Merge 1fefe51e66 into 6dd3c079fe

Clean up untagged images from the 'ledgersmb' package repo

.github/workflows/images-cleanup.yml

@@ -0,0 +1,18 @@
+name: Docker Image cleanup
+
+on:
+  push:
+  workflow_dispatch:
+  schedule:
+    # Schedule for five minutes after the hour, every Friday
+    - cron: '10 3 * * 5'
+
+jobs:
+  cleanup:
+    if: github.repository_owner == 'ledgersmb'
+    runs-on: ubuntu-latest
+    steps:
+    - name: ghcr.io cleanup action
+      uses: dataaxiom/ghcr-cleanup-action@v1
+      with:
+        packages: ledgersmb

README.md

@@ -16,8 +16,9 @@ Dockerfile for LedgerSMB Docker image
 
 # Supported tags
 
-- `1.11`, `1.11.x`, `latest` - Latest official release from the 1.11 branch
-- `1.10`, `1.10.x` - Latest official release from the 1.10 branch
+- `1.12`, `1.12.x`, `latest` - Latest official release from the 1.12 branch
+- `1.11`, `1.11.x` - Latest official release from the 1.11 branch
+- `1.10`, `1.10.38` - Last official release from the 1.10 branch (End-of-Life)
 - `1.9`, `1.9.30` - Last official release from the 1.9 branch (End-of-Life)
 - `1.8`, `1.8.31` - Last official release from the 1.8 branch (End-of-Life)
 - `1.7`, `1.7.41` - Last official release from the 1.7 branch (End-of-Life)

base/Dockerfile

@@ -5,7 +5,7 @@ ARG SRCIMAGE=debian:bookworm-slim
 
 FROM  $SRCIMAGE AS builder
 
-ARG LSMB_VERSION="1.11.17"
+ARG LSMB_VERSION="1.12.5"
 ARG LSMB_DL_DIR="Releases"
 ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz"
 
@@ -51,7 +51,7 @@ LABEL org.opencontainers.image.description="LedgerSMB is a full featured double-
  the LedgerSMB project is to bring high quality ERP and accounting capabilities\
  to Small and Midsize Businesses."
 
-ARG LSMB_VERSION="1.11.17"
+ARG LSMB_VERSION="1.12.5"
 ARG LSMB_DL_DIR="Releases"
 ARG ARTIFACT_LOCATION="https://download.ledgersmb.org/f/$LSMB_DL_DIR/$LSMB_VERSION/ledgersmb-$LSMB_VERSION.tar.gz"
 
@@ -83,9 +83,8 @@ RUN set -x ; \
     libclass-c3-xs-perl \
     texlive-plain-generic texlive-latex-recommended texlive-fonts-recommended \
     texlive-xetex fonts-liberation \
-    lsb-release && \
-  echo "deb [signed-by=/etc/apt/keyrings/postgresql.asc] http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \
-  wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc > /etc/apt/keyrings/postgresql.asc && \
+    lsb-release postgresql-common && \
+  /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y && \
   DEBIAN_FRONTEND="noninteractive" apt-get -q -y update && \
   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install postgresql-client && \
   DEBIAN_FRONTEND="noninteractive" apt-get -q -y install git cpanminus make gcc libperl-dev && \
@@ -112,20 +111,22 @@ WORKDIR /srv/ledgersmb
 ## MAIL
 # '__CONTAINER_GATEWAY__' is a magic value which will be substituted
 # with the actual gateway IP address
-ENV LSMB_MAIL_SMTPHOST __CONTAINER_GATEWAY__
-#ENV LSMB_MAIL_SMTPPORT 25
-#ENV LSMB_MAIL_SMTPSENDER_HOSTNAME (container hostname)
-#ENV LSMB_MAIL_SMTPTLS
-#ENV LSMB_MAIL_SMTPUSER
-#ENV LSMB_MAIL_SMTPPASS
-#ENV LSMB_MAIL_SMTPAUTHMECH
+ENV LSMB_MAIL_SMTPHOST=__CONTAINER_GATEWAY__
+#ENV LSMB_MAIL_SMTPPORT=25
+#ENV LSMB_MAIL_SMTPSENDER_HOSTNAME=(container hostname)
+#ENV LSMB_MAIL_SMTPTLS=
+#ENV LSMB_MAIL_SMTPUSER=
+#ENV LSMB_MAIL_SMTPPASS=
+#ENV LSMB_MAIL_SMTPAUTHMECH=
 
