Thilawyn/protonmail-bridge-docker
1
0
Fork 0
forked from mirrors/protonmail-bridge-docker
Code Pull Requests Activity

Fix gpg-agent run and provide automated login process (#35)

Browse Source
This commit is contained in:
Xiaonan Shen
2021-09-04 11:22:58 +08:00
committed by GitHub
parent eb44376525 6fd883204d
commit 73ed583bf2
6 changed files with 115 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
README.md
View File

@@ -26,28 +26,39 @@ There are two types of images.
- `deb`: Images based on the official [.deb release](https://protonmail.com/bridge/install). It only supports the `amd64` architecture.
- `build`: Images based on the [source code](https://github.com/ProtonMail/proton-bridge). It supports `amd64`, `arm64`, and `arm/v7`. Supporting to more architectures is possible. PRs are welcome.
tag | description
-- | --
`latest` | latest `deb` image
`[version]` | `deb` images
`build` | latest `build` image
`[version]-build` | `build` images
| tag | description |
| ----------------- | -------------------- |
| `latest` | latest `deb` image |
| `[version]` | `deb` images |
| `build` | latest `build` image |
| `[version]-build` | `build` images |
## Environment Variables for images with `build` in tag
| Name | Description | Default Value |
| --------------------- | --------------------------------------------------------------------------------- | ------------- |
| `PROTONMAIL_USERNAME` | your protonmail account username | (not set) |
| `PROTONMAIL_PASSWORD` | the password for your protonmail account | (not set) |
| `KEY_ID` | the pgp-id for the internal password manager required by protonmail-bridge | `pass-key` |
| `GNUPGHOME` | change the defulat `/root/.gnupg` to this directory as a workaround for gpg error | `/tmp/gnupg` |
## Initialization
To initialize and add account to the bridge, run the following command.
```
```bash
docker run --rm -it -v protonmail:/home/protonmail shenxn/protonmail-bridge init
```
Wait for the bridge to startup, use `login` command and follow the instructions to add your account into the bridge. Then use `info` to see the configuration information (username and password). After that, use `exit` to exit the bridge. You may need `CTRL+C` to exit the docker entirely.
__NOTE:__ If you have `PROTONMAIL_USERNAME` and `PROTONMAIL_PASSWORD` set for `docker run` with `-e`, the login process will finish automatically.
## Run
To run the container, use the following command.
```
```bash
docker run -d --name=protonmail-bridge -v protonmail:/home/protonmail -p 1025:25/tcp -p 1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
```
@@ -61,7 +72,7 @@ If you don't want to use Helm, you can also reference to the guide ([#6](https:/
Please be aware that running the command above will expose your bridge to the network. Remember to use firewall if you are going to run this in an untrusted network or on a machine that has public IP address. You can also use the following command to publish the port to only localhost, which is the same behavior as the official bridge package.
```
```bash
docker run -d --name=protonmail-bridge -v protonmail:/home/protonmail -p 127.0.0.1:1025:25/tcp -p 127.0.0.1:1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
```

1
build/.dockerignore
View File

@@ -6,3 +6,4 @@
!gpgparams
!Dockerfile
!build.sh
!login.exp

13
build/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM golang:1.15 AS build
FROM golang:1.16 AS build
# Install dependencies
RUN apt-get update && apt-get install -y libsecret-1-dev
@@ -16,15 +16,18 @@ EXPOSE 143/tcp
# Install dependencies and protonmail bridge
RUN apt-get update \
&& apt-get install -y --no-install-recommends socat pass libsecret-1-0 ca-certificates \
&& apt-get install -y --no-install-recommends \
expect socat pass libsecret-1-0 ca-certificates \
&& rm -rf /var/lib/apt/lists/*
# Copy bash scripts
COPY gpgparams entrypoint.sh /protonmail/
# Copy protonmail
COPY --from=build /build/proton-bridge/proton-bridge /protonmail/
# Copy bash scripts
COPY gpgparams entrypoint.sh login.exp /protonmail/
RUN chmod +x /protonmail/login.exp
# Add a user 'protonmail' with UID 8535
RUN useradd -u 8535 -d /home/protonmail protonmail \
&& mkdir -p /home/protonmail \

4
build/build.sh
View File

@@ -2,12 +2,12 @@
set -ex
VERSION=`cat VERSION`
VERSION="$(cat VERSION)"
# Clone new code
git clone https://github.com/ProtonMail/proton-bridge.git
cd proton-bridge
git checkout v$VERSION
git checkout "v${VERSION}"
# Build
make build-nogui

28
build/entrypoint.sh
View File

@@ -9,13 +9,37 @@ echo $PWD
# Initialize
if [[ $1 == init ]]; then
# set GNUPGHOME as a workaround for
#
# gpg-agent[106]: error binding socket to '/root/.gnupg/S.gpg-agent': File name too long
#
# when using docker volume mount
#
# ref: https://dev.gnupg.org/T2964
#
export GNUPGHOME="${GNUPGHOME:-"/tmp/gnupg"}"
rm -rf "${GNUPGHOME}" || true
mkdir -p "${GNUPGHOME}"
chmod 0700 "${GNUPGHOME}"
# Initialize pass
gpg --generate-key --batch /protonmail/gpgparams
pass init pass-key
pass init "${KEY_ID:-"pass-key"}"
# Login
/protonmail/proton-bridge --cli $@
do_login="/protonmail/proton-bridge --cli $*"
if [[ "x${PROTONMAIL_USERNAME}" != "x" && "x${PROTONMAIL_PASSWORD}" != "x" ]]; then
# automated login if both username and password are set
do_login="/protonmail/login.exp ${do_login}"
fi
$do_login
# copy gnupg files to default path
mkdir -p /root/.gnupg
kill "$(pidof gpg-agent)"
cp -a "${GNUPGHOME}/" /root/.gnupg/
else

58
build/login.exp Normal file
View File

@@ -0,0 +1,58 @@
#!/usr/bin/expect -f
set timeout 15;
spawn {*}$argv ;
# wait for inital prompt
expect {
">>> " {
# protonmail-bridge started without error, do nothing
}
timeout {
exit 2
}
}
send "login\r"
expect {
"Username: " {
# login start, enter username
}
timeout {
exit 2
}
}
send "$env(PROTONMAIL_USERNAME)\r"
expect {
"Password: " {
# username entered, enter password
}
timeout {
exit 2
}
}
stty -echo
sleep 1
send "$env(PROTONMAIL_PASSWORD)\r"
stty echo
expect {
"was added successfully." {
# login ok
exit 0
}
"Server error" {
# login failed
exit 1
}
timeout {
exit 2
}
}