UniqueSoft/wg-portal
2
0
Fork 0
mirror of https://github.com/h44z/wg-portal synced 2025-02-26 05:49:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add ssl/tls option for email encryption (#13)

Browse Source
This commit is contained in:
Christoph Haas 2021-04-22 14:11:54 +02:00
parent 7042523c54
commit 926733dea4
3 changed files with 30 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -124,7 +124,8 @@ The following configuration options are available:
| DATABASE_PASSWORD | password | database | | The mysql password. | | DATABASE_PASSWORD | password | database | | The mysql password. |
| EMAIL_HOST | host | email | 127.0.0.1 | The email server address. | | EMAIL_HOST | host | email | 127.0.0.1 | The email server address. |
| EMAIL_PORT | port | email | 25 | The email server port. | | EMAIL_PORT | port | email | 25 | The email server port. |
| EMAIL_TLS | tls | email | false | Use STARTTLS. | | EMAIL_TLS | tls | email | false | Use STARTTLS. DEPRECATED: use EMAIL_ENCRYPTION instead. |
| EMAIL_ENCRYPTION | encryption | email | none | Either none, tls or starttls. |
| EMAIL_CERT_VALIDATION | certcheck | email | false | Validate the email server certificate. | | EMAIL_CERT_VALIDATION | certcheck | email | false | Validate the email server certificate. |
| EMAIL_USERNAME | user | email | | An optional username for SMTP authentication. | | EMAIL_USERNAME | user | email | | An optional username for SMTP authentication. |
| EMAIL_PASSWORD | pass | email | | An optional password for SMTP authentication. | | EMAIL_PASSWORD | pass | email | | An optional password for SMTP authentication. |

25
internal/common/email.go
View File

@ -7,13 +7,24 @@ import (
"strconv" "strconv"
"strings" "strings"
"github.com/pkg/errors"
"github.com/jordan-wright/email" "github.com/jordan-wright/email"
) )
type MailEncryption string
const (
MailEncryptionNone MailEncryption = "none"
MailEncryptionTLS MailEncryption = "tls"
MailEncryptionStartTLS MailEncryption = "starttls"
)
type MailConfig struct { type MailConfig struct {
Host string `yaml:"host" envconfig:"EMAIL_HOST"` Host string `yaml:"host" envconfig:"EMAIL_HOST"`
Port int `yaml:"port" envconfig:"EMAIL_PORT"` Port int `yaml:"port" envconfig:"EMAIL_PORT"`
TLS bool `yaml:"tls" envconfig:"EMAIL_TLS"` TLS bool `yaml:"tls" envconfig:"EMAIL_TLS"` // Deprecated, use MailConfig.Encryption instead.
Encryption MailEncryption `yaml:"encryption" envconfig:"EMAIL_ENCRYPTION"`
CertValidation bool `yaml:"certcheck" envconfig:"EMAIL_CERT_VALIDATION"` CertValidation bool `yaml:"certcheck" envconfig:"EMAIL_CERT_VALIDATION"`
Username string `yaml:"user" envconfig:"EMAIL_USERNAME"` Username string `yaml:"user" envconfig:"EMAIL_USERNAME"`
Password string `yaml:"pass" envconfig:"EMAIL_PASSWORD"` Password string `yaml:"pass" envconfig:"EMAIL_PASSWORD"`
@ -64,16 +75,24 @@ func SendEmailWithAttachments(cfg MailConfig, sender, replyTo, subject, body str
for _, attachment := range attachments { for _, attachment := range attachments {
a, err := e.Attach(attachment.Data, attachment.Name, attachment.ContentType) a, err := e.Attach(attachment.Data, attachment.Name, attachment.ContentType)
if err != nil { if err != nil {
return err return errors.Wrapf(err, "failed to attach %s to mailbody", attachment.Name)
} }
if attachment.Embedded { if attachment.Embedded {
a.HTMLRelated = true a.HTMLRelated = true
} }
} }
// TODO: remove this once the deprecated MailConfig.TLS config option has been removed
if cfg.TLS { if cfg.TLS {
cfg.Encryption = MailEncryptionStartTLS
}
switch cfg.Encryption {
case MailEncryptionTLS:
return e.SendWithTLS(hostname, auth, &tls.Config{InsecureSkipVerify: !cfg.CertValidation})
case MailEncryptionStartTLS:
return e.SendWithStartTLS(hostname, auth, &tls.Config{InsecureSkipVerify: !cfg.CertValidation}) return e.SendWithStartTLS(hostname, auth, &tls.Config{InsecureSkipVerify: !cfg.CertValidation})
} else { default: // MailEncryptionNone
return e.Send(hostname, auth) return e.Send(hostname, auth)
} }
} }

1
internal/server/configuration.go
View File

@ -112,6 +112,7 @@ func NewConfig() *Config {
cfg.WG.ManageIPAddresses = true cfg.WG.ManageIPAddresses = true
cfg.Email.Host = "127.0.0.1" cfg.Email.Host = "127.0.0.1"
cfg.Email.Port = 25 cfg.Email.Port = 25
cfg.Email.Encryption = common.MailEncryptionNone
// Load config from file and environment // Load config from file and environment
cfgFile, ok := os.LookupEnv("CONFIG_FILE") cfgFile, ok := os.LookupEnv("CONFIG_FILE")