 ## DATABASE
-ENV POSTGRES_HOST postgres
-ENV POSTGRES_PORT 5432
-ENV DEFAULT_DB lsmb
+ENV POSTGRES_HOST=postgres
+ENV POSTGRES_PORT=5432
+ENV DEFAULT_DB=lsmb
 
 COPY start.sh /usr/local/bin/start.sh
+COPY config.sh /usr/local/bin/config.sh
+COPY run.sh /usr/local/bin/run.sh
 
 RUN chmod +x /usr/local/bin/start.sh && \
   mkdir -p /var/www && \

base/config.sh

@@ -1,4 +1,6 @@
-#!/usr/bin/with-contenv /bin/bash
+#!/bin/bash
+
+set -e
 
 cd /srv/ledgersmb
 [[ -d ./local/conf/ ]] || mkdir ./local/conf/
@@ -68,25 +70,36 @@ if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then
 fi
 
 if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then
+  if [[ "x$LSMB_MAIL_SMTPTLS" == "xyes" ]]; then
+     tls_mode=starttls
+  elif [[ "x$LSMB_MAIL_SMTPTLS" == "xraw" ]]; then
+     tls_mode=ssl
+  else
+     tls_mode=none
+  fi
   cat <<EOF >./local/conf/ledgersmb.yaml
 paths:
   \$class: Beam::Wire
   config:
     UI: ./UI/
     UI_cache: lsmb_templates/
+
 db:
   \$class: LedgerSMB::Database::Factory
   connect_data:
-    host: ${POSTGRES_HOST:-ledgersmb-do-user-66666666-0.k.db.ondigitalocean.com}
-    port: ${POSTGRES_PORT:-25060}
+    host: ${POSTGRES_HOST:-postgres}
+    port: ${POSTGRES_PORT:-5432}
+
 mail:
   transport:
-    \$class: LedgerSMB::Mailer::TransportSMTP
-    tls: $LSMB_MAIL_SMTPTLS
+    \$class: Email::Sender::Transport::SMTP
+    ssl: $tls_mode
+
 miscellaneous:
   \$class: Beam::Wire
   config:
     proxy_ip: ${PROXY_IP:-172.17.0.1/12}
+
 ui:
   class: LedgerSMB::Template::UI
   method: new_UI
@@ -136,8 +149,7 @@ EOF
       cat <<EOF >./local/conf/ledgersmb.003.yaml
 mail:
   transport:
-    sasl_password: ''
-    sasl_username:
+    sasl_authenticator:
       \$class: Authen::SASL
       mechanism: $LSMB_MAIL_SMTPAUTHMECH
       callback:
@@ -146,3 +158,5 @@ mail:
 EOF
   fi
 fi
+
+exit 0

base/docker-compose.yml

@@ -31,7 +31,7 @@ services:
   lsmb:
     depends_on:
       - postgres
-    image: ghcr.io/ledgersmb/ledgersmb:1.11
+    image: ghcr.io/ledgersmb/ledgersmb:1.12
       # In order to store the configuration outside the image, allowing it to
       # be edited between container restarts, uncomment the section below and
       # change the 'source' to the directory where you want the configuration

base/run.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+cd /srv/ledgersmb
+LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml}
+export LSMB_CONFIG_FILE
+echo '--------- LEDGERSMB CONFIGURATION:  ledgersmb.conf'
+cat ${LSMB_CONFIG_FILE}
+echo '--------- LEDGERSMB CONFIGURATION --- END'
+
+# ':5762:' suppresses an uninitialized variable warning in starman
+# the last colon means "don't connect using tls"; without it, there's a warning
+exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} \
+             -I lib -I old/lib \
+             --preload-app bin/ledgersmb-server.psgi

base/start.sh

@@ -1,169 +1,5 @@
 #!/bin/bash
 
-cd /srv/ledgersmb
-[[ -d ./local/conf/ ]] || mkdir ./local/conf/
-if [[ -n "$SSMTP_ROOT" ]]; then
-    echo "\$SSMTP_ROOT set; parameter is deprecated and will be ignored"
-    LSMB_HAVE_DEPRECATED=1
-fi
-if [[ -n "$SSMTP_FROMLINE_OVERRIDE" ]]; then
-    echo "\$SSMTP_FROMLINE_OVERRIDE set; parameter is deprecated and will be ignored"
-    LSMB_HAVE_DEPRECATED=1
-fi
-if [[ -n "$SSMTP_MAILHUB" ]]; then
-    echo "\$SSMTP_MAILHUB set; parameter is deprecated"
-    if [[ -z "$LSMB_MAIL_SMTPHOST" ]]; then
-        echo "  Deriving \$LSMB_MAIL_SMTPHOST setting from \$SSMTP_MAILHUB"
-        LSMB_MAIL_SMTPHOST=${SSMTP_MAILHUB%:*}
-    fi
-    if [[ -z "$LSMB_MAIL_SMTPPORT" ]]; then
-        echo "  Deriving \$LSMB_MAIL_SMTPPORT setting from \$SSMTP_MAILHUB"
-        LSMB_MAIL_SMTPPORT=${SSMTP_MAILHUB#*:}
-    fi
-    LSMB_HAVE_DEPRECATED=1
-fi
-if [[ -n "$SSMTP_HOSTNAME" ]]; then
-    echo "\$SSMTP_HOSTNAME set; parameter is deprecated"
-    if [[ -z "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]; then
-        echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_HOSTNAME"
-        LSMB_MAIL_SMTPSENDER_HOSTNAME=$SSMTP_HOSTNAME
-    fi
-    LSMB_HAVE_DEPRECATED=1
-fi
-if [[ -n "$SSMTP_USE_STARTTLS" ]]; then
-    echo "\$SSMTP_USE_STARTTLS set; parameter is deprecated"
-    if [[ -z "$LSMB_MAIL_SMTPTLS" ]]; then
-        echo "  Deriving \$LSMB_MAIL_SMTPSENDER_HOSTNAME setting from \$SSMTP_USE_STARTTLS"
-        LSMB_MAIL_SMTPTLS=$SSMTP_USE_STARTTLS
-    fi
-    LSMB_HAVE_DEPRECATED=1
-fi
-if [[ -n "$SSMTP_AUTH_USER" ]]; then
-    echo "\$SSMTP_AUTH_USER set; parameter is deprecated"
-    if [[ -z "$LSMB_MAIL_SMTPUSER" ]]; then
-        echo "  Deriving \$LSMB_MAIL_SMTPUSER setting from \$SSMTP_AUTH_USER"
-        LSMB_MAIL_SMTPUSER=$SSMTP_AUTH_USER
-    fi
-    LSMB_HAVE_DEPRECATED=1
-fi
-if [[ -n "$SSMTP_AUTH_PASS" ]]; then
-    echo "\$SSMTP_AUTH_PASS set; parameter is deprecated"
-    if [[ -z "$LSMB_MAIL_SMTPPASS" ]]; then
-        echo "  Deriving \$LSMB_MAIL_SMTPPASS setting from \$SSMTP_AUTH_PASS"
-        LSMB_MAIL_SMTPPASS=$SSMTP_AUTH_PASS
-    fi
-    LSMB_HAVE_DEPRECATED=1
-fi
-if [[ -n "$SSMTP_AUTH_METHOD" ]]; then
-    echo "\$SSMTP_AUTH_METHOD set; parameter is deprecated"
-    if [[ -z "$LSMB_MAIL_SMTPAUTHMECH" ]]; then
-        echo "  Deriving \$LSMB_MAIL_SMTPAUTHMECH setting from \$SSMTP_AUTH_METHOD"
-        LSMB_MAIL_SMTPAUTHMECH=$SSMTP_AUTH_METHOD
-    fi
-    LSMB_HAVE_DEPRECATED=1
-fi
-
-if [[ -n "$LSMB_HAVE_DEPRECATED" ]]; then
-    echo "!!! DEPRECATED \$SSMTP_* PARAMETERS WILL BE REMOVED in the 1.9 image!!!"
-fi
-
-if [[ ! -f ./local/conf/ledgersmb.yaml ]]; then
-  cat <<EOF >./local/conf/ledgersmb.yaml
-paths:
-  \$class: Beam::Wire
-  config:
-    UI: ./UI/
-    UI_cache: lsmb_templates/
-
-db:
-  \$class: LedgerSMB::Database::Factory
-  connect_data:
-    host: ${POSTGRES_HOST:-postgres}
-    port: ${POSTGRES_PORT:-5432}
-
-mail:
-  transport:
-    \$class: LedgerSMB::Mailer::TransportSMTP
-    tls: $LSMB_MAIL_SMTPTLS
-
-miscellaneous:
-  \$class: Beam::Wire
-  config:
-    proxy_ip: ${PROXY_IP:-172.17.0.1/12}
-
-ui:
-  class: LedgerSMB::Template::UI
-  method: new_UI
-  lifecycle: eager
-  args:
-    cache:
-      \$ref: paths/UI_cache
-    root:
-      \$ref: paths/UI
-EOF
-
-  if [[ -n "$LSMB_MAIL_SMTPHOST" ]]
-  then
-      if [[ "$LSMB_MAIL_SMTPHOST" == "__CONTAINER_GATEWAY__" ]]
-      then
-         LSMB_MAIL_SMTPHOST="$(ip route | awk '/default/ { print $3 }')"
-         export LSMB_MAIL_SMTPHOST
-      fi
-
-      cat <<EOF >./local/conf/ledgersmb.000.yaml
-mail:
-  transport:
-    host: $LSMB_MAIL_SMTPHOST
-EOF
-  fi
-
-  if [[ -n "$LSMB_MAIL_SMTPPORT" ]]
-  then
-      cat <<EOF >./local/conf/ledgersmb.001.yaml
-mail:
-  transport:
-    port: $LSMB_MAIL_SMTPPORT
-EOF
-  fi
-
-  if [[ -n "$LSMB_MAIL_SMTPSENDER_HOSTNAME" ]]
-  then
-      cat <<EOF >./local/conf/ledgersmb.002.yaml
-mail:
-  transport:
-    helo: $LSMB_MAIL_SMTPSENDER_HOSTNAME
-EOF
-  fi
-
-  if [[ -n "$LSMB_MAIL_SMTPUSER" ]]
-  then
-      cat <<EOF >./local/conf/ledgersmb.003.yaml
-mail:
-  transport:
-    sasl_password: ''
-    sasl_username:
-      \$class: Authen::SASL
-      mechanism: $LSMB_MAIL_SMTPAUTHMECH
-      callback:
-        user: $LSMB_MAIL_SMTPUSER
-        pass: $LSMB_MAIL_SMTPPASS
-EOF
-  fi
-fi
-
-# start ledgersmb
-# --preload-app allows application initialization to kill the entire
-# starman instance (instead of just the worker, which will immediately
-# get restarted) on error; it also has a positive effect on memory use
-
-LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml}
-export LSMB_CONFIG_FILE
-echo '--------- LEDGERSMB CONFIGURATION:  ledgersmb.conf'
-cat ${LSMB_CONFIG_FILE}
-echo '--------- LEDGERSMB CONFIGURATION --- END'
-
-# ':5762:' suppresses an uninitialized variable warning in starman
-# the last colon means "don't connect using tls"; without it, there's a warning
-exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} \
-             -I lib -I old/lib \
-             --preload-app bin/ledgersmb-server.psgi
+home_dir="$(dirname `readlink -f $BASH_SOURCE`)"
+"$home_dir/config.sh" || (echo "Failed configuration" ; exit)
+exec "$home_dir/run.sh"

