Unmaintained

I stopped using SOGo some time ago. This repository and the image is not maintained any more.

SOGo for Docker

SOGo is fully supported and trusted groupware server with a focus on scalability and open standards. SOGo is released under the GNU GPL/LGPL v2 and above.

This Dockerfile packages SOGo as packaged by Inverse, SOGo's creators, together with Apache 2 and memcached.

There are different flavors of this Docker image, added as tags. To checkout a specific flavor, use jenserat/docker:[tag] as image name. By default, latest wil be used.

latest: normal SOGo release
nightly: nightly builds, rebuild automatically
activesync: like latest, but includes ActiveSync module

Please be aware that ActiveSync uses patented technology and might require negotiating with Microsoft. From the SOGo documentation:

In order to use the SOGo ActiveSync support code in production environments, you need to get a proper usage license from Microsoft. Please contact them directly to negotiate the fees associated to your user base.
activesync-nightly: like nightly, but includes ActiveSync module

Setup

The image stores configuration, logs and backups in /srv, which you should persist somewhere. Example configuration is copied during each startup of the container, which you can adjust for your own use. For creating the initial directory hierarchy and example configuration, simply run the container with the /srv volume already exposed or linked, for example using

docker run -v /srv/sogo:/srv jenserat/sogo

As soon as the files are created, stop the image again. You will now find following files:

.
├── etc
│   ├── apache-SOGo.conf.orig
│   └── sogo.conf.orig
└── lib
    └── sogo
        └── GNUstep
            ├── Defaults
            └── Library

Create copies of the configuration files named apache-SOGo.conf and sogo.conf.orig. Don't change or link the .orig files, as they will be overwritten each time the container is started. They can also be used to see differences on your configuration after SOGo upgrades.

Database

A separate database is required, for example a PostgreSQL container as provided by the Docker image paintedfox/postgresql, but also any other database management system SOGo supports can be used. Follow the Database Configuration chapter of the SOGo documentation on these steps, and modify the sogo.conf` file accordingly. The following documentation will expect the database to be available with the SOGo default credentials given by the official documentation, adjust them as needed. If you link a database container, remember that it will be automatically added to the hosts file and be available under the chosen name.

For a container named sogo-postgresql linked as db using --link="sogo-postgresql:db" with default credentials, you would use following lines in the sogo.conf:

SOGoProfileURL = "postgresql://sogo:sogo@db:5432/sogo/sogo_user_profile";
OCSFolderInfoURL = "postgresql://sogo:sogo@db:5432/sogo/sogo_folder_info";
OCSSessionsFolderURL = "postgresql://sogo:sogo@db:5432/sogo/sogo_sessions_folder";

SOGo performs schema initialziation lazily on startup, thus no database initialization scripts must be run.

memcached

As most users will not want to separate memcached, there is a built-in daemon. It can be controled by setting the environment variable memcached. If set to false, the built-in memcached will not start, make sure to configure an external one. Otherwise, the variable holds the amount of memory dedicated to memcached in MiB. If unset, a default of 64MiB will be used.

Sending Mail

For convenience reasons, the gateway is added to the hostsfile as host GATEWAY before starting the SOGo daemon. This enables you to use a local MTA in the host machine to forward mail using

SOGoMailingMechanism = "smtp";
SOGoSMTPServer = "GATEWAY";

For further details in MTA configuration including SMTP auth, refer to SOGo's documentation.

Apache and HTTPs

As already given above, the default Apache configuration is already available under etc/apache-SOGo.conf.orig. The container exposes HTTP (80), HTTPS (443) and 8800, which is used by Apple devices, and 20000, the default port the SOGo daemon listens on. You can either directly include the certificates within the container, or use an external proxy for this. Make sure to only map the required ports to not unnecessarily expose daemons.

You need to adjust the <Proxy ...> section and include port, server name and url to match your setup.

<Proxy http://127.0.0.1:20000/SOGo>
## adjust the following to your configuration
  RequestHeader set "x-webobjects-server-port" "443"
  RequestHeader set "x-webobjects-server-name" "sogo.example.net"
  RequestHeader set "x-webobjects-server-url" "https://sogo.example.net"

If you want to support iOS-devices, add appropriate .well-known-rewrites in either the Apache configuration or an external proxy.

For ActiveSync support, additionally add/uncomment the following lines:

ProxyPass /Microsoft-Server-ActiveSync \
  http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync \
  retry=60 connectiontimeout=5 timeout=360

Cron-Jobs: Backup, Session Timeout, Sieve

SOGo heavily relies on cron jobs for different purposes. The image provides SOGo's original cron file as ./etc/cron.orig. Copy and edit it as ./etc/cron. The backup script is available and made executable at the predefined location /usr/share/doc/sogo/sogo-backup.sh, so backup is fully functional immediately after uncommenting the respective cron job.

Further Configuration

Unlike the Debian and probably other SOGo packages, the number of worker processes is not set in /etc/default/sogo, but the normal sogo.conf. Remember to start a reasonable number of worker processes matching to your needs (8 will not be enough for medium and larger instances):

WOWorkersCount = 8;

ActiveSync requires one worker per concurrent connection.

All other configuration options have no special considerations.

Running a Container

Run the image in a container, expose ports as needed and making /srv permanent. An example run command, which links to a database container named db and uses an external HTTP proxy for wrapping in HTTPS might be

docker run -d \
  --name='sogo' \
  --publish='127.0.0.1:80:80' \
  --link='sogo-postgresql:db' \
  --volume='/srv/sogo:/srv' \
  jenserat/sogo

Upgrading and Maintenance

Most of the time, no special action must be performed for upgrading SOGo. Read the Upgrading section of the Installation Manual prior upgrading the container to verify whether anything special needs to be considered.

