mox/docker-compose-integration.yml

version: '3.7'
services:
  # We run integration_test.go from this container, it connects to both mox instances.
  test:
    hostname: test.mox1.example
    image: mox_integration_test
    # We add our cfssl-generated CA (which is in the repo) and acme pebble CA
    # (generated each time pebble starts) to the list of trusted CA's, so the TLS
    # dials in integration_test.go succeed.
    command: ["sh", "-c", "set -ex; cat /integration/tmp-pebble-ca.pem /integration/tls/ca.pem >>/etc/ssl/certs/ca-certificates.crt; go test -tags integration"]
    volumes:
      - ./.go:/.go
      - ./testdata/integration/resolv.conf:/etc/resolv.conf
      - ./testdata/integration:/integration
      - ./testdata/integration/moxsubmit.conf:/etc/moxsubmit.conf
      - .:/mox
    environment:
      GOCACHE: /.go/.cache/go-build
    depends_on:
      dns:
        condition: service_healthy
      # moxmail2 depends on moxacmepebble, we connect to both.
      moxmail2:
        condition: service_healthy
      postfixmail:
        condition: service_healthy
      localserve:
        condition: service_healthy
    networks:
      mailnet1:
        ipv4_address: 172.28.1.50

  # First mox instance that uses ACME with pebble.
  moxacmepebble:
    hostname: moxacmepebble.mox1.example
    domainname: mox1.example
    image: mox_integration_moxmail
    environment:
      MOX_UID: "${MOX_UID}"
    command: ["sh", "-c", "/integration/moxacmepebble.sh"]
    volumes:
      - ./testdata/integration/resolv.conf:/etc/resolv.conf
      - ./testdata/integration:/integration
    healthcheck:
      test: netstat -nlt | grep ':25 '
      interval: 1s
      timeout: 1s
      retries: 10
    depends_on:
      dns:
        condition: service_healthy
      acmepebble:
        condition: service_healthy
    networks:
      mailnet1:
        ipv4_address: 172.28.1.10

  # Second mox instance, with TLS cert/keys from files.
  moxmail2:
    hostname: moxmail2.mox2.example
    domainname: mox2.example
    image: mox_integration_moxmail
    environment:
      MOX_UID: "${MOX_UID}"
    command: ["sh", "-c", "/integration/moxmail2.sh"]
    volumes:
      - ./testdata/integration/resolv.conf:/etc/resolv.conf
      - ./testdata/integration:/integration
    healthcheck:
      test: netstat -nlt | grep ':25 '
      interval: 1s
      timeout: 1s
      retries: 10
    depends_on:
      dns:
        condition: service_healthy
      acmepebble:
        condition: service_healthy
      # moxacmepebble creates tmp-pebble-ca.pem, needed by moxmail2 to trust the certificates offered by moxacmepebble.
      moxacmepebble:
        condition: service_healthy
    networks:
      mailnet1:
        ipv4_address: 172.28.1.20

  localserve:
    hostname: localserve.mox1.example
    domainname: mox1.example
    build:
      dockerfile: Dockerfile.moxmail
      context: testdata/integration
    command: ["sh", "-c", "set -e; chmod o+r /etc/resolv.conf; go run . -- localserve -ip 172.28.1.60"]
    volumes:
      - ./.go:/.go
      - ./testdata/integration/resolv.conf:/etc/resolv.conf
      - .:/mox
    environment:
      GOCACHE: /.go/.cache/go-build
    healthcheck:
      test: netstat -nlt | grep ':1025 '
      interval: 1s
      timeout: 1s
      retries: 10
    depends_on:
      dns:
        condition: service_healthy
    networks:
      mailnet1:
        ipv4_address: 172.28.1.60

