fix(docker): add missing email and auth environment variables to webapp | selfhoster #2520
Conversation
…pp service Email configuration was silently failing because critical environment variables were not being passed from .env to the webapp container, causing magic links to be logged to console instead of sent via email.
|
WalkthroughAdded multiple environment variables to the webapp service in hosting/docker/webapp/docker-compose.yml for auth, email, Slack integration, and SMTP configuration: WHITELISTED_EMAILS, ADMIN_EMAILS, AUTH_GITHUB_CLIENT_ID, AUTH_GITHUB_CLIENT_SECRET, EMAIL_TRANSPORT, FROM_EMAIL, REPLY_TO_EMAIL, RESEND_API_KEY, SMTP_HOST, SMTP_PORT, SMTP_SECURE, SMTP_USER, SMTP_PASSWORD, ORG_SLACK_INTEGRATION_CLIENT_ID, ORG_SLACK_INTEGRATION_CLIENT_SECRET, ALERT_FROM_EMAIL. Retained INTERNAL_OTEL_TRACE_LOGGING_ENABLED with whitespace adjustment. Added a trailing newline at the end of the file. Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches🧪 Generate unit tests
Tip 👮 Agentic pre-merge checks are now available in preview!Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.
Please see the documentation for more information. Example: reviews:
pre_merge_checks:
custom_checks:
- name: "Undocumented Breaking Changes"
mode: "warning"
instructions: |
Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).Please share your feedback with us on this Discord post. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (5)
hosting/docker/webapp/docker-compose.yml (5)
79-79: Trim trailing whitespace.There’s trailing whitespace at the end of Line 79.
- INTERNAL_OTEL_TRACE_LOGGING_ENABLED: ${INTERNAL_OTEL_TRACE_LOGGING_ENABLED:-0} + INTERNAL_OTEL_TRACE_LOGGING_ENABLED: ${INTERNAL_OTEL_TRACE_LOGGING_ENABLED:-0}
80-84: Quote list/secret envs to avoid YAML edge cases; confirm unset behavior.
- Quoting prevents YAML from misinterpreting comma/boolean-like values and keeps empty values as empty strings.
- Please confirm the app behavior when WHITELISTED_EMAILS/ADMIN_EMAILS are unset or empty (deny-all vs allow-all).
- WHITELISTED_EMAILS: ${WHITELISTED_EMAILS} - ADMIN_EMAILS: ${ADMIN_EMAILS} - AUTH_GITHUB_CLIENT_ID: ${AUTH_GITHUB_CLIENT_ID} - AUTH_GITHUB_CLIENT_SECRET: ${AUTH_GITHUB_CLIENT_SECRET} + WHITELISTED_EMAILS: "${WHITELISTED_EMAILS}" + ADMIN_EMAILS: "${ADMIN_EMAILS}" + AUTH_GITHUB_CLIENT_ID: "${AUTH_GITHUB_CLIENT_ID}" + AUTH_GITHUB_CLIENT_SECRET: "${AUTH_GITHUB_CLIENT_SECRET}"
85-96: Mail config: quote values; reconcile “commented by default” claim for SMTP.
- Quoting helps with numeric/boolean/env-substitution parsing (SMTP_PORT/SMTP_SECURE).
- PR description says SMTP vars are “commented by default,” but they are active here. Either comment them out or update the PR text.
Quote values:
- EMAIL_TRANSPORT: ${EMAIL_TRANSPORT} - FROM_EMAIL: ${FROM_EMAIL} - REPLY_TO_EMAIL: ${REPLY_TO_EMAIL} - RESEND_API_KEY: ${RESEND_API_KEY} - SMTP_HOST: ${SMTP_HOST} - SMTP_PORT: ${SMTP_PORT} - SMTP_SECURE: ${SMTP_SECURE} - SMTP_USER: ${SMTP_USER} - SMTP_PASSWORD: ${SMTP_PASSWORD} + EMAIL_TRANSPORT: "${EMAIL_TRANSPORT}" + FROM_EMAIL: "${FROM_EMAIL}" + REPLY_TO_EMAIL: "${REPLY_TO_EMAIL}" + RESEND_API_KEY: "${RESEND_API_KEY}" + SMTP_HOST: "${SMTP_HOST}" + SMTP_PORT: "${SMTP_PORT}" + SMTP_SECURE: "${SMTP_SECURE}" + SMTP_USER: "${SMTP_USER}" + SMTP_PASSWORD: "${SMTP_PASSWORD}"If you want SMTP vars commented by default (per PR text), apply:
- SMTP_HOST: "${SMTP_HOST}" - SMTP_PORT: "${SMTP_PORT}" - SMTP_SECURE: "${SMTP_SECURE}" - SMTP_USER: "${SMTP_USER}" - SMTP_PASSWORD: "${SMTP_PASSWORD}" +# SMTP_HOST: "${SMTP_HOST}" +# SMTP_PORT: "${SMTP_PORT}" +# SMTP_SECURE: "${SMTP_SECURE}" +# SMTP_USER: "${SMTP_USER}" +# SMTP_PASSWORD: "${SMTP_PASSWORD}"
97-100: Slack/Auth alert vars: confirm exact names and optionality.Please verify the app reads these exact keys and that leaving them unset won’t block boot.
- ORG_SLACK_INTEGRATION_CLIENT_ID: ${ORG_SLACK_INTEGRATION_CLIENT_ID} - ORG_SLACK_INTEGRATION_CLIENT_SECRET: ${ORG_SLACK_INTEGRATION_CLIENT_SECRET} - ALERT_FROM_EMAIL: ${ALERT_FROM_EMAIL} + ORG_SLACK_INTEGRATION_CLIENT_ID: "${ORG_SLACK_INTEGRATION_CLIENT_ID}" + ORG_SLACK_INTEGRATION_CLIENT_SECRET: "${ORG_SLACK_INTEGRATION_CLIENT_SECRET}" + ALERT_FROM_EMAIL: "${ALERT_FROM_EMAIL}"
80-101: Consider env_file or template doc updates for DX and safety.
- With many envs, using an env_file (plus a committed .env.example) improves setup and reduces churn in compose.
- Also add short docs indicating which vars are required vs optional per transport/provider.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
hosting/docker/webapp/docker-compose.yml(2 hunks)
🔇 Additional comments (1)
hosting/docker/webapp/docker-compose.yml (1)
242-242: No-op formatting change looks fine.EOF newline/name entry change is harmless.
|
Thanks @unckleg - did you test what happens when people don't set these in their |
✅ Checklist
Testing
.envwithEMAIL_TRANSPORT=resendand valid Resend API keyChangelog
Added missing environment variables to webapp service in docker-compose.yml:
Screenshots