feat: enable role based access control

metakgp · Jun 15, 2024 · 474585a · 474585a
1 parent f928f2e
commit 474585a
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -12,6 +12,7 @@ services:
     volumes:
       - nginx-config-volume:/etc/nginx/sites-enabled
       - naarad-cache:/var/cache/ntfy
+      - naarad-auth:/var/lib/ntfy
     healthcheck:
         test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:8000/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
         interval: 60s
@@ -29,4 +30,5 @@ volumes:
   nginx-config-volume:
     external: true
     name: metaploy-nginx-config-volume
-  naarad-cache:
+  naarad-cache:
+  naarad-auth:
diff --git a/server.yml b/server.yml
@@ -91,8 +91,8 @@ cache-duration: "24h"
 #   If you are running ntfy with systemd, make sure this user database file is owned by the
 #   ntfy user and group by running: chown ntfy.ntfy <filename>.
 #
-# auth-file: <filename>
-# auth-default-access: "read-write"
+auth-file: /var/lib/ntfy/user.db
+auth-default-access: "read-only"
 # auth-startup-queries:
 
 # If set, the X-Forwarded-For header is used to determine the visitor IP address