Fix/frankenphp

.mkdocs.yaml

@@ -8,11 +8,11 @@ remote_branch: gh-pages
 theme: readthedocs
 markdown_extensions:
   - admonition
+  - pymdownx.fancylists
   - pymdownx.superfences
 exclude_docs: |
   example-configs/**
   requirements.txt
-
 nav:
   - Welcome: README.md
   - Quick Start:

Makefile

@@ -133,4 +133,4 @@ docs-build:
 
 .PHONY: docs-serve
 docs-serve:
-	mkdocs serve --strict -f .mkdocs.yaml
+	mkdocs serve --watch docs/ --strict -f .mkdocs.yaml

deploy/compose/web.yaml

@@ -7,7 +7,7 @@ services:
       context: ../../target/web
       args:
         # Roundcube plugins can be added here.
-        # See https://packagist.org/?type=roundcube-plugin
+        # Documentation available at docs/configuration/roundcube.md
         RC_PLUGINS: "johndoh/contextmenu jfcherng-roundcube/show-folder-size"
       cache_from:
         - type=registry,ref=ghcr.io/jeboehm/mailserver-web:buildcache

deploy/kustomize/common/configmap.yaml

@@ -20,4 +20,3 @@ data:
   RSPAMD_DNS_SERVERS: round-robin:unbound:53
   UNBOUND_DNS_ADDRESS: unbound:53
   WEB_HTTP_ADDRESS: web:80
-  WEB_PHP_ADDRESS: 127.0.0.1:9000

docs/administration/user-roles.md

@@ -2,27 +2,40 @@
 
 In `mailserver-admin`, there are three distinct user roles, each with different levels of access and permissions:
 
-1. **Admin**
-   - **Permissions**: Can perform all actions within the application.
-   - **Capabilities**:
-     - Manage all mail domains, users, aliases, and DKIM settings.
-     - Full access to all features and configurations.
-
-2. **Domain Admin**
-   - **Permissions**: Limited to managing users, aliases, and fetchmail accounts within their own domain.
-   - **Capabilities**:
-     - Create, update, and remove users within their domain.
-     - Define and manage mail aliases within their domain.
-     - Configure and manage fetchmail accounts within their domain.
-   - **Restrictions**:
-     - Cannot add or edit new domains.
-     - Cannot manage DKIM settings for any domain.
-
-3. **User**
-   - **Permissions**: Limited to managing their own fetchmail accounts.
-   - **Capabilities**:
-     - Login to the application.
-     - Configure and manage their personal fetchmail accounts.
-   - **Restrictions**:
-     - Cannot manage users, aliases, or domains.
-     - No access to DKIM settings or domain configurations.
+## Admin
+
+**Permissions**: Can perform all actions within the application.
+
+**Capabilities**:
+
+- Manage all mail domains, users, aliases, and DKIM settings
+- Full access to all features and configurations
+
+## Domain Admin
+
+**Permissions**: Limited to managing users, aliases, and fetchmail accounts within their own domain.
+
+**Capabilities**:
+
+- Create, update, and remove users within their domain
+- Define and manage mail aliases within their domain
+- Configure and manage fetchmail accounts within their domain
+
+**Restrictions**:
+
+- Cannot add or edit new domains
+- Cannot manage DKIM settings for any domain
+
+## User
+
+**Permissions**: Limited to managing their own fetchmail accounts.
+
+**Capabilities**:
+
+- Login to the application
+- Configure and manage their personal fetchmail accounts
+
+**Restrictions**:
+
+- Cannot manage users, aliases, or domains
+- No access to DKIM settings or domain configurations

docs/configuration/environment-variables.md

@@ -80,7 +80,6 @@ when you use Kubernetes or decide to rename services somehow.
 | `MTA_SMTP_ADDRESS`            | `mta:25`                 | Postfix SMTP service address            |
 | `MTA_SMTP_SUBMISSION_ADDRESS` | `mta:587`                | Postfix SMTP submission service address |
 | `WEB_HTTP_ADDRESS`            | `web:80`                 | Web interface HTTP address              |
-| `WEB_PHP_ADDRESS`             | `127.0.0.1:9000`         | PHP-FPM service address                 |
 | `RSPAMD_DNS_SERVERS`          | `round-robin:unbound:53` | DNS servers for RSpamd (Kubernetes)     |
 
 ### mailserver-admin Configuration

docs/development/mailserver-admin.md

@@ -1,7 +1,7 @@
 # Development Guide for mailserver-admin
 
 This document describes the development setup and workflow for the `mailserver-admin` project.
-The project is located in a separate repository: https://github.com/jeboehm/mailserver-admin/
+The project is located in a separate repository: [mailserver-admin](https://github.com/jeboehm/mailserver-admin).
 
