server.yml 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362
  1. # ntfy server config file
  2. #
  3. # Please refer to the documentation at https://ntfy.sh/docs/config/ for details.
  4. # All options also support underscores (_) instead of dashes (-) to comply with the YAML spec.
  5. # Public facing base URL of the service (e.g. https://ntfy.sh or https://ntfy.example.com)
  6. #
  7. # This setting is required for any of the following features:
  8. # - attachments (to return a download URL)
  9. # - e-mail sending (for the topic URL in the email footer)
  10. # - iOS push notifications for self-hosted servers (to calculate the Firebase poll_request topic)
  11. # - Matrix Push Gateway (to validate that the pushkey is correct)
  12. #
  13. # base-url:
  14. # Listen address for the HTTP & HTTPS web server. If "listen-https" is set, you must also
  15. # set "key-file" and "cert-file". Format: [<ip>]:<port>, e.g. "1.2.3.4:8080".
  16. #
  17. # To listen on all interfaces, you may omit the IP address, e.g. ":443".
  18. # To disable HTTP, set "listen-http" to "-".
  19. #
  20. # listen-http: ":80"
  21. # listen-https:
  22. # Listen on a Unix socket, e.g. /var/lib/ntfy/ntfy.sock
  23. # This can be useful to avoid port issues on local systems, and to simplify permissions.
  24. #
  25. # listen-unix: <socket-path>
  26. # listen-unix-mode: <linux permissions, e.g. 0700>
  27. # Path to the private key & cert file for the HTTPS web server. Not used if "listen-https" is not set.
  28. #
  29. # key-file: <filename>
  30. # cert-file: <filename>
  31. # If set, also publish messages to a Firebase Cloud Messaging (FCM) topic for your app.
  32. # This is optional and only required to save battery when using the Android app.
  33. #
  34. # firebase-key-file: <filename>
  35. # If "cache-file" is set, messages are cached in a local SQLite database instead of only in-memory.
  36. # This allows for service restarts without losing messages in support of the since= parameter.
  37. #
  38. # The "cache-duration" parameter defines the duration for which messages will be buffered
  39. # before they are deleted. This is required to support the "since=..." and "poll=1" parameter.
  40. # To disable the cache entirely (on-disk/in-memory), set "cache-duration" to 0.
  41. # The cache file is created automatically, provided that the correct permissions are set.
  42. #
  43. # The "cache-startup-queries" parameter allows you to run commands when the database is initialized,
  44. # e.g. to enable WAL mode (see https://phiresky.github.io/blog/2020/sqlite-performance-tuning/)).
  45. # Example:
  46. # cache-startup-queries: |
  47. # pragma journal_mode = WAL;
  48. # pragma synchronous = normal;
  49. # pragma temp_store = memory;
  50. # pragma busy_timeout = 15000;
  51. # vacuum;
  52. #
  53. # The "cache-batch-size" and "cache-batch-timeout" parameter allow enabling async batch writing
  54. # of messages. If set, messages will be queued and written to the database in batches of the given
  55. # size, or after the given timeout. This is only required for high volume servers.
  56. #
  57. # Debian/RPM package users:
  58. # Use /var/cache/ntfy/cache.db as cache file to avoid permission issues. The package
  59. # creates this folder for you.
  60. #
  61. # Check your permissions:
  62. # If you are running ntfy with systemd, make sure this cache file is owned by the
  63. # ntfy user and group by running: chown ntfy.ntfy <filename>.
  64. #
  65. # cache-file: <filename>
  66. # cache-duration: "12h"
  67. # cache-startup-queries:
  68. # cache-batch-size: 0
  69. # cache-batch-timeout: "0ms"
  70. # If set, access to the ntfy server and API can be controlled on a granular level using
  71. # the 'ntfy user' and 'ntfy access' commands. See the --help pages for details, or check the docs.
  72. #
  73. # - auth-file is the SQLite user/access database; it is created automatically if it doesn't already exist
  74. # - auth-default-access defines the default/fallback access if no access control entry is found; it can be
  75. # set to "read-write" (default), "read-only", "write-only" or "deny-all".
  76. # - auth-startup-queries allows you to run commands when the database is initialized, e.g. to enable
  77. # WAL mode. This is similar to cache-startup-queries. See above for details.
  78. #
  79. # Debian/RPM package users:
  80. # Use /var/lib/ntfy/user.db as user database to avoid permission issues. The package
  81. # creates this folder for you.
  82. #
  83. # Check your permissions:
  84. # If you are running ntfy with systemd, make sure this user database file is owned by the
  85. # ntfy user and group by running: chown ntfy.ntfy <filename>.
  86. #
  87. # auth-file: <filename>
  88. # auth-default-access: "read-write"
  89. # auth-startup-queries:
  90. # If set, the X-Forwarded-For header is used to determine the visitor IP address
  91. # instead of the remote address of the connection.
  92. #
  93. # WARNING: If you are behind a proxy, you must set this, otherwise all visitors are rate limited
  94. # as if they are one.
  95. #
  96. # behind-proxy: false
  97. # If enabled, clients can attach files to notifications as attachments. Minimum settings to enable attachments
  98. # are "attachment-cache-dir" and "base-url".
  99. #
  100. # - attachment-cache-dir is the cache directory for attached files
  101. # - attachment-total-size-limit is the limit of the on-disk attachment cache directory (total size)
  102. # - attachment-file-size-limit is the per-file attachment size limit (e.g. 300k, 2M, 100M)
  103. # - attachment-expiry-duration is the duration after which uploaded attachments will be deleted (e.g. 3h, 20h)
  104. #
  105. # attachment-cache-dir:
  106. # attachment-total-size-limit: "5G"
  107. # attachment-file-size-limit: "15M"
  108. # attachment-expiry-duration: "3h"
  109. # If enabled, allow outgoing e-mail notifications via the 'X-Email' header. If this header is set,
  110. # messages will additionally be sent out as e-mail using an external SMTP server.
  111. #
  112. # As of today, only SMTP servers with plain text auth (or no auth at all), and STARTLS are supported.
  113. # Please also refer to the rate limiting settings below (visitor-email-limit-burst & visitor-email-limit-burst).
  114. #
  115. # - smtp-sender-addr is the hostname:port of the SMTP server
  116. # - smtp-sender-from is the e-mail address of the sender
  117. # - smtp-sender-user/smtp-sender-pass are the username and password of the SMTP user (leave blank for no auth)
  118. #
  119. # smtp-sender-addr:
  120. # smtp-sender-from:
  121. # smtp-sender-user:
  122. # smtp-sender-pass:
  123. # If enabled, ntfy will launch a lightweight SMTP server for incoming messages. Once configured, users can send
  124. # emails to a topic e-mail address to publish messages to a topic.
  125. #
  126. # - smtp-server-listen defines the IP address and port the SMTP server will listen on, e.g. :25 or 1.2.3.4:25
  127. # - smtp-server-domain is the e-mail domain, e.g. ntfy.sh
  128. # - smtp-server-addr-prefix is an optional prefix for the e-mail addresses to prevent spam. If set to "ntfy-",
  129. # for instance, only e-mails to ntfy-$topic@ntfy.sh will be accepted. If this is not set, all emails to
  130. # $topic@ntfy.sh will be accepted (which may obviously be a spam problem).
  131. #
  132. # smtp-server-listen:
  133. # smtp-server-domain:
  134. # smtp-server-addr-prefix:
  135. # Web Push support (background notifications for browsers)
  136. #
  137. # If enabled, allows ntfy to receive push notifications, even when the ntfy web app is closed. When enabled, users
  138. # can enable background notifications in the web app. Once enabled, ntfy will forward published messages to the push
  139. # endpoint, which will then forward it to the browser.
  140. #
  141. # You must configure web-push-public/private key, web-push-file, and web-push-email-address below to enable Web Push.
  142. # Run "ntfy webpush keys" to generate the keys.
  143. #
  144. # - web-push-public-key is the generated VAPID public key, e.g. AA1234BBCCddvveekaabcdfqwertyuiopasdfghjklzxcvbnm1234567890
  145. # - web-push-private-key is the generated VAPID private key, e.g. AA2BB1234567890abcdefzxcvbnm1234567890
  146. # - web-push-file is a database file to keep track of browser subscription endpoints, e.g. `/var/cache/ntfy/webpush.db`
  147. # - web-push-email-address is the admin email address send to the push provider, e.g. `sysadmin@example.com`
  148. # - web-push-startup-queries is an optional list of queries to run on startup`
  149. #
  150. # web-push-public-key:
  151. # web-push-private-key:
  152. # web-push-file:
  153. # web-push-email-address:
  154. # web-push-startup-queries:
  155. # If enabled, ntfy can perform voice calls via Twilio via the "X-Call" header.
  156. #
  157. # - twilio-account is the Twilio account SID, e.g. AC12345beefbeef67890beefbeef122586
  158. # - twilio-auth-token is the Twilio auth token, e.g. affebeef258625862586258625862586
  159. # - twilio-phone-number is the outgoing phone number you purchased, e.g. +18775132586
  160. # - twilio-verify-service is the Twilio Verify service SID, e.g. VA12345beefbeef67890beefbeef122586
  161. #
  162. # twilio-account:
  163. # twilio-auth-token:
  164. # twilio-phone-number:
  165. # twilio-verify-service:
  166. # Interval in which keepalive messages are sent to the client. This is to prevent
  167. # intermediaries closing the connection for inactivity.
