mirror of https://github.com/h44z/wg-portal.git
add ssl/tls option for email encryption (#13)
This commit is contained in:
Christoph Haas
parent
7042523c54
commit
926733dea4
|
|
@ -124,7 +124,8 @@ The following configuration options are available:
|
|||
| DATABASE_PASSWORD | password | database | | The mysql password. |
|
||||
| EMAIL_HOST | host | email | 127.0.0.1 | The email server address. |
|
||||
| EMAIL_PORT | port | email | 25 | The email server port. |
|
||||
| EMAIL_TLS | tls | email | false | Use STARTTLS. |
|
||||
| EMAIL_TLS | tls | email | false | Use STARTTLS. DEPRECATED: use EMAIL_ENCRYPTION instead. |
|
||||
| EMAIL_ENCRYPTION | encryption | email | none | Either none, tls or starttls. |
|
||||
| EMAIL_CERT_VALIDATION | certcheck | email | false | Validate the email server certificate. |
|
||||
| EMAIL_USERNAME | user | email | | An optional username for SMTP authentication. |
|
||||
| EMAIL_PASSWORD | pass | email | | An optional password for SMTP authentication. |
|
||||
|
|
|
|||
|
|
@ -7,13 +7,24 @@ import (
|
|||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
|
||||
"github.com/jordan-wright/email"
|
||||
)
|
||||
|
||||
type MailEncryption string
|
||||
|
||||
const (
|
||||
MailEncryptionNone MailEncryption = "none"
|
||||
MailEncryptionTLS MailEncryption = "tls"
|
||||
MailEncryptionStartTLS MailEncryption = "starttls"
|
||||
)
|
||||
|
||||
type MailConfig struct {
|
||||
Host string `yaml:"host" envconfig:"EMAIL_HOST"`
|
||||
Port int `yaml:"port" envconfig:"EMAIL_PORT"`
|
||||
TLS bool `yaml:"tls" envconfig:"EMAIL_TLS"`
|
||||
TLS bool `yaml:"tls" envconfig:"EMAIL_TLS"` // Deprecated, use MailConfig.Encryption instead.
|
||||
Encryption MailEncryption `yaml:"encryption" envconfig:"EMAIL_ENCRYPTION"`
|
||||
CertValidation bool `yaml:"certcheck" envconfig:"EMAIL_CERT_VALIDATION"`
|
||||
Username string `yaml:"user" envconfig:"EMAIL_USERNAME"`
|
||||
Password string `yaml:"pass" envconfig:"EMAIL_PASSWORD"`
|
||||
|
|
@ -64,16 +75,24 @@ func SendEmailWithAttachments(cfg MailConfig, sender, replyTo, subject, body str
|
|||
for _, attachment := range attachments {
|
||||
a, err := e.Attach(attachment.Data, attachment.Name, attachment.ContentType)
|
||||
if err != nil {
|
||||
return err
|
||||
return errors.Wrapf(err, "failed to attach %s to mailbody", attachment.Name)
|
||||
}
|
||||
if attachment.Embedded {
|
||||
a.HTMLRelated = true
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: remove this once the deprecated MailConfig.TLS config option has been removed
|
||||
if cfg.TLS {
|
||||
cfg.Encryption = MailEncryptionStartTLS
|
||||
}
|
||||
|
||||
switch cfg.Encryption {
|
||||
case MailEncryptionTLS:
|
||||
return e.SendWithTLS(hostname, auth, &tls.Config{InsecureSkipVerify: !cfg.CertValidation})
|
||||
case MailEncryptionStartTLS:
|
||||
return e.SendWithStartTLS(hostname, auth, &tls.Config{InsecureSkipVerify: !cfg.CertValidation})
|
||||
} else {
|
||||
default: // MailEncryptionNone
|
||||
return e.Send(hostname, auth)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -112,6 +112,7 @@ func NewConfig() *Config {
|
|||
cfg.WG.ManageIPAddresses = true
|
||||
cfg.Email.Host = "127.0.0.1"
|
||||
cfg.Email.Port = 25
|
||||
cfg.Email.Encryption = common.MailEncryptionNone
|
||||
|
||||
// Load config from file and environment
|
||||
cfgFile, ok := os.LookupEnv("CONFIG_FILE")
|
||||
|
|
|
|||
Loading…
Reference in New Issue