CODEWITHSUNDEEP
ruby-on-railsemailenvironment-variablesredmine
JohnCostello
JohnCostello

Reputation: 21

Redmine email configuration with environment variables

I've configured email on redmine according to the instructions in the redmine wiki, and it all works fine. Here are the contents of my config/configuration.yml file:

production:
delivery_method: :smtp
 smtp_settings:
    address: "smtp.sendgrid.net"
    port: 587
    authentication: :plain
    domain: "heroku.com"
    user_name: [email protected]
    password: my_password

However I am trying to use environment variables in place of [email protected] and my_password like so:

production:
  delivery_method: :smtp
  smtp_settings:
    address: "smtp.sendgrid.net"
    port: 587
    authentication: :plain
    domain: "heroku.com"
    user_name: <%= ENV['SENDGRID_USERNAME'] %>
    password: <%= ENV['SENDGRID_PASSWORD'] %>

When I try to send a test email, with the environment variables in the config file, redmine give this error:

'An error occurred while sending mail (535 Authentication failed: Bad username / password )'.

So I guess the erb snippet is not being evaluated (I have double checked the values of the environment variables).

I've searched for a solution and come up empty, does anyone have any suggestions as to how I should configure email in redmine so that I don't expose my sendgrid credentials in the config file?

Alternatively if someone can tell me that it's not a security risk to use the credentials directly, without environment variables, that would also solve my problem.

Upvotes: 2

Views: 2867

Answers (1)

Shiva Huang
Shiva Huang

Reputation: 91

I had answered this question 2 weeks ago, and it was deleted by someone else right away. So I'm not sure if someone will delete this answer again to prevent other guys knowing how to solve this problem. Good luck!

I got the same issue and this article Set up mailing in redmine on heroku solved my problem.

The idea is moving the settings from config/configuration.yml to config/environments/production.rb and using Ruby code to set it up. Since ENV['key'] is handled by erb, I guess configuration.yml is not handled that way. Maybe there is some security issue?

So in your case, you should add these codes to config/environments/production.rb as follows,

ActionMailer::Base.smtp_settings = {
  :address        => 'smtp.sendgrid.net',
  :port           => '587',
  :authentication => :plain,
  :user_name      => ENV['SENDGRID_USERNAME'],
  :password       => ENV['SENDGRID_PASSWORD'],
  :domain         => 'heroku.com'
}
ActionMailer::Base.delivery_method = :smtp

And remove codes from config/configuration.yml and make it looks like this,

default:
  # Outgoing emails configuration (see examples above)
  email_delivery:
    delivery_method: :smtp

Upvotes: 7

Related Questions