 ## Technical Stack
 
@@ -32,26 +32,28 @@ The project uses [devenv](https://devenv.sh/) to provide a reproducible developm
 
 2. Start the development environment:
 
-   ```bash
-   devenv up
-   ```
+```bash
+devenv up
+```
 
-   This command will:
-   - Set up PHP 8.4 with required extensions (Redis, PDO MySQL, Xdebug)
-   - Start MySQL database server
-   - Start Redis server
-   - Start Caddy web server on port 8000
-   - Configure PHP-FPM pool for the web server
-   - Set up environment variables for database and Redis connections
+This command will:
+
+- Set up PHP 8.4 with required extensions (Redis, PDO MySQL, Xdebug)
+- Start MySQL database server
+- Start Redis server
+- Start Caddy web server on port 8000
+- Configure PHP-FPM pool for the web server
+- Set up environment variables for database and Redis connections
 
 3. Install dependencies:
-   ```bash
-   composer install
-   ```
+
+```bash
+composer install
+```
 
 ### Starting the Web Server
 
-**Important**: You must run `devenv up` to start the web server. This command starts all required services including:
+**Important**: You must run `devenv up` to start the web server. This command starts all required services:
 
 - **Caddy web server** on `http://localhost:8000`
 - **MySQL database** (accessible at `127.0.0.1`)
@@ -71,7 +73,7 @@ Fix code style issues using PHP CS Fixer:
 composer run csfix
 ```
 
-This command runs PHP CS Fixer with the configuration defined in `.php-cs-fixer.dist.php`. It applies PSR-2, Symfony, and PHP 8.0 migration rules to files in:
+This command runs PHP CS Fixer with the configuration defined in `.php-cs-fixer.dist.php`. It applies PSR-2, Symfony, and PHP 8.0 migration rules to the following directories:
 
 - `bin/`
 - `public/`
@@ -87,7 +89,7 @@ Run PHPStan to perform static analysis:
 composer run phpstan
 ```
 
-PHPStan is configured to analyze code at level 6 (as defined in `phpstan.dist.neon`) and checks:
+PHPStan is configured to analyze code at level 6 (as defined in `phpstan.dist.neon`) and checks the following directories:
 
 - `bin/`
 - `config/`
@@ -103,23 +105,13 @@ Execute the test suite:
 composer run test
 ```
 
-This runs PHPUnit with the configuration from `phpunit.dist.xml`. The test suite includes:
+This runs PHPUnit with the configuration from `phpunit.dist.xml`. The test suite includes the following:
 
 - Unit tests in `tests/Unit/`
 - Integration tests in `tests/Integration/`
 
 Tests run in the `test` environment and use the database configured in `.env.test`.
 
-### Test Coverage
-
-Generate test coverage report:
-
-```bash
-composer run coverage
-```
-
-This runs PHPUnit with Xdebug coverage enabled and outputs a text-based coverage report.
-
 ### Code Refactoring
 
 Run Rector to automatically refactor code:
@@ -151,7 +143,7 @@ Rector uses the configuration from `rector.php` to apply automated code improvem
 
 ## Debugging
 
-Xdebug is configured in the devenv setup with:
+Xdebug is configured in the devenv setup with the following settings:
 
 - Mode: `debug`
 - Client port: `9003`
@@ -165,16 +157,17 @@ When making database schema changes:
 
 1. Create a migration:
 
-   ```bash
-   php bin/console doctrine:migrations:generate
-   ```
+```bash
+php bin/console doctrine:migrations:generate
+```
 
 2. Edit the generated migration file in `migrations/`
 
 3. Run migrations:
-   ```bash
-   php bin/console doctrine:migrations:migrate
-   ```
+
+```bash
+php bin/console doctrine:migrations:migrate
+```
 
 ## Additional Resources
 

target/web/Dockerfile

@@ -14,8 +14,6 @@ ENV MYSQL_HOST=db \
     MDA_IMAP_ADDRESS=mda:31143 \
     MDA_MANAGESIEVE_ADDRESS=mda:4190 \
     MTA_SMTP_SUBMISSION_ADDRESS=mta:587 \
-    WEB_HTTP_ADDRESS=web:8080 \
-    WEB_PHP_ADDRESS=127.0.0.1:9000 \
     SUPPORT_URL=https://github.com/jeboehm/docker-mailserver \
     MAILNAME=mail.example.com \
     WAITSTART_TIMEOUT=1m \
@@ -25,20 +23,19 @@ ENV MYSQL_HOST=db \
 ARG FRANKENPHP_VER=v1.11.1 # renovate: depName=php/frankenphp
 RUN apk add --no-cache \
         curl && \
-    curl -sfOL https://github.com/php/frankenphp/releases/download/${FRANKENPHP_VER}/frankenphp-linux-x86_64 && \
-    chmod +x frankenphp-linux-x86_64 && \
-    mv frankenphp-linux-x86_64 /usr/bin/frankenphp && \
-    mkdir -p ${SERVER_ROOT} && \
     ln -sf /tmp /home/app && \
-    apk del --no-cache apk-tools
+    ARCH=$(uname -m) && \
+    curl -sfOL https://github.com/php/frankenphp/releases/download/${FRANKENPHP_VER}/frankenphp-linux-${ARCH} && \
+    chmod +x frankenphp-linux-${ARCH} && \
+    mv frankenphp-linux-${ARCH} /usr/bin/frankenphp
 
 RUN printf '#!/bin/sh\nexec frankenphp php-cli "$@"\n' > /usr/bin/php && \
     chmod +x /usr/bin/php
 
 FROM base AS composer
 
 ENV COMPOSER_ALLOW_SUPERUSER=1
-COPY --from=composer/composer:2.9.2@sha256:969fb900253c0e71645cf74257d6c9206304573e8b246d1bc57f8ac1d64e12f4 /usr/bin/composer /usr/local/bin/composer
+COPY --from=composer/composer:2.9.2@sha256:969fb900253c0e71645cf74257d6c9206304573e8b246d1bc57f8ac1d64e12f4 /usr/bin/composer /usr/bin/composer
 
 FROM composer AS roundcube-builder
 
@@ -57,6 +54,9 @@ RUN --mount=type=cache,target=/root/.composer \
     mkdir -p \
         temp/ \
         logs/ && \
+    chmod 777 \
+        temp/ \
+        logs/ && \
     if [ "${RC_PLUGINS}" != "" ]; then \
         composer require \
             --ignore-platform-reqs --prefer-dist --prefer-stable \
@@ -81,7 +81,11 @@ RUN curl -sSLf \
         https://github.com/jeboehm/mailserver-admin/releases/download/${ADMIN_VER}/release-${ADMIN_VER}.tar.gz && \
     tar -oxf /tmp/admin.tar.gz --strip=1 && \
     rm /tmp/admin.tar.gz && \
-    composer symfony:dump-env prod
+    composer symfony:dump-env prod && \
+    chmod 777 \
+        /opt/admin/var/cache \
+        /opt/admin/var/cache/prod \
+        /opt/admin/var/log
 
 FROM base AS prod
 
@@ -90,16 +94,12 @@ COPY --chown=root:root --from=roundcube-builder /opt/roundcube/ /opt/roundcube/
 COPY --chown=root:root --from=admin-builder /opt/admin/ /opt/admin/
 COPY --chown=root:root rootfs/ /
 
-RUN ln -s /opt/roundcube/public_html ${SERVER_ROOT}/webmail && \
+RUN mkdir -p ${SERVER_ROOT} && \
+    ln -s /opt/roundcube/public_html ${SERVER_ROOT}/webmail && \
     ln -s /opt/admin/public ${SERVER_ROOT}/manager
 
 ARG USER=app
-RUN adduser -DH ${USER} && \
-	chown -R ${USER}:${USER} \
-        /opt/admin/var/cache/prod \
-        /opt/admin/var/log \
-        /opt/roundcube/logs \
-        /opt/roundcube/temp
+RUN adduser -DH ${USER}
 USER ${USER}
 
 HEALTHCHECK CMD /usr/local/bin/healthcheck.sh

target/web/rootfs/opt/roundcube/config/config.inc.php

@@ -21,7 +21,6 @@
     'archive',
     'zipdownload',
     'managesieve',
-    'password',
 ];
 $config['imap_conn_options'] = [
     'ssl' => [