feat: add option for tls mailer (#1078)

deploy.env

@@ -118,6 +118,7 @@ APPFLOWY_MAILER_SMTP_PORT=465
 APPFLOWY_MAILER_SMTP_USERNAME=email_sender@some_company.com
 APPFLOWY_MAILER_SMTP_EMAIL=email_sender@some_company.com
 APPFLOWY_MAILER_SMTP_PASSWORD=email_sender_password
+APPFLOWY_MAILER_SMTP_TLS_KIND=wrapper # "none" "wrapper" "required" "opportunistic"
 
 # Log level for the appflowy-cloud service
 RUST_LOG=info

dev.env

@@ -94,6 +94,7 @@ APPFLOWY_MAILER_SMTP_HOST=smtp.gmail.com
 APPFLOWY_MAILER_SMTP_USERNAME=notify@appflowy.io
 APPFLOWY_MAILER_SMTP_EMAIL=notify@appflowy.io
 APPFLOWY_MAILER_SMTP_PASSWORD=email_sender_password
+APPFLOWY_MAILER_SMTP_TLS_KIND=wrapper # "none" "wrapper" "required" "opportunistic"
 
 RUST_LOG=info
 

libs/mailer/src/config.rs

@@ -7,4 +7,5 @@ pub struct MailerSetting {
   pub smtp_username: String,
   pub smtp_email: String,
   pub smtp_password: Secret<String>,
+  pub smtp_tls_kind: String,
 }

libs/mailer/src/sender.rs

@@ -2,6 +2,8 @@ use handlebars::Handlebars;
 use lettre::message::header::ContentType;
 use lettre::message::Message;
 use lettre::transport::smtp::authentication::Credentials;
+use lettre::transport::smtp::client::Tls;
+use lettre::transport::smtp::client::TlsParameters;
 use lettre::Address;
 use lettre::AsyncSmtpTransport;
 use lettre::AsyncTransport;
@@ -20,9 +22,19 @@ impl Mailer {
     smtp_password: secrecy::Secret<String>,
     smtp_host: &str,
     smtp_port: u16,
+    smtp_tls_kind: &str,
   ) -> Result<Self, anyhow::Error> {
     let creds = Credentials::new(smtp_username, smtp_password.expose_secret().to_string());
-    let smtp_transport = AsyncSmtpTransport::<lettre::Tokio1Executor>::relay(smtp_host)?
+    let tls: Tls = match smtp_tls_kind {
+      "none" => Tls::None,
+      "wrapper" => Tls::Wrapper(TlsParameters::new(smtp_host.into())?),
+      "required" => Tls::Required(TlsParameters::new(smtp_host.into())?),
+      "opportunistic" => Tls::Opportunistic(TlsParameters::new(smtp_host.into())?),
+      _ => return Err(anyhow::anyhow!("Invalid TLS kind")),
+    };
+
+    let smtp_transport = AsyncSmtpTransport::<lettre::Tokio1Executor>::builder_dangerous(smtp_host)
+      .tls(tls)
       .credentials(creds)
       .port(smtp_port)
       .build();

services/appflowy-worker/src/application.rs

@@ -157,6 +157,7 @@ async fn get_worker_mailer(config: &Config) -> Result<AFWorkerMailer, Error> {
     config.mailer.smtp_password.clone(),
     &config.mailer.smtp_host,
     config.mailer.smtp_port,
+    config.mailer.smtp_tls_kind.as_str(),
   )
   .await?;
 

services/appflowy-worker/src/config.rs

@@ -56,6 +56,7 @@ impl Config {
         // Adapted from: https://github.com/AppFlowy-IO/AppFlowy-Cloud/issues/984
         smtp_username: get_env_var("APPFLOWY_MAILER_SMTP_USERNAME", "sender@example.com"),
         smtp_password: get_env_var("APPFLOWY_MAILER_SMTP_PASSWORD", "password").into(),
+        smtp_tls_kind: get_env_var("APPFLOWY_MAILER_SMTP_TLS_KIND", "wrapper").into(),
       },
     })
   }

services/appflowy-worker/src/mailer.rs

@@ -63,6 +63,7 @@ mod tests {
       "smtp_password".to_string().into(),
       "localhost",
       465,
+      "none",
     )
     .await
     .unwrap();

src/application.rs

@@ -469,6 +469,7 @@ async fn get_mailer(mailer: &MailerSetting) -> Result<AFCloudMailer, Error> {
     mailer.smtp_password.clone(),
     &mailer.smtp_host,
     mailer.smtp_port,
+    mailer.smtp_tls_kind.as_str(),
   )
   .await?;
 

src/config/config.rs

@@ -265,6 +265,7 @@ pub fn get_configuration() -> Result<Config, anyhow::Error> {
       smtp_username: get_env_var("APPFLOWY_MAILER_SMTP_USERNAME", "sender@example.com"),
       smtp_email: get_env_var("APPFLOWY_MAILER_SMTP_EMAIL", "sender@example.com"),
       smtp_password: get_env_var("APPFLOWY_MAILER_SMTP_PASSWORD", "password").into(),
+      smtp_tls_kind: get_env_var("APPFLOWY_MAILER_SMTP_TLS_KIND", "wrapper"),
     },
     apple_oauth: AppleOAuthSetting {
       client_id: get_env_var("APPFLOWY_APPLE_OAUTH_CLIENT_ID", ""),