2022-04-17 11:17:33 +00:00
# Include{groups}
portals :
open :
2022-08-08 21:25:02 +00:00
# Include{portalLink}
2022-04-17 11:17:33 +00:00
path : "/app"
questions :
# Include{global}
2022-08-08 21:25:02 +00:00
# Include{controller}
# Include{replicas}
# Include{replica1}
2022-08-12 08:40:46 +00:00
# Include{controllerExpertExtraArgs}
2022-04-17 11:17:33 +00:00
- variable : env
2022-11-10 16:56:28 +00:00
group : "App Configuration"
2022-04-17 11:17:33 +00:00
label : "Image Environment"
schema :
additional_attrs : true
type : dict
attrs :
- variable : NTFY_BASE_URL
label : "Base URL"
description : "Public facing base URL of the service (e.g. https://ntfy.sh)"
schema :
type : string
required : true
default : ""
- variable : NTFY_BEHIND_PROXY
label : "Behind Proxy"
description : "If set, the X-Forwarded-For header is used to determine the visitor IP address instead of the remote address of the connection."
schema :
type : boolean
default : false
- variable : ENABLE_CACHE_FILE
label : "Enable Firebase File"
description : "If set to true, it enables the firebase file by setting the NTFY_FIREBASE_KEY_FILE to \"/etc/ntfy/firebase-key.json\""
schema :
type : boolean
default : false
- variable : ENABLE_CACHE_FILE
label : "Enable Cache File"
description : "If set to true, it enables the cache file by setting the NTFY_CACHE_FILE to \"/var/cache/ntfy/cache.db\""
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : NTFY_CACHE_DURATION
label : "Cache Duration"
description : "Duration for which messages will be buffered before they are deleted. This is required to support the since=... and poll=1 parameter. Set this to 0 to disable the cache entirely."
schema :
type : string
required : true
default : "12h"
- variable : NTFY_KEEPALIVE_INTERVAL
label : "Keepalive interval"
description : "Interval in which keepalive messages are sent to the client. This is to prevent intermediaries closing the connection for inactivity. Note that the Android app has a hardcoded timeout at 77s, so it should be less than that."
schema :
type : string
required : true
default : "45s"
- variable : NTFY_MANAGER_INTERVAL
label : "Manager Interval"
description : "Interval in which the manager prunes old messages, deletes topics and prints the stats."
schema :
type : string
required : true
default : "1m"
- variable : NTFY_GLOBAL_TOPIC_LIMIT
label : "Global Topic Limit"
description : "Rate limiting: Total number of topics before the server rejects new topics."
schema :
type : int
required : true
default : 15000
- variable : ENABLE_VISITOR_SETTINGS
label : "Enable Visitor Settings"
description : "If set to true, it enables the visitor settings"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : NTFY_VISITOR_SUBSCRIPTION_LIMIT
label : "Visitor Ssubscription Limit"
description : "Rate limiting: Number of subscriptions per visitor (IP address)"
schema :
type : int
required : true
default : 30
- variable : NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT
label : "Visitor Attachment Total Size Limit"
description : "Rate limiting: Total storage limit used for attachments per visitor, for all attachments combined. Storage is freed after attachments expire. See NTFY_ATTACHMENT_EXPIRY_DURATION"
schema :
type : string
required : true
default : "100M"
- variable : NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT
label : "Visitor Attachment Daily Bandwidth Limit"
description : "Rate limiting: Total daily attachment download/upload traffic limit per visitor. This is to protect your bandwidth costs from exploding."
schema :
type : string
required : true
default : "500M"
- variable : NTFY_VISITOR_REQUEST_LIMIT_BURST
label : "Visitor Request Limit Burst"
description : "Rate limiting: Allowed GET/PUT/POST requests per second, per visitor. This setting is the initial bucket of requests each visitor has"
schema :
type : int
required : true
default : 60
- variable : NTFY_VISITOR_REQUEST_LIMIT_REPLENISH
label : "Visitor Request Limit Replenish"
description : "Rate limiting: Strongly related to NTFY_VISITOR_REQUEST_LIMIT_BURST: The rate at which the bucket is refilled."
schema :
type : string
required : true
default : "5s"
- variable : NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS
label : "Visitor Request Limit Exempt Hosts"
description : "Rate limiting: List of hostnames and IPs to be exempt from request rate limiting."
schema :
type : string
default : ""
- variable : NTFY_VISITOR_EMAIL_LIMIT_BURST
label : "Visitor Email Limit Burst"
description : "Rate limiting:Initial limit of e-mails per visitor"
schema :
type : int
required : true
default : 16
- variable : NTFY_VISITOR_EMAIL_LIMIT_REPLENISH
label : "Visitor Email Limit Replenish"
description : "Rate limiting: Strongly related to NTFY_VISITOR_EMAIL_LIMIT_BURST: The rate at which the bucket is refilled."
schema :
type : string
required : true
default : "1h"
- variable : ENABLE_ATTACHMENT_CACHE_DIR
label : "Enable Attachment Cache Directory"
description : "If set to true, it enables the attachment dir by setting the NTFY_ATTACHMENT_CACHE_DIR to \"/var/cache/ntfy/attachments\""
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT
label : "Attachment Total Size Limit"
description : "Limit of the on-disk attachment cache directory. If the limits is exceeded, new attachments will be rejected."
schema :
type : string
required : true
default : "5G"
- variable : NTFY_ATTACHMENT_FILE_SIZE_LIMIT
label : "Attachment File Size Limit"
description : "Per-file attachment size limit (e.g. 300k, 2M, 100M). Larger attachment will be rejected."
