proton_nextcloud_podman/protonmail-bridge-nextcoud-podman
1
0
Fork 0
forked from Mouws/protonmail-bridge-nextcoud-podman
Code Pull Requests Activity

Compare commits

base: proton_nextcloud_podman:mouws-nextcloud
Branches Tags
proton_nextcloud_podman:master
proton_nextcloud_podman:mouws-nextcloud
..
compare: proton_nextcloud_podman:master
Branches Tags
proton_nextcloud_podman:mouws-nextcloud
proton_nextcloud_podman:master
Mouws:master

No commits in common. "mouws-nextcloud" and "master" have entirely different histories.
mouws-next ... master

8 changed files with 134 additions and 8 deletions
Show Stats Expand all files Collapse all files

39
README.md
View File

@ -1,11 +1,26 @@
# ProtonMail IMAP/SMTP Bridge Podman Container
# ProtonMail IMAP/SMTP Bridge Docker Container
![version badge](https://img.shields.io/docker/v/shenxn/protonmail-bridge)
![image size badge](https://img.shields.io/docker/image-size/shenxn/protonmail-bridge/build)
![docker pulls badge](https://img.shields.io/docker/pulls/shenxn/protonmail-bridge)
![deb badge](https://github.com/shenxn/protonmail-bridge-docker/workflows/pack%20from%20deb/badge.svg)
![build badge](https://github.com/shenxn/protonmail-bridge-docker/workflows/build%20from%20source/badge.svg)
This is an unofficial Docker container of the [ProtonMail Bridge](https://protonmail.com/bridge/). Some of the scripts are based on [Hendrik Meyer's work](https://gitlab.com/T4cC0re/protonmail-bridge-docker).
This nothing more than some small adjustments to the work shenxn did to make it easy to run with podman and adjusted for nextcloud mail.
Docker Hub: [https://hub.docker.com/r/shenxn/protonmail-bridge](https://hub.docker.com/r/shenxn/protonmail-bridge)
GitHub: [https://github.com/shenxn/protonmail-bridge-docker](https://github.com/shenxn/protonmail-bridge-docker)
## ARM Support
We now support ARM devices (`arm64` and `arm/v7`)! Use the images tagged with `build`. See next section for details.
## Tags
There are two types of images.
- `deb`: Images based on the official [.deb release](https://protonmail.com/bridge/install). It only supports the `amd64` architecture.
- `build`: Images based on the [source code](https://github.com/ProtonMail/proton-bridge). It supports `amd64`, `arm64`, `arm/v7` and `riscv64`. Supporting to more architectures is possible. PRs are welcome.
tag | description
-- | --
@ -19,9 +34,14 @@ tag | description
To initialize and add account to the bridge, run the following command.
```
podman run --rm -it -v protonmail:/root shenxn/protonmail-bridge init
docker run --rm -it -v protonmail:/root shenxn/protonmail-bridge init
```
If you want to use Docker Compose instead, you can create a copy of the provided example [docker-compose.yml](docker-compose.yml) file, modify it to suit your needs, and then run the following command:
```
docker compose run protonmail-bridge init
```
Wait for the bridge to startup, then you will see a prompt appear for [Proton Mail Bridge interactive shell](https://proton.me/support/bridge-cli-guide). Use the `login` command and follow the instructions to add your account into the bridge. Then use `info` to see the configuration information (username and password). After that, use `exit` to exit the bridge. You may need `CTRL+C` to exit the docker entirely.
@ -33,6 +53,11 @@ To run the container, use the following command.
docker run -d --name=protonmail-bridge -v protonmail:/root -p 1025:25/tcp -p 1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
```
Or, if using Docker Compose, use the following command.
```
docker compose up -d
```
## Kubernetes
@ -42,7 +67,13 @@ If you don't want to use Helm, you can also reference to the guide ([#6](https:/
## Security
Please be aware that running the command above will expose your bridge to the network. Remember to use firewall if you are going to run this in an untrusted network or on a machine that has public IP address.
