chore: build & pipelines

pipeline/PersistentVolumeCDCI.yaml

@@ -0,0 +1,29 @@
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: cdci-roundcubemail-pvc-volume
+  namespace: cdci-librecloud-online
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  persistentVolumeReclaimPolicy: Delete
+  capacity:
+    storage: 1Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/cdci"
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: cdci-roundcubemail-pvc
+  namespace: cdci-librecloud-online
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi

pipeline/down.sh

@@ -0,0 +1,6 @@
+#/bin/bash
+kubectl delete -f pipeline-run.yaml 2>/dev/null
+kubectl delete -f pipeline.yaml 2>/dev/null
+kubectl delete -f task.yaml 2>/dev/null
+kubectl delete -f PersistentVolumeCDCI.yaml 2>/dev/null
+kubectl delete -f pipe-resource.yaml 2>/dev/null

pipeline/pipe-resource.yaml

@@ -0,0 +1,24 @@
+apiVersion: tekton.dev/v1alpha1
+kind: PipelineResource
+metadata:
+  name: librecloud-roundcubemail-img
+  namespace: cdci-librecloud-online
+spec:
+  type: image
+  params:
+    - name: url
+      value: termas.librecloud.online/termas_librecloud/roundcubemail:1.4.6
+---
+apiVersion: tekton.dev/v1alpha1
+kind: PipelineResource
+metadata:
+  name: librecloud-roundcubemail-git
+  namespace: cdci-librecloud-online
+spec:
+  type: git
+  params:
+    - name: revision
+      value: master
+    - name: url
+      value: https://rlung.librecloud.online/Termas_LibreCloud/roundcubemail.git
+      

pipeline/pipeline-run.yaml

@@ -0,0 +1,22 @@
+apiVersion: tekton.dev/v1alpha1
+kind: PipelineRun
+metadata:
+  name: cdci-roundcubemail
+  namespace: cdci-librecloud-online
+spec:
+  serviceAccountName: build-bot
+  pipelineRef:
+    name: cdci-roundcubemail
+    #  podTemplate:
+    #volumes:
+    #- name: cdci-volume
+    #  #emptyDir: {}
+    #  persistentVolumeClaim:
+    #     claimName: cdci-roundcubemail-pvc
+  resources:
+    - name: source-repo
+      resourceRef:
+        name: librecloud-roundcubemail-git
+    - name: target-image
+      resourceRef:
+        name: librecloud-roundcubemail-img

pipeline/pipeline.yaml

@@ -0,0 +1,32 @@
+apiVersion: tekton.dev/v1alpha1
+kind: Pipeline
+metadata:
+  name: cdci-roundcubemail
+  namespace: cdci-librecloud-online
+spec:
+  #serviceAccount: build-bot
+  resources:
+    - name: source-repo
+      type: git
+      #resourceRef:
+      #  name: librecloud-roundcubemail-git
+    - name: target-image
+      type: image
+      #resourceRef:
+      #  name: librecloud-roundcubemail-img
+  tasks:
+    - name: build-roundcubemail-img
+      taskRef:
+        name: roundcubemail-build-image-from-git-source
+      params:
+        - name: pathToDockerFile
+          value: /workspace/source/src
+        - name: pathToContext
+          value: /workspace/source/src #configure: may change according to your source
+      resources:
+        inputs:
+          - name: source
+            resource: source-repo
+        outputs:
+          - name: builtImage
+            resource: target-image

pipeline/task.yaml

@@ -0,0 +1,91 @@
+apiVersion: tekton.dev/v1alpha1
+kind: Task
+metadata:
+  name: roundcubemail-build-image-from-git-source
+  namespace: cdci-librecloud-online
+spec:
+  #serviceAccount: build-bot
+  inputs:
+    params:
+    - name: pathToDockerFile
+      type: string
+      description: The path to the dockerfile to build
+      default: /workspace/source/src/Dockerfile
+    - name: pathToContext
+      type: string
+      description:
+        The build context used by Kaniko
+        (https://github.com/GoogleContainerTools/kaniko#kaniko-build-contexts)
+      default: /workspace/source/src
+    - name: DOCKERFILE
+      type: string
+      description: The name of the Dockerfile
+      default: "Dockerfile"
+    - name: BUILDKIT_CLIENT_IMAGE
+      type: string
+      description: The name of the BuildKit client (buildctl) image
+
+      default: "docker.io/moby/buildkit:master-rootless"
+    - name: BUILDKIT_DAEMON_ADDRESS
+      type: string
+      description: The address of the BuildKit daemon (buildkitd) service
+      default: "tcp://buildkitd:1234"
+    resources:
+    - name: source
+      type: git
+  outputs:
+    resources:
+    - name: builtImage
+      type: image
+  volumes:
+
+    - name: dckr-cfg-volume
+      secret:
+        secretName: regcred
+    - name: ssh-volume
+      secret:
+        secretName: ssh-key
+    - name: certs
+      secret:
+        secretName: buildkit-client-certs
+
+  steps:
+  - name: build-and-push
+    image: $(inputs.params.BUILDKIT_CLIENT_IMAGE)
+
+
+    workingDir: /workspace/source
+
+    command: [ "buildctl" ]
+    args:
+      - --tlscacert
+      - /certs/ca.pem
+      - --tlscert
+      - /certs/cert.pem
+      - --tlskey
+      - /certs/key.pem
+      - --debug
+      - --addr=$(inputs.params.BUILDKIT_DAEMON_ADDRESS)
+      - build
+      - --progress=plain
+      - --frontend=dockerfile.v0
+      - --opt
+      - filename=$(inputs.params.DOCKERFILE)
+      - --local
+      - context=$(inputs.params.pathToContext)
+      - --local
+      - dockerfile=$(inputs.params.pathToDockerFile)
+      - --output
+      - type=image,name=$(outputs.resources.builtImage.url),push=true
+      - --export-cache
+      - type=inline
+      - --import-cache
+      - type=registry,ref=$(outputs.resources.builtImage.url)
+    volumeMounts:
+      - name: certs
+        readOnly: true
+        mountPath: /certs
+      - name: ssh-volume
+        readOnly: true
+        mountPath: /.ssh
+

pipeline/up.sh

@@ -0,0 +1,24 @@
+#/bin/bash
+FOLLOW_UP="yes"
+NS_DOMAIN="cdci-librecloud-online"
+PIPELINE_NAME="cdci-roundcubemail"
+[ "$1" == "-s" ]  && FOLLOW_UP=""
+is_running=`kubectl get pods -n $NS_DOMAIN | grep $PIPELINE_NAME 2>/dev/null`
+if [ -n "$is_running" ] ; then
+   kubectl delete -f pipeline-run.yaml 2>/dev/null
+   kubectl delete -f pipeline.yaml 2>/dev/null
+   kubectl delete -f task.yaml 2>/dev/null
+   kubectl delete -f pipe-resource.yaml 2>/dev/null
+fi
+kubectl delete -f PersistentVolumeCDCI.yaml 2>/dev/null
+kubectl create -f PersistentVolumeCDCI.yaml
+#.  lib_dply.sh
+#make_host_alias task
+kubectl apply -f pipe-resource.yaml
+kubectl apply -f task.yaml
+kubectl apply -f pipeline.yaml
+kubectl apply -f pipeline-run.yaml
+if [ -n "$FOLLOW_UP" ] ; then
+  has_tkn=`type tkn 2>/dev/null`
+  [ -n "$has_tkn" ] &&  tkn pipelinerun logs -f $PIPELINE_NAME -n $NS_DOMAIN
+fi

repo-config.yaml

@@ -0,0 +1,14 @@
+Active: true
+# Active: false  # to not follow up webhook workflow
+
+# Sources for src file
+Repo: https://github.com/roundcube/roundcubemail-docker.git
+Source: roundcubemail-docker/fpm-alpine
+
+# Name - Version, etc
+Name: roundcubemail
+Version: 1.4.6
+
+# To get latest 
+IMAGE_NAME: roundcube/roundcubemail
+IMAGE_MATCH: 1.4

