1014: Fixed hardcoded antispam and antivirus host addresses r=mergify[bot] a=ajgon
## What type of PR?
enchancement
## What does this PR do?
Adds configurable parameters `HOST_ANTISPAM` and `HOST_ANTIVIRUS` for `core/dovecot` and `services/rspamd`, instead of using hardcoded container names.
### Related issue(s)
- closes#978
Co-authored-by: Igor Rzegocki <igor@rzegocki.pl>
Co-authored-by: Tim Möhlmann <muhlemmer@gmail.com>
919: Install bash in alpine based images. r=mergify[bot] a=firvida
This fixes#918
Bash shell is used by default in Kubernetes' dashboard console, which is very
useful for admins.
## What type of PR?
bug-fix
## What does this PR do?
### Related issue(s)
- closes#918
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
Co-authored-by: Abel Alfonso Fírvida Donéstevez <abel@merchise.org>
907: Don't generate the clamav configuration if ANTIVIRUS is none. r=mergify[bot] a=mvaled
## What type of PR?
bug-fix
## What does this PR do?
Avoid rspamd to try to connect to clamav if you choose ANTIVIRUS="none". Otherwise the rspamd will try to connect to none, timing out several times and leading to poor performance.
I have a server without CLAMAV; and I'm getting times up to 45s:
```
$ grep 'CLAMAV' ~/downloads/logs-from-antispam-in-mailu-security-5d75fb987-kv958.txt | grep -o 'time: [^m]*'
time: 45011.089
time: 45126.002
time: 45002.024
time: 45037.436
time: 45006.775
...
```
Mails for which clamav is not used range from a tens of miliseconds to a few hundred.
## Prerequistes
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: place entry in the [changelog](CHANGELOG.md), under the latest un-released version.
Co-authored-by: Manuel Vázquez Acosta <manuel@merchise.org>
In the process we found that the previous way of tenacity syntax caused it not to honor any args.
In this commit we've refactored to use the @decorator syntax, in which tenacity seems to behave better.
This will make network configuration and host based authentication
more robust, across different deployment platforms.
The options `RELAYNETS` and`POD_ADDRESS_RANGE` are kept for compatibility.
However, their usage have become optional.
In Docker Swarm mode the services listed below can get stuck in their start script, while they
are waiting for other services become available. Now, with HEALTHCHECK enabled, docker does not resolve
names of services that not pass HEALTHCHECK yet. Meaning that if one of the depenend services is not yet
available, it will create a chain of failing services.
The services below retry to resolve 100 time, with an average of 3.5 seconds. Hence, the --start-time
flag is now set at 350 seconds.
- dovecot (imap)
- postfix (smtp)
- rspamd (antispam)