with-proxy/Dockerfile

@@ -1,4 +1,5 @@
-FROM ledgersmb/ledgersmb:1.11.18
+FROM lsmb-split:latest
+#FROM ledgersmb/ledgersmb:1.11.18
 USER root
 
 # Remove inherited start.sh
@@ -10,10 +11,7 @@ RUN set -x && \
     apt-get dist-upgrade -y && \
     apt-get install -y --no-install-recommends \
     nginx wget xz-utils
-
-RUN set -x && \
-    mkdir -p /var/lib/nginx/body /var/cache/nginx && \
-    chown -R www-data:www-data /var/lib/nginx /var/cache/nginx
+    mkdir -p /var/lib/nginx/body /var/cache/nginx
 
 COPY nginx.conf /etc/nginx/nginx.conf
 
@@ -36,19 +34,16 @@ RUN set -ex && \
 
 # Configure nginx and starman with s6
 COPY services/starman/run /etc/services.d/starman/run
-RUN chmod +x /etc/services.d/starman/run && chown www-data:www-data /etc/services.d/starman/run
+RUN chmod +x /etc/services.d/starman/run
 
 COPY services/nginx/run /etc/services.d/nginx/run
-RUN chmod +x /etc/services.d/nginx/run && chown www-data:www-data /etc/services.d/nginx/run
+RUN chmod +x /etc/services.d/nginx/run
 
 COPY scripts/ledgersmb_config /etc/s6-overlay/s6-rc.d/ledgersmb_config
 RUN touch /etc/s6-overlay/s6-rc.d/user/contents.d/ledgersmb_config
-RUN chmod +x /etc/s6-overlay/s6-rc.d/ledgersmb_config/up \
-    /etc/s6-overlay/s6-rc.d/ledgersmb_config/config && \
-    chown -R www-data:www-data /etc/s6-overlay/s6-rc.d/ \
-    /etc/services.d /run
+RUN chmod +x /etc/s6-overlay/s6-rc.d/ledgersmb_config/up
 
 EXPOSE 80
 
-USER www-data
+#USER www-data
 ENTRYPOINT ["/init"]

with-proxy/nginx.conf

@@ -3,6 +3,8 @@
 error_log /dev/stderr info;
 pid /tmp/nginx.pid;
 worker_processes 1;
+user www-data;
+
 
 events {
    worker_connections 1024;

with-proxy/scripts/ledgersmb_config/up

@@ -1,2 +1,3 @@
 foreground { echo "Running config..." }
-/etc/s6-overlay/s6-rc.d/ledgersmb_config/config
+
+/usr/local/bin/config.sh

with-proxy/services/starman/run

@@ -1,16 +1,3 @@
 #!/usr/bin/with-contenv /bin/bash
 
-cd /srv/ledgersmb
-
-# start ledgersmb
-# --preload-app allows application initialization to kill the entire
-# starman instance (instead of just the worker, which will immediately
-# get restarted) on error; it also has a positive effect on memory use
-
-LSMB_CONFIG_FILE=${LSMB_CONFIG_FILE:-./local/conf/ledgersmb.yaml}
-export LSMB_CONFIG_FILE
-echo '--------- LEDGERSMB CONFIGURATION:  ledgersmb.conf'
-cat ${LSMB_CONFIG_FILE}
-echo '--------- LEDGERSMB CONFIGURATION --- END'
-
-exec starman --listen 0.0.0.0:5762 --workers ${LSMB_WORKERS:-5} -I lib -I old/lib --preload-app bin/ledgersmb-server.psgi
+s6-setuidgid www-data /usr/local/bin/run.sh