Matthias Andreas Benkard | ad50c36 | 2021-01-02 12:36:02 +0100 | [diff] [blame] | 1 | { system ? builtins.currentSystem }: |
| 2 | let |
Matthias Andreas Benkard | f3d740c | 2022-12-28 21:27:39 +0100 | [diff] [blame] | 3 | pkgs = import <nixpkgs> { |
| 4 | inherit system; |
| 5 | overlays = [ |
| 6 | (self: super: { |
| 7 | docker = super.docker.override { |
| 8 | iptables = self.iptables-legacy; |
| 9 | }; |
| 10 | }) |
| 11 | ]; |
| 12 | }; |
Matthias Andreas Benkard | ad50c36 | 2021-01-02 12:36:02 +0100 | [diff] [blame] | 13 | |
| 14 | in |
| 15 | let |
| 16 | img = spec: { |
| 17 | streamed = pkgs.dockerTools.streamLayeredImage spec; |
| 18 | layered = pkgs.dockerTools.buildLayeredImage spec; |
| 19 | image = pkgs.dockerTools.buildImage spec; |
| 20 | }; |
| 21 | |
| 22 | in |
| 23 | let |
| 24 | dockerComposeOverrideYaml = |
| 25 | pkgs.writeTextDir "docker-compose.override.yml" '' |
| 26 | version: '2.1' |
| 27 | |
| 28 | services: |
| 29 | mysql-mailcow: |
| 30 | image: alpine/socat:1.0.3 |
| 31 | command: |
| 32 | - UNIX-LISTEN:/var/run/mysqld/mysqld.sock,reuseaddr,fork,unlink-early,mode=0777 |
| 33 | - TCP-CONNECT:mysql.system.svc.cluster.local.:3306 |
| 34 | volumes: |
| 35 | - mysql-socket-vol-1:/var/run/mysqld/:Z |
| 36 | restart: always |
| 37 | |
| 38 | netfilter-mailcow: |
| 39 | build: ./data/Dockerfiles/netfilter |
| 40 | |
Matthias Andreas Benkard | c0f9e20 | 2022-12-28 22:38:46 +0100 | [diff] [blame] | 41 | dockerapi-mailcow: |
| 42 | build: ./data/Dockerfiles/dockerapi |
| 43 | |
Matthias Andreas Benkard | ad50c36 | 2021-01-02 12:36:02 +0100 | [diff] [blame] | 44 | watchdog-mailcow: |
| 45 | build: ./data/Dockerfiles/watchdog |
| 46 | |
| 47 | volumes: |
| 48 | vmail-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/vmail"}} |
| 49 | vmail-index-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/vmail-index"}} |
| 50 | mysql-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/run/mysql"}} |
| 51 | mysql-socket-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/run/mysql-socket"}} |
| 52 | redis-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/redis-data"}} |
| 53 | rspamd-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/rspamd-data"}} |
| 54 | solr-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/solr-data"}} |
| 55 | postfix-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/postfix-data"}} |
| 56 | crypt-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/crypt-data"}} |
| 57 | sogo-web-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/sogo-web"}} |
| 58 | sogo-userdata-backup-vol-1: {driver: local, driver_opts: {o: bind, type: none, device: "/vol/sogo-userdata-backup"}} |
| 59 | ''; |
| 60 | |
| 61 | init = |
| 62 | pkgs.writeShellScriptBin "init" '' |
| 63 | set -xeuo pipefail |
| 64 | |
| 65 | if ! [ -e /vol/docker-data/docker.ext4 ]; then |
| 66 | ${pkgs.busybox}/bin/dd if=/dev/zero of=/vol/docker-data/docker.ext4 bs=1G count=0 seek=30 |
| 67 | ${pkgs.e2fsprogs}/bin/mkfs.ext4 /vol/docker-data/docker.ext4 |
