Switch to using an external Ntfy role
The newly extracted role also has native Traefik support, so we no longer need to rely on `matrix-nginx-proxy` for reverse-proxying to Ntfy. The new role uses port `80` inside the container (not `8080`, like before), because that's the default assumption of the officially published container image. Using a custom port (like `8080`), means the default healthcheck command (which hardcodes port `80`) doesn't work. Instead of fiddling to override the healthcheck command, we've decided to stick to the default port instead. This only affects the inside-the-container port, not any external ports. The new role also supports adding the network ranges of the container's multiple additional networks as "exempt hosts". Previously, only one network's address range was added to "exempt hosts".
This commit is contained in:
Slavi Pantaleev
@ -326,7 +326,7 @@ devture_systemd_service_manager_services_list_auto: |
|
||||
+
|
||||
(matrix_ssl_renewal_systemd_units_list | selectattr('applicable') | selectattr('enableable') | list )
|
||||
+
|
||||
([{'name': 'matrix-ntfy.service', 'priority': 800, 'groups': ['matrix', 'ntfy']}] if matrix_ntfy_enabled else [])
|
||||
([{'name': (ntfy_identifier + '.service'), 'priority': 800, 'groups': ['matrix', 'ntfy']}] if ntfy_enabled else [])
|
||||
+
|
||||
([{'name': (devture_postgres_identifier + '.service'), 'priority': 500, 'groups': ['matrix', 'postgres']}] if devture_postgres_enabled else [])
|
||||
+
|
||||
@ -2379,8 +2379,8 @@ matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain: "{{ matrix_s
|
||||
|
||||
matrix_nginx_proxy_proxy_matrix_enabled: true
|
||||
matrix_nginx_proxy_proxy_element_enabled: "{{ matrix_client_element_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||
matrix_nginx_proxy_proxy_hydrogen_enabled: "{{ matrix_client_hydrogen_enabled }}"
|
||||
matrix_nginx_proxy_proxy_cinny_enabled: "{{ matrix_client_cinny_enabled }}"
|
||||
matrix_nginx_proxy_proxy_hydrogen_enabled: "{{ matrix_client_hydrogen_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||
matrix_nginx_proxy_proxy_cinny_enabled: "{{ matrix_client_cinny_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||
matrix_nginx_proxy_proxy_buscarron_enabled: "{{ matrix_bot_buscarron_enabled }}"
|
||||
matrix_nginx_proxy_proxy_dimension_enabled: "{{ matrix_dimension_enabled }}"
|
||||
matrix_nginx_proxy_proxy_etherpad_enabled: "{{ matrix_etherpad_enabled and matrix_etherpad_mode == 'standalone' }}"
|
||||
@ -2389,9 +2389,9 @@ matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled }}"
|
||||
matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}"
|
||||
matrix_nginx_proxy_proxy_jitsi_manage_wellknown: "{{ matrix_jitsi_require_well_known }}"
|
||||
|
||||
matrix_nginx_proxy_proxy_grafana_enabled: "{{ grafana_enabled }}"
|
||||
matrix_nginx_proxy_proxy_grafana_enabled: "{{ grafana_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||
matrix_nginx_proxy_proxy_sygnal_enabled: "{{ matrix_sygnal_enabled }}"
|
||||
matrix_nginx_proxy_proxy_ntfy_enabled: "{{ matrix_ntfy_enabled }}"
|
||||
matrix_nginx_proxy_proxy_ntfy_enabled: "{{ ntfy_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}"
|
||||
|
||||
matrix_nginx_proxy_container_labels_traefik_enabled: "{{ matrix_playbook_traefik_labels_enabled }}"
|
||||
matrix_nginx_proxy_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
|
||||
@ -2404,7 +2404,6 @@ matrix_nginx_proxy_container_labels_traefik_proxy_etherpad_enabled: "{{ matrix_e
|
||||
matrix_nginx_proxy_container_labels_traefik_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled }}"
|
||||
matrix_nginx_proxy_container_labels_traefik_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}"
|
||||
matrix_nginx_proxy_container_labels_traefik_proxy_sygnal_enabled: "{{ matrix_sygnal_enabled }}"
|
||||
matrix_nginx_proxy_container_labels_traefik_proxy_ntfy_enabled: "{{ matrix_ntfy_enabled }}"
|
||||
|
||||
matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: "{{ matrix_corporal_enabled and matrix_corporal_http_api_enabled }}"
|
||||
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081"
|
||||
@ -2486,7 +2485,7 @@ matrix_nginx_proxy_systemd_wanted_services_list: |
|
||||
+
|
||||
(['matrix-sygnal.service'] if matrix_sygnal_enabled else [])
|
||||
+
|
||||
(['matrix-ntfy.service'] if matrix_ntfy_enabled else [])
|
||||
([(ntfy_identifier + '.service')] if ntfy_enabled else [])
|
||||
+
|
||||
(['matrix-jitsi.service'] if matrix_jitsi_enabled else [])
|
||||
+
|
||||
@ -2523,7 +2522,7 @@ matrix_ssl_domains_to_obtain_certificates_for: |
|
||||
+
|
||||
([matrix_server_fqn_sygnal] if matrix_sygnal_enabled else [])
|
||||
+
|
||||
([matrix_server_fqn_ntfy] if matrix_ntfy_enabled else [])
|
||||
([ntfy_hostname] if ntfy_enabled else [])
|
||||
+
|
||||
(matrix_bot_postmoogle_domains if matrix_bot_postmoogle_enabled else [])
|
||||
+
|
||||
@ -2886,17 +2885,39 @@ matrix_sygnal_container_http_host_bind_port: "{{ (matrix_playbook_service_host_b
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# matrix-ntfy
|
||||
# etke/ntfy
|
||||
#
|
||||
######################################################################
|
||||
|
||||
matrix_ntfy_enabled: false
|
||||
ntfy_enabled: false
|
||||
|
||||
matrix_ntfy_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '2586') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||
ntfy_identifier: matrix-ntfy
|
||||
|
||||
ntfy_base_path: "{{ matrix_base_data_path }}/ntfy"
|
||||
|
||||
ntfy_uid: "{{ matrix_user_uid }}"
|
||||
ntfy_gid: "{{ matrix_user_gid }}"
|
||||
|
||||
ntfy_hostname: "{{ matrix_server_fqn_ntfy }}"
|
||||
|
||||
ntfy_container_network: "{{ matrix_nginx_proxy_container_network if matrix_playbook_reverse_proxy_type == 'playbook-managed-nginx' else ntfy_identifier }}"
|
||||
|
||||
ntfy_container_additional_networks: "{{ [matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [] }}"
|
||||
|
||||
ntfy_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '2586') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||
|
||||
ntfy_container_labels_traefik_enabled: "{{ matrix_playbook_traefik_labels_enabled }}"
|
||||
ntfy_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
|
||||
ntfy_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
|
||||
|
||||
ntfy_visitor_request_limit_exempt_hosts_hostnames_auto: |
|
||||
{{
|
||||
[matrix_server_fqn_matrix]
|
||||
}}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# /matrix-ntfy
|
||||
# /etky/ntfy
|
||||
#
|
||||
######################################################################
|
||||
|
||||
|
||||
Reference in New Issue
Block a user