diff --git a/README.md b/README.md index 4c7690420..8c260c110 100644 --- a/README.md +++ b/README.md @@ -410,6 +410,19 @@ docker run --name gitlab -d \ sameersbn/gitlab:15.1.3 ``` +With [Microsoft deprecating basic authentication](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-may-2022/ba-p/3301866), you may want to configure IMAP using the Microsoft Graph API. See details on [GitLab documentation for "incoming email with Microsoft Graph"](https://docs.gitlab.com/ee/administration/incoming_email.html#microsoft-graph) + +Here is a example command: + +```bash +docker run --name gitlab -d \ + --env 'GITLAB_INCOMING_EMAIL_ENABLED=true' --env `IMAP_USER=incoming@example.onmicrosoft.com' \ + --env 'GITLAB_INCOMING_EMAIL_ADDRESS=incoming+%{key}@example.onmicrosoft.com' \ + --env 'IMAP_METHOD=microsoft_graph' \ + --env 'IMAP_TENANT_ID=' --env 'IMAP_CLIENT_ID=' \ + --env 'IMAP_CLIENT_SECRET=' +``` + Please refer the [Available Configuration Parameters](#available-configuration-parameters) section for the list of IMAP parameters that can be specified. #### SSL @@ -1870,6 +1883,22 @@ Enable STARTSSL. Defaults to `false`. The name of the mailbox where incoming mail will end up. Defaults to `inbox`. +##### `IMAP_METHOD` + +If you want to use Microsoft Graph API, set to `microsoft_graph`. No default + +##### `IMAP_TENANT_ID` + +Azure AD Tenant ID. No default + +##### `IMAP_CLIENT_ID` + +Azure AD App Client ID. No default + +##### `IMAP_CLIENT_SECRET` + +Azure AD App Client Secret. No default + ##### `LDAP_ENABLED` Enable LDAP. Defaults to `false` diff --git a/assets/runtime/config/gitlabhq/gitlab.yml b/assets/runtime/config/gitlabhq/gitlab.yml index a0c478918..91ccd95b7 100644 --- a/assets/runtime/config/gitlabhq/gitlab.yml +++ b/assets/runtime/config/gitlabhq/gitlab.yml @@ -210,6 +210,13 @@ production: &base # Whether to expunge (permanently remove) messages from the mailbox when they are deleted after delivery expunge_deleted: false + + # For Microsoft Graph support + inbox_method: {{IMAP_METHOD}} + inbox_options: + tenant_id: "{{IMAP_TENANT_ID}}" + client_id: "{{IMAP_CLIENT_ID}}" + client_secret: "{{IMAP_CLIENT_SECRET}}" ## Build Artifacts artifacts: diff --git a/assets/runtime/env-defaults b/assets/runtime/env-defaults index 908d368fc..4d433b4bb 100644 --- a/assets/runtime/env-defaults +++ b/assets/runtime/env-defaults @@ -374,6 +374,10 @@ IMAP_SSL=${IMAP_SSL:-true} IMAP_STARTTLS=${IMAP_STARTTLS:-false} IMAP_MAILBOX=${IMAP_MAILBOX:-inbox} IMAP_TIMEOUT=${IMAP_TIMEOUT:-60} +IMAP_METHOD=${IMAP_METHOD:-} +IMAP_TENANT_ID=${IMAP_TENANT_ID:-} +IMAP_CLIENT_ID=${IMAP_CLIENT_ID:-} +IMAP_CLIENT_SECRET=${IMAP_CLIENT_SECRET:-} if [[ -n ${IMAP_USER} ]]; then IMAP_ENABLED=${IMAP_ENABLED:-true} diff --git a/assets/runtime/functions b/assets/runtime/functions index 07477a6ae..5dd1c703d 100644 --- a/assets/runtime/functions +++ b/assets/runtime/functions @@ -406,6 +406,10 @@ gitlab_configure_mailroom() { -e "/{{IMAP_STARTTLS}}/d" \ -e "/{{IMAP_MAILBOX}}/d" \ -e "/{{IMAP_TIMEOUT}}/d" \ + -e "/{{IMAP_METHOD}}/d" \ + -e "/{{IMAP_TENANT_ID}}/d" \ + -e "/{{IMAP_CLIENT_ID}}/d" \ + -e "/{{IMAP_CLIENT_SECRET}}/d" \ ${GITLAB_CONFIG} fi @@ -419,7 +423,11 @@ gitlab_configure_mailroom() { IMAP_SSL \ IMAP_STARTTLS \ IMAP_MAILBOX \ - IMAP_TIMEOUT + IMAP_TIMEOUT \ + IMAP_METHOD \ + IMAP_TENANT_ID \ + IMAP_CLIENT_ID \ + IMAP_CLIENT_SECRET # enable/disable startup of mailroom echo "mail_room_enabled=${GITLAB_INCOMING_EMAIL_ENABLED}" >> /etc/default/gitlab