Please be aware that running the command above will expose your bridge to the network. Remember to use firewall if you are going to run this in an untrusted network or on a machine that has public IP address. You can also use the following command to publish the port to only localhost, which is the same behavior as the official bridge package.
```
docker run -d --name=protonmail-bridge -v protonmail:/root -p 127.0.0.1:1025:25/tcp -p 127.0.0.1:1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
```
Besides, you can publish only port 25 (SMTP) if you don't need to receive any email (e.g. as a email notification service).
## Compatibility

5
SECURITY.md Normal file
View File

@ -0,0 +1,5 @@
# Security Policy
## Reporting a Vulnerability
Before reporting any vulnerability, make sure that it is caused by this project (i.e., this is not a vulnarability of the bridge itself). To report a vulnerabilitiy, you can send me an email (s@sxn.dev). My PGP public key is available [here](https://api.protonmail.ch/pks/lookup?op=get&search=s@sxn.dev).

33
build/Dockerfile Normal file
View File

@ -0,0 +1,33 @@
# The build image could be golang, but it currently does not support riscv64. Only debian:sid does, at the time of writing.
FROM debian:sid-slim AS build
ARG version
# Install dependencies
RUN apt-get update && apt-get install -y golang build-essential libsecret-1-dev
# Build
ADD https://github.com/ProtonMail/proton-bridge.git#${version} /build/
WORKDIR /build/
RUN make build-nogui vault-editor
FROM debian:sid-slim
LABEL maintainer="Simon Felding <sife@adm.ku.dk>"
EXPOSE 25/tcp
EXPOSE 143/tcp
# Install dependencies and protonmail bridge
RUN apt-get update \
&& apt-get install -y --no-install-recommends socat pass libsecret-1-0 ca-certificates \
&& rm -rf /var/lib/apt/lists/*
# Copy bash scripts
COPY gpgparams entrypoint.sh /protonmail/
# Copy protonmail
COPY --from=build /build/bridge /protonmail/
COPY --from=build /build/proton-bridge /protonmail/
COPY --from=build /build/vault-editor /protonmail/
ENTRYPOINT ["bash", "/protonmail/entrypoint.sh"]

35
build/entrypoint.sh Normal file
View File

@ -0,0 +1,35 @@
#!/bin/bash
set -ex
# Initialize
if [[ $1 == init ]]; then
# Initialize pass
gpg --generate-key --batch /protonmail/gpgparams
pass init pass-key
# Kill the other instance as only one can be running at a time.
# This allows users to run entrypoint init inside a running conainter
# which is useful in a k8s environment.
# || true to make sure this would not fail in case there is no running instance.
pkill protonmail-bridge || true
# Login
/protonmail/proton-bridge --cli $@
else
# socat will make the conn appear to come from 127.0.0.1
# ProtonMail Bridge currently expects that.
# It also allows us to bind to the real ports :)
socat TCP-LISTEN:25,fork TCP:127.0.0.1:1025 &
socat TCP-LISTEN:143,fork TCP:127.0.0.1:1143 &
# Start protonmail
# Fake a terminal, so it does not quit because of EOF...
rm -f faketty
mkfifo faketty
cat faketty | /protonmail/proton-bridge --cli $@
fi

8
build/gpgparams Normal file
View File

@ -0,0 +1,8 @@
%no-protection
%echo Generating a basic OpenPGP key
Key-Type: RSA
Key-Length: 2048
Name-Real: pass-key
Expire-Date: 0
%commit
%echo done

4
deb/Dockerfile
View File

@ -12,8 +12,8 @@ RUN bash /install.sh
FROM debian:sid-slim
LABEL maintainer="Simon Felding <sife@adm.ku.dk>"
EXPOSE 12025/tcp
EXPOSE 12143/tcp
EXPOSE 25/tcp
EXPOSE 143/tcp
WORKDIR /protonmail

4
deb/entrypoint.sh
View File

@ -37,8 +37,8 @@ else
# socat will make the conn appear to come from 127.0.0.1
# ProtonMail Bridge currently expects that.
# It also allows us to bind to the real ports :)
socat TCP-LISTEN:12025,fork TCP:127.0.0.1:1025 &
socat TCP-LISTEN:12143,fork TCP:127.0.0.1:1143 &
socat TCP-LISTEN:25,fork TCP:127.0.0.1:1025 &
socat TCP-LISTEN:143,fork TCP:127.0.0.1:1143 &
# Start protonmail
# Fake a terminal, so it does not quit because of EOF...

14
docker-compose.yml Normal file
View File

@ -0,0 +1,14 @@
version: '2.1'
services:
protonmail-bridge:
image: shenxn/protonmail-bridge
ports:
- 1025:25/tcp
- 1143:143/tcp
restart: unless-stopped
volumes:
- protonmail:/root
volumes:
protonmail:
name: protonmail