Add linux/arm/v7

Signed-off-by: Jeffrey Stoke <me@arhat.dev>

.github/workflows/build.yaml

@@ -1,138 +0,0 @@
-name: build from source
-
-on:
-  push:
-    branches:
-      - master
-      - dev
-    paths:
-      - .github/workflows/build.yaml
-      - build/*
-  pull_request:
-    paths:
-      - .github/workflows/build.yaml
-      - build/*
-
-env:
-  DOCKER_REPO: shenxn/protonmail-bridge
-  DOCKER_REPO_DEV: ghcr.io/shenxn/protonmail-bridge-dev
-  PLATFORMS: linux/amd64,linux/arm64/v8,linux/arm/v7,linux/riscv64
-
-jobs:
-  build-binary:
-    runs-on: ubuntu-22.04
-    strategy:
-      matrix:
-        arch: ["amd64", "arm64", "arm", "riscv64"]
-      fail-fast: true
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          path: main
-      - name: Set version
-        id: version
-        run: echo "version=`cat main/build/VERSION`" >> $GITHUB_OUTPUT
-      - name: Checkout proton bridge repo
-        uses: actions/checkout@v3
-        with:
-          repository: ProtonMail/proton-bridge
-          ref: v${{ steps.version.outputs.version }}
-          path: proton-bridge
-      - name: Set up golang
-        uses: actions/setup-go@v3
-        with:
-          go-version: 1.18
-          check-latest: true
-      - name: Install dependencies
-        run: sudo apt-get install -y --no-install-recommends build-essential libsecret-1-dev
-      - name: Download go dep
-        if: ${{ matrix.arch == 'arm' }}
-        working-directory: proton-bridge
-        # Build once to download deps.
-        # This step is expected to fail.
-        run: make build-nogui || true
-        env:
-          GOARCH: ${{ matrix.arch }}
-      - name: Patch for 32 bit arch
-        if: ${{ matrix.arch == 'arm' }}
-        # For 32bit architectures, there was a overflow error on the parser
-        # This is a workaround for this problem found at:
-        #   https://github.com/antlr/antlr4/issues/2433#issuecomment-774514106
-        run: find $(go env GOPATH)/pkg/mod/github.com/\!proton\!mail/go-rfc5322*/ -type f -exec sed -i.bak 's/(1<</(int64(1)<</g' {} +
-      - name: Build binary
-        working-directory: proton-bridge
-        run: make build-nogui
-        env:
-          GOARCH: ${{ matrix.arch }}
-  # build:
-  #   runs-on: ubuntu-latest
-  #   services:
-  #     registry:
-  #       image: registry:2
-  #       ports:
-  #         - 5000:5000
-  #   steps:
-  #     - name: Checkout
-  #       uses: actions/checkout@master
-  #     - name: Set version
-  #       id: version
-  #       run: echo "::set-output name=version::`cat build/VERSION`"
-  #     - name: Set repo
-  #       id: repo
-  #       run: if [[ $GITHUB_REF == "refs/heads/master" ]]; then echo "::set-output name=repo::${DOCKER_REPO}"; else echo "::set-output name=repo::${DOCKER_REPO_DEV}"; fi
-  #     - name: Docker meta
-  #       id: docker_meta
-  #       uses: crazy-max/ghaction-docker-meta@v1
-  #       with:
-  #         images: ${{ steps.repo.outputs.repo }}
-  #     - name: Set up QEMU
-  #       uses: docker/setup-qemu-action@v1
-  #     - name: Set up Docker Buildx
-  #       uses: docker/setup-buildx-action@v1
-  #       with:
-  #         driver-opts: network=host
-  #     - name: Build image without push to registry
-  #       uses: docker/build-push-action@v2
-  #       with:
-  #         context: ./build
-  #         file: ./build/Dockerfile
-  #         platforms: ${{ env.PLATFORMS }}
-  #         push: true
-  #         tags: localhost:5000/protonmail-bridge:latest
-  #     - name: Scan image
-  #       id: scan
-  #       uses: anchore/scan-action@v2
-  #       with:
-  #         image: localhost:5000/protonmail-bridge:latest
-  #         fail-build: true
-  #         severity-cutoff: critical
-  #         acs-report-enable: true
-  #     - name: Upload Anchore scan SARIF report
-  #       uses: github/codeql-action/upload-sarif@v1
-  #       with:
-  #         sarif_file: ${{ steps.scan.outputs.sarif }}
-  #     - name: Login to DockerHub
-  #       uses: docker/login-action@v1
-  #       if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/master' }}
-  #       with:
-  #         username: ${{ secrets.REGISTRY_USERNAME }}
-  #         password: ${{ secrets.REGISTRY_PASSWORD }}
-  #     - name: Login to GitHub Container Registry
-  #       uses: docker/login-action@v1
-  #       if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/dev' }}
-  #       with:
-  #         registry: ghcr.io
-  #         username: ${{ github.repository_owner }}
-  #         password: ${{ secrets.CR_PAT }}
-  #     - name: Push image
-  #       uses: docker/build-push-action@v2
-  #       with:
-  #         context: ./build
-  #         file: ./build/Dockerfile
-  #         platforms: ${{ env.PLATFORMS }}
-  #         tags: |
-  #           ${{ steps.repo.outputs.repo }}:build
-  #           ${{ steps.repo.outputs.repo }}:${{ steps.version.outputs.version }}-build
-  #         labels: ${{ steps.docker_meta.outputs.labels }}
-  #         push: ${{ github.event_name != 'pull_request' }}

