mahula commented 5 months ago

Describe your question

In a project using Authentik for SSO I want to test the e-mails send from Authentik locally to

ensure everything configured is working as expected
automatically end-to-end test configured flows (e.g. enrollment with e-mail, password recovery)
check the e-mails visually

Since it is also used for end-to-end testing in Authentik, Mailpit has been chosen.

Analog to this E2E test dockerfile the following mailserver service entry

mailserver:
    image: axllent/mailpit
    container_name: mailpit
    restart: unless-stopped
    ports:
      - 8025:8025
      - 1025:1025

is added to our dockerfile running all four Authentik services.

The following entries are added to the local .env file as suggested in the email configuration recommendations:

AUTHENTIK_EMAIL__HOST=localhost
AUTHENTIK_EMAIL__PORT=1025
# AUTHENTIK_EMAIL__USERNAME=
# AUTHENTIK_EMAIL__PASSWORD=
AUTHENTIK_EMAIL__USE_TLS=false
AUTHENTIK_EMAIL__USE_SSL=false
AUTHENTIK_EMAIL__TIMEOUT=10
AUTHENTIK_EMAIL__FROM=authentik@example.com

Authentik and the mailserver are started on the localmachine via docker compose up.

When the mailserver is running, a test swaks --to user@example.com --from authentik@example.com --server localhost:1025 succeeds with the test e-mail displayed in the local Mailpit inbox (http://localhost:8025/).

Testing Authentik's global e-mail settings with docker compose exec worker ak test_email to="test@example.com" results in a ConnectionRefusedError(see logs in next section).

Did I miss some configuration or documentation? What is the configuration for email checking in end-to-end testing Authentik flows mentioned earlier above?

Logs

Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "/manage.py", line 46, in <module>
    execute_from_command_line(sys.argv)
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/__init__.py", line 442, in execute_from_command_line
    utility.execute()
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/__init__.py", line 436, in execute
    self.fetch_command(subcommand).run_from_argv(self.argv)
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/base.py", line 413, in run_from_argv
    self.execute(*args, **cmd_options)
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/base.py", line 459, in execute
    output = self.handle(*args, **options)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/tenants/management/__init__.py", line 38, in handle
    self.handle_per_tenant(*args, **options)
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/base.py", line 107, in wrapper
    res = handle_func(*args, **kwargs)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/stages/email/management/commands/test_email.py", line 38, in handle_per_tenant
    send_mail(message.__dict__, stage.pk)
  File "/ak-root/venv/lib/python3.12/site-packages/celery/local.py", line 182, in __call__
    return self._get_current_object()(*a, **kw)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/ak-root/venv/lib/python3.12/site-packages/celery/app/task.py", line 411, in __call__
    return self.run(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/ak-root/venv/lib/python3.12/site-packages/celery/app/autoretry.py", line 60, in run
    ret = task.retry(exc=exc, **retry_kwargs)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/ak-root/venv/lib/python3.12/site-packages/celery/app/task.py", line 720, in retry
    raise_with_context(exc or Retry('Task can be retried', None))
  File "/ak-root/venv/lib/python3.12/site-packages/celery/app/autoretry.py", line 38, in run
    return task._orig_run(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/stages/email/tasks.py", line 105, in send_mail
    raise exc
  File "/authentik/stages/email/tasks.py", line 73, in send_mail
    backend.open()
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/mail/backends/smtp.py", line 86, in open
    self.connection = self.connection_class(
                      ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/smtplib.py", line 255, in __init__
    (code, msg) = self.connect(host, port)
                  ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/smtplib.py", line 341, in connect
    self.sock = self._get_socket(host, port, self.timeout)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/smtplib.py", line 312, in _get_socket
    return socket.create_connection((host, port), timeout,
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/socket.py", line 852, in create_connection
    raise exceptions[0]
  File "/usr/local/lib/python3.12/socket.py", line 837, in create_connection
    sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

Version and Deployment (please complete the following information):

Authentik version: 2024.4.2
Deployment: docker-compose

Additional context Thank you for hints and help in advance.

dsdole commented 5 months ago

I am also having the same issue using the provided k8s Helm chart. I am running a mail server with smtp on ports 25, 465 and 587. These ports all work well for authenticated smtp for other applications.