| 68 | fi |
| 69 | ${pkgs.e2fsprogs}/bin/e2fsck -y /vol/docker-data/docker.ext4 |
| 70 | ${pkgs.busybox}/bin/mkdir -p /var/lib/docker |
| 71 | ${pkgs.busybox}/bin/mount -o loop,rw /vol/docker-data/docker.ext4 /var/lib/docker |
| 72 | |
| 73 | ${pkgs.docker}/bin/dockerd --storage-driver=overlay2 & |
| 74 | sleep 10s |
| 75 | |
| 76 | ${pkgs.docker}/bin/docker kill $(${pkgs.docker}/bin/docker ps -a -q) || : |
| 77 | ${pkgs.docker}/bin/docker system prune --volumes --force || : |
| 78 | |
| 79 | ${pkgs.docker-compose}/bin/docker-compose -f /mailcow-dockerized/docker-compose.yml -f ${dockerComposeOverrideYaml}/docker-compose.override.yml build |
| 80 | |
| 81 | ${pkgs.busybox}/bin/mkdir -p /tmp /run/{mysql,mysql-socket} |
Matthias Andreas Benkard | f3d740c | 2022-12-28 21:27:39 +0100 | [diff] [blame] | 82 | ${pkgs.busybox}/bin/chmod u+w /mailcow-dockerized/data/web/templates/cache |
Matthias Andreas Benkard | ad50c36 | 2021-01-02 12:36:02 +0100 | [diff] [blame] | 83 | exec ${pkgs.docker-compose}/bin/docker-compose --env-file /mailcow-dockerized/mailcow.conf -f /mailcow-dockerized/docker-compose.yml -f ${dockerComposeOverrideYaml}/docker-compose.override.yml up --remove-orphans |
| 84 | ''; |
| 85 | |
| 86 | src = ./src; |
| 87 | |
| 88 | extraDeps = with pkgs; [ |
| 89 | # for Docker |
| 90 | cacert |
| 91 | |
| 92 | # for update.sh |
| 93 | bash |
| 94 | coreutils |
| 95 | curl |
| 96 | docker |
| 97 | docker-compose |
| 98 | findutils |
| 99 | gawk |
| 100 | gitMinimal |
| 101 | ]; |
| 102 | |
| 103 | maintenanceDeps = with pkgs; [ |
| 104 | bash |
| 105 | busybox |
| 106 | coreutils |
| 107 | findutils |
| 108 | pxattr |
| 109 | strace |
| 110 | ]; |
| 111 | |
| 112 | in |
| 113 | img { |
| 114 | name = "docker.benkard.de/mulk/mailcow"; |
Matthias Andreas Benkard | cc14d22 | 2021-01-06 17:59:02 +0100 | [diff] [blame] | 115 | #tag = "latest"; |
Matthias Andreas Benkard | ad50c36 | 2021-01-02 12:36:02 +0100 | [diff] [blame] | 116 | maxLayers = 125; |
| 117 | contents = extraDeps ++ maintenanceDeps; |
| 118 | extraCommands = |
| 119 | '' |
| 120 | #!${pkgs.runtimeShell} |
| 121 | |
| 122 | install -dm755 vol/{crypt-data,postfix-data,redis-data,rspamd-data,sogo-web,sogo-userdata-backup,solr-data,vmail,vmail-index,web-data} |
| 123 | |
| 124 | cp -a ${src}/* . |
| 125 | ''; |
| 126 | config = { |
| 127 | Entrypoint = [ "${init}/bin/init" ]; |
| 128 | Cmd = [ ]; |
| 129 | Workdir = "/mailcow-dockerized"; |
| 130 | Volumes = { |
| 131 | "/mailcow-dockerized/data/conf" = { }; |
| 132 | "/mailcow-dockerized/data/assets/ssl" = { }; |
| 133 | "/vol/crypt-data" = { }; |
| 134 | "/vol/docker-data" = { }; |
| 135 | "/vol/postfix-data" = { }; |
| 136 | "/vol/redis-data" = { }; |
| 137 | "/vol/rspamd-data" = { }; |
| 138 | "/vol/sogo-web" = { }; |
| 139 | "/vol/sogo-userdata-backup" = { }; |
| 140 | "/vol/solr-data" = { }; |
| 141 | "/vol/vmail" = { }; |
| 142 | "/vol/vmail-index" = { }; |
| 143 | "/vol/web-data" = { }; |
| 144 | }; |
| 145 | }; |
| 146 | } |