SMTP Configuration
ℹ️ Minimum Controller Version: v3.1-31
SMTP Configuration for Email Services¶
It is possible for Cloud Providers to use their own SMTP servers for sending system-generated emails such as user registration confirmations, password resets, and alert notifications. SMTP configurations can be applied using the radm
deployment tool or API-based methods.
SMTP Configuration Options¶
Customers can configure SMTP in either of the following ways:
Global (Controller-Level) SMTP Configuration¶
Configure SMTP for the entire controller by adding the following environment variables to the event-framework
deployment:
- name: FW_EVENT_SMTP_SERVER_ADDR
value: <SMTP_SERVER_ADDRESS>
- name: FW_EVENT_SMTP_SERVER_PORT
value: "<SMTP_SERVER_PORT>"
- name: FW_EVENT_SMTP_SERVER_USERNAME
value: <SMTP_USERNAME>
- name: FW_EVENT_SMTP_SERVER_PASSWORD
valueFrom:
secretKeyRef:
key: <SMTP_PASSWORD_KEY>
name: <SECRET_NAME>
- name: FW_EVENT_SMTP_SERVER_USE_TLS
value: "<USE_TLS_TRUE_OR_FALSE>"
- name: FW_EVENT_SMTP_SERVER_USE_INSECURE
value: "<USE_INSECURE_TRUE_OR_FALSE>"
Note: Without TLS enabled, authentication will not work. Username and password are required for authentication.
Partner-Level SMTP Configuration¶
Configure SMTP for a specific partner by logging in as a super admin and running the following API request:
curl -X POST 'https://<ops-console-url>/event/v1/email/config' \
-b 'rsid=<SESSION_ID>' \
--data-raw '{
"email_config": {
"smtp_config": {
"username": "<SMTP_USERNAME>",
"password": "<SMTP_PASSWORD>",
"host": "<SMTP_SERVER_ADDRESS>",
"port": <SMTP_PORT>,
"use_tls": <USE_TLS_TRUE_OR_FALSE>,
"use_insecure": <USE_INSECURE_TRUE_OR_FALSE>,
"retries": <NUMBER_OF_RETRIES>
}
}
}'
Additional SMTP Management APIs¶
- Get SMTP configuration
curl 'https://<console-url>/event/v1/email/config'
-b 'rsid=***
- Delete SMTP configuration
curl -X DELETE 'https://<console-url>/event/v1/email/config'
-b 'rsid=***'
- Verify SMTP configuration
curl -X POST 'https://<ops-console-url>/event/v1/email/config/verification' \
-b 'rsid=<SESSION_ID>' \
--data-raw '{
"sender_email": "<SENDER_EMAIL_ADDRESS>",
"recipient_email": "<RECIPIENT_EMAIL_ADDRESS>",
"subject": "<EMAIL_SUBJECT>",
"body": "<EMAIL_BODY>"
}'
Note: Partner-level configuration overrides the controller-level SMTP settings if both are defined.
Additional Configuration¶
Set the following environment variable in admin-api
and rafay-sentry
to enable email sending for events such as account or organization creation:
name: ACCOUNT_CREATION_STRATEGY
value: VERIFY
Viewing Email Activity via Audit Logs¶
Use audit logs to check whether email events have been processed and sent.
- Organization-Level SYSTEMAUDIT Logs
curl 'https://<console-url>/event/v1/auditlog?&filter.timefrom=now-1h&filter.offset=0&filter.limit=10&filter.category=SYSTEMAUDIT'
-b 'rsid=***'
- Partner-Level SYSTEMAUDIT Logs
curl 'https://<ops-console-url>/opsauditlogs/?timefrom=now-7d&category=SYSTEMAUDIT'
-b 'rsid=***'
Audit Logs in OPS Console¶
To enable querying Elasticsearch for audit logs in the OPS Console, configure the following environment variables in the frontend-opsconsole
deployment:
- name: ES_USER_NAME
value: elastic
- name: ES_PASSWORD
valueFrom:
secretKeyRef:
key: elastic
name: rafay-es-es-elastic-user
- name: ELASTIC_SEARCH_FQDN
value: https://rafay-es-es-http:9200
Notes: - Confirm the
ElasticSearch
URL is correct. Avoid duplicate or incorrect entries. - These changes must be deployed usingradm
or equivalent deployment automation tools. - These configurations apply only to self-hosted/on-premises controllers.
Summary¶
Scope | Configuration Method | Description |
---|---|---|
Controller | Env vars in event-framework | Affects all partners and orgs if no partner-level config is set |
Partner | POST /event/v1/email/config |
Affects all organizations within the partner |
Verification | POST /event/v1/email/config/verification |
Verify SMTP before enabling workflows |
Logging | SYSTEMAUDIT via API | Confirm email dispatch via system audit logs |