search

horilla-opensource / horilla

Horilla is a free and open source HR software.
https://www.horilla.com/
GNU Lesser General Public License v2.1
83 stars 43 forks source link

Support for AWS SES as the SMTP #153

Closed BhuviTheDataGuy closed 2 weeks ago

BhuviTheDataGuy commented 2 weeks ago

We use AWS SES for email. I have configured the mail server.

SES username and password look like random characters.

But once its configured, I created a new employee, that employee didn't receive any emails. Then manually tried to reset the password. The page kept on loading.

image

horilla-opensource commented 2 weeks ago

Hi @BhuviTheDataGuy , Sorry for the inconvenience caused. Is there any details in the service log?

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

No logs on the application side.

I did docker compose logs -f

then navigated to forgot password and tried it. But nothing is displayed on the logs console.

BhuviTheDataGuy commented 2 weeks ago

One update:

I did the fresh installation and I just got this error.

(501, b'Invalid MAIL FROM address provided', 'MyCompany HR <AKIA6IRNZXXXXXXXXXXX>')

AKIA6IRNZXXXXXXXXXXX is my SMTP username from AWS SES. And its not in the format of name@domain.com

I think this is the reason its failing.

horilla-opensource commented 2 weeks ago

Hi @BhuviTheDataGuy , Thanks for the update. We'll check with the validations and get back to you.

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

This is the only pending part. We are about to go live with Horilla. It would be great if you fix this.

horilla-opensource commented 2 weeks ago

The team is working on this. We'll publish the solution soon.

With Regards, Team Horilla

horilla-opensource commented 2 weeks ago

Hi @BhuviTheDataGuy , Can you make changes in the settings.py file to make adjustments to support for AWS SES email servers for Horilla? Please check the below link for its configuration. The easiest way to send emails with Django (using SES from AWS)

Please let us know if you face any issues with this.

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

Via command line it works, but from Horilla its not.

Steps:

pip install django-ses

vim settings.py
EMAIL_BACKEND = 'django_ses.SESBackend'
AWS_ACCESS_KEY_ID = 'XXXXXXXX'
AWS_SECRET_ACCESS_KEY = 'XXXXXXXX'

python3 manage.py shell
from django.core.mail import send_mail
send_mail(
    'Subject here',
    'Here is the message.',
    'notification@domain.com',
    ['bhuvanesh@domain.com']
)
1

image

horilla-opensource commented 2 weeks ago

Is there any mail server setup from the frontend section?

BhuviTheDataGuy commented 2 weeks ago

Yes, I have already configured the mail server on the Horilla settings --> Mail server. But I tried removing that, then it says Primary mail server not found

Also an Off topic - Do you have any slack/discard for supporting?

horilla-opensource commented 2 weeks ago

Okay. Will add an exemption to that case and commit the solution asap.

With Regards, Team Horilla

horilla-opensource commented 2 weeks ago

Yes, I have already configured the mail server on the Horilla settings --> Mail server. But I tried removing that, then it says Primary mail server not found

Also an Off topic - Do you have any slack/discard for supporting?

We are planning for starting the support channels in slack. Will share with you the details once started. Meanwhile for support related queries you can contact at nikhil@cybrosys.in

With Regards, Team Horilla

horilla-opensource commented 2 weeks ago

Hi @BhuviTheDataGuy , Please check the commit [FIX] https://github.com/horilla-opensource/horilla/issues/153: Support for AWS SES as SMTP

The solution for supporting AWS SES as SMTP is updated in the master. Please let us know if there is any more issue that you are facing.

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

Im not sure, still im getting the same error.

Fresh setup. clone the repo and run the application. Configured the mail server on the frontend UI

Go to login page, navigate to forgot password --> submit

horilla-opensource commented 2 weeks ago

Currently the AWS SES smtp cannot be setup from the frontend. Can you please try it out by adding it directly into the settings.py along with the AWS_SES_REGION_NAME and AWS_SES_REGION_ENDPOINT ?

We'll soon publish the frontend UI for configuring the AWS SES smtp servers in Horilla. Sorry for the inconvenience caused in that.

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

Tried with the settings.py

But this time the page keeps loading as I posted in 1st image. 

EMAIL_BACKEND = 'django_ses.SESBackend'
AWS_DEFAULT_REGION = 'ap-south-1'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
AWS_SES_REGION_ENDPOINT = 'email-smtp.ap-south-1.amazonaws.com'
AWS_ACCESS_KEY_ID = 'XXXXXXX'
AWS_SECRET_ACCESS_KEY = 'XXXXXX'
DEFAULT_FROM_EMAIL = 'notification@xxxxxxxxx.com'

Am I missing something?

horilla-opensource commented 2 weeks ago

Just to confirm, can you test by adding both the from and to email address in AWS SES identities ? And add an EMAIL_HOST_USER in the settings.py .

Also make sure there is no email server configured from the frontend.

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

Same behavior.

No email setup on the front end

DEFAULT_TO_EMAIL = 'user@xxxxx.com'
DEFAULT_FROM_EMAIL = 'notification@xxxxx.com'
EMAIL_HOST_USER = 'AWS ACCESS KEY'
horilla-opensource commented 2 weeks ago

Hi @BhuviTheDataGuy , Please add an email address instead of the AWS ACCESS KEY for the EMAIL_HOST_USER.

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

I tried that too I used the email address that is verified in SES

is there any way to enable logging to troubleshoot further?

BhuviTheDataGuy commented 2 weeks ago

I tried all these combinations.

EMAIL_BACKEND = 'django_ses.SESBackend'
AWS_DEFAULT_REGION = 'ap-south-1'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
AWS_SES_REGION_ENDPOINT = 'email-smtp.ap-south-1.amazonaws.com'
AWS_ACCESS_KEY_ID = 'xxxxxxxxxxxxxx'
DEFAULT_TO_EMAIL = 'notification@domain.com'
AWS_SECRET_ACCESS_KEY = 'xxxxxxxxxxxxxx'
DEFAULT_FROM_EMAIL = 'HR <notification@domain.com>'
EMAIL_HOST_USER = 'xxxxxxxxxxxxxx'
EMAIL_HOST_PASSWORD = 'xxxxxxxxxxxxxx'
EMAIL_HOST = 'email-smtp.ap-south-1.amazonaws.com'
horilla-opensource commented 2 weeks ago

Hi @BhuviTheDataGuy ,

Can you try only with these values configured in the settings?

EMAIL_BACKEND = "django_ses.SESBackend"
EMAIL_HOST_USER = "name@domain.com"
AWS_SES_REGION_NAME = "ap-south-1"
AWS_SES_REGION_ENDPOINT = "email.ap-south-1.amazonaws.com"
AWS_ACCESS_KEY_ID = "AKIAXXXXXXX"
AWS_SECRET_ACCESS_KEY = "XXXXXXX"

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

Im able to make it work, thanks.

But there are some additional steps we need to follow.

AWS SES Credentials can we created in 2 ways.

  1. Create from AWS SES console and this will have only sendemail permission. We can use these credentials for any kind of SMTP workloads. Its a typical SMTP credential only. But the same access keys can't be used for any other purposes.
  2. Create a global user(a normal AWS IAM user) and generate the access keys.

This SES Django module will accept the global credentials or the IAM role attached to the server(EC2). I have removed the access keys and just added the SES sendemail access to the IAM role that is associated with the EC2 instance. Then its resolved. 

EMAIL_BACKEND = "django_ses.SESBackend"
EMAIL_HOST_USER = "name@domain.com"
AWS_SES_REGION_NAME = "ap-south-1"
AWS_SES_REGION_ENDPOINT = "email.ap-south-1.amazonaws.com"
horilla-opensource commented 2 weeks ago

Great. Glad to hear that. 😍 Will make a doc on the configuration of this also.

With Regards, Team Horilla

BhuviTheDataGuy commented 2 weeks ago

Thanks for your efforts and quick responses here.