inherit (lib) types;
inherit (pkgs.lib) unlinesAttrs;
inherit (config.security) gnupg;
- inherit (config.services) postfix rspamd dovecot2 redis;
+ inherit (config.services) postfix rspamd dovecot2;
+ redis = config.services.redis.servers.rspamd;
inherit (config.users) users groups;
in
{
};
};
config = {
-users.users."${rspamd.user}".extraGroups = [
- users.redis.group
- groups."keys".name
-];
+users.groups.redis-rspamd.members = [ rspamd.user ];
+users.groups.keys.members = [ rspamd.user ];
services.rspamd = {
enable = true;
debug = false;
wants = [ gnupg.secrets."rspamd/controller/hashedPassword".service ];
after = [ gnupg.secrets."rspamd/controller/hashedPassword".service ];
};
+
+fileSystems."/var/lib/redis-rspamd" = {
+ device = "rpool/var/redis-rspamd";
+ fsType = "zfs";
+};
+services.sanoid.datasets."rpool/var/redis-rspamd" = {
+ use_template = [ "snap" ];
+ hourly = 0;
+ daily = 7;
+ monthly = 0;
+ yearly = 0;
+};
+
+services.redis.vmOverCommit = true;
+services.redis.servers.rspamd = {
+ enable = true;
+ databases = 16;
+ syslog = true;
+ save = [ [1800 100] [300 1000] ];
+ #unixSocketPerm = "660";
+ settings = {
+ maxmemory = "512MB";
+ maxmemory-policy = "volatile-ttl";
+ };
+};
/*
services.postfix.extraConfig = ''
smtpd_milters = unix:/run/rspamd.sock