Question: HOW TO - NTFY service

My YunoHost server

Hardware: VPS bought online
YunoHost version: 11.2.3 (stable)
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
If yes, please explain:
If your request is related to an app, specify its name and version: 2.6.2~ynh1

Description of my issue

TL;DR: I don’t get notifications in my android device and cli test does not work either. Please, have anyone step by step set up instructions? thank you.

What have I done?

• installed ynh-ntfy app in my server, without issues (apparently)

• added this app to “individual user permission” (my user, ntfy); also to Admins group as read here Ntfy just not working after install - #8 by tituspijean (not clear what/how has to be added)

• installed nfty ANDROID app, added my server url, installed Unifiedpush Example app for testing purposes. It helped me in another device (using nextpush service) to test connection.

• this Example App registers in nfty-android app (as FluffyChat does) but in the app ntfy-android, for all topics says reconnecting...

I’ve tried both websockets (with warning about possible ngix further configuration) and json method without success.

• I’ve selected “using Websockets” as connection method for the android app as sugested (json method does not work either)

I’m subscribed to “test” topic in android-ntfy, but when send this to topic:

curl -d "testing ntfy" ntfy.domain.noho.st/test
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

I can access ntfy-ynh webinterface from user portal (admin user), and tried to publish to test there, but I get Error 40101: unauthorized

I also created a dummy test user in that web interface.

About users: NTFY - création de compte utilisateur - #2 by tituspijean and [RÉSOLU] Gestion des utilisateurs ntfy en cli : message d'erreur, but I don’t think it’s a “users” problem as I don’t restrict access to this server (yet)

Please, what am I missing? thank you

This is journalctl log from last service restart (copied from ynh admin web interface)

Aug 15 06:45:11 systemd[1]: Stopping ntfy server...
Aug 15 06:45:11 systemd[1]: ntfy.service: Succeeded.
Aug 15 06:45:11 systemd[1]: Stopped ntfy server.
Aug 15 06:45:11 systemd[1]: ntfy.service: Consumed 1.368s CPU time.
Aug 15 06:45:11 systemd[1]: Started ntfy server.
Aug 15 06:45:11 ntfy[3826]: 2023/08/15 06:45:11 INFO Listening on localhost:8080[http], ntfy 2.6.2, log level is INFO (tag=startup)
Aug 15 06:46:11 ntfy[3826]: 2023/08/15 06:46:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=0)
Aug 15 06:47:11 ntfy[3826]: 2023/08/15 06:47:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=0)
Aug 15 06:48:11 ntfy[3826]: 2023/08/15 06:48:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=0)
Aug 15 06:49:11 ntfy[3826]: 2023/08/15 06:49:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=0)
Aug 15 06:50:11 ntfy[3826]: 2023/08/15 06:50:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=0)
Aug 15 06:51:11 ntfy[3826]: 2023/08/15 06:51:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=0)
Aug 15 06:52:11 ntfy[3826]: 2023/08/15 06:52:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=0)
Aug 15 06:53:11 ntfy[3826]: 2023/08/15 06:53:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=1)
Aug 15 06:54:11 ntfy[3826]: 2023/08/15 06:54:11 INFO Server stats (emails_received=0, emails_received_failure=0, emails_received_success=0, emails_sent=0, emails_sent_failure=0, emails_sent_success=0, messages_cached=0, messages_published=0, subscribers=0, tag=manager, topics_active=0, users=2, visitors=1)

thank you

Hi @ghose,
Same here! Keep you posted if I find a solution.

As far as I understand:
You need to be authenticated to read and post on topics.

Here is the doc on how to use Bearer tokens in your curl command: Sending messages - ntfy

cheers

thank you.

we all would thank some guidance

log (from mobile device)

1692330018562 2023-08-18 05:40:18.562 D NtfyWsConnection ntfy.domain.host/tests,5ZVXPOAVHpdTaxn6 (gid=3): Opening https://ntfy.domain.host/tests,5ZVXPOAVHpdTaxn6/ws?since=none with listener ID 7 ...
1692330018652 2023-08-18 05:40:18.652 E NtfyWsConnection ntfy.domain.host/tests,5ZVXPOAVHpdTaxn6 (gid=3, lid=7): Connection failed (response code 200, message: OK): Expected HTTP 101 response but was '200 OK'
Exception:
java.net.ProtocolException: Expected HTTP 101 response but was '200 OK'
	at okhttp3.internal.ws.RealWebSocket.checkUpgradeSuccess$okhttp(RealWebSocket.kt:224)
	at okhttp3.internal.ws.RealWebSocket$connect$1.onResponse(RealWebSocket.kt:170)
	at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:519)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
	at java.lang.Thread.run(Thread.java:923)

I’ve worked this out today:

The application is created with an admin user which you set the password for. However it’s created with no specific permissions on the Yunohost portal - you can see it’s set to nobody.
I’ve changed that to Visitors and the admin user can now publish and subscribe with username and password, and a token if you create one. You can also log into the web app, which isn’t available if you don’t enable Visitors.
I’ve also created a non-admin user but that needs a permission defining with ./ntfy.sh access username topicname rw on the server. Once that’s done, you can also publish and subscribe with that user as well.

I’ve also now set up an app on my phone to use my ntfy instance (Fedilab to be specific, but this should apply to any app that can be configured to use ntfy).

• Configure the ntfy app with your server and credentials (I’ve used user and password, but I should try the token).
• Configure the sending app to use ntfy.
• In ntfy this should create the topics that the app uses, but they will show as reconnecting.
• On the command line grant permission to those topics as above, and the app should connect after a minute or so.

thank you @serversonic

bookmarked your info and I will try to replicate it in my server.

Thank you so much!

wouldn’t it be enough change it to “Users”?

so any YNH logged user could access to ntfy client interface, but not “anonymous” people who eventually know our ntfy server URL. Server is password protected though, but anyway…

I’ve set ntfy as you suggested and at least I could create a “test” topic, send a message from web interface (my server) and being notified in the mobile device after manually subscribe to that topic It’s a start! Thank you

edit: I’m using just the default user/password created on install, not adding a new one (so far)

I tried restricting it to Users and couldn’t get it to work even with the same username and password combination for the Yunohost user and the ntfy user.

In applications the registration process would usually be handled as part of setup - for example an IoT device would contact its registration server and create a token and topic to subscribe to. Or, as has been found far too often, just connect anonymously to an open server.

reading documentation about UnifiedPush https://serverntfy/docs/config/#example-unifiedpush

UnifiedPush requires that the application server (e.g. Synapse, Fediverse Server, …) has anonymous write access to the topic used for push messages. The topic names used by UnifiedPush all start with the up* prefix. Please refer to the UnifiedPush documentation for more details.

To enable support for UnifiedPush for private servers (i.e. auth-default-access: "deny-all"), you should either allow anonymous write access for the entire prefix or explicitly per topic:

PrefixExplicitly //// also allows per topic control.

$ ntfy access '*' 'up*' write-only

Our server.yml file:

auth-default-access: "deny-all"

so when an app as tusky creates a new topic it assumes that it has access, but it has not,

root@ynh:/var/www/ntfy# ./ntfy access '*' upTOPICcreatedWn write-only
option auth-file not set; auth is unconfigured for this server

in server.yml is set

auth-file: /var/www/ntfy/data/user.db , this file exist in that location

is it possible to change access to topics from web-UI? I have not seen that option in the topic’s settings

thank you

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

I made a pull request to fix ntfy by a mandatory exposure of the application to visitors to fix this issue:

edit: the fix will be available soon as v2.8.0~ynh2