  168. #
  169. # Note that the Android app has a hardcoded timeout at 77s, so it should be less than that.
  170. #
  171. # keepalive-interval: "45s"
  172. # Interval in which the manager prunes old messages, deletes topics
  173. # and prints the stats.
  174. #
  175. # manager-interval: "1m"
  176. # Defines topic names that are not allowed, because they are otherwise used. There are a few default topics
  177. # that cannot be used (e.g. app, account, settings, ...). To extend the default list, define them here.
  178. #
  179. # Example:
  180. # disallowed-topics:
  181. # - about
  182. # - pricing
  183. # - contact
  184. #
  185. # disallowed-topics:
  186. # Defines the root path of the web app, or disables the web app entirely.
  187. #
  188. # Can be any simple path, e.g. "/", "/app", or "/ntfy". For backwards-compatibility reasons,
  189. # the values "app" (maps to "/"), "home" (maps to "/app"), or "disable" (maps to "") to disable
  190. # the web app entirely.
  191. #
  192. # web-root: /
  193. # Various feature flags used to control the web app, and API access, mainly around user and
  194. # account management.
  195. #
  196. # - enable-signup allows users to sign up via the web app, or API
  197. # - enable-login allows users to log in via the web app, or API
  198. # - enable-reservations allows users to reserve topics (if their tier allows it)
  199. #
  200. # enable-signup: false
  201. # enable-login: false
  202. # enable-reservations: false
  203. # Server URL of a Firebase/APNS-connected ntfy server (likely "https://ntfy.sh").
  204. #
  205. # iOS users:
  206. # If you use the iOS ntfy app, you MUST configure this to receive timely notifications. You'll like want this:
  207. # upstream-base-url: "https://ntfy.sh"
  208. #
  209. # If set, all incoming messages will publish a "poll_request" message to the configured upstream server, containing
  210. # the message ID of the original message, instructing the iOS app to poll this server for the actual message contents.
  211. # This is to prevent the upstream server and Firebase/APNS from being able to read the message.
  212. #
  213. # - upstream-base-url is the base URL of the upstream server. Should be "https://ntfy.sh".
  214. # - upstream-access-token is the token used to authenticate with the upstream server. This is only required
  215. # if you exceed the upstream rate limits, or the uptream server requires authentication.
  216. #
  217. # upstream-base-url:
  218. # upstream-access-token:
  219. # Rate limiting: Total number of topics before the server rejects new topics.
  220. #
  221. # global-topic-limit: 15000
  222. # Rate limiting: Number of subscriptions per visitor (IP address)
  223. #
  224. # visitor-subscription-limit: 30
  225. # Rate limiting: Allowed GET/PUT/POST requests per second, per visitor:
  226. # - visitor-request-limit-burst is the initial bucket of requests each visitor has
  227. # - visitor-request-limit-replenish is the rate at which the bucket is refilled
  228. # - visitor-request-limit-exempt-hosts is a comma-separated list of hostnames, IPs or CIDRs to be
  229. # exempt from request rate limiting. Hostnames are resolved at the time the server is started.
  230. # Example: "1.2.3.4,ntfy.example.com,8.7.6.0/24"
  231. #
  232. # visitor-request-limit-burst: 60
  233. # visitor-request-limit-replenish: "5s"
  234. # visitor-request-limit-exempt-hosts: ""
  235. # Rate limiting: Hard daily limit of messages per visitor and day. The limit is reset
  236. # every day at midnight UTC. If the limit is not set (or set to zero), the request
  237. # limit (see above) governs the upper limit.
  238. #
  239. # visitor-message-daily-limit: 0
  240. # Rate limiting: Allowed emails per visitor:
  241. # - visitor-email-limit-burst is the initial bucket of emails each visitor has
  242. # - visitor-email-limit-replenish is the rate at which the bucket is refilled
  243. #
  244. # visitor-email-limit-burst: 16
  245. # visitor-email-limit-replenish: "1h"
  246. # Rate limiting: Attachment size and bandwidth limits per visitor:
  247. # - visitor-attachment-total-size-limit is the total storage limit used for attachments per visitor
  248. # - visitor-attachment-daily-bandwidth-limit is the total daily attachment download/upload traffic limit per visitor
  249. #
  250. # visitor-attachment-total-size-limit: "100M"
  251. # visitor-attachment-daily-bandwidth-limit: "500M"
  252. # Rate limiting: Enable subscriber-based rate limiting (mostly used for UnifiedPush)
  253. #
  254. # If subscriber-based rate limiting is enabled, messages published on UnifiedPush topics** (topics starting with "up")
  255. # will be counted towards the "rate visitor" of the topic. A "rate visitor" is the first subscriber to the topic.
