Sākums Izpētīt Palīdzība
Pierakstīties
mirrors
/
mailcow-dockerized
spogulis no https://github.com/mailcow/mailcow-dockerized
2
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Pārlūkot izejas kodu

clamd: update to 1.4.2 + build from source instead using alpine packages (#6273)

* clamd: update to 1.4.2 + build from source instead using alpine packages

* clamd: remove exposed ports from buildfile

* clamd: cleanup dockerfile
DerLinkman 7 mēneši atpakaļ
vecāks
ba0349a911
revīzija
f92ddd86c5
3 mainītis faili ar 93 papildinājumiem un 7 dzēšanām
Apvienotais skats Rādīt salīdzināšanas statistiku
  1. 91 6
      data/Dockerfiles/clamd/Dockerfile
  2. 1 0
      data/Dockerfiles/clamd/clamd.sh
  3. 1 1
      docker-compose.yml

+ 91 - 6
data/Dockerfiles/clamd/Dockerfile
Parādīt failu 

@@ -1,14 +1,99 @@
 
-FROM alpine:3.20
 
+FROM alpine:3.21 AS builder
 
+
 
+WORKDIR /src
 
+ENV CLAMD_VERSION=1.4.2
 
+
 
+RUN apk upgrade --no-cache \
 
+  && apk add --update --no-cache \
 
+    g++ \
 
+    gcc \
 
+    gdb \
 
+    make \
 
+    cmake \
 
+    py3-pytest \
 
+    python3 \
 
+    valgrind \
 
+    bzip2-dev \
 
+    check-dev \
 
+    curl-dev \
 
+    json-c-dev \
 
+    libmilter-dev \
 
+    libxml2-dev \
 
+    linux-headers \
 
+    ncurses-dev \
 
+    openssl-dev \
 
+    pcre2-dev \
 
+    zlib-dev \
 
+    cargo \
 
+    rust
 
+
 
+RUN wget -P /src https://www.clamav.net/downloads/production/clamav-${CLAMD_VERSION}.tar.gz \
 
+  && tar xzfv /src/clamav-${CLAMD_VERSION}.tar.gz \
 
+  && cd /src/clamav-${CLAMD_VERSION} \
 
+  && cmake . \
 
+  -D CMAKE_BUILD_TYPE="Release"                                                       \
 
+  -D CMAKE_INSTALL_PREFIX="/usr"                                                      \
 
+  -D CMAKE_INSTALL_LIBDIR="/usr/lib"                                                  \
 
+  -D APP_CONFIG_DIRECTORY="/etc/clamav"                                               \
 
+  -D DATABASE_DIRECTORY="/var/lib/clamav"                                             \
 
+  -D ENABLE_CLAMONACC=OFF                                                             \
 
+  -D ENABLE_EXAMPLES=OFF                                                              \
 
+  -D ENABLE_MILTER=ON                                                                 \
 
+  -D ENABLE_MAN_PAGES=OFF                                                             \
 
+  -D ENABLE_STATIC_LIB=OFF                                                            \
 
+  -D ENABLE_JSON_SHARED=ON                                                            \ 
+  && cmake --build . \
 
+  && make DESTDIR="/clamav" -j$(($(nproc) - 1)) install \
 
+  && rm -r "/clamav/usr/lib/pkgconfig/" \
 
+  && sed -e "s|^\(Example\)|\# \1|" \
 
+    -e "s|.*\(LocalSocket\) .*|\1 /tmp/clamd.sock|" \
 
+    -e "s|.*\(TCPSocket\) .*|\1 3310|" \
 
+    -e "s|.*\(TCPAddr\) .*|#\1 0.0.0.0|" \
 
+    -e "s|.*\(User\) .*|\1 clamav|" \
 
+    -e "s|^\#\(LogFile\) .*|\1 /var/log/clamav/clamd.log|" \
 
+    -e "s|^\#\(LogTime\).*|\1 yes|" \
 
+    "/clamav/etc/clamav/clamd.conf.sample" > "/clamav/etc/clamav/clamd.conf" \
 
+  && sed -e "s|^\(Example\)|\# \1|" \
 
+    -e "s|.*\(DatabaseOwner\) .*|\1 clamav|" \
 
+    -e "s|^\#\(UpdateLogFile\) .*|\1 /var/log/clamav/freshclam.log|" \
 
+    -e "s|^\#\(NotifyClamd\).*|\1 /etc/clamav/clamd.conf|" \
 
+    -e "s|^\#\(ScriptedUpdates\).*|\1 yes|" \
 
+    "/clamav/etc/clamav/freshclam.conf.sample" > "/clamav/etc/clamav/freshclam.conf" \
 
+  && sed -e "s|^\(Example\)|\# \1|" \
 
+  -e "s|.*\(MilterSocket\) .*|\1 inet:7357|" \
 
+  -e "s|.*\(User\) .*|\1 clamav|" \
 
+  -e "s|^\#\(LogFile\) .*|\1 /var/log/clamav/milter.log|" \
 
+  -e "s|^\#\(LogTime\).*|\1 yes|" \
 
+  -e "s|.*\(\ClamdSocket\) .*|\1 unix:/tmp/clamd.sock|" \
 
+  "/clamav/etc/clamav/clamav-milter.conf.sample" > "/clamav/etc/clamav/clamav-milter.conf" || exit 1
 
+
 
+
 
+FROM alpine:3.21
 
 
 
 LABEL maintainer = "The Infrastructure Company GmbH <info@servercow.de>"
 
 LABEL maintainer = "The Infrastructure Company GmbH <info@servercow.de>"
 
 
 
 RUN apk upgrade --no-cache \
 
 RUN apk upgrade --no-cache \
 
   && apk add --update --no-cache \
 
   && apk add --update --no-cache \
 
-  rsync \
 
-  clamav \
 
-  bind-tools \
 
-  bash \
 
-  tini
 
+    tzdata \
 
+    rsync \
 
+    bind-tools \
 
+    bash \
 
+    tini \
 
+    json-c \
 
+    libbz2 \
 
+    libcurl \
 
+    libmilter \
 
+    libxml2 \
 
+    ncurses-libs \
 
+    pcre2 \
 
+    zlib \
 
+    libgcc \
 
+  && addgroup -S "clamav" && \
 
+    adduser -D -G "clamav" -h "/var/lib/clamav" -s "/bin/false" -S "clamav" && \
 
+    install -d -m 755 -g "clamav" -o "clamav" "/var/log/clamav" && \
 
+    chown -R clamav:clamav /var/lib/clamav
 
+
 
+COPY --from=builder "/clamav" "/"
 
 
 
 # init
 
 # init
 
 COPY clamd.sh /clamd.sh
 
 COPY clamd.sh /clamd.sh

+ 1 - 0
data/Dockerfiles/clamd/clamd.sh
Parādīt failu 

@@ -91,6 +91,7 @@ done
 
 ) &
 
 ) &
 
 BACKGROUND_TASKS+=($!)
 
 BACKGROUND_TASKS+=($!)
 
 
 
+echo "$(clamd -V) is starting... please wait a moment."
 
 nice -n10 clamd &
 
 nice -n10 clamd &
 
 BACKGROUND_TASKS+=($!)
 
 BACKGROUND_TASKS+=($!)

+ 1 - 1
docker-compose.yml
Parādīt failu 

@@ -64,7 +64,7 @@ services:
 
             - redis
 
             - redis
 
 
 
     clamd-mailcow:
 
     clamd-mailcow:
 
-      image: mailcow/clamd:1.66
 
+      image: mailcow/clamd:1.70
 
       restart: always
 
       restart: always
 
       depends_on:
 
       depends_on:
 
         unbound-mailcow:
 
         unbound-mailcow: