mailcow/default.nix - kubeia - Gitiles

 { system ? builtins.currentSystem }:
 let
   pkgs = import <nixpkgs> {
     inherit system;
     overlays = [
       (self: super: {
         docker = super.docker.override {
           iptables = self.iptables-legacy;
         };
       })
     ];
   };

 in
 let
   img = spec: {
     streamed = pkgs.dockerTools.streamLayeredImage spec;
     layered = pkgs.dockerTools.buildLayeredImage spec;
     image = pkgs.dockerTools.buildImage spec;
   };

 in
 let
   dockerComposeOverrideYaml =
     pkgs.writeTextDir "docker-compose.override.yml" ''
       version: '2.1'

       services:
         mysql-mailcow:
           image: alpine/socat:1.0.3
           command:
             - UNIX-LISTEN:/var/run/mysqld/mysqld.sock,reuseaddr,fork,unlink-early,mode=0777
             - TCP-CONNECT:mysql.system.svc.cluster.local.:3306
           volumes:
             - mysql-socket-vol-1:/var/run/mysqld/:Z
           restart: always

         netfilter-mailcow:
           build: ./data/Dockerfiles/netfilter

         dockerapi-mailcow:
           build: ./data/Dockerfiles/dockerapi

         watchdog-mailcow:
           build: ./data/Dockerfiles/watchdog

       volumes:
         vmail-vol-1:                {driver: local, driver_opts: {o: bind, type: none, device: "/vol/vmail"}}
         vmail-index-vol-1:          {driver: local, driver_opts: {o: bind, type: none, device: "/vol/vmail-index"}}
         mysql-vol-1:                {driver: local, driver_opts: {o: bind, type: none, device: "/run/mysql"}}
         mysql-socket-vol-1:         {driver: local, driver_opts: {o: bind, type: none, device: "/run/mysql-socket"}}
         redis-vol-1:                {driver: local, driver_opts: {o: bind, type: none, device: "/vol/redis-data"}}
         rspamd-vol-1:               {driver: local, driver_opts: {o: bind, type: none, device: "/vol/rspamd-data"}}
         solr-vol-1:                 {driver: local, driver_opts: {o: bind, type: none, device: "/vol/solr-data"}}
         postfix-vol-1:              {driver: local, driver_opts: {o: bind, type: none, device: "/vol/postfix-data"}}
         crypt-vol-1:                {driver: local, driver_opts: {o: bind, type: none, device: "/vol/crypt-data"}}
         sogo-web-vol-1:             {driver: local, driver_opts: {o: bind, type: none, device: "/vol/sogo-web"}}
         sogo-userdata-backup-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/sogo-userdata-backup"}}
     '';

   init =
     pkgs.writeShellScriptBin "init" ''
       set -xeuo pipefail

       if ! [ -e /vol/docker-data/docker.ext4 ]; then
           ${pkgs.busybox}/bin/dd if=/dev/zero of=/vol/docker-data/docker.ext4 bs=1G count=0 seek=30
           ${pkgs.e2fsprogs}/bin/mkfs.ext4 /vol/docker-data/docker.ext4
       fi
       ${pkgs.e2fsprogs}/bin/e2fsck -y /vol/docker-data/docker.ext4
       ${pkgs.busybox}/bin/mkdir -p /var/lib/docker
       ${pkgs.busybox}/bin/mount -o loop,rw /vol/docker-data/docker.ext4 /var/lib/docker

       ${pkgs.docker}/bin/dockerd --storage-driver=overlay2 &
       sleep 10s

       ${pkgs.docker}/bin/docker kill $(${pkgs.docker}/bin/docker ps -a -q) || :
       ${pkgs.docker}/bin/docker system prune --volumes --force || :

       ${pkgs.docker-compose}/bin/docker-compose -f /mailcow-dockerized/docker-compose.yml -f ${dockerComposeOverrideYaml}/docker-compose.override.yml build

       ${pkgs.busybox}/bin/mkdir -p /tmp /run/{mysql,mysql-socket}
       ${pkgs.busybox}/bin/chmod u+w /mailcow-dockerized/data/web/templates/cache
       exec ${pkgs.docker-compose}/bin/docker-compose --env-file /mailcow-dockerized/mailcow.conf -f /mailcow-dockerized/docker-compose.yml -f ${dockerComposeOverrideYaml}/docker-compose.override.yml up --remove-orphans
     '';

   src = ./src;

   extraDeps = with pkgs; [
     # for Docker
     cacert

     # for update.sh
     bash
     coreutils
     curl
     docker
     docker-compose
     findutils
     gawk
     gitMinimal
   ];

   maintenanceDeps = with pkgs; [
     bash
     busybox
     coreutils
     findutils
     pxattr
     strace
   ];

 in
 img {
   name = "docker.benkard.de/mulk/mailcow";
   #tag = "latest";
   maxLayers = 125;
   contents = extraDeps ++ maintenanceDeps;
   extraCommands =
     ''
       #!${pkgs.runtimeShell}

       install -dm755 vol/{crypt-data,postfix-data,redis-data,rspamd-data,sogo-web,sogo-userdata-backup,solr-data,vmail,vmail-index,web-data}

