feat: provide image with nginx

.github/workflows/images-cleanup.yml

@@ -1,18 +0,0 @@
-name: Docker Image cleanup
-
-on:
-  push:
-  workflow_dispatch:
-  schedule:
-    # Schedule for five minutes after the hour, every Friday
-    - cron: '10 3 * * 5'
-
-jobs:
-  cleanup:
-    if: github.repository_owner == 'ledgersmb'
-    runs-on: ubuntu-latest
-    steps:
-    - name: ghcr.io cleanup action
-      uses: dataaxiom/ghcr-cleanup-action@v1
-      with:
-        packages: ledgersmb

README.md

@@ -16,9 +16,8 @@ Dockerfile for LedgerSMB Docker image
 
 # Supported tags
 
-- `1.12`, `1.12.x`, `latest` - Latest official release from the 1.12 branch
+- `1.11`, `1.11.x`, `latest` - Latest official release from the 1.11 branch
-- `1.11`, `1.11.x` - Latest official release from the 1.11 branch
+- `1.10`, `1.10.x` - Latest official release from the 1.10 branch
-- `1.10`, `1.10.38` - Last official release from the 1.10 branch (End-of-Life)
 - `1.9`, `1.9.30` - Last official release from the 1.9 branch (End-of-Life)
 - `1.8`, `1.8.31` - Last official release from the 1.8 branch (End-of-Life)
 - `1.7`, `1.7.41` - Last official release from the 1.7 branch (End-of-Life)

base/Dockerfile

@@ -5,7 +5,7 @@ ARG SRCIMAGE=debian:bookworm-slim
 
 FROM  $SRCIMAGE AS builder
 
-ARG LSMB_VERSION="1.12.5"
+ARG LSMB_VERSION="1.11.17"
 ARG LSMB_DL_DIR="Releases"
 ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz"
 
@@ -51,7 +51,7 @@ LABEL org.opencontainers.image.description="LedgerSMB is a full featured double-
  the LedgerSMB project is to bring high quality ERP and accounting capabilities\
  to Small and Midsize Businesses."
 
-ARG LSMB_VERSION="1.12.5"
+ARG LSMB_VERSION="1.11.17"
 ARG LSMB_DL_DIR="Releases"
 ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz"
 
@@ -83,8 +83,9 @@ RUN set -x ; \
     libclass-c3-xs-perl \
     texlive-plain-generic texlive-latex-recommended texlive-fonts-recommended \
     texlive-xetex fonts-liberation \
-    lsb-release postgresql-common && \
+    lsb-release && \
-  /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y && \
+  echo "deb [signed-by=/etc/apt/keyrings/postgresql.asc] http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \
+  wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc > /etc/apt/keyrings/postgresql.asc && \
   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \
   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install postgresql-client && \
   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \
@@ -111,22 +112,20 @@ WORKDIR /srv/ledgersmb
 ## MAIL
 # '__CONTAINER_GATEWAY__' is a magic value which will be substituted
 # with the actual gateway IP address
-ENV LSMB_MAIL_SMTPHOST=__CONTAINER_GATEWAY__
+ENV LSMB_MAIL_SMTPHOST __CONTAINER_GATEWAY__
-#ENV LSMB_MAIL_SMTPPORT=25
+#ENV LSMB_MAIL_SMTPPORT 25
-#ENV LSMB_MAIL_SMTPSENDER_HOSTNAME=(container hostname)
+#ENV LSMB_MAIL_SMTPSENDER_HOSTNAME (container hostname)
-#ENV LSMB_MAIL_SMTPTLS=
+#ENV LSMB_MAIL_SMTPTLS
-#ENV LSMB_MAIL_SMTPUSER=
+#ENV LSMB_MAIL_SMTPUSER
-#ENV LSMB_MAIL_SMTPPASS=
+#ENV LSMB_MAIL_SMTPPASS
-#ENV LSMB_MAIL_SMTPAUTHMECH=
+#ENV LSMB_MAIL_SMTPAUTHMECH
 
 ## DATABASE
-ENV POSTGRES_HOST=postgres
+ENV POSTGRES_HOST postgres
-ENV POSTGRES_PORT=5432
+ENV POSTGRES_PORT 5432
-ENV DEFAULT_DB=lsmb
+ENV DEFAULT_DB lsmb
 
 COPY start.sh /usr/local/bin/start.sh
-COPY config.sh /usr/local/bin/config.sh
-COPY run.sh /usr/local/bin/run.sh
 
