  | ||||
| ## sSMTP | ||||
| ENV SSMTP_ROOT ar@example.com | ||||
| ENV SSMTP_MAILHUB 172.17.0.1 | ||||
| ENV SSMTP_HOSTNAME 172.17.0.1 | ||||
| #ENV SSMTP_USE_STARTTLS | ||||
| #ENV SSMTP_AUTH_USER | ||||
| #ENV SSMTP_AUTH_PASS | ||||
| ENV SSMTP_FROMLINE_OVERRIDE YES | ||||
| #ENV SSMTP_AUTH_METHOD | ||||
| ## MAIL | ||||
| # '__CONTAINER_GATEWAY__' is a magic value which will be substituted | ||||
| # with the actual gateway IP address | ||||
| ENV LSMB_MAIL_SMTPHOST=__CONTAINER_GATEWAY__ | ||||
| #ENV LSMB_MAIL_SMTPPORT=25 | ||||
| #ENV LSMB_MAIL_SMTPSENDER_HOSTNAME=(container hostname) | ||||
| #ENV LSMB_MAIL_SMTPTLS= | ||||
| #ENV LSMB_MAIL_SMTPUSER= | ||||
| #ENV LSMB_MAIL_SMTPPASS= | ||||
| #ENV LSMB_MAIL_SMTPAUTHMECH= | ||||
|  | ||||
| ENV POSTGRES_HOST postgres | ||||
| ## DATABASE | ||||
| ENV POSTGRES_HOST=postgres | ||||
| ENV POSTGRES_PORT=5432 | ||||
| ENV DEFAULT_DB=lsmb | ||||
|  | ||||
| COPY start.sh /usr/local/bin/start.sh | ||||
| COPY update_ssmtp.sh /usr/local/bin/update_ssmtp.sh | ||||
|  | ||||
| RUN chown www-data /etc/ssmtp /etc/ssmtp/ssmtp.conf && \ | ||||
|   chmod +x /usr/local/bin/update_ssmtp.sh /usr/local/bin/start.sh && \ | ||||
|   mkdir -p /var/www | ||||
| RUN chmod +x /usr/local/bin/start.sh && \ | ||||
|   mkdir -p /var/www && \ | ||||
|   mkdir -p /srv/ledgersmb/local/conf && \ | ||||
|   chown -R www-data /srv/ledgersmb/local | ||||
|  | ||||
| # Work around an aufs bug related to directory permissions: | ||||
| RUN mkdir -p /tmp && chmod 1777 /tmp | ||||
|  | ||||
| # Internal Port Expose | ||||
| EXPOSE 5762 | ||||
| #USER www-data | ||||
|  | ||||
| USER www-data | ||||
| CMD ["start.sh"] | ||||
|   | ||||
							
								
								
									
										326
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										326
									
								
								README.md
									
									
									
									
									
								
							| @@ -1,103 +1,329 @@ | ||||
| # ledgersmb-docker - EXPERIMENTAL | ||||
| # ledgersmb-docker | ||||
|  | ||||
| Dockerfile for LedgerSMB Docker image | ||||
|  | ||||
| This is a work in progress to make a docker image for running LedgerSMB. It should not be relied upon for production use! | ||||
| ## Content | ||||
|  | ||||
| # Supported tags and respective `Dockerfile` links | ||||
|  1. [Supported tags](#supported-tags) | ||||
|  2. [What is LedgerSMB](#what-is-ledgersmb) | ||||
|  3. [How to use this image](#how-to-use-this-image) | ||||
|  4. [Set up LedgerSMB](#set-up-ledgersmb) | ||||
|  5. [Updating the LedgerSMB container](#updating-the-ledgersmb-container) | ||||
|  6. [Environment Variables](#environment-variables) | ||||
|  7. [Advanced setup](#advanced-setup) | ||||
|  8. [Troubleshooting](#troubleshootingdeveloping) | ||||
|  9. [User feedback](#user-feedback) | ||||
|  | ||||
| -	`dev-master` - Master branch from git, unstable | ||||
| - `1.5`, `1.5.x` - Latest release tarball from 1.5 branch | ||||
| - `1.4`, `latest` - Latest tagged release of git 1.4 branch | ||||
| # Supported tags | ||||
|  | ||||
| - `1.12`, `1.12.x`, `latest` - Latest official release from the 1.12 branch | ||||
| - `1.11`, `1.11.x` - Latest official release from the 1.11 branch | ||||
| - `1.10`, `1.10.38` - Last official release from the 1.10 branch (End-of-Life) | ||||
| - `1.9`, `1.9.30` - Last official release from the 1.9 branch (End-of-Life) | ||||
| - `1.8`, `1.8.31` - Last official release from the 1.8 branch (End-of-Life) | ||||
| - `1.7`, `1.7.41` - Last official release from the 1.7 branch (End-of-Life) | ||||
| - `1.6`, `1.6.33` - Last official release from the 1.6 branch (End-of-Life) | ||||
| - `1.5`, `1.5.30` - Last official release from the 1.5 branch (End-of-Life) | ||||
| - `1.4`, `1.4.42` - Last official release from the 1.4 branch (End-of-Life) | ||||
| - `master` - Master branch from git, unstable | ||||
|  | ||||
| Containers supporting the development process are provided | ||||
| through the ledgersmb-dev-docker project. See [the development | ||||
| container's README](https://github.com/ledgersmb/ledgersmb-dev-docker/blob/master/README.md#getting-started) | ||||
| for more information. | ||||
|  | ||||
| # What is LedgerSMB? | ||||
| The LedgerSMB project's priority is to provide an extremely capable yet user-friendly accounting and ERP solution to small to mid-size businesses in all locales where there is interest in using the software. The focus on small to mid-size businesses offers an opportunity to provide a positive user experience in ways which are not present in larger organizations. LedgerSMB ought to strive to be both the ideal SMB accounting/ERP package and also a solution that a start-up will never outgrow. The goals mentioned above will help us provide this ideal solution by allowing us to focus both on technical architecture and on user experience. | ||||
|  | ||||
| LedgerSMB is a user-friendly accounting and ERP solution for small to | ||||
| mid-size businesses. It comes with support for many languages and support | ||||
| for different locales. | ||||
|  | ||||
| The project aims to be the solution a start-up never outgrows. | ||||
|  | ||||
|  | ||||
| # How is this image designed to be used? | ||||
|  | ||||
| This Docker image is built to provide a self-contained LedgerSMB instance. To be functional, you need to connect it to a running Postgres installation. The official Postgres container will work as is, if you link it to the LedgerSMB instance at startup, or you can provide environment variables to an appropriate Postgres server. | ||||
| This image is designed to be used in conjunction with a running PostgreSQL | ||||
| instance (such as may be provided through a separate image). | ||||
|  | ||||
| LedgerSMB provides an http interface built on Starman out of the box, listening on port 5762. We do not recommend exposing this port, because we strongly recommend encrypting all connections using SSL/TLS. For production use, we recommend running a web server configured with SSL, such as Nginx or Apache, and proxying connections to LedgerSMB. | ||||
| This image exposes port 5762 running a Starman HTTP application server. We | ||||
| do recommend not exposing this port publicly, because | ||||
|  | ||||
| The other services you will need to put this in production are an SMTP gateway (set environment variables for SSMTP at container startup) and optionally a local print server (e.g. CUPS) installation. The print service is not currently supported in this Docker image, but pull requests are welcomed ;-) | ||||
| 1. The Starman author recommends not exposing it | ||||
| 2. We strongly recommend TLS encryption of all application traffic | ||||
|  | ||||
| While the exposed port can be used for quick evaluation, it's recommended | ||||
| to add the TLS layer by applying Nginx or Apache as reverse proxy. | ||||
|  | ||||
| Enabling optional functionalities such as outgoing e-mail and printing | ||||
| could require additional setup of a mail service or CUPS printer service. | ||||
|  | ||||
| ❌ Do not use unofficial or AI-generated Docker Compose examples. These are often incomplete, break silently, or skip required services. | ||||
|  | ||||
| # How to use this image | ||||
|  | ||||
| ## Start a postgres instance | ||||
| This image can be installed either automatically with the Docker compose file | ||||
| or manually with docker only. | ||||
|  | ||||
| 	docker run --name some-postgres -e POSTGRES_PASSWORD=mysecretpassword -d postgres | ||||
| ## Docker-Compose: Installation and start | ||||
|  | ||||
| This image includes `EXPOSE 5432` (the postgres port), so standard container linking will make it automatically available to the linked containers. The default `postgres` user and database are created in the entrypoint with `initdb`. | ||||
| This repository provides a file named `docker-compose.yml` which can be used to | ||||
| pull related images, install them, establish an internal network for their | ||||
| communications, adjust environment variables, start and stop LedgerSMB. The | ||||
| only instructions required, after the optional edition of the file to adjust | ||||
| the environment variables, are: | ||||
|  | ||||
| > The postgres database is a default database meant for use by users, utilities and third party applications.   | ||||
| > [postgresql.org/docs](http://www.postgresql.org/docs/9.3/interactive/app-initdb.html) | ||||
| ```plain | ||||
|  $ docker-compose pull | ||||
|  $ docker-compose up -d | ||||
| ``` | ||||
|  | ||||
| ## Start LedgerSMB | ||||
| Or use the following to set a different password and/or parallel processing | ||||
| capacity (so called 'workers'): | ||||
|  | ||||
| 	docker run --name myledger --link some-postgres:postgres -d ledgersmb/ledgersmb | ||||
| ```plain | ||||
|  $ docker-compose pull | ||||
|  $ POSTGRES_PASSWORD=def \ | ||||
|    LSMB_WORKERS=10 \ | ||||
|    docker-compose up -d | ||||
| ``` | ||||
|  | ||||
