]>
Commit | Line | Data |
---|---|---|
a929614f IB |
1 | { lib, pkgs, config, myconfig, ... }: |
2 | { | |
3 | options.myServices.mail.rspamd.sockets = lib.mkOption { | |
4 | type = lib.types.attrsOf lib.types.path; | |
5 | default = { | |
6 | worker-controller = "/run/rspamd/worker-controller.sock"; | |
7 | }; | |
8 | readOnly = true; | |
9 | description = '' | |
10 | rspamd sockets | |
11 | ''; | |
12 | }; | |
13 | config.services.cron.systemCronJobs = let | |
14 | cron_script = pkgs.runCommand "cron_script" { | |
15 | buildInputs = [ pkgs.makeWrapper ]; | |
16 | } '' | |
17 | mkdir -p $out | |
18 | cp ${./scan_reported_mails} $out/scan_reported_mails | |
19 | patchShebangs $out | |
20 | for i in $out/*; do | |
21 | wrapProgram "$i" --prefix PATH : ${lib.makeBinPath [ pkgs.coreutils pkgs.rspamd pkgs.flock ]} | |
22 | done | |
23 | ''; | |
24 | in | |
25 | [ "*/20 * * * * vhost ${cron_script}/scan_reported_mails" ]; | |
26 | ||
27 | config.services.rspamd = { | |
28 | enable = true; | |
29 | debug = true; | |
30 | overrides = { | |
31 | "actions.conf".text = '' | |
32 | reject = null; | |
33 | add_header = 6; | |
34 | greylist = null; | |
35 | ''; | |
36 | "milter_headers.conf".text = '' | |
37 | extended_spam_headers = true; | |
38 | ''; | |
39 | }; | |
40 | locals = { | |
41 | "redis.conf".text = '' | |
42 | servers = "${myconfig.env.mail.rspamd.redis.socket}"; | |
43 | db = "${myconfig.env.mail.rspamd.redis.db}"; | |
44 | ''; | |
45 | "classifier-bayes.conf".text = '' | |
46 | users_enabled = true; | |
47 | backend = "redis"; | |
48 | servers = "${myconfig.env.mail.rspamd.redis.socket}"; | |
49 | database = "${myconfig.env.mail.rspamd.redis.db}"; | |
50 | autolearn = true; | |
51 | cache { | |
52 | backend = "redis"; | |
53 | } | |
54 | new_schema = true; | |
55 | statfile { | |
56 | BAYES_HAM { | |
57 | spam = false; | |
58 | } | |
59 | BAYES_SPAM { | |
60 | spam = true; | |
61 | } | |
62 | } | |
63 | ''; | |
64 | }; | |
65 | workers = { | |
66 | controller = { | |
67 | extraConfig = '' | |
68 | enable_password = "${myconfig.env.mail.rspamd.write_password_hashed}"; | |
69 | password = "${myconfig.env.mail.rspamd.read_password_hashed}"; | |
70 | ''; | |
71 | bindSockets = [ { | |
72 | socket = config.myServices.mail.rspamd.sockets.worker-controller; | |
73 | mode = "0660"; | |
74 | owner = config.services.rspamd.user; | |
75 | group = "vhost"; | |
76 | } ]; | |
77 | }; | |
78 | }; | |
79 | postfix = { | |
80 | enable = true; | |
81 | config = {}; | |
82 | }; | |
83 | }; | |
84 | } |