diff options
| author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-20 09:25:02 -0500 |
|---|---|---|
| committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-20 09:25:02 -0500 |
| commit | 9c7683dd4503347fd653499cb51b3d2ccbeba945 (patch) | |
| tree | 783d908c0dc2bcebfe2aa09adcbb4b3b286bbdb6 /roles/rspamd | |
| parent | 65c5a6e081ce7174ecd36c89329aa77e7dd77a0b (diff) | |
| download | selfhosted-9c7683dd4503347fd653499cb51b3d2ccbeba945.tar.gz selfhosted-9c7683dd4503347fd653499cb51b3d2ccbeba945.zip | |
rspamd: add docs
Diffstat (limited to 'roles/rspamd')
| -rw-r--r-- | roles/rspamd/README.md | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/roles/rspamd/README.md b/roles/rspamd/README.md new file mode 100644 index 0000000..2a6bb0e --- /dev/null +++ b/roles/rspamd/README.md @@ -0,0 +1,65 @@ +Rspamd +====== + +Description +----------- + +The `rspamd` role installs and configures [Rspamd](https://rspamd.com/), which +is used by [Postfix](../postfix_server/) for spam filtering and DKIM message +signing. + +Variables +--------- + +This role **accepts** the following variables: + +Variable | Default | Description +------------------------------|---------------------------------|------------ +`rspamd_milter_port` | 11332 | Listening port for milter service +`rspamd_milter_process_count` | `{{ ansible_processor_vcpus }}` | Number of milter processes to run +`rspamd_controller_port` | 11334 | Listening port for controller / web GUI +`rspamd_redis_port` | 6379 | Local Redis port +`rspamd_redis_bayes_port` | 6380 | Local Redis port for Bayes classifier data +`rspamd_redis_max_memory` | `512mb` | Maximum memory usage for each Redis instance +`rspamd_admin_group` | `role-rspamd-admin` | FreeIPA group for users allowed to access web interface (will be created) +`rspamd_dkim_keys` | `{}` | Dictionary mapping domain names to DKIM signing keys +`rspamd_dkim_selector` | `dkim` | Name of DKIM selector in DNS +`rspamd_domain_whitelist` | `[]` | List of sender domains to _never_ mark as spam + + +This role **exports** the following variables: + +Variable | Description +-----------------------|------------ +`rspamd_archive_shell` | Shell command to generate backup tarball of redis databases +`rspamd_apache_config` | Apache config block for reverse proxy + +Usage +----- + +Example playbook: + +````yaml +- name: configure rspamd + hosts: rspamd_servers + roles: + - role: rspamd + vars: + rspamd_domain_whitelist: + - badly-configured-domain.com + - never-mark-me-as-spam.com + rspamd_dkim_keys: + example.com: | + -----BEGIN RSA PRIVATE KEY----- + AAAAAAAAAAAAAAAAchangeme + -----END RSA PRIVATE KEY----- + example.net: | + -----BEGIN RSA PRIVATE KEY----- + AAAAAAAAAAAAAAAAchangeme + -----END RSA PRIVATE KEY----- + + - role: apache_vhost + vars: + apache_default_vhost: yes + apache_config: '{{ rspamd_apache_config }}' +```` |