From ba1d665bd993cc07f2b3a2a5077804cc3b5719ea Mon Sep 17 00:00:00 2001 From: Alexis Yushin Date: Thu, 27 Jul 2023 11:26:15 +0200 Subject: [PATCH] make smtp tls configurable / optional --- .gitignore | 1 + .../custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 2 +- roles/custom/matrix-synapse/vars/main.yml | 3 +++ 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 421877392..6b56900a8 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,7 @@ /roles/**/files/scratchpad .DS_Store .python-version +.idea/ flake.lock # ignore roles pulled by ansible-galaxy diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index f42f6e309..e12bdb194 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2351,7 +2351,7 @@ email: # must present a certificate that is valid for 'smtp_host'. If this option # is set to false, TLS will not be used. # - #enable_tls: false + enable_tls: {{ matrix_synapse_email_smtp_enable_tls|to_json }} # notif_from defines the "From" address to use when sending emails. # It must be set if email sending is enabled. diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index 9ac7afeb7..a12b44017 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -5,6 +5,9 @@ matrix_synapse_federation_api_url_endpoint_public: "https://{{ matrix_server_fqn matrix_synapse_media_store_directory_name: "{{ matrix_synapse_media_store_path | basename }}" +# Optionally: `false` to fully disable tls on outbound smtp +matrix_synapse_email_smtp_enable_tls: true + # A Synapse generic worker can handle both federation and client-server API endpoints. # We wish to split these, as we normally serve federation separately and don't want them mixed up. #