We are a bit new to php world, but interested in Mautic to run some marketing automation for our business.
After initial deployment and implementing our security policies several changes became required for us to go live:
Disable gravatar integration and/or remove users` avatars at all
Disable language packs downloads because we don’t need them
Disable outgoing HTTP requests from mautic to anywhere
Patch mautic so that it could use client certificate to authenticate on SMTP relays properly
All of these because by our policies it is prohibited for applications to do unnecessary for business http requests to the outer world, and only necessary incoming network traffic could be allowed.
Could all of the points above be achieved with a plugin we could develop? Is there any “plugin 101” guide describing the process of development/deployment/activation of a plugin?
Unfortunately the documentation for plugin development is lacking, I’ve only been using mautic in my role with my company for 3 months. That being said I have a good grip on it and actually developing plugins is not so hard.
Mautics own documentation is enough to get you started along with the structure one you found. But a lot of it is going to be trial by error (that’s my own personal experience).
I would review one of the build in plugins along with the developer documentation to understand how it all fits together.
For your own question, it is totally feasible that your points could be achieved with a plugin, I am not sure about the language packs as you will need to use it for your language.
Also if you need help posting on here as well as stackoverflow will soon get you moving again
I intend to write my own documentation from what I have learned, I might get Part one released this weekend (time depending).
That is fantastic to see @rcheesley , I can certainly help with the documentation, I will take a look either today or tomorrow and have a good read through what has been completed.
Thank you for sharing the link I was not aware this existed
May I ask for the advice on “how to start” please?
For instance, we saw that very often as part of some crucial actions like logging-in admin user Mautic tries to fetch translations via translations_fetch_url (src: /app/bundles/CoreBundle/Helper/LanguageHelper.php#L246), this lead to issues because it can’t do http requests and such were executing forever with no success.
The attempt to simply replace config entitiestranslations_fetch_url and translations_list_url with empty strings solved the issues, but we have many errors in the logs like this: mautic.ERROR: An error occurred while attempting to fetch the language list: URI must be a string or UriInterface [] []
What should be the best strategy to override this behavior with a Plugin? We don’t want to rewrite any Core code as it will force us to have our own source of code for the base system and merge it with new versions every time new build will be published. Instead, we’d like to somehow control it with our Plugin and update only Plugin code if/when needed.
This might be dummy question, but this is only because we don’t have much experience with php/symfony (yet ).
Sorry for the long delay in replying,
Dont worry about it, we all start somewhere
(I am not familiar with this as it was not an issue for us)
You have two options:
enable http to anyware - Reason being its up to you to ensure your instance when running live does what is expected. Mautic will only talk to the outside world if you have code to allow it too. For instance the language pack. it is better to get that from somewhere else instead of using your server to do the work. Plus it is provided by the Mautic team which means the system will be expecting the json in a structured way and if it doesn’t get it it won’t work.
Your second option is to create your own version of the json that is returned from the language helper and write a plugin that overrides the default functionality and get the file from your server.
That being said tho, your internal infrastructure can be configured to only allow communications via trusted ip addresses and for the sake of simplicity I would not write an overriding plugin and allow mautic to do what it is meant to with regards to the language packs
I’ve spent couple of days reading through Symfony’s fast track book and things became a bit more clear, but still not enough.
What I try to figure out right now is how I can redefine parameters set in CoreBundle/Config/config.php?
Let me explain the idea we still try to implement. Basically, we have indeed very strong information security policies, and what we’d like to have is to deploy Mautic in k8s. At the same time we’d need some customizations to be done (like some new entities to store leads details).
So the general idea is to build the pipeline to be like:
take mautic distro (installation package/docker image, whatever)
add needed configs (like local.php and some others inside app/config)
add needed plugins (btw, can we install plugin programmatically i.e. by editing some files?)
build our own image/distro/package
deploy
Is there any docs describing how and when configs are used from app/config? Tried to use dump() inside local.php with no success…
Sending statistic to mautic and downloading language pack could be disabled (I’d say “hacked”) by redefining config options with a plugin: stats_update_url, translations_list_url, translations_fetch_url
And the easiest part - gravatar integration could be entirely wiped by overriding corresponding classes with your plugin thanks to Symfony’s feature allowing plugins to override any service in the container.