| ## Set up LedgerSMB | ||||
| This will set up two containers: (1) a PostgreSQL container with persistent | ||||
| storage which is retained between container updates and (2) a LedgerSMB | ||||
| container configured to connect to the PostgreSQL container as its database | ||||
| server. Your LedgerSMB installation should now be accessible through | ||||
| [http://localhost:5762/](http://localhost:5762/). | ||||
|  | ||||
| Visit http://myledger:5762/setup.pl (you can forward port 5762 to the host machine, or lookup the IP address for the "myledger" container if running on localhost) | ||||
| The default number of workers is 5. The default database username and password | ||||
| are: | ||||
|  | ||||
| Log in with the "postgres" user and the password you set when starting up the Postgres container, and provide the name of a company database you want to create. | ||||
| ```plain | ||||
|    username: postgres | ||||
|    password: abc | ||||
| ``` | ||||
|  | ||||
| Once you have completed the setup, you have a fully functional LedgerSMB instance running! | ||||
| From here, follow the steps as detailed in the instructions for | ||||
| [preparing for first use](https://ledgersmb.org/content/preparing-ledgersmb-19-first-use). | ||||
|  | ||||
| Visit http://myledger:5762/login.pl to log in and get started. | ||||
| ## Manual installation | ||||
|  | ||||
| This section assumes availability of a PostgreSQL server to attach to the | ||||
| LedgerSMB image as the database server. | ||||
|  | ||||
| ### Start LedgerSMB | ||||
|  | ||||
| ```plain | ||||
|  $ docker run -d -p 5762:5762 --name myledger \ | ||||
|               -e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest | ||||
| ``` | ||||
|  | ||||
| This command maps port 5762 of your container to port 5762 in your host. The | ||||
| web application inside the container should now be accessible through | ||||
| http://localhost:5762/setup.pl and http://localhost:5762/login.pl. | ||||
|  | ||||
| Below are more variables which determine container configuration, | ||||
| like `POSTGRES_HOST` above. | ||||
|  | ||||
| # Set up LedgerSMB | ||||
|  | ||||
|  * Visit http://myledger:5762/setup.pl. | ||||
|  * Log in with the "postgres" user and the password `abc` as given above - | ||||
|    or with the credentials of your own database server in case of a manual | ||||
|    setup - and provide the name of a company (= database name) you want to | ||||
|    create. | ||||
|  * Go over the steps presented in the browser | ||||
|  | ||||
| Once you have completed the setup steps, you have a fully functional | ||||
| LedgerSMB instance running! | ||||
|  | ||||
| Visit http://localhost:5762/login.pl to log in and get started. | ||||
|  | ||||
| # Updating the LedgerSMB container | ||||
|  | ||||
| No persistant data is stored in the LedgerSMB container. All LedgerSMB data is stored in Postgres, so you can stop/destroy/run a new LedgerSMB container, and as long as you link it to the Postgres database, you should be able to pick up where you left off. | ||||
| No persistant data is stored in the LedgerSMB container. | ||||
|  | ||||
| All LedgerSMB data is stored in PostgreSQL, so you can stop/destroy/run a | ||||
| new LedgerSMB container as often as you want. | ||||
|  | ||||
| In case of the Docker Compose setup, all PostgreSQL data is stored on the | ||||
| Docker volume with the name ending in `_pgdata`. This volume is not destroyed | ||||
| when updating the containers; only explicit removal destroys the data. | ||||
|  | ||||
| # Environment Variables | ||||
|  | ||||
| The LedgerSMB image uses several environment variables which are easy to miss. While none of the variables are required, they may significantly aid you in using the image. | ||||
| The LedgerSMB image uses several environment variables. They are all optional. | ||||
|  | ||||
| ### `POSTGRES_HOST` = 'postgres' | ||||
|  | ||||
| This environment variable is used to specify the hostname of the Postgres server. The default is "postgres", which will find the container linked in. | ||||
| ## `POSTGRES_HOST` | ||||
|  | ||||
| If you set this to another hostname, LedgerSMB will attempt to connect to that hostname instead. | ||||
| Default: postgres | ||||
|  | ||||
| ### `SSMTP_ROOT` `SSMTP_MAILHUB` `SSMTP_HOSTNAME` `SSMTP_USE_STARTTLS` `SSMTP_AUTH_USER` `SSMTP_AUTH_PASS` `SSMTP_METHOD` `SSMTP_FROMLINE_OVERRIDE` | ||||
| Specifies the hostname of the PostgreSQL server to connect to. If you use | ||||
| a PostgreSQL image, set it to the name of that image. | ||||
|  | ||||
| These variables are used to set outgoing SMTP defaults. To set the outgoing email address, set SSMTP_ROOT, and SSMTP_HOSTNAME at a minimum -- SSMTP_MAILHUB defaults to the default docker0 interface, so if your host is already configured to relay mail, this should relay successfully with only those two set. | ||||
| ## `POSTGRES_PORT` | ||||
|  | ||||
| Use the other environment variables to relay mail through another host. | ||||
| Default: 5432 | ||||
|  | ||||
| Port on which the PostgreSQL server is running. | ||||
|  | ||||
| ## `DEFAULT_DB` | ||||
|  | ||||
| Default: lsmb | ||||
|  | ||||
| Set this if you want to automatically log in to a particular LedgerSMB database | ||||
| without needing to enter the name of that database on the login.pl login screen. | ||||
|  | ||||
| ## `LSMB_WORKERS` | ||||
|  | ||||
| Default: 5 | ||||
|  | ||||
| Set this if you want to run in a memory-constrained environment. E.g. set it to | ||||
| 2 when running in a 1 GB memory setup. Please do note that this may adversely | ||||
| affect the performance experience of users. | ||||
|  | ||||
| ## Mail configuration | ||||
|  | ||||
| As of 1.8.0, the image is based on Debian Buster instead of Debian Stretch; | ||||
| with Buster, the `ssmtp` program has been removed from Debian, this image | ||||
| had to change strategy. The main application always came with built-in e-mail | ||||
| yet with the deprecation, the abilities have expanded. | ||||
|  | ||||
| The following parameters are now supported to set mail preferences: | ||||
|  | ||||
| * `LSMB_MAIL_SMTPHOST` \ | ||||
|   The host name/IP-address of the SMTP server that will forward mail from | ||||
|   LedgerSMB to the outside world. | ||||
| * `LSMB_MAIL_SMTPPORT` \ | ||||
|   The port that the SMTP server in `LSMB_MAIL_SMTPHOST` listens to. | ||||
| * `LSMB_MAIL_SMTPTLS` \ | ||||
|   Can be one of `no` (default), `yes` or `raw`. `yes` indicates to use | ||||
|   STARTTLS over a regular SMTP connection; `raw`' indicates an SMTP connection | ||||
|   should be established over a TLS connection (a.k.a. smtps). | ||||
| * `LSMB_MAIL_SMTPSENDER_HOSTNAME` (optional) \ | ||||
|   When set, used to identify the host when connecting to an SMTP server. When | ||||
|   not set, the host is queried for its host name. | ||||
| * `LSMB_MAIL_SMTPUSER` \ | ||||
|   Username to authenticate to the SMTP host in `LSMB_MAIL_SMTPHOST`. | ||||
| * `LSMB_MAIL_SMTPPASS` \ | ||||
|   Password to authenticate to the SMTP host in `LSMB_MAIL_SMTPHOST` with the | ||||
|   user in `LSMB_MAIL_SMTPUSER`. | ||||
| * `LSMB_MAIL_SMTPAUTHMECH` \ | ||||
|   A space separated list of SASL mechanisms to be used for authentication of | ||||
|   the smtp connection with the SMTP server. Available mechanisms depend on | ||||
|   your installed environment, but the following mechanisms should be available | ||||
|   in all of them: `PLAIN` `LOGIN` `CRAM_MD5` & `DIGEST_MD5`. **Note that** | ||||
|   `PLAIN` or `LOGIN` send passwords in plain text over the wire to the SMTP | ||||
|   server; only use these methods in combination with TLS encryption. | ||||
|  | ||||
| # Advanced setup | ||||
|  | ||||
| ## Changing configuration | ||||
|  | ||||
| The configuration file is stored in /srv/ledgersmb/local/conf/. By mounting | ||||
| that directory using a bind-mount to a location outside the container, | ||||
| configuration can be changed between container starts: | ||||
|  | ||||
| ```plain | ||||
|  $ docker run -d -p 5762:5762 --name myledger \ | ||||
|      --mount 'type=bind,src=/home/ledgersmb/conf,dst=/srv/ledgersmb/local/conf \ | ||||
|      -e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest | ||||
| ``` | ||||
|  | ||||
| ## Overriding or adding configuration | ||||
|  | ||||
| By pre-creating a configuration file in the mounted configuration directory, | ||||
| the standard configuration generation process in the container can be overruled: | ||||
|  | ||||
| ```plain | ||||
|  $ cat <<EOF > /home/ledgersmb/conf/ledgersmb.yaml | ||||
|    ... YOUR CONFIG HERE ... | ||||
|  EOF | ||||
|  $ docker run -d -p 5762:5762 --name myledger \ | ||||
|      --mount 'type=bind,src=/home/ledgersmb/conf,dst=/srv/ledgersmb/local/conf \ | ||||
|      -e POSTGRES_HOST=<ip/hostname> ledgersmb/ledgersmb:latest | ||||
| ``` | ||||
|  | ||||
| If you do not want to completely overrule the configuration generated, but instead | ||||
| supplement the configuration, you can put incremental configuration snippets in | ||||
| files named `ledgersmb.1XX.yaml` in the same folder. E.g.: | ||||
|  | ||||
| ```plain | ||||
|  $ cat <<EOF > /home/ledgersmb/conf/ledgersmb.100.yaml | ||||
|  logging: | ||||
|    file: ledgersmb.logging | ||||
|  EOF | ||||
| ``` | ||||
|  | ||||
| [Documentation with respect to the available configuration | ||||
| keys](https://github.com/ledgersmb/LedgerSMB/blob/master/doc/conf/ledgersmb.yaml) | ||||
| is available in the LedgerSMB repository. | ||||
|  | ||||
| ## Docker Compose with reverse proxy | ||||
|  | ||||
| The `docker-compose-reverseproxy.yml` file shows a docker-compose setup | ||||
| which adds an Nginx reverse proxy configuration on top of the base | ||||
| `docker-compose.yml` configuration file. If the content of this repository | ||||
| is cloned into the current directory (`git clone https://github.com/ledgersmb/ledgersmb-docker.git ; cd ledgersmb-docker`), it can be used as: | ||||
|  | ||||
| ```plain | ||||
|  $ docker-compose \ | ||||
|     -f docker-compose.yml \ | ||||
|     -f docker-compose-reverseproxy.yml \ | ||||
|        up -d | ||||
| ``` | ||||
|  | ||||
| This setup can be used in combination with an image which runs the | ||||
| Certbot certificate renewal process *and* Nginx to do TLS termination. The | ||||
| default reverse proxy is mostly an example; it publishes on | ||||
| [http://localhost:8080/](http://localhost:8080/). | ||||
|  | ||||
| An example of such an image can be found at | ||||
| [https://github.com/jonasalfredsson/docker-nginx-certbot](https://github.com/jonasalfredsson/docker-nginx-certbot), | ||||
| which is published on Docker Hub as | ||||
| [jonasal/nginx-certbot](https://hub.docker.com/r/jonasal/nginx-certbot). | ||||
|  | ||||
| **Upgrade note** When upgrading this setup, please remove the volume ending | ||||
| in `_lsmbdata` before starting the upgraded containers. Without that, the | ||||
| webcontent won't be upgraded! E.g.: | ||||
|  | ||||
| ```plain | ||||
|   $ docker-compose \ | ||||
|       -f docker-compose.yml \ | ||||
|       -f docker-compose-reverseproxy.yml \ | ||||
|         rm -s -f -v && \ | ||||
|     docker volume rm ledgersmb-docker_lsmbdata && \ | ||||
|     docker-compose \ | ||||
|       -f docker-compose.yml \ | ||||
|       -f docker-compose-reverseproxy.yml \ | ||||
|         pull && \ | ||||
|     docker-compose \ | ||||
|       -f docker-compose.yml \ | ||||
|       -f docker-compose-reverseproxy.yml \ | ||||
|         up -d | ||||
| ``` | ||||
|  | ||||
| # Troubleshooting/Developing | ||||
|  | ||||
| You can connect to a running container using: | ||||
| Currently the LedgerSMB installation is in /srv/ledgersmb | ||||
| and the startup & config script is /usr/bin/start.sh. | ||||
|  | ||||
| > docker exec -ti myledger /bin/bash | ||||
|  | ||||
| ... this will give you a shell inside the container where you can inspect/troubleshoot the installation. | ||||
|  | ||||
| Currently the LedgerSMB installation is in /srv/ledgersmb, and the startup/config script is /usr/bin/start.sh. | ||||
|  | ||||
|  | ||||
| # Supported Docker versions | ||||
|  | ||||
| This image is officially supported on Docker version 1.11.1. | ||||
|  | ||||
| Support for older versions is provided on a best-effort basis. | ||||
|  | ||||
| # User Feedback | ||||
|  | ||||
| ## Documentation | ||||
|  | ||||
| This is a brand new effort, and we will be adding documentation to the http://ledgersmb.org site when we get a chance. | ||||
|  | ||||
| ## Issues | ||||
|  | ||||
| If you have any problems with or questions about this image or LedgerSMB, please contact us on the [mailing list](http://ledgersmb.org/topic/support/mailing-lists-rss-and-nntp-feeds) or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). | ||||
| If you have any problems with or questions about this image or LedgerSMB, | ||||
| please contact us on the [mailing list](http://ledgersmb.org/topic/support/mailing-lists-rss-and-nntp-feeds) | ||||
| or through a [GitHub issue](https://github.com/ledgersmb/ledgersmb-docker/issues). | ||||
|  | ||||
| You can also reach some of the official LedgerSMB maintainers via the `#ledgersmb` IRC channel on [Freenode](https://freenode.net), or on the bridged [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). The [Vector.im](https://vector.im/beta/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. | ||||
| You can also reach some of the official LedgerSMB maintainers via the | ||||
| [Matrix](https://matrix.org) room in [#ledgersmb:matrix.org](https://matrix.to/#/#ledgersmb:matrix.org). | ||||
| The [Element](https://app.element.io/#/room/#ledgersmb:matrix.org) Matrix client is highly recommended. | ||||
|  | ||||
|  | ||||
| ## Contributing | ||||
|  | ||||
| You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can. | ||||
| You are invited to contribute new features, fixes, or updates, large or small; | ||||
| we are always thrilled to receive pull requests, and do our best to process | ||||
| them as fast as we can. | ||||
|   | ||||
							
								
								
									
										21
									
								
								build
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										21
									
								
								build
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,21 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| set -euxo pipefail | ||||
|  | ||||
| if [[ -n "${SET_LATEST_TAG:-}" ]] | ||||
| then | ||||
|   latest_tags="-t ledgersmb/ledgersmb:latest -t ghcr.io/ledgersmb/ledgersmb:latest" | ||||
| else | ||||
|   latest_tags= | ||||
| fi | ||||
|  | ||||
| ${DOCKER:-docker} buildx build \ | ||||
|    --progress plain \ | ||||
|    --platform ${PLATFORM:-linux/amd64,linux/arm64,linux/arm/v7} \ | ||||
|    --build-arg "ARTIFACT_LOCATION=$ARTIFACT_LOCATION" \ | ||||
|    -t ledgersmb/ledgersmb:$BRANCH \ | ||||
|    -t ledgersmb/ledgersmb:$VERSION \ | ||||
|    -t ghcr.io/ledgersmb/ledgersmb:$BRANCH \ | ||||
|    -t ghcr.io/ledgersmb/ledgersmb:$VERSION \ | ||||
|    $latest_tags \ | ||||
|    --push . | ||||
							
								
								
									
										36
									
								
								docker-compose-reverseproxy.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								docker-compose-reverseproxy.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| # Use this docker-compose file as: | ||||
| # | ||||
| #  docker-compose -f docker-compose.yml -f docker-compose-reverseproxy.yml up -d | ||||
| # | ||||
| # | ||||
| # This command creates one | ||||
| # compose 'project' consisting of three containers | ||||
| # | ||||
| #  1. The PostgreSQL data  container | ||||
| #  2. The LedgerSMB application container | ||||
| #  3. The Nginx reverse proxy container | ||||
| # | ||||
| # In addition to publishing LedgerSMB on port 5762 on localhost, | ||||
| # this project also publishes Nginx's reverse proxied content on | ||||
| # port 8080 on localhost | ||||
|  | ||||
| version: "3.2" | ||||
| services: | ||||
|   proxy: | ||||
|     depends_on: | ||||
|       - lsmb | ||||
|     image: nginx:1-alpine | ||||
|     volumes: | ||||
|       - "lsmbdata:/srv/ledgersmb" | ||||
|       - "./nginx.conf:/etc/nginx/nginx.conf" | ||||
|     ports: | ||||
|       - "8080:8080" | ||||
|     # Comment the line below to stop the container from restarting on boot | ||||
|     # unless it was manually stopped | ||||
|     restart: unless-stopped | ||||
|   lsmb: | ||||
|     volumes: | ||||
|       - "lsmbdata:/srv/ledgersmb" | ||||
|  | ||||
| volumes: | ||||
|   lsmbdata: | ||||
							
								
								
									
										100
									
								
								docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										100
									
								
								docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,100 @@ | ||||
| # This docker-compose file creates one | ||||
| # compose 'project' consisting of two containers | ||||
| # | ||||
| #  1. The PostgreSQL data  container | ||||
| #  2. The LedgerSMB application container | ||||
| # | ||||
| # LedgerSMB persists all its data in the database, | ||||
| # so no special care needs to be taken on | ||||
| # container upgrades.  With PostgreSQL, data is | ||||
| # persisted across upgrades by the use of a | ||||
| # special 'dbdata' volume | ||||
|  | ||||
| version: "3.2" | ||||
| services: | ||||
|   # Note that the container needs to be named "postgres" here, | ||||
|   # because that allows us to use the default hostname ("postgres") | ||||
|   # from the LedgerSMB configuration | ||||
|   postgres: | ||||
|     image: postgres:15-alpine | ||||
|     environment: | ||||
|       # Replace the password below for a secure setup | ||||
|       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-abc} | ||||
|       PGDATA: /var/lib/postgresql/data/pgdata | ||||
|     networks: | ||||
|       - internal | ||||
|     volumes: | ||||
|       - "pgdata:/var/lib/postgresql/data" | ||||
|     # Comment the line below to stop the container from restarting on boot | ||||
|     # unless it was manually stopped | ||||
|     restart: unless-stopped | ||||
|   lsmb: | ||||
|     depends_on: | ||||
|       - postgres | ||||
|     image: ghcr.io/ledgersmb/ledgersmb:1.12 | ||||
|       # In order to store the configuration outside the image, allowing it to | ||||
|       # be edited between container restarts, uncomment the section below and | ||||
|       # change the 'source' to the directory where you want the configuration | ||||
|       # to be stored. | ||||
|     # volumes: | ||||
|     #   # Override all configuration: | ||||
|     #   - type: bind | ||||
|     #     source: /home/ledgersmb/conf | ||||
|     #     target: /srv/ledgersmb/local/conf | ||||
|     #   # Add a snippet of configuration: | ||||
|     #   - type: bind | ||||
|     #     source: /home/ledgersmb/conf/ledgersmb.100.yaml | ||||
|     #     target: /srv/ledgersmb/local/conf/ledgersmb.100.yaml | ||||
|     networks: | ||||
|       - internal | ||||
|       - default | ||||
|     # Comment the 'ports' section to disable mapping the LedgerSMB container port (5762) | ||||
|     #  to the host's port of the same number. Mapping "5762:5762" makes LedgerSMB | ||||
|     #  available on http://<host-dns-or-ip>:5762/ | ||||
|     #     SECURITY NOTE:  Leave this uncommented for evaluation purposes only! | ||||
|     #       In production, be sure to use SSL/TLS (such as by reverse proxying) to protect  | ||||
|     #       user's passwords and other sensitive data | ||||
|     ports: | ||||
|       - "5762:5762" | ||||
|     environment: | ||||
|       # The LSMB_WORKERS environment variable lets you select the number | ||||
|       # of processes serving HTTP requests. The default number of 2 workers | ||||
|       # is geared toward limited-memory situations (1 GB). In order to | ||||
|       # improve the performance experience, increase memory and the | ||||
|       # number of workers | ||||
|       # | ||||
|       LSMB_WORKERS: ${LSMB_WORKERS:-5} | ||||
|       # | ||||
|       # | ||||
|  | ||||
|       # LSMB_MAIL_SMTPHOST: | ||||
|       # LSMB_MAIL_SMTPPORT: | ||||
|       # LSMB_MAIL_SMTPTLS: | ||||
|       # LSMB_MAIL_SMTPSENDER_HOSTNAME: | ||||
|       # LSMB_MAIL_SMTPUSER: | ||||
|       # LSMB_MAIL_SMTPPASS: | ||||
|       # LSMB_MAIL_SMTPAUTHMECH: | ||||
|       # | ||||
|       # | ||||
|       # The PROXY_IP environment variable lets you set the IP address | ||||
|       # (range) of the reverse proxy used for TLS termination, which forwards | ||||
|       # its requests to this container. When this reverse proxy runs on the | ||||
|       # Docker host, the default below applies. In case the reverse proxy is | ||||
|       # hosted in a separate container, this setting needs to be adjusted. | ||||
|       # | ||||
|       # PROXY_IP: 172.17.0.1/12 | ||||
|     # Comment the line below to stop the container from restarting on boot | ||||
|     # unless it was manually stopped | ||||
|     restart: unless-stopped | ||||
|  | ||||
| # having the dbdata volume is required to persist our | ||||
| # data between PostgreSQL container updates; without | ||||
| # that, the data is contained in the same volume as | ||||
| # the rest of the image and on update/upgrade, the | ||||
| # data will be lost. | ||||
| volumes: | ||||
|   pgdata: | ||||
|  | ||||
|  | ||||
| networks: | ||||
|   internal: | ||||
							
								
								
									
										81
									
								
								nginx.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										81
									
								
								nginx.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,81 @@ | ||||
| # This is a full (minimal) nginx configuration file | ||||
|  | ||||
| error_log /dev/stderr info; | ||||
| pid /tmp/nginx.pid; | ||||
| worker_processes 1; | ||||
|  | ||||
| events { | ||||
|    worker_connections 1024; | ||||
| } | ||||
|  | ||||
| http { | ||||
|    client_body_temp_path /tmp/client_body; | ||||
|    proxy_temp_path /tmp/proxy_temp; | ||||
|    fastcgi_temp_path /tmp/fastcgi_temp; | ||||
|    scgi_temp_path /tmp/scgi_temp; | ||||
|    uwsgi_temp_path /tmp/uwsgi_temp; | ||||
|  | ||||
|    sendfile on; | ||||
|    tcp_nopush on; | ||||
|    tcp_nodelay on; | ||||
|    keepalive_timeout 65; | ||||
|    types_hash_max_size 2048; | ||||
|    include /etc/nginx/mime.types; | ||||
|    default_type application/octet-stream; | ||||
|  | ||||
|    access_log /dev/stdout; | ||||
|    error_log /dev/stderr info; | ||||
|  | ||||
|    gzip off; | ||||
|    gzip_static on; | ||||
|  | ||||
|    server { | ||||
|       listen 8080 default_server; | ||||
|       listen [::]:8080 default_server ipv6only=on; | ||||
|  | ||||
|       root /srv/ledgersmb/UI; | ||||
|  | ||||
|       access_log /dev/stdout; | ||||
|       error_log /dev/stderr info; | ||||
|  | ||||
|       # Don't log status polls | ||||
|       location /nginx_status { | ||||
|                stub_status on; | ||||
|                access_log off; | ||||
|                allow 127.0.0.1; | ||||
|                allow ::1; | ||||
|                deny all; | ||||
|       } | ||||
|  | ||||
|       # Configuration files don't exist | ||||
|       location ^~ \.conf$ { | ||||
|          return 404; | ||||
|       } | ||||
|  | ||||
|       # 'Hidden' files don't exist | ||||
|       location ~ /\. { | ||||
|          return 404; | ||||
|       } | ||||
|  | ||||
|       location = / { | ||||
|          return 301 /login.pl; | ||||
|       } | ||||
|  | ||||
|       # JS & CSS | ||||
|       location ~* \.(js|css)$ { | ||||
|          add_header Pragma "public"; | ||||
|          add_header Cache-Control "public, must-revalidate, proxy-revalidate"; # Production | ||||
|          expires     7d; # Indicate that the resource can be cached for 1 week # Production | ||||
|          try_files $uri =404; | ||||
|       } | ||||
|  | ||||
|       location / { | ||||
|          proxy_set_header        Host $host; | ||||
|          proxy_set_header        X-Real-IP $remote_addr; | ||||
|          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for; | ||||
|          proxy_set_header        X-Forwarded-Proto $scheme; | ||||
|          proxy_read_timeout      300; | ||||
|          proxy_pass              http://lsmb:5762; | ||||
|       } | ||||
|    } | ||||
| } | ||||
							
								
								
									
										192
									
								
								start.sh
									
									
									
									
									
								
							
							
						
						
									
										192
									
								
								start.sh
									
									
									
									
									
								
							| @@ -1,33 +1,175 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| update_ssmtp.sh | ||||
| cd /srv/ledgersmb | ||||
|  | ||||
| if [[ ! -f ledgersmb.conf ]]; then | ||||
|   cp conf/ledgersmb.conf.default ledgersmb.conf | ||||
|   sed -i \ | ||||
|     -e "s/\(cache_templates = \).*\$/cache_templates = 1/g" \ | ||||
|     -e "s/\(host = \).*\$/\1$POSTGRES_HOST/g" \ | ||||
|     -e "s%\(sendmail   = \).*%\1/usr/bin/ssmtp%g" \ | ||||
|     /srv/ledgersmb/ledgersmb.conf | ||||
| [[ -d ./local/conf/ ]] || mkdir ./local/conf/ | ||||
| if [[ -n "$SSMTP_ROOT" ]]; then | ||||
|     echo "\$SSMTP_ROOT set; parameter is deprecated and will be ignored" | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_FROMLINE_OVERRIDE" ]]; then | ||||
|     echo "\$SSMTP_FROMLINE_OVERRIDE set; parameter is deprecated and will be ignored" | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_MAILHUB" ]]; then | ||||
|     echo "\$SSMTP_MAILHUB set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPHOST" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPHOST setting from \$SSMTP_MAILHUB" | ||||
|         LSMB_MAIL_SMTPHOST=${SSMTP_MAILHUB%:*} | ||||
|     fi | ||||
|     if [[ -z "$LSMB_MAIL_SMTPPORT" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPPORT setting from \$SSMTP_MAILHUB" | ||||
|         LSMB_MAIL_SMTPPORT=${SSMTP_MAILHUB#*:} | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_HOSTNAME" ]]; then | ||||
|     echo "\$SSMTP_HOSTNAME set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_HOSTNAME" | ||||
|         LSMB_MAIL_SMTPSENDER_HOSTNAME=$SSMTP_HOSTNAME | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_USE_STARTTLS" ]]; then | ||||
|     echo "\$SSMTP_USE_STARTTLS set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPTLS" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_USE_STARTTLS" | ||||
|         LSMB_MAIL_SMTPTLS=$SSMTP_USE_STARTTLS | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_AUTH_USER" ]]; then | ||||
|     echo "\$SSMTP_AUTH_USER set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPUSER" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPUSER setting from \$SSMTP_AUTH_USER" | ||||
|         LSMB_MAIL_SMTPUSER=$SSMTP_AUTH_USER | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_AUTH_PASS" ]]; then | ||||
|     echo "\$SSMTP_AUTH_PASS set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPPASS" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPPASS setting from \$SSMTP_AUTH_PASS" | ||||
|         LSMB_MAIL_SMTPPASS=$SSMTP_AUTH_PASS | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
| if [[ -n "$SSMTP_AUTH_METHOD" ]]; then | ||||
|     echo "\$SSMTP_AUTH_METHOD set; parameter is deprecated" | ||||
|     if [[ -z "$LSMB_MAIL_SMTPAUTHMECH" ]]; then | ||||
|         echo "  Deriving \$LSMB_MAIL_SMTPAUTHMECH setting from \$SSMTP_AUTH_METHOD" | ||||
|         LSMB_MAIL_SMTPAUTHMECH=$SSMTP_AUTH_METHOD | ||||
|     fi | ||||
|     LSMB_HAVE_DEPRECATED=1 | ||||
| fi | ||||
|  | ||||
| # Currently unmaintained/untested | ||||
| # if [ ! -z ${CREATE_DATABASE+x} ]; then | ||||
| #   perl tools/dbsetup.pl --company $CREATE_DATABASE \ | ||||
| #   --host $POSTGRES_HOST \ | ||||
| #   --postgres_password "$POSTGRES_PASS" | ||||
| #fi | ||||
| if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then | ||||
|     echo "!!! DEPRECATED \$SSMTP_* PARAMETERS WILL BE REMOVED in the 1.9 image!!!" | ||||
| fi | ||||
|  | ||||
| # Needed for modules loaded by cpanm | ||||
| export PERL5LIB | ||||
| for PerlLib in /usr/lib/perl5* /usr/local/lib/perl5*/site_perl/* ; do | ||||
|     [[ -d "$PerlLib" ]] && { | ||||
|         PERL5LIB="$PerlLib"; | ||||
|         echo -e "\tmaybe: $PerlLib"; | ||||
|     } | ||||
| done ; | ||||
| echo "Selected PERL5LIB=$PERL5LIB"; | ||||
| if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then | ||||
|   if [[ "x$LSMB_MAIL_SMTPTLS" == "xyes" ]]; then | ||||
|      tls_mode=starttls | ||||
|   elif [[ "x$LSMB_MAIL_SMTPTLS" == "xraw" ]]; then | ||||
|      tls_mode=ssl | ||||
|   else | ||||
|      tls_mode=none | ||||
|   fi | ||||
|   cat <<EOF >./local/conf/ledgersmb.yaml | ||||
| paths: | ||||
|   \$class: Beam::Wire | ||||
|   config: | ||||
|     UI: ./UI/ | ||||
|     UI_cache: lsmb_templates/ | ||||
|  | ||||
| db: | ||||
|   \$class: LedgerSMB::Database::Factory | ||||
|   connect_data: | ||||
|     host: ${POSTGRES_HOST:-postgres} | ||||
|     port: ${POSTGRES_PORT:-5432} | ||||
|  | ||||
| mail: | ||||
|   transport: | ||||
|     \$class: Email::Sender::Transport::SMTP | ||||
|     ssl: $tls_mode | ||||
|  | ||||
| miscellaneous: | ||||
|   \$class: Beam::Wire | ||||
|   config: | ||||
|     proxy_ip: ${PROXY_IP:-172.17.0.1/12} | ||||
|  | ||||
| ui: | ||||
|   class: LedgerSMB::Template::UI | ||||
|   method: new_UI | ||||
|   lifecycle: eager | ||||
|   args: | ||||
|     cache: | ||||
|       \$ref: paths/UI_cache | ||||
|     root: | ||||
|       \$ref: paths/UI | ||||
| EOF | ||||
|  | ||||
|   if [[ -n "$LSMB_MAIL_SMTPHOST" ]] | ||||
|   then | ||||
|       if [[ "$LSMB_MAIL_SMTPHOST" == "__CONTAINER_GATEWAY__" ]] | ||||
|       then | ||||
|          LSMB_MAIL_SMTPHOST="$(ip route | awk '/default/ { print $3 }')" | ||||
|          export LSMB_MAIL_SMTPHOST | ||||
|       fi | ||||
|  | ||||
|       cat <<EOF >./local/conf/ledgersmb.000.yaml | ||||
| mail: | ||||
|   transport: | ||||
|     host: $LSMB_MAIL_SMTPHOST | ||||
| EOF | ||||
|   fi | ||||
|  | ||||
|   if [[ -n "$LSMB_MAIL_SMTPPORT" ]] | ||||
|   then | ||||
|       cat <<EOF >./local/conf/ledgersmb.001.yaml | ||||
| mail: | ||||
|   transport: | ||||
|     port: $LSMB_MAIL_SMTPPORT | ||||
| EOF | ||||
|   fi | ||||
|  | ||||
|   if [[ -n "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]] | ||||
|   then | ||||
|       cat <<EOF >./local/conf/ledgersmb.002.yaml | ||||
| mail: | ||||
|   transport: | ||||
|     helo: $LSMB_MAIL_SMTPSENDER_HOSTNAME | ||||
| EOF | ||||
|   fi | ||||
|  | ||||
|   if [[ -n "$LSMB_MAIL_SMTPUSER" ]] | ||||
|   then | ||||
|       cat <<EOF >./local/conf/ledgersmb.003.yaml | ||||
| mail: | ||||
|   transport: | ||||
|     sasl_authenticator: | ||||
|       \$class: Authen::SASL | ||||
|       mechanism: $LSMB_MAIL_SMTPAUTHMECH | ||||
|       callback: | ||||
|         user: $LSMB_MAIL_SMTPUSER | ||||
|         pass: $LSMB_MAIL_SMTPPASS | ||||
| EOF | ||||
|   fi | ||||
| fi | ||||
|  | ||||
| # start ledgersmb | ||||
| exec starman --port 5762 tools/starman.psgi | ||||
| # --preload-app allows application initialization to kill the entire | ||||
| # starman instance (instead of just the worker, which will immediately | ||||
| # get restarted) on error; it also has a positive effect on memory use | ||||
|  | ||||
| LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml} | ||||
| export LSMB_CONFIG_FILE | ||||
| echo '--------- LEDGERSMB CONFIGURATION:  ledgersmb.conf' | ||||
| cat ${LSMB_CONFIG_FILE} | ||||
| echo '--------- LEDGERSMB CONFIGURATION --- END' | ||||
|  | ||||
| # ':5762:' suppresses an uninitialized variable warning in starman | ||||
| # the last colon means "don't connect using tls"; without it, there's a warning | ||||
| exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} \ | ||||
|              -I lib -I old/lib \ | ||||
|              --preload-app bin/ledgersmb-server.psgi | ||||
|   | ||||
| @@ -1,18 +0,0 @@ | ||||
| #!/bin/bash | ||||
| ConfiguredComment='# install script update_ssmtp.sh has configured ssmtp' | ||||
| grep -qc "$ConfiguredComment" /etc/ssmtp.conf && { | ||||
|     echo "smtp configured." | ||||
|     exit | ||||
| } | ||||
|  | ||||
| sed -i \ | ||||
|     -e "s/\(root=\).*\$/\1$SSMTP_ROOT/g" \ | ||||
|     -e "s/\(mailhub=\).*\$/\1$SSMTP_MAILHUB/g" \ | ||||
|     -e "s/\(hostname=\).*\$/\1$SSMTP_HOSTNAME/g" \ | ||||
|     /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_USE_STARTTLS" ] || echo "UseSTARTTLS=$SSMTP_USE_STARTTLS" >> /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_AUTH_USER" ] || echo "AuthUser=$SSMTP_AUTH_USER" >> /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_AUTH_PASS" ] || echo "AuthPass=$SSMTP_AUTH_PASS" >> /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_AUTH_METHOD" ] || echo "AuthMethod=$SSMTP_AUTH_METHOD" >> /etc/ssmtp/ssmtp.conf | ||||
| [ -z "$SSMTP_FROMLINE_OVERRIDE" ] || echo "FromLineOverride=$SSMTP_FROMLINE_OVERRIDE" >> /etc/ssmtp/ssmtp.conf | ||||
| echo "$ConfiguredComment" >> /etc/ssmtp/ssmtp.conf | ||||
		Reference in New Issue
	
	Block a user