mirror of
https://akkoma.dev/AkkomaGang/akkoma.git
synced 2024-11-26 07:52:17 +00:00
Merge pull request 'Fix and provide sane defaults for SMTP' (#686) from Oneric/akkoma:smtp-defaults into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/686
This commit is contained in:
commit
551ae69541
|
@ -55,12 +55,61 @@ defmodule Pleroma.Emails.Mailer do
|
||||||
|
|
||||||
@doc false
|
@doc false
|
||||||
def validate_dependency do
|
def validate_dependency do
|
||||||
parse_config([])
|
parse_config([], defaults: false)
|
||||||
|> Keyword.get(:adapter)
|
|> Keyword.get(:adapter)
|
||||||
|> Swoosh.Mailer.validate_dependency()
|
|> Swoosh.Mailer.validate_dependency()
|
||||||
end
|
end
|
||||||
|
|
||||||
defp parse_config(config) do
|
defp ensure_charlist(input) do
|
||||||
Swoosh.Mailer.parse_config(@otp_app, __MODULE__, @mailer_config, config)
|
case input do
|
||||||
|
i when is_binary(i) -> String.to_charlist(input)
|
||||||
|
i when is_list(i) -> i
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
defp default_config(adapter, conf, opts)
|
||||||
|
|
||||||
|
defp default_config(_, _, defaults: false) do
|
||||||
|
[]
|
||||||
|
end
|
||||||
|
|
||||||
|
defp default_config(Swoosh.Adapters.SMTP, conf, _) do
|
||||||
|
# gen_smtp and Erlang's tls defaults are very barebones, if nothing is set.
|
||||||
|
# Add sane defaults for our usecase to make config less painful for admins
|
||||||
|
relay = ensure_charlist(Keyword.get(conf, :relay))
|
||||||
|
ssl_disabled = Keyword.get(conf, :ssl) === false
|
||||||
|
os_cacerts = :public_key.cacerts_get()
|
||||||
|
|
||||||
|
common_tls_opts = [
|
||||||
|
cacerts: os_cacerts,
|
||||||
|
versions: [:"tlsv1.2", :"tlsv1.3"],
|
||||||
|
verify: :verify_peer,
|
||||||
|
# some versions have supposedly issues verifying wildcard certs without this
|
||||||
|
server_name_indication: relay,
|
||||||
|
# the default of 10 is too restrictive
|
||||||
|
depth: 32
|
||||||
|
]
|
||||||
|
|
||||||
|
[
|
||||||
|
auth: :always,
|
||||||
|
no_mx_lookups: false,
|
||||||
|
# Direct SSL/TLS
|
||||||
|
# (if ssl was explicitly disabled, we must not pass TLS options to the socket)
|
||||||
|
ssl: true,
|
||||||
|
sockopts: if(ssl_disabled, do: [], else: common_tls_opts),
|
||||||
|
# STARTTLS upgrade (can't be set to :always when already using direct TLS)
|
||||||
|
tls: :if_available,
|
||||||
|
tls_options: common_tls_opts
|
||||||
|
]
|
||||||
|
end
|
||||||
|
|
||||||
|
defp default_config(_, _, _), do: []
|
||||||
|
|
||||||
|
defp parse_config(config, opts \\ []) do
|
||||||
|
conf = Swoosh.Mailer.parse_config(@otp_app, __MODULE__, @mailer_config, config)
|
||||||
|
adapter = Keyword.get(conf, :adapter)
|
||||||
|
|
||||||
|
default_config(adapter, conf, opts)
|
||||||
|
|> Keyword.merge(conf)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue