blob: 05a0b1db0332147be7af86165ed1a59c98c66bde [file] [log] [blame]
Matthias Andreas Benkardad50c362021-01-02 12:36:02 +01001{ system ? builtins.currentSystem }:
2let
3 pkgs = import <nixpkgs> { inherit system; };
4
5in
6let
7 img = spec: {
8 streamed = pkgs.dockerTools.streamLayeredImage spec;
9 layered = pkgs.dockerTools.buildLayeredImage spec;
10 image = pkgs.dockerTools.buildImage spec;
11 };
12
13in
14let
15 dockerComposeOverrideYaml =
16 pkgs.writeTextDir "docker-compose.override.yml" ''
17 version: '2.1'
18
19 services:
20 mysql-mailcow:
21 image: alpine/socat:1.0.3
22 command:
23 - UNIX-LISTEN:/var/run/mysqld/mysqld.sock,reuseaddr,fork,unlink-early,mode=0777
24 - TCP-CONNECT:mysql.system.svc.cluster.local.:3306
25 volumes:
26 - mysql-socket-vol-1:/var/run/mysqld/:Z
27 restart: always
28
29 netfilter-mailcow:
30 build: ./data/Dockerfiles/netfilter
31
32 watchdog-mailcow:
33 build: ./data/Dockerfiles/watchdog
34
35 volumes:
36 vmail-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/vmail"}}
37 vmail-index-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/vmail-index"}}
38 mysql-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/run/mysql"}}
39 mysql-socket-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/run/mysql-socket"}}
40 redis-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/redis-data"}}
41 rspamd-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/rspamd-data"}}
42 solr-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/solr-data"}}
43 postfix-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/postfix-data"}}
44 crypt-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/crypt-data"}}
45 sogo-web-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/sogo-web"}}
46 sogo-userdata-backup-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/sogo-userdata-backup"}}
47 '';
48
49 init =
50 pkgs.writeShellScriptBin "init" ''
51 set -xeuo pipefail
52
53 if ! [ -e /vol/docker-data/docker.ext4 ]; then
54 ${pkgs.busybox}/bin/dd if=/dev/zero of=/vol/docker-data/docker.ext4 bs=1G count=0 seek=30
55 ${pkgs.e2fsprogs}/bin/mkfs.ext4 /vol/docker-data/docker.ext4
56 fi
57 ${pkgs.e2fsprogs}/bin/e2fsck -y /vol/docker-data/docker.ext4
58 ${pkgs.busybox}/bin/mkdir -p /var/lib/docker
59 ${pkgs.busybox}/bin/mount -o loop,rw /vol/docker-data/docker.ext4 /var/lib/docker
60
61 ${pkgs.docker}/bin/dockerd --storage-driver=overlay2 &
62 sleep 10s
63
64 ${pkgs.docker}/bin/docker kill $(${pkgs.docker}/bin/docker ps -a -q) || :
65 ${pkgs.docker}/bin/docker system prune --volumes --force || :
66
67 ${pkgs.docker-compose}/bin/docker-compose -f /mailcow-dockerized/docker-compose.yml -f ${dockerComposeOverrideYaml}/docker-compose.override.yml build
68
69 ${pkgs.busybox}/bin/mkdir -p /tmp /run/{mysql,mysql-socket}
70 exec ${pkgs.docker-compose}/bin/docker-compose --env-file /mailcow-dockerized/mailcow.conf -f /mailcow-dockerized/docker-compose.yml -f ${dockerComposeOverrideYaml}/docker-compose.override.yml up --remove-orphans
71 '';
72
73 src = ./src;
74
75 extraDeps = with pkgs; [
76 # for Docker
77 cacert
78
79 # for update.sh
80 bash
81 coreutils
82 curl
83 docker
84 docker-compose
85 findutils
86 gawk
87 gitMinimal
88 ];
89
90 maintenanceDeps = with pkgs; [
91 bash
92 busybox
93 coreutils
94 findutils
95 pxattr
96 strace
97 ];
98
99in
100img {
101 name = "docker.benkard.de/mulk/mailcow";
Matthias Andreas Benkardcc14d222021-01-06 17:59:02 +0100102 #tag = "latest";
Matthias Andreas Benkardad50c362021-01-02 12:36:02 +0100103 maxLayers = 125;
104 contents = extraDeps ++ maintenanceDeps;
105 extraCommands =
106 ''
107 #!${pkgs.runtimeShell}
108
109 install -dm755 vol/{crypt-data,postfix-data,redis-data,rspamd-data,sogo-web,sogo-userdata-backup,solr-data,vmail,vmail-index,web-data}
110
111 cp -a ${src}/* .
112 '';
113 config = {
114 Entrypoint = [ "${init}/bin/init" ];
115 Cmd = [ ];
116 Workdir = "/mailcow-dockerized";
117 Volumes = {
118 "/mailcow-dockerized/data/conf" = { };
119 "/mailcow-dockerized/data/assets/ssl" = { };
120 "/vol/crypt-data" = { };
121 "/vol/docker-data" = { };
122 "/vol/postfix-data" = { };
123 "/vol/redis-data" = { };
124 "/vol/rspamd-data" = { };
125 "/vol/sogo-web" = { };
126 "/vol/sogo-userdata-backup" = { };
127 "/vol/solr-data" = { };
128 "/vol/vmail" = { };
129 "/vol/vmail-index" = { };
130 "/vol/web-data" = { };
131 };
132 };
133}