Name: bulwark-webmail Version: 1.6.5 Release: 5%{?dist} Summary: Modern webmail client built with Next.js and the JMAP protocol License: AGPL-3.0-only URL: https://github.com/bulwarkmail/webmail Source0: https://github.com/bulwarkmail/webmail/archive/refs/tags/%{version}.tar.gz BuildRequires: nodejs >= 20.0.0 BuildRequires: npm BuildRequires: systemd-rpm-macros BuildRequires: git # Only build on supported architectures for Node.js ExcludeArch: i686 s390 # For COPR compatibility %if 0%{?fedora} >= 36 || 0%{?rhel} >= 9 %bcond_without check %else %bcond_with check %endif %global debug_package %{nil} Requires: nodejs >= 20.0.0 Requires(pre): shadow-utils %description Bulwark is a modern, self-hosted webmail client for Stalwart Mail Server, built with Next.js and the JMAP protocol. It provides a full webmail suite including Mail, Calendar, Contacts, and Files management with OAuth2/OIDC support, multi-language interface, and a plugin system. %prep %autosetup -n webmail-%{version} %build # Set build environment export NODE_ENV=production export NEXT_TELEMETRY_DISABLED=1 export GIT_COMMIT=%{version} # Remove package-lock.json to avoid conflicts rm -f package-lock.json # Remove prepare script to avoid husky issues node -e "const fs=require('fs'); const pkg=JSON.parse(fs.readFileSync('package.json')); delete pkg.scripts.prepare; fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2));" # Change build script to use webpack explicitly node -e "const fs=require('fs'); const pkg=JSON.parse(fs.readFileSync('package.json')); pkg.scripts.build = 'next build'; fs.writeFileSync('package.json', JSON.stringify(pkg, null, 2));" # Install all dependencies (including dev dependencies needed for build) npm install --legacy-peer-deps --no-audit --no-fund --include=dev # Verify critical dependencies are installed if [ ! -d "node_modules/@tailwindcss" ]; then echo "ERROR: @tailwindcss not installed, forcing install..." npm install @tailwindcss/postcss tailwindcss --save-dev --legacy-peer-deps fi # Build using next build with TURBO=0 to disable turbopack TURBO=0 npm run build %pre getent group %{name} >/dev/null || groupadd -r %{name} getent passwd %{name} >/dev/null || \ useradd -r -g %{name} -d %{_sharedstatedir}/%{name} \ -s /sbin/nologin -c "Bulwark Webmail" %{name} %install # Create application directory install -d -m 755 %{buildroot}%{_datadir}/%{name} # Install the Next.js standalone build cp -a .next/standalone/* %{buildroot}%{_datadir}/%{name}/ # Copy static assets into the standalone .next directory install -d -m 755 %{buildroot}%{_datadir}/%{name}/.next cp -a .next/static %{buildroot}%{_datadir}/%{name}/.next/ # Copy public directory cp -a public %{buildroot}%{_datadir}/%{name}/ # Create symlink for data directory (app expects it in /usr/share but we need it writable) ln -s %{_sharedstatedir}/%{name}/data %{buildroot}%{_datadir}/%{name}/data # Copy the build ID and other build artifacts for file in BUILD_ID routes-manifest.json build-manifest.json prerender-manifest.json \ react-loadable-manifest.json next-minimal-server.js next-server.js \ required-server-files.json app-build-manifest.json; do if [ -f .next/$file ]; then cp .next/$file %{buildroot}%{_datadir}/%{name}/.next/ fi done # Copy server directory if it exists if [ -d .next/server ]; then cp -a .next/server %{buildroot}%{_datadir}/%{name}/.next/ fi # Create data directories install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name} install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}/data install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}/data/telemetry install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}/settings install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}/admin