Upgrade to buster and remove filebeat

This commit is contained in:
Erik Wramner 2019-12-31 16:34:21 +01:00
parent 27d66cf11f
commit 91b2c9834e
3 changed files with 21 additions and 41 deletions

View file

@ -1,4 +1,4 @@
FROM debian:stretch-slim FROM debian:buster-slim
ARG VCS_REF ARG VCS_REF
ARG VCS_VERSION ARG VCS_VERSION
@ -29,10 +29,9 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Packages # Packages
# hadolint ignore=DL3015 # hadolint ignore=DL3015
RUN echo "deb http://http.debian.net/debian stretch-backports main" | tee -a /etc/apt/sources.list.d/stretch-bp.list && \ RUN \
apt-get update -q --fix-missing && \ apt-get update -q --fix-missing && \
apt-get -y install postfix && \ apt-get -y install postfix && \
# TODO installing postfix with --no-install-recommends makes "checking ssl: generated default cert works correctly" fail
apt-get -y install --no-install-recommends \ apt-get -y install --no-install-recommends \
amavisd-new \ amavisd-new \
apt-transport-https \ apt-transport-https \
@ -77,7 +76,8 @@ RUN echo "deb http://http.debian.net/debian stretch-backports main" | tee -a /et
postsrsd \ postsrsd \
pyzor \ pyzor \
razor \ razor \
ripole \ # TODO not present in buster?
#ripole \
rpm2cpio \ rpm2cpio \
rsyslog \ rsyslog \
sasl2-bin \ sasl2-bin \
@ -88,14 +88,15 @@ RUN echo "deb http://http.debian.net/debian stretch-backports main" | tee -a /et
unzip \ unzip \
whois \ whois \
xz-utils \ xz-utils \
zoo \ # TODO not present in buster?
&& \ #zoo \
#&& \
# use Dovecot community repo to react faster on security updates # use Dovecot community repo to react faster on security updates
curl https://repo.dovecot.org/DOVECOT-REPO-GPG | gpg --import && \ #curl https://repo.dovecot.org/DOVECOT-REPO-GPG | gpg --import && \
gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg && \ #gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg && \
echo "deb https://repo.dovecot.org/ce-2.3-latest/debian/stretch stretch main" > /etc/apt/sources.list.d/dovecot-community.list && \ #echo "deb https://repo.dovecot.org/ce-2.3-latest/debian/stretch stretch main" > /etc/apt/sources.list.d/dovecot-community.list && \
apt-get update -q --fix-missing && \ #apt-get update -q --fix-missing && \
apt-get -y install --no-install-recommends \ #apt-get -y install --no-install-recommends \
dovecot-core \ dovecot-core \
dovecot-imapd \ dovecot-imapd \
dovecot-ldap \ dovecot-ldap \
@ -117,15 +118,15 @@ RUN echo "deb http://http.debian.net/debian stretch-backports main" | tee -a /et
rm -f /etc/cron.daily/00logwatch rm -f /etc/cron.daily/00logwatch
# install filebeat for logging # install filebeat for logging
RUN curl https://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add - && \ # SKIP and run in an external container instead
echo "deb http://packages.elastic.co/beats/apt stable main" | tee -a /etc/apt/sources.list.d/beats.list && \ #RUN curl https://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add - && \
apt-get update -q --fix-missing && \ # echo "deb http://packages.elastic.co/beats/apt stable main" | tee -a /etc/apt/sources.list.d/beats.list && \
apt-get -y install --no-install-recommends \ # apt-get update -q --fix-missing && \
filebeat \ # apt-get -y install --no-install-recommends \
&& apt-get clean \ # filebeat \
&& rm -rf /var/lib/apt/lists/* # && apt-get clean \
# && rm -rf /var/lib/apt/lists/*
COPY target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl #COPY target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl
RUN echo "0 */6 * * * clamav /usr/bin/freshclam --quiet" > /etc/cron.d/clamav-freshclam && \ RUN echo "0 */6 * * * clamav /usr/bin/freshclam --quiet" > /etc/cron.d/clamav-freshclam && \
chmod 644 /etc/clamav/freshclam.conf && \ chmod 644 /etc/clamav/freshclam.conf && \

View file

@ -1,13 +0,0 @@
output:
logstash:
enabled: true
hosts:
- $ELK_HOST:$ELK_PORT
filebeat:
prospectors:
-
paths:
- /var/log/mail/mail.log
document_type: syslog

View file

@ -65,14 +65,6 @@ stdout_logfile=/var/log/supervisor/%(program_name)s.log
stderr_logfile=/var/log/supervisor/%(program_name)s.log stderr_logfile=/var/log/supervisor/%(program_name)s.log
command=/usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf command=/usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf
[program:filebeat]
startsecs=0
autostart=false
autorestart=true
stdout_logfile=/var/log/supervisor/%(program_name)s.log
stderr_logfile=/var/log/supervisor/%(program_name)s.log
command=/usr/bin/filebeat -c /etc/filebeat/filebeat.yml
[program:clamav] [program:clamav]
startsecs=0 startsecs=0
autostart=false autostart=false