paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-22 20:42:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1e943ae7df7174f814c885794991aaa2ef6371eb
zulip/zerver/management/commands/email_server.py
Alex Vandiver 1e943ae7df python: Elide type=str from argparse arguments.
2025-10-17 15:34:34 -07:00

70 lines
2.5 KiB
Python
Raw Blame History

import os
import ssl
from typing import Any
from urllib.parse import SplitResult
from django.core.management.base import BaseCommand, CommandParser
from typing_extensions import override
from zerver.lib.email_mirror_server import run_smtp_server
class Command(BaseCommand):
help = """SMTP server to ingest incoming emails"""
@override
def add_arguments(self, parser: CommandParser) -> None:
parser.add_argument(
"--listen", help="[Port, or address:port, to bind HTTP server to]", default="0.0.0.0:25"
)
parser.add_argument(
"--user",
help="User to drop privileges to, if started as root.",
required=(os.geteuid() == 0),
)
parser.add_argument(
"--group",
help="Group to drop privileges to, if started as root.",
required=(os.geteuid() == 0),
)
tls_cert: str | None = None
tls_key: str | None = None
if os.access("/etc/ssl/certs/zulip.combined-chain.crt", os.R_OK) and os.access(
"/etc/ssl/private/zulip.key", os.R_OK
):
tls_cert = "/etc/ssl/certs/zulip.combined-chain.crt"
tls_key = "/etc/ssl/private/zulip.key"
elif os.access("/etc/ssl/certs/ssl-cert-snakeoil.pem", os.R_OK) and os.access(
"/etc/ssl/private/ssl-cert-snakeoil.key", os.R_OK
):
tls_cert = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
tls_key = "/etc/ssl/private/ssl-cert-snakeoil.key"
parser.add_argument(
"--tls-cert",
help="Path to TLS certificate chain file",
default=tls_cert,
)
parser.add_argument(
"--tls-key",
help="Path to TLS private key file",
default=tls_key,
)
@override
def handle(self, *args: Any, **options: Any) -> None:
listen = options["listen"]
if listen.isdigit():
host, port = "0.0.0.0", int(listen) # noqa: S104
else:
r = SplitResult("", listen, "", "", "")
if r.port is None:
raise RuntimeError(f"{listen!r} does not have a valid port number.")
host, port = r.hostname or "0.0.0.0", r.port # noqa: S104
if options["tls_cert"] and options["tls_key"]:
tls_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
tls_context.load_cert_chain(options["tls_cert"], options["tls_key"])
else:
tls_context = None
run_smtp_server(options["user"], options["group"], host, port, tls_context)
Reference in New Issue View Git Blame Copy Permalink