Getting a local LAN installation of GitLab to send an e-mail to the outside world

This is going to be a write-up for a very specific use case.  See if the below applies to you:

  1. There is a local server in your house(e.g. 192.168.1.100)
  2. I installed Ubuntu(ubuntu-server) with the hostname, “HomeGitLab
  3. I installed GitLab onto 192.168.1.100 (used the Omnibus install)
  4. I want HomeGitLab use my dreamhost mail server(let’s say mailServer.minuk.net – make sure you change this to your correct mail server address!) to send e-mails(e.g. new account creation e-mails)*

I have this set up in such a way that users on my WiFi can point their browser to http://HomeGitLab and it will load up GitLab installed on 192.168.1.100.  In essence, this server does not exist outside of my home LAN. However, whenever users sign up to create a new account, they will get the e-mail on their real e-mail accounts.  Putting aside the madness that a server that does not exist on the Internet is sending e-mails to e-mail accounts that does exist on the Internet.  Still interested? Read on.

  1. Create an e-mail account that HomeGitLab will use, for this example, the login is HomeGitLab@minuk.net with the password, HomeGitLabPassword (please use a stronger password!)
  2. Verify that you can send emails from HomeGitLab@minuk.net to a valid e-mail account.
  3. make the following modifications to /etc/postfix/main.cf;
    1. Remember this location
      myorigin = /etc/mailname
    2. Make the following modification:
      inet_interfaces = localhost
      relayhost = [mailServer.minuk.net]:587
    3. Add the following:
      # enable SASL authentication
      smtp_sasl_auth_enable = yes
      # disallow methods that allow anonymous authentication.
      smtp_sasl_security_options =
      # where to find sasl_passwd
      smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
      # Enable STARTTLS encryption
      smtp_use_tls = yes
      # where to find CA certificates
      smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
  4. Save /etc/postfix/main.cf
  5. Note 3.A – edit that file and make sure this matches your mail server’s domain(e.g minuk.net)
  6. create the following file and add the following(/etc/posfix/sasl_passwd);
    [mailServer.minuk.net]:587 HomeGitLab@minuk.net:HomeGitLabPassword
    1. The e-mail and password is from 1.A
    2. Note that mail address needs to be in square brackets
  7. Save /etc/postfix/sasl_passwd
  8. run the following command,
    sudo postmap /etc/postfix/sasl_passwd
  9. Secure the password and hash;
    sudo chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
    sudo chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db
  10. Finally restart postfix;
  11. sudo /etc/init.d/postfix restart

Now, I don’t really know how you can test the e-mail functionality in GitLab other than going to http://HomeGitLab and then clicking on Forgot your password? and seeing if our server is sending the e-mail to a legit user.  Keep in mind that the user that receives the e-mail should not click on the URLs in the e-mail unless they are connected to your home LAN, since the server is not accessible from the Internet.

 

Let me know if this has helped/worked for you!

One Reply to “Getting a local LAN installation of GitLab to send an e-mail to the outside world”

Leave a Reply