 RUN chmod +x /usr/local/bin/start.sh && \
   mkdir -p /var/www && \

base/docker-compose.yml

@@ -31,7 +31,7 @@ services:
   lsmb:
     depends_on:
       - postgres
-    image: ghcr.io/ledgersmb/ledgersmb:1.12
+    image: ghcr.io/ledgersmb/ledgersmb:1.11
       # In order to store the configuration outside the image, allowing it to
       # be edited between container restarts, uncomment the section below and
       # change the 'source' to the directory where you want the configuration

base/run.sh

@@ -1,14 +0,0 @@
-#!/bin/bash
-
-cd /srv/ledgersmb
-LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml}
-export LSMB_CONFIG_FILE
-echo '--------- LEDGERSMB CONFIGURATION:  ledgersmb.conf'
-cat ${LSMB_CONFIG_FILE}
-echo '--------- LEDGERSMB CONFIGURATION --- END'
-
-# ':5762:' suppresses an uninitialized variable warning in starman
-# the last colon means "don't connect using tls"; without it, there's a warning
-exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} \
-             -I lib -I old/lib \
-             --preload-app bin/ledgersmb-server.psgi

base/start.sh

@@ -1,5 +1,169 @@
 #!/bin/bash
 
-home_dir="$(dirname `readlink -f $BASH_SOURCE`)"
+cd /srv/ledgersmb
-"$home_dir/config.sh" || (echo "Failed configuration" ; exit)
+[[ -d ./local/conf/ ]] || mkdir ./local/conf/
-exec "$home_dir/run.sh"
+if [[ -n "$SSMTP_ROOT" ]]; then
+    echo "\$SSMTP_ROOT set; parameter is deprecated and will be ignored"
+    LSMB_HAVE_DEPRECATED=1
+fi
+if [[ -n "$SSMTP_FROMLINE_OVERRIDE" ]]; then
+    echo "\$SSMTP_FROMLINE_OVERRIDE set; parameter is deprecated and will be ignored"
+    LSMB_HAVE_DEPRECATED=1
+fi
+if [[ -n "$SSMTP_MAILHUB" ]]; then
+    echo "\$SSMTP_MAILHUB set; parameter is deprecated"
+    if [[ -z "$LSMB_MAIL_SMTPHOST" ]]; then
+        echo "  Deriving \$LSMB_MAIL_SMTPHOST setting from \$SSMTP_MAILHUB"
+        LSMB_MAIL_SMTPHOST=${SSMTP_MAILHUB%:*}
+    fi
+    if [[ -z "$LSMB_MAIL_SMTPPORT" ]]; then
+        echo "  Deriving \$LSMB_MAIL_SMTPPORT setting from \$SSMTP_MAILHUB"
+        LSMB_MAIL_SMTPPORT=${SSMTP_MAILHUB#*:}
+    fi
+    LSMB_HAVE_DEPRECATED=1
+fi
+if [[ -n "$SSMTP_HOSTNAME" ]]; then
+    echo "\$SSMTP_HOSTNAME set; parameter is deprecated"
+    if [[ -z "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]; then
+        echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_HOSTNAME"
+        LSMB_MAIL_SMTPSENDER_HOSTNAME=$SSMTP_HOSTNAME
+    fi
+    LSMB_HAVE_DEPRECATED=1
+fi
+if [[ -n "$SSMTP_USE_STARTTLS" ]]; then
+    echo "\$SSMTP_USE_STARTTLS set; parameter is deprecated"
+    if [[ -z "$LSMB_MAIL_SMTPTLS" ]]; then
+        echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_USE_STARTTLS"
+        LSMB_MAIL_SMTPTLS=$SSMTP_USE_STARTTLS
+    fi
+    LSMB_HAVE_DEPRECATED=1
+fi
+if [[ -n "$SSMTP_AUTH_USER" ]]; then
+    echo "\$SSMTP_AUTH_USER set; parameter is deprecated"
+    if [[ -z "$LSMB_MAIL_SMTPUSER" ]]; then
+        echo "  Deriving \$LSMB_MAIL_SMTPUSER setting from \$SSMTP_AUTH_USER"
+        LSMB_MAIL_SMTPUSER=$SSMTP_AUTH_USER
+    fi
+    LSMB_HAVE_DEPRECATED=1
+fi
+if [[ -n "$SSMTP_AUTH_PASS" ]]; then
+    echo "\$SSMTP_AUTH_PASS set; parameter is deprecated"
+    if [[ -z "$LSMB_MAIL_SMTPPASS" ]]; then
+        echo "  Deriving \$LSMB_MAIL_SMTPPASS setting from \$SSMTP_AUTH_PASS"
+        LSMB_MAIL_SMTPPASS=$SSMTP_AUTH_PASS
+    fi
+    LSMB_HAVE_DEPRECATED=1
+fi
+if [[ -n "$SSMTP_AUTH_METHOD" ]]; then
