Ntfy configuration: Difference between revisions
From wikinotes
(→Basics) |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 25: | Line 25: | ||
</blockquote><!-- Locations --> | </blockquote><!-- Locations --> | ||
= Basics = | = Server = | ||
<blockquote> | |||
== Basics == | |||
<blockquote> | <blockquote> | ||
<syntaxhighlight lang="yaml"> | <syntaxhighlight lang="yaml"> | ||
| Line 49: | Line 51: | ||
</blockquote><!-- Basics --> | </blockquote><!-- Basics --> | ||
= Components = | == Components == | ||
<blockquote> | <blockquote> | ||
== Access Control == | === Access Control === | ||
<blockquote> | <blockquote> | ||
The UI will be public, but creating topics and emitting to them will require login. | |||
<syntaxhighlight lang="yaml"> | <syntaxhighlight lang="yaml"> | ||
# ${PREFIX}/etc/ntfy/server.yml | # ${PREFIX}/etc/ntfy/server.yml | ||
| Line 66: | Line 70: | ||
</blockquote><!-- Access Control --> | </blockquote><!-- Access Control --> | ||
== Token Auth == | === Token Auth === | ||
<blockquote> | <blockquote> | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
| Line 72: | Line 76: | ||
ntfy token add --expires=30d --label="backups" phil # create token for user 'phil' | ntfy token add --expires=30d --label="backups" phil # create token for user 'phil' | ||
</syntaxhighlight> | </syntaxhighlight> | ||
{{ WARNING | | |||
You'll need to generate a token for the iOS app, and set it in the server.yml if using AUTH. | |||
}} | |||
</blockquote><!-- Token Auth --> | </blockquote><!-- Token Auth --> | ||
=== iOS === | |||
<blockquote> | |||
<syntaxhighlight lang="yaml"> | |||
# iOS events work by polling your server | |||
upstream-base-url: "https://foo.com" | |||
upstream-access-token: "..." | |||
</syntaxhighlight> | |||
</blockquote><!-- iOS --> | |||
=== UI vs API port === | |||
<blockquote> | |||
They intentionally did not provide a configuration option for this,<br> | |||
and suggested you allowlist IP address for UI routes. | |||
<blockquote> | |||
In nginx, you can restrict routes for certain IP ranges easily, so you don't need ntfy to help you via a different port. | |||
https://github.com/binwiederhier/ntfy/issues/459 | |||
</blockquote> | |||
</blockquote><!-- UI vs API port --> | |||
</blockquote><!-- Components --> | </blockquote><!-- Components --> | ||
</blockquote><!-- Server --> | |||
= iOS App = | |||
<blockquote> | |||
<syntaxhighlight lang="yaml"> | |||
Settings: | |||
Default Server: foo.com:1234 | |||
Add Subscription: | |||
# enter the topic name | |||
</syntaxhighlight> | |||
The notifications can be manually refreshed,<br> | |||
if using your phone apparently the expected delay is around 20-30 min.<br> | |||
there doesn't seem to be an estimate for how frequently the background tasks are run when configured. | |||
</blockquote><!-- iOS App --> | |||
Latest revision as of 23:44, 19 May 2024
A self hosted pub/sub server wtih a FOSS app (iOS/android) that will issue push notifications.
NOTE:
ntfy has extensive configuration options not covered here, just a quickstart here.
Documentation
official docs https://docs.ntfy.sh/ sample config https://github.com/binwiederhier/ntfy/blob/main/server/server.yml
Locations
${PREFIX}/etc/ntfy/server.ymlconfig
Server
Basics
# ${PREFIX}/etc/ntfy/server.yml base-url: https://foo.com # cache messages (for inconsistent internet connections like phone) cache-file: /var/cache/ntfy/cache.db cache-duration: 12h # require basic-auth or token-auth auth-file: /var/lib/ntfy/user.db auth-default-access: deny-all # use "X-Forwarded-For" to identify unique visitors when rate-limiting behind-proxy: true # expose scrapable endpoint for prometheus enable-metrics: true metrics-listen-http: 10.0.1.1:9090Components
Access Control
The UI will be public, but creating topics and emitting to them will require login.
# ${PREFIX}/etc/ntfy/server.yml auth-file: /var/lib/ntfy/user.db auth-default-access: deny-allntfy user # manage users from cli ntfy user add --role=admin phil # create a user w/ admin roleToken Auth
ntfy token # manage tokens ntfy token add --expires=30d --label="backups" phil # create token for user 'phil'
WARNING:
You'll need to generate a token for the iOS app, and set it in the server.yml if using AUTH.
iOS
# iOS events work by polling your server upstream-base-url: "https://foo.com" upstream-access-token: "..."UI vs API port
They intentionally did not provide a configuration option for this,
and suggested you allowlist IP address for UI routes.In nginx, you can restrict routes for certain IP ranges easily, so you don't need ntfy to help you via a different port.
iOS App
Settings: Default Server: foo.com:1234 Add Subscription: # enter the topic nameThe notifications can be manually refreshed,
if using your phone apparently the expected delay is around 20-30 min.
there doesn't seem to be an estimate for how frequently the background tasks are run when configured.
