Compare commits

...

3 commits

Author SHA1 Message Date
f
8d1026e3a8 feat: enable dkim signing
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2023-01-07 15:45:42 -03:00
f
b40a0bf24e BREAKING CHANGE: set the password during deploy 2023-01-07 15:45:23 -03:00
f
112c920990 refactor: export config files
why does rspamd have so many config files?
2023-01-07 15:44:49 -03:00
10 changed files with 28 additions and 32 deletions

View file

@ -16,35 +16,14 @@ RUN install -dm 755 /etc/rspamd/local.d
RUN install -dm 750 -o rspamd -g rspamd /var/lib/rspamd RUN install -dm 750 -o rspamd -g rspamd /var/lib/rspamd
RUN install -dm 750 -o redis -g redis /var/lib/redis RUN install -dm 750 -o redis -g redis /var/lib/redis
# TODO: Deprecate OpenDKIM, but it allow us to keep signing even if COPY ./dkim_signing.conf /etc/rspamd/local.d/dkim_signing.conf
# Rspamd is down. COPY ./redis.conf /etc/rspamd/local.d/redis.conf
RUN echo "enabled = false;" >> /etc/rspamd/local.d/dkim_signing.conf COPY ./worker-proxy.inc /etc/rspamd/local.d/worker-proxy.inc
COPY ./worker-normal.inc /etc/rspamd/local.d/worker-normal.inc
# Redis COPY ./worker-controller.inc /etc/rspamd/local.d/worker-controller.inc
RUN echo "write_servers = \"localhost\";" >> /etc/rspamd/local.d/redis.conf COPY ./options.inc /etc/rspamd/local.d/options.inc
RUN echo "read_servers = \"localhost\";" >> /etc/rspamd/local.d/redis.conf COPY ./logging.inc /etc/rspamd/local.d/logging.inc
COPY ./classifier-bayes.conf /etc/rspamd/local.d/classifier-bayes.conf
# Workers
RUN echo "bind_socket = \"*:11332\";" >> /etc/rspamd/local.d/worker-proxy.inc
RUN echo "bind_socket = \"*:11333\";" >> /etc/rspamd/local.d/worker-normal.inc
RUN echo "bind_socket = \"*:11334\";" >> /etc/rspamd/local.d/worker-controller.inc
# We don't really care about the password...
RUN echo "password = \"`rspamadm pw -p '12345678'`\";" >> /etc/rspamd/local.d/worker-controller.inc
# Options
# Rspamd doesn't seem to write a pid file and upstream not really
# helpful about it: https://github.com/rspamd/rspamd/issues/3096
# RUN echo "pid_file = \"/tmp/rspamd.pid\";" >> /etc/rspamd/local.d/options.inc
RUN echo "local_addrs = \"/etc/rspamd/local.d/maps.d/local_addrs\";" >> /etc/rspamd/local.d/options.inc
# Logging
RUN echo "type = \"syslog\";" >> /etc/rspamd/local.d/logging.inc
RUN echo "facility = \"daemon\";" >> /etc/rspamd/local.d/logging.inc
# Learn spam
RUN echo "servers = \"localhost\";" >> /etc/rspamd/local.d/classifier-bayes.conf
RUN echo "autolearn = [-5,5];" >> /etc/rspamd/local.d/classifier-bayes.conf
COPY ./local_addrs /etc/rspamd/local.d/maps.d/local_addrs COPY ./local_addrs /etc/rspamd/local.d/maps.d/local_addrs
COPY ./monit.conf /etc/monit.d/rspamd.conf COPY ./monit.conf /etc/monit.d/rspamd.conf

2
classifier-bayes.conf Normal file
View file

@ -0,0 +1,2 @@
servers = "localhost";
autolearn = [-5,5];

4
dkim_signing.conf Normal file
View file

@ -0,0 +1,4 @@
sign_local = true;
selector = "dkim";
path = "/etc/opendkim/dkim.private";
sign_networks = "/etc/rspamd/local.d/maps.d/local_addrs";

View file

@ -1,2 +1,2 @@
172.19.0.0/24 10.13.12.0/24
fd00:acab::/32 fd00:acab::/32

2
logging.inc Normal file
View file

@ -0,0 +1,2 @@
type = "syslog";
facility = "daemon";

4
options.inc Normal file
View file

@ -0,0 +1,4 @@
# Rspamd doesn't seem to write a pid file and upstream not really
# helpful about it: https://github.com/rspamd/rspamd/issues/3096
# "pid_file = "/tmp/rspamd.pid";
local_addrs = "/etc/rspamd/local.d/maps.d/local_addrs";

2
redis.conf Normal file
View file

@ -0,0 +1,2 @@
write_servers = "localhost";
read_servers = "localhost";

1
worker-controller.inc Normal file
View file

@ -0,0 +1 @@
bind_socket = "*:11334";

1
worker-normal.inc Normal file
View file

@ -0,0 +1 @@
bind_socket = "*:11333";

1
worker-proxy.inc Normal file
View file

@ -0,0 +1 @@
bind_socket = "*:11332";