Merge pull request #1528 from miton18/feat/notifier-email-tls-config

feat(email): support custom TLS certificates
This commit is contained in:
Max Inden 2018-09-19 13:39:46 +02:00 committed by GitHub
commit a74f94c4aa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 15 deletions

View File

@ -151,18 +151,19 @@ type EmailConfig struct {
NotifierConfig `yaml:",inline" json:",inline"` NotifierConfig `yaml:",inline" json:",inline"`
// Email address to notify. // Email address to notify.
To string `yaml:"to,omitempty" json:"to,omitempty"` To string `yaml:"to,omitempty" json:"to,omitempty"`
From string `yaml:"from,omitempty" json:"from,omitempty"` From string `yaml:"from,omitempty" json:"from,omitempty"`
Hello string `yaml:"hello,omitempty" json:"hello,omitempty"` Hello string `yaml:"hello,omitempty" json:"hello,omitempty"`
Smarthost string `yaml:"smarthost,omitempty" json:"smarthost,omitempty"` Smarthost string `yaml:"smarthost,omitempty" json:"smarthost,omitempty"`
AuthUsername string `yaml:"auth_username,omitempty" json:"auth_username,omitempty"` AuthUsername string `yaml:"auth_username,omitempty" json:"auth_username,omitempty"`
AuthPassword Secret `yaml:"auth_password,omitempty" json:"auth_password,omitempty"` AuthPassword Secret `yaml:"auth_password,omitempty" json:"auth_password,omitempty"`
AuthSecret Secret `yaml:"auth_secret,omitempty" json:"auth_secret,omitempty"` AuthSecret Secret `yaml:"auth_secret,omitempty" json:"auth_secret,omitempty"`
AuthIdentity string `yaml:"auth_identity,omitempty" json:"auth_identity,omitempty"` AuthIdentity string `yaml:"auth_identity,omitempty" json:"auth_identity,omitempty"`
Headers map[string]string `yaml:"headers,omitempty" json:"headers,omitempty"` Headers map[string]string `yaml:"headers,omitempty" json:"headers,omitempty"`
HTML string `yaml:"html,omitempty" json:"html,omitempty"` HTML string `yaml:"html,omitempty" json:"html,omitempty"`
Text string `yaml:"text,omitempty" json:"text,omitempty"` Text string `yaml:"text,omitempty" json:"text,omitempty"`
RequireTLS *bool `yaml:"require_tls,omitempty" json:"require_tls,omitempty"` RequireTLS *bool `yaml:"require_tls,omitempty" json:"require_tls,omitempty"`
TLSConfig commoncfg.TLSConfig `yaml:"tls_config,omitempty" json:"tls_config,omitempty"`
} }
// UnmarshalYAML implements the yaml.Unmarshaler interface. // UnmarshalYAML implements the yaml.Unmarshaler interface.
@ -195,7 +196,7 @@ type PagerdutyConfig struct {
HTTPConfig *commoncfg.HTTPClientConfig `yaml:"http_config,omitempty" json:"http_config,omitempty"` HTTPConfig *commoncfg.HTTPClientConfig `yaml:"http_config,omitempty" json:"http_config,omitempty"`
ServiceKey Secret `yaml:"service_key,omitempty" json"service_key,omitempty"` ServiceKey Secret `yaml:"service_key,omitempty" json:"service_key,omitempty"`
RoutingKey Secret `yaml:"routing_key,omitempty" json:"routing_key,omitempty"` RoutingKey Secret `yaml:"routing_key,omitempty" json:"routing_key,omitempty"`
URL *URL `yaml:"url,omitempty" json:"url,omitempty"` URL *URL `yaml:"url,omitempty" json:"url,omitempty"`
Client string `yaml:"client,omitempty" json:"client,omitempty"` Client string `yaml:"client,omitempty" json:"client,omitempty"`

View File

@ -264,7 +264,15 @@ func (n *Email) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
} }
if port == "465" { if port == "465" {
conn, err := tls.Dial("tcp", n.conf.Smarthost, &tls.Config{ServerName: host}) tlsConfig, err := commoncfg.NewTLSConfig(&n.conf.TLSConfig)
if err != nil {
return false, err
}
if tlsConfig.ServerName == "" {
tlsConfig.ServerName = host
}
conn, err := tls.Dial("tcp", n.conf.Smarthost, tlsConfig)
if err != nil { if err != nil {
return true, err return true, err
} }
@ -298,7 +306,15 @@ func (n *Email) Notify(ctx context.Context, as ...*types.Alert) (bool, error) {
if ok, _ := c.Extension("STARTTLS"); !ok { if ok, _ := c.Extension("STARTTLS"); !ok {
return true, fmt.Errorf("require_tls: true (default), but %q does not advertise the STARTTLS extension", n.conf.Smarthost) return true, fmt.Errorf("require_tls: true (default), but %q does not advertise the STARTTLS extension", n.conf.Smarthost)
} }
tlsConf := &tls.Config{ServerName: host}
tlsConf, err := commoncfg.NewTLSConfig(&n.conf.TLSConfig)
if err != nil {
return false, err
}
if tlsConf.ServerName == "" {
tlsConf.ServerName = host
}
if err := c.StartTLS(tlsConf); err != nil { if err := c.StartTLS(tlsConf); err != nil {
return true, fmt.Errorf("starttls failed: %s", err) return true, fmt.Errorf("starttls failed: %s", err)
} }