From 3e6af4eab29e0d0b25d5390eac9d2f10f01be08f Mon Sep 17 00:00:00 2001
From: Kevin <kew.sanchez@gmail.com>
Date: Wed, 23 Oct 2024 18:28:40 +0200
Subject: [PATCH] feat(Email): Adds configuration for Strapi's email service

---
 cms/config/plugins.ts                          | 18 +++++++++++++++++-
 cms/package.json                               |  1 +
 infrastructure/base/modules/email/main.tf      | 13 +++++++++++++
 infrastructure/base/modules/email/variables.tf |  4 ++++
 infrastructure/base/modules/env/main.tf        |  6 ++++--
 5 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/cms/config/plugins.ts b/cms/config/plugins.ts
index 56bf55f..29e3705 100644
--- a/cms/config/plugins.ts
+++ b/cms/config/plugins.ts
@@ -1 +1,17 @@
-export default () => ({});
+export default ({env}) => ({
+  email: {
+    config: {
+      provider: 'amazon-ses',
+      providerOptions: {
+        key: env('AWS_SES_ACCESS_KEY_ID'),
+        secret: env('AWS_SES_ACCESS_KEY_SECRET'),
+        amazon: `https://email.${env('AWS_REGION')}.amazonaws.com`
+      },
+      settings: {
+        defaultFrom: `strapi@${env('AWS_SES_DOMAIN')}`,
+        defaultReplyTo: `strapi@${env('AWS_SES_DOMAIN')}`,
+      },
+    },
+  }
+
+});
diff --git a/cms/package.json b/cms/package.json
index a2b78d3..269fcc6 100644
--- a/cms/package.json
+++ b/cms/package.json
@@ -14,6 +14,7 @@
     "@strapi/plugin-cloud": "4.25.13",
     "@strapi/plugin-i18n": "4.25.13",
     "@strapi/plugin-users-permissions": "4.25.13",
+    "@strapi/provider-email-amazon-ses": "5.1.1",
     "@strapi/strapi": "4.25.13",
     "pg": "8.8.0",
     "react": "^18.0.0",
diff --git a/infrastructure/base/modules/email/main.tf b/infrastructure/base/modules/email/main.tf
index e99e770..597eda9 100644
--- a/infrastructure/base/modules/email/main.tf
+++ b/infrastructure/base/modules/email/main.tf
@@ -7,10 +7,23 @@ resource "aws_ses_domain_identity" "domain_identity" {
   domain = var.domain
 }
 
+// This represents a completed email identity verification, so it must be uncommented once
+// it's been completed
+resource "aws_ses_domain_identity_verification" "domain_identity_verification" {
+  domain = aws_ses_domain_identity.domain_identity.id
+}
+
 resource "aws_ses_domain_dkim" "domain_dkim" {
   domain = aws_ses_domain_identity.domain_identity.domain
 }
 
+resource "aws_ses_configuration_set" "email_configuration_set" {
+  name = "${var.project}-email-config-set"
+}
+// MISSING: currently the resource to assign a configuration set to an identity seems to be available
+//only in aws_ses_v2, so it needs to be done manually on the console, or be forced to recreate all ses resources
+
+//Permissions
 resource "aws_iam_user" "email_sender_user" {
   name = "${replace(title(replace(var.domain, "/\\W/", " ")), " ","")}EmailSender"
 }
diff --git a/infrastructure/base/modules/email/variables.tf b/infrastructure/base/modules/email/variables.tf
index 94ed1c6..d17c373 100644
--- a/infrastructure/base/modules/email/variables.tf
+++ b/infrastructure/base/modules/email/variables.tf
@@ -7,3 +7,7 @@ variable "region" {
   type        = string
   description = "A valid AWS region to house resources."
 }
+
+variable "project" {
+  type = string
+}
diff --git a/infrastructure/base/modules/env/main.tf b/infrastructure/base/modules/env/main.tf
index 462a273..48ec741 100644
--- a/infrastructure/base/modules/env/main.tf
+++ b/infrastructure/base/modules/env/main.tf
@@ -60,8 +60,10 @@ resource "aws_security_group_rule" "port_forward_postgres" {
 module "email" {
   source = "../email"
 
-  domain = var.domain
-  region = var.aws_region
+  domain  = var.domain
+  region  = var.aws_region
+  project = var.project
+
 }
 
 resource "aws_iam_access_key" "email_user_access_key" {