       cp -a ${src}/* .
     '';
   config = {
     Entrypoint = [ "${init}/bin/init" ];
     Cmd = [ ];
     Workdir = "/mailcow-dockerized";
     Volumes = {
       "/mailcow-dockerized/data/conf" = { };
       "/mailcow-dockerized/data/assets/ssl" = { };
       "/vol/crypt-data" = { };
       "/vol/docker-data" = { };
       "/vol/postfix-data" = { };
       "/vol/redis-data" = { };
       "/vol/rspamd-data" = { };
       "/vol/sogo-web" = { };
       "/vol/sogo-userdata-backup" = { };
       "/vol/solr-data" = { };
       "/vol/vmail" = { };
       "/vol/vmail-index" = { };
       "/vol/web-data" = { };
     };
   };
 }
	{ system ? builtins.currentSystem }:
	let
	pkgs = import <nixpkgs> {
	inherit system;
	overlays = [
	(self: super: {
	docker = super.docker.override {
	iptables = self.iptables-legacy;
	};
	})
	];
	};

	in
	let
	img = spec: {
	streamed = pkgs.dockerTools.streamLayeredImage spec;
	layered = pkgs.dockerTools.buildLayeredImage spec;
	image = pkgs.dockerTools.buildImage spec;
	};

	in
	let
	dockerComposeOverrideYaml =
	pkgs.writeTextDir "docker-compose.override.yml" ''
	version: '2.1'

	services:
	mysql-mailcow:
	image: alpine/socat:1.0.3
	command:
	- UNIX-LISTEN:/var/run/mysqld/mysqld.sock,reuseaddr,fork,unlink-early,mode=0777
	- TCP-CONNECT:mysql.system.svc.cluster.local.:3306
	volumes:
	- mysql-socket-vol-1:/var/run/mysqld/:Z
	restart: always

	netfilter-mailcow:
	build: ./data/Dockerfiles/netfilter

	dockerapi-mailcow:
	build: ./data/Dockerfiles/dockerapi

	watchdog-mailcow:
	build: ./data/Dockerfiles/watchdog

	volumes:
	vmail-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/vmail"}}
	vmail-index-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/vmail-index"}}
	mysql-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/run/mysql"}}
	mysql-socket-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/run/mysql-socket"}}
	redis-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/redis-data"}}
	rspamd-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/rspamd-data"}}
	solr-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/solr-data"}}
	postfix-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/postfix-data"}}
	crypt-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/crypt-data"}}
	sogo-web-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/sogo-web"}}
	sogo-userdata-backup-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/sogo-userdata-backup"}}
	'';

	init =
	pkgs.writeShellScriptBin "init" ''
	set -xeuo pipefail

	if ! [ -e /vol/docker-data/docker.ext4 ]; then
	${pkgs.busybox}/bin/dd if=/dev/zero of=/vol/docker-data/docker.ext4 bs=1G count=0 seek=30
	${pkgs.e2fsprogs}/bin/mkfs.ext4 /vol/docker-data/docker.ext4
	fi
	${pkgs.e2fsprogs}/bin/e2fsck -y /vol/docker-data/docker.ext4
	${pkgs.busybox}/bin/mkdir -p /var/lib/docker
	${pkgs.busybox}/bin/mount -o loop,rw /vol/docker-data/docker.ext4 /var/lib/docker

	${pkgs.docker}/bin/dockerd --storage-driver=overlay2 &
	sleep 10s

	${pkgs.docker}/bin/docker kill $(${pkgs.docker}/bin/docker ps -a -q) \|\| :
	${pkgs.docker}/bin/docker system prune --volumes --force \|\| :

	${pkgs.docker-compose}/bin/docker-compose -f /mailcow-dockerized/docker-compose.yml -f ${dockerComposeOverrideYaml}/docker-compose.override.yml build

	${pkgs.busybox}/bin/mkdir -p /tmp /run/{mysql,mysql-socket}
	${pkgs.busybox}/bin/chmod u+w /mailcow-dockerized/data/web/templates/cache
	exec ${pkgs.docker-compose}/bin/docker-compose --env-file /mailcow-dockerized/mailcow.conf -f /mailcow-dockerized/docker-compose.yml -f ${dockerComposeOverrideYaml}/docker-compose.override.yml up --remove-orphans
	'';

	src = ./src;

	extraDeps = with pkgs; [
	# for Docker
	cacert

	# for update.sh
	bash
	coreutils
	curl
	docker
	docker-compose
	findutils
	gawk
	gitMinimal
	];

	maintenanceDeps = with pkgs; [
	bash
	busybox
	coreutils
	findutils
	pxattr
	strace
	];

	in
	img {
	name = "docker.benkard.de/mulk/mailcow";
	#tag = "latest";
	maxLayers = 125;
	contents = extraDeps ++ maintenanceDeps;
	extraCommands =
	''
	#!${pkgs.runtimeShell}

	install -dm755 vol/{crypt-data,postfix-data,redis-data,rspamd-data,sogo-web,sogo-userdata-backup,solr-data,vmail,vmail-index,web-data}

	cp -a ${src}/* .
	'';
	config = {
	Entrypoint = [ "${init}/bin/init" ];
	Cmd = [ ];
	Workdir = "/mailcow-dockerized";
	Volumes = {
	"/mailcow-dockerized/data/conf" = { };
	"/mailcow-dockerized/data/assets/ssl" = { };
	"/vol/crypt-data" = { };
	"/vol/docker-data" = { };
	"/vol/postfix-data" = { };
	"/vol/redis-data" = { };
	"/vol/rspamd-data" = { };
	"/vol/sogo-web" = { };
	"/vol/sogo-userdata-backup" = { };
	"/vol/solr-data" = { };
	"/vol/vmail" = { };
	"/vol/vmail-index" = { };
	"/vol/web-data" = { };
	};
	};
	}