src/Dockerfile

@@ -0,0 +1,86 @@
+FROM php:7.3-fpm-alpine
+LABEL maintainer="Thomas Bruederli <thomas@roundcube.net>"
+
+# entrypoint.sh and cron.sh dependencies
+RUN set -ex; \
+	\
+	apk add --no-cache \
+		bash \
+		coreutils \
+		tzdata
+
+RUN set -ex; \
+	\
+	apk add --no-cache --virtual .build-deps \
+		icu-dev \
+		libjpeg-turbo-dev \
+		libpng-dev \
+		libzip-dev \
+		openldap-dev \
+		postgresql-dev \
+		sqlite-dev \
+	; \
+	\
+	docker-php-ext-configure gd --with-png-dir=/usr --with-jpeg-dir=/usr; \
+	docker-php-ext-configure ldap; \
+	docker-php-ext-install \
+		exif \
+		gd \
+		intl \
+		ldap \
+		pdo_mysql \
+		pdo_pgsql \
+		pdo_sqlite \
+		zip \
+	; \
+	\
+	runDeps="$( \
+		scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
+		| tr ',' '\n' \
+		| sort -u \
+		| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
+		)"; \
+	apk add --virtual .roundcubemail-phpext-rundeps $runDeps; \
+	apk del .build-deps
+
+# expose these volumes
+#VOLUME /var/roundcube/config
+#VOLUME /var/roundcube/db
+#VOLUME /var/www/html
+#VOLUME /tmp/roundcube-temp
+
+# Define Roundcubemail version
+ENV ROUNDCUBEMAIL_VERSION 1.4.6
+
+# Download package and extract to web volume
+RUN set -ex; \
+	apk add --no-cache --virtual .fetch-deps \
+		gnupg \
+	; \
+	\
+	curl -o roundcubemail.tar.gz -fSL https://github.com/roundcube/roundcubemail/releases/download/${ROUNDCUBEMAIL_VERSION}/roundcubemail-${ROUNDCUBEMAIL_VERSION}-complete.tar.gz; \
+	curl -o roundcubemail.tar.gz.asc -fSL https://github.com/roundcube/roundcubemail/releases/download/${ROUNDCUBEMAIL_VERSION}/roundcubemail-${ROUNDCUBEMAIL_VERSION}-complete.tar.gz.asc; \
+	export GNUPGHOME="$(mktemp -d)"; \
+	# workaround for "Cannot assign requested address", see e.g. https://github.com/inversepath/usbarmory-debian-base_image/issues/9
+	echo "disable-ipv6" > "$GNUPGHOME/dirmngr.conf"; \
+	# ha.pool.sks-keyservers.net seems to be unreliable, use pgp.mit.edu as fallback
+	gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys F3E4C04BB3DB5D4215C45F7F5AB2BAA141C4F7D5 || gpg --batch --keyserver pgp.mit.edu --recv-keys F3E4C04BB3DB5D4215C45F7F5AB2BAA141C4F7D5; \
+	gpg --batch --verify roundcubemail.tar.gz.asc roundcubemail.tar.gz; \
+	tar -xf roundcubemail.tar.gz -C /usr/src/; \
+	gpgconf --kill all; \
+	rm -r "$GNUPGHOME" roundcubemail.tar.gz.asc roundcubemail.tar.gz; \
+	# upstream tarballs include ./roundcubemail-${ROUNDCUBEMAIL_VERSION}/ so this gives us /usr/src/roundcubemail-${ROUNDCUBEMAIL_VERSION}
+	mv /usr/src/roundcubemail-${ROUNDCUBEMAIL_VERSION} /usr/src/roundcubemail; \
+	rm -rf /usr/src/roundcubemail/installer; \
+	apk del .fetch-deps
+
+# include the wait-for-it.sh script
+RUN curl -fL https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh > /wait-for-it.sh && chmod +x /wait-for-it.sh
+
+# use custom PHP settings
+COPY php.ini /usr/local/etc/php/conf.d/roundcube-defaults.ini
+
+COPY docker-entrypoint.sh /
+
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["php-fpm"]

src/docker-compose.yml

@@ -0,0 +1,102 @@
+version: "2"
+
+services:
+  roundcube:
+    build: ./
+    container_name: roundcube
+    #restart: always
+    depends_on:
+      - roundcubedb
+    links:
+      - roundcubedb
+    ports:
+      - 9000:9000
+    volumes:
+      - /srv/roundcube/html:/var/www/html
+    environment:
+      - ROUNDCUBEMAIL_DB_TYPE=pgsql
+      - ROUNDCUBEMAIL_DB_HOST=roundcubedb # same as pgsql container name
+      - ROUNDCUBEMAIL_DB_NAME=roundcube # same as pgsql POSTGRES_DB env name
+      - ROUNDCUBEMAIL_DB_USER=roundcube # same as pgsql POSTGRES_USER env name
+      - ROUNDCUBEMAIL_DB_PASSWORD=roundcube # same as pgsql POSTGRES_PASSWORD env name
+
+  roundcubedb:
+    image: postgres:latest
+    container_name: roundcubedb
+    restart: always
+    ports:
+      - 5432:5432
+    volumes:
+      - /srv/roundcube/db:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_DB=roundcube
+      - POSTGRES_USER=roundcube
+      - POSTGRES_PASSWORD=roundcube
+
+  roundcubenginx:
+    image: nginx:latest
+    container_name: roundcubenginx
+    restart: always
+    ports:
+      - 80:80
+      # If you need SSL connection
+      # - '443:443'
+    depends_on:
+      - roundcube
+    links:
+      - roundcube
+    volumes:
+      - /srv/roundcube/html:/var/www/html
+      # TODO Provide a custom nginx conf
+      #- ./nginx.conf:/etc/nginx/nginx.conf:ro
+      # If you need SSL connection, you can provide your own certificates
+      # - ./certs:/etc/letsencrypt
+      # - ./certs-data:/data/letsencrypt
+    environment:
+      - NGINX_HOST=localhost # set your local domain or your live domain
+      # - NGINX_CGI=roundcube:9000 # same as roundcube container name
+
+  # Sample mail server to use with RoundCube: https://github.com/tomav/docker-mailserver
+#  mailserver:
+#    image: tvial/docker-mailserver:latest
+#    hostname: mail
+#    domainname: <YOUR.DOMAIN.NAME>
+#    container_name: mail
+#    restart: always
+#    ports:
+#      # receiving email from other mailservers
+#      - "25:25"
+#      # SSL & TLS Client email submission (SMTP)
+#      - "465:465"
+#      - "587:587"
+#      # StartTLS & TLS/SSL IMAP client
+#      - "143:143"
+#      - "993:993"
+#      # POP3 & TLS/SSL POP3 client
+#      - "110:110"
+#      - "995:995"
+#      # Manage Sieve port
+#      - "4190:4190"
+#    environment:
+#      - DMS_DEBUG=0
+#      - ONE_DIR=1
+#      - ENABLE_CLAMAV=1
+#      - ENABLE_FAIL2BAN=1
+#      - ENABLE_POSTGREY=1
+#      - ENABLE_MANAGESIEVE=1
+#      # If you need SSL connection, you can provide your own certificates
+#      #- SSL_TYPE=manual
+#      #- SSL_CERT_PATH=/etc/letsencrypt/fullchain.pem
+#      #- SSL_KEY_PATH=/etc/letsencrypt/privkey.pem
+#    cap_add:
+#      - NET_ADMIN
+#      - SYS_PTRACE
+#    volumes:
+#      - /srv/mail/data:/var/mail
+#      - /srv/mail/state:/var/mail-state
+#      # For proper delivery, generate DKIM keys in /srv/mail/setup
+#      - /srv/mail/setup:/tmp/docker-mailserver
+#      - /etc/localtime:/etc/localtime:ro
+#      - /etc/timezone:/etc/timezone:ro
+#      # If you need SSL connection, you can provide your own certificates
+#      # - ./certs:/etc/letsencrypt

