Mouws/protonmail-bridge-nextcoud-podman
1
0
Fork 1
mirror of https://github.com/shenxn/protonmail-bridge-docker.git synced 2025-12-06 08:27:08 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

simplified some stuff. it should work now!

Browse Source
This commit is contained in:
Simon Ungar Felding 2025-06-12 16:49:33 +02:00
parent 4e5d190e13
commit 651cbbdaf3
2 changed files with 62 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
README.md
View File

@ -29,41 +29,20 @@ tag | description
`build` | latest `build` image
`[version]-build` | `build` images
## Initialization
## Starting the container
To initialize and add account to the bridge, run the following command.
To initialize and add account to the bridge, run the following steps:
1. Start the container with a named volume (protonmail) for persistent storage.
```
docker run --rm -it -v protonmail:/root shenxn/protonmail-bridge init
docker run -it -v protonmail:/root shenxn/protonmail-bridge
```
If you want to use Docker Compose instead, you can create a copy of the provided example [docker-compose.yml](docker-compose.yml) file, modify it to suit your needs, and then run the following command:
## Setting up the bridge
```
docker compose run protonmail-bridge init
```
Wait for the bridge to startup, then you will see a prompt appear for [Proton Mail Bridge interactive shell](https://proton.me/support/bridge-cli-guide). Use the `login` command and follow the instructions to add your account into the bridge. Then use `info` to see the configuration information (username and password). After that, use `exit` to exit the bridge. You may need `CTRL+C` to exit the docker entirely.
## Run
To run the container, use the following command.
```
docker run -d --name=protonmail-bridge -v protonmail:/root -p 1025:25/tcp -p 1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
```
Or, if using Docker Compose, use the following command.
```
docker compose up -d
```
## Kubernetes
If you want to run this image in a Kubernetes environment. You can use the [Helm](https://helm.sh/) chart (https://github.com/k8s-at-home/charts/tree/master/charts/stable/protonmail-bridge) created by [@Eagleman7](https://github.com/Eagleman7). More details can be found in [#23](https://github.com/shenxn/protonmail-bridge-docker/issues/23).
If you don't want to use Helm, you can also reference to the guide ([#6](https://github.com/shenxn/protonmail-bridge-docker/issues/6)) written by [@ghudgins](https://github.com/ghudgins).
If you have not set up an account, you need to do the folliwing steps in the protonmail-bridge CLI interface:
1. Use the `add` command to add your ProtonMail account. You will be prompted to enter your ProtonMail username and password.
2. After adding your account, use the `info` command to see the configuration information (username and password).
## Security
@ -75,19 +54,6 @@ docker run -d --name=protonmail-bridge -v protonmail:/root -p 127.0.0.1:1025:25/
Besides, you can publish only port 25 (SMTP) if you don't need to receive any email (e.g. as a email notification service).
## Compatibility
The bridge currently only supports some of the email clients. More details can be found on the official website. I've tested this on a Synology DiskStation and it runs well. However, you may need ssh onto it to run the interactive docker command to add your account. The main reason of using this instead of environment variables is that it seems to be the best way to support two-factor authentication.
## Bridge CLI Guide
The initialization step exposes the bridge CLI so you can do things like switch between combined and split mode, change proxy, etc. The [official guide](https://protonmail.com/support/knowledge-base/bridge-cli-guide/) gives more information on to use the CLI.
## Build
For anyone who want to build this container on your own (for development or security concerns), here is the guide to do so. First, you need to `cd` into the directory (`deb` or `build`, depending on which type of image you want). Then just run the docker build command
```
docker build .
```
That's it. The `Dockerfile` and bash scripts handle all the downloading, building, and packing. You can also add tags, push to your favorite docker registry, or use `buildx` to build multi architecture images.

102
build/entrypoint.sh
View File

@ -2,59 +2,65 @@
set -ex
# Initialize
if [[ $1 == init ]]; then
echo "The init command is deprecated. Go to our github repo for setup instructions."
fi
# Initialize pass
if [[ $HOME == "/" ]] then
echo "When running rootless, you must set a home dir as the HOME env var. We recommend /data. Make sure it is writable by the user running the container (currently id is $(id -u) and HOME is $HOME)."
exit 1
fi
# give friendly error if you don't have protonmail data
if [[ `find $HOME | wc -l` == 1 ]]; then # 1 because find $HOME will always return $HOME
echo 'Protonmail does not seem to have been initialized yet. Enter the container with something like `docker exec -it <container_name>` and type "help" for instructions on how to set up the ProtonMail Bridge'
timeout 10s /protonmail/proton-bridge --noninteractive # this starts the bridge in non-interactive mode and kills it after 20 seconds, so we can populate the vault with default values and override them with the env variables in the later step.
fi
# give friendly error if the user doesn't own the data
if [[ $(id -u) != 0 ]]; then
if [[ `find $HOME/.* -not -user $(id -u) | wc -l` != 0 ]]; then
echo "You do not own the data in $HOME. Please chown it to $(id -u), run the container as the owner of the data or run the container as root."
exit 1
fi
fi
if [[ ! -f $HOME/.gnupg ]]; then
echo "No GPG key found in $HOME/.gnupg. Running gpg --generate-key."
gpg --generate-key --batch /protonmail/gpgparams
pass init pass-key
# Kill the other instance as only one can be running at a time.
# This allows users to run entrypoint init inside a running conainter
# which is useful in a k8s environment.
# || true to make sure this would not fail in case there is no running instance.
pkill protonmail-bridge || true
# delete lock files if they exist - this can happen if the container is restarted forcefully
# Login
/protonmail/proton-bridge --cli $@
else
if [[ $HOME == "/" ]] then
echo "When running rootless, you must set a home dir as the HOME env var. We recommend /data. Make sure it is writable by the user running the container (currently id is $(id -u) and HOME is $HOME)."
exit 1
fi
# give friendly error if you don't have protonmail data
if [[ `find $HOME | wc -l` == 1 ]]; then # 1 because find $HOME will always return $HOME
echo "No files found - start the container with the init command, or copy/mount files into it at $HOME first. Sleeping 5 minutes before exiting so you have time to copy the files over."
sleep 300
exit 1
fi
# give friendly error if the user doesn't own the data
if [[ $(id -u) != 0 ]]; then
if [[ `find $HOME/.* -not -user $(id -u) | wc -l` != 0 ]]; then
echo "You do not own the data in $HOME. Please chown it to $(id -u), run the container as the owner of the data or run the container as root."
exit 1
fi
fi
# delete lock files if they exist - this can happen if the container is restarted forcefully
if [[ `find $HOME -name "*.lock" | wc -l` != 0 ]]; then
echo "Deleting lock files in $HOME. This can happen if the container is restarted forcefully."
find $HOME -name "*.lock" -delete
# socat will make the conn appear to come from 127.0.0.1
# ProtonMail Bridge currently expects that.
# It also allows us to bind to the real ports :)
if [[ $(id -u) == 0 ]]; then
socat TCP-LISTEN:25,fork TCP:127.0.0.1:1025 &
socat TCP-LISTEN:143,fork TCP:127.0.0.1:1143 &
else
socat TCP-LISTEN:2025,fork TCP:127.0.0.1:1025 &
socat TCP-LISTEN:2143,fork TCP:127.0.0.1:1143 &
fi
# Start protonmail
/protonmail/proton-bridge --noninteractive $@
fi
# socat will make the conn appear to come from 127.0.0.1
# ProtonMail Bridge currently expects that.
# It also allows us to bind to the real ports :)
if [[ $(id -u) == 0 ]]; then
socat TCP-LISTEN:25,fork TCP:127.0.0.1:1025 &
socat TCP-LISTEN:143,fork TCP:127.0.0.1:1143 &
else
socat TCP-LISTEN:2025,fork TCP:127.0.0.1:1025 &
socat TCP-LISTEN:2143,fork TCP:127.0.0.1:1143 &
fi
# Broken until https://github.com/ProtonMail/proton-bridge/issues/512 is resolved.
# check if the vault-editor can read the config
/protonmail/vault-editor read 2>&1 1>/dev/null
# Modify the protonmail config with env variables and expected values. Env variables must be converted from string to boolean.
/protonmail/vault-editor read | \
jq '.Settings.AutoUpdate = (env.PROTONMAIL_AutoUpdate | if . == "true" then true else false end)
| .Settings.TelemetryDisabled = (env.PROTONMAIL_TelemetryDisabled | if . == "true" then true else false end)
| .Settings.GluonDir |= "\(env.HOME)/.local/share/protonmail/bridge-v3/gluon"
| .Settings.Autostart = false
| .Settings.SMTPPort = 1025
| .Settings.IMAPPort = 1143 ' \
| /protonmail/vault-editor write
# Start protonmail
echo "Starting ProtonMail Bridge. Connect to the CLI with `docker exec -it <container_name>` and type 'help' for instructions."
/protonmail/proton-bridge --cli $@