diff --git a/README.md b/README.md index b91954a9..7a53305e 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,8 @@ Everything runs in an [asyncio][2] event loop. #### [API Documentation](https://icgood.github.io/pymap/) +#### [Docker Image](https://hub.docker.com/repository/docker/icgood/pymap) + ### Table of Contents * [Install and Usage](#install-and-usage) diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 00000000..a8897120 --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,11 @@ +FROM python:3.8-alpine + +RUN pip install -U pip wheel setuptools typing-extensions + +ARG install_arg="pymap" +ARG install_arg_opt="redis,admin,sieve,optional" +RUN apk --update add --virtual build-dependencies python3-dev build-base \ + && pip install "${install_arg}[${install_arg_opt}]" \ + && apk del build-dependencies + +ENTRYPOINT ["pymap"] diff --git a/docker/README.md b/docker/README.md new file mode 100644 index 00000000..86f81487 --- /dev/null +++ b/docker/README.md @@ -0,0 +1,76 @@ +icgood/pymap +============ + +Runs a [pymap][1] IMAP server in a Docker container. + +## Usage + +First, create a new service in your `docker-compose.yml`: + +```yaml + imap-server: + image: icgood/pymap +``` + +Declare one or more host port bindings: + +```yaml + ports: + - "143:143" + - "4190:4190" + - "9090:9090" +``` + +Alternatively, use a [proxy-protocol][2] service to expose your IMAP ports to +preserve connection metadata. You will need to add `--proxy-protocol detect` to +the _pymap_ arguments below for this configuration. + +Finally, modify the service entrypoint to declare the desired arguments: + +```yaml + entrypoint: >- + pymap --debug dict --demo-data +``` + +The above example creates a basic in-memory server with `demouser`/`demopass` +credentials. See the [pymap][1] documentation for more useful ideas. + +### SSL Certificates + +If you need to provide certificates for TLS, some additional configuration is +necessary. The below examples are using [Let's Encrypt][4] via the +[icgood/letsencrypt-service][5] image, but should be adapted for other +configurations. + +First, expose your certificates directory as a volume, e.g.: + +```yaml + volumes: + - /etc/ssl/private:/etc/ssl/private +``` + +And add the new arguments to the entrypoint, e.g.: + +```yaml + entrypoint: >- + pymap --debug + --cert /etc/ssl/private/mail/fullchain.pem + --key /etc/ssl/private/mail/privkey.pem + dict --demo-data +``` + +Finally, add a healthcheck so that [pymap][1] will restart whenever a new +certificate is generated. + +```yaml + healthcheck: + interval: 10s + retries: 1 + test: test /etc/ssl/private/mail/privkey.pem -ot /tmp/pymap.pid +``` + +[1]: https://github.com/icgood/pymap +[2]: https://hub.docker.com/repository/docker/icgood/proxy-protocol +[3]: https://docs.docker.com/compose/compose-file/#volumes +[4]: https://letsencrypt.org/ +[5]: https://hub.docker.com/repository/docker/icgood/letsencrypt-service diff --git a/docker/hooks/build b/docker/hooks/build new file mode 100644 index 00000000..894b3162 --- /dev/null +++ b/docker/hooks/build @@ -0,0 +1,5 @@ +#!/bin/bash +set -ex + +export install_arg="$GITHUB_REPO/archive/$SOURCE_BRANCH.tar.gz" +docker build --build-arg install_arg -f $DOCKERFILE_PATH -t $IMAGE_NAME . diff --git a/docker/hooks/post_push b/docker/hooks/post_push new file mode 100644 index 00000000..fba428ac --- /dev/null +++ b/docker/hooks/post_push @@ -0,0 +1,7 @@ +#!/bin/bash +set -ex + +if [ "$SOURCE_BRANCH" != "master" ]; then + docker tag $IMAGE_NAME $DOCKER_REPO:latest + docker push $DOCKER_REPO:latest +fi