  postfixmail:
    hostname: postfixmail.postfix.example
    domainname: postfix.example
    build:
      dockerfile: Dockerfile.postfix
      context: testdata/integration
    volumes:
      # todo: figure out how to mount files with a uid that the process in the container can read...
      - ./testdata/integration/resolv.conf:/etc/resolv.conf
    command: ["sh", "-c", "set -e; chmod o+r /etc/resolv.conf; (echo 'maillog_file = /dev/stdout'; echo 'mydestination = $$myhostname, localhost.$$mydomain, localhost, $$mydomain') >>/etc/postfix/main.cf; echo 'root: moxtest1@mox1.example' >>/etc/postfix/aliases; newaliases; postfix start-fg"]
    healthcheck:
      test: netstat -nlt | grep ':25 '
      interval: 1s
      timeout: 1s
      retries: 10
    depends_on:
      dns:
        condition: service_healthy
    networks:
      mailnet1:
        ipv4_address: 172.28.1.70

  dns:
    hostname: dns.example
    build:
      dockerfile: Dockerfile.dns
      # todo: figure out how to build from dockerfile with empty context without creating empty dirs in file system.
      context: testdata/integration
    volumes:
      - ./testdata/integration/resolv.conf:/etc/resolv.conf
      - ./testdata/integration:/integration
    # We start with a base example.zone, but moxacmepebble appends its records,
    # followed by moxmail2. They restart unbound after appending records.
    command: ["sh", "-c", "set -ex; ls -l /etc/resolv.conf; chmod o+r /etc/resolv.conf; install -m 640 -o unbound /integration/unbound.conf /etc/unbound/; chmod 755 /integration; chmod 644 /integration/*.zone; cp /integration/example.zone /integration/example-integration.zone; ls -ld /integration /integration/reverse.zone; unbound -d -p -v"]
    healthcheck:
      test: netstat -nlu | grep '172.28.1.30:53 '
      interval: 1s
      timeout: 1s
      retries: 10
    networks:
      mailnet1:
        ipv4_address: 172.28.1.30

  # pebble is a small acme server useful for testing. It creates a new CA
  # certificate each time it starts, so we go through some trouble to configure the
  # certificate in moxacmepebble and moxmail2.
  acmepebble:
    hostname: acmepebble.example
    image: docker.io/letsencrypt/pebble:v2.3.1@sha256:fc5a537bf8fbc7cc63aa24ec3142283aa9b6ba54529f86eb8ff31fbde7c5b258
    volumes:
      - ./testdata/integration/resolv.conf:/etc/resolv.conf
      - ./testdata/integration:/integration
    command: ["sh", "-c", "set -ex; mount; ls -l /etc/resolv.conf; chmod o+r /etc/resolv.conf; pebble -config /integration/pebble-config.json"]
    ports:
      - 14000:14000  # ACME port
      - 15000:15000  # Management port
    healthcheck:
      test: netstat -nlt | grep ':14000 '
      interval: 1s
      timeout: 1s
      retries: 10
    depends_on:
      dns:
        condition: service_healthy
    networks:
      mailnet1:
        ipv4_address: 172.28.1.40

networks:
  mailnet1:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: "172.28.1.0/24"
mox! 2023-01-30 16:27:06 +03:00			`version: '3.7'`
			`services:`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`# We run integration_test.go from this container, it connects to both mox instances.`
			`test:`
			`hostname: test.mox1.example`
			`image: mox_integration_test`
			`# We add our cfssl-generated CA (which is in the repo) and acme pebble CA`
			`# (generated each time pebble starts) to the list of trusted CA's, so the TLS`
			`# dials in integration_test.go succeed.`
			`command: ["sh", "-c", "set -ex; cat /integration/tmp-pebble-ca.pem /integration/tls/ca.pem >>/etc/ssl/certs/ca-certificates.crt; go test -tags integration"]`
mox! 2023-01-30 16:27:06 +03:00			`volumes:`
			`- ./.go:/.go`
			`- ./testdata/integration/resolv.conf:/etc/resolv.conf`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`- ./testdata/integration:/integration`
more integration tests: start "mox localserve" and submit a message with smtpclient and with "mox sendmail", check that we receive it 2023-07-01 19:48:29 +03:00			`- ./testdata/integration/moxsubmit.conf:/etc/moxsubmit.conf`
mox! 2023-01-30 16:27:06 +03:00			`- .:/mox`
			`environment:`
			`GOCACHE: /.go/.cache/go-build`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`depends_on:`
			`dns:`
			`condition: service_healthy`
			`# moxmail2 depends on moxacmepebble, we connect to both.`
			`moxmail2:`
			`condition: service_healthy`
			`postfixmail:`
			`condition: service_healthy`
			`localserve:`
			`condition: service_healthy`
			`networks:`
			`mailnet1:`
			`ipv4_address: 172.28.1.50`

			`# First mox instance that uses ACME with pebble.`
			`moxacmepebble:`
			`hostname: moxacmepebble.mox1.example`
			`domainname: mox1.example`
			`image: mox_integration_moxmail`
			`environment:`
			`MOX_UID: "${MOX_UID}"`
			`command: ["sh", "-c", "/integration/moxacmepebble.sh"]`
			`volumes:`
			`- ./testdata/integration/resolv.conf:/etc/resolv.conf`
			`- ./testdata/integration:/integration`
mox! 2023-01-30 16:27:06 +03:00			`healthcheck:`
			`test: netstat -nlt \| grep ':25 '`
			`interval: 1s`
			`timeout: 1s`
			`retries: 10`
			`depends_on:`
			`dns:`
			`condition: service_healthy`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`acmepebble:`
more integration tests: start "mox localserve" and submit a message with smtpclient and with "mox sendmail", check that we receive it 2023-07-01 19:48:29 +03:00			`condition: service_healthy`
mox! 2023-01-30 16:27:06 +03:00			`networks:`
			`mailnet1:`
			`ipv4_address: 172.28.1.10`

merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`# Second mox instance, with TLS cert/keys from files.`
			`moxmail2:`
			`hostname: moxmail2.mox2.example`
			`domainname: mox2.example`
			`image: mox_integration_moxmail`
			`environment:`
			`MOX_UID: "${MOX_UID}"`
			`command: ["sh", "-c", "/integration/moxmail2.sh"]`
mox! 2023-01-30 16:27:06 +03:00			`volumes:`
			`- ./testdata/integration/resolv.conf:/etc/resolv.conf`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`- ./testdata/integration:/integration`
mox! 2023-01-30 16:27:06 +03:00			`healthcheck:`
			`test: netstat -nlt \| grep ':25 '`
			`interval: 1s`
			`timeout: 1s`
			`retries: 10`
			`depends_on:`
			`dns:`
			`condition: service_healthy`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`acmepebble:`
			`condition: service_healthy`
			`# moxacmepebble creates tmp-pebble-ca.pem, needed by moxmail2 to trust the certificates offered by moxacmepebble.`
			`moxacmepebble:`
			`condition: service_healthy`
mox! 2023-01-30 16:27:06 +03:00			`networks:`
			`mailnet1:`
			`ipv4_address: 172.28.1.20`

more integration tests: start "mox localserve" and submit a message with smtpclient and with "mox sendmail", check that we receive it 2023-07-01 19:48:29 +03:00			`localserve:`
			`hostname: localserve.mox1.example`
			`domainname: mox1.example`
			`build:`
			`dockerfile: Dockerfile.moxmail`
			`context: testdata/integration`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`command: ["sh", "-c", "set -e; chmod o+r /etc/resolv.conf; go run . -- localserve -ip 172.28.1.60"]`
more integration tests: start "mox localserve" and submit a message with smtpclient and with "mox sendmail", check that we receive it 2023-07-01 19:48:29 +03:00			`volumes:`
			`- ./.go:/.go`
			`- ./testdata/integration/resolv.conf:/etc/resolv.conf`
			`- .:/mox`
			`environment:`
			`GOCACHE: /.go/.cache/go-build`
			`healthcheck:`
			`test: netstat -nlt \| grep ':1025 '`
			`interval: 1s`
			`timeout: 1s`
			`retries: 10`
			`depends_on:`
			`dns:`
			`condition: service_healthy`
			`networks:`
			`mailnet1:`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`ipv4_address: 172.28.1.60`

			`postfixmail:`
			`hostname: postfixmail.postfix.example`
			`domainname: postfix.example`
			`build:`
			`dockerfile: Dockerfile.postfix`
			`context: testdata/integration`
			`volumes:`
			`# todo: figure out how to mount files with a uid that the process in the container can read...`
			`- ./testdata/integration/resolv.conf:/etc/resolv.conf`
			`command: ["sh", "-c", "set -e; chmod o+r /etc/resolv.conf; (echo 'maillog_file = /dev/stdout'; echo 'mydestination = $$myhostname, localhost.$$mydomain, localhost, $$mydomain') >>/etc/postfix/main.cf; echo 'root: moxtest1@mox1.example' >>/etc/postfix/aliases; newaliases; postfix start-fg"]`
			`healthcheck:`
			`test: netstat -nlt \| grep ':25 '`
			`interval: 1s`
			`timeout: 1s`
			`retries: 10`
			`depends_on:`
			`dns:`
			`condition: service_healthy`
			`networks:`
			`mailnet1:`
			`ipv4_address: 172.28.1.70`
more integration tests: start "mox localserve" and submit a message with smtpclient and with "mox sendmail", check that we receive it 2023-07-01 19:48:29 +03:00
mox! 2023-01-30 16:27:06 +03:00			`dns:`
			`hostname: dns.example`
			`build:`
			`dockerfile: Dockerfile.dns`
			`# todo: figure out how to build from dockerfile with empty context without creating empty dirs in file system.`
			`context: testdata/integration`
			`volumes:`
			`- ./testdata/integration/resolv.conf:/etc/resolv.conf`
			`- ./testdata/integration:/integration`
merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`# We start with a base example.zone, but moxacmepebble appends its records,`
			`# followed by moxmail2. They restart unbound after appending records.`
			`command: ["sh", "-c", "set -ex; ls -l /etc/resolv.conf; chmod o+r /etc/resolv.conf; install -m 640 -o unbound /integration/unbound.conf /etc/unbound/; chmod 755 /integration; chmod 644 /integration/*.zone; cp /integration/example.zone /integration/example-integration.zone; ls -ld /integration /integration/reverse.zone; unbound -d -p -v"]`
mox! 2023-01-30 16:27:06 +03:00			`healthcheck:`
			`test: netstat -nlu \| grep '172.28.1.30:53 '`
			`interval: 1s`
			`timeout: 1s`
			`retries: 10`
			`networks:`
			`mailnet1:`
			`ipv4_address: 172.28.1.30`

merge docker-compose-based quickstart and integration tests into a single integration test the two were so similar it made sense to just have one that tests all. saves building docker images. 2023-07-24 00:32:02 +03:00			`# pebble is a small acme server useful for testing. It creates a new CA`
			`# certificate each time it starts, so we go through some trouble to configure the`
			`# certificate in moxacmepebble and moxmail2.`
			`acmepebble:`
			`hostname: acmepebble.example`
			`image: docker.io/letsencrypt/pebble:v2.3.1@sha256:fc5a537bf8fbc7cc63aa24ec3142283aa9b6ba54529f86eb8ff31fbde7c5b258`
			`volumes:`
			`- ./testdata/integration/resolv.conf:/etc/resolv.conf`
			`- ./testdata/integration:/integration`
			`command: ["sh", "-c", "set -ex; mount; ls -l /etc/resolv.conf; chmod o+r /etc/resolv.conf; pebble -config /integration/pebble-config.json"]`
			`ports:`
			`- 14000:14000 # ACME port`
			`- 15000:15000 # Management port`
			`healthcheck:`
			`test: netstat -nlt \| grep ':14000 '`
			`interval: 1s`
			`timeout: 1s`
			`retries: 10`
			`depends_on:`
			`dns:`
			`condition: service_healthy`
			`networks:`
			`mailnet1:`
			`ipv4_address: 172.28.1.40`

mox! 2023-01-30 16:27:06 +03:00			`networks:`
			`mailnet1:`
			`driver: bridge`
			`ipam:`
			`driver: default`
			`config:`
			`- subnet: "172.28.1.0/24"`