schema :
type : string
required : true
default : "15M"
- variable : NTFY_ATTACHMENT_EXPIRY_DURATION
label : "Attachment Expiry Duration"
description : "Duration after which uploaded attachments will be deleted (e.g. 3h, 20h). Strongly affects NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT."
schema :
type : string
required : true
default : "3h"
- variable : ENABLE_AUTH_FILE
label : "Enable Auth File"
description : "If set to true, it enables the auth file by setting the NTFY_AUTH_FILE to \"/etc/ntfy/user.db\""
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : NTFY_AUTH_DEFAULT_ACCESS
label : "Auth Default Access"
description : "Default permissions if no matching entries in the auth database are found."
schema :
type : string
required : true
default : "read-write"
enum :
- value : "read-write"
description : "read-write"
- value : "read-only"
description : "read-only"
- value : "write-only"
description : "write-only"
- value : "deny-all"
description : "deny-all"
- variable : ENABLE_SMTP_SETTINGS
label : "Enable SMTP Settings"
description : "If set to true, it enables the SMTP settings"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : NTFY_SMTP_SENDER_ADDR
label : "SMTP Sender Address"
description : "SMTP server address to allow email sending"
schema :
type : string
default : ""
- variable : NTFY_SMTP_SENDER_USER
label : "SMTP Sender User"
description : "SMTP user. Only used if e-mail sending is enabled"
schema :
type : string
default : ""
- variable : NTFY_SMTP_SENDER_PASS
label : "SMTP Sender Password"
description : SMTP password. Only used if e-mail sending is enabled"
schema :
type : string
private : true
default : ""
- variable : NTFY_SMTP_SENDER_FROM
label : "SMTP Sender From Address"
description : "SMTP sender e-mail address. Only used if e-mail sending is enabled"
schema :
type : string
default : ""
- variable : NTFY_SMTP_SERVER_LISTEN
label : "SMTP Server Listen"
description : "Defines the IP address and port the SMTP server will listen on, e.g. :25 or 1.2.3.4:25"
schema :
type : string
default : ""
- variable : NTFY_SMTP_SERVER_DOMAIN
label : "SMTP Server Domain"
description : "SMTP server e-mail domain, e.g. ntfy.sh"
schema :
type : string
default : ""
- variable : NTFY_SMTP_SERVER_ADDR_PREFIX
label : "SMTP Server Address Prefix"
description : "Optional prefix for the e-mail addresses to prevent spam, e.g. ntfy-"
schema :
type : string
default : ""
# Include{containerConfig}
2022-08-08 21:25:02 +00:00
# Include{serviceRoot}
2022-04-17 11:17:33 +00:00
- variable : main
label : "Main Service"
description : "The Primary service on which the healthcheck runs, often the webUI"
schema :
additional_attrs : true
type : dict
attrs :
2022-09-17 11:24:06 +00:00
# Include{serviceSelectorLoadBalancer}
2022-09-14 21:27:12 +00:00
# Include{serviceSelectorExtras}
2022-04-17 11:17:33 +00:00
- variable : main
label : "Main Service Port Configuration"
schema :
additional_attrs : true
type : dict
attrs :
- variable : port
label : "Port"
description : "This port exposes the container port on the service"
schema :
type : int
default : 10222
required : true
2022-08-08 21:25:02 +00:00
# Include{serviceExpertRoot}
2022-04-17 11:17:33 +00:00
default : false
# Include{serviceExpert}
# Include{serviceList}
2022-08-08 21:25:02 +00:00
# Include{persistenceRoot}
2022-04-17 11:17:33 +00:00
- variable : config
label : "App Config Storage"
description : "Stores the Application Configuration."
schema :
additional_attrs : true
type : dict
attrs :
# Include{persistenceBasic}
- variable : cache
label : "App Cache Storage"
description : "Stores the Application Cache."
schema :
additional_attrs : true
type : dict
attrs :
# Include{persistenceBasic}
# Include{persistenceList}
2022-08-08 21:25:02 +00:00
# Include{ingressRoot}
2022-04-17 11:17:33 +00:00
- variable : main
label : "Main Ingress"
schema :
additional_attrs : true
type : dict
attrs :
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
2022-11-11 18:09:57 +00:00
# Include{ingressList}
2022-04-17 11:17:33 +00:00
# Include{security}
2022-08-08 21:25:02 +00:00
# Include{securityContextAdvancedRoot}
2022-04-17 11:17:33 +00:00
- variable : privileged
label : "Privileged mode"
schema :
type : boolean
default : false
- variable : readOnlyRootFilesystem
label : "ReadOnly Root Filesystem"
schema :
type : boolean
default : true
- variable : allowPrivilegeEscalation
label : "Allow Privilege Escalation"
schema :
type : boolean
default : false
- variable : runAsNonRoot
label : "runAsNonRoot"
schema :
type : boolean
default : true
2022-08-08 21:25:02 +00:00
# Include{podSecurityContextRoot}
2022-04-17 11:17:33 +00:00
- variable : runAsUser
label : "runAsUser"
description : "The UserID of the user running the application"
schema :
type : int
default : 568
- variable : runAsGroup
label : "runAsGroup"
2022-04-20 07:35:54 +00:00
description : "The groupID this App of the user running the application"
2022-04-17 11:17:33 +00:00
schema :
type : int
default : 568
- variable : fsGroup
label : "fsGroup"
description : "The group that should own ALL storage."
schema :
type : int
default : 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}
2022-10-01 21:39:52 +00:00
# Include{codeserver}
# Include{vpn}
2022-08-12 11:15:27 +00:00
# Include{documentation}