rspam needs SYS_ADMIN to use DynamicUser

2023-09-24 12:19:13 -07:00 · 2023-09-24 12:19:13 -07:00 · 39482d7ee1
parent 1730fc8bd5
commit 39482d7ee1
3 changed files with 8 additions and 5 deletions
--- a/dovecot.nix
+++ b/dovecot.nix
@ -2,6 +2,8 @@

 with lib;
 let
+  cfg = config.fudo.mail.dovecot;
+
  sievePath = let
    isRegularFile = _: type: type == "regular";
    sieves = filter isRegularFile (builtins.readDir ./sieves);
--- a/mail-server.nix
+++ b/mail-server.nix
@ -342,6 +342,7 @@ in {
              ];
              user = mkUserMap "mailserver-antivirus";
              volumes = [ "${cfg.state-directory}/antivirus:/state" ];
+              capabilities.SYS_ADMIN = true;
            };
            nixos = {
              useSystemd = true;
--- a/rspamd.nix
+++ b/rspamd.nix
@ -63,11 +63,11 @@ in {
          }
        '';

-        "rbl.conf".text = ''
-          rbls {
-            an_rbl
-          }
-        '';
+        # "rbl.conf".text = ''
+        #   rbls {
+        #     an_rbl
+        #   }
+        # '';
      };

      overrides."milter_headers.conf".text = "extended_spam_headers = true;";