kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity

bundles/ntfy: add option to disable unauthorized writes

Browse source
This commit is contained in:
Franzi 2023-04-09 12:24:23 +02:00
parent f17117d640
commit c6cf997102
Signed by: kunsi
GPG key ID: 12E3D2136B818350
3 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
bundles/ntfy/files/server.yml
View file

@ -85,7 +85,11 @@ cache-startup-queries: |
# ntfy user and group by running: chown ntfy.ntfy <filename>. # ntfy user and group by running: chown ntfy.ntfy <filename>.
# #
auth-file: "/var/lib/ntfy/user.db" auth-file: "/var/lib/ntfy/user.db"
% if node.metadata.get('ntfy/allow_unauthorized_write'):
auth-default-access: "write-only" auth-default-access: "write-only"
% else:
auth-default-access: "deny-all"
% endif
# If set, the X-Forwarded-For header is used to determine the visitor IP address # If set, the X-Forwarded-For header is used to determine the visitor IP address
# instead of the remote address of the connection. # instead of the remote address of the connection.

3
bundles/ntfy/metadata.py
View file

@ -19,6 +19,9 @@ defaults = {
"/var/opt/ntfy", "/var/opt/ntfy",
}, },
}, },
'ntfy': {
'allow_unauthorized_write': False,
},
'zfs': { 'zfs': {
'datasets': { 'datasets': {
'tank/ntfy': {}, 'tank/ntfy': {},

1
nodes/htz-cloud/miniserver.py
View file

@ -225,6 +225,7 @@ nodes['htz-cloud.miniserver'] = {
}, },
'ntfy': { 'ntfy': {
'domain': 'ntfy.sophies-kitchen.eu', 'domain': 'ntfy.sophies-kitchen.eu',
'allow_unauthorized_write': True,
}, },
'postgresql': { 'postgresql': {
'version': '11', 'version': '11',