Removed razor due to excessive ressource usage

2022-02-06 19:42:03 +01:00
parent 5b2faa2ddc
commit 77682b077b
4 changed files with 1 additions and 181 deletions
--- a/etc/razorfy.conf
+++ b/etc/razorfy.conf
@ -1,14 +0,0 @@
 # Razorfy Configuration file
 # set to 1 to enable debug logging (Default 0)
 RAZORFY_DEBUG = 0
 # max number of threads to use  (Default 200)
 RAZORFY_MAXTHREADS = 200
 # bind razorfy default to local ip address (127.0.0.1)
 # use :: for all (dual stack), 0.0.0.0 (all ipv4), ::1 localhost v6only, 127.0.0.1 localhost ipv4
 RAZORFY_BINDADDRESS = 127.0.0.1
 # tcp port to use
 RAZORFY_BINDPORT = 11342
--- a/etc/systemd/system/razorfy.service
+++ b/etc/systemd/system/razorfy.service
@ -1,32 +0,0 @@
 [Unit]
 Description=Razorfy Service
 Requires=network.target local-fs.target time-sync.target
 [Service]
 Type=simple
 User=razorfy
 Group=razorfy
 EnvironmentFile=/etc/razorfy.conf
 ExecStart=/usr/local/bin/razorfy.pl
 ExecReload=/bin/kill -HUP $MAINPID
 ExecStop=/bin/kill $MAINPID
 Restart=always
 RestartSec=3
 PIDFile=/var/run/razor.pid
 TimeoutStopSec=30
 NoNewPrivileges=true
 PrivateDevices=true
 PrivateTmp=true
 PrivateUsers=true
 ProtectControlGroups=true
 ProtectHome=true
 ProtectKernelModules=true
 ProtectKernelTunables=true
 ProtectSystem=strict
 [Install]
 WantedBy=multi-user.target
--- a/install_binaries.sh
+++ b/install_binaries.sh
@ -4,7 +4,7 @@ set -e
 export LANG=C.UTF-8
 # install all required packages
 DEBIAN_FRONTEND=noninteractive apt-get update
-DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y apt-transport-tor bash-completion bind9 brotli bzip2 ca-certificates clamav-daemon clamav-freshclam curl dovecot-imapd dovecot-lmtpd dovecot-pop3d git hardlink haveged iptables libio-socket-ip-perl libsasl2-modules locales locales-all logrotate lsb-release mariadb-server nano postfix postfix-mysql quota quotatool razor redis rsync ssh subversion tor unzip vim wget xz-utils zip zopfli
+DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y apt-transport-tor bash-completion bind9 brotli bzip2 ca-certificates clamav-daemon clamav-freshclam curl dovecot-imapd dovecot-lmtpd dovecot-pop3d git hardlink haveged iptables libio-socket-ip-perl libsasl2-modules locales locales-all logrotate lsb-release mariadb-server nano postfix postfix-mysql quota quotatool redis rsync ssh subversion tor unzip vim wget xz-utils zip zopfli
 # build dependencies
 DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y autoconf automake bison cmake g++ gcc ghostscript gnupg `apt-cache search --names-only 'libargon2(-0)?-dev' | awk '{print $1;}' | head -n1` libbrotli-dev libbz2-dev libc-client2007e-dev libcurl4-openssl-dev libde265-dev libdjvulibre-dev libedit-dev `apt-cache search --names-only 'libenchant(-2)?-dev' | awk '{print $1;}' | head -n1` libffi-dev `apt-cache search --names-only libfreetype6?-dev | awk '{print $1;}' | head -n1` libfftw3-dev libfribidi-dev libgd-dev libgmp-dev libgpg-error-dev libgpgme-dev libharfbuzz-dev libkrb5-dev libldap2-dev liblmdb-dev liblqr-1-0-dev libmariadb-dev libonig-dev libopenexr-dev libopenjp2-7-dev libpango1.0-dev libpcre3-dev libpng-dev libpspell-dev libqdbm-dev libraqm-dev libraw-dev libreadline-dev librsvg2-dev libsasl2-dev libsodium-dev libsqlite3-dev libssl-dev libsystemd-dev libtidy-dev libtool libwebp-dev libwmf-dev libx265-dev libxml2-dev libxpm-dev libxslt1-dev libzip-dev libzstd-dev make poppler-utils ragel re2c yasm zlib1g-dev
@ -1768,6 +1768,3 @@ composer self-update
 id -u _rspamd >/dev/null 2>&1 ||useradd -M -r -s /bin/false -d /var/lib/rspamd _rspamd
 mkdir -p /var/lib/rspamd
 chown _rspamd: /var/lib/rspamd
 #razorfy
 id -u razorfy >/dev/null 2>&1 || useradd -M -r -s /bin/false razorfy
--- a/usr/local/bin/razorfy.pl
+++ b/usr/local/bin/razorfy.pl
@ -1,131 +0,0 @@
 #!/usr/bin/perl
 # Copyright (c) 2020, Mirko Ludeke <m.ludeke@heinlein-support.de>
 # Copyright (c) 2020, Carsten Rosenberg <c.rosenberg@heinlein-support.de>
 # Copyright (c) 2020, Andreas Boesen <boesen@belwue.de>
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 use strict;
 use warnings;
 use IO::Socket::IP;
 use IO::Select;
 use threads;
 use Data::Dumper;
 use POSIX qw(setlocale strftime);
 use Razor2::Client::Agent;
 # set to 1 to enable debug logging
 my $debug = defined($ENV{'RAZORFY_DEBUG'}) ? $ENV{'RAZORFY_DEBUG'} : 0;
 # max number of threa to use
 my $maxthreads = defined($ENV{'RAZORFY_MAXTHREADS'}) ? $ENV{'RAZORFY_MAXTHREADS'} : 200;
 # bind razorfy to default to local ip address
 # use :: for all (dual stack), 0.0.0.0 (all ipv4), ::1 localhost v6only, 127.0.0.1 localhost ipv4
 my $bindaddress = defined($ENV{'RAZORFY_BINDADDRESS'}) ? $ENV{'RAZORFY_BINDADDRESS'} : '127.0.0.1';
 # tcp port to use
 my $bindport 	= defined($ENV{'RAZORFY_BINDPORT'}) ? $ENV{'RAZORFY_BINDPORT'} : '11342';
 my $agent = new Razor2::Client::Agent('razor-check') or die ;
 	$agent->read_options() 	or die $agent->errstr ."\n";
 	$agent->do_conf() 	or die $agent->errstr ."\n";
 my %logret = ( 0 => 'spam', 1 => 'ham');
 sub Main
 {
 	# flush after every write
 	$| = 1;
 	my ( $socket, $client_socket );
 	# Bind to listening address and port
 	$socket = new IO::Socket::IP (
 		LocalHost => $bindaddress,
 		LocalPort => $bindport,
 		Proto     => 'tcp',
 		Listen    => 10,
 		ReuseAddr => 1
 	) or die "Could not open socket: ".$!."\n";
 	ErrorLog( "RAZORFY started, PID: $$ Waiting for client connections...");
 	my @clients = ();
 	# start infinity loop
 	while(1)
 	{
 		# Limit threads
 		my @threads = threads->list(threads::running);
 		if( $#threads < $maxthreads ) {
 			# Waiting for new client connection.
 			$client_socket = $socket->accept();
 			# Push new client connection to it's own thread
 			push ( @clients, threads->create( \&clientHandler, $client_socket ) );
 			ErrorLog(  "active threads: $#threads") if $debug ;
 			ErrorLog(  "client array length: " . scalar @clients) if $debug ;
 			my $counter = 0;
 			foreach ( @clients )
 			{
 				if( $_->is_joinable() ) {
 		    	$_->join();
 		    }
 				if( not $_->is_running() ) {
 					splice(@clients,$counter,1);
 				}
 				$counter++;
 			}
 		}
 	}
 	$socket->close();
 	return 1;
 }
 sub clientHandler
 {
 	# Socket is passed to thread as first (and only) argument.
 	my ($client_socket) = @_;
 	# Create hash for user connection/session information and set initial connection information.
 	my %user = ();
    	$user{peer_address} = $client_socket->peerhost();
 	$user{peer_port} = $client_socket->peerport();
 	ErrorLog( "Accepted New Client Connection From:".$user{peer_address}.":".$user{peer_port}) if $debug;
 	my %hashr;
 	$hashr{'fh'} = $client_socket;
 	my $ret = $agent->checkit(\%hashr);
 	print $client_socket ( $ret == 0) ? "spam" : "ham";
 	ErrorLog( "return value: ". $logret{$ret} ) if $debug;
 	$client_socket->shutdown(2);
 	threads->exit();
 }
 sub ErrorLog {
 setlocale(&POSIX::LC_ALL, "en_US");
  my $msg = shift;
  my $datestring = strftime "%b %e %H:%M:%S", localtime;
  print STDERR $msg."\n";
 }
 # Start the Main loop
 Main();