src/docker-entrypoint.sh

@@ -0,0 +1,109 @@
+#!/bin/bash
+# set -ex
+
+# PWD=`pwd`
+
+if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then
+  if ! [ -e index.php -a -e bin/installto.sh ]; then
+    echo >&2 "roundcubemail not found in $PWD - copying now..."
+    if [ "$(ls -A)" ]; then
+      echo >&2 "WARNING: $PWD is not empty - press Ctrl+C now if this is an error!"
+      ( set -x; ls -A; sleep 10 )
+    fi
+    tar cf - --one-file-system -C /usr/src/roundcubemail . | tar xf -
+    echo >&2 "Complete! ROUNDCUBEMAIL has been successfully copied to $PWD"
+  fi
+
+  if [ -f /run/secrets/roundcube_db_user ]; then
+    ROUNDCUBEMAIL_DB_USER=`cat /run/secrets/roundcube_db_user`
+  fi
+  if [ -f /run/secrets/roundcube_db_password ]; then
+    ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password`
+  fi
+
+  if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then
+    : "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}"
+    : "${ROUNDCUBEMAIL_DB_HOST:=postgres}"
+    : "${ROUNDCUBEMAIL_DB_PORT:=5432}"
+    : "${ROUNDCUBEMAIL_DB_USER:=${POSTGRES_ENV_POSTGRES_USER}}"
+    : "${ROUNDCUBEMAIL_DB_PASSWORD:=${POSTGRES_ENV_POSTGRES_PASSWORD}}"
+    : "${ROUNDCUBEMAIL_DB_NAME:=${POSTGRES_ENV_POSTGRES_DB:-roundcubemail}}"
+    : "${ROUNDCUBEMAIL_DSNW:=${ROUNDCUBEMAIL_DB_TYPE}://${ROUNDCUBEMAIL_DB_USER}:${ROUNDCUBEMAIL_DB_PASSWORD}@${ROUNDCUBEMAIL_DB_HOST}:${ROUNDCUBEMAIL_DB_PORT}/${ROUNDCUBEMAIL_DB_NAME}}"
+
+    /wait-for-it.sh ${ROUNDCUBEMAIL_DB_HOST}:${ROUNDCUBEMAIL_DB_PORT} -t 30
+  elif [ ! -z "${!MYSQL_ENV_MYSQL_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "mysql" ]; then
+    : "${ROUNDCUBEMAIL_DB_TYPE:=mysql}"
+    : "${ROUNDCUBEMAIL_DB_HOST:=mysql}"
+    : "${ROUNDCUBEMAIL_DB_PORT:=3306}"
+    : "${ROUNDCUBEMAIL_DB_USER:=${MYSQL_ENV_MYSQL_USER:-root}}"
+    if [ "$ROUNDCUBEMAIL_DB_USER" = 'root' ]; then
+      : "${ROUNDCUBEMAIL_DB_PASSWORD:=${MYSQL_ENV_MYSQL_ROOT_PASSWORD}}"
+    else
+      : "${ROUNDCUBEMAIL_DB_PASSWORD:=${MYSQL_ENV_MYSQL_PASSWORD}}"
+    fi
+    : "${ROUNDCUBEMAIL_DB_NAME:=${MYSQL_ENV_MYSQL_DATABASE:-roundcubemail}}"
+    : "${ROUNDCUBEMAIL_DSNW:=${ROUNDCUBEMAIL_DB_TYPE}://${ROUNDCUBEMAIL_DB_USER}:${ROUNDCUBEMAIL_DB_PASSWORD}@${ROUNDCUBEMAIL_DB_HOST}:${ROUNDCUBEMAIL_DB_PORT}/${ROUNDCUBEMAIL_DB_NAME}}"
+
+    /wait-for-it.sh ${ROUNDCUBEMAIL_DB_HOST}:${ROUNDCUBEMAIL_DB_PORT} -t 30
+  else
+    # use local SQLite DB in /var/www/html/db
+    : "${ROUNDCUBEMAIL_DB_TYPE:=sqlite}"
+    : "${ROUNDCUBEMAIL_DB_DIR:=$PWD/db}"
+    : "${ROUNDCUBEMAIL_DB_NAME:=sqlite}"
+    : "${ROUNDCUBEMAIL_DSNW:=${ROUNDCUBEMAIL_DB_TYPE}:///$ROUNDCUBEMAIL_DB_DIR/${ROUNDCUBEMAIL_DB_NAME}.db?mode=0646}"
+
+    mkdir -p $ROUNDCUBEMAIL_DB_DIR
+    chown www-data:www-data $ROUNDCUBEMAIL_DB_DIR
+  fi
+
+  : "${ROUNDCUBEMAIL_DEFAULT_HOST:=localhost}"
+  : "${ROUNDCUBEMAIL_DEFAULT_PORT:=143}"
+  : "${ROUNDCUBEMAIL_SMTP_SERVER:=localhost}"
+  : "${ROUNDCUBEMAIL_SMTP_PORT:=587}"
+  : "${ROUNDCUBEMAIL_PLUGINS:=archive,zipdownload}"
+  : "${ROUNDCUBEMAIL_SKIN:=larry}"
+  : "${ROUNDCUBEMAIL_TEMP_DIR:=/tmp/roundcube-temp}"
+
+  if [ ! -e config/config.inc.php ]; then
+    ROUNDCUBEMAIL_PLUGINS_PHP=`echo "${ROUNDCUBEMAIL_PLUGINS}" | sed -E "s/[, ]+/', '/g"`
+    ROUNDCUBEMAIL_DES_KEY=`test -f /run/secrets/roundcube_des_key && cat /run/secrets/roundcube_des_key || head /dev/urandom | base64 | head -c 24`
+    touch config/config.inc.php
+
+    echo "Write config to $PWD/config/config.inc.php"
+    echo "<?php
+    \$config['db_dsnw'] = '${ROUNDCUBEMAIL_DSNW}';
+    \$config['db_dsnr'] = '${ROUNDCUBEMAIL_DSNR}';
+    \$config['default_host'] = '${ROUNDCUBEMAIL_DEFAULT_HOST}';
+    \$config['default_port'] = '${ROUNDCUBEMAIL_DEFAULT_PORT}';
+    \$config['smtp_server'] = '${ROUNDCUBEMAIL_SMTP_SERVER}';
+    \$config['smtp_port'] = '${ROUNDCUBEMAIL_SMTP_PORT}';
+    \$config['des_key'] = '${ROUNDCUBEMAIL_DES_KEY}';
+    \$config['temp_dir'] = '${ROUNDCUBEMAIL_TEMP_DIR}';
+    \$config['plugins'] = ['${ROUNDCUBEMAIL_PLUGINS_PHP}'];
+    \$config['zipdownload_selection'] = true;
+    \$config['log_driver'] = 'stdout';
+    \$config['skin'] = '${ROUNDCUBEMAIL_SKIN}';
+    " > config/config.inc.php
+
+    for fn in `ls /var/roundcube/config/*.php 2>/dev/null || true`; do
+      echo "include('$fn');" >> config/config.inc.php
+    done
+
+    # initialize DB if not SQLite
+    echo "${ROUNDCUBEMAIL_DSNW}" | grep -q 'sqlite:' || bin/initdb.sh --dir=$PWD/SQL || bin/updatedb.sh --dir=$PWD/SQL --package=roundcube || echo "Failed to initialize databse. Please run $PWD/bin/initdb.sh manually."
+  else
+    echo "WARNING: $PWD/config/config.inc.php already exists."
+    echo "ROUNDCUBEMAIL_* environment variables have been ignored."
+  fi
+
+  if [ ! -z "${ROUNDCUBEMAIL_TEMP_DIR}" ]; then
+    mkdir -p ${ROUNDCUBEMAIL_TEMP_DIR} && chown www-data ${ROUNDCUBEMAIL_TEMP_DIR}
+  fi
+
+  if [ ! -z "${ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE}" ]; then
+    echo "upload_max_filesize=${ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE}" >> /usr/local/etc/php/conf.d/roundcube-override.ini
+    echo "post_max_size=${ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE}" >> /usr/local/etc/php/conf.d/roundcube-override.ini
+  fi
+fi
+
+exec "$@"

src/hooks/post_build

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -e
+
+tagStart=$(echo $IMAGE_NAME | awk '{print index($1,":")}')
+repoName=${IMAGE_NAME:0:tagStart-1}
+tagName=${IMAGE_NAME:tagStart:99}
+
+if [ "$tagName" = "latest-apache" ]; then
+  echo "Tagging $IMAGE_NAME as :latest"
+
+  docker tag $IMAGE_NAME ${repoName}:latest
+  docker push ${repoName}:latest
+fi

src/php.ini

@@ -0,0 +1,10 @@
+memory_limit=64M
+display_errors=Off
+log_errors=On
+upload_max_filesize=5M
+post_max_size=6M
+zlib.output_compression=Off
+session.auto_start=Off
+session.gc_maxlifetime=21600
+session.gc_divisor=500
+session.gc_probability=1