.drone.yml

@@ -1,58 +1,27 @@
 ---
 kind: pipeline
-type: exec
+type: docker
 name: default
 
-environment:
+volumes:
-  DOCKER_CLI_EXPERIMENTAL: enabled
+  - name: docker_socket
-
+    host:
-platform:
+      path: /var/run/docker.sock
-  os: linux
-  arch: amd64
 
 steps:
   - name: build  
+    image: alexviscreanu/buildx
     commands:
-      - |-
+      - docker run --rm --privileged docker/binfmt:a7996909642ee92942dcd6cff44b9b95f08dad64
-        case $(uname -a) in
+      - export BUILDER_ID="crosscomp-$(cat /proc/self/cgroup | head -1 | cut -d '/' -f 3)"
-          *x86_64*)
+      - docker buildx create --use --name $BUILDER_ID --driver-opt image=stargate01/buildkit
-            export ARCH="amd64"
+      - docker buildx inspect --bootstrap
-            docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+      - echo $REGISTRY_PASS | docker login --username $REGISTRY_USER --password-stdin $REGISTRY_HOST
-            ;;
+      - docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 --output=type=image,push=true --progress tty --build-arg TAG=$DRONE_TAG -t $REGISTRY_HOST/$IMAGE:$DRONE_TAG -t $REGISTRY_HOST/$IMAGE:latest .
-          *aarch64*)
+      - docker buildx rm $BUILDER_ID
-            export ARCH="arm64"
+    volumes:
-            ;;
+      - name: docker_socket
-          *)
+        path: /var/run/docker.sock
-            export ARCH="unknown"
-            ;;
-          esac
-      - |-
-        export BUILDX_URL=$(\
-          wget -q -O - https://api.github.com/repos/docker/buildx/releases/latest\
-        | grep "browser_download_url.*linux-$ARCH"\
-        | cut -d: -f2,3\
-        | tr -d \"\
-        | tr -d \ \
-        )
-      - mkdir -p ~/.docker/cli-plugins
-      - wget -O ~/.docker/cli-plugins/docker-buildx $BUILDX_URL
-      - chmod a+x ~/.docker/cli-plugins/docker-buildx
-      - docker version
-      - docker buildx version
-      - |-
-        echo -n $REGISTRY_PASS\
-        | docker login -u $REGISTRY_USER --password-stdin $REGISTRY_HOST
-      - docker buildx create --name multiarch --use
-      - |-
-        docker buildx build\
-          --no-cache\
-          --platform linux/amd64,linux/arm64\
-          --output type=image,push=true\
-          --progress tty\
-          --build-arg TAG=$DRONE_TAG\
-          -t $REGISTRY_HOST/$IMAGE:$DRONE_TAG\
-          -t $REGISTRY_HOST/$IMAGE:latest\
-          .
     environment:
       IMAGE: protonmail-bridge
       REGISTRY_HOST: registry.thegibsonhome.net

Dockerfile

@@ -1,54 +1,35 @@
 # Build the ProtonMail Bridge.
-FROM golang:1.18-buster as build
+FROM golang:1.14-alpine as build
 ENV LANG C.UTF-8
-
+RUN apk add --no-cache \
-# Install required build packages
+      gcc \
-RUN apt-get update \
- && apt-get install -y \
-      bash \
-      build-essential \
-      curl \
       git \
-      libsecret-1-dev \
+      libsecret-dev \
+      make \
       musl-dev
-
-# Download/build the application
 WORKDIR /usr/src
-ARG RELEASE
+
 ARG TAG
-RUN if [ -n "$RELEASE" ]; then \
+RUN git clone https://github.com/ProtonMail/proton-bridge.git proton-bridge \
-         echo "Using release $RELEASE..." \
-      && curl -L -s "https://github.com/ProtonMail/proton-bridge/archive/$RELEASE.tar.gz" | tar zx \
-	  && export PROTON_BRIDGE="proton-bridge-$(echo $RELEASE | sed -e 's/^\(v\|br\)//')" \
-	  && ln -s "${PROTON_BRIDGE}" proton-bridge \
-      && cd "${PROTON_BRIDGE}" \
-  ; else \
-         git clone https://github.com/ProtonMail/proton-bridge.git proton-bridge \
     && cd proton-bridge \
     && if [ -n "$TAG" ]; then echo "Using tags/$TAG..."; git checkout tags/$TAG; fi \
-  ; fi \
     && make build-nogui
 
 # Create a container for the ProtonMail Bridge.
-FROM debian:stable
+FROM alpine:edge
 ENV LANG C.UTF-8
 
 EXPOSE 25/tcp
 EXPOSE 143/tcp
 
-COPY --from=build /usr/src/proton-bridge/proton-bridge /bin/proton-bridge
+COPY --from=build /usr/src/proton-bridge/Desktop-Bridge /bin/protonmail-bridge
-COPY --from=build /usr/src/proton-bridge/bridge /bin/bridge
 COPY entrypoint /bin/
 COPY initproton /bin/
-RUN apt-get update\
+RUN apk add --no-cache \
- && apt-get install -y --no-install-recommends --no-install-suggests\
+      libsecret \
-      libcap2\
-      libsecret-1-0\
-      gosu\
-      gpg-agent\
       pass \
       socat \
- && rm -rf /var/lib/apt/lists/*\
+      su-exec \
  && chmod +x /bin/entrypoint \
  && chmod +x /bin/initproton
 

entrypoint

@@ -5,16 +5,8 @@
 USER_ID=${PUID:-9001}
 GROUP_ID=${PGID:-$USER_ID}
 echo "Starting with UID : $USER_ID:$GROUP_ID"
-GROUP=proton
+addgroup -g $GROUP_ID proton
-if getent group $GROUP_ID > /dev/null; then
+adduser -D -u $USER_ID -G proton -h /var/lib/proton -s /bin/bash proton
-  echo "Using group $GROUP with GID $GROUP_ID..."
-  GROUP=$(getent group $GROUP_ID | cut -d: -f1)
-else
-  echo "Adding group $GROUP with GID $GROUP_ID..."
-  addgroup -g $GROUP_ID $GROUP
-fi
-echo "Adding user proton ($USER_ID) with group $GROUP ${GROUP_ID}..."
-adduser -D -u $USER_ID -G $GROUP -h /var/lib/proton -s /bin/sh proton
 chown -R ${USER_ID}:${GROUP_ID} /var/lib/proton
 export HOME=/var/lib/proton
 
@@ -25,5 +17,4 @@ setcap 'cap_net_bind_service=+ep' /usr/bin/socat
 socat TCP-LISTEN:25,fork TCP:127.0.0.1:1025 &
 socat TCP-LISTEN:143,fork TCP:127.0.0.1:1143 &
 
-echo "Starting ProtonMail Bridge..."
+exec /sbin/su-exec proton "$@"
-exec /usr/sbin/gosu proton "$@"

initproton

@@ -1,49 +1,38 @@
 #!/bin/bash                                                                     
 set -eufo pipefail
 
-BRIDGE=/bin/bridge
+BRIDGE=/bin/protonmail-bridge
 FIFO=/tmp/fifo
 PRINT_INFO=${PRINT_INFO:-""}
 
 #### INIT
 PASS_FILE=${PASS_FILE:-}
 if [ -n "$PASS_FILE" ]; then
+    echo "Using PASS file."
     PASS=$(cat $PASS_FILE)
 fi
 
-echo "Checking for GPG configuration..."
+if ! [ -f ./initialized ]; then
-if ! [ -d .gnupg ]; then
+  echo -e "%no-protection\nKey-Type: RSA\nKey-Length: 2048\nName-Real: $EMAIL\nExpire-Date: 0\n%commit" \
-  echo "Generating GPG Key..."
-  echo -e "%no-protection\nKey-Type: RSA\nKey-Length: 4096\nName-Real: $EMAIL\nExpire-Date: 0\n%commit" \
     | gpg --generate-key --batch
-fi
+  pass init pass-key
-echo "Checking for Password Store..."
-if ! [ -d .password-store ]; then
-  echo "Initializing Pass..."
-  pass init "$EMAIL"
-fi
-echo "Checking for ProtonMail Bridge Cache..."
-if ! [ -d ~/.cache/protonmail/bridge ]; then
-  echo "Logging in to ProtonMail Bridge..."
   COMMAND="login\n$EMAIL\n$PASSWORD"
-  MFA_CODE=${MFA_CODE:-}
+  RUN_2FA_LOGIN=${RUN_2FA_LOGIN:-}
-  if [ -n "$MFA_CODE" ]; then
+  if [ -n "$RUN_2FA_LOGIN" ]; then
+    echo "Using MFA code."
     COMMAND="$COMMAND\n$MFA_CODE"
   fi
+  echo "Executing COMMAND: $COMMAND"
   echo -e "$COMMAND" | $BRIDGE --cli
+  touch ./initialized
 fi
 
 if [ -n "$PRINT_INFO" ]; then
-  echo "Printing Info..."
   echo info | $BRIDGE --cli | egrep '(Username|Password)' | sort -ru
 fi
 
-ARGUMENTS="--noninteractive"
+# Fake a terminal, so it does not quit because of EOF...
-LOG_LEVEL=${LOG_LEVEL:-}
+if [ ! -e "$FIFO" ]; then
-if [ -n "$LOG_LEVEL" ]; then
+  mkfifo $FIFO
-  ARGUMENTS="${ARGUMENTS} --log-level ${LOG_LEVEL}"
 fi
-
+cat $FIFO | $BRIDGE --cli
-echo "Starting ProtonMail Bridge: $BRIDGE $ARGUMENTS"
-$BRIDGE --version
-$BRIDGE $ARGUMENTS