This repository has been archived by the owner on Feb 28, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
Makefile
355 lines (294 loc) · 11.5 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
all: build-all
SHELL = bash
################################################################
# CUSTOMIZATION VARIABLES - custom values can be can be specified for the following:
#
# E.g.:
# make OPENSSL_CNF=... DOCKER_REPO_NS=...
# or
# OPENSSL_CNF=... DOCKER_REPO_NS=... make
#
OPENSSL_CNF ?= _conf/openssl.cnf
PACKAGE_CNF ?= _conf/pkg-list
PACKAGE_KEY ?= _conf/pkg-key
DOCKER_REPO_NS ?= zimbra
DOCKER_BUILD_TAG ?= latest-build
DOCKER_CACHE_TAG ?= ${DOCKER_BUILD_TAG}
DOCKER_PUSH_TAG ?=
DOCKER_PULL_TAG ?=
DOCKER_STACK_NAME ?= zm-docker
SOLR_MODE ?= cloud
SOLR_MEMORY ?= 2g
################################################################
IMAGE_NAMES = $(shell sed -n -e '/image:.*\/zmc-*/ { s,.*/,,; s,:.*,,; p; }' docker-compose.yml) zmc-base
LOCAL_SRC_DIR = $(shell test -z "$$DOCKER_HOST" && echo .)/
DOCKER_NODE_ADDR = $(shell docker node inspect --format '{{ .Status.Addr }}' self)
build-all: $(patsubst %,build-%,$(IMAGE_NAMES))
@mkdir -p _cache
@echo ${DOCKER_BUILD_TAG} > _cache/id.txt
docker images
push-all: $(patsubst %,push-%,$(IMAGE_NAMES))
pull-all: $(patsubst %,pull-%,$(IMAGE_NAMES))
################################################################
_conf/pkg-list: _conf/pkg-list.in
cp $< $@
_conf/pkg-key: _conf/pkg-key.in
cp $< $@
################################################################
build-zmc-base: _base/* ${PACKAGE_CNF} ${PACKAGE_KEY}
@echo "-----------------------------------------------------------------"
@echo Building zmc-base
@echo
docker build \
--build-arg "PACKAGE_CNF=${PACKAGE_CNF}" \
--build-arg "PACKAGE_KEY=${PACKAGE_KEY}" \
--cache-from '${DOCKER_REPO_NS}/zmc-base:${DOCKER_CACHE_TAG}' \
--tag '${DOCKER_REPO_NS}/zmc-base:${DOCKER_BUILD_TAG}' \
--file _base/Dockerfile \
.
@echo "-----------------------------------------------------------------"
build-zmc-%: build-zmc-base docker-compose.yml
@echo "-----------------------------------------------------------------"
@echo Building zmc-$*
@echo
DOCKER_REPO_NS=${DOCKER_REPO_NS} \
DOCKER_BUILD_TAG=${DOCKER_BUILD_TAG} \
DOCKER_CACHE_TAG=${DOCKER_CACHE_TAG} \
LOCAL_SRC_DIR=${LOCAL_SRC_DIR} \
docker-compose build 'zmc-$*'
@echo "-----------------------------------------------------------------"
push-zmc-%: push-prereq
@echo "-----------------------------------------------------------------"
@echo Pushing ${DOCKER_REPO_NS}/zmc-$*:${DOCKER_PUSH_TAG}
@echo
@docker tag '${DOCKER_REPO_NS}/zmc-$*:${DOCKER_BUILD_TAG}' '${DOCKER_REPO_NS}/zmc-$*:${DOCKER_PUSH_TAG}'
docker push '${DOCKER_REPO_NS}/zmc-$*:${DOCKER_PUSH_TAG}'
@echo "-----------------------------------------------------------------"
pull-zmc-%: pull-prereq
@echo "-----------------------------------------------------------------"
@echo Pulling ${DOCKER_REPO_NS}/zmc-$*:${DOCKER_PULL_TAG}
@echo
docker pull '${DOCKER_REPO_NS}/zmc-$*:${DOCKER_PULL_TAG}'
@echo "-----------------------------------------------------------------"
################################################################
push-prereq:
@if [ '${DOCKER_PUSH_TAG}' = '' ]; \
then \
echo "-------------------------------------------------" \
&& echo " Error: 'DOCKER_PUSH_TAG=...' is required for push " \
&& echo "-------------------------------------------------" \
&& false; \
fi
@if [ '${DOCKER_PUSH_TAG}' = 'latest-build' ]; \
then \
echo "-------------------------------------------------" \
&& echo " Error: 'DOCKER_PUSH_TAG=latest-build' is forbidden " \
&& echo "-------------------------------------------------" \
&& false; \
fi
pull-prereq:
@if [ '${DOCKER_PULL_TAG}' = '' ]; \
then \
echo "-------------------------------------------------" \
&& echo " Error: 'DOCKER_PULL_TAG=...' is required for pull " \
&& echo "-------------------------------------------------" \
