diff options
Diffstat (limited to 'modules/private/mail/rspamd.nix')
-rw-r--r-- | modules/private/mail/rspamd.nix | 87 |
1 files changed, 0 insertions, 87 deletions
diff --git a/modules/private/mail/rspamd.nix b/modules/private/mail/rspamd.nix deleted file mode 100644 index 05f1300..0000000 --- a/modules/private/mail/rspamd.nix +++ /dev/null | |||
@@ -1,87 +0,0 @@ | |||
1 | { lib, pkgs, config, ... }: | ||
2 | { | ||
3 | options.myServices.mail.rspamd.sockets = lib.mkOption { | ||
4 | type = lib.types.attrsOf lib.types.path; | ||
5 | default = { | ||
6 | worker-controller = "/run/rspamd/worker-controller.sock"; | ||
7 | }; | ||
8 | readOnly = true; | ||
9 | description = '' | ||
10 | rspamd sockets | ||
11 | ''; | ||
12 | }; | ||
13 | config = lib.mkIf config.myServices.mail.enable { | ||
14 | services.cron.systemCronJobs = let | ||
15 | cron_script = pkgs.runCommand "cron_script" { | ||
16 | buildInputs = [ pkgs.makeWrapper ]; | ||
17 | } '' | ||
18 | mkdir -p $out | ||
19 | cp ${./scan_reported_mails} $out/scan_reported_mails | ||
20 | patchShebangs $out | ||
21 | for i in $out/*; do | ||
22 | wrapProgram "$i" --prefix PATH : ${lib.makeBinPath [ pkgs.coreutils pkgs.rspamd pkgs.flock ]} | ||
23 | done | ||
24 | ''; | ||
25 | in | ||
26 | [ "*/20 * * * * vhost ${cron_script}/scan_reported_mails" ]; | ||
27 | |||
28 | systemd.services.rspamd.serviceConfig.Slice = "mail.slice"; | ||
29 | services.rspamd = { | ||
30 | enable = true; | ||
31 | debug = false; | ||
32 | overrides = { | ||
33 | "actions.conf".text = '' | ||
34 | reject = null; | ||
35 | add_header = 6; | ||
36 | greylist = null; | ||
37 | ''; | ||
38 | "milter_headers.conf".text = '' | ||
39 | extended_spam_headers = true; | ||
40 | ''; | ||
41 | }; | ||
42 | locals = { | ||
43 | "redis.conf".text = '' | ||
44 | servers = "${config.myEnv.mail.rspamd.redis.socket}"; | ||
45 | db = "${config.myEnv.mail.rspamd.redis.db}"; | ||
46 | ''; | ||
47 | "classifier-bayes.conf".text = '' | ||
48 | users_enabled = true; | ||
49 | backend = "redis"; | ||
50 | servers = "${config.myEnv.mail.rspamd.redis.socket}"; | ||
51 | database = "${config.myEnv.mail.rspamd.redis.db}"; | ||
52 | autolearn = true; | ||
53 | cache { | ||
54 | backend = "redis"; | ||
55 | } | ||
56 | new_schema = true; | ||
57 | statfile { | ||
58 | BAYES_HAM { | ||
59 | spam = false; | ||
60 | } | ||
61 | BAYES_SPAM { | ||
62 | spam = true; | ||
63 | } | ||
64 | } | ||
65 | ''; | ||
66 | }; | ||
67 | workers = { | ||
68 | controller = { | ||
69 | extraConfig = '' | ||
70 | enable_password = "${config.myEnv.mail.rspamd.write_password_hashed}"; | ||
71 | password = "${config.myEnv.mail.rspamd.read_password_hashed}"; | ||
72 | ''; | ||
73 | bindSockets = [ { | ||
74 | socket = config.myServices.mail.rspamd.sockets.worker-controller; | ||
75 | mode = "0660"; | ||
76 | owner = config.services.rspamd.user; | ||
77 | group = "vhost"; | ||
78 | } ]; | ||
79 | }; | ||
80 | }; | ||
81 | postfix = { | ||
82 | enable = true; | ||
83 | config = {}; | ||
84 | }; | ||
85 | }; | ||
86 | }; | ||
87 | } | ||