Skynet/misc_nixos-mailserver
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

rspamd: configure redis backend

Browse source 
The sqlite backed is deprecated, and the redis backend is the default
since rspamd 2.0.

Not having redis started results in such errors:
rspamd_redis_init: cannot init redis backend for BAYES_SPAM

To migrate the sqlite database, run

rspamadm statconvert --spam-db /var/lib/rspamd/bayes.spam.sqlite --ham-db /var/lib/rspamd/bayes.ham.sqlite -h 127.0.0.1:6379 --symbol-ham BAYES_HAM --symbol-spam BAYES_SPAM

The current module implements the recommended configuration that this
utility prints out.
This commit is contained in:
Symphorien Gibol 2020-04-03 12:00:00 +00:00 committed by lewo
parent ac0f5c118f
commit 9e772d166c
2 changed files with 55 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
default.nix
View file

@ -480,6 +480,46 @@ in
''; '';
}; };
redis = {
address = mkOption {
type = types.str;
# read the default from nixos' redis module
default = let
cf = config.services.redis.bind;
cfdefault = if cf == null then "127.0.0.1" else cf;
ips = lib.strings.splitString " " cfdefault;
ip = lib.lists.head (ips ++ [ "127.0.0.1" ]);
isIpv6 = ip: lib.lists.elem ":" (lib.stringToCharacters ip);
in
if (ip == "0.0.0.0" || ip == "::")
then "127.0.0.1"
else if isIpv6 ip then "[${ip}]" else ip;
description = ''
Address that rspamd should use to contact redis. The default value
is read from <literal>config.services.redis.bind</literal>.
'';
};
port = mkOption {
type = types.port;
default = config.services.redis.port;
description = ''
Port that rspamd should use to contact redis. The default value is
read from <literal>config.services.redis.port<literal>.
'';
};
password = mkOption {
type = types.nullOr types.str;
default = config.services.redis.requirePass;
description = ''
Password that rspamd should use to contact redis, or null if not
required. The default value is read from
<literal>config.services.redis.requirePass<literal>.
'';
};
};
rewriteMessageId = mkOption { rewriteMessageId = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;

17
mail-server/rspamd.nix
View file

@ -32,6 +32,16 @@ in
"milter_headers.conf" = { text = '' "milter_headers.conf" = { text = ''
extended_spam_headers = yes; extended_spam_headers = yes;
''; }; ''; };
"redis.conf" = { text = ''
servers = "${cfg.redis.address}:${toString cfg.redis.port}";
'' + (lib.optionalString (cfg.redis.password != null) ''
password = "${cfg.redis.password}";
''); };
"classifier-bayes.conf" = { text = ''
cache {
backend = "redis";
}
''; };
"antivirus.conf" = lib.mkIf cfg.virusScanning { text = '' "antivirus.conf" = lib.mkIf cfg.virusScanning { text = ''
clamav { clamav {
action = "reject"; action = "reject";
@ -80,9 +90,12 @@ in
}; };
}; };
services.redis.enable = true;
systemd.services.rspamd = { systemd.services.rspamd = {
requires = (lib.optional cfg.virusScanning "clamav-daemon.service"); requires = [ "redis.service" ] ++ (lib.optional cfg.virusScanning "clamav-daemon.service");
after = (lib.optional cfg.virusScanning "clamav-daemon.service"); after = [ "redis.service" ] ++ (lib.optional cfg.virusScanning "clamav-daemon.service");
}; };
systemd.services.postfix = { systemd.services.postfix = {