Allow separate from and to emails

Use SMTP credentials instead of Gmail auth for Email
Revert prefers-color-scheme
2024-10-16 21:45:55 -04:00 · 2024-10-16 21:36:57 -04:00 · 2024-10-16 21:21:58 -04:00 · 2024-10-15 22:51:41 -04:00
8 changed files with 81 additions and 40 deletions
--- a/.env.defaults
+++ b/.env.defaults
@ -18,8 +18,13 @@ PRISMA_HIDE_UPDATE_MESSAGE=true
 FIRST_NAME=firstname
 LAST_NAME=lastname

-GMAIL=example@gmail.com
-GMAIL_SMTP_PASSWORD=chan geme xyza bcde
+SMTP_HOST=smtp.example.com
+SMTP_PORT=465
+SMTP_SECURE=true
+SMTP_USER=noreply@example.com
+EMAIL_FROM=noreply@example.com
+EMAIL_TO=email@example.com
+SMTP_PASSWORD=password

 DOMAIN=example.com
 API_DOMAIN=api.example.com
--- a/.env.example
+++ b/.env.example
@ -6,8 +6,13 @@
 FIRST_NAME=firstname
 LAST_NAME=lastname

-GMAIL=example@gmail.com
-GMAIL_SMTP_PASSWORD=chan geme xyza bcde
+SMTP_HOST=smtp.example.com
+SMTP_PORT=465
+SMTP_SECURE=true
+SMTP_USER=noreply@example.com
+EMAIL_FROM=noreply@example.com
+EMAIL_TO=email@example.com
+SMTP_PASSWORD=password

 DOMAIN=example.com
 API_DOMAIN=api.example.com
--- a/9
+++ b/9
@ -43,8 +43,13 @@ ARG ADDRESS_DEV
 ARG DOMAIN
 ARG API_DOMAIN
 ARG MAX_HTTP_CONNECTIONS_PER_MINUTE
-ARG GMAIL
-ARG GMAIL_SMTP_PASSWORD
+ARG SMTP_HOST
+ARG SMTP_PORT
+ARG SMTP_SECURE
+ARG SMTP_USER
+ARG SMTP_PASSWORD
+ARG EMAIL_FROM
+ARG EMAIL_TO
 ARG FIRST_NAME
 ARG LAST_NAME

