containers-rspamd/Dockerfile

ARG ALPINE_VERSION=3.13.6
ARG BASE_IMAGE=sutty/monit
FROM ${BASE_IMAGE}:${ALPINE_VERSION}
MAINTAINER "f <f@sutty.nl>"

RUN apk add --no-cache redis

COPY ./monit.conf /etc/monit.d/redis.conf

RUN sed -re "/^bind /d" -i /etc/redis.conf
RUN sed -re "/^protected-mode /d" -i /etc/redis.conf
RUN sed -re "/^logfile /d" -i /etc/redis.conf
RUN sed -re "s/^# (syslog-enabled).*/\1 yes/" -i /etc/redis.conf
RUN sed -re "s/^(appendonly).*/\1 yes/" -i /etc/redis.conf
RUN echo "pidfile /run/redis/redis.pid" >> /etc/redis.conf
RUN echo "daemonize yes" >> /etc/redis.conf
RUN echo "protected-mode no" >> /etc/redis.conf
RUN echo "maxmemory 50mb" >> /etc/redis.conf
RUN echo "maxmemory-policy volatile-ttl" >> /etc/redis.conf
RUN echo "bind 127.0.0.1 ::1" >> /etc/redis.conf
RUN sed -re "s/^(dir).*/\1 \/var\/lib\/rspamd-redis/" -i /etc/redis.conf

RUN apk add --no-cache rspamd rspamd-client rspamd-proxy rspamd-controller
RUN install -dm 755 /etc/rspamd/local.d
RUN install -dm 750 -o rspamd -g rspamd /var/lib/rspamd
RUN install -dm 750 -o redis -g redis /var/lib/rspamd-redis

# TODO: Deprecate OpenDKIM
RUN echo "enabled = false;" >> /etc/rspamd/local.d/dkim_signing.conf

# Redis
RUN echo "write_servers = \"localhost\";" >> /etc/rspamd/local.d/redis.conf
RUN echo "read_servers = \"localhost\";" >> /etc/rspamd/local.d/redis.conf

# Workers
RUN echo "bind_socket = \"*:11332\";" >> /etc/rspamd/local.d/worker-proxy.inc
RUN echo "bind_socket = \"*:11333\";" >> /etc/rspamd/local.d/worker-normal.inc
RUN echo "bind_socket = \"*:11334\";" >> /etc/rspamd/local.d/worker-controller.inc
# We don't really care about the password...
RUN echo "password = \"`rspamadm pw -p '12345678'`\";" >> /etc/rspamd/local.d/worker-controller.inc

# Options
# Rspamd doesn't seem to write a pid file and upstream not really
# helpful about it: https://github.com/rspamd/rspamd/issues/3096
# RUN echo "pid_file = \"/tmp/rspamd.pid\";" >> /etc/rspamd/local.d/options.inc
RUN echo "local_addrs = \"/etc/rspamd/local.d/maps.d/local_addrs\";" >> /etc/rspamd/local.d/options.inc

# Logging
RUN echo "type = \"syslog\";" >> /etc/rspamd/local.d/logging.inc
RUN echo "facility = \"daemon\";" >> /etc/rspamd/local.d/logging.inc

# Learn spam
RUN echo "servers = \"localhost\";" >> /etc/rspamd/local.d/classifier-bayes.conf
RUN echo "autolearn = [-5,5];" >> /etc/rspamd/local.d/classifier-bayes.conf

COPY ./local_addrs.sh /usr/local/bin/local_addrs
COPY ./rspamd.conf /etc/monit.d/rspamd.conf

EXPOSE 11332
EXPOSE 11333
EXPOSE 11334
VOLUME "/var/lib/rspamd-redis"
VOLUME "/var/lib/rspamd"
ci 2021-10-03 23:19:00 +00:00			`ARG ALPINE_VERSION=3.13.6`
			`ARG BASE_IMAGE=sutty/monit`
			`FROM ${BASE_IMAGE}:${ALPINE_VERSION}`
Esqueleto de contenedor 2019-09-10 23:10:18 +00:00			`MAINTAINER "f <f@sutty.nl>"`
redis 2019-09-10 23:23:34 +00:00
eviction policy and maxmemory we're low on resources so 50MB is the most we can give it 2020-05-11 15:09:13 +00:00			`RUN apk add --no-cache redis`
redis 2019-09-10 23:23:34 +00:00
			`COPY ./monit.conf /etc/monit.d/redis.conf`

			`RUN sed -re "/^bind /d" -i /etc/redis.conf`
			`RUN sed -re "/^protected-mode /d" -i /etc/redis.conf`
			`RUN sed -re "/^logfile /d" -i /etc/redis.conf`
			`RUN sed -re "s/^# (syslog-enabled).*/\1 yes/" -i /etc/redis.conf`
			`RUN sed -re "s/^(appendonly).*/\1 yes/" -i /etc/redis.conf`
			`RUN echo "pidfile /run/redis/redis.pid" >> /etc/redis.conf`
			`RUN echo "daemonize yes" >> /etc/redis.conf`
disable protected mode 2019-09-18 00:58:31 +00:00			`RUN echo "protected-mode no" >> /etc/redis.conf`
eviction policy and maxmemory we're low on resources so 50MB is the most we can give it 2020-05-11 15:09:13 +00:00			`RUN echo "maxmemory 50mb" >> /etc/redis.conf`
rspamd 2020-11-17 17:58:36 +00:00			`RUN echo "maxmemory-policy volatile-ttl" >> /etc/redis.conf`
			`RUN echo "bind 127.0.0.1 ::1" >> /etc/redis.conf`
			`RUN sed -re "s/^(dir).*/\1 \/var\/lib\/rspamd-redis/" -i /etc/redis.conf`
redis 2019-09-10 23:23:34 +00:00
rspamd 2020-11-17 17:58:36 +00:00			`RUN apk add --no-cache rspamd rspamd-client rspamd-proxy rspamd-controller`
			`RUN install -dm 755 /etc/rspamd/local.d`
			`RUN install -dm 750 -o rspamd -g rspamd /var/lib/rspamd`
			`RUN install -dm 750 -o redis -g redis /var/lib/rspamd-redis`

			`# TODO: Deprecate OpenDKIM`
			`RUN echo "enabled = false;" >> /etc/rspamd/local.d/dkim_signing.conf`

			`# Redis`
			`RUN echo "write_servers = \"localhost\";" >> /etc/rspamd/local.d/redis.conf`
			`RUN echo "read_servers = \"localhost\";" >> /etc/rspamd/local.d/redis.conf`

			`# Workers`
			`RUN echo "bind_socket = \"*:11332\";" >> /etc/rspamd/local.d/worker-proxy.inc`
			`RUN echo "bind_socket = \"*:11333\";" >> /etc/rspamd/local.d/worker-normal.inc`
			`RUN echo "bind_socket = \"*:11334\";" >> /etc/rspamd/local.d/worker-controller.inc`
			`# We don't really care about the password...`
			RUN echo "password = \"`rspamadm pw -p '12345678'`\";" >> /etc/rspamd/local.d/worker-controller.inc

			`# Options`
			`# Rspamd doesn't seem to write a pid file and upstream not really`
			`# helpful about it: https://github.com/rspamd/rspamd/issues/3096`
			`# RUN echo "pid_file = \"/tmp/rspamd.pid\";" >> /etc/rspamd/local.d/options.inc`
			`RUN echo "local_addrs = \"/etc/rspamd/local.d/maps.d/local_addrs\";" >> /etc/rspamd/local.d/options.inc`

			`# Logging`
			`RUN echo "type = \"syslog\";" >> /etc/rspamd/local.d/logging.inc`
			`RUN echo "facility = \"daemon\";" >> /etc/rspamd/local.d/logging.inc`

			`# Learn spam`
			`RUN echo "servers = \"localhost\";" >> /etc/rspamd/local.d/classifier-bayes.conf`
			`RUN echo "autolearn = [-5,5];" >> /etc/rspamd/local.d/classifier-bayes.conf`

			`COPY ./local_addrs.sh /usr/local/bin/local_addrs`
			`COPY ./rspamd.conf /etc/monit.d/rspamd.conf`

			`EXPOSE 11332`
			`EXPOSE 11333`
			`EXPOSE 11334`
			`VOLUME "/var/lib/rspamd-redis"`
			`VOLUME "/var/lib/rspamd"`