add remote smtp

Reviewed-on: coop-cloud/mediawiki#35

.env.sample

@@ -1,6 +1,7 @@
 TYPE=mediawiki
 
 DOMAIN=mediawiki.example.com
+COMPOSE_FILE="compose.yml"
 
 #EXTRA_DOMAINS=', `www.wiki.example.com`'
 LETS_ENCRYPT_ENV=production
@@ -11,21 +12,34 @@ MEDIAWIKI_EMAIL_CONTACT="info@wiki.example.com"
 MEDIAWIKI_EMAIL_FROM="wiki@wiki.example.com"
 MEDIAWIKI_LOGO_FILE='$wgResourceBasePath/resources/assets/wiki.png'
 
+# list of language options (without ".json"):
+# https://gerrit.wikimedia.org/g/mediawiki/core/%2B/HEAD/languages/i18n
+MEDIAWIKI_LANGUAGE="en"
+
 MEDIAWIKI_IS_PRIVATE=1
 
 MEDIAWIKI_DEBUG=0
 
-## SMTP
-#SMTP_HOST=postfix_relay_app
-#SMTP_HOST=mailu_front
-
 SECRET_DB_ROOT_PASSWORD_VERSION=v1
 SECRET_DB_PASSWORD_VERSION=v1
 SECRET_MEDIAWIKI_SECRET_KEY_VERSION=v1 # length=64
 
+# SMTP
+
+## via local postfix/mailu
+#SMTP_HOST=postfix_relay_app
+#SMTP_HOST=mailu_front
+
+## via remote email provider
+#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
+#SMTP_HOST="mail.example.com"
+#SMTP_PORT=587
+#SMTP_USER="${MEDIAWIKI_EMAIL_FROM}"
+#SECRET_SMTP_PASSWORD_VERSION=v1
+
 # SAML
 
-#COMPOSE_FILE="compose.yml:compose.simplesaml.yml"
+#COMPOSE_FILE="$COMPOSE_FILE:compose.simplesaml.yml"
 
 #SAML_ENABLED=1
 #SAML_CONTACT_NAME="Sam Ell"
@@ -41,11 +55,17 @@ SECRET_MEDIAWIKI_SECRET_KEY_VERSION=v1 # length=64
 
 ## OpenID Connect
 # OPENID_ENABLED=1
-# COMPOSE_FILE="compose.yml:compose.openid.yml"
+# COMPOSE_FILE="$COMPOSE_FILE:compose.openid.yml"
 # OPENID_KEYCLOAK_URL="https://keycloak.local:8080/realms/acme/"
 # OPENID_CLIENT_ID="mediawiki"
 # SECRET_OPENID_CLIENT_SECRET_VERSION=v1
 
+## WikiMarkdown
+#MARKDOWN_ENABLED=1
+
+## MobileFrontend
+#MOBILEFRONTEND_ENABLED=1
+
 ## MsUpload
 #MSU_ENABLED=1
 
@@ -62,5 +82,5 @@ SECRET_MEDIAWIKI_SECRET_KEY_VERSION=v1 # length=64
 #MARKDOWN_ENABLED=1
 
 ## Tweeki skin
-#TWEEKI_ENABLED=1
+#TWEEKI_ENABLED=0
 

LocalSettings.php.tmpl

@@ -5,7 +5,6 @@ if ( !defined( 'MEDIAWIKI' ) ) {
 	exit;
 }
 
-
 ## Uncomment this to disable output compression
 # $wgDisableOutputCompression = true;
 
@@ -85,7 +84,7 @@ $wgShellLocale = "C.UTF-8";
 #$wgCacheDirectory = "$IP/cache";
 
 # Site language code, should be one of the list in ./languages/data/Names.php
-$wgLanguageCode = "en";
+$wgLanguageCode = "{{ env "MEDIAWIKI_LANGUAGE" }}";
 
 $wgSecretKey = rtrim(file_get_contents('/run/secrets/mediawiki_secret_key'));
 
@@ -116,6 +115,13 @@ $wgGroupPermissions['*']['read'] = false;
 $wgGroupPermissions['*']['read'] = true;
 {{ end }}
 
+# Enabled skins.
+# The following skins were automatically enabled:
+wfLoadSkin( 'MonoBook' );
+wfLoadSkin( 'Timeless' );
+wfLoadSkin( 'Vector' );
+wfLoadSkin( 'MinervaNeue' );
+
 ## Default skin: you can change the default skin. Use the internal symbolic
 ## names, ie 'vector', 'monobook':
 
@@ -126,12 +132,10 @@ $wgDefaultSkin = "tweeki";
 $wgDefaultSkin = "vector";
 {{ end }}
 
-# Enabled skins.
-# The following skins were automatically enabled:
-wfLoadSkin( 'MonoBook' );
-wfLoadSkin( 'Timeless' );
-wfLoadSkin( 'Vector' );
-wfLoadSkin( 'MinervaNeue' );
+{{ if eq (env "MOBILEFRONTEND_ENABLED") "1" }}
+wfLoadExtension( 'MobileFrontend' );
+$wgDefaultMobileSkin = 'minerva';
+{{ end }}
 
 # Enabled extensions. Most of the extensions are enabled by adding
 # wfLoadExtensions('ExtensionName');
@@ -196,11 +200,15 @@ $wgGroupPermissions['*']['createaccount'] = false;
 
