@@ 2,8 2,30 @@ Users need to be manually created:
```
ntfy user add --role=admin xenrox
-ntfy user add infrastructure
-ntfy access infrastructure infrastructure write-only
+```
+
+Other users:
+
+```
+ntfy user add foobar
+ntfy access foobar 'up*' read-only
+ntfy user change-tier foobar friend
+```
+
+Create tier:
+
+```
+ntfy tier add \
+ --name="Friend" \
+ --message-limit=10000 \
+ --message-expiry-duration=24h \
+ --email-limit=50 \
+ --reservation-limit=10 \
+ --attachment-file-size-limit=15M \
+ --attachment-total-size-limit=1G \
+ --attachment-expiry-duration=48h \
+ --attachment-bandwidth-limit=5G \
+ friend
```
Check access control:
@@ 85,6 85,8 @@ cache-startup-queries: |
# - auth-file is the SQLite user/access database; it is created automatically if it doesn't already exist
# - auth-default-access defines the default/fallback access if no access control entry is found; it can be
# set to "read-write" (default), "read-only", "write-only" or "deny-all".
+# - auth-startup-queries allows you to run commands when the database is initialized, e.g. to enable
+# WAL mode. This is similar to cache-startup-queries. See above for details.
#
# Debian/RPM package users:
# Use /var/lib/ntfy/user.db as user database to avoid permission issues. The package
@@ 96,6 98,12 @@ cache-startup-queries: |
#
auth-file: /var/lib/ntfy/user.db
auth-default-access: "deny-all"
+auth-startup-queries: |
+ pragma journal_mode = WAL;
+ pragma synchronous = normal;
+ pragma temp_store = memory;
+ pragma busy_timeout = 15000;
+ vacuum;
# If set, the X-Forwarded-For header is used to determine the visitor IP address
# instead of the remote address of the connection.
@@ 157,12 165,34 @@ smtp-sender-from: noreply@xenrox.net
#
# manager-interval: "1m"
+# Defines topic names that are not allowed, because they are otherwise used. There are a few default topics
+# that cannot be used (e.g. app, account, settings, ...). To extend the default list, define them here.
+#
+# Example:
+# disallowed-topics:
+# - about
+# - pricing
+# - contact
+#
+# disallowed-topics:
+
# Defines if the root route (/) is pointing to the landing page (as on ntfy.sh) or the
# web app. If you self-host, you don't want to change this.
# Can be "app" (default), "home" or "disable" to disable the web app entirely.
#
# web-root: app
+# Various feature flags used to control the web app, and API access, mainly around user and
+# account management.
+#
+# - enable-signup allows users to sign up via the web app, or API
+# - enable-login allows users to log in via the web app, or API
+# - enable-reservations allows users to reserve topics (if their tier allows it)
+#
+# enable-signup: false
+enable-login: true
+enable-reservations: true
+
# Server URL of a Firebase/APNS-connected ntfy server (likely "https://ntfy.sh").
#
# iOS users:
@@ 194,6 224,12 @@ smtp-sender-from: noreply@xenrox.net
# visitor-request-limit-replenish: "5s"
# visitor-request-limit-exempt-hosts: ""
+# Rate limiting: Hard daily limit of messages per visitor and day. The limit is reset
+# every day at midnight UTC. If the limit is not set (or set to zero), the request
+# limit (see above) governs the upper limit.
+#
+# visitor-message-daily-limit: 0
+
# Rate limiting: Allowed emails per visitor:
# - visitor-email-limit-burst is the initial bucket of emails each visitor has
# - visitor-email-limit-replenish is the rate at which the bucket is refilled
@@ 208,10 244,46 @@ smtp-sender-from: noreply@xenrox.net
# visitor-attachment-total-size-limit: "100M"
# visitor-attachment-daily-bandwidth-limit: "500M"
-# Log level, can be TRACE, DEBUG, INFO, WARN or ERROR
-# This option can be hot-reloaded by calling "kill -HUP $pid" or "systemctl reload ntfy".
+# Payments integration via Stripe
#
-# Be aware that DEBUG (and particularly TRACE) can be VERY CHATTY. Only turn them on for
-# debugging purposes, or your disk will fill up quickly.
+# - stripe-secret-key is the key used for the Stripe API communication. Setting this values
+# enables payments in the ntfy web app (e.g. Upgrade dialog). See https://dashboard.stripe.com/apikeys.
+# - stripe-webhook-key is the key required to validate the authenticity of incoming webhooks from Stripe.
+# Webhooks are essential up keep the local database in sync with the payment provider. See https://dashboard.stripe.com/webhooks.
#
-# log-level: INFO
+# stripe-secret-key:
+# stripe-webhook-key:
+
+# Logging options
+#
+# By default, ntfy logs to the console (stderr), with an "info" log level, and in a human-readable text format.
+# ntfy supports five different log levels, can also write to a file, log as JSON, and even supports granular
+# log level overrides for easier debugging. Some options (log-level and log-level-overrides) can be hot reloaded
+# by calling "kill -HUP $pid" or "systemctl reload ntfy".
+#
+# - log-format defines the output format, can be "text" (default) or "json"
+# - log-file is a filename to write logs to. If this is not set, ntfy logs to stderr.
+# - log-level defines the default log level, can be one of "trace", "debug", "info" (default), "warn" or "error".
+# Be aware that "debug" (and particularly "trace") can be VERY CHATTY. Only turn them on briefly for debugging purposes.
+# - log-level-overrides lets you override the log level if certain fields match. This is incredibly powerful
+# for debugging certain parts of the system (e.g. only the account management, or only a certain visitor).
+# This is an array of strings in the format:
+# - "field=value -> level" to match a value exactly, e.g. "tag=manager -> trace"
+# - "field -> level" to match any value, e.g. "time_taken_ms -> debug"
+# Warning: Using log-level-overrides has a performance penalty. Only use it for temporary debugging.
+#
+# Example (good for production):
+# log-level: info
+# log-format: json
+# log-file: /var/log/ntfy.log
+#
+# Example level overrides (for debugging, only use temporarily):
+# log-level-overrides:
+# - "tag=manager -> trace"
+# - "visitor_ip=1.2.3.4 -> debug"
+# - "time_taken_ms -> debug"
+#
+# log-level: info
+# log-level-overrides:
+# log-format: text
+# log-file: