bundles/ntfy: add option to disable unauthorized writes

2023-04-09 12:24:23 +02:00 · 2023-04-09 12:24:23 +02:00 · c6cf997102
commit c6cf997102
parent f17117d640
3 changed files with 8 additions and 0 deletions
--- a/bundles/ntfy/files/server.yml
+++ b/bundles/ntfy/files/server.yml
@ -85,7 +85,11 @@ cache-startup-queries: |
 #   ntfy user and group by running: chown ntfy.ntfy <filename>.
 #
 auth-file: "/var/lib/ntfy/user.db"
+% if node.metadata.get('ntfy/allow_unauthorized_write'):
 auth-default-access: "write-only"
+% else:
+auth-default-access: "deny-all"
+% endif

 # If set, the X-Forwarded-For header is used to determine the visitor IP address
 # instead of the remote address of the connection.