Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

key/pem handling for smtp #5

Closed
paulbalomiri opened this issue Aug 6, 2022 · 3 comments
Closed

key/pem handling for smtp #5

paulbalomiri opened this issue Aug 6, 2022 · 3 comments

Comments

@paulbalomiri
Copy link

paulbalomiri commented Aug 6, 2022
edited
Loading

trying here to configure smtps and STARTTLS (optional) for the docker image.
I can also rebuild the docker image [EDIT id nessesary ] and already have let'sencrypt the key & cert.

The wiki's smtp page mentions the config options --smtp-ssl-cert and --smtp-ssl-key

I can not set them, though & don't know if it is possible from env variables too (trying to avoid the execute docker config service option if possible.

Edit 2: The codebase's config.go also does not mention these options...

Thumbs up for the project 👍
@paulbalomiri
Copy link
Author

ah, now saw your commit from 2hrs ago:

56fdaa1

Does this mean the MP_SSL* are taken from the web UI?

mailpit/cmd/root.go

Lines 96 to 103 in ba8c4cd

// deprecated 2022/08/06
if len(os.Getenv("MP_SSL_CERT")) > 0 {
config.UISSLCert = os.Getenv("MP_SSL_CERT")
}
// deprecated 2022/08/06
if len(os.Getenv("MP_SSL_KEY")) > 0 {
config.UISSLKey = os.Getenv("MP_SSL_KEY")
}

My usecase is served best if i can reverse proxy the UI with traefik, but expose the smtp endpoint as is on a dedicated port (no virtual hosts for smtp)

@axllent
Copy link
Owner

axllent commented Aug 6, 2022
edited
Loading

@paulbalomiri It seems there is some confusion, probably caused by me trying to edit multiple documents at the same time.

So to answer your question(s), MP_SSL_KEY & MP_SSL_CERT have been replaced with MP_UI_SSL_CERT and MP_UI_SSL_KEY - but these are for the web UI, not SMTP (and in saying that I just realized I have a typo in my code so I have just released 0.1.1). What you are looking for has now been documented in the wiki - MP_SMTP_SSL_CERT & MP_SMTP_SSL_KEY.

Hopefully this answers your questions, and thanks for the heads-up.

Edit: traefik handling HTTPS (provided you have something specific in your config to handle the websocket path api/catchall/events - or maybe traefik handles that automatically, I don't know) and direct forwarding to STARTTLS should work as expected - provided you have valid certs (or accept "insecure" (not validated) certs.

Edit 2: I haven't fully tested all those options via docker (yet), though they should work as expected provided I didn't make any more dumb typos :)

@paulbalomiri paulbalomiri mentioned this issue Aug 6, 2022
Closed
@paulbalomiri
Copy link
Author

#6 and #7 both solve a minor issue regarding this.

Thanks for this great Repo @axllent !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paulbalomiri @axllent