Help needed: new Docker image for iRedMail

[iredmail]

Dear all,

We're working on a new and sustainable way to build Docker image for iRedMail, and here's our result so far:
https://hub.docker.com/r/iredmail/test-mariadb

• It uses almost same code as iRedMail Easy platform to generate config files for Postfix / Dovecot / Nginx /..., this allows us to maintain only one copy of the deployment code, and deliver fearless one-click upgrade in the future through web console.
• Currently it supports only MariaDB backend, but it's very easy to support other 2 backends (PostgreSQL, OpenLDAP) and we will give it a try shortly.

We need your help to evaluate whether this is a right and acceptable way to build docker image for iRedMail, please help test and leave your comments below. :)

[JReming85]

Just tried running it overtop my existing version but got an error.

Might be caused because it was running on top of an older version, but will try again with a "fresh" install later and update

real	0m0.003s
user	0m0.001s
sys	0m0.000s
* Run freshclam in background.
CMD: /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
Unlinking stale socket /var/run/supervisor.sock
Remove leftover pid files which may cause service fail to start.
/entrypoint.sh: line 39: /gosible: cannot execute binary file: Exec format error

[iredmail]

/entrypoint.sh: line 39: /gosible: cannot execute binary file: Exec format error

Hi @JReming85, Is the Docker host running x86_64 / amd64 CPU or ARM?

[JReming85]

Sorry, should have included that Ubuntu 20.04.6 LTS 2x Xeon X5660 32Gb RAM

…

On Wed, Oct 11, 2023, 10:26 AM iRedMail ***@***.***> wrote: /entrypoint.sh: line 39: /gosible: cannot execute binary file: Exec format error Is the Docker host running x86_64 / amd64 CPU or ARM? — Reply to this email directly, view it on GitHub <#137 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AFCDFRDAOLKQ3CRAPPZOK4TX62UC7ANCNFSM6AAAAAAZS7WZUA> . You are receiving this because you commented.Message ID: ***@***.***>

[iredmail]

2x Xeon X5660

This is 64-bit.

It's a mistake that we uploaded a program for ARM. Fixed moment ago.
New docker image should be ready in few minutes: https://hub.docker.com/r/iredmail/test-mariadb

Thank you very much for the feedback. :)

[JReming85]

Just tried to rerun it.

Looks like with the dedicated mysql container, I need to delete my old db because I was getting this error

docker-compose --project-name iredmail up
[+] Running 2/2
 ⠿ Container iredmail-iredmail-mariadb-1  Created                                                                         1.2s
 ⠿ Container iredmail                     Created                                                                         0.8s
Attaching to iredmail, iredmail-iredmail-mariadb-1
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:11.1.2+maria~ubu2204 started.
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:11.1.2+maria~ubu2204 started.
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26+00:00 [Note] [Entrypoint]: MariaDB upgrade information missing, assuming required
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26+00:00 [Note] [Entrypoint]: MariaDB upgrade (mariadb-upgrade) required, but skipped due to $MARIADB_AUTO_UPGRADE setting
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] Starting MariaDB 11.1.2-MariaDB-1:11.1.2+maria~ubu2204 source revision 9bc25d98209df6810f7a7d5e7dd3ae677a313ab5 as process 1
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] InnoDB: Number of transaction pools: 1
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Warning] mariadbd: io_uring_queue_init() failed with ENOMEM: try larger memory locked limit, ulimit -l, or https://mariadb.com/kb/en/systemd/#configuring-limitmemlock under systemd (262144 bytes required)
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Warning] InnoDB: liburing disabled: falling back to innodb_use_native_aio=OFF
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] InnoDB: Completed initialization of buffer pool
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] InnoDB: File system buffers for log disabled (block size=512 bytes)iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [ERROR] InnoDB: Upgrade after a crash is not supported. The redo log was created with MariaDB 10.6.12. You must start up and shut down MariaDB 10.7 or earlier.
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [ERROR] InnoDB: Plugin initialization aborted with error Generic error
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:26 0 [Note] InnoDB: Starting shutdown...
iredmail                     | Remove leftover pid files which may cause service fail to start.
iredmail                     | /entrypoint.sh: line 39: /gosible: cannot execute binary file: Exec format error
iredmail                     |
iredmail                     | real     0m0.002s
iredmail                     | user     0m0.000s
iredmail                     | sys      0m0.000s
iredmail                     | * Run freshclam in background.
iredmail                     | CMD: /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:27 0 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:27 0 [Note] Plugin 'FEEDBACK' is disabled.
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:27 0 [Note] Plugin 'wsrep-provider' is disabled.
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:27 0 [ERROR] Unknown/unsupported storage engine: InnoDB
iredmail-iredmail-mariadb-1  | 2023-10-11 17:22:27 0 [ERROR] Aborting
iredmail-iredmail-mariadb-1 exited with code 1
iredmail exited with code 0
iredmail                     | Unlinking stale socket /var/run/supervisor.sock
iredmail exited with code 0
iredmail                     | Unlinking stale socket /var/run/supervisor.sock
iredmail exited with code 0
iredmail                     | Unlinking stale socket /var/run/supervisor.sock
iredmail exited with code 0

