Skip to content

Commit

Permalink
Fix path pointing
Browse files Browse the repository at this point in the history
  • Loading branch information
Carlgo11 committed Jan 15, 2025
1 parent b92d913 commit d92bf6e
Show file tree
Hide file tree
Showing 5 changed files with 10 additions and 4 deletions.
5 changes: 3 additions & 2 deletions conf/apparmor/mailroom-inbox
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ profile mailroom-inbox flags=(attach_disconnected, mediate_deleted) {
/bin/busybox mrix,
/usr/bin/openssl ix, # OpenSSL for certificates
/etc/ssl/openssl.cnf r, # OpenSSL configuration
/entrypoint.sh mrix, # Allow execution of entrypoint

## Application files and modules
/usr/src/inbox/** r, # App source files
Expand All @@ -17,8 +18,8 @@ profile mailroom-inbox flags=(attach_disconnected, mediate_deleted) {
/etc/nsswitch.conf r, # NSS configuration

## Certificate and mail storage
/certs/inbox/** r, # Certificates
/certs/clients/users/** r, # User-specific certificates
/etc/ssl/inbox/* r, # Certificates
/etc/ssl/certs/* r, # User-specific certificates
/var/mail/vhosts/** w, # Mail directories

## Temporary and process files
Expand Down
3 changes: 3 additions & 0 deletions inbox/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,16 @@ COPY . /app
WORKDIR /app
RUN rm entrypoint.sh
RUN npm i --omit=dev
RUN npm run test

FROM node:20-alpine

ENV LOG_FILE="/var/log/inbox.log"
ENV LOG_LEVEL="INFO"
ENV INBOX_COINTAINER_TLS_KEY="/etc/ssl/inbox/privkey.pem"
ENV INBOX_COINTAINER_TLS_CERT="/etc/ssl/inbox/cert.pem"
ENV MAILBOX_PATH="/var/mail/vhosts/"
ENV CLIENT_CERT_PATH="/etc/ssl/certs/"
ENV REDIS_HOST="redis_mail"
ENV REDIS_PORT=6379
ENV INBOX_MAX_CONNECTIONS=1024
Expand Down
3 changes: 3 additions & 0 deletions inbox/Dockerfile.dev
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,16 @@ COPY . /app
WORKDIR /app
RUN rm entrypoint.sh
RUN npm i --omit=dev
RUN npm run test

FROM node:20-alpine

ENV LOG_FILE="/var/log/inbox.log"
ENV LOG_LEVEL="INFO"
ENV INBOX_COINTAINER_TLS_KEY="/etc/ssl/inbox/privkey.pem"

Check warning on line 12 in inbox/Dockerfile.dev

View workflow job for this annotation

GitHub Actions / docker

Sensitive data should not be used in the ARG or ENV commands

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "INBOX_COINTAINER_TLS_KEY") More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
ENV INBOX_COINTAINER_TLS_CERT="/etc/ssl/inbox/cert.pem"
ENV MAILBOX_PATH="/var/mail/vhosts/"
ENV CLIENT_CERT_PATH="/etc/ssl/certs/"
ENV REDIS_HOST="redis_mail"
ENV REDIS_PORT=6379
ENV INBOX_MAX_CONNECTIONS=1024
Expand Down
1 change: 0 additions & 1 deletion inbox/entrypoint.sh
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
#!/bin/sh

npm run test &&
node "$*" 2>&1 | tee "$LOG_FILE"
2 changes: 1 addition & 1 deletion installation/compose/inbox
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
volumes:
- ${INBOX_TLS_KEY}:/etc/ssl/inbox/privkey.pem
- ${INBOX_TLS_CERT}:/etc/ssl/inbox/cert.pem
- ${INBOX_SMIME_PATH}:/etc/ssl/clients/:ro
- ${USER_CERTS_PATH}:/etc/ssl/clients/:ro
- ${INBOX_LOG}:/var/log/inbox.log
- vhosts:/var/mail/vhosts
cap_drop:
Expand Down

0 comments on commit d92bf6e

Please sign in to comment.