diff --git a/changelog.d/0-release-notes/WPB-14284 b/changelog.d/0-release-notes/WPB-14284 new file mode 100644 index 00000000000..f66d4f30bd7 --- /dev/null +++ b/changelog.d/0-release-notes/WPB-14284 @@ -0,0 +1 @@ +If brig's server values config has the field `emailSMS.team`, the correct value for the personal user to team invitation URL must be set under `emailSMS.team.tExistingUserInvitationUrl`. Otherwise the URL will point to a path under the account pages and therefore a value for `externalUrls.accountPages` is required. diff --git a/changelog.d/3-bug-fixes/WPB-14284 b/changelog.d/3-bug-fixes/WPB-14284 new file mode 100644 index 00000000000..68e2d9f64f0 --- /dev/null +++ b/changelog.d/3-bug-fixes/WPB-14284 @@ -0,0 +1 @@ +Fixed config for personal user to team invitation URL template. diff --git a/charts/brig/templates/configmap.yaml b/charts/brig/templates/configmap.yaml index d602d049d13..1a4fbeb87a7 100644 --- a/charts/brig/templates/configmap.yaml +++ b/charts/brig/templates/configmap.yaml @@ -186,14 +186,13 @@ data: {{- else }} {{- if .externalUrls.teamSettings }} tInvitationUrl: {{ .externalUrls.teamSettings }}/join/?team-code=${code} - tExistingUserInvitationUrl: {{ .externalUrls.teamSettings }}/accept-invitation/?team-code=${code} {{- else }} tInvitationUrl: {{ .externalUrls.nginz }}/register?team=${team}&team_code=${code} - tExistingUserInvitationUrl: {{ .externalUrls.nginz }}/accept-invitation/?team-code=${code} {{- end }} tActivationUrl: {{ .externalUrls.nginz }}/register?team=${team}&team_code=${code} tCreatorWelcomeUrl: {{ .externalUrls.teamCreatorWelcome }} tMemberWelcomeUrl: {{ .externalUrls.teamMemberWelcome }} + tExistingUserInvitationUrl: {{ .externalUrls.accountPages }}/accept-invitation/?team-code=${code} {{- end }} zauth: diff --git a/docs/src/developer/reference/config-options.md b/docs/src/developer/reference/config-options.md index 74565d0dd21..41748ebc3ba 100644 --- a/docs/src/developer/reference/config-options.md +++ b/docs/src/developer/reference/config-options.md @@ -801,6 +801,27 @@ This setting is required to be present for all the services (brig, cannon, cargo The default value (provided under `charts//values.yaml`) is `[ development ]` and disables the development versions. To enable all versions including the development versions set the value to be empty: `[]`. +### Team invitation URL for personal users + +To configure the team invitation URL for personal users that is sent vai email, `emailSMS.team.tExistingUserInvitationUrl` should be set to the desired URL, e.g.: + +```yaml +brig: + config + emailSMS: + team: + tExistingUserInvitationUrl: '{{ .Values.accountUrl }}/accept-invitation/?team-code=${code}' +``` + +In some environments the `team` config section does not exist. In this case brig's configmap constructs the URL from the account pages URL which then must be set under `externalUrls.accountPages` e.g. as follows: + +```yaml +brig: + config: + externalUrls: + accountPages: https://account.wire.com +``` + ## Settings in cargohold AWS S3 (or an alternative provider / service) is used to upload and download diff --git a/hack/helm_vars/wire-server/values.yaml.gotmpl b/hack/helm_vars/wire-server/values.yaml.gotmpl index 8bd68830837..7c917dee7ac 100644 --- a/hack/helm_vars/wire-server/values.yaml.gotmpl +++ b/hack/helm_vars/wire-server/values.yaml.gotmpl @@ -57,6 +57,7 @@ brig: nginz: https://kube-staging-nginz-https.zinfra.io teamCreatorWelcome: https://teams.wire.com/login teamMemberWelcome: https://wire.com/download + accountPages: https://account.wire.com cassandra: host: {{ .Values.cassandraHost }} replicaCount: 1 @@ -134,7 +135,7 @@ brig: setOAuthEnabled: true setOAuthRefreshTokenExpirationTimeSecs: 14515200 # 24 weeks setOAuthMaxActiveRefreshTokens: 10 - # These values are insecure, against anyone getting hold of the hash, + # These values are insecure, against anyone getting hold of the hash, # but its not a concern for the integration tests. setPasswordHashingOptions: algorithm: argon2id @@ -281,7 +282,7 @@ galley: federationDomain: integration.example.com disabledAPIVersions: [] - # These values are insecure, against anyone getting hold of the hash, + # These values are insecure, against anyone getting hold of the hash, # but its not a concern for the integration tests. passwordHashingOptions: algorithm: argon2id