rancher-charts/charts/rspamd/v0.1.0/templates/locald-configmap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "rspamd.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels: {{- include "rspamd.labels" . | nindent 4 }}
data:
  ratelimit.conf: |-
    rates {
      # Limit for all mail per recipient (default rate 70 per day)
      to = "{{ .Values.rspamd.rateLimits.to }}";
      # Limit for all mail per one source ip (default rate 150 per day)
      to_ip = "{{ .Values.rspamd.rateLimits.toIp }}";
      # Limit for all mail per one source ip and from address (default rate 100 per day)
      to_ip_from = "{{ .Values.rspamd.rateLimits.toIpFrom }}";
      # Limit for all bounce mail (rate 2 per hour)
      #bounce_to = "2 / 1h";
      # Limit for bounce mail per one source ip (rate 1 per hour)
      #bounce_to_ip = "1 / 1h";
      # Limit for all mail per authenticated user (default rate 100 per day)
      user = "{{ .Values.rspamd.rateLimits.user }}";
    }
    whitelisted_rcpts = "{{ .Values.rspamd.rateLimits.whitelisted.rcpts }}";
    whitelisted_ip = "/etc/rspamd/local.d/ratelimit_whitelist.map";
    max_rcpt = {{ .Values.rspamd.rateLimits.maxRcpt }};
  ratelimit_whitelist.map: |-
    {{- range .Values.rspamd.rateLimits.whitelisted.ips }}
      {{ . }}
    {{- end }}
  redis.conf: |-
    servers = "{{ printf "%s-%s" .Release.Name "redis-master" | trunc 63 | trimSuffix "-" }}";
    db = "3";
    password = "{{ .Values.redis.auth.password }}";
  worker-proxy.inc: |-
    milter = {{ .Values.rspamd.workerProxy.milter }}; 
    bind_socket = "*:{{ .Values.service.ports.milter }}";
    timeout = {{ .Values.rspamd.workerProxy.timeout }};
    upstream "local" {
      default = yes; # Self-scan upstreams are always default
      self_scan = yes; # Enable self-scan
    }
    count = {{ .Values.rspamd.workerProxy.count }}; # Spawn more processes in self-scan mode
    max_retries = {{ .Values.rspamd.workerProxy.maxRetries }}; # How many times master is queried in case of failure
    discard_on_reject = {{ .Values.rspamd.workerProxy.discardOnReject }}; # Discard message instead of rejection
    quarantine_on_reject = {{ .Values.rspamd.workerProxy.quarantineOnReject }}; # Tell MTA to quarantine rejected messages
    spam_header = "{{ .Values.rspamd.workerProxy.spamHeader }}"; # Use the specific spam header
    reject_message = "{{ .Values.rspamd.workerProxy.rejectMessage }}"; # Use custom rejection message
  worker-normal.inc: |-
    {{ if eq .Values.rspamd.workerProxy.milter "yes" -}}
    # Disable worker-normal in Milter mode
    worker "normal" {
      enabled = false;
    }
    {{- end }}
  worker-controller.inc: |-
    secure_ip = "127.0.0.1";
    password = "{{ .Values.rspamd.password }}";
    enable_password = "{{ .Values.rspamd.password }}";
  dkim_signing.conf: |-
    {{- range $key, $value := .Values.rspamd.dkimSigning }}
    {{ if or (eq $value "true") (eq $value "false") -}}
    {{ $key }} = {{ $value }};
    {{- else -}}
    {{ $key }} = "{{ $value }}";
    {{- end -}}
    {{- end }}
  milter_headers.conf: |-
    extended_spam_headers = {{ .Values.rspamd.milter.headers.extended_spam_headers }};
    skip_local = {{ .Values.rspamd.milter.headers.skip_local }};
    skip_authenticated = {{ .Values.rspamd.milter.headers.skip_authenticated }};
  classifier-bayes.conf: |-
    backend = "redis";
    servers = "{{ printf "%s-%s" .Release.Name "redis-master" | trunc 63 | trimSuffix "-" }}:6379";
    password = "{{ .Values.redis.auth.password }}";
    autolearn = true
  actions.conf: |-
    reject = {{ .Values.rspamd.actions.reject }}; # Reject when reaching this score
    add_header = {{ .Values.rspamd.actions.add_header }}; # Add header when reaching this score
    greylist = {{ .Values.rspamd.actions.greylist }}; # Apply greylisting when reaching this score (will emit `soft reject action`)
  antivirus.conf: |-
    clamav {
      {{- range $key, $value := .Values.rspamd.antivirus.clamav }}
      {{ if or (eq $value "true") (eq $value "false") -}}
      {{ $key }} = {{ $value }};
      {{- else -}}
      {{ $key }} = "{{ $value }}";
      {{- end -}}
      {{- end }}
    }
Added config templates and configured redis 2 years ago			`apiVersion: v1`
			`kind: ConfigMap`
			`metadata:`
			`name: {{ include "rspamd.fullname" . }}`
			`namespace: {{ .Release.Namespace \| quote }}`
			`labels: {{- include "rspamd.labels" . \| nindent 4 }}`
			`data:`
			`ratelimit.conf: \|-`
			`rates {`
			`# Limit for all mail per recipient (default rate 70 per day)`
			`to = "{{ .Values.rspamd.rateLimits.to }}";`
			`# Limit for all mail per one source ip (default rate 150 per day)`
			`to_ip = "{{ .Values.rspamd.rateLimits.toIp }}";`
			`# Limit for all mail per one source ip and from address (default rate 100 per day)`
			`to_ip_from = "{{ .Values.rspamd.rateLimits.toIpFrom }}";`
			`# Limit for all bounce mail (rate 2 per hour)`
			`#bounce_to = "2 / 1h";`
			`# Limit for bounce mail per one source ip (rate 1 per hour)`
			`#bounce_to_ip = "1 / 1h";`
			`# Limit for all mail per authenticated user (default rate 100 per day)`
			`user = "{{ .Values.rspamd.rateLimits.user }}";`
			`}`
			`whitelisted_rcpts = "{{ .Values.rspamd.rateLimits.whitelisted.rcpts }}";`
			`whitelisted_ip = "/etc/rspamd/local.d/ratelimit_whitelist.map";`
			`max_rcpt = {{ .Values.rspamd.rateLimits.maxRcpt }};`
			`ratelimit_whitelist.map: \|-`
			`{{- range .Values.rspamd.rateLimits.whitelisted.ips }}`
			`{{ . }}`
			`{{- end }}`
			`redis.conf: \|-`
			`servers = "{{ printf "%s-%s" .Release.Name "redis-master" \| trunc 63 \| trimSuffix "-" }}";`
			`db = "3";`
			`password = "{{ .Values.redis.auth.password }}";`
			`worker-proxy.inc: \|-`
			`milter = {{ .Values.rspamd.workerProxy.milter }};`
Fix issue with rspamd milter port 2 years ago			`bind_socket = "*:{{ .Values.service.ports.milter }}";`
Added config templates and configured redis 2 years ago			`timeout = {{ .Values.rspamd.workerProxy.timeout }};`
			`upstream "local" {`
			`default = yes; # Self-scan upstreams are always default`
			`self_scan = yes; # Enable self-scan`
			`}`
			`count = {{ .Values.rspamd.workerProxy.count }}; # Spawn more processes in self-scan mode`
			`max_retries = {{ .Values.rspamd.workerProxy.maxRetries }}; # How many times master is queried in case of failure`
			`discard_on_reject = {{ .Values.rspamd.workerProxy.discardOnReject }}; # Discard message instead of rejection`
			`quarantine_on_reject = {{ .Values.rspamd.workerProxy.quarantineOnReject }}; # Tell MTA to quarantine rejected messages`
			`spam_header = "{{ .Values.rspamd.workerProxy.spamHeader }}"; # Use the specific spam header`
			`reject_message = "{{ .Values.rspamd.workerProxy.rejectMessage }}"; # Use custom rejection message`
			`worker-normal.inc: \|-`
Only disable worker-normal in milter mode 2 years ago			`{{ if eq .Values.rspamd.workerProxy.milter "yes" -}}`
Added config templates and configured redis 2 years ago			`# Disable worker-normal in Milter mode`
			`worker "normal" {`
			`enabled = false;`
Only disable worker-normal in milter mode 2 years ago			`}`
Fix issue with rspamd configmap 2 years ago			`{{- end }}`
Added worker-controller.inc to configmap 2 years ago			`worker-controller.inc: \|-`
			`secure_ip = "127.0.0.1";`
			`password = "{{ .Values.rspamd.password }}";`
Added config file for dkim signing 2 years ago			`enable_password = "{{ .Values.rspamd.password }}";`
			`dkim_signing.conf: \|-`
dkim_signing file is already included in its section 2 years ago			`{{- range $key, $value := .Values.rspamd.dkimSigning }}`
			`{{ if or (eq $value "true") (eq $value "false") -}}`
			`{{ $key }} = {{ $value }};`
			`{{- else -}}`
			`{{ $key }} = "{{ $value }}";`
			`{{- end -}}`
Added milter header configuration 2 years ago			`{{- end }}`
			`milter_headers.conf: \|-`
			`extended_spam_headers = {{ .Values.rspamd.milter.headers.extended_spam_headers }};`
			`skip_local = {{ .Values.rspamd.milter.headers.skip_local }};`
Enabled autolearn and redis conf for bayes 2 years ago			`skip_authenticated = {{ .Values.rspamd.milter.headers.skip_authenticated }};`
			`classifier-bayes.conf: \|-`
			`backend = "redis";`
			`servers = "{{ printf "%s-%s" .Release.Name "redis-master" \| trunc 63 \| trimSuffix "-" }}:6379";`
			`password = "{{ .Values.redis.auth.password }}";`
Customize spam action thresholds 2 years ago			`autolearn = true`
			`actions.conf: \|-`
			`reject = {{ .Values.rspamd.actions.reject }}; # Reject when reaching this score`
			`add_header = {{ .Values.rspamd.actions.add_header }}; # Add header when reaching this score`
Add section to configure clamav antivirus 2 years ago			greylist = {{ .Values.rspamd.actions.greylist }}; # Apply greylisting when reaching this score (will emit `soft reject action`)
			`antivirus.conf: \|-`
			`clamav {`
			`{{- range $key, $value := .Values.rspamd.antivirus.clamav }}`
			`{{ if or (eq $value "true") (eq $value "false") -}}`
			`{{ $key }} = {{ $value }};`
			`{{- else -}}`
			`{{ $key }} = "{{ $value }}";`
			`{{- end -}}`
			`{{- end }}`
			`}`