From d52e5a24203b2ba57ed7e65ecbabc14aa849d976 Mon Sep 17 00:00:00 2001
From: Sameer Naik <sameer@damagehead.com>
Date: Mon, 22 Jun 2015 16:18:34 +0530
Subject: [PATCH] smtp: added `SMTP_TLS` configuration parameter

Closes #315
---
 Changelog.md                            | 3 +++
 README.md                               | 1 +
 assets/config/gitlabhq/smtp_settings.rb | 3 ++-
 entrypoint.sh                           | 2 ++
 4 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index a5c2133a..9185070f 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -2,6 +2,9 @@
 
 This file only reflects the changes that are made in the the docker image. Please refer to the upstream GitLab [CHANGELOG](https://github.com/gitlabhq/gitlabhq/blob/master/CHANGELOG) for the list of changes in GitLab.
 
+**latest**
+- added `SMTP_TLS` configuration parameter
+
 **7.11.4-1**
 - base image update to fix SSL vulnerability
 
diff --git a/README.md b/README.md
index 11e43d37..94be4b53 100644
--- a/README.md
+++ b/README.md
@@ -763,6 +763,7 @@ Below is the complete list of available options that can be used to customize yo
 - **SMTP_USER**: SMTP username.
 - **SMTP_PASS**: SMTP password.
 - **SMTP_STARTTLS**: Enable STARTTLS. Defaults to `true`.
+- **SMTP_TLS**: Enable SSL/TLS. Defaults to `false`.
 - **SMTP_OPENSSL_VERIFY_MODE**: SMTP openssl verification mode. Accepted values are `none`, `peer`, `client_once` and `fail_if_no_peer_cert`. Defaults to `none`.
 - **SMTP_AUTHENTICATION**: Specify the SMTP authentication method. Defaults to `login` if `SMTP_USER` is set.
 - **LDAP_ENABLED**: Enable LDAP. Defaults to `false`
diff --git a/assets/config/gitlabhq/smtp_settings.rb b/assets/config/gitlabhq/smtp_settings.rb
index 6d09d2a3..d400643b 100644
--- a/assets/config/gitlabhq/smtp_settings.rb
+++ b/assets/config/gitlabhq/smtp_settings.rb
@@ -14,6 +14,7 @@ if Rails.env.production?
     domain: "{{SMTP_DOMAIN}}",
     authentication: "{{SMTP_AUTHENTICATION}}",
     openssl_verify_mode: "{{SMTP_OPENSSL_VERIFY_MODE}}",
-    enable_starttls_auto: {{SMTP_STARTTLS}}
+    enable_starttls_auto: {{SMTP_STARTTLS}},
+    tls: {{SMTP_TLS}}
   }
 end
diff --git a/entrypoint.sh b/entrypoint.sh
index ac1939bc..16bcb9d8 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -80,6 +80,7 @@ SMTP_USER=${SMTP_USER:-}
 SMTP_PASS=${SMTP_PASS:-}
 SMTP_OPENSSL_VERIFY_MODE=${SMTP_OPENSSL_VERIFY_MODE:-none}
 SMTP_STARTTLS=${SMTP_STARTTLS:-true}
+SMTP_TLS=${SMTP_TLS:-false}
 if [ -n "${SMTP_USER}" ]; then
   SMTP_ENABLED=${SMTP_ENABLED:-true}
   SMTP_AUTHENTICATION=${SMTP_AUTHENTICATION:-login}
@@ -443,6 +444,7 @@ if [ "${SMTP_ENABLED}" == "true" ]; then
 
   sudo -u ${GITLAB_USER} -H sed 's/{{SMTP_DOMAIN}}/'"${SMTP_DOMAIN}"'/' -i config/initializers/smtp_settings.rb
   sudo -u ${GITLAB_USER} -H sed 's/{{SMTP_STARTTLS}}/'"${SMTP_STARTTLS}"'/' -i config/initializers/smtp_settings.rb
+  sudo -u ${GITLAB_USER} -H sed 's/{{SMTP_TLS}}/'"${SMTP_TLS}"'/' -i config/initializers/smtp_settings.rb
   sudo -u ${GITLAB_USER} -H sed 's/{{SMTP_OPENSSL_VERIFY_MODE}}/'"${SMTP_OPENSSL_VERIFY_MODE}"'/' -i config/initializers/smtp_settings.rb
 
   case "${SMTP_AUTHENTICATION}" in