# Include{groups} portals: open: # Include{portalLink} path: "/app" questions: # Include{global} # Include{controller} # Include{replicas} # Include{replica1} # Include{controllerExpertExtraArgs} - variable: env group: "App Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: - variable: NTFY_BASE_URL label: "Base URL" description: "Public facing base URL of the service (e.g. https://ntfy.sh)" schema: type: string required: true default: "" - variable: NTFY_BEHIND_PROXY label: "Behind Proxy" description: "If set, the X-Forwarded-For header is used to determine the visitor IP address instead of the remote address of the connection." schema: type: boolean default: false - variable: ENABLE_CACHE_FILE label: "Enable Firebase File" description: "If set to true, it enables the firebase file by setting the NTFY_FIREBASE_KEY_FILE to \"/etc/ntfy/firebase-key.json\"" schema: type: boolean default: false - variable: ENABLE_CACHE_FILE label: "Enable Cache File" description: "If set to true, it enables the cache file by setting the NTFY_CACHE_FILE to \"/var/cache/ntfy/cache.db\"" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: NTFY_CACHE_DURATION label: "Cache Duration" description: "Duration for which messages will be buffered before they are deleted. This is required to support the since=... and poll=1 parameter. Set this to 0 to disable the cache entirely." schema: type: string required: true default: "12h" - variable: NTFY_KEEPALIVE_INTERVAL label: "Keepalive interval" description: "Interval in which keepalive messages are sent to the client. This is to prevent intermediaries closing the connection for inactivity. Note that the Android app has a hardcoded timeout at 77s, so it should be less than that." schema: type: string required: true default: "45s" - variable: NTFY_MANAGER_INTERVAL label: "Manager Interval" description: "Interval in which the manager prunes old messages, deletes topics and prints the stats." schema: type: string required: true default: "1m" - variable: NTFY_GLOBAL_TOPIC_LIMIT label: "Global Topic Limit" description: "Rate limiting: Total number of topics before the server rejects new topics." schema: type: int required: true default: 15000 - variable: ENABLE_VISITOR_SETTINGS label: "Enable Visitor Settings" description: "If set to true, it enables the visitor settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: NTFY_VISITOR_SUBSCRIPTION_LIMIT label: "Visitor Ssubscription Limit" description: "Rate limiting: Number of subscriptions per visitor (IP address)" schema: type: int required: true default: 30 - variable: NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT label: "Visitor Attachment Total Size Limit" description: "Rate limiting: Total storage limit used for attachments per visitor, for all attachments combined. Storage is freed after attachments expire. See NTFY_ATTACHMENT_EXPIRY_DURATION" schema: type: string required: true default: "100M" - variable: NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT label: "Visitor Attachment Daily Bandwidth Limit" description: "Rate limiting: Total daily attachment download/upload traffic limit per visitor. This is to protect your bandwidth costs from exploding." schema: type: string required: true default: "500M" - variable: NTFY_VISITOR_REQUEST_LIMIT_BURST label: "Visitor Request Limit Burst" description: "Rate limiting: Allowed GET/PUT/POST requests per second, per visitor. This setting is the initial bucket of requests each visitor has" schema: type: int required: true default: 60 - variable: NTFY_VISITOR_REQUEST_LIMIT_REPLENISH label: "Visitor Request Limit Replenish" description: "Rate limiting: Strongly related to NTFY_VISITOR_REQUEST_LIMIT_BURST: The rate at which the bucket is refilled." schema: type: string required: true default: "5s" - variable: NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS label: "Visitor Request Limit Exempt Hosts" description: "Rate limiting: List of hostnames and IPs to be exempt from request rate limiting." schema: type: string default: "" - variable: NTFY_VISITOR_EMAIL_LIMIT_BURST label: "Visitor Email Limit Burst" description: "Rate limiting:Initial limit of e-mails per visitor" schema: type: int required: true default: 16 - variable: NTFY_VISITOR_EMAIL_LIMIT_REPLENISH label: "Visitor Email Limit Replenish" description: "Rate limiting: Strongly related to NTFY_VISITOR_EMAIL_LIMIT_BURST: The rate at which the bucket is refilled." schema: type: string required: true default: "1h" - variable: ENABLE_ATTACHMENT_CACHE_DIR label: "Enable Attachment Cache Directory" description: "If set to true, it enables the attachment dir by setting the NTFY_ATTACHMENT_CACHE_DIR to \"/var/cache/ntfy/attachments\"" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT label: "Attachment Total Size Limit" description: "Limit of the on-disk attachment cache directory. If the limits is exceeded, new attachments will be rejected." schema: type: string required: true default: "5G" - variable: NTFY_ATTACHMENT_FILE_SIZE_LIMIT label: "Attachment File Size Limit" description: "Per-file attachment size limit (e.g. 300k, 2M, 100M). Larger attachment will be rejected." schema: type: string required: true default: "15M" - variable: NTFY_ATTACHMENT_EXPIRY_DURATION label: "Attachment Expiry Duration" description: "Duration after which uploaded attachments will be deleted (e.g. 3h, 20h). Strongly affects NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT." schema: type: string required: true default: "3h" - variable: ENABLE_AUTH_FILE label: "Enable Auth File" description: "If set to true, it enables the auth file by setting the NTFY_AUTH_FILE to \"/etc/ntfy/user.db\"" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: NTFY_AUTH_DEFAULT_ACCESS label: "Auth Default Access" description: "Default permissions if no matching entries in the auth database are found." schema: type: string required: true default: "read-write" enum: - value: "read-write" description: "read-write" - value: "read-only" description: "read-only" - value: "write-only" description: "write-only" - value: "deny-all" description: "deny-all" - variable: ENABLE_SMTP_SETTINGS label: "Enable SMTP Settings" description: "If set to true, it enables the SMTP settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: NTFY_SMTP_SENDER_ADDR label: "SMTP Sender Address" description: "SMTP server address to allow email sending" schema: type: string default: "" - variable: NTFY_SMTP_SENDER_USER label: "SMTP Sender User" description: "SMTP user. Only used if e-mail sending is enabled" schema: type: string default: "" - variable: NTFY_SMTP_SENDER_PASS label: "SMTP Sender Password" description: SMTP password. Only used if e-mail sending is enabled" schema: type: string private: true default: "" - variable: NTFY_SMTP_SENDER_FROM label: "SMTP Sender From Address" description: "SMTP sender e-mail address. Only used if e-mail sending is enabled" schema: type: string default: "" - variable: NTFY_SMTP_SERVER_LISTEN label: "SMTP Server Listen" description: "Defines the IP address and port the SMTP server will listen on, e.g. :25 or 1.2.3.4:25" schema: type: string default: "" - variable: NTFY_SMTP_SERVER_DOMAIN label: "SMTP Server Domain" description: "SMTP server e-mail domain, e.g. ntfy.sh" schema: type: string default: "" - variable: NTFY_SMTP_SERVER_ADDR_PREFIX label: "SMTP Server Address Prefix" description: "Optional prefix for the e-mail addresses to prevent spam, e.g. ntfy-" schema: type: string default: "" # Include{containerConfig} # Include{serviceRoot} - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 10222 required: true # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceRoot} - variable: config label: "App Config Storage" description: "Stores the Application Configuration." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} - variable: cache label: "App Cache Storage" description: "Stores the Application Cache." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceList} # Include{ingressRoot} - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: true - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: true # Include{podSecurityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 568 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 568 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{codeserver} # Include{vpn} # Include{documentation}