.github/workflows/next.yaml

@@ -1,31 +1,42 @@
-name: pack from deb
+name: build next
 
 on:
   push:
     branches:
-      - master
-      - dev
+      - next
     paths:
-      - .github/workflows/deb.yaml
-      - deb/*
+      - .github/workflows/next.yaml
+      - docker/*
+      - protonmail_version/*
+      - VERSION
   pull_request:
     paths:
-      - .github/workflows/deb.yaml
-      - deb/*
+      - .github/workflows/next.yaml
+      - docker/*
+      - protonmail_version/*
+      - VERSION
 
 env:
-  DOCKER_REPO: shenxn/protonmail-bridge
-  DOCKER_REPO_DEV: ghcr.io/shenxn/protonmail-bridge-dev
+  DOCKER_REPO: shenxn/protonmail-bridge-ng
+  DOCKER_REPO_DEV: ghcr.io/shenxn/protonmail-bridge-ng-dev
+  PLATFORMS: linux/amd64,linux/arm64/v8,linux/arm/v7
 
 jobs:
-  deb:
+  build:
     runs-on: ubuntu-latest
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
     steps:
       - name: Checkout
         uses: actions/checkout@master
       - name: Set version
         id: version
-        run: echo "::set-output name=version::`cat deb/VERSION`"
+        run: |
+          echo "::set-output name=image_version::$(cat VERSION)" && \
+          echo "::set-output name=protonmail_bridge_version::$(cat protonmail_bridge_version/VERSION_LATEST)"
       - name: Set repo
         id: repo
         run: if [[ $GITHUB_REF == "refs/heads/master" ]]; then echo "::set-output name=repo::${DOCKER_REPO}"; else echo "::set-output name=repo::${DOCKER_REPO_DEV}"; fi
@@ -34,20 +45,26 @@ jobs:
         uses: crazy-max/ghaction-docker-meta@v1
         with:
           images: ${{ steps.repo.outputs.repo }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
-      - name: Build image without push
+        with:
+          driver-opts: network=host
+      - name: Build image without push to registry
         uses: docker/build-push-action@v2
         with:
-          context: ./deb
-          file: ./deb/Dockerfile
-          load: true
-          tags: protonmail-bridge:latest
+          context: ./docker
+          file: ./docker/Dockerfile
+          build-args: PROTONMAIL_BRIDGE_VERSION=${{ steps.version.outputs.protonmail_bridge_version }}
+          platforms: ${{ env.PLATFORMS }}
+          push: true
+          tags: localhost:5000/protonmail-bridge:latest
       - name: Scan image
         id: scan
         uses: anchore/scan-action@v2
         with:
-          image: protonmail-bridge:latest
+          image: localhost:5000/protonmail-bridge:latest
           fail-build: true
           severity-cutoff: critical
           acs-report-enable: true
@@ -63,7 +80,7 @@ jobs:
           password: ${{ secrets.REGISTRY_PASSWORD }}
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v1
-        if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/dev' }}
+        if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/next' }}
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
@@ -71,10 +88,12 @@ jobs:
       - name: Push image
         uses: docker/build-push-action@v2
         with:
-          context: ./deb
-          file: ./deb/Dockerfile
+          context: ./docker
+          file: ./docker/Dockerfile
+          build-args: PROTONMAIL_BRIDGE_VERSION=${{ steps.version.outputs.protonmail_bridge_version }}
+          platforms: ${{ env.PLATFORMS }}
           tags: |
             ${{ steps.repo.outputs.repo }}:latest
-            ${{ steps.repo.outputs.repo }}:${{ steps.version.outputs.version }}
+            ${{ steps.repo.outputs.repo }}:${{ steps.version.outputs.image_version }}-${{ steps.version.outputs.protonmail_bridge_version }}
           labels: ${{ steps.docker_meta.outputs.labels }}
           push: ${{ github.event_name != 'pull_request' }}

