diff --git a/.env.example b/.env.example index 1dc215e860..7317212c40 100644 --- a/.env.example +++ b/.env.example @@ -38,12 +38,15 @@ SITE_URL=http://localhost:8080 # Mail/SMTP # Required to send emails -# By default, SMTP_HOST is set to smtp.gmail.com +# By default, SMTP_HOST is set to smtp.gmail.com, SMTP_PORT is set to 587, SMTP_TLS is set to false, and SMTP_FROM_NAME is set to Infisical SMTP_HOST=smtp.gmail.com +# If STARTTLS is supported, the connection will be upgraded to TLS when SMTP_SECURE is set to false +SMTP_SECURE=false SMTP_PORT=587 -SMTP_NAME=Team -SMTP_USERNAME=team@infisical.com +SMTP_USERNAME= SMTP_PASSWORD= +SMTP_FROM_ADDRESS= +SMTP_FROM_NAME=Infisical # Integration # Optional only if integration is used diff --git a/backend/src/config/index.ts b/backend/src/config/index.ts index 525a7b2c8b..e0f8fdcf1c 100644 --- a/backend/src/config/index.ts +++ b/backend/src/config/index.ts @@ -28,10 +28,12 @@ const PUBLIC_KEY = process.env.PUBLIC_KEY!; const SENTRY_DSN = process.env.SENTRY_DSN!; const SITE_URL = process.env.SITE_URL!; const SMTP_HOST = process.env.SMTP_HOST! || 'smtp.gmail.com'; +const SMTP_SECURE = process.env.SMTP_SECURE! || false; const SMTP_PORT = process.env.SMTP_PORT! || 587; -const SMTP_NAME = process.env.SMTP_NAME!; const SMTP_USERNAME = process.env.SMTP_USERNAME!; const SMTP_PASSWORD = process.env.SMTP_PASSWORD!; +const SMTP_FROM_ADDRESS = process.env.SMTP_FROM_ADDRESS!; +const SMTP_FROM_NAME = process.env.SMTP_FROM_NAME! || 'Infisical'; const STRIPE_PRODUCT_CARD_AUTH = process.env.STRIPE_PRODUCT_CARD_AUTH!; const STRIPE_PRODUCT_PRO = process.env.STRIPE_PRODUCT_PRO!; const STRIPE_PRODUCT_STARTER = process.env.STRIPE_PRODUCT_STARTER!; @@ -70,9 +72,11 @@ export { SITE_URL, SMTP_HOST, SMTP_PORT, - SMTP_NAME, + SMTP_SECURE, SMTP_USERNAME, SMTP_PASSWORD, + SMTP_FROM_ADDRESS, + SMTP_FROM_NAME, STRIPE_PRODUCT_CARD_AUTH, STRIPE_PRODUCT_PRO, STRIPE_PRODUCT_STARTER, diff --git a/backend/src/helpers/nodemailer.ts b/backend/src/helpers/nodemailer.ts index 7f5fb1564f..958342aae1 100644 --- a/backend/src/helpers/nodemailer.ts +++ b/backend/src/helpers/nodemailer.ts @@ -2,7 +2,7 @@ import fs from 'fs'; import path from 'path'; import handlebars from 'handlebars'; import nodemailer from 'nodemailer'; -import { SMTP_NAME, SMTP_USERNAME } from '../config'; +import { SMTP_FROM_NAME, SMTP_FROM_ADDRESS } from '../config'; import * as Sentry from '@sentry/node'; let smtpTransporter: nodemailer.Transporter; @@ -34,7 +34,7 @@ const sendMail = async ({ const htmlToSend = temp(substitutions); await smtpTransporter.sendMail({ - from: `"${SMTP_NAME}" <${SMTP_USERNAME}>`, + from: `"${SMTP_FROM_NAME}" <${SMTP_FROM_ADDRESS}>`, to: recipients.join(', '), subject: subjectLine, html: htmlToSend diff --git a/backend/src/services/smtp.ts b/backend/src/services/smtp.ts index dd502750f8..14d5434395 100644 --- a/backend/src/services/smtp.ts +++ b/backend/src/services/smtp.ts @@ -1,10 +1,11 @@ import nodemailer from 'nodemailer'; -import { SMTP_HOST, SMTP_PORT, SMTP_USERNAME, SMTP_PASSWORD } from '../config'; +import { SMTP_HOST, SMTP_PORT, SMTP_USERNAME, SMTP_PASSWORD, SMTP_SECURE } from '../config'; import SMTPConnection from 'nodemailer/lib/smtp-connection'; import * as Sentry from '@sentry/node'; const mailOpts: SMTPConnection.Options = { host: SMTP_HOST, + secure: SMTP_SECURE as boolean, port: SMTP_PORT as number }; if (SMTP_USERNAME && SMTP_PASSWORD) { diff --git a/docs/self-hosting/configuration/envars.mdx b/docs/self-hosting/configuration/envars.mdx index 9c6697df56..b05b410bce 100644 --- a/docs/self-hosting/configuration/envars.mdx +++ b/docs/self-hosting/configuration/envars.mdx @@ -24,12 +24,15 @@ Configuring Infisical requires setting some environment variables. There is a fi | `MONGO_PASSWORD` | MongoDB password if using container | `None` | | `SITE_URL` | ❗️ Site URL - should be an absolute URL including the protocol (e.g. `https://app.infisical.com`) | `None` | | `SMTP_HOST` | Hostname to connect to for establishing SMTP connections | `smtp.gmail.com` | -| `SMTP_NAME` | Name label to be used in From field (e.g. `Team`) | `None` | +| `SMTP_SECURE` | Use TLS when connecting to host. If false, TLS will be used if STARTTLS is supported | `false` | +| `SMTP_PORT` | ❗️ Port to connect to for establishing SMTP connections | `587` | +| `SMTP_FROM_ADDRESS` | ❗️ Email address to be used for sending emails (e.g. `team@infisical.com`) | `None` | +| `SMTP_FROM_NAME` | Name label to be used in From field (e.g. `Team`) | `Infisical` | | `SMTP_USERNAME` | ❗️ Credential to connect to host (e.g. `team@infisical.com`) | `None` | | `SMTP_PASSWORD` | ❗️ Credential to connect to host | `None` | | `TELEMETRY_ENABLED` | `true` or `false`. [More](../overview). | `true` | -| `CLIENT_ID_VERCEL` | OAuth client id for Vercel integration | `None` | -| `CLIENT_ID_NETLIFY` | OAuth client id for Netlify integration | `None` | +| `CLIENT_ID_VERCEL` | OAuth client id for Vercel integration | `None` | +| `CLIENT_ID_NETLIFY` | OAuth client id for Netlify integration | `None` | | `CLIENT_SECRET_HEROKU` | OAuth client secret for Heroku integration | `None` | | `CLIENT_SECRET_VERCEL` | OAuth client secret for Vercel integration | `None` | | `CLIENT_SECRET_NETLIFY` | OAuth client secret for Netlify integration | `None` |