diff --git a/.env.sample b/.env.sample index 2b4d548..2cbf6e3 100644 --- a/.env.sample +++ b/.env.sample @@ -1,6 +1,7 @@ TYPE=mediawiki DOMAIN=mediawiki.example.com +COMPOSE_FILE="compose.yml" #EXTRA_DOMAINS=', `www.wiki.example.com`' LETS_ENCRYPT_ENV=production @@ -19,17 +20,26 @@ MEDIAWIKI_IS_PRIVATE=1 MEDIAWIKI_DEBUG=0 -## SMTP -#SMTP_HOST=postfix_relay_app -#SMTP_HOST=mailu_front - SECRET_DB_ROOT_PASSWORD_VERSION=v1 SECRET_DB_PASSWORD_VERSION=v1 SECRET_MEDIAWIKI_SECRET_KEY_VERSION=v1 # length=64 +# SMTP + +## via local postfix/mailu +#SMTP_HOST=postfix_relay_app +#SMTP_HOST=mailu_front + +## via remote email provider +#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml" +#SMTP_HOST="mail.example.com" +#SMTP_PORT=587 +#SMTP_USER="${MEDIAWIKI_EMAIL_FROM}" +#SECRET_SMTP_PASSWORD_VERSION=v1 + # SAML -#COMPOSE_FILE="compose.yml:compose.simplesaml.yml" +#COMPOSE_FILE="$COMPOSE_FILE:compose.simplesaml.yml" #SAML_ENABLED=1 #SAML_CONTACT_NAME="Sam Ell" @@ -45,7 +55,7 @@ SECRET_MEDIAWIKI_SECRET_KEY_VERSION=v1 # length=64 ## OpenID Connect # OPENID_ENABLED=1 -# COMPOSE_FILE="compose.yml:compose.openid.yml" +# COMPOSE_FILE="$COMPOSE_FILE:compose.openid.yml" # OPENID_KEYCLOAK_URL="https://keycloak.local:8080/realms/acme/" # OPENID_CLIENT_ID="mediawiki" # SECRET_OPENID_CLIENT_SECRET_VERSION=v1 diff --git a/LocalSettings.php.tmpl b/LocalSettings.php.tmpl index 62e500e..5190322 100644 --- a/LocalSettings.php.tmpl +++ b/LocalSettings.php.tmpl @@ -200,11 +200,15 @@ $wgGroupPermissions['*']['createaccount'] = false; {{ if env "SMTP_HOST" }} $wgSMTP = [ - 'host' => '{{ env "SMTP_HOST" }}', // could also be an IP address. Where the SMTP server is located - 'port' => 25, // Port to use when connecting to the SMTP server - 'auth' => false, // Should we use SMTP authentication (true or false) - #'username' => 'my_user_name', // Username to use for SMTP authentication (if being used) - #'password' => 'my_password' // Password to use for SMTP authentication (if being used) + 'host' => '{{ env "SMTP_HOST" }}', // could also be an IP address. Where the SMTP server is located + 'port' => {{ env "SMTP_PORT" }}, // Port to use when connecting to the SMTP server +{{ if env "SMTP_USER" }} + 'auth' => true, // Should we use SMTP authentication (true or false) + 'username' => '{{ env "SMTP_USER" }}', // Username to use for SMTP authentication (if being used) + 'password' => '{{ secret "smtp_password" }}' // Password to use for SMTP authentication (if being used) +{{ else }} + 'auth' => false +{{ end }} ]; {{ end }} diff --git a/README.md b/README.md index c0e609a..cd00400 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,8 @@ ## Email +### Coop Cloud mailu or postfix + 1. `abra app config YOURAPPDOMAIN` - edit `.envrc` and uncomment the `SMTP` lines. Set `SMTP_HOST` to `postfix_relay` for `coop-cloud/postfix_relay`, or `mailu_front` for `coop-cloud/mailu` (assuming default stack names) @@ -34,6 +36,14 @@ `postfix_relay`. This doesn't seem to be required for Mailu. 3. `abra app deploy YOURAPPDOMAIN` +### Remote provider + +1. `abra app config YOURAPPDOMAIN` - uncomment `SMTP` under the "remote email provider" section and set values for `SMTP_HOST`, `SMTP_PORT` and `SMTP_USER` +2. `abra app secret insert YOURAPPDOMAIN smtp_password v1 YOURSMTPPASSWORD` +3. `abra app deploy YOURAPPDOMAIN` + +Note: Only STARTTLS is supported, TLS won't work. + ## Single Sign On ### SimpleSAMLphp diff --git a/compose.smtp.yml b/compose.smtp.yml new file mode 100644 index 0000000..ae82801 --- /dev/null +++ b/compose.smtp.yml @@ -0,0 +1,14 @@ +--- +version: "3.8" + +services: + app: + environment: + - SMTP_USER + secrets: + - smtp_password + +secrets: + smtp_password: + name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION} + external: true diff --git a/compose.yml b/compose.yml index 29e0971..9683473 100644 --- a/compose.yml +++ b/compose.yml @@ -21,6 +21,7 @@ services: - DB_USER=mediawiki - DB_NAME=mediawiki - SMTP_HOST + - SMTP_PORT=${SMTP_PORT:-25} volumes: - "mediawiki_images:/var/www/html/images" configs: