From de285f2b63fc61db4fd311c8260fbf7a1e8a4b76 Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Tue, 15 Jun 2021 21:37:41 -0700
Subject: [PATCH] feat: Add TLS ciphers option (#2217)

closes #2175
---
 .env.sample      | 2 ++
 app.json         | 9 +++++++++
 server/mailer.js | 4 ++++
 3 files changed, 15 insertions(+)

diff --git a/.env.sample b/.env.sample
index dcc93a5e..fabb32f8 100644
--- a/.env.sample
+++ b/.env.sample
@@ -128,6 +128,8 @@ SMTP_USERNAME=
 SMTP_PASSWORD=
 SMTP_FROM_EMAIL=
 SMTP_REPLY_EMAIL=
+SMTP_TLS_CIPHERS=
+SMTP_SECURE=true
 
 # Custom logo that displays on the authentication screen, scaled to height: 60px
 # TEAM_LOGO=https://example.com/images/logo.png
diff --git a/app.json b/app.json
index 76d8e094..d11939b9 100644
--- a/app.json
+++ b/app.json
@@ -135,6 +135,15 @@
       "description": "wikireply@example.com (optional)",
       "required": false
     },
+    "SMTP_SECURE": {
+      "value": "true",
+      "description": "Use a secure SMTP connection (optional)",
+      "required": false
+    },
+    "SMTP_TLS_CIPHERS": {
+      "description": "Override SMTP cipher configuration (optional)",
+      "required": false
+    },
     "GOOGLE_ANALYTICS_ID": {
       "description": "UA-xxxx (optional)",
       "required": false
diff --git a/server/mailer.js b/server/mailer.js
index d6213e62..9fdc9ac3 100644
--- a/server/mailer.js
+++ b/server/mailer.js
@@ -178,6 +178,10 @@ export class Mailer {
             ? process.env.SMTP_SECURE === "true"
             : process.env.NODE_ENV === "production",
         auth: undefined,
+        tls:
+          "SMTP_TLS_CIPHERS" in process.env
+            ? { ciphers: process.env.SMTP_TLS_CIPHERS }
+            : undefined,
       };
 
       if (process.env.SMTP_USERNAME) {