  256. #
  257. # Once enabled, a client subscribing to UnifiedPush topics via HTTP stream, or websockets, will be automatically registered as
  258. # a "rate visitor", i.e. the visitor whose rate limits will be used when publishing on this topic. Note that setting the rate visitor
  259. # requires **read-write permission** on the topic.
  260. #
  261. # If this setting is enabled, publishing to UnifiedPush topics will lead to a HTTP 507 response if
  262. # no "rate visitor" has been previously registered. This is to avoid burning the publisher's "visitor-message-daily-limit".
  263. #
  264. # visitor-subscriber-rate-limiting: false
  265. # Payments integration via Stripe
  266. #
  267. # - stripe-secret-key is the key used for the Stripe API communication. Setting this values
  268. # enables payments in the ntfy web app (e.g. Upgrade dialog). See https://dashboard.stripe.com/apikeys.
  269. # - stripe-webhook-key is the key required to validate the authenticity of incoming webhooks from Stripe.
  270. # Webhooks are essential up keep the local database in sync with the payment provider. See https://dashboard.stripe.com/webhooks.
  271. # - billing-contact is an email address or website displayed in the "Upgrade tier" dialog to let people reach
  272. # out with billing questions. If unset, nothing will be displayed.
  273. #
  274. # stripe-secret-key:
  275. # stripe-webhook-key:
  276. # billing-contact:
  277. # Metrics
  278. #
  279. # ntfy can expose Prometheus-style metrics via a /metrics endpoint, or on a dedicated listen IP/port.
  280. # Metrics may be considered sensitive information, so before you enable them, be sure you know what you are
  281. # doing, and/or secure access to the endpoint in your reverse proxy.
  282. #
  283. # - enable-metrics enables the /metrics endpoint for the default ntfy server (i.e. HTTP, HTTPS and/or Unix socket)
  284. # - metrics-listen-http exposes the metrics endpoint via a dedicated [IP]:port. If set, this option implicitly
  285. # enables metrics as well, e.g. "10.0.1.1:9090" or ":9090"
  286. #
  287. # enable-metrics: false
  288. # metrics-listen-http:
  289. # Profiling
  290. #
  291. # ntfy can expose Go's net/http/pprof endpoints to support profiling of the ntfy server. If enabled, ntfy will listen
  292. # on a dedicated listen IP/port, which can be accessed via the web browser on http://<ip>:<port>/debug/pprof/.
  293. # This can be helpful to expose bottlenecks, and visualize call flows. See https://pkg.go.dev/net/http/pprof for details.
  294. #
  295. # profile-listen-http:
  296. # Logging options
  297. #
  298. # By default, ntfy logs to the console (stderr), with an "info" log level, and in a human-readable text format.
  299. # ntfy supports five different log levels, can also write to a file, log as JSON, and even supports granular
  300. # log level overrides for easier debugging. Some options (log-level and log-level-overrides) can be hot reloaded
  301. # by calling "kill -HUP $pid" or "systemctl reload ntfy".
  302. #
  303. # - log-format defines the output format, can be "text" (default) or "json"
  304. # - log-file is a filename to write logs to. If this is not set, ntfy logs to stderr.
  305. # - log-level defines the default log level, can be one of "trace", "debug", "info" (default), "warn" or "error".
  306. # Be aware that "debug" (and particularly "trace") can be VERY CHATTY. Only turn them on briefly for debugging purposes.
  307. # - log-level-overrides lets you override the log level if certain fields match. This is incredibly powerful
  308. # for debugging certain parts of the system (e.g. only the account management, or only a certain visitor).
  309. # This is an array of strings in the format:
  310. # - "field=value -> level" to match a value exactly, e.g. "tag=manager -> trace"
  311. # - "field -> level" to match any value, e.g. "time_taken_ms -> debug"
  312. # Warning: Using log-level-overrides has a performance penalty. Only use it for temporary debugging.
  313. #
  314. # Check your permissions:
  315. # If you are running ntfy with systemd, make sure this log file is owned by the
  316. # ntfy user and group by running: chown ntfy.ntfy <filename>.
  317. #
  318. # Example (good for production):
  319. # log-level: info
  320. # log-format: json
  321. # log-file: /var/log/ntfy.log
  322. #
  323. # Example level overrides (for debugging, only use temporarily):
  324. # log-level-overrides:
  325. # - "tag=manager -> trace"
  326. # - "visitor_ip=1.2.3.4 -> debug"
  327. # - "time_taken_ms -> debug"
  328. #
  329. # log-level: info
  330. # log-level-overrides:
  331. # log-format: text
  332. # log-file: