diff options
Diffstat (limited to 'examples')
-rw-r--r-- | examples/README.unsubscribe | 9 | ||||
-rwxr-xr-x | examples/grok-pull.post_update_hook.sh | 2 | ||||
-rw-r--r-- | examples/logrotate.conf | 4 | ||||
-rw-r--r-- | examples/nginx_proxy | 9 | ||||
-rw-r--r-- | examples/public-inbox-httpd@.service | 6 | ||||
-rw-r--r-- | examples/public-inbox-imapd@.service | 5 | ||||
-rw-r--r-- | examples/public-inbox-netd@.service | 8 | ||||
-rw-r--r-- | examples/public-inbox-nntpd@.service | 5 | ||||
-rw-r--r-- | examples/public-inbox-watch.service | 2 | ||||
-rw-r--r-- | examples/unsubscribe-milter@.service | 6 | ||||
-rw-r--r-- | examples/unsubscribe.milter | 38 | ||||
-rw-r--r-- | examples/varnish-4.vcl | 2 |
12 files changed, 76 insertions, 20 deletions
diff --git a/examples/README.unsubscribe b/examples/README.unsubscribe index 3e80e838..3b407960 100644 --- a/examples/README.unsubscribe +++ b/examples/README.unsubscribe @@ -3,10 +3,9 @@ Unsubscribe endpoints for mlmmj users (and possibly Mailman, too) * examples/unsubscribe.milter filters outgoing messages and appends an HTTPS URL to the List-Unsubscribe header. This List-Unsubscribe header should point to the PSGI - described below. - Currently, this is only active for a whitelist of test - addresses in /etc/unsubscribe-milter.whitelist - with one email address per line. + described below. You may edit the archive_addr sub + to disable List-Unsubscribe headers for well-known archiver + addresses to prevent saboteurs from stopping archival. * examples/unsubscribe.psgi is a PSGI which needs to run as the mlmmj user with permission to run mlmmj-unsub. @@ -36,5 +35,5 @@ in /etc/postfix/main.cf: # This is not needed for mlmmj since mlmmj uses SMTP: # non_smtpd_milters = local:/var/spool/postfix/unsubscribe/unsubscribe.sock -Copyright (C) 2016-2021 all contributors <meta@public-inbox.org> +Copyright (C) all contributors <meta@public-inbox.org> License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt> diff --git a/examples/grok-pull.post_update_hook.sh b/examples/grok-pull.post_update_hook.sh index 77489472..4d303c03 100755 --- a/examples/grok-pull.post_update_hook.sh +++ b/examples/grok-pull.post_update_hook.sh @@ -111,7 +111,7 @@ case $cfg_dir in "publicinbox.$inbox_name.infourl" "$url" done curl -sSfv "$remote_inbox_url"/description >"$inbox_dir"/description - echo "I: $inbox_name at $inbox_dir ($addresses) $local_url" + echo "# $inbox_name at $inbox_dir ($addresses) $local_url" ;; esac diff --git a/examples/logrotate.conf b/examples/logrotate.conf index 4ce08843..fad40cfc 100644 --- a/examples/logrotate.conf +++ b/examples/logrotate.conf @@ -18,7 +18,7 @@ # systemd users do not need PID files, # only signal the @1 process since the @2 is short-lived # For systemd users, assuming you use two services - systemctl kill -s SIGUSR1 public-inbox-httpd@1.service - systemctl kill -s SIGUSR1 public-inbox-nntpd@1.service + systemctl kill -s SIGUSR1 --kill-who=main \ + public-inbox-netd@1.service endscript } diff --git a/examples/nginx_proxy b/examples/nginx_proxy index d8d1e6df..754a4931 100644 --- a/examples/nginx_proxy +++ b/examples/nginx_proxy @@ -1,8 +1,14 @@ # Example NGINX configuration to proxy-pass requests -# to public-inbox-httpd or to a standalone PSGI/Plack server. +# to varnish, public-inbox-(httpd|netd) or any PSGI/Plack server. # The daemon is assumed to be running locally on port 8001. # Adjust ssl certificate paths if you use any, or remove # the ssl configuration directives if you don't. +# +# Note: public-inbox-httpd and -netd both support HTTPS, but they +# don't support caching which Varnish provides. The recommended +# setup is currently: +# +# (nginx|any-HTTPS-proxy) <-> varnish <-> public-inbox-(httpd|netd) server { server_name _; listen 80; @@ -14,6 +20,7 @@ server { proxy_set_header HOST $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; + proxy_buffering off; # lowers response latency proxy_pass http://127.0.0.1:8001$request_uri; } diff --git a/examples/public-inbox-httpd@.service b/examples/public-inbox-httpd@.service index 73731533..ca68fc7e 100644 --- a/examples/public-inbox-httpd@.service +++ b/examples/public-inbox-httpd@.service @@ -19,13 +19,13 @@ After = public-inbox-httpd.socket Environment = PI_CONFIG=/home/pi/.public-inbox/config \ PATH=/usr/local/bin:/usr/bin:/bin \ TZ=UTC \ +MALLOC_MMAP_THRESHOLD_=131072 \ PERL_INLINE_DIRECTORY=/tmp/.pub-inline LimitNOFILE = 30000 ExecStartPre = /bin/mkdir -p -m 1777 /tmp/.pub-inline ExecStart = /usr/local/bin/public-inbox-httpd \ -1 /var/log/public-inbox/httpd.out.log -StandardError = syslog # NonBlocking is REQUIRED to avoid a race condition if running # simultaneous services @@ -33,8 +33,8 @@ NonBlocking = true Sockets = public-inbox-httpd.socket KillSignal = SIGQUIT -User = nobody -Group = nogroup +User = news +Group = ssl-cert ExecReload = /bin/kill -HUP $MAINPID TimeoutStopSec = 86400 KillMode = process diff --git a/examples/public-inbox-imapd@.service b/examples/public-inbox-imapd@.service index 300019a8..1aede65d 100644 --- a/examples/public-inbox-imapd@.service +++ b/examples/public-inbox-imapd@.service @@ -16,6 +16,8 @@ After = public-inbox-imapd.socket [Service] Environment = PI_CONFIG=/home/pi/.public-inbox/config \ PATH=/usr/local/bin:/usr/bin:/bin \ +TZ=UTC \ +MALLOC_MMAP_THRESHOLD_=131072 \ PERL_INLINE_DIRECTORY=/tmp/.pub-inline LimitNOFILE = 30000 @@ -24,7 +26,6 @@ ExecStart = /usr/local/bin/public-inbox-imapd -W0 \ -1 /var/log/public-inbox/imapd.out.log \ --cert /etc/ssl/certs/news.example.com.pem \ --key /etc/ssl/private/news.example.com.key -StandardError = syslog # NonBlocking is REQUIRED to avoid a race condition if running # simultaneous services @@ -33,7 +34,7 @@ NonBlocking = true Sockets = public-inbox-imapd.socket KillSignal = SIGQUIT -User = nobody +User = news Group = ssl-cert ExecReload = /bin/kill -HUP $MAINPID TimeoutStopSec = 86400 diff --git a/examples/public-inbox-netd@.service b/examples/public-inbox-netd@.service index de5feea6..2e8797ed 100644 --- a/examples/public-inbox-netd@.service +++ b/examples/public-inbox-netd@.service @@ -12,9 +12,17 @@ Wants = public-inbox-netd.socket After = public-inbox-netd.socket [Service] + +# Setting MALLOC_MMAP_THRESHOLD_=131072 reduces fragmentation by +# disabling the sliding mmap window in glibc malloc. For 64-bit systems, +# LD_PRELOAD for libjemalloc may be added here, instead. jemalloc is more +# resistant to fragmentation in long-lived daemons than unconfigured glibc +# malloc on systems with large VM space. 32-bit systems may be better +# off sticking with glibc and MALLOC_MMAP_THRESHOLD_. Environment = PI_CONFIG=/home/pi/.public-inbox/config \ PATH=/usr/local/bin:/usr/bin:/bin \ TZ=UTC \ +MALLOC_MMAP_THRESHOLD_=131072 \ PERL_INLINE_DIRECTORY=/tmp/.netd-inline LimitNOFILE = 30000 diff --git a/examples/public-inbox-nntpd@.service b/examples/public-inbox-nntpd@.service index 56e1cc8f..556cb76f 100644 --- a/examples/public-inbox-nntpd@.service +++ b/examples/public-inbox-nntpd@.service @@ -16,6 +16,8 @@ After = public-inbox-nntpd.socket [Service] Environment = PI_CONFIG=/home/pi/.public-inbox/config \ PATH=/usr/local/bin:/usr/bin:/bin \ +TZ=UTC \ +MALLOC_MMAP_THRESHOLD_=131072 \ PERL_INLINE_DIRECTORY=/tmp/.pub-inline LimitNOFILE = 30000 @@ -24,7 +26,6 @@ ExecStart = /usr/local/bin/public-inbox-nntpd \ -1 /var/log/public-inbox/nntpd.out.log \ --cert /etc/ssl/certs/news.example.com.pem \ --key /etc/ssl/private/news.example.com.key -StandardError = syslog # NonBlocking is REQUIRED to avoid a race condition if running # simultaneous services @@ -33,7 +34,7 @@ NonBlocking = true Sockets = public-inbox-nntpd.socket KillSignal = SIGQUIT -User = nobody +User = news Group = ssl-cert ExecReload = /bin/kill -HUP $MAINPID TimeoutStopSec = 86400 diff --git a/examples/public-inbox-watch.service b/examples/public-inbox-watch.service index abb41469..0e4860f7 100644 --- a/examples/public-inbox-watch.service +++ b/examples/public-inbox-watch.service @@ -9,8 +9,6 @@ Environment = PI_CONFIG=/home/pi/.public-inbox/config \ PATH=/usr/local/bin:/usr/bin:/bin ExecStart = /usr/local/bin/public-inbox-watch -StandardOutput = syslog -StandardError = syslog ExecReload = /bin/kill -HUP $MAINPID # this user must have read access to Maildirs it watches User = pi diff --git a/examples/unsubscribe-milter@.service b/examples/unsubscribe-milter@.service index eb5dcbe4..a68e6e81 100644 --- a/examples/unsubscribe-milter@.service +++ b/examples/unsubscribe-milter@.service @@ -24,7 +24,13 @@ Sockets = unsubscribe-milter.socket # the corresponding PSGI app needs permissions to modify the # mlmmj spool, so we might as well use the same user since +# they both need to read /home/mlmmj/.unsubscribe.key User = mlmmj +# only kill the parent process when using the default Sendmail::PMilter +# postfork dispatcher, children will die naturally when they're done +# with a given message. +KillMode = process + [Install] WantedBy = multi-user.target diff --git a/examples/unsubscribe.milter b/examples/unsubscribe.milter index 216b0ddd..8c682012 100644 --- a/examples/unsubscribe.milter +++ b/examples/unsubscribe.milter @@ -27,6 +27,28 @@ my $crypt = Crypt::CBC->new(-key => $key, -cipher => 'Blowfish'); $fh = $iv = $key = undef; +my $allow_domains = '/etc/unsubscribe-milter.allow_domains'; +my $ALLOW_DOMAINS; +if (open my $fh, '<', $allow_domains) { + local $/ = "\n"; + chomp(my @l = <$fh>); + die "close: $!" unless eof($fh) && close($fh); + my %l = map { lc($_) => 1 } @l; + $ALLOW_DOMAINS = \%l; +} else { + warn <<EOM; +W: open $allow_domains: $! (all domains allowed) +W: all mlmmj-looking messages will have List-Unsubscribe added, +W: this is probably not what you want. +EOM +} + +# only allow users hitting SMTP server locally: +# Is a config file necessary? Regexps are ugly for IP addresses +# but Net::Patricia (or similar) seems like overkill. Ugly it is: +my @ALLOW_ADDR = (qr/\A::1\z/, qr/\A127\./); +my $ALLOW_ADDR = join('|', @ALLOW_ADDR); + my %cbs; $cbs{connect} = sub { my ($ctx) = @_; @@ -88,10 +110,24 @@ $cbs{eom} = sub { eval { my $priv = $ctx->getpriv; $ctx->setpriv({ header => {}, envrcpt => {} }); - my @rcpt = keys %{$priv->{envrcpt}}; + + # XXX my postfix (3.5.18-0+deb11u1) + Sendmail::PMilter + # instance doesn't seem to get {client_addr}, but + # {daemon_addr} seems to make sense since I only want it + # to apply to users connecting to postfix locally: + if ($ALLOW_ADDR) { + my $x = $ctx->getsymval('{daemon_addr}'); + return SMFIS_CONTINUE if $x && $x !~ /$ALLOW_ADDR/; + } # one recipient, one unique HTTP(S) URL + my @rcpt = keys %{$priv->{envrcpt}}; return SMFIS_CONTINUE if @rcpt != 1; + if ($ALLOW_DOMAINS) { + my $addr = $ctx->getsymval('{mail_addr}'); + my (undef, $d) = split /\@/, $addr; + return SMFIS_CONTINUE if !$ALLOW_DOMAINS->{$d}; + } return SMFIS_CONTINUE if archive_addr(lc($rcpt[0])); my $unsub = $priv->{header}->{'list-unsubscribe'} || []; diff --git a/examples/varnish-4.vcl b/examples/varnish-4.vcl index 5fc202ed..624f6013 100644 --- a/examples/varnish-4.vcl +++ b/examples/varnish-4.vcl @@ -28,7 +28,7 @@ sub vcl_recv { } sub vcl_pipe { - # By default Connection: close is set on all piped requests by varnish, + # By default, Connection: close is set on all piped requests by varnish, # but public-inbox-httpd supports persistent connections well :) unset bereq.http.connection; return (pipe); |