Helm values.yaml

values:
  email:
    host: mail.domain.tld
    port: 587
    username: authentik
    password: <PASSWORD>
    use_tls: true
    use_ssl: false
    from: authentik@domain.tld
    timeout: 10

I have tried the following combos: (25, unencrypted), (465, SSL), (465, TLS), (587, SSL), and (587, TLS). Each time I get the following result:

ak test_email test@domain.tld

{"event": "Loaded config", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882221.746095, "file": "/authentik/li
b/default.yml"}
{"event": "Loaded environment variables", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882221.7474184, "count
": 60}
{"event": "Starting authentik bootstrap", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882222.0570426}
{"event": "PostgreSQL connection successful", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882222.0792394}
{"event": "Redis Connection failed, retrying... (Error 111 connecting to authentik-redis-master:6379. Connection refused.)", "level":
 "info", "logger": "authentik.lib.config", "timestamp": 1717882224.1123688}
{"event": "Redis Connection failed, retrying... (Error 111 connecting to authentik-redis-master:6379. Connection refused.)", "level":
 "info", "logger": "authentik.lib.config", "timestamp": 1717882226.1285136}
{"event": "Redis Connection successful", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882229.19577}
{"event": "Finished authentik bootstrap", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882229.195824}
{"event": "Booting authentik", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882230.766572, "version": "2024.4.
2"}
{"event": "Enabled authentik enterprise", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882230.7690842}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.770462, "path": "authent
ik.enterprise.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7713966, "path": "authen
tik.sources.plex.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.774277, "path": "authent
ik.sources.oauth.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7756066, "path": "authen
tik.providers.scim.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7770593, "path": "authen
tik.enterprise.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.778407, "path": "authent
ik.admin.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7797272, "path": "authen
tik.policies.reputation.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.781197, "path": "authent
ik.outposts.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7832499, "path": "authen
tik.crypto.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7842357, "path": "authen
tik.stages.authenticator_totp.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7859023, "path": "authen
tik.sources.ldap.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7877288, "path": "authen
tik.blueprints.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882230.7892334, "path": "authen
tik.events.settings"}
/ak-root/venv/lib/python3.12/site-packages/opencontainers/distribution/reggie/defaults.py:17: SyntaxWarning: invalid escape sequence
'\('
  "http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+"
{"domain_url": null, "event": "Loaded MMDB database", "file": "/geoip/GeoLite2-ASN.mmdb", "last_write": 1715093837.0, "level": "info"
, "logger": "authentik.events.context_processors.mmdb", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:31.792013"
}
{"domain_url": null, "event": "Loaded MMDB database", "file": "/geoip/GeoLite2-City.mmdb", "last_write": 1715093836.0, "level": "info
", "logger": "authentik.events.context_processors.mmdb", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:31.793588
"}
{"app_name": "authentik.tenants", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bluep
rints.apps", "module": "authentik.tenants.checks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.353741"}
{"app_name": "authentik.tenants", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bluep
rints.apps", "module": "authentik.tenants.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.354444"}
{"app_name": "authentik.admin", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bluepri
nts.apps", "module": "authentik.admin.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.433575"}
{"app_name": "authentik.admin", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bluepri
nts.apps", "module": "authentik.admin.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.434310"}
{"app_name": "authentik.crypto", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bluepr
ints.apps", "module": "authentik.crypto.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.435933"}
{"app_name": "authentik.flows", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bluepri
nts.apps", "module": "authentik.flows.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.479859"}
{"app_name": "authentik.outposts", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blue
prints.apps", "module": "authentik.outposts.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.516426"}
{"app_name": "authentik.outposts", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blue
prints.apps", "module": "authentik.outposts.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.517497"}
{"app_name": "authentik.policies.reputation", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "aut
hentik.blueprints.apps", "module": "authentik.policies.reputation.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-0
8T21:30:33.518434"}
{"app_name": "authentik.policies.reputation", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "aut
hentik.blueprints.apps", "module": "authentik.policies.reputation.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06
-08T21:30:33.519723"}
{"app_name": "authentik.policies", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blue
prints.apps", "module": "authentik.policies.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.533527"}
{"app_name": "authentik.providers.proxy", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authent
ik.blueprints.apps", "module": "authentik.providers.proxy.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:
33.534372"}
{"app_name": "authentik.providers.proxy", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authent
ik.blueprints.apps", "module": "authentik.providers.proxy.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:3
0:33.535007"}
{"app_name": "authentik.providers.scim", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authenti
k.blueprints.apps", "module": "authentik.providers.scim.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33
.847274"}
{"app_name": "authentik.providers.scim", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authenti
k.blueprints.apps", "module": "authentik.providers.scim.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:
33.848457"}
{"app_name": "authentik.rbac", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprin
ts.apps", "module": "authentik.rbac.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.849596"}
{"app_name": "authentik.sources.ldap", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.
blueprints.apps", "module": "authentik.sources.ldap.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.858
137"}
{"app_name": "authentik.sources.ldap", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.
blueprints.apps", "module": "authentik.sources.ldap.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.8
60605"}
/ak-root/venv/lib/python3.12/site-packages/facebook/__init__.py:99: SyntaxWarning: invalid escape sequence '\d'
  version_regex = re.compile("^\d\.\d{1,2}$")
{"app_name": "authentik.sources.oauth", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik
.blueprints.apps", "module": "authentik.sources.oauth.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.8
74120"}
{"app_name": "authentik.sources.saml", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.
blueprints.apps", "module": "authentik.sources.saml.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.8
74941"}
{"app_name": "authentik.sources.scim", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.
blueprints.apps", "module": "authentik.sources.scim.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.8
75799"}
{"app_name": "authentik.stages.authenticator_duo", "domain_url": null, "event": "Imported related module", "level": "info", "logger":
 "authentik.blueprints.apps", "module": "authentik.stages.authenticator_duo.tasks", "pid": 16, "schema_name": "public", "timestamp":
"2024-06-08T21:30:33.876644"}
{"app_name": "authentik.stages.authenticator_static", "domain_url": null, "event": "Imported related module", "level": "info", "logge
r": "authentik.blueprints.apps", "module": "authentik.stages.authenticator_static.signals", "pid": 16, "schema_name": "public", "time
stamp": "2024-06-08T21:30:33.877404"}
{"app_name": "authentik.stages.authenticator_webauthn", "domain_url": null, "event": "Imported related module", "level": "info", "log
ger": "authentik.blueprints.apps", "module": "authentik.stages.authenticator_webauthn.tasks", "pid": 16, "schema_name": "public", "ti
mestamp": "2024-06-08T21:30:33.935058"}
{"app_name": "authentik.stages.email", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.
blueprints.apps", "module": "authentik.stages.email.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.935
535"}
{"app_name": "authentik.core", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprin
ts.apps", "module": "authentik.core.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.938160"}
{"app_name": "authentik.core", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprin
ts.apps", "module": "authentik.core.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.938287"}
{"app_name": "authentik.enterprise", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bl
ueprints.apps", "module": "authentik.enterprise.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.938954"
}
{"app_name": "authentik.enterprise", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bl
ueprints.apps", "module": "authentik.enterprise.signals", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.93958
7"}
{"app_name": "authentik.enterprise.providers.rac", "domain_url": null, "event": "Imported related module", "level": "info", "logger":
 "authentik.blueprints.apps", "module": "authentik.enterprise.providers.rac.signals", "pid": 16, "schema_name": "public", "timestamp"
: "2024-06-08T21:30:33.946096"}
{"app_name": "authentik.events", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bluepr
ints.apps", "module": "authentik.events.tasks", "pid": 16, "schema_name": "public", "timestamp": "2024-06-08T21:30:33.946546"}
{"app_name": "authentik.events", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.bluepr
authentik@authentik-worker-5d69645f9-q8z6f:/$ ak test_email dhruv@ddole.net
{"event": "Loaded config", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882880.760348, "file": "/authentik/lib/default.yml"}
{"event": "Loaded environment variables", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882880.76117, "count": 60}
{"event": "Starting authentik bootstrap", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882881.039716}
{"event": "PostgreSQL connection successful", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882881.0591922}
{"event": "Redis Connection successful", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882881.063122}
{"event": "Finished authentik bootstrap", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882881.0632668}
{"event": "Booting authentik", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882882.530952, "version": "2024.4.2"}
{"event": "Enabled authentik enterprise", "level": "info", "logger": "authentik.lib.config", "timestamp": 1717882882.5333972}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5344617, "path": "authentik.enterprise.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5357394, "path": "authentik.sources.oauth.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5372722, "path": "authentik.events.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5379076, "path": "authentik.sources.plex.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5398557, "path": "authentik.sources.ldap.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5409567, "path": "authentik.outposts.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5418289, "path": "authentik.providers.scim.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5423064, "path": "authentik.stages.authenticator_totp.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.545627, "path": "authentik.admin.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5463054, "path": "authentik.enterprise.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5476718, "path": "authentik.crypto.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5486493, "path": "authentik.policies.reputation.settings"}
{"event": "Loaded app settings", "level": "debug", "logger": "authentik.lib.config", "timestamp": 1717882882.5493808, "path": "authentik.blueprints.settings"}
/ak-root/venv/lib/python3.12/site-packages/opencontainers/distribution/reggie/defaults.py:17: SyntaxWarning: invalid escape sequence '\('
  "http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+"
{"domain_url": null, "event": "Loaded MMDB database", "file": "/geoip/GeoLite2-ASN.mmdb", "last_write": 1715093837.0, "level": "info", "logger": "authentik.events.context_processors.mmdb", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:23.491758"}
{"domain_url": null, "event": "Loaded MMDB database", "file": "/geoip/GeoLite2-City.mmdb", "last_write": 1715093836.0, "level": "info", "logger": "authentik.events.context_processors.mmdb", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:23.493034"}
{"app_name": "authentik.tenants", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.tenants.checks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:24.994814"}
{"app_name": "authentik.tenants", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.tenants.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:24.995454"}
{"app_name": "authentik.admin", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.admin.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.060394"}
{"app_name": "authentik.admin", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.admin.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.060932"}
{"app_name": "authentik.crypto", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.crypto.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.062600"}
{"app_name": "authentik.flows", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.flows.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.102623"}
{"app_name": "authentik.outposts", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.outposts.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.135446"}
{"app_name": "authentik.outposts", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.outposts.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.136527"}
