Project Soon

Mail Notification

Mail is difficult to set up, so it has been ignored for most part. However, while setting up a mail server in itself is close to impossible (if you screw something up, you are done), mail notifications for existing mail services should not be that hard. PVE and PBS have a pretty straightforward way doing this 1, but I am going to point out two ways to do this.

Postfix

Before doing anything else, we need to set up postfix for it to be able to send anything at all. Both PVE and PBS has this service already available, meaning it is only up to us to configure it. We only need to install libsasl2-modules as that is required for credentials handling.

apt install libsasl2-modules

Then we create the password file and generate its hash value. From this point on we are going to use Gmail as an example. Please replace this with your own configuration. There are many alternative guides for this step 234.

1
2
3
4
cd /etc/postfix
echo "smtp.gmail.com example@gmail.com:insert-password-here" > sasl_passwd
chmod 600 sasl_passwd
postmap hash:sasl_passwd

postmap will generate a binary database which postfix can read. Then edit main.cf (after backing it up) and replace it with the following.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
myhostname=pve
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 127.0.0.0/8
inet_interfaces = loopback-only
recipient_delimiter = +
compatibility_level = 3.6
relayhost = smtp.gmail.com:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
smtp_tls_CAfile = /etc/ssl/certs/Entrust_Root_Certification_Authority.pem
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtp_tls_session_cache_timeout = 3600s
smtp_tls_wrappermode = yes
smtp_tls_security_level = encrypt

Some of these can be left out or changed outright. Note that the SMTP port is for Gmail, while it usually is 465 for other hosts. Reload the config with service postfix reload. Also note that this whole section can be applied to any other service as well, like PHP, Forgejo, etc.

Proxmox configs

Making PVE or PBS work with these config is as easy as a few clicks. Just make sure that some configs are set right to avoid the recipient server to deny you outright.

Editing a user. E-Mail should be set to a desired value.

Editing a user. E-Mail should be set to a desired value.

Edit the existing root user and add the e-mail which the mail will be sent to. This could of course be any other user if the host is shared with more users.

Editing a notification target. Sendmail is used with underlying system. Author and Address should be filled.

Editing a notification target. Sendmail is used with underlying system. Author and Address should be filled.

Finally try the configs by hitting the Test button. A test mail should be received within a minute, but could take longer. If nothing happens within 5 minutes, check logs in /var/log/mail.log.

Wasted effort

After doing all this tedious work, I found out just recently while writing this post that Proxmox has SMTP support in the WebUI itself, making the Postfix section completely redundant.

Editing a notification target. SMTP is used directly. All necessary configs, and optional ones, should be filled in.

Editing a notification target. SMTP is used directly. All necessary configs, and optional ones, should be filled in.

While this makes the first phase a lot more straight-forward, you will be more tied to Proxmox and also make it a bit more difficult to template it with Ansible.

Conclusion

Notifications is really important if you got a bunch of services to handle, or if you will not actively monitor your systems. I wished I had investigated further into what Proxmox provided for notifications, as then I would probably have used that instead. While doing this, I also threw together an Ansible role to make configs a bit easier. And as this applies to both PVE and PBS, I halved the amount of work needed to be done.


  1. https://pve.proxmox.com/wiki/Notifications ↩︎

  2. https://www.naturalborncoder.com/linux/2023/05/19/setting-up-email-notifications-in-proxmox-using-gmail/ ↩︎

  3. https://poweradm.com/postfix-with-microsoft-365-smtp-relay/ ↩︎

  4. https://serverfault.com/questions/1029445/how-do-i-configure-postfix-to-send-emails-with-protonmail-bridge ↩︎