install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}/admin-state install -d -m 755 %{buildroot}%{_sharedstatedir}/%{name}/telemetry install -d -m 755 %{buildroot}%{_var}/log/%{name} # Install systemd service install -d -m 755 %{buildroot}%{_unitdir} cat > %{buildroot}%{_unitdir}/%{name}.service << 'EOF' [Unit] Description=Bulwark Webmail After=network.target [Service] Type=simple User=bulwark-webmail Group=bulwark-webmail WorkingDirectory=%{_datadir}/%{name} EnvironmentFile=%{_sysconfdir}/%{name}/.env.local ExecStart=/usr/bin/node server.js Restart=on-failure RestartSec=5s StandardOutput=journal StandardError=journal SyslogIdentifier=bulwark-webmail # Security settings NoNewPrivileges=true PrivateTmp=true ProtectSystem=strict ProtectHome=true ReadWritePaths=%{_sharedstatedir}/%{name} ReadWritePaths=%{_var}/log/%{name} [Install] WantedBy=multi-user.target EOF # Create environment file template install -d -m 755 %{buildroot}%{_sysconfdir}/%{name} cat > %{buildroot}%{_sysconfdir}/%{name}/.env.local << 'EOF' # Bulwark Webmail Configuration # See https://github.com/bulwarkmail/webmail for full documentation # Server listen address HOSTNAME=0.0.0.0 PORT=3000 # JMAP Server (comment out to use the web setup wizard) #JMAP_SERVER_URL=https://mail.example.com # Session secret (required for production) # Generate with: openssl rand -base64 32 #SESSION_SECRET= # OAuth2/OIDC (optional) #OAUTH_ENABLED=true #OAUTH_CLIENT_ID=webmail #OAUTH_CLIENT_SECRET= #OAUTH_ISSUER_URL= # Branding (optional) #APP_NAME=Bulwark Webmail #APP_SHORT_NAME=Webmail # Logging LOG_FORMAT=text LOG_LEVEL=info # Stalwart integration STALWART_FEATURES=true # Settings sync SETTINGS_SYNC_ENABLED=true SETTINGS_DATA_DIR=%{_sharedstatedir}/%{name}/settings # Setup wizard data SETUP_DATA_DIR=%{_sharedstatedir}/%{name}/data # Admin data directories ADMIN_CONFIG_DIR=%{_sharedstatedir}/%{name}/admin ADMIN_STATE_DIR=%{_sharedstatedir}/%{name}/admin-state DATA_DIR=%{_sharedstatedir}/%{name}/data # Disable update check & telemetry by default BULWARK_UPDATE_CHECK=off # Production environment NODE_ENV=production NEXT_TELEMETRY_DISABLED=1 EOF %post # Set ownership of data directories chown -R %{name}:%{name} %{_sharedstatedir}/%{name} chown -R %{name}:%{name} %{_var}/log/%{name} chmod 750 %{_sharedstatedir}/%{name} chmod 750 %{_var}/log/%{name} # Set ownership of all subdirectories for dir in data settings admin admin-state telemetry data/telemetry; do if [ -d %{_sharedstatedir}/%{name}/$dir ]; then chown %{name}:%{name} %{_sharedstatedir}/%{name}/$dir chmod 750 %{_sharedstatedir}/%{name}/$dir fi done %systemd_post %{name}.service %preun %systemd_preun %{name}.service %postun %systemd_postun_with_restart %{name}.service %files %license LICENSE %doc README.md CHANGELOG.md FEATURES.md CONTRIBUTING.md %{_datadir}/%{name} %dir %attr(0750,%{name},%{name}) %{_var}/log/%{name} %dir %attr(0750,%{name},%{name}) %{_sharedstatedir}/%{name} %dir %attr(0750,%{name},%{name}) %{_sharedstatedir}/%{name}/data %dir %attr(0750,%{name},%{name}) %{_sharedstatedir}/%{name}/data/telemetry %dir %attr(0750,%{name},%{name}) %{_sharedstatedir}/%{name}/settings %dir %attr(0750,%{name},%{name}) %{_sharedstatedir}/%{name}/admin %dir %attr(0750,%{name},%{name}) %{_sharedstatedir}/%{name}/admin-state %dir %attr(0750,%{name},%{name}) %{_sharedstatedir}/%{name}/telemetry %dir %{_sysconfdir}/%{name} %config(noreplace) %{_sysconfdir}/%{name}/.env.local %{_unitdir}/%{name}.service %changelog * Thu May 14 2026 Ante de Baas - 1.6.5-1 - Initial RPM package for bulwark-webmail - Modern webmail client with JMAP protocol support - Includes Mail, Calendar, Contacts, and Files features - OAuth2/OIDC authentication support - Multi-language interface with 15 languages - Plugin system and theme support - Web-based setup wizard