refactor: replace faketty with headless --noninteractive daemon + PTY_TOOL switcher

- Drop faketty named pipe and screen; daemon runs via exec protonmail-bridge --noninteractive so stdout/stderr reach docker logs natively and SIGTERM lands directly on the bridge - Add PTY_TOOL build ARG/ENV (dtach default, abduco, reptyr) for interactive sessions only - Split commands: init (first-time setup), run (daemon), manage (interactive CLI), attach (reattach) - PTY machinery isolated to manage/attach; restart loop and log forwarding hacks removed - Fix $1 unbound variable with ${1:-}, set -ex replaced with set -euo pipefail - chmod +x consolidated into install RUN layer; healthcheck -exc fixed to -c - CMD switched to exec form to ensure signals reach entrypoint directly
2026-03-03 10:02:03 +00:00 · 2026-03-03 10:02:03 +00:00 · be89ba8662
commit be89ba8662
parent 97014ae98c
2 changed files with 163 additions and 44 deletions
--- a/deb/Dockerfile
+++ b/deb/Dockerfile
@ -9,20 +9,37 @@ RUN apt-get update && apt-get install -y wget binutils
 # Repack deb (removes unnecessary dependencies and produces /protonmail.deb)
 RUN bash /install.sh

+# -----------------------------------------------------------------------------
+
 FROM debian:sid-slim
 LABEL maintainer="Simon Felding <sife@adm.ku.dk>"

+# Select PTY tool for manage/attach commands: dtach (default), abduco, reptyr
+ARG PTY_TOOL=dtach
+ENV PTY_TOOL=${PTY_TOOL}
+
 EXPOSE 25/tcp
 EXPOSE 143/tcp

 WORKDIR /protonmail

-# Copy bash scripts
-COPY gpgparams entrypoint.sh PACKAGE /protonmail/
+# PACKAGE is only needed in the build stage; don't copy it into the final image
+COPY gpgparams entrypoint.sh /protonmail/
 COPY --from=build /protonmail.deb /tmp/protonmail.deb

 RUN apt-get update \
-    && apt-get install -y --no-install-recommends /tmp/protonmail.deb socat pass libsecret-1-0 ca-certificates procps \
-    && rm -rf /var/lib/apt/lists/*
+    && apt-get install -y --no-install-recommends \
+         /tmp/protonmail.deb \
+         socat pass libsecret-1-0 libfido2-1 ca-certificates procps \
+    && case "${PTY_TOOL}" in \
+         dtach)  apt-get install -y --no-install-recommends dtach  ;; \
+         abduco) apt-get install -y --no-install-recommends abduco ;; \
+         reptyr) apt-get install -y --no-install-recommends reptyr ;; \
+       esac \
+    && chmod +x /protonmail/entrypoint.sh \
+    && rm -rf /tmp/protonmail.deb /var/lib/apt/lists/*

-CMD ["bash", "/protonmail/entrypoint.sh"]
+HEALTHCHECK --interval=30s --timeout=5s --retries=3 --start-period=120s \
+  CMD /bin/bash -c "true < /dev/tcp/localhost/25"
+
+CMD ["/protonmail/entrypoint.sh", "run"]