Remove build images

docker/Dockerfile

@@ -0,0 +1,42 @@
+FROM golang:1.16 AS build
+
+# Install dependencies
+RUN apt-get update && apt-get install -y libsecret-1-dev
+
+# Build
+WORKDIR /build/
+COPY VERSION /build/
+
+RUN VERSION=$(cat VERSION) && \
+    curl -L https://github.com/ProtonMail/proton-bridge/archive/refs/tags/${VERSION}.tar.gz \
+        | tar zx --strip-component 1 && \
+    make build-nogui
+
+FROM ubuntu:bionic
+LABEL maintainer="Xiaonan Shen <s@sxn.dev>"
+
+EXPOSE 25/tcp
+EXPOSE 143/tcp
+
+# Install dependencies
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+        expect socat pass libsecret-1-0 ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+# Copy protonmail
+COPY --from=build /build/proton-bridge/proton-bridge /protonmail/
+
+# Copy bash scripts
+COPY gpgparams entrypoint.sh login.exp /protonmail/
+
+RUN chmod +x /protonmail/login.exp
+
+# Add a user 'protonmail' with UID 8535
+RUN useradd -u 8535 -d /home/protonmail protonmail \
+    && mkdir -p /home/protonmail \
+    && chown protonmail: /home/protonmail
+# change to non-privileged user for extra security
+USER protonmail
+
+ENTRYPOINT ["bash", "/protonmail/entrypoint.sh"]

docker/VERSION

@@ -0,0 +1 @@
+v1.8.9

docker/entrypoint.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+set -ex
+
+id
+# Go to current user's homedir
+cd
+echo $PWD
+
+# Initialize
+if [[ $1 == init ]]; then
+    # set GNUPGHOME as a workaround for
+    #
+    #   gpg-agent[106]: error binding socket to '/root/.gnupg/S.gpg-agent': File name too long
+    #
+    # when using docker volume mount
+    #
+    # ref: https://dev.gnupg.org/T2964
+    #
+
+    export GNUPGHOME="${GNUPGHOME:-"/tmp/gnupg"}"
+    rm -rf "${GNUPGHOME}" || true
+    mkdir -p "${GNUPGHOME}"
+    chmod 0700 "${GNUPGHOME}"
+
+    # Initialize pass
+    gpg --generate-key --batch /protonmail/gpgparams
+    pass init "${KEY_ID:-"pass-key"}"
+
+    # Login
+    do_login="/protonmail/proton-bridge --cli $*"
+    if [[ "x${PROTONMAIL_USERNAME}" != "x" && "x${PROTONMAIL_PASSWORD}" != "x" ]]; then
+        # automated login if both username and password are set
+        do_login="/protonmail/login.exp ${do_login}"
+    fi
+
+    $do_login
+
+    # copy gnupg files to default path
+    mkdir -p /root/.gnupg
+    kill "$(pidof gpg-agent)"
+    cp -a "${GNUPGHOME}/" /root/.gnupg/
+
+else
+
+    # socat will make the conn appear to come from 127.0.0.1
+    # ProtonMail Bridge currently expects that.
+    # It also allows us to bind to the real ports :)
+    socat TCP-LISTEN:25,fork TCP:127.0.0.1:1025 &
+    socat TCP-LISTEN:143,fork TCP:127.0.0.1:1143 &
+
+    # Start protonmail
+    # Fake a terminal, so it does not quit because of EOF...
+    rm -f faketty
+    mkfifo faketty
+    cat faketty | /protonmail/proton-bridge --cli $@
+
+fi

docker/gpgparams

@@ -0,0 +1,8 @@
+%no-protection
+%echo Generating a basic OpenPGP key
+Key-Type: RSA
+Key-Length: 2048
+Name-Real: pass-key
+Expire-Date: 0
+%commit
+%echo done

docker/login.exp

@@ -0,0 +1,58 @@
+#!/usr/bin/expect -f
+
+set timeout 15;
+
+spawn {*}$argv ;
+
+# wait for inital prompt
+expect {
+  ">>> " {
+    # protonmail-bridge started without error, do nothing
+  }
+
+  timeout {
+    exit 2
+  }
+}
+
+send "login\r"
+expect {
+  "Username: " {
+    # login start, enter username
+  }
+
+  timeout {
+    exit 2
+  }
+}
+
+send "$env(PROTONMAIL_USERNAME)\r"
+expect {
+  "Password: " {
+    # username entered, enter password
+  }
+
+  timeout {
+    exit 2
+  }
+}
+
+stty -echo
+sleep 1
+send "$env(PROTONMAIL_PASSWORD)\r"
+stty echo
+expect {
+  "was added successfully." {
+    # login ok
+    exit 0
+  }
+
+  "Server error" {
+    # login failed
+    exit 1
+  }
+
+  timeout {
+    exit 2
+  }
+}