Email sending through SMTP

6.7. Email sending through SMTP#

This section describes how to configure the SMTP server connection for Nubus for Kubernetes. Various components in Nubus for Kubernetes need an SMTP server for sending email notifications. For information about SMTP server requirements, see SMTP server.

You configure the SMTP server connection through the Helm Chart values file. The configuration includes connection parameters and authentication credentials. This page describes the configuration settings for each component in detail.

6.7.1. UMC Server SMTP configuration#

The UMC Server uses SMTP to send password reset emails and other notifications. It retrieves SMTP connection parameters from UCR (Univention Configuration Registry), defined in the nubusStackDataUms.stackDataContext values. You configure the SMTP password separately through Helm Chart values. To define the SMTP configuration for the UMC Server, apply the following steps:

To configure the SMTP connection parameters for UMC Server, add the configuration in Listing 6.23 to your values.yaml file.

Connection parameter reference

The stackDataContext values populate the following UCR variables that UMC Server needs for self-service emails:

smtpHost
SMTP server hostname.

Populates the UCR variable umc/self-service/passwordreset/email/server.

smtpPort
SMTP server port.

Common values are 25, 587, and 465. The default port is 25.

Populates the UCR variable umc/self-service/passwordreset/email/server/port.

smtpUser
SMTP authentication username.

Populates the UCR variable umc/self-service/passwordreset/email/server/user.

smtpStartTls
Use StartTLS encryption.

Recommended for port 587. Possible values are true and false.

Populates the UCR variable umc/self-service/passwordreset/email/server/starttls.
Listing 6.23 Example for UMC Server SMTP connection parameters#
```
nubusStackDataUms:
  stackDataContext:
    smtpHost: "smtp.example.com"
    smtpPort: 587
    smtpUser: "smtp-user@example.com"
    smtpStartTls: true
```
To configure the SMTP password for UMC Server, choose one of the following options.
Existing secret (recommended)
Use an existing Kubernetes secret to store the SMTP password. This option is recommended for production deployments.

nubusUmcServer.smtp.auth.existingSecret.name
The name of the Kubernetes secret containing the SMTP password.

nubusUmcServer.smtp.auth.existingSecret.keyMapping.password
The key in the secret that contains the SMTP password.

Add the configuration in Listing 6.24 to your values.yaml file.
Listing 6.24 UMC Server SMTP password with existing secret#
nubusUmcServer: smtp: auth: existingSecret: name: "umc-smtp-credentials" keyMapping: password: "smtp-password"
Direct password
Provide the SMTP password directly in the Helm Chart values. This option isn’t recommended for production deployments.

nubusUmcServer.smtp.auth.password
The SMTP password.

Add the configuration in Listing 6.25 to your values.yaml file.
Listing 6.25 UMC Server SMTP password directly in Helm Chart values#
nubusUmcServer: smtp: auth: password: "<your-smtp-password>"

6.7.2. Keycloak Extensions SMTP configuration#

Note that the Keycloak Extensions provide experimental features and are currently disabled by default.

The Keycloak Extensions use SMTP to send account verification emails and other authentication-related notifications. To define the SMTP configuration for the Keycloak Extensions, apply the following steps:

To configure the SMTP connection parameters for Keycloak Extensions, add the configuration in Listing 6.26 to your values.yaml file.

Connection parameter reference

The following Helm Chart values configure the SMTP connection for Keycloak Extensions:

nubusKeycloakExtensions.smtp.connection.host
SMTP server hostname.

nubusKeycloakExtensions.smtp.connection.port
SMTP server port.

Common values are 25, 587, and 465.

nubusKeycloakExtensions.smtp.connection.ssl
Use SSL/TLS encryption.

Possible values are true and false.

nubusKeycloakExtensions.smtp.connection.starttls
Use StartTLS encryption.

Recommended for port 587. Possible values are true and false.

nubusKeycloakExtensions.smtp.auth.enabled
Enable SMTP authentication.

Possible values are true and false.

nubusKeycloakExtensions.smtp.auth.username
SMTP authentication username.
Listing 6.26 Example for Keycloak Extensions SMTP connection parameters#
```
nubusKeycloakExtensions:
  smtp:
    connection:
      host: "smtp.example.com"
      port: "587"
      ssl: false
      starttls: true
    auth:
      enabled: true
      username: "smtp-user@example.com"
```
To configure the SMTP password for Keycloak Extensions, choose one of the following options.
Existing secret (recommended)
Use an existing Kubernetes secret to store the SMTP password. This option is recommended for production deployments.

nubusKeycloakExtensions.smtp.auth.existingSecret.name
The name of the Kubernetes secret containing the SMTP password.

nubusKeycloakExtensions.smtp.auth.existingSecret.keyMapping.password
The key in the secret that contains the SMTP password.

Add the configuration in Listing 6.27 to your values.yaml file.
Listing 6.27 Keycloak Extensions SMTP password with existing secret#
nubusKeycloakExtensions: smtp: auth: existingSecret: name: "keycloak-extensions-smtp-credentials" keyMapping: password: "smtp-password"
Direct password
Provide the SMTP password directly in the Helm Chart values. This option isn’t recommended for production deployments.

nubusKeycloakExtensions.smtp.auth.password
The SMTP password.

Add the configuration in Listing 6.28 to your values.yaml file.
Listing 6.28 Keycloak Extensions SMTP password directly in Helm Chart values#
nubusKeycloakExtensions: smtp: auth: password: "<your-smtp-password>"

Nubus for Kubernetes - Operation Manual 1.x

Email sending through SMTP

Contents

6.7. Email sending through SMTP#

6.7.1. UMC Server SMTP configuration#

6.7.2. Keycloak Extensions SMTP configuration#