+    echo "\$SSMTP_AUTH_METHOD set; parameter is deprecated"
+    if [[ -z "$LSMB_MAIL_SMTPAUTHMECH" ]]; then
+        echo "  Deriving \$LSMB_MAIL_SMTPAUTHMECH setting from \$SSMTP_AUTH_METHOD"
+        LSMB_MAIL_SMTPAUTHMECH=$SSMTP_AUTH_METHOD
+    fi
+    LSMB_HAVE_DEPRECATED=1
+fi
+
+if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then
+    echo "!!! DEPRECATED \$SSMTP_* PARAMETERS WILL BE REMOVED in the 1.9 image!!!"
+fi
+
+if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then
+  cat <<EOF >./local/conf/ledgersmb.yaml
+paths:
+  \$class: Beam::Wire
+  config:
+    UI: ./UI/
+    UI_cache: lsmb_templates/
+
+db:
+  \$class: LedgerSMB::Database::Factory
+  connect_data:
+    host: ${POSTGRES_HOST:-postgres}
+    port: ${POSTGRES_PORT:-5432}
+
+mail:
+  transport:
+    \$class: LedgerSMB::Mailer::TransportSMTP
+    tls: $LSMB_MAIL_SMTPTLS
+
+miscellaneous:
+  \$class: Beam::Wire
+  config:
+    proxy_ip: ${PROXY_IP:-172.17.0.1/12}
+
+ui:
+  class: LedgerSMB::Template::UI
+  method: new_UI
+  lifecycle: eager
+  args:
+    cache:
+      \$ref: paths/UI_cache
+    root:
+      \$ref: paths/UI
+EOF
+
+  if [[ -n "$LSMB_MAIL_SMTPHOST" ]]
+  then
+      if [[ "$LSMB_MAIL_SMTPHOST" == "__CONTAINER_GATEWAY__" ]]
+      then
+         LSMB_MAIL_SMTPHOST="$(ip route | awk '/default/ { print $3 }')"
+         export LSMB_MAIL_SMTPHOST
+      fi
+
+      cat <<EOF >./local/conf/ledgersmb.000.yaml
+mail:
+  transport:
+    host: $LSMB_MAIL_SMTPHOST
+EOF
+  fi
+
+  if [[ -n "$LSMB_MAIL_SMTPPORT" ]]
+  then
+      cat <<EOF >./local/conf/ledgersmb.001.yaml
+mail:
+  transport:
+    port: $LSMB_MAIL_SMTPPORT
+EOF
+  fi
+
+  if [[ -n "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]
+  then
+      cat <<EOF >./local/conf/ledgersmb.002.yaml
+mail:
+  transport:
+    helo: $LSMB_MAIL_SMTPSENDER_HOSTNAME
+EOF
+  fi
+
+  if [[ -n "$LSMB_MAIL_SMTPUSER" ]]
+  then
+      cat <<EOF >./local/conf/ledgersmb.003.yaml
+mail:
+  transport:
+    sasl_password: ''
+    sasl_username:
+      \$class: Authen::SASL
+      mechanism: $LSMB_MAIL_SMTPAUTHMECH
+      callback:
+        user: $LSMB_MAIL_SMTPUSER
+        pass: $LSMB_MAIL_SMTPPASS
+EOF
+  fi
+fi
+
+# start ledgersmb
+# --preload-app allows application initialization to kill the entire
+# starman instance (instead of just the worker, which will immediately
+# get restarted) on error; it also has a positive effect on memory use
+
+LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml}
+export LSMB_CONFIG_FILE
+echo '--------- LEDGERSMB CONFIGURATION:  ledgersmb.conf'
+cat ${LSMB_CONFIG_FILE}
+echo '--------- LEDGERSMB CONFIGURATION --- END'
+
+# ':5762:' suppresses an uninitialized variable warning in starman
+# the last colon means "don't connect using tls"; without it, there's a warning
+exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} \
+             -I lib -I old/lib \
+             --preload-app bin/ledgersmb-server.psgi

with-proxy/Dockerfile

@@ -1,5 +1,4 @@
-FROM lsmb-split:latest
+FROM ledgersmb/ledgersmb:1.11.18
-#FROM ledgersmb/ledgersmb:1.11.18
 USER root
 
 # Remove inherited start.sh
@@ -11,7 +10,10 @@ RUN set -x && \
     apt-get dist-upgrade -y && \
     apt-get install -y --no-install-recommends \
     nginx wget xz-utils
-    mkdir -p /var/lib/nginx/body /var/cache/nginx
+
+RUN set -x && \
+    mkdir -p /var/lib/nginx/body /var/cache/nginx && \
+    chown -R www-data:www-data /var/lib/nginx /var/cache/nginx
 
 COPY nginx.conf /etc/nginx/nginx.conf
 
@@ -34,16 +36,19 @@ RUN set -ex && \
 
 # Configure nginx and starman with s6
 COPY services/starman/run /etc/services.d/starman/run
-RUN chmod +x /etc/services.d/starman/run
+RUN chmod +x /etc/services.d/starman/run && chown www-data:www-data /etc/services.d/starman/run
 
 COPY services/nginx/run /etc/services.d/nginx/run
-RUN chmod +x /etc/services.d/nginx/run
+RUN chmod +x /etc/services.d/nginx/run && chown www-data:www-data /etc/services.d/nginx/run
 
 COPY scripts/ledgersmb_config /etc/s6-overlay/s6-rc.d/ledgersmb_config
 RUN touch /etc/s6-overlay/s6-rc.d/user/contents.d/ledgersmb_config
-RUN chmod +x /etc/s6-overlay/s6-rc.d/ledgersmb_config/up
+RUN chmod +x /etc/s6-overlay/s6-rc.d/ledgersmb_config/up \
+    /etc/s6-overlay/s6-rc.d/ledgersmb_config/config && \
+    chown -R www-data:www-data /etc/s6-overlay/s6-rc.d/ \
+    /etc/services.d /run
 
 EXPOSE 80
 
-#USER www-data
+USER www-data
 ENTRYPOINT ["/init"]

with-proxy/nginx.conf

@@ -3,8 +3,6 @@
 error_log /dev/stderr info;
 pid /tmp/nginx.pid;
 worker_processes 1;
-user www-data;
-
 
 events {
    worker_connections 1024;

with-proxy/scripts/ledgersmb_config/config

@@ -1,6 +1,4 @@
-#!/bin/bash
+#!/usr/bin/with-contenv /bin/bash
-
-set -e
 
 cd /srv/ledgersmb
 [[ -d ./local/conf/ ]] || mkdir ./local/conf/
@@ -70,36 +68,25 @@ if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then
 fi
 
 if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then
-  if [[ "x$LSMB_MAIL_SMTPTLS" == "xyes" ]]; then
-     tls_mode=starttls
-  elif [[ "x$LSMB_MAIL_SMTPTLS" == "xraw" ]]; then
-     tls_mode=ssl
-  else
-     tls_mode=none
-  fi
   cat <<EOF >./local/conf/ledgersmb.yaml
 paths:
   \$class: Beam::Wire
   config:
     UI: ./UI/
     UI_cache: lsmb_templates/
-
 db:
   \$class: LedgerSMB::Database::Factory
   connect_data:
-    host: ${POSTGRES_HOST:-postgres}
+    host: ${POSTGRES_HOST:-ledgersmb-do-user-66666666-0.k.db.ondigitalocean.com}
-    port: ${POSTGRES_PORT:-5432}
+    port: ${POSTGRES_PORT:-25060}
-
 mail:
   transport:
-    \$class: Email::Sender::Transport::SMTP
+    \$class: LedgerSMB::Mailer::TransportSMTP
-    ssl: $tls_mode
+    tls: $LSMB_MAIL_SMTPTLS
-
 miscellaneous:
   \$class: Beam::Wire
   config:
     proxy_ip: ${PROXY_IP:-172.17.0.1/12}
-
 ui:
   class: LedgerSMB::Template::UI
   method: new_UI
@@ -149,7 +136,8 @@ EOF
       cat <<EOF >./local/conf/ledgersmb.003.yaml
 mail:
   transport:
-    sasl_authenticator:
+    sasl_password: ''
+    sasl_username:
       \$class: Authen::SASL
       mechanism: $LSMB_MAIL_SMTPAUTHMECH
       callback:
@@ -158,5 +146,3 @@ mail:
 EOF
   fi
 fi
-
-exit 0

with-proxy/scripts/ledgersmb_config/up

@@ -1,3 +1,2 @@
 foreground { echo "Running config..." }
-
+/etc/s6-overlay/s6-rc.d/ledgersmb_config/config
-/usr/local/bin/config.sh

with-proxy/services/starman/run

@@ -1,3 +1,16 @@
 #!/usr/bin/with-contenv /bin/bash
 
-s6-setuidgid www-data /usr/local/bin/run.sh
+cd /srv/ledgersmb
+
+# start ledgersmb
+# --preload-app allows application initialization to kill the entire
+# starman instance (instead of just the worker, which will immediately
+# get restarted) on error; it also has a positive effect on memory use
+
+LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml}
+export LSMB_CONFIG_FILE
+echo '--------- LEDGERSMB CONFIGURATION:  ledgersmb.conf'
+cat ${LSMB_CONFIG_FILE}
+echo '--------- LEDGERSMB CONFIGURATION --- END'
+
+exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} -I lib -I old/lib --preload-app bin/ledgersmb-server.psgi