.gitignore

@@ -1,3 +0,0 @@
-# Ignoring IDE-specific files
-.idea/*
-.vscode

README.md

@@ -12,6 +12,10 @@ Docker Hub: [https://hub.docker.com/r/shenxn/protonmail-bridge](https://hub.dock
 
 GitHub: [https://github.com/shenxn/protonmail-bridge-docker](https://github.com/shenxn/protonmail-bridge-docker)
 
+## ARMv7 Builds
+
+Currently there is a problem building the new parser targeting 32-bit architectures (i.e. `arm/v7`). The latest working build is `1.4.5-build`. Therefore, if you are using an `arm/v7` device like Raspberry Pi, do not upgrade to newer version. More information about the problem can be found [here](https://www.reddit.com/r/ProtonMail/comments/jvzm12/issue_building_bridge_150/). If you have any idea on how to fix this, a PR is welcome.
+
 ## ARM Support
 
 We now support ARM devices (`arm64` and `arm/v7`)! Use the images tagged with `build`. See next section for details.
@@ -20,31 +24,42 @@ We now support ARM devices (`arm64` and `arm/v7`)! Use the images tagged with `b
 
 There are two types of images.
  - `deb`: Images based on the official [.deb release](https://protonmail.com/bridge/install). It only supports the `amd64` architecture.
- - `build`: Images based on the [source code](https://github.com/ProtonMail/proton-bridge). It supports `amd64`, `arm64`, `arm/v7` and `riscv64`. Supporting to more architectures is possible. PRs are welcome.
+ - `build`: Images based on the [source code](https://github.com/ProtonMail/proton-bridge). It supports `amd64`, `arm64`, and `arm/v7`. Supporting to more architectures is possible. PRs are welcome.
 
-tag | description
- -- | --
-`latest` | latest `deb` image
-`[version]` | `deb` images
-`build` | latest `build` image
-`[version]-build` | `build` images
+| tag               | description          |
+| ----------------- | -------------------- |
+| `latest`          | latest `deb` image   |
+| `[version]`       | `deb` images         |
+| `build`           | latest `build` image |
+| `[version]-build` | `build` images       |
+
+## Environment Variables for images with `build` in tag
+
+| Name                  | Description                                                                       | Default Value |
+| --------------------- | --------------------------------------------------------------------------------- | ------------- |
+| `PROTONMAIL_USERNAME` | your protonmail account username                                                  | (not set)     |
+| `PROTONMAIL_PASSWORD` | the password for your protonmail account                                          | (not set)     |
+| `KEY_ID`              | the pgp-id for the internal password manager required by protonmail-bridge        | `pass-key`    |
+| `GNUPGHOME`           | change the defulat `/root/.gnupg` to this directory as a workaround for gpg error | `/tmp/gnupg`  |
 
 ## Initialization
 
 To initialize and add account to the bridge, run the following command.
 
