mirror of
https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git
synced 2025-01-14 16:26:27 +01:00
rspamd: configure redis backend
The sqlite backed is deprecated, and the redis backend is the default since rspamd 2.0. Not having redis started results in such errors: rspamd_redis_init: cannot init redis backend for BAYES_SPAM To migrate the sqlite database, run rspamadm statconvert --spam-db /var/lib/rspamd/bayes.spam.sqlite --ham-db /var/lib/rspamd/bayes.ham.sqlite -h 127.0.0.1:6379 --symbol-ham BAYES_HAM --symbol-spam BAYES_SPAM The current module implements the recommended configuration that this utility prints out.
This commit is contained in:
parent
ac0f5c118f
commit
9e772d166c
2 changed files with 55 additions and 2 deletions
40
default.nix
40
default.nix
|
@ -480,6 +480,46 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
redis = {
|
||||
address = mkOption {
|
||||
type = types.str;
|
||||
# read the default from nixos' redis module
|
||||
default = let
|
||||
cf = config.services.redis.bind;
|
||||
cfdefault = if cf == null then "127.0.0.1" else cf;
|
||||
ips = lib.strings.splitString " " cfdefault;
|
||||
ip = lib.lists.head (ips ++ [ "127.0.0.1" ]);
|
||||
isIpv6 = ip: lib.lists.elem ":" (lib.stringToCharacters ip);
|
||||
in
|
||||
if (ip == "0.0.0.0" || ip == "::")
|
||||
then "127.0.0.1"
|
||||
else if isIpv6 ip then "[${ip}]" else ip;
|
||||
description = ''
|
||||
Address that rspamd should use to contact redis. The default value
|
||||
is read from <literal>config.services.redis.bind</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = config.services.redis.port;
|
||||
description = ''
|
||||
Port that rspamd should use to contact redis. The default value is
|
||||
read from <literal>config.services.redis.port<literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = config.services.redis.requirePass;
|
||||
description = ''
|
||||
Password that rspamd should use to contact redis, or null if not
|
||||
required. The default value is read from
|
||||
<literal>config.services.redis.requirePass<literal>.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
rewriteMessageId = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
|
|
|
@ -32,6 +32,16 @@ in
|
|||
"milter_headers.conf" = { text = ''
|
||||
extended_spam_headers = yes;
|
||||
''; };
|
||||
"redis.conf" = { text = ''
|
||||
servers = "${cfg.redis.address}:${toString cfg.redis.port}";
|
||||
'' + (lib.optionalString (cfg.redis.password != null) ''
|
||||
password = "${cfg.redis.password}";
|
||||
''); };
|
||||
"classifier-bayes.conf" = { text = ''
|
||||
cache {
|
||||
backend = "redis";
|
||||
}
|
||||
''; };
|
||||
"antivirus.conf" = lib.mkIf cfg.virusScanning { text = ''
|
||||
clamav {
|
||||
action = "reject";
|
||||
|
@ -80,9 +90,12 @@ in
|
|||
};
|
||||
|
||||
};
|
||||
|
||||
services.redis.enable = true;
|
||||
|
||||
systemd.services.rspamd = {
|
||||
requires = (lib.optional cfg.virusScanning "clamav-daemon.service");
|
||||
after = (lib.optional cfg.virusScanning "clamav-daemon.service");
|
||||
requires = [ "redis.service" ] ++ (lib.optional cfg.virusScanning "clamav-daemon.service");
|
||||
after = [ "redis.service" ] ++ (lib.optional cfg.virusScanning "clamav-daemon.service");
|
||||
};
|
||||
|
||||
systemd.services.postfix = {
|
||||
|
|
Loading…
Reference in a new issue