After I just tried mounting a different folder to host the mysql db e.g. change it from ./data/mysql/ to .data/mysql1/ and got this error
It did recreate a new DB, but looks like the other container was crashing

docker-compose --project-name iredmail up
[+] Running 2/2
 ⠿ Container iredmail-iredmail-mariadb-1  Recreated                                                                                                                                                                                                                                                                                                                                  1.7s
 ⠿ Container iredmail                     Recreated                                                                                                                                                                                                                                                                                                                                  0.9s
Attaching to iredmail, iredmail-iredmail-mariadb-1
iredmail-iredmail-mariadb-1  | 2023-10-11 17:24:07+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:11.1.2+maria~ubu2204 started.
iredmail-iredmail-mariadb-1  | 2023-10-11 17:24:07+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
iredmail-iredmail-mariadb-1  | 2023-10-11 17:24:07+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:11.1.2+maria~ubu2204 started.
iredmail-iredmail-mariadb-1  | 2023-10-11 17:24:07+00:00 [Note] [Entrypoint]: Initializing database files
iredmail-iredmail-mariadb-1  | 2023-10-11 17:24:07 0 [Warning] mariadbd: io_uring_queue_init() failed with ENOMEM: try larger memory locked limit, ulimit -l, or https://mariadb.com/kb/en/systemd/#configuring-limitmemlock under systemd (262144 bytes required)
iredmail-iredmail-mariadb-1  | 2023-10-11 17:24:07 0 [Warning] InnoDB: liburing disabled: falling back to innodb_use_native_aio=OFF
iredmail                     | Remove leftover pid files which may cause service fail to start.
iredmail                     | /entrypoint.sh: line 39: /gosible: cannot execute binary file: Exec format error
iredmail                     |
iredmail                     | real     0m0.002s
iredmail                     | user     0m0.001s
iredmail                     | sys      0m0.000s
iredmail                     | * Run freshclam in background.
iredmail                     | CMD: /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
iredmail exited with code 0
iredmail                     | Unlinking stale socket /var/run/supervisor.sock
^CGracefully stopping... (press Ctrl+C again to force)
[+] Running 0/1
 ⠴ Container iredmail  Stopping                                                                                                                                                                                                                                                                                                                                                      1.6s
canceled

It might be my fault on this, so will try deploying it on another of my bare metals that does not currently run email or email gateway and update

[JReming85]

Looks like its working fine on a clean install. Need to find a easy way to migrate old installs to this

EDIT: I stand corrected
This is also x64
Xeon(R) CPU E3-1245 V2
32GB Ram

iredmail            |   },
iredmail            |   "stderr": "chown: invalid user: 'sogo:sogo'\n",
iredmail            |   "changed": false,
iredmail            |   "failed": true,
iredmail            |   "amount_time": 2
iredmail            | }
iredmail            |
iredmail            | failed: /var/log/sogo
iredmail            | [ERROR] task error: exit status 1, chown: invalid user: 'sogo:sogo'
iredmail            |
iredmail            | Deployment failed: task error: exit status 1, chown: invalid user: 'sogo:sogo'
iredmail            |
iredmail            | real      0m7.056s
iredmail            | user      0m5.170s
iredmail            | sys       0m1.150s
iredmail            | * Run freshclam in background.
iredmail            | Current working dir is /var/lib/clamav/
iredmail            | Loaded freshclam.dat:
iredmail            |   version:    1
iredmail            |   uuid:       9beccb43-8dc6-430e-aa08-9e35e069a628
iredmail            | CMD: /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
iredmail            | Unlinking stale socket /var/run/supervisor.sock
iredmail exited with code 0

[iredmail]

stderr": "chown: invalid user: 'sogo:sogo'\n",

Seems installing SOGo failed. Did you see related log on console?

[JReming85]

That was the console output. It kept repeating, and appeared it failed to create the sogo user/group

[iredmail]

SOGo user/group should be created automatically after installed the deb packages, so we need to check the package installation status.

[JReming85]

Sounds good, let me know if you need me to test anything else. Also I cant bash in because its constantly restarting.

[iredmail]

• Stop the container
• Start it again
• Watch the console, if it failed, stop the container immediately and copy the full console output.

[JReming85]

Full log export... Really thought the email would have attached it as a document
iredmail_logs.txt

[iredmail]

Please help do a quick check: login to container, check whether system has sogo packages installed:

dpkg -l | grep sogo

[JReming85]

Once again, I can't connect to the container. It is constantly restarting

…

On Thu, Oct 12, 2023, 11:27 AM iRedMail ***@***.***> wrote: Please help do a quick check: login to container, check whether system has sogo packages installed: dpkg -l | grep sogo — Reply to this email directly, view it on GitHub <#137 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AFCDFRCZW54NUBBJ3QWKPOLX7AD4VANCNFSM6AAAAAAZS7WZUA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[iredmail]

Once again, I can't connect to the container. It is constantly restarting

Please connect right after starting the container, it should be long enough to run the command. :)

[JReming85]

Its not there

docker exec -it iredmail cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/usr/sbin/nologin
postgres:x:115:115::/var/lib/postgresql:/sbin/nologin
vmail:x:2000:2000::/home/vmail:/sbin/nologin
mlmmj:x:2003:2003::/home/mlmmj:/sbin/nologin
iredapd:x:2002:2002::/home/iredapd:/sbin/nologin
iredadmin:x:2001:2001::/home/iredadmin:/sbin/nologin
netdata:x:2004:2004::/home/netdata:/sbin/nologin
syslog:x:101:102::/home/syslog:/usr/sbin/nologin
systemd-network:x:102:104:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:103:105:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
mysql:x:104:106:MySQL Server,,,:/nonexistent:/bin/false
messagebus:x:105:108::/nonexistent:/usr/sbin/nologin
clamav:x:106:109::/var/lib/clamav:/bin/false
postfix:x:107:110::/var/spool/postfix:/usr/sbin/nologin
dovecot:x:108:112:Dovecot mail server,,,:/usr/lib/dovecot:/usr/sbin/nologin
dovenull:x:109:113:Dovecot login user,,,:/nonexistent:/usr/sbin/nologin
debian-spamd:x:110:114::/var/lib/spamassassin:/usr/sbin/nologin
amavis:x:111:116:AMaViS system user,,,:/var/lib/amavis:/bin/sh

EDIT: Sorry wrong command above.
No packages installed

root@port5:/home/#### docker exec -it iredmail dpkg -l | grep sogo
root@port5:/home/#### docker exec -it iredmail dpkg -l | grep sogo
root@port5:/home/####

[iredmail]

Fixed the issue and rebuilt the image. Please help test again. :)

[JReming85]

Sorry for the delay, working great.

1 small UI thing is its showing uptime starting at 59 days

[iredmail]

Sorry for the delay, working great.

Thanks for the feedback.

1 small UI thing is its showing uptime starting at 59 days

Is it same as your Docker host machine?

[JReming85]

I stand corrected, you are right it is the hosts uptime. Thanks again

…

On Wed, Oct 18, 2023, 8:53 AM iRedMail ***@***.***> wrote: Sorry for the delay, working great. Thanks for the feedback. 1 small UI thing is its showing uptime starting at 59 days Is it same as your Docker host machine? — Reply to this email directly, view it on GitHub <#137 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AFCDFRDAVVH7B34P565KM6LX77GMRAVCNFSM6AAAAAAZS7WZUCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRYGM4TAOBTHA> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[fx00f]

Hello, is it possible to add a relayhost to the settings? In some cases, external smtp servers are used.

[JReming85]

Hello, is it possible to add a relayhost to the settings? In some cases, external smtp servers are used.

I am doing this with my setup, just add it to the transport map file
/iredmail/data/custom/postfix/transport

<your domain>    dovecot
*    relay:[mail.gateway.com]

postmap the file and restart postfix

You can also further customize it, just lookup how to use the postfix transport file for examples

[fx00f]

Hello, is it possible to add a relayhost to the settings? In some cases, external smtp servers are used.

I am doing this with my setup, just add it to the transport map file /iredmail/data/custom/postfix/transport

<your domain>    dovecot
*    relay:[mail.gateway.com]

postmap the file and restart postfix

You can also further customize it, just lookup how to use the postfix transport file for examples

Thanks for the tip! :)

[blacksteel1288]

Is there a plan for when this will move out of "test" mode (i.e. test-mariadb)?

[iredmail]

• For MariaDB and PostgreSQL backends, it's almost ready. Only one Pull Request left for admin account management.
• For OpenLDAP backend, no web admin panel is offered yet.

Note: Amavisd and iRedAPD integrations are not yet implemented, still need some more time.

[fx00f]

Dear all,

We're working on a new and sustainable way to build Docker image for iRedMail, and here's our result so far: https://hub.docker.com/r/iredmail/test-mariadb

• It uses almost same code as iRedMail Easy platform to generate config files for Postfix / Dovecot / Nginx /..., this allows us to maintain only one copy of the deployment code, and deliver fearless one-click upgrade in the future through web console.
• Currently it supports only MariaDB backend, but it's very easy to support other 2 backends (PostgreSQL, OpenLDAP) and we will give it a try shortly.

We need your help to evaluate whether this is a right and acceptable way to build docker image for iRedMail, please help test and leave your comments below. :)

Works great! Very easy to deploy! Thank you!

[bestpest]

is there any way to use spam protection without clamav. Only dkim protection?
I chose USE_ANTISPAM=NO because of clamav cdn block for my ip, so clamav restarts and doesnt let docker to load everything else.
But that option turn amavis off too.

[iredmail]

You mentioned USE_ANTISPAM=NO, this is parameter used by old Docker image, there's no parameter to control spam/virus scanning.

But if you use the new docker image (https://hub.docker.com/r/iredmail/test-mariadb), to disable spam and/or virus scanning, but keep dkim signing / verification, etc, please add either or both these parameters in the settings.json file (Note: in JSON format), then restart your container.

{
    "antispam_disable_spam_scanning": true,
    "antispam_disable_virus_scanning": true,

    ... omit other parameters here ...
}

[bestpest]

its not obvious how to Allow insecure POP3/IMAP/SMTP connections without STARTTLS inside the container.
is it possible at all?

[bestpest]

after adding a file dovecot-sasl.conf with

disable_plaintext_auth=no
ssl=yes

and putting this file to /iredmail/data/custom/dovecot/conf-enabled/
postfix doesnt show up 25 port on a server.
587 port is ok

[blacksteel1288]

Will there be a new docker image soon? Would like to try this out to see if I can migrate from the old 'dockerized' to this one.

Also, it looks like the repo is missing? https://www.github.com/iredmail/dockerized2

[nifqi18]

Will there be a new docker image soon? Would like to try this out to see if I can migrate from the old 'dockerized' to this one.

Also, it looks like the repo is missing? https://www.github.com/iredmail/dockerized2

Link is unavaiable or not found

[iredmail]

This one: https://github.com/iredmail/dockerized2

[JReming85]

Looks like that repo is not available.

Also getting an error trying to login to iredadmin, where its saying my user/password is invalid

msg=INVALID_CREDENTIALS

Login to email works fine though, so assuming its something DB related

[iredmail]

This repo is now available: https://github.com/iredmail/dockerized2