public
/
mail-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Just forget about the Redis password

This commit is contained in:
niten 2023-10-16 09:31:33 -07:00
parent f3765d0401
commit 2a1bc560e1
2 changed files with 2 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
mail-server.nix
View File

@ -254,10 +254,6 @@ in {
];
virtualisation.arion.projects.mail-server.settings = let
redisPasswdFile =
pkgs.lib.passwd.stablerandom-passwd-file "mail-server-redis-passwd"
config.instance.build-seed;
image = { pkgs, ... }: {
project.name = "mail-server";
networks = {
@ -439,7 +435,6 @@ in {
host = "antivirus";
port = antivirusPort;
};
redis.password = readFile redisPasswdFile;
};
};
};
@ -495,10 +490,7 @@ in {
};
redis = {
service = {
volumes = [
"${cfg.state-directory}/redis:/var/lib/redis"
"${redisPasswdFile}:/run/redis/passwd"
];
volumes = [ "${cfg.state-directory}/redis:/var/lib/redis" ];
networks = [ "redis_network" ];
};
nixos = {
@ -512,7 +504,6 @@ in {
# null -> all
bind = null;
port = redisPort;
requirePassFile = "/run/redis/passwd";
};
};
};

13
rspamd.nix
View File

@ -48,11 +48,6 @@ in {
type = port;
default = 6379;
};
password = mkOption {
type = str;
description = "Password with which to connect to Redis.";
};
};
};
@ -100,10 +95,9 @@ in {
}
'';
"dmark.conf".text = ''
"dmarc.conf".text = ''
dmarc = {
servers = "${cfg.redis.host}:${toString cfg.redis.port}";
password = "${cfg.redis.password}";
}
'';
@ -111,7 +105,6 @@ in {
enabled = true;
servers = "${cfg.redis.host}:${toString cfg.redis.port}";
password = "${cfg.redis.password}";
timeout = 10.0;
@ -128,7 +121,6 @@ in {
}
backend "redis" {
servers = "${cfg.redis.host}:${toString cfg.redis.port}";
password = "${cfg.redis.password}";
}
symbol = "IP_REPUTATION";
@ -138,7 +130,6 @@ in {
}
backend "redis" {
servers = "${cfg.redis.host}:${toString cfg.redis.port}";
password = "${cfg.redis.password}";
}
symbol = "SPF_REPUTATION";
@ -148,7 +139,6 @@ in {
}
backend "redis" {
servers = "${cfg.redis.host}:${toString cfg.redis.port}";
password = "${cfg.redis.password}";
}
symbol = "DKIM_REPUTATION"; # Also adjusts scores for DKIM_ALLOW, DKIM_REJECT
@ -159,7 +149,6 @@ in {
}
backend "redis" {
servers = "${cfg.redis.host}:${toString cfg.redis.port}";
password = "${cfg.redis.password}";
}
symbol = "GENERIC_REPUTATION";