From af8b1657ab51db4b7f4c0d7089373e9f24b27965 Mon Sep 17 00:00:00 2001
From: Daniel Panteleit <panteleit@cs.uni-bonn.de>
Date: Sun, 23 Jul 2017 19:38:34 +0200
Subject: [PATCH] Dockerfile cleanup (#665)

---
 Dockerfile | 81 ++++++++++++++++++++++++++++++++----------------------
 1 file changed, 48 insertions(+), 33 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 677394a1..384dbe13 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,9 +8,7 @@ ENV ONE_DIR=0
 # Packages
 RUN apt-get update -q --fix-missing && \
   apt-get -y upgrade && \
-  apt-get -y install postfix
-RUN apt-get update -q --fix-missing && \
-  apt-get -y upgrade && \
+  apt-get -y install postfix && \
   apt-get -y install --no-install-recommends \
     amavisd-new \
     arj \
@@ -54,27 +52,38 @@ RUN apt-get update -q --fix-missing && \
     && \
   curl https://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add - && \
   echo "deb http://packages.elastic.co/beats/apt stable main" | tee -a /etc/apt/sources.list.d/beats.list && \
-  apt-get update -q --fix-missing && apt-get -y upgrade fail2ban filebeat && \
-  apt-get autoclean && rm -rf /var/lib/apt/lists/* && \
-  rm -rf /usr/share/locale/* && rm -rf /usr/share/man/* && rm -rf /usr/share/doc/* && \
-  touch /var/log/auth.log && update-locale
+  apt-get update -q --fix-missing && \
+  apt-get -y upgrade \
+    fail2ban \
+    filebeat \
+    && \
+  apt-get autoclean && \
+  rm -rf /var/lib/apt/lists/* && \
+  rm -rf /usr/share/locale/* && \
+  rm -rf /usr/share/man/* && \
+  rm -rf /usr/share/doc/* && \
+  touch /var/log/auth.log && \
+  update-locale
 
 # Enables Clamav
-RUN (echo "0 0,6,12,18 * * * /usr/bin/freshclam --quiet" ; crontab -l) | crontab -
-RUN chmod 644 /etc/clamav/freshclam.conf && freshclam
+RUN (echo "0 0,6,12,18 * * * /usr/bin/freshclam --quiet" ; crontab -l) | crontab - && \
+  chmod 644 /etc/clamav/freshclam.conf && \
+  freshclam
 
 # Configures Dovecot
-RUN sed -i -e 's/include_try \/usr\/share\/dovecot\/protocols\.d/include_try \/etc\/dovecot\/protocols\.d/g' /etc/dovecot/dovecot.conf
-RUN sed -i -e 's/#mail_plugins = \$mail_plugins/mail_plugins = \$mail_plugins sieve/g' /etc/dovecot/conf.d/15-lda.conf
-RUN sed -i -e 's/^.*lda_mailbox_autocreate.*/lda_mailbox_autocreate = yes/g' /etc/dovecot/conf.d/15-lda.conf
-RUN sed -i -e 's/^.*lda_mailbox_autosubscribe.*/lda_mailbox_autosubscribe = yes/g' /etc/dovecot/conf.d/15-lda.conf
-RUN sed -i -e 's/^.*postmaster_address.*/postmaster_address = '${POSTMASTER_ADDRESS:="postmaster@domain.com"}'/g' /etc/dovecot/conf.d/15-lda.conf
-RUN sed -i 's/#imap_idle_notify_interval = 2 mins/imap_idle_notify_interval = 29 mins/' /etc/dovecot/conf.d/20-imap.conf
-COPY target/dovecot/auth-passwdfile.inc /etc/dovecot/conf.d/
-COPY target/dovecot/??-*.conf /etc/dovecot/conf.d/
-RUN cd /usr/share/dovecot && ./mkcert.sh
-RUN mkdir /usr/lib/dovecot/sieve-pipe && chmod 755 /usr/lib/dovecot/sieve-pipe
-RUN mkdir /usr/lib/dovecot/sieve-filter && chmod 755 /usr/lib/dovecot/sieve-filter
+COPY target/dovecot/auth-passwdfile.inc target/dovecot/??-*.conf /etc/dovecot/conf.d/
+RUN sed -i -e 's/include_try \/usr\/share\/dovecot\/protocols\.d/include_try \/etc\/dovecot\/protocols\.d/g' /etc/dovecot/dovecot.conf && \
+  sed -i -e 's/#mail_plugins = \$mail_plugins/mail_plugins = \$mail_plugins sieve/g' /etc/dovecot/conf.d/15-lda.conf && \
+  sed -i -e 's/^.*lda_mailbox_autocreate.*/lda_mailbox_autocreate = yes/g' /etc/dovecot/conf.d/15-lda.conf && \
+  sed -i -e 's/^.*lda_mailbox_autosubscribe.*/lda_mailbox_autosubscribe = yes/g' /etc/dovecot/conf.d/15-lda.conf && \
+  sed -i -e 's/^.*postmaster_address.*/postmaster_address = '${POSTMASTER_ADDRESS:="postmaster@domain.com"}'/g' /etc/dovecot/conf.d/15-lda.conf && \
+  sed -i 's/#imap_idle_notify_interval = 2 mins/imap_idle_notify_interval = 29 mins/' /etc/dovecot/conf.d/20-imap.conf && \
+  cd /usr/share/dovecot && \
+  ./mkcert.sh  && \
+  mkdir /usr/lib/dovecot/sieve-pipe && \
+  chmod 755 /usr/lib/dovecot/sieve-pipe  && \
+  mkdir /usr/lib/dovecot/sieve-filter && \
+  chmod 755 /usr/lib/dovecot/sieve-filter
 
 # Configures LDAP
 COPY target/dovecot/dovecot-ldap.conf.ext /etc/dovecot
@@ -86,16 +95,17 @@ RUN sed -i -r 's/^(CRON)=0/\1=1/g' /etc/default/spamassassin
 # Enables Postgrey
 COPY target/postgrey/postgrey /etc/default/postgrey
 COPY target/postgrey/postgrey.init /etc/init.d/postgrey
-RUN chmod 755 /etc/init.d/postgrey
-RUN mkdir /var/run/postgrey
-RUN chown postgrey:postgrey /var/run/postgrey
+RUN chmod 755 /etc/init.d/postgrey && \
+  mkdir /var/run/postgrey && \
+  chown postgrey:postgrey /var/run/postgrey
 
 # Enables Amavis
-RUN sed -i -r 's/#(@|   \\%)bypass/\1bypass/g' /etc/amavis/conf.d/15-content_filter_mode
 COPY target/amavis/conf.d/60-dms_default_config /etc/amavis/conf.d/
-RUN adduser clamav amavis && adduser amavis clamav
-RUN useradd -u 5000 -d /home/docker -s /bin/bash -p $(echo docker | openssl passwd -1 -stdin) docker
-RUN (echo "0 4 * * * /usr/local/bin/virus-wiper" ; crontab -l) | crontab -
+RUN sed -i -r 's/#(@|   \\%)bypass/\1bypass/g' /etc/amavis/conf.d/15-content_filter_mode && \
+  adduser clamav amavis && \
+  adduser amavis clamav && \
+  useradd -u 5000 -d /home/docker -s /bin/bash -p $(echo docker | openssl passwd -1 -stdin) docker && \
+  (echo "0 4 * * * /usr/local/bin/virus-wiper" ; crontab -l) | crontab -
 
 # Configure Fail2ban
 COPY target/fail2ban/jail.conf /etc/fail2ban/jail.conf
@@ -104,7 +114,9 @@ RUN echo "ignoreregex =" >> /etc/fail2ban/filter.d/postfix-sasl.conf
 
 # Enables Pyzor and Razor
 USER amavis
-RUN razor-admin -create && razor-admin -register && pyzor discover
+RUN razor-admin -create && \
+  razor-admin -register && \
+  pyzor discover
 USER root
 
 # Configure DKIM (opendkim)
@@ -123,14 +135,17 @@ RUN sed -i 's/START_DAEMON=no/START_DAEMON=yes/g' /etc/default/fetchmail
 
 # Configures Postfix
 COPY target/postfix/main.cf target/postfix/master.cf /etc/postfix/
-RUN echo "" > /etc/aliases
-RUN openssl dhparam -out /etc/postfix/dhparams.pem 2048
+RUN echo "" > /etc/aliases && \
+  openssl dhparam -out /etc/postfix/dhparams.pem 2048
 
 # Configuring Logs
 RUN sed -i -r "/^#?compress/c\compress\ncopytruncate" /etc/logrotate.conf && \
-  mkdir -p /var/log/mail && chown syslog:root /var/log/mail && \
-  touch /var/log/mail/clamav.log && chown -R clamav:root /var/log/mail/clamav.log && \
-  touch /var/log/mail/freshclam.log &&  chown -R clamav:root /var/log/mail/freshclam.log && \
+  mkdir -p /var/log/mail && \
+  chown syslog:root /var/log/mail && \
+  touch /var/log/mail/clamav.log && \
+  chown -R clamav:root /var/log/mail/clamav.log && \
+  touch /var/log/mail/freshclam.log && \
+  chown -R clamav:root /var/log/mail/freshclam.log && \
   sed -i -r 's|/var/log/mail|/var/log/mail/mail|g' /etc/rsyslog.d/50-default.conf && \
   sed -i -r 's|;auth,authpriv.none|;mail.none;mail.error;auth,authpriv.none|g' /etc/rsyslog.d/50-default.conf && \
   sed -i -r 's|LogFile /var/log/clamav/|LogFile /var/log/mail/|g' /etc/clamav/clamd.conf && \