Serverless AWS deployments should not need an SMTP service or SMTP
credentials just to send Vaultwarden mail. Allow mail delivery through
Amazon SES when USE_AWS_SES is enabled, while preserving the existing SMTP
and sendmail transports.
Add the ses feature and an aws umbrella feature. Keep mail config
validation strict by requiring SMTP_FROM for SES, and treat SES as a
configured mail transport for email 2FA.
Send MIME messages through the SESv2 SendEmail raw content path. Share AWS
SDK configuration with S3 so AWS clients use the same reqwest-backed
connector and credential loading behavior.
OpenDAL S3 storage accepts bucket and root path data today, but
serverless deployments also need URI query parameters to describe provider
behavior in one DATA_FOLDER value.
Update OpenDAL to 0.56.0 and build S3 operators with
S3Config::from_uri(). Keep Vaultwarden's AWS SDK credential chain by
installing a reqsign provider when the URI does not explicitly request
OpenDAL-native credential handling.
Move path handling and operator construction into storage.rs so S3-specific
parsing, credential setup, and URI path manipulation stay out of
configuration handling. Local filesystem behavior is unchanged, and S3
child paths are derived before query strings.
