From fd9d45668b7f953f8ff2b7dcc644859e3b533819 Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Sat, 26 Dec 2020 17:10:15 +0100
Subject: [PATCH] Implement signal handling

---
 cats.Dockerfile    | 12 +++++++-----
 docker/run-dovecot |  2 ++
 docker/run-postfix |  2 ++
 mgr.Dockerfile     | 12 +++++++-----
 webdb.Dockerfile   | 12 +++++++-----
 5 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/cats.Dockerfile b/cats.Dockerfile
index 870ce48..3958ac8 100644
--- a/cats.Dockerfile
+++ b/cats.Dockerfile
@@ -11,9 +11,10 @@ RUN apt-get update \
     nullmailer \
     php5-mysql \
     && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-STOPSIGNAL SIGWINCH
+    && rm -rf /var/lib/apt/lists/* \
+    && curl --silent --location --output /usr/local/bin/dumb-init \
+       https://github.com/Yelp/dumb-init/releases/download/v1.2.4/dumb-init_1.2.4_x86_64 \
+    && chmod +x /usr/local/bin/dumb-init
 
 COPY docker/apache-cats-foreground /usr/local/bin/
 COPY testca/root/ca.crt.pem /usr/local/share/ca-certificates/testca_root.crt
@@ -33,10 +34,11 @@ RUN a2ensite cats.cacert.localhost ; \
     a2enmod rewrite ; \
     a2enmod ssl ; \
     cd /usr/local/share/ca-certificates ; \
-    curl -O http://www.cacert.org/certs/root_X0F.crt ; \
-    curl -O http://www.cacert.org/certs/class3_X0E.crt ; \
+    curl --silent --remote-name http://www.cacert.org/certs/root_X0F.crt ; \
+    curl --silent --remote-name http://www.cacert.org/certs/class3_X0E.crt ; \
     update-ca-certificates
 
 EXPOSE 443
 
+ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
 CMD ["/usr/local/bin/apache-cats-foreground"]
diff --git a/docker/run-dovecot b/docker/run-dovecot
index 31b9b37..bcabcf8 100755
--- a/docker/run-dovecot
+++ b/docker/run-dovecot
@@ -7,4 +7,6 @@ chmod 0640 /etc/dovecot/imap_user.txt
 chown dovecot.dovecot /etc/dovecot/imap_user.txt
 echo "log_path = /dev/stderr" > /etc/dovecot/local.conf
 
+trap "exit 0" TERM INT
+
 dovecot -F
diff --git a/docker/run-postfix b/docker/run-postfix
index b9836f8..dba3653 100755
--- a/docker/run-postfix
+++ b/docker/run-postfix
@@ -4,4 +4,6 @@ set -eu
 mkdir -p /home/catchall/Maildir/tmp /home/catchall/Maildir/new /home/catchall/Maildir/cur
 chown -Rc catchall.catchall /home/catchall/Maildir
 
+trap "exit 0" INT TERM
+
 postfix start-fg
diff --git a/mgr.Dockerfile b/mgr.Dockerfile
index e258fc3..46151f9 100644
--- a/mgr.Dockerfile
+++ b/mgr.Dockerfile
@@ -14,9 +14,10 @@ RUN apt-get update \
     php5-mysql \
     zendframework \
     && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-STOPSIGNAL SIGWINCH
+    && rm -rf /var/lib/apt/lists/* \
+    && curl --silent --location --output /usr/local/bin/dumb-init \
+       https://github.com/Yelp/dumb-init/releases/download/v1.2.4/dumb-init_1.2.4_x86_64 \
+    && chmod +x /usr/local/bin/dumb-init
 
 COPY docker/apache-mgr-foreground /usr/local/bin/
 COPY testca/root/ca.crt.pem /usr/local/share/ca-certificates/testca_root.crt
@@ -37,10 +38,11 @@ RUN a2ensite mgr.cacert.localhost ; \
     a2enmod rewrite ; \
     a2enmod ssl ; \
     cd /usr/local/share/ca-certificates ; \
-    curl -O http://www.cacert.org/certs/root_X0F.crt ; \
-    curl -O http://www.cacert.org/certs/class3_X0E.crt ; \
+    curl --silent --remote-name http://www.cacert.org/certs/root_X0F.crt ; \
+    curl --silent --remote-name http://www.cacert.org/certs/class3_X0E.crt ; \
     update-ca-certificates
 
 EXPOSE 443
 
+ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
 CMD ["/usr/local/bin/apache-mgr-foreground"]
diff --git a/webdb.Dockerfile b/webdb.Dockerfile
index 5e3e5bd..fd3ff3d 100644
--- a/webdb.Dockerfile
+++ b/webdb.Dockerfile
@@ -37,9 +37,10 @@ RUN apt-get update \
     wamerican \
     whois \
     && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-STOPSIGNAL SIGWINCH
+    && rm -rf /var/lib/apt/lists/* \
+    && curl --silent --location --output /usr/local/bin/dumb-init \
+       https://github.com/Yelp/dumb-init/releases/download/v1.2.4/dumb-init_1.2.4_x86_64 \
+    && chmod +x /usr/local/bin/dumb-init
 
 COPY docker/apache-webdb-foreground /usr/local/bin/
 COPY testca/root/ca.crt.pem /usr/local/share/ca-certificates/testca_root.crt
@@ -64,11 +65,12 @@ RUN a2ensite www.cacert.localhost ; \
     a2enmod ssl ; \
     ln -s /etc/php5/mods-available/cacert.ini /etc/php5/apache2/conf.d/20-cacert.ini ; \
     cd /usr/local/share/ca-certificates ; \
-    curl -O http://www.cacert.org/certs/root_X0F.crt ; \
-    curl -O http://www.cacert.org/certs/class3_X0E.crt ; \
+    curl --silent --remote-name http://www.cacert.org/certs/root_X0F.crt ; \
+    curl --silent --remote-name http://www.cacert.org/certs/class3_X0E.crt ; \
     update-ca-certificates
 
 EXPOSE 80
 EXPOSE 443
 
+ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
 CMD ["/usr/local/bin/apache-webdb-foreground"]