Deploying ntfy with Docker to set up a private notification service

Publish: 2024-04-07 | Modify: 2024-04-07

ntfy (pronounced as "notify") is a simple HTTP-based publish-subscribe notification service. With ntfy, you can send notifications from any computer to your phone or desktop using scripts. ntfy is open-source, allowing you to deploy it on your server for personal use. It also supports Android and iOS apps, making it ideal for sysadmins or developers to set up a message push service.

529090e58c8f2626.png

Deploying ntfy with Docker Compose

To reduce maintenance costs, the author uses Docker Compose to deploy ntfy. The official documentation provides various deployment methods for those interested: https://docs.ntfy.sh/install/

Create Configuration File

Before starting, we need to create an ntfy configuration file to mount into the container.

# Create configuration directory
mkdir -p etc
# Create configuration file
touch server.yml

Write the following content in server.yml:

# Fill in your own domain name, no need for the end
base-url: "https://www.baidu.com"
# Location of the authentication database
auth-file: "/var/lib/ntfy/user.db"
# Default access policy, deny-all means default deny for all unauthorized users
auth-default-access: "deny-all"

The above are basic configuration options. For more custom configurations, refer to the official configuration file explanation: https://github.com/binwiederhier/ntfy/blob/main/server/server.yml

Deploy ntfy

Next, create a docker-compose.yaml file with the following contents:

version: "2.3"

services:
  ntfy:
    image: binwiederhier/ntfy:v2.10.0
    container_name: ntfy
    command:
      - serve
    environment:
      - TZ=Asia/Shanghai    # optional: set desired timezone
    volumes:
      - ./cache:/var/cache/ntfy
      - ./etc:/etc/ntfy
      - ./db:/var/lib/ntfy
    ports:
      - 4080:80
    healthcheck: # optional: remember to adapt the host:port to your environment
        test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:80/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
        interval: 60s
        timeout: 10s
        retries: 3
        start_period: 40s
    restart: unless-stopped
  • v2.10.0 is the ntfy version number, which you can modify as needed
  • 4080 is the web access port, which you can also modify

Run the command docker-compose up -d to start the ntfy service. If everything goes smoothly, you can access the ntfy web interface at http://IP:4080.

be8d76ec49cf7d40.png

Creating Authorized Users

In the server.yml configuration file mentioned above, unauthorized users are denied access by default. Therefore, we need to create users for ntfy before sending or subscribing to messages. Use the following commands:

# Create an admin role, set your own username
docker exec -it ntfy ntfy user add --role=admin username
# Create a regular user
docker exec -it ntfy ntfy user add --role=user username
# Modify user permissions, which can be read-write, read-only, write-only, or deny
docker exec -it ntfy ntfy access username topic permission
# View the access control list (ACL)
docker exec -it ntfy ntfy access

For personal use, creating an admin role is usually sufficient. For team use, you need to assign ACL permission rules. For more permission details, refer to the ntfy official documentation: https://docs.ntfy.sh/config/?h=acl#access-control-list-acl

Nginx Reverse Proxy

To facilitate access and usage, Nginx reverse proxy is commonly used alongside ntfy. Below is the Nginx reverse proxy configuration that the author uses:

server {
  listen 80;
  # Change to your own domain name
  server_name www.xxx.com;
  # Redirect to https
  rewrite ^(.*) https://www.xxx.com$1 redirect;
}

server {
  listen 443 ssl http2;
  # Change to your own domain name
  server_name www.xxx.com;
  # Set log path
  access_log /data/logs/www.xxx.com_nginx.log xlog;

  # SSL configuration
  # Set certificate paths
  ssl_certificate /xxx/www.xxx.com.crt;
  ssl_certificate_key /xxx/www.xxx.com.key;

  location / {
    # Change to your ntfy port
    proxy_pass http://127.0.0.1:4080;
    proxy_http_version 1.1;

    # Proxy headers
    proxy_set_header Host $http_host;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_connect_timeout 3m;
    proxy_send_timeout 3m;
    proxy_read_timeout 3m;

    client_max_body_size 0; # Stream request body to backend
  }
}

Conclusion

The above guide illustrates the practical steps to deploy ntfy using Docker Compose. It is recommended for sysadmins or developers who require a notification service. ntfy offers more functionalities beyond what is covered here, so those interested can explore the official ntfy documentation: https://docs.ntfy.sh/


Comments