From 575d43acbd6f71864f759fb2732b7bf58520bacc Mon Sep 17 00:00:00 2001
From: jedi <git@m.j3d1.de>
Date: Sat, 22 Jun 2024 19:51:16 +0200
Subject: [PATCH] add rspamd spamfilter to ansible

---
 deploy/ansible/playbooks/deploy-c3lf-sys3.yml  | 18 +++++++++++++++++-
 .../playbooks/templates/c3lf-sys3.service.j2   |  2 ++
 .../ansible/playbooks/templates/postfix.cf.j2  |  3 +++
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/deploy/ansible/playbooks/deploy-c3lf-sys3.yml b/deploy/ansible/playbooks/deploy-c3lf-sys3.yml
index dd51581..544b4e4 100644
--- a/deploy/ansible/playbooks/deploy-c3lf-sys3.yml
+++ b/deploy/ansible/playbooks/deploy-c3lf-sys3.yml
@@ -11,6 +11,11 @@
         name: postfix
         state: restarted
 
+    - name: restart rspamd
+      service:
+        name: rspamd
+        state: restarted
+
     - name: restart mariadb
       service:
         name: mariadb
@@ -51,7 +56,7 @@
 
     - name: Check if a reboot is needed for debian
       register: reboot_required_file
-      stat: path=/var/run/reboot-required get_md5=no
+      stat: path=/var/run/reboot-required get_checksum=no
 
     - name: Reboot the Debian or Ubuntu server
       reboot:
@@ -82,6 +87,7 @@
           - default-libmysqlclient-dev
           - build-essential
           - postfix
+          - rspamd
           - git
           - pkg-config
           - npm
@@ -339,6 +345,16 @@
       notify:
         - restart postfix
 
+    - name: configure rspamd
+      copy:
+        content: |
+          write_servers = "localhost";
+          read_servers = "localhost";
+        dest: /etc/rspamd/local.d/redis.conf
+      notify:
+        - restart rspamd
+
+
     - name: UFW allow smtp
       ufw:
         rule: allow
diff --git a/deploy/ansible/playbooks/templates/c3lf-sys3.service.j2 b/deploy/ansible/playbooks/templates/c3lf-sys3.service.j2
index e91e456..515a82d 100644
--- a/deploy/ansible/playbooks/templates/c3lf-sys3.service.j2
+++ b/deploy/ansible/playbooks/templates/c3lf-sys3.service.j2
@@ -11,6 +11,8 @@ Restart=always
 RestartSec=5
 User=www-data
 Group=www-data
+StandardOutput=append:/var/www/c3lf-sys3/service.info.log
+StandardError=append:/var/www/c3lf-sys3/service.error.log
 
 [Install]
 WantedBy=multi-user.target
\ No newline at end of file
diff --git a/deploy/ansible/playbooks/templates/postfix.cf.j2 b/deploy/ansible/playbooks/templates/postfix.cf.j2
index 0081825..f80d69b 100644
--- a/deploy/ansible/playbooks/templates/postfix.cf.j2
+++ b/deploy/ansible/playbooks/templates/postfix.cf.j2
@@ -48,3 +48,6 @@ maillog_file = /var/log/mail.log
 
 virtual_mailbox_domains = {{ mail_domain }}
 virtual_transport=c3lf-sys3:unix:/var/www/c3lf-sys3/lmtp.sock
+
+smtpd_milters = inet:localhost:11332
+milter_default_action = accept
\ No newline at end of file