config.go 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251
  1. package server
  2. import (
  3. "io/fs"
  4. "net/netip"
  5. "time"
  6. "heckel.io/ntfy/user"
  7. )
  8. // Defines default config settings (excluding limits, see below)
  9. const (
  10. DefaultListenHTTP = ":80"
  11. DefaultCacheDuration = 12 * time.Hour
  12. DefaultKeepaliveInterval = 45 * time.Second // Not too frequently to save battery (Android read timeout used to be 77s!)
  13. DefaultManagerInterval = time.Minute
  14. DefaultDelayedSenderInterval = 10 * time.Second
  15. DefaultMinDelay = 10 * time.Second
  16. DefaultMaxDelay = 3 * 24 * time.Hour
  17. DefaultFirebaseKeepaliveInterval = 3 * time.Hour // ~control topic (Android), not too frequently to save battery
  18. DefaultFirebasePollInterval = 20 * time.Minute // ~poll topic (iOS), max. 2-3 times per hour (see docs)
  19. DefaultFirebaseQuotaExceededPenaltyDuration = 10 * time.Minute // Time that over-users are locked out of Firebase if it returns "quota exceeded"
  20. DefaultStripePriceCacheDuration = 3 * time.Hour // Time to keep Stripe prices cached in memory before a refresh is needed
  21. )
  22. // Defines default Web Push settings
  23. const (
  24. DefaultWebPushExpiryWarningDuration = 7 * 24 * time.Hour
  25. DefaultWebPushExpiryDuration = 9 * 24 * time.Hour
  26. )
  27. // Defines all global and per-visitor limits
  28. // - message size limit: the max number of bytes for a message
  29. // - total topic limit: max number of topics overall
  30. // - various attachment limits
  31. const (
  32. DefaultMessageLengthLimit = 4096 // Bytes
  33. DefaultTotalTopicLimit = 15000
  34. DefaultAttachmentTotalSizeLimit = int64(5 * 1024 * 1024 * 1024) // 5 GB
  35. DefaultAttachmentFileSizeLimit = int64(15 * 1024 * 1024) // 15 MB
  36. DefaultAttachmentExpiryDuration = 3 * time.Hour
  37. )
  38. // Defines all per-visitor limits
  39. // - per visitor subscription limit: max number of subscriptions (active HTTP connections) per per-visitor/IP
  40. // - per visitor request limit: max number of PUT/GET/.. requests (here: 60 requests bucket, replenished at a rate of one per 5 seconds)
  41. // - per visitor email limit: max number of emails (here: 16 email bucket, replenished at a rate of one per hour)
  42. // - per visitor attachment size limit: total per-visitor attachment size in bytes to be stored on the server
  43. // - per visitor attachment daily bandwidth limit: number of bytes that can be transferred to/from the server
  44. const (
  45. DefaultVisitorSubscriptionLimit = 30
  46. DefaultVisitorRequestLimitBurst = 60
  47. DefaultVisitorRequestLimitReplenish = 5 * time.Second
  48. DefaultVisitorMessageDailyLimit = 0
  49. DefaultVisitorEmailLimitBurst = 16
  50. DefaultVisitorEmailLimitReplenish = time.Hour
  51. DefaultVisitorAccountCreationLimitBurst = 3
  52. DefaultVisitorAccountCreationLimitReplenish = 24 * time.Hour
  53. DefaultVisitorAuthFailureLimitBurst = 30
  54. DefaultVisitorAuthFailureLimitReplenish = time.Minute
  55. DefaultVisitorAttachmentTotalSizeLimit = 100 * 1024 * 1024 // 100 MB
  56. DefaultVisitorAttachmentDailyBandwidthLimit = 500 * 1024 * 1024 // 500 MB
  57. )
  58. var (
  59. // DefaultVisitorStatsResetTime defines the time at which visitor stats are reset (wall clock only)
  60. DefaultVisitorStatsResetTime = time.Date(0, 0, 0, 0, 0, 0, 0, time.UTC)
  61. // DefaultDisallowedTopics defines the topics that are forbidden, because they are used elsewhere. This array can be
  62. // extended using the server.yml config. If updated, also update in Android and web app.
  63. DefaultDisallowedTopics = []string{"docs", "static", "file", "app", "metrics", "account", "settings", "signup", "login", "v1"}
  64. )
  65. // Config is the main config struct for the application. Use New to instantiate a default config struct.
  66. type Config struct {
  67. File string // Config file, only used for testing
  68. BaseURL string
  69. ListenHTTP string
  70. ListenHTTPS string
  71. ListenUnix string
  72. ListenUnixMode fs.FileMode
  73. KeyFile string
  74. CertFile string
  75. FirebaseKeyFile string
  76. CacheFile string
  77. CacheDuration time.Duration
  78. CacheStartupQueries string
  79. CacheBatchSize int
  80. CacheBatchTimeout time.Duration
  81. AuthFile string
  82. AuthStartupQueries string
  83. AuthDefault user.Permission
  84. AuthBcryptCost int
  85. AuthStatsQueueWriterInterval time.Duration
  86. AttachmentCacheDir string
  87. AttachmentTotalSizeLimit int64
  88. AttachmentFileSizeLimit int64
  89. AttachmentExpiryDuration time.Duration
  90. KeepaliveInterval time.Duration
  91. ManagerInterval time.Duration
  92. DisallowedTopics []string
  93. WebRoot string // empty to disable
  94. DelayedSenderInterval time.Duration
  95. FirebaseKeepaliveInterval time.Duration
  96. FirebasePollInterval time.Duration
  97. FirebaseQuotaExceededPenaltyDuration time.Duration
  98. UpstreamBaseURL string
  99. UpstreamAccessToken string
  100. SMTPSenderAddr string
  101. SMTPSenderUser string
  102. SMTPSenderPass string
  103. SMTPSenderFrom string
  104. SMTPServerListen string
  105. SMTPServerDomain string
  106. SMTPServerAddrPrefix string
  107. TwilioAccount string
  108. TwilioAuthToken string
  109. TwilioPhoneNumber string
  110. TwilioCallsBaseURL string
  111. TwilioVerifyBaseURL string
  112. TwilioVerifyService string
  113. MetricsEnable bool
  114. MetricsListenHTTP string
  115. ProfileListenHTTP string
  116. MessageLimit int
  117. MinDelay time.Duration
  118. MaxDelay time.Duration
  119. TotalTopicLimit int
  120. TotalAttachmentSizeLimit int64
  121. VisitorSubscriptionLimit int
  122. VisitorAttachmentTotalSizeLimit int64
  123. VisitorAttachmentDailyBandwidthLimit int64
  124. VisitorRequestLimitBurst int
  125. VisitorRequestLimitReplenish time.Duration
  126. VisitorRequestExemptIPAddrs []netip.Prefix
  127. VisitorMessageDailyLimit int
  128. VisitorEmailLimitBurst int
  129. VisitorEmailLimitReplenish time.Duration
  130. VisitorAccountCreationLimitBurst int
  131. VisitorAccountCreationLimitReplenish time.Duration
  132. VisitorAuthFailureLimitBurst int
  133. VisitorAuthFailureLimitReplenish time.Duration
  134. VisitorStatsResetTime time.Time // Time of the day at which to reset visitor stats
  135. VisitorSubscriberRateLimiting bool // Enable subscriber-based rate limiting for UnifiedPush topics
  136. BehindProxy bool
  137. StripeSecretKey string
  138. StripeWebhookKey string
  139. StripePriceCacheDuration time.Duration
  140. BillingContact string
  141. EnableSignup bool // Enable creation of accounts via API and UI
  142. EnableLogin bool
  143. EnableReservations bool // Allow users with role "user" to own/reserve topics
  144. EnableMetrics bool
  145. AccessControlAllowOrigin string // CORS header field to restrict access from web clients
  146. Version string // injected by App
  147. WebPushPrivateKey string
  148. WebPushPublicKey string
  149. WebPushFile string
  150. WebPushEmailAddress string
  151. WebPushStartupQueries string
  152. WebPushExpiryDuration time.Duration
  153. WebPushExpiryWarningDuration time.Duration
  154. }
  155. // NewConfig instantiates a default new server config
  156. func NewConfig() *Config {
  157. return &Config{
  158. File: "", // Only used for testing
  159. BaseURL: "",
  160. ListenHTTP: DefaultListenHTTP,
  161. ListenHTTPS: "",
  162. ListenUnix: "",
  163. ListenUnixMode: 0,
  164. KeyFile: "",
  165. CertFile: "",
  166. FirebaseKeyFile: "",
  167. CacheFile: "",
  168. CacheDuration: DefaultCacheDuration,
  169. CacheStartupQueries: "",
  170. CacheBatchSize: 0,
  171. CacheBatchTimeout: 0,
  172. AuthFile: "",
  173. AuthStartupQueries: "",
  174. AuthDefault: user.PermissionReadWrite,
  175. AuthBcryptCost: user.DefaultUserPasswordBcryptCost,
  176. AuthStatsQueueWriterInterval: user.DefaultUserStatsQueueWriterInterval,
  177. AttachmentCacheDir: "",
  178. AttachmentTotalSizeLimit: DefaultAttachmentTotalSizeLimit,
  179. AttachmentFileSizeLimit: DefaultAttachmentFileSizeLimit,
  180. AttachmentExpiryDuration: DefaultAttachmentExpiryDuration,
  181. KeepaliveInterval: DefaultKeepaliveInterval,
  182. ManagerInterval: DefaultManagerInterval,
  183. DisallowedTopics: DefaultDisallowedTopics,
  184. WebRoot: "/",
  185. DelayedSenderInterval: DefaultDelayedSenderInterval,
  186. FirebaseKeepaliveInterval: DefaultFirebaseKeepaliveInterval,
  187. FirebasePollInterval: DefaultFirebasePollInterval,
  188. FirebaseQuotaExceededPenaltyDuration: DefaultFirebaseQuotaExceededPenaltyDuration,
  189. UpstreamBaseURL: "",
  190. UpstreamAccessToken: "",
  191. SMTPSenderAddr: "",
  192. SMTPSenderUser: "",
  193. SMTPSenderPass: "",
  194. SMTPSenderFrom: "",
  195. SMTPServerListen: "",
  196. SMTPServerDomain: "",
  197. SMTPServerAddrPrefix: "",
  198. TwilioCallsBaseURL: "https://api.twilio.com", // Override for tests
  199. TwilioAccount: "",
  200. TwilioAuthToken: "",
  201. TwilioPhoneNumber: "",
  202. TwilioVerifyBaseURL: "https://verify.twilio.com", // Override for tests
  203. TwilioVerifyService: "",
  204. MessageLimit: DefaultMessageLengthLimit,
  205. MinDelay: DefaultMinDelay,
  206. MaxDelay: DefaultMaxDelay,
  207. TotalTopicLimit: DefaultTotalTopicLimit,
  208. TotalAttachmentSizeLimit: 0,
  209. VisitorSubscriptionLimit: DefaultVisitorSubscriptionLimit,
  210. VisitorAttachmentTotalSizeLimit: DefaultVisitorAttachmentTotalSizeLimit,
  211. VisitorAttachmentDailyBandwidthLimit: DefaultVisitorAttachmentDailyBandwidthLimit,
  212. VisitorRequestLimitBurst: DefaultVisitorRequestLimitBurst,
  213. VisitorRequestLimitReplenish: DefaultVisitorRequestLimitReplenish,
  214. VisitorRequestExemptIPAddrs: make([]netip.Prefix, 0),
  215. VisitorMessageDailyLimit: DefaultVisitorMessageDailyLimit,
  216. VisitorEmailLimitBurst: DefaultVisitorEmailLimitBurst,
  217. VisitorEmailLimitReplenish: DefaultVisitorEmailLimitReplenish,
  218. VisitorAccountCreationLimitBurst: DefaultVisitorAccountCreationLimitBurst,
  219. VisitorAccountCreationLimitReplenish: DefaultVisitorAccountCreationLimitReplenish,
  220. VisitorAuthFailureLimitBurst: DefaultVisitorAuthFailureLimitBurst,
  221. VisitorAuthFailureLimitReplenish: DefaultVisitorAuthFailureLimitReplenish,
  222. VisitorStatsResetTime: DefaultVisitorStatsResetTime,
  223. VisitorSubscriberRateLimiting: false,
  224. BehindProxy: false,
  225. StripeSecretKey: "",
  226. StripeWebhookKey: "",
  227. StripePriceCacheDuration: DefaultStripePriceCacheDuration,
  228. BillingContact: "",
  229. EnableSignup: false,
  230. EnableLogin: false,
  231. EnableReservations: false,
  232. AccessControlAllowOrigin: "*",
  233. Version: "",
  234. WebPushPrivateKey: "",
  235. WebPushPublicKey: "",
  236. WebPushFile: "",
  237. WebPushEmailAddress: "",
  238. WebPushExpiryDuration: DefaultWebPushExpiryDuration,
  239. WebPushExpiryWarningDuration: DefaultWebPushExpiryWarningDuration,
  240. }
  241. }