From 0a00adc5800a4eb223d1b93d987e03fe49c4c91e Mon Sep 17 00:00:00 2001
From: Slavi Pantaleev <slavi@devture.com>
Date: Sat, 18 Apr 2026 07:49:49 +0300
Subject: [PATCH] Auto-wire Continuwuity SMTP and well-known defaults

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/5154
---
 docs/configuring-playbook-continuwuity.md |  7 +++++++
 docs/configuring-playbook-email.md        |  2 +-
 group_vars/matrix_servers                 | 13 +++++++++++++
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/docs/configuring-playbook-continuwuity.md b/docs/configuring-playbook-continuwuity.md
index dec5f2742..bb4fe3e9b 100644
--- a/docs/configuring-playbook-continuwuity.md
+++ b/docs/configuring-playbook-continuwuity.md
@@ -46,6 +46,13 @@ Take a look at:
 
 There are various Ansible variables that control settings in the `continuwuity.toml` file.
 
+💡 By default, the playbook wires Continuwuity into a few playbook-wide settings:
+
+- if `exim_relay_enabled: true` (the default), Continuwuity SMTP is automatically enabled and pointed at the [local Exim relay](configuring-playbook-email.md) service
+- `matrix_continuwuity_config_well_known_client` is automatically set to the public homeserver URL in the usual SSL-enabled setup, which helps email verification and password-reset links work in delegated-domain setups
+
+You can override any of these defaults in your `vars.yml` file if you want Continuwuity to use a different SMTP server or a different well-known client URL.
+
 If a specific setting you'd like to change does not have a dedicated Ansible variable, you can either submit a PR to us to add it, or you can [override the setting using an environment variable](https://continuwuity.org/configuration#environment-variables) using `matrix_continuwuity_environment_variables_extension`. For example:
 
 ```yaml
diff --git a/docs/configuring-playbook-email.md b/docs/configuring-playbook-email.md
index 859da8cf2..30626f31a 100644
--- a/docs/configuring-playbook-email.md
+++ b/docs/configuring-playbook-email.md
@@ -23,7 +23,7 @@ The [Ansible role for exim-relay](https://github.com/mother-of-all-self-hosting/
 
 1. **Final delivery capability**: Can deliver emails directly if you don't have an SMTP server
 
-2. **Centralized configuration**: Configure your upstream SMTP server once in exim-relay, then point all services ([Synapse](configuring-playbook-synapse.md), [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), etc.) there—no need to configure SMTP in each component
+2. **Centralized configuration**: Configure your upstream SMTP server once in exim-relay, then point all services ([Synapse](configuring-playbook-synapse.md), [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), [Continuwuity](configuring-playbook-continuwuity.md), etc.) there, with no need to configure SMTP in each component
 
 3. **Local spooling**: Stores messages locally and retries delivery if your upstream SMTP server is temporarily unavailable
 
diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers
index 0822b9278..ed6385a5a 100755
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -5760,6 +5760,12 @@ matrix_continuwuity_hostname: "{{ matrix_server_fqn_matrix }}"
 
 matrix_continuwuity_config_allow_federation: "{{ matrix_homeserver_federation_enabled }}"
 
+matrix_continuwuity_config_well_known_client: "{{ matrix_homeserver_url if matrix_playbook_ssl_enabled else '' }}"
+
+matrix_continuwuity_config_smtp_enabled: "{{ exim_relay_enabled }}"
+matrix_continuwuity_config_smtp_connection_uri: "{{ ('smtp://' ~ exim_relay_identifier ~ ':8025') if exim_relay_enabled else '' }}"
+matrix_continuwuity_config_smtp_sender: "{{ exim_relay_sender_address if exim_relay_enabled else '' }}"
+
 matrix_continuwuity_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_continuwuity_container_image_registry_prefix_upstream_default }}"
 
 matrix_continuwuity_container_network: "{{ matrix_homeserver_container_network }}"
@@ -5768,6 +5774,8 @@ matrix_continuwuity_container_additional_networks_auto: |
   {{
     (
       ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_continuwuity_container_labels_traefik_enabled and matrix_playbook_reverse_proxyable_services_additional_network else [])
+      +
+      ([exim_relay_container_network] if (exim_relay_enabled and matrix_continuwuity_config_smtp_enabled and matrix_continuwuity_config_smtp_connection_uri == ('smtp://' ~ exim_relay_identifier ~ ':8025') and matrix_continuwuity_container_network != exim_relay_container_network) else [])
     ) | unique
   }}
 
@@ -5795,6 +5803,11 @@ matrix_continuwuity_config_turn_password: "{{ coturn_lt_cred_mech_password if (c
 
 matrix_continuwuity_self_check_validate_certificates: "{{ matrix_playbook_ssl_enabled }}"
 
+matrix_continuwuity_systemd_wanted_services_list_auto: |
+  {{
+    ([exim_relay_identifier ~ '.service'] if (exim_relay_enabled and matrix_continuwuity_config_smtp_enabled and matrix_continuwuity_config_smtp_connection_uri == ('smtp://' ~ exim_relay_identifier ~ ':8025')) else [])
+  }}
+
 ######################################################################
 #
 # /matrix-continuwuity