diff --git a/.gitea/workflows/deploy-verso-prod.yml b/.gitea/workflows/deploy-verso-prod.yml index d6718eea02..5d2ac99ccb 100644 --- a/.gitea/workflows/deploy-verso-prod.yml +++ b/.gitea/workflows/deploy-verso-prod.yml @@ -329,46 +329,15 @@ jobs: # (CE default): admin creates accounts / sends invites. - name: OVERLEAF_ENABLE_PROJECT_PYTHON_VENV value: "true" - # SMTP for password-reset / invite emails. Values come from - # the 'verso-smtp' Secret; all optional so the app boots - # before the secret exists (email stays off until - # OVERLEAF_EMAIL_FROM_ADDRESS is present). - - name: OVERLEAF_EMAIL_FROM_ADDRESS - valueFrom: - secretKeyRef: - name: verso-smtp - key: from-address - optional: true - - name: OVERLEAF_EMAIL_SMTP_HOST - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-host - optional: true - - name: OVERLEAF_EMAIL_SMTP_PORT - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-port - optional: true - - name: OVERLEAF_EMAIL_SMTP_SECURE - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-secure - optional: true - - name: OVERLEAF_EMAIL_SMTP_USER - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-user - optional: true - - name: OVERLEAF_EMAIL_SMTP_PASS - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-pass - optional: true + # (SMTP email vars are loaded below via envFrom.) + # SMTP for password-reset / invite emails. All + # OVERLEAF_EMAIL_* vars come from the optional 'verso-smtp' + # Secret (its keys must be named exactly like those env + # vars). Optional, so the app boots before the secret exists. + envFrom: + - secretRef: + name: verso-smtp + optional: true volumeMounts: - name: verso-data mountPath: /var/lib/overleaf/data diff --git a/server-ce/k8s/verso-prod-app.yaml b/server-ce/k8s/verso-prod-app.yaml index 4f01302d4a..838d3f9307 100644 --- a/server-ce/k8s/verso-prod-app.yaml +++ b/server-ce/k8s/verso-prod-app.yaml @@ -77,46 +77,15 @@ spec: # them). Public self-registration is also off (CE default). - name: OVERLEAF_ENABLE_PROJECT_PYTHON_VENV value: "true" - # SMTP for password-reset / invite emails. Values come from the - # 'verso-smtp' Secret; all optional so the app boots before the - # secret exists (email stays off until OVERLEAF_EMAIL_FROM_ADDRESS - # is present). - - name: OVERLEAF_EMAIL_FROM_ADDRESS - valueFrom: - secretKeyRef: - name: verso-smtp - key: from-address - optional: true - - name: OVERLEAF_EMAIL_SMTP_HOST - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-host - optional: true - - name: OVERLEAF_EMAIL_SMTP_PORT - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-port - optional: true - - name: OVERLEAF_EMAIL_SMTP_SECURE - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-secure - optional: true - - name: OVERLEAF_EMAIL_SMTP_USER - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-user - optional: true - - name: OVERLEAF_EMAIL_SMTP_PASS - valueFrom: - secretKeyRef: - name: verso-smtp - key: smtp-pass - optional: true + # SMTP for password-reset / invite emails. All OVERLEAF_EMAIL_* vars + # are loaded from the optional 'verso-smtp' Secret — its keys must be + # named exactly like these env vars (see the kubectl create secret + # command in the docs). Optional, so the app still boots before the + # secret exists; email just stays off. + envFrom: + - secretRef: + name: verso-smtp + optional: true volumeMounts: - name: verso-data mountPath: /var/lib/overleaf/data