{"app_name": "authentik.policies.reputation", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.policies.reputation.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.137441"}
{"app_name": "authentik.policies.reputation", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.policies.reputation.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.138751"}
{"app_name": "authentik.policies", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.policies.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.150741"}
{"app_name": "authentik.providers.proxy", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.providers.proxy.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.151460"}
{"app_name": "authentik.providers.proxy", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.providers.proxy.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.151949"}
{"app_name": "authentik.providers.scim", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.providers.scim.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.408801"}
{"app_name": "authentik.providers.scim", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.providers.scim.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.409974"}
{"app_name": "authentik.rbac", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.rbac.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.411476"}
{"app_name": "authentik.sources.ldap", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.sources.ldap.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.422684"}
{"app_name": "authentik.sources.ldap", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.sources.ldap.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.425191"}
/ak-root/venv/lib/python3.12/site-packages/facebook/__init__.py:99: SyntaxWarning: invalid escape sequence '\d'
  version_regex = re.compile("^\d\.\d{1,2}$")
{"app_name": "authentik.sources.oauth", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.sources.oauth.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.438640"}
{"app_name": "authentik.sources.saml", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.sources.saml.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.439400"}
{"app_name": "authentik.sources.scim", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.sources.scim.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.440214"}
{"app_name": "authentik.stages.authenticator_duo", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.stages.authenticator_duo.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.441008"}
{"app_name": "authentik.stages.authenticator_static", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.stages.authenticator_static.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.441693"}
{"app_name": "authentik.stages.authenticator_webauthn", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.stages.authenticator_webauthn.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.489460"}
{"app_name": "authentik.stages.email", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.stages.email.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.489826"}
{"app_name": "authentik.core", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.core.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.492270"}
{"app_name": "authentik.core", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.core.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.492388"}
{"app_name": "authentik.enterprise", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.enterprise.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.493093"}
{"app_name": "authentik.enterprise", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.enterprise.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.493854"}
{"app_name": "authentik.enterprise.providers.rac", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.enterprise.providers.rac.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.499437"}
{"app_name": "authentik.events", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.events.tasks", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.499840"}
{"app_name": "authentik.events", "domain_url": null, "event": "Imported related module", "level": "info", "logger": "authentik.blueprints.apps", "module": "authentik.events.signals", "pid": 1716, "schema_name": "public", "timestamp": "2024-06-08T21:41:25.500021"}
Switching to schema 'public'
Traceback (most recent call last):
  File "<frozen runpy>", line 198, in _run_module_as_main
  File "<frozen runpy>", line 88, in _run_code
  File "/manage.py", line 46, in <module>
    execute_from_command_line(sys.argv)
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/__init__.py", line 442, in execute_from_command_line
    utility.execute()
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/__init__.py", line 436, in execute
    self.fetch_command(subcommand).run_from_argv(self.argv)
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/base.py", line 413, in run_from_argv
    self.execute(*args, **cmd_options)
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/base.py", line 459, in execute
    output = self.handle(*args, **options)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/tenants/management/__init__.py", line 38, in handle
    self.handle_per_tenant(*args, **options)
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/management/base.py", line 107, in wrapper
    res = handle_func(*args, **kwargs)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/stages/email/management/commands/test_email.py", line 38, in handle_per_tenant
    send_mail(message.__dict__, stage.pk)
  File "/ak-root/venv/lib/python3.12/site-packages/celery/local.py", line 182, in __call__
    return self._get_current_object()(*a, **kw)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/ak-root/venv/lib/python3.12/site-packages/celery/app/task.py", line 411, in __call__
    return self.run(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/ak-root/venv/lib/python3.12/site-packages/celery/app/autoretry.py", line 60, in run
    ret = task.retry(exc=exc, **retry_kwargs)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/ak-root/venv/lib/python3.12/site-packages/celery/app/task.py", line 720, in retry
    raise_with_context(exc or Retry('Task can be retried', None))
  File "/ak-root/venv/lib/python3.12/site-packages/celery/app/autoretry.py", line 38, in run
    return task._orig_run(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/stages/email/tasks.py", line 105, in send_mail
    raise exc
  File "/authentik/stages/email/tasks.py", line 73, in send_mail
    backend.open()
  File "/ak-root/venv/lib/python3.12/site-packages/django/core/mail/backends/smtp.py", line 86, in open
    self.connection = self.connection_class(
                      ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/smtplib.py", line 255, in __init__
    (code, msg) = self.connect(host, port)
                  ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/smtplib.py", line 341, in connect
    self.sock = self._get_socket(host, port, self.timeout)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/smtplib.py", line 312, in _get_socket
    return socket.create_connection((host, port), timeout,
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/socket.py", line 852, in create_connection
    raise exceptions[0]
  File "/usr/local/lib/python3.12/socket.py", line 837, in create_connection
    sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

My mailservers logs do not even show an attempted connection or handshake.

I do have one theory. All my systems including the mailserver are on a private LAN. If the Authentik container has a hardcoded dns configuration and is ignoring my internal dns server than that would mean that it can't find the mailserver.

Versions:

Authentik: 2024.4.2
Helm chart: 2024.4.2
Kubernetes 1.29.4

EDIT: It is not DNS, changing the host to an IP changed nothing.

dsdole commented 5 months ago

Alright so It seems if I create an email stage in the admin UI then smtp works perfectly. It looks like the helm chart is not setting the environment variables in deployments.

BeryJu commented 5 months ago

@dsdole you need to add the email element underneath the authentik key

@mahula since you're running in containers you can't use localhost, it needs to be set to the hostname or IP of the container

mahula commented 5 months ago

@dsdole you need to add the email element underneath the authentik key

@mahula since you're running in containers you can't use localhost, it needs to be set to the hostname or IP of the container

Thank you for the reply @BeryJu. I'll try out and give feedback.

mahula commented 4 months ago

@mahula since you're running in containers you can't use localhost, it needs to be set to the hostname or IP of the container

That works fine. Thank you @BeryJu. So this issue has been resolved.

goauthentik / authentik

Local E-Mail Testing with Mailpit #9921

Helm values.yaml

Versions: