spf-dkim-dmarc-demo/recipient/Dockerfile

#
# SPDX-FileCopyrightText: 2023 Afnic
#
# SPDX-License-Identifier: GPL-3.0-or-later
#

FROM alpine:latest AS roundcube-build

RUN apk add composer \
    php81-ctype \
    php81-dom \
    php81-ldap \
    php81-tokenizer \
    php81-xml \
    php81-xmlwriter

RUN install -d /var/www/roundcubemail

ADD https://github.com/roundcube/roundcubemail/releases/download/1.6.1/roundcubemail-1.6.1-complete.tar.gz \
    /src/roundcube.tar.gz
RUN tar -C /src --no-same-owner -xf /src/roundcube.tar.gz

RUN tar -C /src/roundcubemail-1.6.1 -cf - . | \
    tar -C /var/www/roundcubemail -xpf -

# Plugin authres_status : affichage sympa de l’en-tête Authentication-Results
RUN composer -d /var/www/roundcubemail -n require pimlie/authres_status

FROM alpine:latest

COPY var/db/public_suffix_list.dat /var/db/public_suffix_list.dat

RUN apk add \
    apache2 \
    composer \
    dovecot \
    execline \
    mutt \
    nano \
    nano-syntax \
    opendkim \
    opendmarc \
    php81-apache2 \
    php81-ctype \
    php81-dom \
    php81-intl \
    php81-mbstring \
    php81-openssl\
    php81-pdo \
    php81-pdo_sqlite \
    php81-session \
    php81-tokenizer \
    php81-xml \
    php81-xmlwriter \
    postfix \
    postfix-policyd-spf-perl \
    s6-overlay \
    vim

# Dependencies for REST API
RUN apk add \
    gcc \
    libc-dev \
    make \
    perl-app-cpanminus \
    perl-clone \
    perl-config-any \
    perl-data-optlist \
    perl-dev \
    perl-exporter-tiny \
    perl-extutils-config \
    perl-extutils-helpers \
    perl-extutils-installpaths \
    perl-file-sharedir \
    perl-file-sharedir-install \
    perl-file-slurp \
    perl-file-which \
    perl-hash-merge-simple \
    perl-hash-multivalue \
    perl-http-date \
    perl-http-headers-fast \
    perl-import-into \
    perl-json-maybexs \
    perl-module-build \
    perl-module-build-tiny \
    perl-module-implementation \
    perl-module-runtime \
    perl-moo \
    perl-params-util \
    perl-params-validate \
    perl-path-tiny \
    perl-plack \
    perl-readonly \
    perl-ref-util \
    perl-role-tiny \
    perl-safe-isa \
    perl-sub-exporter \
    perl-sub-install \
    perl-sub-quote \
    perl-template-toolkit \
    perl-type-tiny \
    perl-yaml

RUN cpanm -n -v \
    Dancer2 \
    Module::Pluggable::Object

COPY --from=roundcube-build --chown=root:www-data \
    /var/www/roundcubemail /var/www/roundcubemail
RUN chown apache /var/www/roundcubemail/logs /var/www/roundcubemail/temp

RUN install -m 0700 -o apache -g www-data -d /var/db/roundcubemail

RUN adduser -D destinataire
RUN newaliases

# TODO faire en sorte que Dovecot logue dans syslog

# TODO rendre le mot de passe de destinataire@destinataire.example
# configurable

COPY etc/s6-overlay /etc/s6-overlay

COPY etc/postfix /etc/postfix

COPY etc/dovecot /etc/dovecot

COPY --chmod=0640 --chown=root:www-data \
    etc/roundcube/config.inc.php /var/www/roundcubemail/config/config.inc.php

COPY etc/apache/httpd.conf /etc/apache2/httpd.conf

COPY etc/apache/roundcube.conf /etc/apache2/conf.d/roundcube.conf

RUN install -m 0700 -o opendkim -g opendkim -d /run/opendkim
COPY etc/opendkim/opendkim.conf /etc/opendkim/opendkim.conf

RUN install -m 0700 -o opendmarc -g root -d /run/opendmarc
COPY etc/opendmarc/opendmarc.conf /etc/opendmarc/opendmarc.conf

RUN doveadm pw -p "PasSecretDuTout" | \
    awk '{ print "destinataire:" $1 }' > /etc/dovecot/users

COPY web-api /src/api

ENTRYPOINT ["/init"]