As the image builds on phusion/baseimage, you can get a shell for running update scripts when necessary or perform similar maintenance operations by adding /sbin/my_init -- /bin/bash as run command and subsequently attaching to the container:

docker run -t -i -d \
  --name='sogo' \
  --publish='127.0.0.1:80:80' \
  --link='sogo-postgresql:db' \
  --volume='/srv/sogo:/srv' \
  jenserat/sogo /sbin/my_init -- /bin/bash

This is fine for running update scripts on the database. To be able to perform persistent changes to the file system (without creating new containers), red the phusion/baseimage documentation on attaching to the container.

Service Unavailable

I try to use the container to play around with Sogo, but for some reason I cannot get it working.
When I try to access the container I get a "Service Unavailable" message. In the container itself, the sogo ports are started:

root@sogo-c:/# ps -efH 
UID        PID  PPID  C STIME TTY          TIME CMD
root       105     0  0 12:39 ?        00:00:00 /bin/bash
root       136   105  0 12:43 ?        00:00:00   ps -efH
root         1     0  0 12:38 ?        00:00:00 /usr/bin/python3 -u /sbin/my_init
root        12     1  0 12:38 ?        00:00:00   /usr/bin/runsvdir -P /etc/service
root        13    12  0 12:38 ?        00:00:00     runsv cron
root        19    13  0 12:38 ?        00:00:00       /usr/sbin/cron -f
root        14    12  0 12:38 ?        00:00:00     runsv sshd
root        15    12  0 12:38 ?        00:00:00     runsv syslog-forwarder
root        18    15  0 12:38 ?        00:00:00       tail -F -n 0 /var/log/syslog
root        16    12  0 12:38 ?        00:00:00     runsv syslog-ng
root        21    16  0 12:38 ?        00:00:00       syslog-ng -F -p /var/run/syslog-ng.pid --no-caps
root        17    12  0 12:38 ?        00:00:00     runsv apache2
root        23    17  0 12:38 ?        00:00:00       /bin/sh /usr/sbin/apache2ctl start
root        41    23  0 12:38 ?        00:00:00         /usr/sbin/apache2 -DNO_DETACH -k start
www-data    49    41  0 12:38 ?        00:00:00           /usr/sbin/apache2 -DNO_DETACH -k start
www-data    50    41  0 12:38 ?        00:00:00           /usr/sbin/apache2 -DNO_DETACH -k start
root        20    12  0 12:38 ?        00:00:00     runsv memcached
memcache    27    20  0 12:38 ?        00:00:00       /usr/bin/memcached -m 64
root        22    12  0 12:38 ?        00:00:00     runsv sogod
sogo        26    22 99 12:38 ?        00:05:14       /usr/sbin/sogod -WONoDetach YES -WOPidFile /var/run/sogo/sogo.pid

However, there is no sogo log file created:

root@sogo-c:/# ls -la /var/log/sogo                                                                     
total 4
drwxr-x--- 2 sogo sogo      6 Jun  5 05:20 .
drwxrwxr-x 8 root syslog 4096 Jun 11 12:38 ..

And no one listens on the port 20000:

root@sogo-c:/# netstat -tulpen             
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode       PID/Program name
tcp        0      0 0.0.0.0:11211           0.0.0.0:*               LISTEN      103        5625174     -               
tcp6       0      0 :::443                  :::*                    LISTEN      0          5624377     41/apache2      
tcp6       0      0 :::11211                :::*                    LISTEN      103        5625175     -               
tcp6       0      0 :::80                   :::*                    LISTEN      0          5624373     41/apache2      
udp        0      0 0.0.0.0:11211           0.0.0.0:*                           103        5625178     -               
udp6       0      0 :::11211                :::*                                103        5625179     -

The (relevant) sogo configuration is:

{
  /* Database configuration (mysql:// or postgresql://) */
  SOGoProfileURL = "postgresql://sogo:PWD@linktodb:5432/sogo/sogo_user_profile";
  OCSFolderInfoURL = "postgresql://sogo:PWD@linktodb:5432/sogo/sogo_folder_info";
  OCSSessionsFolderURL = "postgresql://sogo:PWD@linktodb:5432/sogo/sogo_sessions_folder";

  /* Mail */
  //SOGoDraftsFolderName = Drafts;
  //SOGoSentFolderName = Sent;
  //SOGoTrashFolderName = Trash;
  SOGoIMAPServer = linktoimap;
  //SOGoSieveServer = sieve://127.0.0.1:4190;
  SOGoSMTPServer = linktosmtp;
  SOGoMailDomain = bayz.de;

  /* LDAP authentication example */
  SOGoUserSources = (
    {
      type = ldap;
      CNFieldName = cn;
      UIDFieldName = uid;
      IDFieldName = uid; // first field of the DN for direct binds
      UIDFieldName = uid;
      baseDN = "ou=accounts,dc=bayz,dc=de";
      bindAsCurrentUser = YES;
      canAuthenticate = YES;
      hostname = ldap://linktoldap:389;
      id = public;
      isAddressBook = NO;
    }
  );

  /* Debug */
  WOLogFile = /var/log/sogo/sogo.log;
}

I'd appreciate any idea how to further debug the problem.

jenserat / docker-sogo Goto Github PK

docker-sogo's Introduction

Unmaintained

SOGo for Docker

Setup

Database

memcached

Sending Mail

Apache and HTTPs

Cron-Jobs: Backup, Session Timeout, Sieve

Further Configuration

Running a Container

Upgrading and Maintenance

docker-sogo's People

Contributors

Stargazers

Watchers

Forkers

docker-sogo's Issues

Recommend Projects

Recommend Topics

Recommend Org