--- a/README.md
+++ b/README.md
@ -6,10 +6,8 @@ Create two A records, one for the web side of the website and one for the api si
 - It doesn't matter what reverse proxy you use (Nginx, Apache, Traefik, Caddy, etc)
 1. Point the web domain to the web port (default: 8910)
 2. Point the api domain to the api port (default: 8911)
-### Gmail App Password
-1. Go to your Google [account dashboard](https://myaccount.google.com)
-2. Go to Security > 2-Step Verification > App Passwords > Create a new app password
-3. Copy the 16 character password
+### SMTP
+You will need credentials to authorize sending Email, instructions vary depending on provider (Gmail, Hotmail, etc).
 ### [Docker Compose](./docker-compose.yml)
 ```yaml
 version: '3.8'
@ -23,21 +21,28 @@ services:
      - API_PROXY_TARGET=http://localhost:8911
      - MAX_HTTP_CONNECTIONS_PER_MINUTE=60
      - SESSION_SECRET=super_secret_session_key_change_me_in_production_please
-      - DATABASE_URL=postgresql://redwood:redwood@db:5432/portfolio
+      - DATABASE_URL=postgresql://redwood:changeme@db:5432/portfolio
      - FIRST_NAME=first name                               # Your first name
      - LAST_NAME=lastname                                  # Your last name
-      - GMAIL=example@gmail.com                             # The Gmail address associated with the app password created earlier
-      - GMAIL_SMTP_PASSWORD=aaaa bbbb cccc dddd             # The app password created earlier
+      - SMTP_HOST=smtp.example.com
+      - SMTP_PORT=465
+      - SMTP_SECURE=true
+      - SMTP_USER=noreply@example.com
+      - EMAIL_FROM=noreply@example.com
+      - EMAIL_TO=email@example.com
+      - SMTP_PASSWORD=password
      - DOMAIN=portfolio.example.com
      - API_DOMAIN=api.portfolio.example.com
                                                            # Careful, addresses below must not end with a '/'
      - ADDRESS_PROD=https://portfolio.example.com          # https://DOMAIN
      - API_ADDRESS_PROD=https://api.portfolio.example.com  # https://API_DOMAIN
    ports:
-      - '8910:8910' # Web
-      - '8911:8911' # API
+      - 8910:8910                                           # Web
+      - 8911:8911                                           # API
    depends_on:
      - db
+    volumes:
+      - files:/home/node/app/api/files_prod
    command: >
      /bin/sh -c "
      yarn rw build &&
@ -50,16 +55,22 @@ services:
    container_name: portfolio-db
    image: postgres:16-bookworm
    environment:
-      POSTGRES_USER: redwood
-      POSTGRES_PASSWORD: redwood
-      POSTGRES_DB: portfolio
+      - POSTGRES_USER=redwood
+      - POSTGRES_PASSWORD=changeme
+      - POSTGRES_DB=portfolio
    ports:
-      - '5432:5432'
+      - 5432:5432
    volumes:
      - postgres:/var/lib/postgresql/data

 volumes:
  postgres:
+  files:                                                    # For persistent file storage across upgrades
+```
+## Fix Files Ownership
+The `files` volume in Docker is owned by `root`, since the portfolio container runs under the `node` user, file uploads will fail. Run this command to give ownership to the `node` user:
+```
+sudo docker exec -u root portfolio chown -R node:node /home/node/app/api/files_prod
 ```
 ## Logging In
 - Once the container is up and running, head to `/login` (`https://portfolio.example.com/login`), default credentials are below
@ -69,4 +80,4 @@ volumes:
 ### Default Credentials
 **Username:** `admin`

-**Password:** [`GMAIL_SMTP_PASSWORD`](#gmail-app-password)
+**Password:** [`SMTP_PASSWORD`](#smtp)
--- a/api/src/lib/email.ts
+++ b/api/src/lib/email.ts
@ -8,16 +8,18 @@ interface Options {
 }

 const transporter = nodemailer.createTransport({
-  service: 'gmail',
+  host: process.env.SMTP_HOST,
+  port: Number(process.env.SMTP_PORT),
+  secure: process.env.SMTP_SECURE === 'true',
  auth: {
-    user: process.env.GMAIL,
-    pass: process.env.GMAIL_SMTP_PASSWORD,
+    user: process.env.SMTP_USER,
+    pass: process.env.SMTP_PASSWORD,
  },
 })

 export const sendEmail = async ({ to, subject, text, html }: Options) =>
  await transporter.sendMail({
-    from: `"${process.env.FIRST_NAME} ${process.env.LAST_NAME} (noreply)" <${process.env.GMAIL}>`,
+    from: `${process.env.FIRST_NAME} ${process.env.LAST_NAME} <${process.env.EMAIL_FROM}>`,
    to: Array.isArray(to) ? to : [to],
    subject,
    text,
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -9,21 +9,28 @@ services:
      - API_PROXY_TARGET=http://localhost:8911
      - MAX_HTTP_CONNECTIONS_PER_MINUTE=60
      - SESSION_SECRET=super_secret_session_key_change_me_in_production_please
-      - DATABASE_URL=postgresql://redwood:redwood@db:5432/portfolio
+      - DATABASE_URL=postgresql://redwood:changeme@db:5432/portfolio
      - FIRST_NAME=first name                               # Your first name
      - LAST_NAME=lastname                                  # Your last name
-      - GMAIL=example@gmail.com                             # The Gmail address associated with the app password created earlier
-      - GMAIL_SMTP_PASSWORD=aaaa bbbb cccc dddd             # The app password created earlier
+      - SMTP_HOST=smtp.example.com
+      - SMTP_PORT=465
+      - SMTP_SECURE=true
+      - SMTP_USER=noreply@example.com
+      - EMAIL_FROM=noreply@example.com
+      - EMAIL_TO=email@example.com
+      - SMTP_PASSWORD=password
      - DOMAIN=portfolio.example.com
      - API_DOMAIN=api.portfolio.example.com
                                                            # Careful, addresses below must not end with a '/'
      - ADDRESS_PROD=https://portfolio.example.com          # https://DOMAIN
      - API_ADDRESS_PROD=https://api.portfolio.example.com  # https://API_DOMAIN
    ports:
-      - '8910:8910' # Web
-      - '8911:8911' # API
+      - 8910:8910                                           # Web
+      - 8911:8911                                           # API
    depends_on:
      - db
+    volumes:
+      - files:/home/node/app/api/files_prod
    command: >
      /bin/sh -c "
      yarn rw build &&
@ -36,13 +43,14 @@ services:
    container_name: portfolio-db
    image: postgres:16-bookworm
    environment:
-      POSTGRES_USER: redwood
-      POSTGRES_PASSWORD: redwood
-      POSTGRES_DB: portfolio
+      - POSTGRES_USER=redwood
+      - POSTGRES_PASSWORD=changeme
+      - POSTGRES_DB=portfolio
    ports:
-      - '5432:5432'
+      - 5432:5432
    volumes:
      - postgres:/var/lib/postgresql/data

 volumes:
  postgres:
+  files:                                                    # For persistent file storage across upgrades
--- a/scripts/seed.ts
+++ b/scripts/seed.ts
@ -9,15 +9,15 @@ export default async () => {
  try {
    const admin = {
      username: 'admin',
-      email: process.env.GMAIL,
-      password: process.env.GMAIL_SMTP_PASSWORD,
+      email: process.env.EMAIL_TO,
+      password: process.env.SMTP_PASSWORD,
    }

    const [hashedPassword, salt] = hashPassword(admin.password)

    const existingAdmin = await db.user.findFirst({
      where: {
-        email: admin.email,
+        username: admin.username,
      },
    })

@ -30,6 +30,14 @@ export default async () => {
          salt,
        },
      })
+    else
+      await db.user.update({
+        where: { id: existingAdmin.id },
+        data: {
+          username: admin.username,
+          email: admin.email,
+        },
+      })

    const titles = await db.titles.findFirst()

--- a/web/src/components/ThemeToggle/ThemeToggle.tsx
+++ b/web/src/components/ThemeToggle/ThemeToggle.tsx
@ -8,10 +8,7 @@ const DARK_THEME = 'dark'

 const ThemeToggle = () => {
  const [theme, setTheme] = useState(
-    (localStorage.getItem('theme') ??
-      window.matchMedia('(prefers-color-scheme: dark)').matches)
-      ? DARK_THEME
-      : LIGHT_THEME
+    localStorage.getItem('theme') ?? LIGHT_THEME
  )

  const handleToggle = (e: React.ChangeEvent<HTMLInputElement>) => {
Author	SHA1	Message	Date
Ahmed Al-Taiar	7973663b2a	Allow separate from and to emails All checks were successful Publish Docker Image / Publish Docker Image (push) Successful in 10s Details	2024-10-16 21:45:55 -04:00
Ahmed Al-Taiar	6540329f36	Use SMTP credentials instead of Gmail auth for Email	2024-10-16 21:36:57 -04:00
Ahmed Al-Taiar	bac5b5fe48	Revert prefers-color-scheme	2024-10-16 21:21:58 -04:00
Ahmed Al-Taiar	f3f75d3e57	Fix file uploads clearing on upgrade	2024-10-15 22:51:41 -04:00