From 05491ecbe2cb97260eeedc7890bb1fe76ad601ee Mon Sep 17 00:00:00 2001 From: Son Date: Tue, 21 May 2024 15:14:49 -0400 Subject: [PATCH 1/7] chart: use rolling update as restart strategy by default --- charts/sogo/values.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/charts/sogo/values.yaml b/charts/sogo/values.yaml index 1c07c49..102622e 100644 --- a/charts/sogo/values.yaml +++ b/charts/sogo/values.yaml @@ -168,14 +168,12 @@ sogo: size: 8Gi ## Strategy used to replace old pods - ## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy strategy: - type: Recreate - # type: RollingUpdate - # rollingUpdate: - # maxSurge: 1 - # maxUnavailable: 0 + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 ## ## Extra environment variables From cba80d1f40057760cb5386a8146d27399518fa0e Mon Sep 17 00:00:00 2001 From: Son Date: Tue, 21 May 2024 15:17:15 -0400 Subject: [PATCH 2/7] chart: additional note for existingSecrets --- charts/sogo/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/sogo/values.yaml b/charts/sogo/values.yaml index 102622e..1cd70ae 100644 --- a/charts/sogo/values.yaml +++ b/charts/sogo/values.yaml @@ -87,6 +87,7 @@ sogo: # Array of secret names containing the configurations # All secret values will be parsed as a string by default # To parse a secret value as a YAML, you must append "__yaml" to the secret key + # NOTE: All keys in the secrets will be imported as a SOGo configuration. existingSecrets: [] # - secretName1 # - secretName2 From 156eb1ff55cd956e51ed054efebf31662900aa0f Mon Sep 17 00:00:00 2001 From: Son Date: Wed, 22 May 2024 09:31:15 -0400 Subject: [PATCH 3/7] apache: use remote ip by default --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index f7462d2..104a0ef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -116,6 +116,7 @@ RUN a2enmod \ proxy \ proxy_http \ rewrite \ + remoteip \ ssl && \ echo "/usr/local/lib/sogo" > /etc/ld.so.conf.d/sogo.conf && \ ldconfig && \ @@ -127,6 +128,8 @@ RUN a2enmod \ ln -s /usr/local/sbin/sogo-ealarms-notify /usr/sbin/sogo-ealarms-notify && \ ln -s /usr/local/sbin/sogo-slapd-sockd /usr/sbin/sogo-slapd-sockd && \ ln -s /etc/apache2/conf-available/SOGo.conf /etc/apache2/conf-enabled/SOGo.conf && \ + echo -e "\n RemoteIPHeader X-Real-IP\n RemoteIPInternalProxy 10.0.0.0/8\n RemoteIPInternalProxy 172.16.0.0/12\n RemoteIPInternalProxy 192.168.0.0/16\n" | tee /etc/apache2/conf-available/remoteip.conf && \ + ln -s /etc/apache2/conf-available/remoteip.conf /etc/apache2/conf-enabled/remoteip.conf && \ mkdir -p /etc/cron.d /etc/default /etc/sogo /etc/logrotate.d && \ mv /usr/share/doc/sogo/sogo.cron /etc/cron.d/sogo && \ mv /usr/share/doc/sogo/sogo-default /etc/default/sogo && \ From 2bb88efa8974c07180b9bc7c4707eb8324832b55 Mon Sep 17 00:00:00 2001 From: Son Date: Wed, 22 May 2024 09:37:24 -0400 Subject: [PATCH 4/7] dockerfile: fix echo remoteip command --- Dockerfile | 2 +- charts/sogo/Chart.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 104a0ef..7f84ff3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -128,7 +128,7 @@ RUN a2enmod \ ln -s /usr/local/sbin/sogo-ealarms-notify /usr/sbin/sogo-ealarms-notify && \ ln -s /usr/local/sbin/sogo-slapd-sockd /usr/sbin/sogo-slapd-sockd && \ ln -s /etc/apache2/conf-available/SOGo.conf /etc/apache2/conf-enabled/SOGo.conf && \ - echo -e "\n RemoteIPHeader X-Real-IP\n RemoteIPInternalProxy 10.0.0.0/8\n RemoteIPInternalProxy 172.16.0.0/12\n RemoteIPInternalProxy 192.168.0.0/16\n" | tee /etc/apache2/conf-available/remoteip.conf && \ + (echo -e "\n RemoteIPHeader X-Real-IP\n RemoteIPInternalProxy 10.0.0.0/8\n RemoteIPInternalProxy 172.16.0.0/12\n RemoteIPInternalProxy 192.168.0.0/16\n" > /etc/apache2/conf-available/remoteip.conf) && \ ln -s /etc/apache2/conf-available/remoteip.conf /etc/apache2/conf-enabled/remoteip.conf && \ mkdir -p /etc/cron.d /etc/default /etc/sogo /etc/logrotate.d && \ mv /usr/share/doc/sogo/sogo.cron /etc/cron.d/sogo && \ diff --git a/charts/sogo/Chart.yaml b/charts/sogo/Chart.yaml index dbb97b6..cf92b42 100644 --- a/charts/sogo/Chart.yaml +++ b/charts/sogo/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: sogo -version: 0.1.9 +version: 0.1.10 description: A helm chart for the docker-sogo docker image type: application keywords: From 1e12e2e0d00c6d1ad8c6c3d45294cce2d1aa75e3 Mon Sep 17 00:00:00 2001 From: Son Date: Wed, 22 May 2024 09:45:05 -0400 Subject: [PATCH 5/7] apache: use a2enconf to enable remoteip --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7f84ff3..91b91b0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -128,8 +128,8 @@ RUN a2enmod \ ln -s /usr/local/sbin/sogo-ealarms-notify /usr/sbin/sogo-ealarms-notify && \ ln -s /usr/local/sbin/sogo-slapd-sockd /usr/sbin/sogo-slapd-sockd && \ ln -s /etc/apache2/conf-available/SOGo.conf /etc/apache2/conf-enabled/SOGo.conf && \ - (echo -e "\n RemoteIPHeader X-Real-IP\n RemoteIPInternalProxy 10.0.0.0/8\n RemoteIPInternalProxy 172.16.0.0/12\n RemoteIPInternalProxy 192.168.0.0/16\n" > /etc/apache2/conf-available/remoteip.conf) && \ - ln -s /etc/apache2/conf-available/remoteip.conf /etc/apache2/conf-enabled/remoteip.conf && \ + (echo -e "RemoteIPHeader X-Real-IP\nRemoteIPInternalProxy 10.0.0.0/8\nRemoteIPInternalProxy 172.16.0.0/12\nRemoteIPInternalProxy 192.168.0.0/16\n" > /etc/apache2/conf-available/remoteip.conf) && \ + a2enconf remoteip && \ mkdir -p /etc/cron.d /etc/default /etc/sogo /etc/logrotate.d && \ mv /usr/share/doc/sogo/sogo.cron /etc/cron.d/sogo && \ mv /usr/share/doc/sogo/sogo-default /etc/default/sogo && \ From 85ff41bc180ed10d8a1b1dbd5bfe9ab1999f09f2 Mon Sep 17 00:00:00 2001 From: Son Date: Wed, 22 May 2024 09:52:05 -0400 Subject: [PATCH 6/7] debug: test removing remoteip config --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 91b91b0..a9dd2f5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -129,7 +129,7 @@ RUN a2enmod \ ln -s /usr/local/sbin/sogo-slapd-sockd /usr/sbin/sogo-slapd-sockd && \ ln -s /etc/apache2/conf-available/SOGo.conf /etc/apache2/conf-enabled/SOGo.conf && \ (echo -e "RemoteIPHeader X-Real-IP\nRemoteIPInternalProxy 10.0.0.0/8\nRemoteIPInternalProxy 172.16.0.0/12\nRemoteIPInternalProxy 192.168.0.0/16\n" > /etc/apache2/conf-available/remoteip.conf) && \ - a2enconf remoteip && \ + # a2enconf remoteip && \ mkdir -p /etc/cron.d /etc/default /etc/sogo /etc/logrotate.d && \ mv /usr/share/doc/sogo/sogo.cron /etc/cron.d/sogo && \ mv /usr/share/doc/sogo/sogo-default /etc/default/sogo && \ From 95acb88ad1db7c375b38377a731b2dd37a3bfb1d Mon Sep 17 00:00:00 2001 From: Son Date: Wed, 22 May 2024 10:01:25 -0400 Subject: [PATCH 7/7] apache: test different format remoteip config --- Dockerfile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index a9dd2f5..4dfac3f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -128,8 +128,13 @@ RUN a2enmod \ ln -s /usr/local/sbin/sogo-ealarms-notify /usr/sbin/sogo-ealarms-notify && \ ln -s /usr/local/sbin/sogo-slapd-sockd /usr/sbin/sogo-slapd-sockd && \ ln -s /etc/apache2/conf-available/SOGo.conf /etc/apache2/conf-enabled/SOGo.conf && \ - (echo -e "RemoteIPHeader X-Real-IP\nRemoteIPInternalProxy 10.0.0.0/8\nRemoteIPInternalProxy 172.16.0.0/12\nRemoteIPInternalProxy 192.168.0.0/16\n" > /etc/apache2/conf-available/remoteip.conf) && \ - # a2enconf remoteip && \ + {\ + echo RemoteIPHeader X-Real-IP ;\ + echo RemoteIPInternalProxy 10.0.0.0/8 ;\ + echo RemoteIPInternalProxy 172.16.0.0/12 ;\ + echo RemoteIPInternalProxy 192.168.0.0/16 ;\ + } > /etc/apache2/conf-available/remoteip.conf && \ + a2enconf remoteip && \ mkdir -p /etc/cron.d /etc/default /etc/sogo /etc/logrotate.d && \ mv /usr/share/doc/sogo/sogo.cron /etc/cron.d/sogo && \ mv /usr/share/doc/sogo/sogo-default /etc/default/sogo && \