[Rspamd] Place socket in _rspamd home and fix permissions

[Compose] Remove volume for Rspamd socket
[Web] Do not exit loop on fuzzy errors when learning a message as spam
master
André 2018-09-30 09:53:25 +02:00
parent 73b10350d0
commit 4396be2938
14 changed files with 31 additions and 33 deletions

View File

@ -3,7 +3,7 @@ FILE=/tmp/mail$$
cat > $FILE
trap "/bin/rm -f $FILE" 0 1 2 3 13 15
cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/learnham
cat ${FILE} | /usr/bin/curl -H "Flag: 13" -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/fuzzyadd
cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/learnham
cat ${FILE} | /usr/bin/curl -H "Flag: 13" -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/fuzzyadd
exit 0

View File

@ -3,7 +3,7 @@ FILE=/tmp/mail$$
cat > $FILE
trap "/bin/rm -f $FILE" 0 1 2 3 13 15
cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/learnspam
cat ${FILE} | /usr/bin/curl -H "Flag: 11" -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/fuzzyadd
cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/learnspam
cat ${FILE} | /usr/bin/curl -H "Flag: 11" -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/fuzzyadd
exit 0

View File

@ -3,7 +3,7 @@ FILE=/tmp/mail$$
cat > $FILE
trap "/bin/rm -f $FILE" 0 1 2 3 13 15
cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/learnham
cat ${FILE} | /usr/bin/curl -H "Flag: 13" -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/fuzzyadd
cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/learnham
cat ${FILE} | /usr/bin/curl -H "Flag: 13" -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/fuzzyadd
exit 0

View File

@ -3,7 +3,7 @@ FILE=/tmp/mail$$
cat > $FILE
trap "/bin/rm -f $FILE" 0 1 2 3 13 15
cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/learnspam
cat ${FILE} | /usr/bin/curl -H "Flag: 11" -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/fuzzyadd
cat ${FILE} | /usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/learnspam
cat ${FILE} | /usr/bin/curl -H "Flag: 11" -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/fuzzyadd
exit 0

View File

@ -1,6 +1,7 @@
#!/bin/bash
chown -R _rspamd:_rspamd /var/lib/rspamd
chmod 755 /var/lib/rspamd
[[ ! -f /etc/rspamd/override.d/worker-controller-password.inc ]] && echo '# Placeholder' > /etc/rspamd/override.d/worker-controller-password.inc
[[ ! -f /etc/rspamd/custom/sa-rules-heinlein ]] && echo '# to be auto-filled by dovecot-mailcow' > /etc/rspamd/custom/sa-rules-heinlein

View File

@ -226,7 +226,7 @@ rspamd_checks() {
while [ ${err_count} -lt ${THRESHOLD} ]; do
host_ip=$(get_container_ip rspamd-mailcow)
err_c_cur=${err_count}
SCORE=$(/usr/bin/curl -s --data-binary @- --unix-socket /rspamd-sock/rspamd.sock http://rspamd/scan -d '
SCORE=$(/usr/bin/curl -s --data-binary @- --unix-socket /var/lib/rspamd/rspamd.sock http://rspamd/scan -d '
To: null@localhost
From: watchdog@localhost

View File

@ -2,6 +2,6 @@ bind_socket = "*:11334";
count = 1;
secure_ip = "127.0.0.1";
secure_ip = "::1";
bind_socket = "/rspamd-sock/rspamd.sock mode=0666 owner=nobody";
bind_socket = "/var/lib/rspamd/rspamd.sock mode=0666 owner=nobody";
.include(try=true; priority=10) "$CONFDIR/override.d/worker-controller-password.inc"
.include(try=true; priority=20) "$CONFDIR/override.d/worker-controller.custom.inc"

View File

@ -1409,7 +1409,7 @@ function get_logs($container, $lines = false) {
}
if ($container == "rspamd-history") {
$curl = curl_init();
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
if (!is_numeric($lines)) {
list ($from, $to) = explode('-', $lines);
curl_setopt($curl, CURLOPT_URL,"http://rspamd/history?from=" . intval($from) . "&to=" . intval($to));

View File

@ -221,13 +221,13 @@ function quarantine($_action, $_data = null) {
continue;
}
$curl = curl_init();
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain'));
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain'));
curl_setopt($curl, CURLOPT_URL,"http://rspamd/learnspam");
curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']);
curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']);
$response = curl_exec($curl);
if (!curl_errno($curl)) {
$response = json_decode($response, true);
@ -243,23 +243,22 @@ function quarantine($_action, $_data = null) {
}
curl_close($curl);
$curl = curl_init();
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain', 'Flag: 11'));
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain', 'Flag: 11'));
curl_setopt($curl, CURLOPT_URL,"http://rspamd/fuzzyadd");
curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']);
curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']);
$response = curl_exec($curl);
if (!curl_errno($curl)) {
$response = json_decode($response, true);
if (isset($response['error'])) {
$_SESSION['return'][] = array(
'type' => 'danger',
'type' => 'warning',
'log' => array(__FUNCTION__),
'msg' => array('fuzzy_learn_error', $response['error'])
);
continue;
}
curl_close($curl);
try {
@ -279,7 +278,7 @@ function quarantine($_action, $_data = null) {
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__),
'msg' => 'qlearn_spam'
'msg' => array('qlearn_spam', $id)
);
continue;
}
@ -288,7 +287,7 @@ function quarantine($_action, $_data = null) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__),
'msg' => array('spam_learn_error', 'curl error ' . curl_errno($curl))
'msg' => array('spam_learn_error', 'Curl: ' . curl_strerror(curl_errno($curl)))
);
continue;
}
@ -301,12 +300,12 @@ function quarantine($_action, $_data = null) {
continue;
}
else {
curl_close($curl);
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__),
'msg' => array('spam_learn_error', 'curl error ' . curl_errno($curl))
'msg' => array('spam_learn_error', 'Curl: ' . curl_strerror(curl_errno($curl)))
);
curl_close($curl);
continue;
}
curl_close($curl);

View File

@ -164,7 +164,7 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
switch ($object) {
case "actions":
$curl = curl_init();
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/var/lib/rspamd/rspamd.sock');
curl_setopt($curl, CURLOPT_URL,"http://rspamd/stat");
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($curl);

View File

@ -618,7 +618,7 @@ $lang['quarantine']['subj'] = "Betreff";
$lang['quarantine']['text_plain_content'] = "Inhalt (text/plain)";
$lang['quarantine']['text_from_html_content'] = "Inhalt (html, konvertiert)";
$lang['quarantine']['atts'] = "Anhänge";
$lang['danger']['fuzzy_learn_error'] = "Fuzzy Lernfehler: %s";
$lang['warning']['fuzzy_learn_error'] = "Fuzzy Lernfehler: %s";
$lang['danger']['spam_learn_error'] = "Spam Lernfehler: %s";
$lang['success']['qlearn_spam'] = "Nachricht ID %s wurde als Spam gelernt und gelöscht";

View File

@ -631,7 +631,7 @@ $lang['quarantine']['subj'] = "Subject";
$lang['quarantine']['text_plain_content'] = "Content (text/plain)";
$lang['quarantine']['text_from_html_content'] = "Content (converted html)";
$lang['quarantine']['atts'] = "Attachments";
$lang['danger']['fuzzy_learn_error'] = "Fuzzy hash learn error: %s";
$lang['warning']['fuzzy_learn_error'] = "Fuzzy hash learn error: %s";
$lang['danger']['spam_learn_error'] = "Spam learn error: %s";
$lang['success']['qlearn_spam'] = "Message ID %s was learned as spam and deleted";

View File

@ -592,7 +592,7 @@ $lang['quarantine']['subj'] = "Onderwerp";
$lang['quarantine']['text_plain_content'] = "Inhoud (tekst)";
$lang['quarantine']['text_from_html_content'] = "Inhoud (geconverteerde html)";
$lang['quarantine']['atts'] = "Bijlagen";
$lang['danger']['fuzzy_learn_error'] = "Fuzzy hash training-fout: %s";
$lang['warning']['fuzzy_learn_error'] = "Fuzzy hash training-fout: %s";
$lang['danger']['spam_learn_error'] = "Spamtraining-fout: %s";
$lang['success']['qlearn_spam'] = "Bericht %s werd als spam geclassificeerd en is verwijderd";

View File

@ -84,7 +84,6 @@ services:
- ./data/conf/rspamd/override.d/:/etc/rspamd/override.d
- ./data/conf/rspamd/local.d/:/etc/rspamd/local.d
- ./data/conf/rspamd/lua/:/etc/rspamd/lua/:ro
- rspamd-sock:/rspamd-sock
- rspamd-vol-1:/var/lib/rspamd
restart: always
dns:
@ -104,7 +103,7 @@ services:
volumes:
- ./data/web:/web:rw
- ./data/conf/rspamd/dynmaps:/dynmaps:ro
- rspamd-sock:/rspamd-sock
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
- ./data/conf/rspamd/meta_exporter:/meta_exporter:ro
- ./data/conf/phpfpm/php-fpm.d/pools.conf:/usr/local/etc/php-fpm.d/z-pools.conf
@ -171,7 +170,7 @@ services:
- vmail-vol-1:/var/vmail
- crypt-vol-1:/mail_crypt/
- ./data/conf/rspamd/custom/:/etc/rspamd/custom
- rspamd-sock:/rspamd-sock
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
environment:
- LOG_LINES=${LOG_LINES:-9999}
@ -209,7 +208,7 @@ services:
- ./data/assets/ssl:/etc/ssl/mail/:ro
- postfix-vol-1:/var/spool/postfix
- crypt-vol-1:/var/lib/zeyple
- rspamd-sock:/rspamd-sock
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
environment:
- LOG_LINES=${LOG_LINES:-9999}
@ -343,7 +342,7 @@ services:
build: ./data/Dockerfiles/watchdog
oom_kill_disable: true
volumes:
- rspamd-sock:/rspamd-sock
- rspamd-vol-1:/var/lib/rspamd
- mysql-socket-vol-1:/var/run/mysqld/
restart: always
environment:
@ -406,4 +405,3 @@ volumes:
rspamd-vol-1:
postfix-vol-1:
crypt-vol-1:
rspamd-sock: