1 files changed, 67 insertions, 65 deletions
diff --git a/modules/private/mail/rspamd.nix b/modules/private/mail/rspamd.nix
index af3541f..5e0a239 100644
--- a/modules/private/mail/rspamd.nix
+++ b/modules/private/mail/rspamd.nix
@@ -10,78 +10,80 @@
      rspamd sockets
      '';
  };
-  config.services.backup.profiles.mail.excludeFile = ''
+  config = lib.mkIf config.myServices.mail.enable {
-    + /var/lib/rspamd
+    services.backup.profiles.mail.excludeFile = ''
-    '';
+      + /var/lib/rspamd
-  config.services.cron.systemCronJobs = let
-    cron_script = pkgs.runCommand "cron_script" {
-      buildInputs = [ pkgs.makeWrapper ];
-    } ''
-      mkdir -p $out
-      cp ${./scan_reported_mails} $out/scan_reported_mails
-      patchShebangs $out
-      for i in $out/*; do
-        wrapProgram "$i" --prefix PATH : ${lib.makeBinPath [ pkgs.coreutils pkgs.rspamd pkgs.flock ]}
-      done
      '';
-  in
+    services.cron.systemCronJobs = let
-    [ "*/20 * * * * vhost ${cron_script}/scan_reported_mails" ];
+      cron_script = pkgs.runCommand "cron_script" {
+        buildInputs = [ pkgs.makeWrapper ];
-  config.services.rspamd = {
+      } ''
-    enable = true;
+        mkdir -p $out
-    debug = true;
+        cp ${./scan_reported_mails} $out/scan_reported_mails
-    overrides = {
+        patchShebangs $out
-      "actions.conf".text = ''
+        for i in $out/*; do
-        reject = null;
+          wrapProgram "$i" --prefix PATH : ${lib.makeBinPath [ pkgs.coreutils pkgs.rspamd pkgs.flock ]}
-        add_header = 6;
+        done
-        greylist = null;
        '';
-      "milter_headers.conf".text = ''
+    in
-        extended_spam_headers = true;
+      [ "*/20 * * * * vhost ${cron_script}/scan_reported_mails" ];
-      '';
-    };
+    services.rspamd = {
-    locals = {
+      enable = true;
-      "redis.conf".text = ''
+      debug = true;
-        servers = "${myconfig.env.mail.rspamd.redis.socket}";
+      overrides = {
-        db = "${myconfig.env.mail.rspamd.redis.db}";
+        "actions.conf".text = ''
+          reject = null;
+          add_header = 6;
+          greylist = null;
+          '';
+        "milter_headers.conf".text = ''
+          extended_spam_headers = true;
        '';
-      "classifier-bayes.conf".text = ''
+      };
-        users_enabled = true;
+      locals = {
-        backend = "redis";
+        "redis.conf".text = ''
-        servers = "${myconfig.env.mail.rspamd.redis.socket}";
+          servers = "${myconfig.env.mail.rspamd.redis.socket}";
-        database = "${myconfig.env.mail.rspamd.redis.db}";
+          db = "${myconfig.env.mail.rspamd.redis.db}";
-        autolearn = true;
+          '';
-        cache {
+        "classifier-bayes.conf".text = ''
+          users_enabled = true;
          backend = "redis";
-        }
+          servers = "${myconfig.env.mail.rspamd.redis.socket}";
-        new_schema = true;
+          database = "${myconfig.env.mail.rspamd.redis.db}";
-        statfile {
+          autolearn = true;
-          BAYES_HAM {
+          cache {
-            spam = false;
+            backend = "redis";
          }
-          BAYES_SPAM {
+          new_schema = true;
-            spam = true;
+          statfile {
+            BAYES_HAM {
+              spam = false;
+            }
+            BAYES_SPAM {
+              spam = true;
+            }
          }
-        }
+          '';
-        '';
+      };
-    };
+      workers = {
-    workers = {
+        controller = {
-      controller = {
+          extraConfig = ''
-        extraConfig = ''
+            enable_password = "${myconfig.env.mail.rspamd.write_password_hashed}";
-          enable_password = "${myconfig.env.mail.rspamd.write_password_hashed}";
+            password = "${myconfig.env.mail.rspamd.read_password_hashed}";
-          password = "${myconfig.env.mail.rspamd.read_password_hashed}";
+          '';
-        '';
+          bindSockets = [ {
-        bindSockets = [ {
+            socket = config.myServices.mail.rspamd.sockets.worker-controller;
-          socket = config.myServices.mail.rspamd.sockets.worker-controller;
+            mode = "0660";
-          mode = "0660";
