diff options
Diffstat (limited to 'modules/private/mail/rspamd.nix')
-rw-r--r-- | modules/private/mail/rspamd.nix | 132 |
1 files changed, 67 insertions, 65 deletions
diff --git a/modules/private/mail/rspamd.nix b/modules/private/mail/rspamd.nix index af3541f..5e0a239 100644 --- a/modules/private/mail/rspamd.nix +++ b/modules/private/mail/rspamd.nix | |||
@@ -10,78 +10,80 @@ | |||
10 | rspamd sockets | 10 | rspamd sockets |
11 | ''; | 11 | ''; |
12 | }; | 12 | }; |
13 | config.services.backup.profiles.mail.excludeFile = '' | 13 | config = lib.mkIf config.myServices.mail.enable { |
14 | + /var/lib/rspamd | 14 | services.backup.profiles.mail.excludeFile = '' |
15 | ''; | 15 | + /var/lib/rspamd |
16 | config.services.cron.systemCronJobs = let | ||
17 | cron_script = pkgs.runCommand "cron_script" { | ||
18 | buildInputs = [ pkgs.makeWrapper ]; | ||
19 | } '' | ||
20 | mkdir -p $out | ||
21 | cp ${./scan_reported_mails} $out/scan_reported_mails | ||
22 | patchShebangs $out | ||
23 | for i in $out/*; do | ||
24 | wrapProgram "$i" --prefix PATH : ${lib.makeBinPath [ pkgs.coreutils pkgs.rspamd pkgs.flock ]} | ||
25 | done | ||
26 | ''; | 16 | ''; |
27 | in | 17 | services.cron.systemCronJobs = let |
28 | [ "*/20 * * * * vhost ${cron_script}/scan_reported_mails" ]; | 18 | cron_script = pkgs.runCommand "cron_script" { |
29 | 19 | buildInputs = [ pkgs.makeWrapper ]; | |
30 | config.services.rspamd = { | 20 | } '' |
31 | enable = true; | 21 | mkdir -p $out |
32 | debug = true; | 22 | cp ${./scan_reported_mails} $out/scan_reported_mails |
33 | overrides = { | 23 | patchShebangs $out |
34 | "actions.conf".text = '' | 24 | for i in $out/*; do |
35 | reject = null; | 25 | wrapProgram "$i" --prefix PATH : ${lib.makeBinPath [ pkgs.coreutils pkgs.rspamd pkgs.flock ]} |
36 | add_header = 6; | 26 | done |
37 | greylist = null; | ||
38 | ''; | 27 | ''; |
39 | "milter_headers.conf".text = '' | 28 | in |
40 | extended_spam_headers = true; | 29 | [ "*/20 * * * * vhost ${cron_script}/scan_reported_mails" ]; |
41 | ''; | 30 | |
42 | }; | 31 | services.rspamd = { |
43 | locals = { | 32 | enable = true; |
44 | "redis.conf".text = '' | 33 | debug = true; |
45 | servers = "${myconfig.env.mail.rspamd.redis.socket}"; | 34 | overrides = { |
46 | db = "${myconfig.env.mail.rspamd.redis.db}"; | 35 | "actions.conf".text = '' |
36 | reject = null; | ||
37 | add_header = 6; | ||
38 | greylist = null; | ||
39 | ''; | ||
40 | "milter_headers.conf".text = '' | ||
41 | extended_spam_headers = true; | ||
47 | ''; | 42 | ''; |
48 | "classifier-bayes.conf".text = '' | 43 | }; |
49 | users_enabled = true; | 44 | locals = { |
50 | backend = "redis"; | 45 | "redis.conf".text = '' |
51 | servers = "${myconfig.env.mail.rspamd.redis.socket}"; | 46 | servers = "${myconfig.env.mail.rspamd.redis.socket}"; |
52 | database = "${myconfig.env.mail.rspamd.redis.db}"; | 47 | db = "${myconfig.env.mail.rspamd.redis.db}"; |
53 | autolearn = true; | 48 | ''; |
54 | cache { | 49 | "classifier-bayes.conf".text = '' |
50 | users_enabled = true; | ||
55 | backend = "redis"; | 51 | backend = "redis"; |
56 | } | 52 | servers = "${myconfig.env.mail.rspamd.redis.socket}"; |
57 | new_schema = true; | 53 | database = "${myconfig.env.mail.rspamd.redis.db}"; |
58 | statfile { | 54 | autolearn = true; |
59 | BAYES_HAM { | 55 | cache { |
60 | spam = false; | 56 | backend = "redis"; |
61 | } | 57 | } |
62 | BAYES_SPAM { | 58 | new_schema = true; |
63 | spam = true; | 59 | statfile { |
60 | BAYES_HAM { | ||
61 | spam = false; | ||
62 | } | ||
63 | BAYES_SPAM { | ||
64 | spam = true; | ||
65 | } | ||
64 | } | 66 | } |
65 | } | 67 | ''; |
66 | ''; | 68 | }; |
67 | }; | 69 | workers = { |
68 | workers = { | 70 | controller = { |
69 | controller = { | 71 | extraConfig = '' |
70 | extraConfig = '' | 72 | enable_password = "${myconfig.env.mail.rspamd.write_password_hashed}"; |
71 | enable_password = "${myconfig.env.mail.rspamd.write_password_hashed}"; | 73 | password = "${myconfig.env.mail.rspamd.read_password_hashed}"; |
72 | password = "${myconfig.env.mail.rspamd.read_password_hashed}"; | 74 | ''; |
73 | ''; | 75 | bindSockets = [ { |
74 | bindSockets = [ { | 76 | socket = config.myServices.mail.rspamd.sockets.worker-controller; |
75 | socket = config.myServices.mail.rspamd.sockets.worker-controller; | 77 | mode = "0660"; |
76 | mode = "0660"; | 78 | owner = config.services.rspamd.user; |
77 | owner = config.services.rspamd.user; | 79 | group = "vhost"; |
78 | group = "vhost"; | 80 | } ]; |
79 | } ]; | 81 | }; |
82 | }; | ||
83 | postfix = { | ||
84 | enable = true; | ||
85 | config = {}; | ||
80 | }; | 86 | }; |
81 | }; | ||
82 | postfix = { | ||
83 | enable = true; | ||
84 | config = {}; | ||
85 | }; | 87 | }; |
86 | }; | 88 | }; |
87 | } | 89 | } |