commit 6aa9f509750c7ffa99b45188b30d50bf47792704
author Marcin Czech <maczech@gmail.com> Tue Mar 31 14:57:06 2020 +0200
committer Marcin Czech <maczech@gmail.com> Wed Apr 01 11:06:53 2020 +0200
tree 8130a1374d60e0ba5b3d7f98c03a8df6043fdf8e
parent f72c3866395f05dadbf0250a67a928d09fd9783c

Gerrit configuration to use SMTP service

Feature: Issue 12485
Change-Id: I3f319da26077fda433922e7e0149f0d98035c3fc

gerrit/etc/gerrit.config.template

diff --git a/gerrit/etc/gerrit.config.template b/gerrit/etc/gerrit.config.template
index 180d740..043cef9 100644
--- a/gerrit/etc/gerrit.config.template
+++ b/gerrit/etc/gerrit.config.template
@@ -18,8 +18,15 @@
   accountFullName = displayName
   accountEmailAddress = mail
   groupBase = {{ LDAP_GROUP_BASE }}
+
 [sendemail]
-	smtpServer = localhost
+  smtpServer = {{ SMTP_SERVER  }}
+  smtpEncryption = ssl
+  sslVerify = false
+  smtpUser = {{ SMTP_USER }}
+  enable = true
+  from = ${user} (Gerrit) <gerrit@{{ SMTP_DOMAIN }}>
+
 [sshd]
 	listenAddress = *:29418
 [httpd]

gerrit/etc/secure.config.template

diff --git a/gerrit/etc/secure.config.template b/gerrit/etc/secure.config.template
index aec8903..f05c0ca 100644
--- a/gerrit/etc/secure.config.template
+++ b/gerrit/etc/secure.config.template
@@ -2,3 +2,5 @@
 	registerEmailPrivateKey = {{ REGISTER_EMAIL_PRIVATE_KEY }}
 [ldap]
 	password = {{ LDAP_PASSWORD }}
+[sendemail]
+  smtpPass = {{ SMTP_PASSWORD }}

gerrit/gerrit.setup.template

diff --git a/gerrit/gerrit.setup.template b/gerrit/gerrit.setup.template
index b8422e0..b019efe 100644
--- a/gerrit/gerrit.setup.template
+++ b/gerrit/gerrit.setup.template
@@ -3,3 +3,10 @@
 username = cn=admin,dc=example,dc=org
 accountBase = dc=example,dc=org
 groupBase = dc=example,dc=org
+
+[smtp]
+server = yoursmtp.yourcompany.com
+user = smtpuser
+password =  smtppassword
+domain = yourcompany.com
+

gerrit/setup_gerrit.py

diff --git a/gerrit/setup_gerrit.py b/gerrit/setup_gerrit.py
index 6b76440..34fe129 100755
--- a/gerrit/setup_gerrit.py
+++ b/gerrit/setup_gerrit.py
@@ -78,7 +78,8 @@
 with open(GERRIT_CONFIG_DIRECTORY + "secure.config", 'w', encoding = 'utf-8') as f:
     f.write(template.render(
                 REGISTER_EMAIL_PRIVATE_KEY=get_secret(GERRIT_KEY_PREFIX + "registerEmailPrivateKey"),
-                LDAP_PASSWORD=get_secret(GERRIT_KEY_PREFIX + "ldapPassword"))
+                LDAP_PASSWORD=get_secret(GERRIT_KEY_PREFIX + "ldapPassword"),
+                SMTP_PASSWORD=get_secret(GERRIT_KEY_PREFIX + "smtpPassword"))
             )
 
 config = configparser.ConfigParser()
@@ -90,5 +91,8 @@
                 LDAP_SERVER=config['ldap']['server'],
                 LDAP_USERNAME=config['ldap']['username'],
                 LDAP_ACCOUNT_BASE=config['ldap']['accountBase'],
-                LDAP_GROUP_BASE=config['ldap']['groupBase'])
+                LDAP_GROUP_BASE=config['ldap']['groupBase'],
+                SMTP_SERVER=config['smtp']["server"],
+                SMTP_USER=config['smtp']["user"],
+                SMTP_DOMAIN=config['smtp']["domain"])
             )

single-master/README.md

diff --git a/single-master/README.md b/single-master/README.md
index 94ac998..5b297e5 100644
--- a/single-master/README.md
+++ b/single-master/README.md
@@ -112,11 +112,25 @@
 You will need to put the admin LDAP password in a file called `ldapPassword`
 in the same directory of the SSH keys.
 
+#### SMTP Password
+
+You will need to put the SMTP password in a file called `smtpPassword`
+in the same directory of the SSH keys.
+
 #### Import into AWS Secret Manager
 
 You can now run the script to upload them to AWS Secret Manager:
 `add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory`
 
+#### SMTP Service
+
+If you need to setup a SMTP service Amazon Simple Email Service can be used.
+Details how setup Amazon SES can be found [here](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-email-set-up.html).
+
+To correctly setup email notifications Gerrit requires ssl protocol on default port 465 to
+be enabled on SMTP Server. It is possible to setup Gerrit to talk to standard SMTP port 25
+but by default all EC2 instances are blocking it. To enable port 25 please follow [this](https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/) link.
+
 ### Publish custom Gerrit Docker image
 
 * Create the repository in the Docker registry:

single-master/add_secrets_aws_secrets_manager.sh

diff --git a/single-master/add_secrets_aws_secrets_manager.sh b/single-master/add_secrets_aws_secrets_manager.sh
index f5f8678..0e7e1da 100755
--- a/single-master/add_secrets_aws_secrets_manager.sh
+++ b/single-master/add_secrets_aws_secrets_manager.sh
@@ -55,3 +55,9 @@
 aws secretsmanager create-secret --name ${KEY_PREFIX}_ldapPassword \
     --description "LDAP password" \
     --secret-string file://$SECRETS_DIRECTORY/ldapPassword
+
+echo "Adding SMTP password..."
+
+aws secretsmanager create-secret --name ${KEY_PREFIX}_smtpPassword \
+    --description "SMTP password" \
+    --secret-string file://$SECRETS_DIRECTORY/smtpPassword