+            owner = config.services.rspamd.user;
-          owner = config.services.rspamd.user;
+            group = "vhost";
-          group = "vhost";
+          } ];
-        } ];
+        };
+      };
+      postfix = {
+        enable = true;
+        config = {};
      };
-    };
-    postfix = {
-      enable = true;
-      config = {};
    };
  };
 }

diff --git a/modules/private/mail/rspamd.nix b/modules/private/mail/rspamd.nix index af3541f..5e0a239 100644 --- a/modules/private/mail/rspamd.nix +++ b/modules/private/mail/rspamd.nix
@@ -10,78 +10,80 @@
10	rspamd sockets	10	rspamd sockets
11	'';	11	'';
12	};	12	};
13	config.services.backup.profiles.mail.excludeFile = ''	13	config = lib.mkIf config.myServices.mail.enable {
14	+ /var/lib/rspamd	14	services.backup.profiles.mail.excludeFile = ''
15	'';	15	+ /var/lib/rspamd
16	config.services.cron.systemCronJobs = let
17	cron_script = pkgs.runCommand "cron_script" {
18	buildInputs = [ pkgs.makeWrapper ];
19	} ''
20	mkdir -p $out
21	cp ${./scan_reported_mails} $out/scan_reported_mails
22	patchShebangs $out
23	for i in $out/*; do
24	wrapProgram "$i" --prefix PATH : ${lib.makeBinPath [ pkgs.coreutils pkgs.rspamd pkgs.flock ]}
25	done
26	'';	16	'';
27	in	17	services.cron.systemCronJobs = let
28	[ "/20 * * * vhost ${cron_script}/scan_reported_mails" ];	18	cron_script = pkgs.runCommand "cron_script" {
29		19	buildInputs = [ pkgs.makeWrapper ];
30	config.services.rspamd = {	20	} ''
31	enable = true;	21	mkdir -p $out
32	debug = true;	22	cp ${./scan_reported_mails} $out/scan_reported_mails
33	overrides = {	23	patchShebangs $out
34	"actions.conf".text = ''	24	for i in $out/*; do
35	reject = null;	25	wrapProgram "$i" --prefix PATH : ${lib.makeBinPath [ pkgs.coreutils pkgs.rspamd pkgs.flock ]}
36	add_header = 6;	26	done
37	greylist = null;
38	'';	27	'';
39	"milter_headers.conf".text = ''	28	in
40	extended_spam_headers = true;	29	[ "/20 * * * vhost ${cron_script}/scan_reported_mails" ];
41	'';	30
42	};	31	services.rspamd = {
43	locals = {	32	enable = true;
44	"redis.conf".text = ''	33	debug = true;
45	servers = "${myconfig.env.mail.rspamd.redis.socket}";	34	overrides = {
46	db = "${myconfig.env.mail.rspamd.redis.db}";	35	"actions.conf".text = ''
		36	reject = null;
		37	add_header = 6;
		38	greylist = null;
		39	'';
		40	"milter_headers.conf".text = ''
		41	extended_spam_headers = true;
47	'';	42	'';
48	"classifier-bayes.conf".text = ''	43	};
49	users_enabled = true;	44	locals = {
50	backend = "redis";	45	"redis.conf".text = ''
51	servers = "${myconfig.env.mail.rspamd.redis.socket}";	46	servers = "${myconfig.env.mail.rspamd.redis.socket}";
52	database = "${myconfig.env.mail.rspamd.redis.db}";	47	db = "${myconfig.env.mail.rspamd.redis.db}";
53	autolearn = true;	48	'';
54	cache {	49	"classifier-bayes.conf".text = ''
		50	users_enabled = true;
55	backend = "redis";	51	backend = "redis";
56	}	52	servers = "${myconfig.env.mail.rspamd.redis.socket}";
57	new_schema = true;	53	database = "${myconfig.env.mail.rspamd.redis.db}";
58	statfile {	54	autolearn = true;
59	BAYES_HAM {	55	cache {
60	spam = false;	56	backend = "redis";
61	}	57	}
62	BAYES_SPAM {	58	new_schema = true;
63	spam = true;	59	statfile {
		60	BAYES_HAM {
		61	spam = false;
		62	}
		63	BAYES_SPAM {
		64	spam = true;
		65	}
64	}	66	}
65	}	67	'';
66	'';	68	};
67	};	69	workers = {
68	workers = {	70	controller = {
69	controller = {	71	extraConfig = ''
70	extraConfig = ''	72	enable_password = "${myconfig.env.mail.rspamd.write_password_hashed}";
71	enable_password = "${myconfig.env.mail.rspamd.write_password_hashed}";	73	password = "${myconfig.env.mail.rspamd.read_password_hashed}";
72	password = "${myconfig.env.mail.rspamd.read_password_hashed}";	74	'';
73	'';	75	bindSockets = [ {
74	bindSockets = [ {	76	socket = config.myServices.mail.rspamd.sockets.worker-controller;
75	socket = config.myServices.mail.rspamd.sockets.worker-controller;	77	mode = "0660";
76	mode = "0660";	78	owner = config.services.rspamd.user;
77	owner = config.services.rspamd.user;	79	group = "vhost";
78	group = "vhost";	80	} ];
79	} ];	81	};
		82	};
		83	postfix = {
		84	enable = true;
		85	config = {};
80	};	86	};
81	};
82	postfix = {
83	enable = true;
84	config = {};
85	};	87	};
86	};	88	};
87	}	89	}