-```
-docker run --rm -it -v protonmail:/root shenxn/protonmail-bridge init
+```bash
+docker run --rm -it -v protonmail:/home/protonmail shenxn/protonmail-bridge init
 ```
 
 Wait for the bridge to startup, use `login` command and follow the instructions to add your account into the bridge. Then use `info` to see the configuration information (username and password). After that, use `exit` to exit the bridge. You may need `CTRL+C` to exit the docker entirely.
 
+__NOTE:__ If you have `PROTONMAIL_USERNAME` and `PROTONMAIL_PASSWORD` set for `docker run` with `-e`, the login process will finish automatically.
+
 ## Run
 
 To run the container, use the following command.
 
-```
-docker run -d --name=protonmail-bridge -v protonmail:/root -p 1025:25/tcp -p 1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
+```bash
+docker run -d --name=protonmail-bridge -v protonmail:/home/protonmail -p 1025:25/tcp -p 1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
 ```
 
 ## Kubernetes
@@ -57,8 +72,8 @@ If you don't want to use Helm, you can also reference to the guide ([#6](https:/
 
 Please be aware that running the command above will expose your bridge to the network. Remember to use firewall if you are going to run this in an untrusted network or on a machine that has public IP address. You can also use the following command to publish the port to only localhost, which is the same behavior as the official bridge package.
 
