fix(emails): use tls_certificate_check to add tls config for mailer

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2023-12-07 11:42:19 +01:00
parent 7210f86889
commit db385501aa
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
4 changed files with 7 additions and 17 deletions

View file

@ -124,14 +124,6 @@ config :mobilizon, Mobilizon.Web.Email.Mailer,
# ssl: false,
# can be `:always` or `:never`
tls: :never,
allowed_tls_versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"],
tls_options: [
verify: :verify_peer,
versions: [:"tlsv1.2", :"tlsv1.3"],
cacerts: :public_key.cacerts_get(),
server_name_indication: ~c"localhost",
depth: 99
],
retries: 1,
# can be `true`
no_mx_lookups: false

View file

@ -2,6 +2,8 @@
import Config
{:ok, _} = Application.ensure_all_started(:tls_certificate_check)
loglevels = [
:emergency,
:alert,
@ -72,14 +74,8 @@ config :mobilizon, Mobilizon.Web.Email.Mailer,
username: System.get_env("MOBILIZON_SMTP_USERNAME", nil),
password: System.get_env("MOBILIZON_SMTP_PASSWORD", nil),
tls: System.get_env("MOBILIZON_SMTP_TLS", "if_available"),
allowed_tls_versions: [:"tlsv1.2", :"tlsv1.3"],
tls_options: [
verify: :verify_peer,
versions: [:"tlsv1.2", :"tlsv1.3"],
cacerts: :public_key.cacerts_get(),
server_name_indication: ~c"#{System.get_env("MOBILIZON_SMTP_SERVER", "localhost")}",
depth: 99
],
tls_options:
:tls_certificate_check.options(System.get_env("MOBILIZON_SMTP_SERVER", "localhost")),
ssl: System.get_env("MOBILIZON_SMTP_SSL", "false"),
retries: 1,
no_mx_lookups: false,

View file

@ -89,7 +89,7 @@ defmodule Mobilizon.Mixfile do
end
defp extra_applications(_env) do
[:logger, :runtime_tools, :guardian, :geolix, :crypto, :cachex]
[:tls_certificate_check, :logger, :runtime_tools, :guardian, :geolix, :crypto, :cachex]
end
def copy_files(%{path: target_path} = release) do
@ -220,6 +220,7 @@ defmodule Mobilizon.Mixfile do
{:exkismet, github: "tcitworld/exkismet"},
{:rajska, github: "tcitworld/rajska", branch: "mobilizon"},
{:hammer, "~> 6.1"},
{:tls_certificate_check, "~> 1.20"},
# Dev and test dependencies
{:phoenix_live_reload, "~> 1.2", only: [:dev, :e2e]},
{:ex_machina, "~> 2.3", only: [:dev, :test]},

View file

@ -139,6 +139,7 @@
"telemetry": {:hex, :telemetry, "1.2.1", "68fdfe8d8f05a8428483a97d7aab2f268aaff24b49e0f599faa091f1d4e7f61c", [:rebar3], [], "hexpm", "dad9ce9d8effc621708f99eac538ef1cbe05d6a874dd741de2e689c47feafed5"},
"tesla": {:hex, :tesla, "1.8.0", "d511a4f5c5e42538d97eef7c40ec4f3e44effdc5068206f42ed859e09e51d1fd", [:mix], [{:castore, "~> 0.1 or ~> 1.0", [hex: :castore, repo: "hexpm", optional: true]}, {:exjsx, ">= 3.0.0", [hex: :exjsx, repo: "hexpm", optional: true]}, {:finch, "~> 0.13", [hex: :finch, repo: "hexpm", optional: true]}, {:fuse, "~> 2.4", [hex: :fuse, repo: "hexpm", optional: true]}, {:gun, ">= 1.0.0", [hex: :gun, repo: "hexpm", optional: true]}, {:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: true]}, {:ibrowse, "4.4.2", [hex: :ibrowse, repo: "hexpm", optional: true]}, {:jason, ">= 1.0.0", [hex: :jason, repo: "hexpm", optional: true]}, {:mime, "~> 1.0 or ~> 2.0", [hex: :mime, repo: "hexpm", optional: false]}, {:mint, "~> 1.0", [hex: :mint, repo: "hexpm", optional: true]}, {:msgpax, "~> 2.3", [hex: :msgpax, repo: "hexpm", optional: true]}, {:poison, ">= 1.0.0", [hex: :poison, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: true]}], "hexpm", "10501f360cd926a309501287470372af1a6e1cbed0f43949203a4c13300bc79f"},
"timex": {:hex, :timex, "3.7.11", "bb95cb4eb1d06e27346325de506bcc6c30f9c6dea40d1ebe390b262fad1862d1", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.20", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 1.1", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm", "8b9024f7efbabaf9bd7aa04f65cf8dcd7c9818ca5737677c7b76acbc6a94d1aa"},
"tls_certificate_check": {:hex, :tls_certificate_check, "1.20.0", "1ac0c53f95e201feb8d398ef9d764ae74175231289d89f166ba88a7f50cd8e73", [:rebar3], [{:ssl_verify_fun, "~> 1.1", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}], "hexpm", "ab57b74b1a63dc5775650699a3ec032ec0065005eff1f020818742b7312a8426"},
"tz_world": {:hex, :tz_world, "1.3.1", "dedb8373fce594098909ff36d37f5e5e30e47cb40ef846d1dfc91eb39f7ebaaf", [:mix], [{:castore, "~> 0.1 or ~> 1.0", [hex: :castore, repo: "hexpm", optional: true]}, {:certifi, "~> 2.5", [hex: :certifi, repo: "hexpm", optional: true]}, {:geo, "~> 1.0 or ~> 2.0 or ~> 3.3", [hex: :geo, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}], "hexpm", "901ed2b4a4430ecab3765244da4a19e6f19141867c2ab3753924919b87ed2224"},
"tzdata": {:hex, :tzdata, "1.1.1", "20c8043476dfda8504952d00adac41c6eda23912278add38edc140ae0c5bcc46", [:mix], [{:hackney, "~> 1.17", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm", "a69cec8352eafcd2e198dea28a34113b60fdc6cb57eb5ad65c10292a6ba89787"},
"ueberauth": {:hex, :ueberauth, "0.10.5", "806adb703df87e55b5615cf365e809f84c20c68aa8c08ff8a416a5a6644c4b02", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "3efd1f31d490a125c7ed453b926f7c31d78b97b8a854c755f5c40064bf3ac9e1"},