Rework mailer settings

[clarfonthey]

Since the require changes for the proposal are small, I figured I would just write the code and offer it, in case less discussion is needed. It's partially me verifying my claim that the proposal wouldn't result in that many code changes, so, I don't mind if I have to rewrite it to account for changes to the proposal. Higher level discussion of the proposal can be found in #18901.

Fix #18901.

Non-breaking changes

• This will log a warning if you choose to use mailer.PROTOCOL = smtp+startls but the server does not support it. It will also log a warning if you use smtp on a non-local address, with "local" being either localhost, 127.0.0.1, or ::1; you should use smtps or smtp+startls instead.
• mailer.PROTOCOL = smtp+unix is now supported, as an alternative to mailer.PROTOCOL = smtp on a local port. This is done by providing a file path to SMTP_ADDR, which will be the location of the socket to use. If you don't set the PROTOCOL variable but the SMTP_ADDR variable has slashes in it, the protocol will be assumed to be smtp+unix.
• The installation page now asks for separate address and port options for SMTP, instead of one host option.

⚠️ BREAKING ⚠️

• If you specify credentials for sending emails but the server doesn't support using them, Gitea will fail to start instead of sending mails unauthenticated.
• Use unique mailer.PROTOCOL for different mailers (SMTP family, sendmail, dummy), instead of MAILER_TYPE+PROTOCOL.
• The combined mailer.HOST option has been deprecated, in favor of the new mailer.SMTP_ADDR and mailer.SMTP_PORT options.
• The mailer.IS_TLS_ENABLED option has been deprecated in favor of using the new mailer.PROTOCOL option, which accepts smtp, smtps, smtp+startls, or smtp+unix explicitly. If you don't know what protocol your provider uses but provide a port, you can leave it blank and it will be inferred by the given port. See the non-breaking changes section for more details on the new smtp+unix protocol.
• The mailer.DISABLE_HELO (default false) option has been replaced with mailer.ENABLE_HELO (default true). It still does the same thing, but the option was negated to be less confusing.
• The mailer.SKIP_VERIFY option has been replaced with mailer.FORCE_TRUST_SERVER_CERT to sound scarier, and to clarify what it does.
• The mailer.USE_CERTIFICATE, mailer.CERT_FILE, and mailer.KEY_FILE have been deprecated and renamed to mailer.USE_CLIENT_CERT, mailer.CLIENT_CERT_FILE, and mailer.CLIENT_KEY_FILE.
• The gitea admin auth add/update-smtp command now accepts an --addr option instead of --host. reverted

[Gusted]

• I noticed that the code for deprecated settings doesn't actually emit any warnings if you set both options in the config, and most code just blatantly overwrites the new setting with the old values if present; is this intentional? Should I be doing checks for these?

People should be made aware of setting changes, such they will hopefully read the documentation as it could be the case that the behavior of one of those options might change.

• This completely removes the old config options from the example config file; I'm assuming this is what's desired, instead of including both. However, I can add back in both if that's preferred.

Yes the example config file is assumed to be copy-paste ready(with just changing the values).

• This will now log a fatal error if credentials are provided but the server doesn't support auth; the old behaviour would simply proceed without authenticating.
• This will log a warning if you choose to use StartTLS but the server does not support it. It will also log a warning if you use SMTP-over-TCP without TLS on a non-local address, with "local" being either localhost, 127.0.0.1, or ::1.

Seems like a good change, did the old code not even warn about it?

• SMTP-over-Unix is now supported, as an alternative to SMTP-over-TCP on a local port. The protocol will be assumed to be smtp+unix if the address has slashes in it, which I figure is probably an okay heuristic.

Because of this, It's hard to label this PR, as it it's a refactor + new feature. It could be that this should be splitted into a new PR.

Is there a manual overwrite for this heuristic?

[Gusted]

Don't forget to run make fmt ;)

[clarfonthey]

Because of this, It's hard to label this PR, as it it's a refactor + new feature. It could be that this should be splitted into a new PR.

If you'd prefer that, I'd be more than happy to split it. Not 100% sure how you'd want to handle that, though.

Is there a manual overwrite for this heuristic?

Yes; the heuristic is only if the protocol is unspecified. If it's unspecified, it first tries to infer, and if that fails it gives a fatal error.

Seems like a good change, did the old code not even warn about it?

Nope, the old code just silently went unencrypted if StartTLS wasn't supported, but it did fail if the server claimed to support StartTLS and it failed to start it.

[Gusted]

If you'd prefer that, I'd be more than happy to split it. Not 100% sure how you'd want to handle that, though.

Not needed for now.

[clarfonthey]

Been on/off adding fixes to the build, main barrier is updating the SMTP auth source since that also is coupled to this code. Not currently in a big rush since I figure there would still need to be discussion about the changes themselves (outside the code)

[clarfonthey]

CI hasn't completed yet, but the preliminary tests have passed and I believe that everything should be ready now.

I updated the PR description to fully break down what this PR does, and deleted the questions that were already answered in previous comments.

The one big thing besides what's done here would be updating the docs for configuring emails on the website, but I believe that will require a separate PR.

[clarfonthey]

Update: the CI seems to pass for everything but testing-arm64/test-pgsql, which looks spurious since this doesn't touch any code that should affect that. I think that things are ready to review.

[Gusted]

L-G-T-M otherwise.

[wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf]

these changes left MailerType hanging in templates/admin/config.tmpl, which gives me a 500...

Aug 02 16:35:15 nebula gitea[1874101]: 2022/08/02 16:35:15 ...s/context/context.go:232:HTML() [E] [62e93623] Render failed: template: admin/config:221:20: executing "admin/config" at <.Mailer.MailerType>: can't evaluate field MailerType in type interface {}
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/context/context.go:232 (0x1b6fa0c)
Aug 02 16:35:15 nebula gitea[1874101]:                 (*Context).HTML: ctx.ServerError("Render failed", err)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/routers/web/admin/admin.go:323 (0x21c6f0a)
Aug 02 16:35:15 nebula gitea[1874101]:                 Config: ctx.HTML(http.StatusOK, tplConfig)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/wrap_convert.go:47 (0x1f569f6)
Aug 02 16:35:15 nebula gitea[1874101]:                 convertHandler.func3: t(ctx)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/wrap.go:41 (0x1f54c29)
Aug 02 16:35:15 nebula gitea[1874101]:                 wrapInternal.func1: done, deferrable := handler(resp, req, others...)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x1b64a95)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f550af)
Aug 02 16:35:15 nebula gitea[1874101]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f550af)
Aug 02 16:35:15 nebula gitea[1874101]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f550af)
Aug 02 16:35:15 nebula gitea[1874101]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/middleware/get_head.go:37 (0x200c244)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/wrap.go:63 (0x1f550af)
Aug 02 16:35:15 nebula gitea[1874101]:                 Middle.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/context/context.go:802 (0x1b7587a)
Aug 02 16:35:15 nebula gitea[1874101]:                 Contexter.func1.1: next.ServeHTTP(ctx.Resp, ctx.Req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:71 (0x1b628cc)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:314 (0x1b6427b)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x1b64a95)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/routers/web/base.go:174 (0x21e0b91)
Aug 02 16:35:15 nebula gitea[1874101]:                 Recovery.func1.1: next.ServeHTTP(w, req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/gitea.com/go-chi/session@v0.0.0-20211218221615-e3605d8b28b8/session.go:257 (0x153d23d)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/wrap.go:110 (0x1f55b48)
Aug 02 16:35:15 nebula gitea[1874101]:                 WrapWithPrefix.func1.1: next.ServeHTTP(resp, req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:71 (0x1b628cc)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:314 (0x1b6427b)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:442 (0x1b64a95)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/routers/common/middleware.go:79 (0x2011842)
Aug 02 16:35:15 nebula gitea[1874101]:                 Middlewares.func2.1: next.ServeHTTP(resp, req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/routing/logger_manager.go:123 (0x1f5094f)
Aug 02 16:35:15 nebula gitea[1874101]:                 (*requestRecordsManager).handler.func1: next.ServeHTTP(w, req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/middleware/strip.go:30 (0x200efb8)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/chi-middleware/proxy@v1.1.1/middleware.go:37 (0x200b8b6)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/routers/common/middleware.go:32 (0x2011692)
Aug 02 16:35:15 nebula gitea[1874101]:                 Middlewares.func1.1: next.ServeHTTP(context.NewResponse(resp), req.WithContext(ctx))
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2084 (0x92b66e)
Aug 02 16:35:15 nebula gitea[1874101]:                 HandlerFunc.ServeHTTP: f(w, r)
Aug 02 16:35:15 nebula gitea[1874101]:         /home/user/go/pkg/mod/github.com/go-chi/chi/v5@v5.0.7/mux.go:88 (0x1b62881)
Aug 02 16:35:15 nebula gitea[1874101]:         /opt/gitea/gitea-src/modules/web/route.go:200 (0x1f5406d)
Aug 02 16:35:15 nebula gitea[1874101]:                 (*Route).ServeHTTP: r.R.ServeHTTP(w, req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:2916 (0x92ec5a)
Aug 02 16:35:15 nebula gitea[1874101]:                 serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/net/http/server.go:1966 (0x92a116)
Aug 02 16:35:15 nebula gitea[1874101]:                 (*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
Aug 02 16:35:15 nebula gitea[1874101]:         /usr/lib/go/src/runtime/asm_amd64.s:1571 (0x46d600)
Aug 02 16:35:15 nebula gitea[1874101]:                 goexit: BYTE        $0x90        // NOP

that doesn't succeed either and gives me the following:

Gitea Version: 1.18.0+dev-204-g631539c10.

Not sure if the two are connected but I used to both see Gitea's 500 on server error and had mailer configured properly, so I don't know but it looks like they might be (connected).
Note that I just updated to this commit (changed app.ini as per the new docs, of course) from already a pretty recent version (three days old?), so it's not like I haven't updated Gitea in a while...

ping me if you need more context/feedback..

[wxiaoguang]

Thank you for the test, I will fix it.

[wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf]

Thank you for the test, I will fix it.

cheers!

as to how I found out about the issue: I wanted to send a "test email" from the admin page to make sure the new settings work..and it blew up in my face :(
I should still be able to send a "test email" using the cli, right? so I can still validate the settings..

EDIT: my bad, gitea admin sendmail sends to all users, so no easy way to validate the settings atm..

[wxiaoguang]

The fix:

• Fix the admin mailer config display #20633

[clarfonthey]

Thank you both for fixing the issue so quickly! Sorry I didn't test the change thoroughly enough when writing it.

[wxiaoguang]

Hmm, one more bug.

The changing of auth/smtp/Source.Host is incorrect. d60c438

It should be reverted. It's not related to the SMTP config, it's just for the Auth Source.