-```
-docker run -d --name=protonmail-bridge -v protonmail:/root -p 127.0.0.1:1025:25/tcp -p 127.0.0.1:1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
+```bash
+docker run -d --name=protonmail-bridge -v protonmail:/home/protonmail -p 127.0.0.1:1025:25/tcp -p 127.0.0.1:1143:143/tcp --restart=unless-stopped shenxn/protonmail-bridge
 ```
 
 Besides, you can publish only port 25 (SMTP) if you don't need to receive any email (e.g. as a email notification service).

VERSION

@@ -0,0 +1 @@
+0.1

build/.dockerignore

@@ -1,8 +0,0 @@
-*
-
-!.dockerignore
-!VERSION
-!entrypoint.sh
-!gpgparams
-!Dockerfile
-!build.sh

build/Dockerfile

@@ -1,30 +0,0 @@
-# Use carlosedp/golang for riscv64 support
-FROM carlosedp/golang:1.18 AS build
-
-# Install dependencies
-RUN apt-get update && apt-get install -y git build-essential libsecret-1-dev
-
-# Build
-WORKDIR /build/
-COPY build.sh VERSION /build/
-RUN bash build.sh
-
-FROM ubuntu:jammy
-LABEL maintainer="Xiaonan Shen <s@sxn.dev>"
-
-EXPOSE 25/tcp
-EXPOSE 143/tcp
-
-# Install dependencies and protonmail bridge
-RUN apt-get update \
-    && apt-get install -y --no-install-recommends socat pass libsecret-1-0 ca-certificates \
-    && rm -rf /var/lib/apt/lists/*
-
-# Copy bash scripts
-COPY gpgparams entrypoint.sh /protonmail/
-
-# Copy protonmail
-COPY --from=build /build/proton-bridge/bridge /protonmail/
-COPY --from=build /build/proton-bridge/proton-bridge /protonmail/
-
-ENTRYPOINT ["bash", "/protonmail/entrypoint.sh"]

build/VERSION

@@ -1 +0,0 @@
-3.0.9

build/build.sh

@@ -1,23 +0,0 @@
-#!/bin/bash
-
-set -ex
-
-VERSION=`cat VERSION`
-
-# Clone new code
-git clone https://github.com/ProtonMail/proton-bridge.git
-cd proton-bridge
-git checkout v$VERSION
-
-ARCH=$(uname -m)
-if [[ $ARCH == "armv7l" ]] ; then
-	# This is expected to fail, and we use the following patch to fix
-	make build-nogui || true
-	# For 32bit architectures, there was a overflow error on the parser
-	# This is a workaround for this problem found at:
-	#   https://github.com/antlr/antlr4/issues/2433#issuecomment-774514106
-	find $(go env GOPATH)/pkg/mod/github.com/\!proton\!mail/go-rfc5322*/ -type f -exec sed -i.bak 's/(1<</(int64(1)<</g' {} +
-fi
-
-# Build
-make build-nogui

build/entrypoint.sh

@@ -1,35 +0,0 @@
-#!/bin/bash
-
-set -ex
-
-# Initialize
-if [[ $1 == init ]]; then
-
-    # Initialize pass
-    gpg --generate-key --batch /protonmail/gpgparams
-    pass init pass-key
-    
-    # Kill the other instance as only one can be running at a time.
-    # This allows users to run entrypoint init inside a running conainter
-    # which is useful in a k8s environment.
-    # || true to make sure this would not fail in case there is no running instance.
-    pkill protonmail-bridge || true
-
-    # Login
-    /protonmail/proton-bridge --cli $@
-
-else
-
-    # socat will make the conn appear to come from 127.0.0.1
-    # ProtonMail Bridge currently expects that.
-    # It also allows us to bind to the real ports :)
-    socat TCP-LISTEN:25,fork TCP:127.0.0.1:1025 &
-    socat TCP-LISTEN:143,fork TCP:127.0.0.1:1143 &
-
-    # Start protonmail
-    # Fake a terminal, so it does not quit because of EOF...
-    rm -f faketty
-    mkfifo faketty
-    cat faketty | /protonmail/proton-bridge --cli $@
-
-fi

build/install-golang.sh

@@ -1,11 +0,0 @@
-#!/bin/bash
-
-set -ex
-
-GOLANG_VERSION=1.18.7
-
-ARCH=$(uname -m)
-if [[ $ARCH == "riscv64" ]]; then
-    # There is no official riscv64 release. Use carlosedp/riscv-bringup instead.
-    wget
-

deb/.dockerignore

@@ -1,8 +0,0 @@
-*
-
-!.dockerignore
-!VERSION
-!entrypoint.sh
-!install.sh
-!gpgparams
-!Dockerfile

deb/Dockerfile

@@ -1,15 +0,0 @@
-FROM ubuntu:bionic
-LABEL maintainer="Xiaonan Shen <s@sxn.dev>"
-
-EXPOSE 25/tcp
-EXPOSE 143/tcp
-
-WORKDIR /protonmail
-
-# Copy bash scripts
-COPY gpgparams install.sh entrypoint.sh VERSION /protonmail/
-
-# Install dependencies and protonmail bridge
-RUN bash install.sh
-
-ENTRYPOINT ["bash", "/protonmail/entrypoint.sh"]

deb/VERSION

@@ -1 +0,0 @@
-2.3.0-1

deb/entrypoint.sh

@@ -1,49 +0,0 @@
-#!/bin/bash
-
-set -ex
-
-# Initialize
-if [[ $1 == init ]]; then
-
-    # # Parse parameters
-    # TFP=""  # Default empty two factor passcode
-    # shift  # skip `init`
-    # while [[ $# -gt 0 ]]; do
-    #     key="$1"
-    #     case $key in
-    #         -u|--username)
-    #         USERNAME="$2"
-    #         ;;
-    #         -p|--password)
-    #         PASSWORD="$2"
-    #         ;;
-    #         -t|--twofactor)
-    #         TWOFACTOR="$2"
-    #         ;;
-    #     esac
-    #     shift
-    #     shift
-    # done
-
-    # Initialize pass
-    gpg --generate-key --batch /protonmail/gpgparams
-    pass init pass-key
-
-    # Login
-    protonmail-bridge --cli
-
-else
-
-    # socat will make the conn appear to come from 127.0.0.1
-    # ProtonMail Bridge currently expects that.
-    # It also allows us to bind to the real ports :)
-    socat TCP-LISTEN:25,fork TCP:127.0.0.1:1025 &
-    socat TCP-LISTEN:143,fork TCP:127.0.0.1:1143 &
-
-    # Start protonmail
-    # Fake a terminal, so it does not quit because of EOF...
-    rm -f faketty
-    mkfifo faketty
-    cat faketty | protonmail-bridge --cli
-
-fi

deb/gpgparams

@@ -1,8 +0,0 @@
-%no-protection
-%echo Generating a basic OpenPGP key
-Key-Type: RSA
-Key-Length: 2048
-Name-Real: pass-key
-Expire-Date: 0
-%commit
-%echo done

deb/install.sh

@@ -1,36 +0,0 @@
-#!/bin/bash
-
-set -ex
-
-VERSION=`cat VERSION`
-DEB_FILE=protonmail-bridge_${VERSION}_amd64.deb
-
-# Install dependents
-apt-get update
-apt-get install -y --no-install-recommends socat pass ca-certificates
-
-# Build time dependencies
-apt-get install -y wget binutils xz-utils
-
-# Repack deb (remove unnecessary dependencies)
-mkdir deb
-cd deb
-wget -q https://protonmail.com/download/bridge/${DEB_FILE}
-ar x -v ${DEB_FILE}
-mkdir control
-tar zxvf control.tar.gz -C control
-sed -i "s/^Depends: .*$/Depends: libgl1, libc6, libsecret-1-0, libstdc++6, libgcc1/" control/control
-cd control
-tar zcvf ../control.tar.gz .
-cd ../
-ar rcs -v ${DEB_FILE} debian-binary control.tar.gz data.tar.gz
-cd ../
-
-# Install protonmail bridge
-apt-get install -y --no-install-recommends ./deb/${DEB_FILE}
-
-# Cleanup
-apt-get purge -y wget binutils xz-utils
-apt-get autoremove -y
-rm -rf /var/lib/apt/lists/*
-rm -rf deb

docker/Dockerfile

@@ -0,0 +1,42 @@
+FROM golang:1.16 AS build
+
+# Install dependencies
+RUN apt-get update && apt-get install -y libsecret-1-dev
+
+ARG PROTONMAIL_BRIDGE_VERSION
+
+# Build
+WORKDIR /build/
+RUN curl -L https://github.com/ProtonMail/proton-bridge/archive/refs/tags/${PROTONMAIL_BRIDGE_VERSION}.tar.gz \
+        | tar zx --strip-component 1
+RUN make build-nogui
+
+FROM ubuntu:bionic
+LABEL maintainer="Xiaonan Shen <s@sxn.dev>"
+
+EXPOSE 25/tcp
+EXPOSE 143/tcp
+
+# Install dependencies
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+        expect socat pass libsecret-1-0 ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+ENV PATH="/srv/protonmail:$PATH"
+
+# Copy protonmail
+COPY --from=build /build/proton-bridge /srv/protonmail/
+
+# Copy bash scripts
+COPY gpgparams entrypoint.sh auto-login.exp login.sh /srv/protonmail/
+
+# Create use and group for protonmail
+RUN groupadd --gid 8535 protonmail \
+    && useradd --uid 8535 --gid 8535 --home-dir /protonmail protonmail \
+    && mkdir /protonmail \
+    && chown protonmail:protonmail /protonmail
+USER protonmail
+WORKDIR /protonmail
+
+ENTRYPOINT ["bash", "/srv/protonmail/entrypoint.sh"]

docker/VERSION

@@ -0,0 +1 @@
+v1.8.9

docker/auto-login.exp

@@ -0,0 +1,98 @@
+#!/usr/bin/expect -f
+
+set timeout 15;
+
+spawn proton-bridge -cli {*}$argv ;
+
+# wait for inital prompt
+expect {
+  ">>> " {
+    # protonmail-bridge started without error, do nothing
+  }
+
+  timeout {
+    puts "Timed out"
+    exit 2
+  }
+}
+
+send "login\n"
+expect {
+  "Username: " {
+    # login start, enter username
+  }
+
+  timeout {
+    puts "Timed out"
+    exit 2
+  }
+}
+
+send "$::env(PROTONMAIL_USERNAME)\n"
+expect {
+  "Password: " {
+    # username entered, enter password
+  }
+
+  timeout {
+    puts "Timed out"
+    exit 2
+  }
+}
+
+stty -echo
+sleep 1
+send "$::env(PROTONMAIL_PASSWORD)\n"
+stty echo
+expect {
+  "was added successfully." {
+    # login ok
+  }
+
+  "Two factor code: " {
+    # 2FA enabled, enter OTP
+    if ![info exists ::env(PROTONMAIL_OTP)] {
+      puts "\n2FA enabled but PROTONMAIL_OTP is not set. Exiting"
+      exit 1
+    }
+    send "$::env(PROTONMAIL_OTP)\n"
+    expect {
+      "was added successfully." {
+        # login ok
+      }
+
+      "Server error" {
+        # login failed
+        exit 1
+      }
+
+      timeout {
+        puts "Timed out"
+        exit 2
+      }
+    }
+  }
+
+  "Server error" {
+    # login failed
+    exit 1
+  }
+
+  timeout {
+    puts "Timed out"
+    exit 2
+  }
+}
+
+send "info\n"
+expect {
+  "Configuration for " {
+    # successfully got info. Wait for printing
+    sleep 1
+  }
+
+  timeout {
+    puts "Timed out"
+    exit 2
+  }
+}

docker/entrypoint.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+
+set -e
+
+# Generate gpg keys
+if [ ! -f ${HOME}/.gnupg ]; then
+    echo "Generateing gpg keys..."
+    # set GNUPGHOME as a workaround for
+    #
+    #   gpg-agent[106]: error binding socket to '/root/.gnupg/S.gpg-agent': File name too long
+    #
+    # when using docker volume mount
+    #
+    # ref: https://dev.gnupg.org/T2964
+    #
+    export GNUPGHOME=/tmp/gnupg
+    mkdir ${GNUPGHOME}
+    chmod 700 ${GNUPGHOME}
+    gpg --generate-key --batch /srv/protonmail/gpgparams
+    pkill gpg-agent
+    mv ${GNUPGHOME} ${HOME}/.gnupg
+    export GNUPGHOME=""
+fi
+
+# Initialize pass
+if [ ! -f ${HOME}/.password-store/.gpg-id ]; then
+    echo "Initializing pass"
+    pass init pass-key
+fi
+
+# Login
+if [ ! -f ${HOME}/.logged-in ]; then
+    if [[ -n ${PROTONMAIL_USERNAME} && -n ${PROTONMAIL_PASSWORD} ]]; then
+        echo "Logging in"
+        auto-login.exp $@
+        echo "" > ${HOME}/.logged-in
+    else
+        # Wait for manual login
+        echo "=============================================================================="
+        echo "PROTONMAIL_USERNAME or PROTONMAIL_PASSWORD is not set. Will not do auto login."
+        echo "Run docker exec -it protonmail login.sh to login manually."
+        echo "Waiting for manual login..."
+        while [ ! -f ${HOME}/.logged-in ]; do
+            sleep 5
+        done
+    fi
+fi
+
+echo "Logged in flag detected. Starting protonmail bridge"
+
+
+# socat will make the conn appear to come from 127.0.0.1
+# ProtonMail Bridge currently expects that.
+# It also allows us to bind to the real ports :)
+socat TCP-LISTEN:2025,fork TCP:127.0.0.1:1025 &
+socat TCP-LISTEN:2143,fork TCP:127.0.0.1:1143 &
+
+# Start protonmail
+# Fake a terminal, so it does not quit because of EOF...
+rm -f faketty
+mkfifo faketty
+cat faketty | proton-bridge --cli $@

docker/login.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+echo "Start manual login"
+echo "========================================================================"
+echo "IMPORTANT: Use `exit` instead of CTRL-C when you successfully logged in."
+echo "Otherwise protonmail bridge will not start."
+echo "========================================================================"
+
+proton-bridge -cli
+
+echo "Consider logged in. Add flag."
+echo "" > $HOME/.logged-in

protonmail_bridge_version/VERSION_LATEST

@@ -0,0 +1 @@
+v1.8.7

protonmail_bridge_version/VERSION_PRE

@@ -0,0 +1 @@
+v1.8.9

version-config.yaml

@@ -0,0 +1,4 @@
+image_version: 0.1
+protonmail_version:
+  latest: v1.8.7  # Latest stable version
+  pre: v1.8.9  # Latest preview version