&& false; \
fi
################################################################
CONFIGS =
CONFIGS += .config/domain_name
CONFIGS += .config/admin_account_name
CONFIGS += .config/spam_account_name
CONFIGS += .config/ham_account_name
CONFIGS += .config/virus_quarantine_account_name
CONFIGS += .config/gal_sync_account_name
CONFIGS += .config/av_notify_email
CONFIGS += .config/zimbra_ldap_userdn
.config/.init:
mkdir .config
touch "$@"
.config/domain_name: .config/.init
@echo zmc.com > $@
@echo Created default $@ : $$(cat $@)
.config/admin_account_name: .config/.init
@echo admin > $@
@echo Created default $@ : $$(cat $@)
.config/spam_account_name: .config/.init
@echo spam.$$(LC_ALL=C tr -cd '0-9a-z_' < /dev/urandom | head -c 8) > $@
@echo Created default $@ : $$(cat $@)
.config/ham_account_name: .config/.init
@echo ham.$$(LC_ALL=C tr -cd '0-9a-z_' < /dev/urandom | head -c 8) > $@
@echo Created default $@ : $$(cat $@)
.config/virus_quarantine_account_name: .config/.init
@echo virus-quarantine.$$(LC_ALL=C tr -cd '0-9a-z_' < /dev/urandom | head -c 8) > $@
@echo Created default $@ : $$(cat $@)
.config/gal_sync_account_name: .config/.init
@echo gal-sync.$$(LC_ALL=C tr -cd '0-9a-z_' < /dev/urandom | head -c 8) > $@
@echo Created default $@ : $$(cat $@)
.config/av_notify_email: .config/domain_name
@echo admin@$$(cat $<) > $@
@echo Created default $@ : $$(cat $@)
.config/zimbra_ldap_userdn: .config/zimbra_ldap_userdn
@echo uid=zimbra,cn=admins,cn=zimbra > $@
@echo Created default $@ : $$(cat $@)
init-configs: $(CONFIGS)
@echo All Configs Created!
################################################################
PASSWORDS += .secrets/ldap.nginx_password
PASSWORDS += .secrets/ldap.nginx_password
PASSWORDS += .secrets/ldap.master_password
PASSWORDS += .secrets/ldap.root_password
PASSWORDS += .secrets/ldap.replication_password
PASSWORDS += .secrets/ldap.amavis_password
PASSWORDS += .secrets/ldap.postfix_password
PASSWORDS += .secrets/mysql.password
PASSWORDS += .secrets/admin_account_password
PASSWORDS += .secrets/spam_account_password
PASSWORDS += .secrets/ham_account_password
PASSWORDS += .secrets/virus_quarantine_account_password
.secrets/.init:
mkdir .secrets
touch "$@"
.secrets/admin_account_password: .secrets/.init
@echo test123 > $@
@echo Created default $@ : $$(cat $@)
.secrets/%password: .secrets/.init
@LC_ALL=C tr -cd '0-9a-z_' < /dev/urandom | head -c 15 > $@;
@echo Created default $@
init-passwords: $(PASSWORDS)
@echo All Passwords Created!
################################################################
KEYS =
KEYS += .keystore/ca.key
KEYS += .keystore/ca.pem
KEYS += .keystore/ldap.key
KEYS += .keystore/ldap.crt
KEYS += .keystore/mta.key
KEYS += .keystore/mta.crt
KEYS += .keystore/mailbox.key
KEYS += .keystore/mailbox.crt
KEYS += .keystore/proxy.key
KEYS += .keystore/proxy.crt
.keystore/.init:
mkdir -p .keystore/demoCA/newcerts
rm -f .keystore/demoCA/index.txt
touch .keystore/demoCA/index.txt
echo "1000" > .keystore/demoCA/serial
touch $@
.keystore/%.key: ${OPENSSL_CNF} .keystore/.init
OPENSSL_CONF=${OPENSSL_CNF} openssl genrsa -out $@ 2048
.keystore/ca.pem: ${OPENSSL_CNF} .keystore/ca.key
OPENSSL_CONF=${OPENSSL_CNF} openssl req -batch -nodes \
-new \
-sha256 \
-subj '/O=CA/OU=Zimbra Collaboration Server/CN=zmc-ldap' \
-days 1825 \
-key .keystore/ca.key \
-x509 \
-out $@
.keystore/%.csr: ${OPENSSL_CNF} .keystore/%.key
OPENSSL_CONF=${OPENSSL_CNF} openssl req -batch -nodes \
-new \
-sha256 \
-subj "/OU=Zimbra Collaboration Server/CN=zmc-$*" \
-days 1825 \
-key .keystore/$*.key \
-out $@
.keystore/%.crt: ${OPENSSL_CNF} .keystore/%.csr .keystore/ca.pem .keystore/ca.key
OPENSSL_CONF=${OPENSSL_CNF} openssl ca -batch -notext \
-policy policy_anything \
-days 1825 \
-md sha256 \
-in .keystore/$*.csr \
-cert .keystore/ca.pem \
-keyfile .keystore/ca.key \
-extensions v3_req \
-out $@
init-keys: $(KEYS)
@echo All Keys Created!
################################################################
up: .up.lock
.up.lock: init-configs init-passwords init-keys docker-compose.yml
@docker swarm init 2>/dev/null; true
DOCKER_REPO_NS=${DOCKER_REPO_NS} \
DOCKER_BUILD_TAG=${DOCKER_BUILD_TAG} \
DOCKER_CACHE_TAG=${DOCKER_CACHE_TAG} \
LOCAL_SRC_DIR=${LOCAL_SRC_DIR} \
SOLR_MODE=${SOLR_MODE} \
SOLR_MEMORY=${SOLR_MEMORY} \
docker stack deploy -c docker-compose.yml '${DOCKER_STACK_NAME}'
@touch .up.lock
down:
@docker stack rm '${DOCKER_STACK_NAME}'
@rm -f .up.lock
TAIL_SZ ?= 5
logs:
@for i in $$(docker stack services ${DOCKER_STACK_NAME} --format "table {{.ID}}" | sed -e 1d); \
do \
echo ----------------------------------; \
docker service logs --tail ${TAIL_SZ} $$i; \
done
@echo ----------------------------------;
compile:
@docker build -t zm-docker-build ${PWD}/build
# using a volume mounted from a MacOS host will fail when rsync tries to copy file attributes (chown)
# using a docker volume instead
@docker volume create ZM-BUILDS
$(eval WPWD=$(shell bash -c "echo ${PWD} | sed -e 's/^\/mnt//'"))
docker run --rm -it -v ZM-BUILDS:/home/build/zm/BUILDS -v $(WPWD)/build/config:/home/build/config zm-docker-build
@rm -rf ./BUILDS
@mkdir -p ./BUILDS
# mount the docker volume containing the build output so that we can CP it to the host
# necessary because the docker volume can not be leveraged during docker-compose build in zm-docker
@docker run -d --name ZM-BUILD -v ZM-BUILDS:/BUILDS busybox
docker cp ZM-BUILD:/BUILDS/. ./BUILDS
@-docker container rm -f ZM-BUILD
clean: down
rm -rf .config .secrets .keystore
################################################################
TEST_SLEEP_TIME = 5
TEST_MAX_RETRIES = 80
test-zmc-%: up
@echo "-----------------------------------------------------------------"
@echo Testing zmc-$*
@echo
@echo Test.... - FIXME - this is a stub
@echo "-----------------------------------------------------------------"
get-curl:
docker pull nhoag/curl
test: $(patsubst %,test-%,$(IMAGE_NAMES)) up get-curl
@echo "-----------------------------------------------------------------"
@echo Testing overall
@echo
@echo FIXME - RUDIMENTARY TEST
@echo "-----------------------------------------------------------------"
failure=1; \
n=0; \
while (( n++ < ${TEST_MAX_RETRIES} )); \
do \
clear 2>/dev/null; \
echo "================================================================="; \
echo "CURRENT TAIL LOGS: ($$n tries of ${TEST_MAX_RETRIES})"; \
echo "================================================================="; \
echo; \
$(MAKE) -s logs TAIL_SZ=5; \
echo; \
if [ "$$(docker run -it nhoag/curl curl --max-time 5 -k --silent --output /dev/null --write-out "%{http_code}" https://${DOCKER_NODE_ADDR}:8443/)" == "200" ]; \
then \
echo "================================================================="; \
echo "TEST SUCCESSFUL (in $$n tries)"; \
echo "================================================================="; \
failure=0; \
break; \
fi; \
echo "================================================================="; \
echo "TEST WAITING FOR RESULT ($$n tries of ${TEST_MAX_RETRIES})."; \
echo "================================================================="; \
echo "Retrying after ${TEST_SLEEP_TIME} sec..."; \
sleep ${TEST_SLEEP_TIME}; \
done; \
echo "Dumping logs to _out/container-logs.txt..."; \
mkdir -p _out; \
$(MAKE) -s logs TAIL_SZ=all | perl -MTerm::ANSIColor=colorstrip -ne 'print colorstrip($$_)' > _out/container-logs.txt 2>&1; \
exit $$failure
################################################################