From 267ba1e25d0e1139dca7284e26449f403804f3d3 Mon Sep 17 00:00:00 2001 From: Florian Brandes Date: Tue, 28 Oct 2025 21:26:28 +0100 Subject: [PATCH] add Dockerfile Signed-off-by: Florian Brandes --- Dockerfile | 41 +++++++++++++++++++++++++++++++++++++++++ README.md | 13 +++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..1c01965 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,41 @@ +# syntax=docker/dockerfile:1 + +FROM python:3.13.8-slim as base +# Prevents Python from writing pyc files. +ENV PYTHONDONTWRITEBYTECODE=1 +# Keeps Python from buffering stdout and stderr to avoid situations where +# the application crashes without emitting any logs due to buffering. +ENV PYTHONUNBUFFERED=1 + +WORKDIR /app + +# Create a non-privileged user that the app will run under. +# See https://docs.docker.com/go/dockerfile-user-best-practices/ +ARG UID=10001 +RUN adduser \ + --disabled-password \ + --gecos "" \ + --home "/nonexistent" \ + --shell "/sbin/nologin" \ + --no-create-home \ + --uid "${UID}" \ + appuser + +RUN apt-get update +RUN apt-get install -y build-essential libssl-dev python3-dev swig + +# Download dependencies as a separate step to take advantage of Docker's caching. +# Leverage a cache mount to /root/.cache/pip to speed up subsequent builds. +# Leverage a bind mount to requirements.txt to avoid having to copy them into +# into this layer. +RUN --mount=type=cache,target=/root/.cache/pip \ + --mount=type=bind,source=requirements.txt,target=requirements.txt \ + python -m pip install -r requirements.txt + +# Switch to the non-privileged user to run the application. +USER appuser + +ADD smtprd_ng /app/smtprd_ng + +EXPOSE 8025 +CMD python smtprd_ng/smtprd.py --config /app/config.ini diff --git a/README.md b/README.md index d9b3646..9194971 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,8 @@ This can also for example use `msmtp`. This way scripts can use `sendmail` which Additionally, we can sign and encrypt the emails with S/MIME certificates, which adds a layer of authentification and security for automated information delivery (think security notifications, logs, etc.) +Please note: This will only forward emails to email addresses specified in `config.ini`, so it is not useful as a general SMTP-relay (like `msmtp`) but only for a predefined email set. This is by design. + For now, this is a proof-of-concept. @@ -49,6 +51,17 @@ Note: `build` must be installed. You should use a `venv` for this. Clone this repo and run `devenv shell` +### docker + + + +1. Clone this repo +2. `cp config.example config.ini` +3. edit `config.ini` as you need it. I'd suggest using `/app/pw` as password file and bild-mounting it. +4. `docker build -t smtprd-ng:latest .` +5. `docker run -p 8025:8025 -v ./config.ini:/app/config.ini -v ./pw:/app/pw --rm -it smtprd-ng:latest` + + ## Contributing Contributions are always welcome!