 {{ if env "SMTP_HOST" }}
 $wgSMTP = [
-    'host'     => '{{ env "SMTP_HOST" }}', // could also be an IP address. Where the SMTP server is located
-    'port'     => 25,                 // Port to use when connecting to the SMTP server
-    'auth'     => false,               // Should we use SMTP authentication (true or false)
-    #'username' => 'my_user_name',     // Username to use for SMTP authentication (if being used)
-    #'password' => 'my_password'       // Password to use for SMTP authentication (if being used)
+    'host'     => '{{ env "SMTP_HOST" }}',       // could also be an IP address. Where the SMTP server is located
+    'port'     => {{ env "SMTP_PORT" }},         // Port to use when connecting to the SMTP server
+{{ if env "SMTP_USER" }}
+    'auth'     => true,                          // Should we use SMTP authentication (true or false)
+    'username' => '{{ env "SMTP_USER" }}',       // Username to use for SMTP authentication (if being used)
+    'password' => '{{ secret "smtp_password" }}' // Password to use for SMTP authentication (if being used)
+{{ else }}
+    'auth'     => false
+{{ end }}
 ];
 {{ end }}
 

README.md

@@ -27,6 +27,8 @@
 
 ## Email
 
+### Coop Cloud mailu or postfix
+
 1. `abra app config YOURAPPDOMAIN` - edit `.envrc` and uncomment the `SMTP` lines. Set `SMTP_HOST` to
    `postfix_relay` for `coop-cloud/postfix_relay`, or `mailu_front` for
    `coop-cloud/mailu` (assuming default stack names)
@@ -34,6 +36,14 @@
    `postfix_relay`. This doesn't seem to be required for Mailu.
 3. `abra app deploy YOURAPPDOMAIN`
 
+### Remote provider
+
+1. `abra app config YOURAPPDOMAIN` - uncomment `SMTP` under the "remote email provider" section and set values for `SMTP_HOST`, `SMTP_PORT` and `SMTP_USER`
+2. `abra app secret insert YOURAPPDOMAIN smtp_password v1 YOURSMTPPASSWORD`
+3. `abra app deploy YOURAPPDOMAIN`
+
+Note: Only STARTTLS is supported, TLS won't work.
+
 ## Single Sign On
 
 ### SimpleSAMLphp

abra.sh

@@ -1,8 +1,8 @@
-export LOCAL_SETTINGS_CONF_VERSION=v17
+export LOCAL_SETTINGS_CONF_VERSION=v21
 export HTACCESS_CONF_VERSION=v1
-export ENTRYPOINT_CONF_VERSION=v15
+export ENTRYPOINT_CONF_VERSION=v19
 export COMPOSER_LOCAL_CONF_VERSION=v5
-export PHP_INI_VERSION=v2
+export PHP_INI_VERSION=v4
 
 export SAML_ENTRYPOINT_CONF_VERSION=v3
 

compose.smtp.yml

@@ -0,0 +1,14 @@
+---
+version: "3.8"
+
+services:
+  app:
+    environment:
+      - SMTP_USER
+    secrets:
+      - smtp_password
+
+secrets:
+  smtp_password:
+    name: ${STACK_NAME}_smtp_password_${SECRET_SMTP_PASSWORD_VERSION}
+    external: true

compose.yml

@@ -14,12 +14,14 @@ services:
       - MEDIAWIKI_LOGO_FILE
       - MEDIAWIKI_IS_PRIVATE
       - MEDIAWIKI_DEBUG
+      - MEDIAWIKI_LANGUAGE=${MEDIAWIKI_LANGUAGE:-en}
       - SAML_ENABLED
       - OPENID_ENABLED
       - DB_HOST=db
       - DB_USER=mediawiki
       - DB_NAME=mediawiki
       - SMTP_HOST
+      - SMTP_PORT=${SMTP_PORT:-25}
     volumes:
       - "mediawiki_images:/var/www/html/images"
     configs:
@@ -45,7 +47,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
-        - "coop-cloud.${STACK_NAME}.version=2.2.3+1.39.3"
+        - "coop-cloud.${STACK_NAME}.version=2.3.0+1.39.3"
     entrypoint: /docker-entrypoint2.sh
 
   db:

entrypoint.sh.tmpl

@@ -53,6 +53,7 @@ init_db() {
 }
 
 init_extensions() {
+
 	if [ ! -d /var/www/html/extensions/PluggableAuth ]; then
 		git clone --depth 1 -b REL1_39 \
 			https://gerrit.wikimedia.org/r/p/mediawiki/extensions/PluggableAuth \
@@ -75,6 +76,14 @@ init_extensions() {
 		fi
 	fi
 
+	if [ -n "${MOBILEFRONTEND_ENABLED-}" ]; then
+		if [ ! -d /var/www/html/extensions/MobileFrontend ]; then
+			git clone --depth 1 -b REL1_39 \
+				https://github.com/wikimedia/mediawiki-extensions-MobileFrontend.git \
+				/var/www/html/extensions/MobileFrontend
+		fi
+	fi
+
 	if [ -n "${MSU_ENABLED-}" ]; then
 		if [ ! -d /var/www/html/extensions/MsUpload ]; then
 			git clone --depth 1 -b REL1_39 \
@@ -126,7 +135,7 @@ main() {
 	set -eu
 
 	init_extensions
-    init_skins
+	init_skins
 	init_composer
 	composer_install
 	init_db

php.ini.tmpl

@@ -5,4 +5,6 @@ max_file_uploads = 1000
 
 {{ if eq (env "MEDIAWIKI_DEBUG") "0" }}
 error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+{{ else }}
+error_reporting = E_ALL
 {{ end }}