refactor: adress review
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
4af80a8305
commit
942f2afd9e
GPG key ID:
40E7A58C4AA1EDB2
8 changed files with 108 additions and 62 deletions
|
|
@ -51,6 +51,10 @@ config :mv,
|
|||
generators: [timestamp_type: :utc_datetime],
|
||||
ash_domains: [Mv.Membership, Mv.Accounts, Mv.MembershipFees, Mv.Authorization]
|
||||
|
||||
# Environment (dev/test/prod). Use this instead of Mix.env() at runtime; Mix.env() is
|
||||
# not available in releases. Set once at compile time via config_env().
|
||||
config :mv, :environment, config_env()
|
||||
|
||||
# CSV Import configuration
|
||||
config :mv,
|
||||
csv_import: [
|
||||
|
|
@ -89,6 +93,10 @@ config :mv, MvWeb.Endpoint,
|
|||
# at the `config/runtime.exs`.
|
||||
config :mv, Mv.Mailer, adapter: Swoosh.Adapters.Local
|
||||
|
||||
# SMTP TLS verification: false = allow self-signed/internal certs; true = verify_peer (use for public SMTP).
|
||||
# Overridden in runtime.exs from SMTP_VERIFY_PEER when SMTP is configured via ENV in prod.
|
||||
config :mv, :smtp_verify_peer, false
|
||||
|
||||
# Default mail "from" address for transactional emails (join confirmation,
|
||||
# user confirmation, password reset). Override in config/runtime.exs from ENV.
|
||||
config :mv, :mail_from, {"Mila", "noreply@example.com"}
|
||||
|
|
|
|||
|
|
@ -227,6 +227,10 @@ if config_env() == :prod do
|
|||
# When SMTP_HOST is set, configure Swoosh to use the SMTP adapter at boot time.
|
||||
# If SMTP is configured only via Settings (Admin UI), the mailer builds the config
|
||||
# per-send at runtime using Mv.Config.smtp_*() helpers.
|
||||
#
|
||||
# TLS/SSL options (tls_options, sockopts) are duplicated here and in Mv.Mailer.smtp_config/0
|
||||
# because boot config must be set in this file; the Mailer uses the same logic for
|
||||
# Settings-only config. Keep verify behaviour in sync (see SMTP_VERIFY_PEER below).
|
||||
smtp_host_env = System.get_env("SMTP_HOST")
|
||||
|
||||
if smtp_host_env && String.trim(smtp_host_env) != "" do
|
||||
|
|
@ -250,6 +254,15 @@ if config_env() == :prod do
|
|||
|
||||
smtp_ssl_mode = System.get_env("SMTP_SSL", "tls")
|
||||
|
||||
# SMTP_VERIFY_PEER: set to true/1/yes to enable TLS certificate verification (recommended
|
||||
# for public SMTP like Gmail/Mailgun). Default false for self-signed/internal certs.
|
||||
smtp_verify_peer =
|
||||
(System.get_env("SMTP_VERIFY_PEER", "false") |> String.downcase()) in ~w(true 1 yes)
|
||||
|
||||
config :mv, :smtp_verify_peer, smtp_verify_peer
|
||||
|
||||
verify_mode = if smtp_verify_peer, do: :verify_peer, else: :verify_none
|
||||
|
||||
smtp_opts =
|
||||
[
|
||||
adapter: Swoosh.Adapters.SMTP,
|
||||
|
|
@ -260,10 +273,9 @@ if config_env() == :prod do
|
|||
ssl: smtp_ssl_mode == "ssl",
|
||||
tls: if(smtp_ssl_mode == "tls", do: :always, else: :never),
|
||||
auth: :always,
|
||||
# Allow self-signed or internal SMTP server certs (OTP 26+ enforces verify_peer with cacerts).
|
||||
# tls_options: STARTTLS (587); sockopts: direct SSL (465).
|
||||
tls_options: [verify: :verify_none],
|
||||
sockopts: [verify: :verify_none]
|
||||
tls_options: [verify: verify_mode],
|
||||
sockopts: [verify: verify_mode]
|
||||
]
|
||||
|> Enum.reject(fn {_k, v} -> is_nil(v) end)
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue