Gerrit configuration to use SMTP service
Feature: Issue 12485
Change-Id: I3f319da26077fda433922e7e0149f0d98035c3fc
diff --git a/gerrit/etc/gerrit.config.template b/gerrit/etc/gerrit.config.template
index 180d740..043cef9 100644
--- a/gerrit/etc/gerrit.config.template
+++ b/gerrit/etc/gerrit.config.template
@@ -18,8 +18,15 @@
accountFullName = displayName
accountEmailAddress = mail
groupBase = {{ LDAP_GROUP_BASE }}
+
[sendemail]
- smtpServer = localhost
+ smtpServer = {{ SMTP_SERVER }}
+ smtpEncryption = ssl
+ sslVerify = false
+ smtpUser = {{ SMTP_USER }}
+ enable = true
+ from = ${user} (Gerrit) <gerrit@{{ SMTP_DOMAIN }}>
+
[sshd]
listenAddress = *:29418
[httpd]
diff --git a/gerrit/etc/secure.config.template b/gerrit/etc/secure.config.template
index aec8903..f05c0ca 100644
--- a/gerrit/etc/secure.config.template
+++ b/gerrit/etc/secure.config.template
@@ -2,3 +2,5 @@
registerEmailPrivateKey = {{ REGISTER_EMAIL_PRIVATE_KEY }}
[ldap]
password = {{ LDAP_PASSWORD }}
+[sendemail]
+ smtpPass = {{ SMTP_PASSWORD }}
diff --git a/gerrit/gerrit.setup.template b/gerrit/gerrit.setup.template
index b8422e0..b019efe 100644
--- a/gerrit/gerrit.setup.template
+++ b/gerrit/gerrit.setup.template
@@ -3,3 +3,10 @@
username = cn=admin,dc=example,dc=org
accountBase = dc=example,dc=org
groupBase = dc=example,dc=org
+
+[smtp]
+server = yoursmtp.yourcompany.com
+user = smtpuser
+password = smtppassword
+domain = yourcompany.com
+
diff --git a/gerrit/setup_gerrit.py b/gerrit/setup_gerrit.py
index 6b76440..34fe129 100755
--- a/gerrit/setup_gerrit.py
+++ b/gerrit/setup_gerrit.py
@@ -78,7 +78,8 @@
with open(GERRIT_CONFIG_DIRECTORY + "secure.config", 'w', encoding = 'utf-8') as f:
f.write(template.render(
REGISTER_EMAIL_PRIVATE_KEY=get_secret(GERRIT_KEY_PREFIX + "registerEmailPrivateKey"),
- LDAP_PASSWORD=get_secret(GERRIT_KEY_PREFIX + "ldapPassword"))
+ LDAP_PASSWORD=get_secret(GERRIT_KEY_PREFIX + "ldapPassword"),
+ SMTP_PASSWORD=get_secret(GERRIT_KEY_PREFIX + "smtpPassword"))
)
config = configparser.ConfigParser()
@@ -90,5 +91,8 @@
LDAP_SERVER=config['ldap']['server'],
LDAP_USERNAME=config['ldap']['username'],
LDAP_ACCOUNT_BASE=config['ldap']['accountBase'],
- LDAP_GROUP_BASE=config['ldap']['groupBase'])
+ LDAP_GROUP_BASE=config['ldap']['groupBase'],
+ SMTP_SERVER=config['smtp']["server"],
+ SMTP_USER=config['smtp']["user"],
+ SMTP_DOMAIN=config['smtp']["domain"])
)
diff --git a/single-master/README.md b/single-master/README.md
index 94ac998..5b297e5 100644
--- a/single-master/README.md
+++ b/single-master/README.md
@@ -112,11 +112,25 @@
You will need to put the admin LDAP password in a file called `ldapPassword`
in the same directory of the SSH keys.
+#### SMTP Password
+
+You will need to put the SMTP password in a file called `smtpPassword`
+in the same directory of the SSH keys.
+
#### Import into AWS Secret Manager
You can now run the script to upload them to AWS Secret Manager:
`add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory`
+#### SMTP Service
+
+If you need to setup a SMTP service Amazon Simple Email Service can be used.
+Details how setup Amazon SES can be found [here](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/send-email-set-up.html).
+
+To correctly setup email notifications Gerrit requires ssl protocol on default port 465 to
+be enabled on SMTP Server. It is possible to setup Gerrit to talk to standard SMTP port 25
+but by default all EC2 instances are blocking it. To enable port 25 please follow [this](https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/) link.
+
### Publish custom Gerrit Docker image
* Create the repository in the Docker registry:
diff --git a/single-master/add_secrets_aws_secrets_manager.sh b/single-master/add_secrets_aws_secrets_manager.sh
index f5f8678..0e7e1da 100755
--- a/single-master/add_secrets_aws_secrets_manager.sh
+++ b/single-master/add_secrets_aws_secrets_manager.sh
@@ -55,3 +55,9 @@
aws secretsmanager create-secret --name ${KEY_PREFIX}_ldapPassword \
--description "LDAP password" \
--secret-string file://$SECRETS_DIRECTORY/ldapPassword
+
+echo "Adding SMTP password..."
+
+aws secretsmanager create-secret --name ${KEY_PREFIX}_smtpPassword \
+ --description "SMTP password" \
+ --secret-string file://$SECRETS_DIRECTORY/smtpPassword