FROM "alpine:3.23"
LABEL maintainer="Cabillot Julien <dockerimages@cabillot.eu>"

COPY entrypoint.sh /entrypoint.sh
COPY patch.py /tmp/patch.py

RUN apk add --no-cache offlineimap openssl && \
    adduser -D offlineimap && \
    # Force SECLEVEL=1 in imaplib2 to allow connecting to servers with weak DH keys (DH_KEY_TOO_SMALL)
    # This is required because OpenSSL 3.x in Alpine 3.23 defaults to SECLEVEL=2
    sed -i 's/ctx = ssl.SSLContext(ssl_version)/ctx = ssl.SSLContext(ssl_version)\n                ctx.set_ciphers("DEFAULT:@SECLEVEL=1")/' /usr/lib/python3.*/site-packages/imaplib2/imaplib2.py && \
    # Patch offlineimap email generator bug for defective messages
    python3 /tmp/patch.py && rm /tmp/patch.py

COPY --chown=offlineimap offlineimaprc.*.tmpl /home/offlineimap/

# Add Tini
#ENV "TINI_VERSION" "v0.16.1"
#ADD "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini" "/tini"
#RUN chmod +x "/tini"
#ENTRYPOINT ["/tini", "--"]

USER "offlineimap"

#ENTRYPOINT [ "/entrypoint.sh" ]
CMD [ "/entrypoint.sh" ]
