-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dockerfile-latest
77 lines (68 loc) · 4.01 KB
/
Dockerfile-latest
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
FROM neomediatech/ubuntu-base:22.04
ENV APP_VERSION=3.x \
SERVICE=rspamd
LABEL maintainer="[email protected]" \
org.label-schema.version=$APP_VERSION \
org.label-schema.vcs-type=Git \
org.label-schema.vcs-url=https://github.com/Neomediatech/${SERVICE} \
org.label-schema.maintainer=Neomediatech
RUN apt-get update && apt-get -y dist-upgrade && \
apt-get install -y --no-install-recommends \
ca-certificates lsb-release wget gnupg && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
SHELL ["/bin/bash", "-c"]
RUN set -x \
# gpg: key FFA232EDBF21E25E: public key "Rspamd Nightly Builds (Rspamd Nightly Builds) <[email protected]>" imported
&& key='3FA347D5E599BE4595CA2576FFA232EDBF21E25E' \
&& export GNUPGHOME="$(mktemp -d)" \
&& gpg --import <<<$'\
-----BEGIN PGP PUBLIC KEY BLOCK----- \n\
\n\
mQINBFW3VB8BEADAV1lBy8DPcSEBSLYVKgwsBx/dRmgenKeliMpiZyNYJJmF6tSV \n\
s3v5DtDIUESgI2mBKNeptdneri3CDJScI/LgPLKqemrLBkAMfe+f57JgppY5ti4H \n\
xo+VZdbF9bhCAwYwJnqnyuLjYSUu6nCuW4uPDoqBHXynwsIWr1O3fREpY+vgIgaT \n\
Oqm3ncssqxSicymd6k0yuo55xuUvrc4Yu4IEnhFVRU53e0E3zmHg/7ONI99YtBan \n\
7G/w2IfA1bfRDYZ2Avau+JqGcEl8vy+eLmYayKirdsMPN8Tx6RFOstDf1CnjW/bj \n\
IX7SDOklIGJjJwcWW/iY+1P9SfNNqSDgXavJj2wmLMlUhgjyJFTXfdDRjmN0PFxo \n\
f6OQu5xok1WHfKFJL+hLGknjHdXLmGd5MSuFlutdVHJQrieknjBea9xCiEsrfe8V \n\
zyNqGhzgIYjOi/bO7jGpY/WiFHvM9XtBVp862tqM1S1WbAWW5u+es6NK4q9Cv0DR \n\
tIalss+5gFhdsIFGFYQWfY7CrjOIC+C0+c5IGaBkHte35hCCvDpOO909xxVqUZYe \n\
9Pl8zYgPDe1H4arMO+p6rSvVntvIWOqLqkuWYSiOY4TGADJTkeZRbopZhvqs/9mc \n\
847fVMbOwKfkbeuGiHhUK0QFewXSu+cXJyGtyu3RgokBWr2yyzJFXIvJbQARAQAB \n\
tEZSc3BhbWQgTmlnaHRseSBCdWlsZHMgKFJzcGFtZCBOaWdodGx5IEJ1aWxkcykg \n\
PHZzZXZvbG9kQGhpZ2hzZWN1cmUucnU+iQI4BBMBAgAiBQJVt1QfAhsDBgsJCAcD \n\
AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRD/ojLtvyHiXucND/4ja0t+4RMiD0c0z3xD \n\
Vp0Ysq7kZvzlteUrw98f1BMYbmSTJ+43JVZV67GJ8fV2d9/atIlyLce8Gn9hYmF7 \n\
C5nPpCCOlNejkwkc9MhZgoM0z7sTNZwKLZ4fSnxHD10Z923G+IRQYeXswM7hE/T5 \n\
8NgANOWBFs9BxIEIT6IfRNHF23SCmCeNFNmUen6uXLznjRzYbMmwP7u2BopfJcpN \n\
ajnm66IypQDsUqVwBRnm9o9GAWUPbp4ahhf1vYu04T1vD7n4qhrLdhHmEJpukEhD \n\
q613Wl/k0g0O8SahfSAaM1x5zLOJ0sMacyxCktQKXypAhkhhJc4J1KLbnNUsxZdk \n\
Gn4wLZuhfIuzh2KfKBdwoL3zRq7kjgumJo7AQhEIIDGKutl6sZnbRHjBr4qBb1NJ \n\
/7GC7UiZhIesdO6HdqrriNF0l8dRVIaHXGKF0PQWWG+J+147oQM+SJmm4W4oONSx \n\
YCjyTllxwh/54fhu81jhSyBgbKAmV1gYLIPvAUgPkguAb5JWcvZOeXytHWZYLK9T \n\
8rW5R0bviiouHHRyQYu0AX+wiSyAfoVnTVyad6xTWUT3aQ8jeL0I3uy323Mrq56U \n\
7Yo0NFwKPF9z5kbuQje3daudQQymkhOfNcQm3dOaaWKGp5KPRi3OtKYMu+5Aphor \n\
lwJWDec6PUe835YwqrARXtPaNA== \n\
=4Cm3 \n\
-----END PGP PUBLIC KEY BLOCK-----' \
&& gpg --keyserver hkps://keys.openpgp.org --recv-keys "$key" \
&& gpg --export "$key" > /etc/apt/trusted.gpg.d/rspamd.gpg \
&& rm -rf "$GNUPGHOME" \
&& apt-key list > /dev/null
RUN CODENAME=`lsb_release -c -s` && \
echo "deb [signed-by=/etc/apt/trusted.gpg.d/rspamd.gpg] https://rspamd.com/apt-stable/ $CODENAME main" > /etc/apt/sources.list.d/rspamd.list && \
apt-get update && \
apt-get --no-install-recommends install -y rspamd && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* && \
echo 'pidfile = false;' > /etc/rspamd/override.d/options.inc && \
mkdir -p /srv/scripts && \
wget -O /srv/scripts/logrotate.sh https://raw.githubusercontent.com/Neomediatech/assets/main/scripts/logrotate.sh && \
chmod +x /srv/scripts/logrotate.sh
COPY conf/ /etc/rspamd
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
HEALTHCHECK --interval=30s --timeout=30s --start-period=10s --retries=20 CMD rspamadm control stat |grep uptime|head -1 || ( echo "no uptime, no party\!" && exit 1 )
ENTRYPOINT ["/entrypoint.sh"]
CMD [ "/usr/bin/rspamd", "-f", "-u", "_rspamd", "-g", "_rspamd" ]