cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-10 16:04:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

docker: add HEALTHCHECK, remove VOLUME, fix Dockerfile hygiene

Browse Source 
- Added HEALTHCHECK that verifies chatmail services are active via systemctl
- Removed `VOLUME ["/sys/fs/cgroup", "/home"]` as anonymous volumes are
  an anti-pattern for user data (leads to data loss on upgrades). Let
  compose/`docker run -v` handle volume management.
- Changed TZ from Europe/London to UTC (server best practice)
- Removed duplicate WORKDIR /opt/chatmail
- Moved `unlink /etc/nginx/sites-enabled/default` from entrypoint.sh to
  Dockerfile build time
This commit is contained in:
j4n
2026-02-16 20:04:23 +01:00
parent 475975dfa0
commit e503e120e5
2 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docker/chatmail_relay.dockerfile
View File

@@ -8,7 +8,7 @@ RUN echo 'APT::Install-Recommends "0";' > /etc/apt/apt.conf.d/01norecommend && \
apt-get install -y \
ca-certificates && \
DEBIAN_FRONTEND=noninteractive \
TZ=Europe/London \
TZ=UTC \
apt-get install -y tzdata && \
apt-get install -y locales && \
sed -i -e "s/# $LANG.*/$LANG UTF-8/" /etc/locale.gen && \
@@ -16,9 +16,6 @@ RUN echo 'APT::Install-Recommends "0";' > /etc/apt/apt.conf.d/01norecommend && \
update-locale LANG=$LANG \
&& rm -rf /var/lib/apt/lists/*
# Dovecot is installed by the pyinfra install stage below (DovecotDeployer),
# which downloads+verifies SHA256 hashes from the canonical source in
# cmdeploy/src/cmdeploy/dovecot/deployer.py — no need to duplicate here.
RUN apt-get update && \
apt-get install -y \
git \
@@ -42,8 +39,6 @@ RUN apt-get update && \
cron \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /opt/chatmail
# --- Build-time: install cmdeploy venv and run install stage ---
# Editable install so importlib.resources reads directly from the source tree.
# On container start only "configure,activate" stages run.
@@ -76,10 +71,14 @@ ARG SETUP_CHATMAIL_SERVICE_PATH=/lib/systemd/system/setup_chatmail.service
COPY ./docker/files/setup_chatmail.service "$SETUP_CHATMAIL_SERVICE_PATH"
RUN ln -sf "$SETUP_CHATMAIL_SERVICE_PATH" "/etc/systemd/system/multi-user.target.wants/setup_chatmail.service"
# Remove default nginx site config at build time (not in entrypoint)
RUN rm -f /etc/nginx/sites-enabled/default
COPY --chmod=555 ./docker/files/setup_chatmail_docker.sh /setup_chatmail_docker.sh
COPY --chmod=555 ./docker/files/entrypoint.sh /entrypoint.sh
VOLUME ["/sys/fs/cgroup", "/home"]
HEALTHCHECK --interval=60s --timeout=10s --retries=3 \
CMD systemctl is-active dovecot postfix nginx unbound opendkim filtermail doveauth chatmail-metadata || exit 1
STOPSIGNAL SIGRTMIN+3

2
docker/files/entrypoint.sh
View File

@@ -1,8 +1,6 @@
#!/bin/bash
set -eo pipefail
unlink /etc/nginx/sites-enabled/default || true
SETUP_CHATMAIL_SERVICE_PATH="${SETUP_CHATMAIL_SERVICE_PATH:-/lib/systemd/system/setup_chatmail.service}"
# Whitelist only the env vars needed by setup_chatmail_docker.sh.