make smtp tls configurable / optional

.gitignore

@@ -5,6 +5,7 @@
 /roles/**/files/scratchpad
 .DS_Store
 .python-version
+.idea/
 flake.lock
 
 # ignore roles pulled by ansible-galaxy

roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2

@@ -2351,7 +2351,7 @@ email:
   # must present a certificate that is valid for 'smtp_host'. If this option
   # is set to false, TLS will not be used.
   #
-  #enable_tls: false
+  enable_tls: {{ matrix_synapse_email_smtp_enable_tls|to_json }}
 
   # notif_from defines the "From" address to use when sending emails.
   # It must be set if email sending is enabled.

roles/custom/matrix-synapse/vars/main.yml

@@ -5,6 +5,9 @@ matrix_synapse_federation_api_url_endpoint_public: "https://{{ matrix_server_fqn
 
 matrix_synapse_media_store_directory_name: "{{ matrix_synapse_media_store_path | basename }}"
 
+# Optionally: `false` to fully disable tls on outbound smtp
+matrix_synapse_email_smtp_enable_tls: true
+
 # A Synapse generic worker can handle both federation and client-server API endpoints.
 # We wish to split these, as we normally serve federation separately and don't want them mixed up.
 #