From 3691e59af1b5ab0857db07059ce5eb4f19c68a35 Mon Sep 17 00:00:00 2001 From: Zhiyuan Zheng Date: Fri, 11 Aug 2023 13:16:53 +0800 Subject: [PATCH 01/11] Expose MessageLimit as a configuration --- cmd/serve.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cmd/serve.go b/cmd/serve.go index 87b83dda3..febaf52fb 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -99,6 +99,7 @@ var flagsServe = append( altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-file", Aliases: []string{"web_push_file"}, EnvVars: []string{"NTFY_WEB_PUSH_FILE"}, Usage: "file used to store web push subscriptions"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-email-address", Aliases: []string{"web_push_email_address"}, EnvVars: []string{"NTFY_WEB_PUSH_EMAIL_ADDRESS"}, Usage: "e-mail address of sender, required to use browser push services"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-startup-queries", Aliases: []string{"web_push_startup_queries"}, EnvVars: []string{"NTFY_WEB_PUSH_STARTUP_QUERIES"}, Usage: "queries run when the web push database is initialized"}), + altsrc.NewIntFlag(&cli.IntFlag{Name: "message-limit", Aliases: []string{"message_limit"}, EnvVars: []string{"NTFY_MESSAGE_LIMIT"}, Value: server.DefaultMessageLengthLimit, Usage: "size limit for the mesasge in bytes"}), ) var cmdServe = &cli.Command{ @@ -189,6 +190,7 @@ func execServe(c *cli.Context) error { metricsListenHTTP := c.String("metrics-listen-http") enableMetrics := c.Bool("enable-metrics") || metricsListenHTTP != "" profileListenHTTP := c.String("profile-listen-http") + mesasgeLimit := c.Int("message-limit") // Check values if firebaseKeyFile != "" && !util.FileExists(firebaseKeyFile) { @@ -364,6 +366,7 @@ func execServe(c *cli.Context) error { conf.WebPushFile = webPushFile conf.WebPushEmailAddress = webPushEmailAddress conf.WebPushStartupQueries = webPushStartupQueries + conf.MessageLimit = mesasgeLimit // Set up hot-reloading of config go sigHandlerConfigReload(config) From 6bd887537509fa9fccd0781ecde38e3faba993de Mon Sep 17 00:00:00 2001 From: zhzy0077 Date: Mon, 21 Aug 2023 11:51:48 +0800 Subject: [PATCH 02/11] fix typo and update docs --- cmd/serve.go | 4 ++-- docs/config.md | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index febaf52fb..ef56f97b4 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -190,7 +190,7 @@ func execServe(c *cli.Context) error { metricsListenHTTP := c.String("metrics-listen-http") enableMetrics := c.Bool("enable-metrics") || metricsListenHTTP != "" profileListenHTTP := c.String("profile-listen-http") - mesasgeLimit := c.Int("message-limit") + messasgeLimit := c.Int("message-limit") // Check values if firebaseKeyFile != "" && !util.FileExists(firebaseKeyFile) { @@ -366,7 +366,7 @@ func execServe(c *cli.Context) error { conf.WebPushFile = webPushFile conf.WebPushEmailAddress = webPushEmailAddress conf.WebPushStartupQueries = webPushStartupQueries - conf.MessageLimit = mesasgeLimit + conf.MessageLimit = messasgeLimit // Set up hot-reloading of config go sigHandlerConfigReload(config) diff --git a/docs/config.md b/docs/config.md index 9af799924..0f33ec3d6 100644 --- a/docs/config.md +++ b/docs/config.md @@ -1341,6 +1341,7 @@ variable before running the `ntfy` command (e.g. `export NTFY_LISTEN_HTTP=:80`). | `web-push-file` | `NTFY_WEB_PUSH_FILE` | *string* | - | Web Push: Database file that stores subscriptions | | `web-push-email-address` | `NTFY_WEB_PUSH_EMAIL_ADDRESS` | *string* | - | Web Push: Sender email address | | `web-push-startup-queries` | `NTFY_WEB_PUSH_STARTUP_QUERIES` | *string* | - | Web Push: SQL queries to run against subscription database at startup | +| `message-limit` | `NTFY_MESSAGE_LIMIT` | *number* | - | The size limit (in bytes) for the ntfy message. NOTE: FCM has size limit at 4000 bytes. APNS has size limit at 4KB. If you increases this size limit, FCM and APNS will NOT work for large messages. | The format for a *duration* is: `(smh)`, e.g. 30s, 20m or 1h. The format for a *size* is: `(GMK)`, e.g. 1G, 200M or 4000k. From 6a3f169a4770db61b5826b2d56e6027d0eac94f2 Mon Sep 17 00:00:00 2001 From: zhzy0077 Date: Mon, 21 Aug 2023 11:55:20 +0800 Subject: [PATCH 03/11] fix typo. --- cmd/serve.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index ef56f97b4..ac946e9ca 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -190,7 +190,7 @@ func execServe(c *cli.Context) error { metricsListenHTTP := c.String("metrics-listen-http") enableMetrics := c.Bool("enable-metrics") || metricsListenHTTP != "" profileListenHTTP := c.String("profile-listen-http") - messasgeLimit := c.Int("message-limit") + messageLimit := c.Int("message-limit") // Check values if firebaseKeyFile != "" && !util.FileExists(firebaseKeyFile) { @@ -366,7 +366,7 @@ func execServe(c *cli.Context) error { conf.WebPushFile = webPushFile conf.WebPushEmailAddress = webPushEmailAddress conf.WebPushStartupQueries = webPushStartupQueries - conf.MessageLimit = messasgeLimit + conf.MessageLimit = messageLimit // Set up hot-reloading of config go sigHandlerConfigReload(config) From f565302a0fac93984d08314836d0ef5500a48bb6 Mon Sep 17 00:00:00 2001 From: zhzy0077 Date: Mon, 21 Aug 2023 11:56:31 +0800 Subject: [PATCH 04/11] Fix typo --- docs/config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/config.md b/docs/config.md index 0f33ec3d6..bd1cac95a 100644 --- a/docs/config.md +++ b/docs/config.md @@ -1341,7 +1341,7 @@ variable before running the `ntfy` command (e.g. `export NTFY_LISTEN_HTTP=:80`). | `web-push-file` | `NTFY_WEB_PUSH_FILE` | *string* | - | Web Push: Database file that stores subscriptions | | `web-push-email-address` | `NTFY_WEB_PUSH_EMAIL_ADDRESS` | *string* | - | Web Push: Sender email address | | `web-push-startup-queries` | `NTFY_WEB_PUSH_STARTUP_QUERIES` | *string* | - | Web Push: SQL queries to run against subscription database at startup | -| `message-limit` | `NTFY_MESSAGE_LIMIT` | *number* | - | The size limit (in bytes) for the ntfy message. NOTE: FCM has size limit at 4000 bytes. APNS has size limit at 4KB. If you increases this size limit, FCM and APNS will NOT work for large messages. | +| `message-limit` | `NTFY_MESSAGE_LIMIT` | *number* | - | The size limit (in bytes) for the ntfy message. NOTE: FCM has size limit at 4000 bytes. APNS has size limit at 4KB. If you increase this size limit, FCM and APNS will NOT work for large messages. | The format for a *duration* is: `(smh)`, e.g. 30s, 20m or 1h. The format for a *size* is: `(GMK)`, e.g. 1G, 200M or 4000k. From 6a10bac017ddfd400635f552cd421235cac9d99f Mon Sep 17 00:00:00 2001 From: zhzy0077 Date: Fri, 8 Sep 2023 13:21:55 +0800 Subject: [PATCH 05/11] Update template server.yml --- cmd/serve.go | 2 +- docs/config.md | 2 +- server/server.yml | 6 ++++++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index ac946e9ca..5864fa46d 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -99,7 +99,7 @@ var flagsServe = append( altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-file", Aliases: []string{"web_push_file"}, EnvVars: []string{"NTFY_WEB_PUSH_FILE"}, Usage: "file used to store web push subscriptions"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-email-address", Aliases: []string{"web_push_email_address"}, EnvVars: []string{"NTFY_WEB_PUSH_EMAIL_ADDRESS"}, Usage: "e-mail address of sender, required to use browser push services"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-startup-queries", Aliases: []string{"web_push_startup_queries"}, EnvVars: []string{"NTFY_WEB_PUSH_STARTUP_QUERIES"}, Usage: "queries run when the web push database is initialized"}), - altsrc.NewIntFlag(&cli.IntFlag{Name: "message-limit", Aliases: []string{"message_limit"}, EnvVars: []string{"NTFY_MESSAGE_LIMIT"}, Value: server.DefaultMessageLengthLimit, Usage: "size limit for the mesasge in bytes"}), + altsrc.NewIntFlag(&cli.IntFlag{Name: "message-limit", Aliases: []string{"message_limit"}, EnvVars: []string{"NTFY_MESSAGE_LIMIT"}, Value: server.DefaultMessageLengthLimit, Usage: "size limit for the message in bytes"}), ) var cmdServe = &cli.Command{ diff --git a/docs/config.md b/docs/config.md index bd1cac95a..23dbeb826 100644 --- a/docs/config.md +++ b/docs/config.md @@ -1341,7 +1341,7 @@ variable before running the `ntfy` command (e.g. `export NTFY_LISTEN_HTTP=:80`). | `web-push-file` | `NTFY_WEB_PUSH_FILE` | *string* | - | Web Push: Database file that stores subscriptions | | `web-push-email-address` | `NTFY_WEB_PUSH_EMAIL_ADDRESS` | *string* | - | Web Push: Sender email address | | `web-push-startup-queries` | `NTFY_WEB_PUSH_STARTUP_QUERIES` | *string* | - | Web Push: SQL queries to run against subscription database at startup | -| `message-limit` | `NTFY_MESSAGE_LIMIT` | *number* | - | The size limit (in bytes) for the ntfy message. NOTE: FCM has size limit at 4000 bytes. APNS has size limit at 4KB. If you increase this size limit, FCM and APNS will NOT work for large messages. | +| `message-limit` | `NTFY_MESSAGE_LIMIT` | *number* | - | The size limit (in bytes) for a ntfy message. NOTE: FCM has size limit at 4000 bytes. APNS has size limit at 4KB. If you increase this size limit, FCM and APNS will NOT work for large messages. | The format for a *duration* is: `(smh)`, e.g. 30s, 20m or 1h. The format for a *size* is: `(GMK)`, e.g. 1G, 200M or 4000k. diff --git a/server/server.yml b/server/server.yml index 6b2fc989a..3e92f742c 100644 --- a/server/server.yml +++ b/server/server.yml @@ -357,3 +357,9 @@ # log-level-overrides: # log-format: text # log-file: + +# Defines the size limit (in bytes) for a ntfy message. +# NOTE: FCM has size limit at 4000 bytes. APNS has size limit at 4KB. If you increase this size limit, FCM and APNS will NOT work for large messages. +# The default value is 4096 bytes. +# +# message-limit: From 36b33030f387e694684147bf49107ffefe60a646 Mon Sep 17 00:00:00 2001 From: binwiederhier Date: Thu, 7 Mar 2024 11:53:12 -0500 Subject: [PATCH 06/11] Add message-{size|delay}-limit --- cmd/serve.go | 140 ++++++++++++++++++++++------------ cmd/tier.go | 6 +- server/config.go | 18 ++--- server/server.go | 10 +-- server/server.yml | 16 ++-- server/server_account_test.go | 4 +- server/smtp_server.go | 4 +- server/visitor.go | 4 +- util/time.go | 16 ++++ util/time_test.go | 24 ++++++ util/util.go | 22 +++++- util/util_test.go | 36 ++++++--- 12 files changed, 210 insertions(+), 90 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index 60010fe06..4b5ee7451 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -6,7 +6,12 @@ import ( "errors" "fmt" "github.com/stripe/stripe-go/v74" + "github.com/urfave/cli/v2" + "github.com/urfave/cli/v2/altsrc" + "heckel.io/ntfy/v2/log" + "heckel.io/ntfy/v2/server" "heckel.io/ntfy/v2/user" + "heckel.io/ntfy/v2/util" "io/fs" "math" "net" @@ -16,13 +21,6 @@ import ( "strings" "syscall" "time" - - "heckel.io/ntfy/v2/log" - - "github.com/urfave/cli/v2" - "github.com/urfave/cli/v2/altsrc" - "heckel.io/ntfy/v2/server" - "heckel.io/ntfy/v2/util" ) func init() { @@ -35,7 +33,7 @@ const ( var flagsServe = append( append([]cli.Flag{}, flagsDefault...), - &cli.StringFlag{Name: "config", Aliases: []string{"c"}, EnvVars: []string{"NTFY_CONFIG_FILE"}, Value: defaultServerConfigFile, DefaultText: defaultServerConfigFile, Usage: "config file"}, + &cli.StringFlag{Name: "config", Aliases: []string{"c"}, EnvVars: []string{"NTFY_CONFIG_FILE"}, Value: defaultServerConfigFile, Usage: "config file"}, altsrc.NewStringFlag(&cli.StringFlag{Name: "base-url", Aliases: []string{"base_url", "B"}, EnvVars: []string{"NTFY_BASE_URL"}, Usage: "externally visible base URL for this host (e.g. https://ntfy.sh)"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-http", Aliases: []string{"listen_http", "l"}, EnvVars: []string{"NTFY_LISTEN_HTTP"}, Value: server.DefaultListenHTTP, Usage: "ip:port used as HTTP listen address"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-https", Aliases: []string{"listen_https", "L"}, EnvVars: []string{"NTFY_LISTEN_HTTPS"}, Usage: "ip:port used as HTTPS listen address"}), @@ -45,19 +43,19 @@ var flagsServe = append( altsrc.NewStringFlag(&cli.StringFlag{Name: "cert-file", Aliases: []string{"cert_file", "E"}, EnvVars: []string{"NTFY_CERT_FILE"}, Usage: "certificate file, if listen-https is set"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "firebase-key-file", Aliases: []string{"firebase_key_file", "F"}, EnvVars: []string{"NTFY_FIREBASE_KEY_FILE"}, Usage: "Firebase credentials file; if set additionally publish to FCM topic"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-file", Aliases: []string{"cache_file", "C"}, EnvVars: []string{"NTFY_CACHE_FILE"}, Usage: "cache file used for message caching"}), - altsrc.NewDurationFlag(&cli.DurationFlag{Name: "cache-duration", Aliases: []string{"cache_duration", "b"}, EnvVars: []string{"NTFY_CACHE_DURATION"}, Value: server.DefaultCacheDuration, Usage: "buffer messages for this time to allow `since` requests"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-duration", Aliases: []string{"cache_duration", "b"}, EnvVars: []string{"NTFY_CACHE_DURATION"}, Value: util.FormatDuration(server.DefaultCacheDuration), Usage: "buffer messages for this time to allow `since` requests"}), altsrc.NewIntFlag(&cli.IntFlag{Name: "cache-batch-size", Aliases: []string{"cache_batch_size"}, EnvVars: []string{"NTFY_BATCH_SIZE"}, Usage: "max size of messages to batch together when writing to message cache (if zero, writes are synchronous)"}), - altsrc.NewDurationFlag(&cli.DurationFlag{Name: "cache-batch-timeout", Aliases: []string{"cache_batch_timeout"}, EnvVars: []string{"NTFY_CACHE_BATCH_TIMEOUT"}, Usage: "timeout for batched async writes to the message cache (if zero, writes are synchronous)"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-batch-timeout", Aliases: []string{"cache_batch_timeout"}, EnvVars: []string{"NTFY_CACHE_BATCH_TIMEOUT"}, Usage: "timeout for batched async writes to the message cache (if zero, writes are synchronous)"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-startup-queries", Aliases: []string{"cache_startup_queries"}, EnvVars: []string{"NTFY_CACHE_STARTUP_QUERIES"}, Usage: "queries run when the cache database is initialized"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-file", Aliases: []string{"auth_file", "H"}, EnvVars: []string{"NTFY_AUTH_FILE"}, Usage: "auth database file used for access control"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-startup-queries", Aliases: []string{"auth_startup_queries"}, EnvVars: []string{"NTFY_AUTH_STARTUP_QUERIES"}, Usage: "queries run when the auth database is initialized"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-default-access", Aliases: []string{"auth_default_access", "p"}, EnvVars: []string{"NTFY_AUTH_DEFAULT_ACCESS"}, Value: "read-write", Usage: "default permissions if no matching entries in the auth database are found"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-cache-dir", Aliases: []string{"attachment_cache_dir"}, EnvVars: []string{"NTFY_ATTACHMENT_CACHE_DIR"}, Usage: "cache directory for attached files"}), - altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-total-size-limit", Aliases: []string{"attachment_total_size_limit", "A"}, EnvVars: []string{"NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT"}, DefaultText: "5G", Usage: "limit of the on-disk attachment cache"}), - altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-file-size-limit", Aliases: []string{"attachment_file_size_limit", "Y"}, EnvVars: []string{"NTFY_ATTACHMENT_FILE_SIZE_LIMIT"}, DefaultText: "15M", Usage: "per-file attachment size limit (e.g. 300k, 2M, 100M)"}), - altsrc.NewDurationFlag(&cli.DurationFlag{Name: "attachment-expiry-duration", Aliases: []string{"attachment_expiry_duration", "X"}, EnvVars: []string{"NTFY_ATTACHMENT_EXPIRY_DURATION"}, Value: server.DefaultAttachmentExpiryDuration, DefaultText: "3h", Usage: "duration after which uploaded attachments will be deleted (e.g. 3h, 20h)"}), - altsrc.NewDurationFlag(&cli.DurationFlag{Name: "keepalive-interval", Aliases: []string{"keepalive_interval", "k"}, EnvVars: []string{"NTFY_KEEPALIVE_INTERVAL"}, Value: server.DefaultKeepaliveInterval, Usage: "interval of keepalive messages"}), - altsrc.NewDurationFlag(&cli.DurationFlag{Name: "manager-interval", Aliases: []string{"manager_interval", "m"}, EnvVars: []string{"NTFY_MANAGER_INTERVAL"}, Value: server.DefaultManagerInterval, Usage: "interval of for message pruning and stats printing"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-total-size-limit", Aliases: []string{"attachment_total_size_limit", "A"}, EnvVars: []string{"NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT"}, Value: util.FormatSize(server.DefaultAttachmentTotalSizeLimit), Usage: "limit of the on-disk attachment cache"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-file-size-limit", Aliases: []string{"attachment_file_size_limit", "Y"}, EnvVars: []string{"NTFY_ATTACHMENT_FILE_SIZE_LIMIT"}, Value: util.FormatSize(server.DefaultAttachmentFileSizeLimit), Usage: "per-file attachment size limit (e.g. 300k, 2M, 100M)"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-expiry-duration", Aliases: []string{"attachment_expiry_duration", "X"}, EnvVars: []string{"NTFY_ATTACHMENT_EXPIRY_DURATION"}, Value: util.FormatDuration(server.DefaultAttachmentExpiryDuration), Usage: "duration after which uploaded attachments will be deleted (e.g. 3h, 20h)"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "keepalive-interval", Aliases: []string{"keepalive_interval", "k"}, EnvVars: []string{"NTFY_KEEPALIVE_INTERVAL"}, Value: util.FormatDuration(server.DefaultKeepaliveInterval), Usage: "interval of keepalive messages"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "manager-interval", Aliases: []string{"manager_interval", "m"}, EnvVars: []string{"NTFY_MANAGER_INTERVAL"}, Value: util.FormatDuration(server.DefaultManagerInterval), Usage: "interval of for message pruning and stats printing"}), altsrc.NewStringSliceFlag(&cli.StringSliceFlag{Name: "disallowed-topics", Aliases: []string{"disallowed_topics"}, EnvVars: []string{"NTFY_DISALLOWED_TOPICS"}, Usage: "topics that are not allowed to be used"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "web-root", Aliases: []string{"web_root"}, EnvVars: []string{"NTFY_WEB_ROOT"}, Value: "/", Usage: "sets root of the web app (e.g. /, or /app), or disables it (disable)"}), altsrc.NewBoolFlag(&cli.BoolFlag{Name: "enable-signup", Aliases: []string{"enable_signup"}, EnvVars: []string{"NTFY_ENABLE_SIGNUP"}, Value: false, Usage: "allows users to sign up via the web app, or API"}), @@ -76,16 +74,18 @@ var flagsServe = append( altsrc.NewStringFlag(&cli.StringFlag{Name: "twilio-auth-token", Aliases: []string{"twilio_auth_token"}, EnvVars: []string{"NTFY_TWILIO_AUTH_TOKEN"}, Usage: "Twilio auth token"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "twilio-phone-number", Aliases: []string{"twilio_phone_number"}, EnvVars: []string{"NTFY_TWILIO_PHONE_NUMBER"}, Usage: "Twilio number to use for outgoing calls"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "twilio-verify-service", Aliases: []string{"twilio_verify_service"}, EnvVars: []string{"NTFY_TWILIO_VERIFY_SERVICE"}, Usage: "Twilio Verify service ID, used for phone number verification"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "message-size-limit", Aliases: []string{"message_size_limit"}, EnvVars: []string{"NTFY_MESSAGE_SIZE_LIMIT"}, Value: util.FormatSize(server.DefaultMessageSizeLimit), Usage: "size limit for the message (see docs for limitations)"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "message-delay-limit", Aliases: []string{"message_delay_limit"}, EnvVars: []string{"NTFY_MESSAGE_DELAY_LIMIT"}, Value: util.FormatDuration(server.DefaultMessageDelayMax), Usage: "max duration a message can be scheduled into the future"}), altsrc.NewIntFlag(&cli.IntFlag{Name: "global-topic-limit", Aliases: []string{"global_topic_limit", "T"}, EnvVars: []string{"NTFY_GLOBAL_TOPIC_LIMIT"}, Value: server.DefaultTotalTopicLimit, Usage: "total number of topics allowed"}), altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-subscription-limit", Aliases: []string{"visitor_subscription_limit"}, EnvVars: []string{"NTFY_VISITOR_SUBSCRIPTION_LIMIT"}, Value: server.DefaultVisitorSubscriptionLimit, Usage: "number of subscriptions per visitor"}), - altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-attachment-total-size-limit", Aliases: []string{"visitor_attachment_total_size_limit"}, EnvVars: []string{"NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT"}, Value: "100M", Usage: "total storage limit used for attachments per visitor"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-attachment-total-size-limit", Aliases: []string{"visitor_attachment_total_size_limit"}, EnvVars: []string{"NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT"}, Value: util.FormatSize(server.DefaultVisitorAttachmentTotalSizeLimit), Usage: "total storage limit used for attachments per visitor"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-attachment-daily-bandwidth-limit", Aliases: []string{"visitor_attachment_daily_bandwidth_limit"}, EnvVars: []string{"NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT"}, Value: "500M", Usage: "total daily attachment download/upload bandwidth limit per visitor"}), altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-request-limit-burst", Aliases: []string{"visitor_request_limit_burst"}, EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_BURST"}, Value: server.DefaultVisitorRequestLimitBurst, Usage: "initial limit of requests per visitor"}), - altsrc.NewDurationFlag(&cli.DurationFlag{Name: "visitor-request-limit-replenish", Aliases: []string{"visitor_request_limit_replenish"}, EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_REPLENISH"}, Value: server.DefaultVisitorRequestLimitReplenish, Usage: "interval at which burst limit is replenished (one per x)"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-request-limit-replenish", Aliases: []string{"visitor_request_limit_replenish"}, EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_REPLENISH"}, Value: util.FormatDuration(server.DefaultVisitorRequestLimitReplenish), Usage: "interval at which burst limit is replenished (one per x)"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-request-limit-exempt-hosts", Aliases: []string{"visitor_request_limit_exempt_hosts"}, EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS"}, Value: "", Usage: "hostnames and/or IP addresses of hosts that will be exempt from the visitor request limit"}), altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-message-daily-limit", Aliases: []string{"visitor_message_daily_limit"}, EnvVars: []string{"NTFY_VISITOR_MESSAGE_DAILY_LIMIT"}, Value: server.DefaultVisitorMessageDailyLimit, Usage: "max messages per visitor per day, derived from request limit if unset"}), altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-email-limit-burst", Aliases: []string{"visitor_email_limit_burst"}, EnvVars: []string{"NTFY_VISITOR_EMAIL_LIMIT_BURST"}, Value: server.DefaultVisitorEmailLimitBurst, Usage: "initial limit of e-mails per visitor"}), - altsrc.NewDurationFlag(&cli.DurationFlag{Name: "visitor-email-limit-replenish", Aliases: []string{"visitor_email_limit_replenish"}, EnvVars: []string{"NTFY_VISITOR_EMAIL_LIMIT_REPLENISH"}, Value: server.DefaultVisitorEmailLimitReplenish, Usage: "interval at which burst limit is replenished (one per x)"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-email-limit-replenish", Aliases: []string{"visitor_email_limit_replenish"}, EnvVars: []string{"NTFY_VISITOR_EMAIL_LIMIT_REPLENISH"}, Value: util.FormatDuration(server.DefaultVisitorEmailLimitReplenish), Usage: "interval at which burst limit is replenished (one per x)"}), altsrc.NewBoolFlag(&cli.BoolFlag{Name: "visitor-subscriber-rate-limiting", Aliases: []string{"visitor_subscriber_rate_limiting"}, EnvVars: []string{"NTFY_VISITOR_SUBSCRIBER_RATE_LIMITING"}, Value: false, Usage: "enables subscriber-based rate limiting"}), altsrc.NewBoolFlag(&cli.BoolFlag{Name: "behind-proxy", Aliases: []string{"behind_proxy", "P"}, EnvVars: []string{"NTFY_BEHIND_PROXY"}, Value: false, Usage: "if set, use X-Forwarded-For header to determine visitor IP address (for rate limiting)"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "stripe-secret-key", Aliases: []string{"stripe_secret_key"}, EnvVars: []string{"NTFY_STRIPE_SECRET_KEY"}, Value: "", Usage: "key used for the Stripe API communication, this enables payments"}), @@ -99,7 +99,6 @@ var flagsServe = append( altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-file", Aliases: []string{"web_push_file"}, EnvVars: []string{"NTFY_WEB_PUSH_FILE"}, Usage: "file used to store web push subscriptions"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-email-address", Aliases: []string{"web_push_email_address"}, EnvVars: []string{"NTFY_WEB_PUSH_EMAIL_ADDRESS"}, Usage: "e-mail address of sender, required to use browser push services"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "web-push-startup-queries", Aliases: []string{"web_push_startup_queries"}, EnvVars: []string{"NTFY_WEB_PUSH_STARTUP_QUERIES"}, Usage: "queries run when the web push database is initialized"}), - altsrc.NewIntFlag(&cli.IntFlag{Name: "message-limit", Aliases: []string{"message_limit"}, EnvVars: []string{"NTFY_MESSAGE_LIMIT"}, Value: server.DefaultMessageLengthLimit, Usage: "size limit for the message in bytes"}), ) var cmdServe = &cli.Command{ @@ -141,19 +140,19 @@ func execServe(c *cli.Context) error { webPushEmailAddress := c.String("web-push-email-address") webPushStartupQueries := c.String("web-push-startup-queries") cacheFile := c.String("cache-file") - cacheDuration := c.Duration("cache-duration") + cacheDurationStr := c.String("cache-duration") cacheStartupQueries := c.String("cache-startup-queries") cacheBatchSize := c.Int("cache-batch-size") - cacheBatchTimeout := c.Duration("cache-batch-timeout") + cacheBatchTimeoutStr := c.String("cache-batch-timeout") authFile := c.String("auth-file") authStartupQueries := c.String("auth-startup-queries") authDefaultAccess := c.String("auth-default-access") attachmentCacheDir := c.String("attachment-cache-dir") attachmentTotalSizeLimitStr := c.String("attachment-total-size-limit") attachmentFileSizeLimitStr := c.String("attachment-file-size-limit") - attachmentExpiryDuration := c.Duration("attachment-expiry-duration") - keepaliveInterval := c.Duration("keepalive-interval") - managerInterval := c.Duration("manager-interval") + attachmentExpiryDurationStr := c.String("attachment-expiry-duration") + keepaliveIntervalStr := c.String("keepalive-interval") + managerIntervalStr := c.String("manager-interval") disallowedTopics := c.StringSlice("disallowed-topics") webRoot := c.String("web-root") enableSignup := c.Bool("enable-signup") @@ -172,17 +171,19 @@ func execServe(c *cli.Context) error { twilioAuthToken := c.String("twilio-auth-token") twilioPhoneNumber := c.String("twilio-phone-number") twilioVerifyService := c.String("twilio-verify-service") + messageSizeLimitStr := c.String("message-size-limit") + messageDelayLimitStr := c.String("message-delay-limit") totalTopicLimit := c.Int("global-topic-limit") visitorSubscriptionLimit := c.Int("visitor-subscription-limit") visitorSubscriberRateLimiting := c.Bool("visitor-subscriber-rate-limiting") visitorAttachmentTotalSizeLimitStr := c.String("visitor-attachment-total-size-limit") visitorAttachmentDailyBandwidthLimitStr := c.String("visitor-attachment-daily-bandwidth-limit") visitorRequestLimitBurst := c.Int("visitor-request-limit-burst") - visitorRequestLimitReplenish := c.Duration("visitor-request-limit-replenish") + visitorRequestLimitReplenishStr := c.String("visitor-request-limit-replenish") visitorRequestLimitExemptHosts := util.SplitNoEmpty(c.String("visitor-request-limit-exempt-hosts"), ",") visitorMessageDailyLimit := c.Int("visitor-message-daily-limit") visitorEmailLimitBurst := c.Int("visitor-email-limit-burst") - visitorEmailLimitReplenish := c.Duration("visitor-email-limit-replenish") + visitorEmailLimitReplenishStr := c.String("visitor-email-limit-replenish") behindProxy := c.Bool("behind-proxy") stripeSecretKey := c.String("stripe-secret-key") stripeWebhookKey := c.String("stripe-webhook-key") @@ -190,7 +191,64 @@ func execServe(c *cli.Context) error { metricsListenHTTP := c.String("metrics-listen-http") enableMetrics := c.Bool("enable-metrics") || metricsListenHTTP != "" profileListenHTTP := c.String("profile-listen-http") - messageLimit := c.Int("message-limit") + + // Convert durations + cacheDuration, err := util.ParseDuration(cacheDurationStr) + if err != nil { + return err + } + cacheBatchTimeout, err := util.ParseDuration(cacheBatchTimeoutStr) + if err != nil { + return err + } + attachmentExpiryDuration, err := util.ParseDuration(attachmentExpiryDurationStr) + if err != nil { + return err + } + keepaliveInterval, err := util.ParseDuration(keepaliveIntervalStr) + if err != nil { + return err + } + managerInterval, err := util.ParseDuration(managerIntervalStr) + if err != nil { + return err + } + messageDelayLimit, err := util.ParseDuration(messageDelayLimitStr) + if err != nil { + return err + } + visitorRequestLimitReplenish, err := util.ParseDuration(visitorRequestLimitReplenishStr) + if err != nil { + return err + } + visitorEmailLimitReplenish, err := util.ParseDuration(visitorEmailLimitReplenishStr) + if err != nil { + return err + } + + // Convert sizes to bytes + messageSizeLimit, err := parseSize(messageSizeLimitStr, server.DefaultMessageSizeLimit) + if err != nil { + return err + } + attachmentTotalSizeLimit, err := parseSize(attachmentTotalSizeLimitStr, server.DefaultAttachmentTotalSizeLimit) + if err != nil { + return err + } + attachmentFileSizeLimit, err := parseSize(attachmentFileSizeLimitStr, server.DefaultAttachmentFileSizeLimit) + if err != nil { + return err + } + visitorAttachmentTotalSizeLimit, err := parseSize(visitorAttachmentTotalSizeLimitStr, server.DefaultVisitorAttachmentTotalSizeLimit) + if err != nil { + return err + } + visitorAttachmentDailyBandwidthLimit, err := parseSize(visitorAttachmentDailyBandwidthLimitStr, server.DefaultVisitorAttachmentDailyBandwidthLimit) + if err != nil { + return err + } else if visitorAttachmentDailyBandwidthLimit > math.MaxInt { + return fmt.Errorf("config option visitor-attachment-daily-bandwidth-limit must be lower than %d", math.MaxInt) + } // Check values if firebaseKeyFile != "" && !util.FileExists(firebaseKeyFile) { @@ -235,6 +293,11 @@ func execServe(c *cli.Context) error { return errors.New("if stripe-secret-key is set, stripe-webhook-key and base-url must also be set") } else if twilioAccount != "" && (twilioAuthToken == "" || twilioPhoneNumber == "" || twilioVerifyService == "" || baseURL == "" || authFile == "") { return errors.New("if twilio-account is set, twilio-auth-token, twilio-phone-number, twilio-verify-service, base-url, and auth-file must also be set") + } else if messageSizeLimit > 4096 { + log.Warn("message-size-limit is >4K, this is not recommended and largely untested, and may lead to issues with some clients") + if messageSizeLimit > 5*1024*1024 { + return errors.New("message-size-limit cannot be higher than 5M") + } } // Backwards compatibility @@ -259,26 +322,6 @@ func execServe(c *cli.Context) error { listenHTTP = "" } - // Convert sizes to bytes - attachmentTotalSizeLimit, err := parseSize(attachmentTotalSizeLimitStr, server.DefaultAttachmentTotalSizeLimit) - if err != nil { - return err - } - attachmentFileSizeLimit, err := parseSize(attachmentFileSizeLimitStr, server.DefaultAttachmentFileSizeLimit) - if err != nil { - return err - } - visitorAttachmentTotalSizeLimit, err := parseSize(visitorAttachmentTotalSizeLimitStr, server.DefaultVisitorAttachmentTotalSizeLimit) - if err != nil { - return err - } - visitorAttachmentDailyBandwidthLimit, err := parseSize(visitorAttachmentDailyBandwidthLimitStr, server.DefaultVisitorAttachmentDailyBandwidthLimit) - if err != nil { - return err - } else if visitorAttachmentDailyBandwidthLimit > math.MaxInt { - return fmt.Errorf("config option visitor-attachment-daily-bandwidth-limit must be lower than %d", math.MaxInt) - } - // Resolve hosts visitorRequestLimitExemptIPs := make([]netip.Prefix, 0) for _, host := range visitorRequestLimitExemptHosts { @@ -339,6 +382,8 @@ func execServe(c *cli.Context) error { conf.TwilioAuthToken = twilioAuthToken conf.TwilioPhoneNumber = twilioPhoneNumber conf.TwilioVerifyService = twilioVerifyService + conf.MessageSizeLimit = int(messageSizeLimit) + conf.MessageDelayMax = messageDelayLimit conf.TotalTopicLimit = totalTopicLimit conf.VisitorSubscriptionLimit = visitorSubscriptionLimit conf.VisitorAttachmentTotalSizeLimit = visitorAttachmentTotalSizeLimit @@ -366,7 +411,6 @@ func execServe(c *cli.Context) error { conf.WebPushFile = webPushFile conf.WebPushEmailAddress = webPushEmailAddress conf.WebPushStartupQueries = webPushStartupQueries - conf.MessageLimit = messageLimit // Set up hot-reloading of config go sigHandlerConfigReload(config) diff --git a/cmd/tier.go b/cmd/tier.go index 63b023f9e..3b45eaa70 100644 --- a/cmd/tier.go +++ b/cmd/tier.go @@ -366,9 +366,9 @@ func printTier(c *cli.Context, tier *user.Tier) { fmt.Fprintf(c.App.ErrWriter, "- Email limit: %d\n", tier.EmailLimit) fmt.Fprintf(c.App.ErrWriter, "- Phone call limit: %d\n", tier.CallLimit) fmt.Fprintf(c.App.ErrWriter, "- Reservation limit: %d\n", tier.ReservationLimit) - fmt.Fprintf(c.App.ErrWriter, "- Attachment file size limit: %s\n", util.FormatSize(tier.AttachmentFileSizeLimit)) - fmt.Fprintf(c.App.ErrWriter, "- Attachment total size limit: %s\n", util.FormatSize(tier.AttachmentTotalSizeLimit)) + fmt.Fprintf(c.App.ErrWriter, "- Attachment file size limit: %s\n", util.FormatSizeHuman(tier.AttachmentFileSizeLimit)) + fmt.Fprintf(c.App.ErrWriter, "- Attachment total size limit: %s\n", util.FormatSizeHuman(tier.AttachmentTotalSizeLimit)) fmt.Fprintf(c.App.ErrWriter, "- Attachment expiry duration: %s (%d seconds)\n", tier.AttachmentExpiryDuration.String(), int64(tier.AttachmentExpiryDuration.Seconds())) - fmt.Fprintf(c.App.ErrWriter, "- Attachment daily bandwidth limit: %s\n", util.FormatSize(tier.AttachmentBandwidthLimit)) + fmt.Fprintf(c.App.ErrWriter, "- Attachment daily bandwidth limit: %s\n", util.FormatSizeHuman(tier.AttachmentBandwidthLimit)) fmt.Fprintf(c.App.ErrWriter, "- Stripe prices (monthly/yearly): %s\n", prices) } diff --git a/server/config.go b/server/config.go index a0cfdcd54..d2c3bf066 100644 --- a/server/config.go +++ b/server/config.go @@ -15,8 +15,8 @@ const ( DefaultKeepaliveInterval = 45 * time.Second // Not too frequently to save battery (Android read timeout used to be 77s!) DefaultManagerInterval = time.Minute DefaultDelayedSenderInterval = 10 * time.Second - DefaultMinDelay = 10 * time.Second - DefaultMaxDelay = 3 * 24 * time.Hour + DefaultMessageDelayMin = 10 * time.Second + DefaultMessageDelayMax = 3 * 24 * time.Hour DefaultFirebaseKeepaliveInterval = 3 * time.Hour // ~control topic (Android), not too frequently to save battery DefaultFirebasePollInterval = 20 * time.Minute // ~poll topic (iOS), max. 2-3 times per hour (see docs) DefaultFirebaseQuotaExceededPenaltyDuration = 10 * time.Minute // Time that over-users are locked out of Firebase if it returns "quota exceeded" @@ -34,7 +34,7 @@ const ( // - total topic limit: max number of topics overall // - various attachment limits const ( - DefaultMessageLengthLimit = 4096 // Bytes + DefaultMessageSizeLimit = 4096 // Bytes; note that FCM/APNS have a limit of ~4 KB for the entire message DefaultTotalTopicLimit = 15000 DefaultAttachmentTotalSizeLimit = int64(5 * 1024 * 1024 * 1024) // 5 GB DefaultAttachmentFileSizeLimit = int64(15 * 1024 * 1024) // 15 MB @@ -122,9 +122,9 @@ type Config struct { MetricsEnable bool MetricsListenHTTP string ProfileListenHTTP string - MessageLimit int - MinDelay time.Duration - MaxDelay time.Duration + MessageDelayMin time.Duration + MessageDelayMax time.Duration + MessageSizeLimit int TotalTopicLimit int TotalAttachmentSizeLimit int64 VisitorSubscriptionLimit int @@ -211,9 +211,9 @@ func NewConfig() *Config { TwilioPhoneNumber: "", TwilioVerifyBaseURL: "https://verify.twilio.com", // Override for tests TwilioVerifyService: "", - MessageLimit: DefaultMessageLengthLimit, - MinDelay: DefaultMinDelay, - MaxDelay: DefaultMaxDelay, + MessageSizeLimit: DefaultMessageSizeLimit, + MessageDelayMin: DefaultMessageDelayMin, + MessageDelayMax: DefaultMessageDelayMax, TotalTopicLimit: DefaultTotalTopicLimit, TotalAttachmentSizeLimit: 0, VisitorSubscriptionLimit: DefaultVisitorSubscriptionLimit, diff --git a/server/server.go b/server/server.go index aad452edc..f6e39be30 100644 --- a/server/server.go +++ b/server/server.go @@ -733,7 +733,7 @@ func (s *Server) handlePublishInternal(r *http.Request, v *visitor) (*message, e if err != nil { return nil, err } - body, err := util.Peek(r.Body, s.config.MessageLimit) + body, err := util.Peek(r.Body, s.config.MessageSizeLimit) if err != nil { return nil, err } @@ -996,9 +996,9 @@ func (s *Server) parsePublishParams(r *http.Request, m *message) (cache bool, fi delay, err := util.ParseFutureTime(delayStr, time.Now()) if err != nil { return false, false, "", "", false, errHTTPBadRequestDelayCannotParse - } else if delay.Unix() < time.Now().Add(s.config.MinDelay).Unix() { + } else if delay.Unix() < time.Now().Add(s.config.MessageDelayMin).Unix() { return false, false, "", "", false, errHTTPBadRequestDelayTooSmall - } else if delay.Unix() > time.Now().Add(s.config.MaxDelay).Unix() { + } else if delay.Unix() > time.Now().Add(s.config.MessageDelayMax).Unix() { return false, false, "", "", false, errHTTPBadRequestDelayTooLarge } m.Time = delay.Unix() @@ -1754,7 +1754,7 @@ func (s *Server) sendDelayedMessage(v *visitor, m *message) error { // before passing it on to the next handler. This is meant to be used in combination with handlePublish. func (s *Server) transformBodyJSON(next handleFunc) handleFunc { return func(w http.ResponseWriter, r *http.Request, v *visitor) error { - m, err := readJSONWithLimit[publishMessage](r.Body, s.config.MessageLimit*2, false) // 2x to account for JSON format overhead + m, err := readJSONWithLimit[publishMessage](r.Body, s.config.MessageSizeLimit*2, false) // 2x to account for JSON format overhead if err != nil { return err } @@ -1812,7 +1812,7 @@ func (s *Server) transformBodyJSON(next handleFunc) handleFunc { func (s *Server) transformMatrixJSON(next handleFunc) handleFunc { return func(w http.ResponseWriter, r *http.Request, v *visitor) error { - newRequest, err := newRequestFromMatrixJSON(r, s.config.BaseURL, s.config.MessageLimit) + newRequest, err := newRequestFromMatrixJSON(r, s.config.BaseURL, s.config.MessageSizeLimit) if err != nil { logvr(v, r).Tag(tagMatrix).Err(err).Debug("Invalid Matrix request") if e, ok := err.(*errMatrixPushkeyRejected); ok { diff --git a/server/server.yml b/server/server.yml index b55b68442..7329d37e0 100644 --- a/server/server.yml +++ b/server/server.yml @@ -236,6 +236,16 @@ # upstream-base-url: # upstream-access-token: +# Configures message-specific limits +# +# - message-size-limit defines the max size of a message body. Please note message sizes >4K are NOT RECOMMENDED, +# and largely untested. If FCM and/or APNS is used, the limit should stay 4K, because their limits are around that size. +# If you increase this size limit regardless, FCM and APNS will NOT work for large messages. +# - message-delay-limit defines the max delay of a message when using the "Delay" header. +# +# message-size-limit: "4k" +# message-delay-limit: "3d" + # Rate limiting: Total number of topics before the server rejects new topics. # # global-topic-limit: 15000 @@ -360,9 +370,3 @@ # log-level-overrides: # log-format: text # log-file: - -# Defines the size limit (in bytes) for a ntfy message. -# NOTE: FCM has size limit at 4000 bytes. APNS has size limit at 4KB. If you increase this size limit, FCM and APNS will NOT work for large messages. -# The default value is 4096 bytes. -# -# message-limit: diff --git a/server/server_account_test.go b/server/server_account_test.go index 4c269c2f7..72ba55c94 100644 --- a/server/server_account_test.go +++ b/server/server_account_test.go @@ -718,11 +718,11 @@ func TestAccount_Reservation_Delete_Messages_And_Attachments(t *testing.T) { require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser)) require.Nil(t, s.userManager.AddTier(&user.Tier{ Code: "starter", - MessageLimit: 10, + MessageSizeLimit: 10, })) require.Nil(t, s.userManager.AddTier(&user.Tier{ Code: "pro", - MessageLimit: 20, + MessageSizeLimit: 20, })) require.Nil(t, s.userManager.ChangeTier("phil", "starter")) diff --git a/server/smtp_server.go b/server/smtp_server.go index 467b8ca46..a687f1da2 100644 --- a/server/smtp_server.go +++ b/server/smtp_server.go @@ -150,8 +150,8 @@ func (s *smtpSession) Data(r io.Reader) error { return err } body = strings.TrimSpace(body) - if len(body) > conf.MessageLimit { - body = body[:conf.MessageLimit] + if len(body) > conf.MessageSizeLimit { + body = body[:conf.MessageSizeLimit] } m := newDefaultMessage(s.topic, body) subject := strings.TrimSpace(msg.Header.Get("Subject")) diff --git a/server/visitor.go b/server/visitor.go index f8dc416a7..d542e7736 100644 --- a/server/visitor.go +++ b/server/visitor.go @@ -30,10 +30,10 @@ const ( visitorDefaultCallsLimit = int64(0) ) -// Constants used to convert a tier-user's MessageLimit (see user.Tier) into adequate request limiter +// Constants used to convert a tier-user's MessageSizeLimit (see user.Tier) into adequate request limiter // values (token bucket). This is only used to increase the values in server.yml, never decrease them. // -// Example: Assuming a user.Tier's MessageLimit is 10,000: +// Example: Assuming a user.Tier's MessageSizeLimit is 10,000: // - the allowed burst is 500 (= 10,000 * 5%), which is < 1000 (the max) // - the replenish rate is 2 * 10,000 / 24 hours const ( diff --git a/util/time.go b/util/time.go index 14aa3936f..0d4ed378e 100644 --- a/util/time.go +++ b/util/time.go @@ -83,6 +83,22 @@ func ParseDuration(s string) (time.Duration, error) { return 0, errUnparsableTime } +func FormatDuration(d time.Duration) string { + if d >= 24*time.Hour { + return strconv.Itoa(int(d/(24*time.Hour))) + "d" + } + if d >= time.Hour { + return strconv.Itoa(int(d/time.Hour)) + "h" + } + if d >= time.Minute { + return strconv.Itoa(int(d/time.Minute)) + "m" + } + if d >= time.Second { + return strconv.Itoa(int(d/time.Second)) + "s" + } + return "0s" +} + func parseFromDuration(s string, now time.Time) (time.Time, error) { d, err := ParseDuration(s) if err == nil { diff --git a/util/time_test.go b/util/time_test.go index 9cc343fd2..e29e5a3b1 100644 --- a/util/time_test.go +++ b/util/time_test.go @@ -92,3 +92,27 @@ func TestParseDuration(t *testing.T) { require.Nil(t, err) require.Equal(t, time.Duration(0), d) } + +func TestFormatDuration(t *testing.T) { + values := []struct { + duration time.Duration + expected string + }{ + {24 * time.Second, "24s"}, + {56 * time.Minute, "56m"}, + {time.Hour, "1h"}, + {2 * time.Hour, "2h"}, + {24 * time.Hour, "1d"}, + {3 * 24 * time.Hour, "3d"}, + } + for _, value := range values { + require.Equal(t, value.expected, FormatDuration(value.duration)) + d, err := ParseDuration(FormatDuration(value.duration)) + require.Nil(t, err) + require.Equalf(t, value.duration, d, "duration does not match: %v != %v", value.duration, d) + } +} + +func TestFormatDuration_Rounded(t *testing.T) { + require.Equal(t, "1d", FormatDuration(47*time.Hour)) +} diff --git a/util/util.go b/util/util.go index df0c011c7..39bf87985 100644 --- a/util/util.go +++ b/util/util.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "io" + "math" "math/rand" "net/netip" "os" @@ -215,6 +216,8 @@ func ParseSize(s string) (int64, error) { return -1, fmt.Errorf("cannot convert number %s", matches[1]) } switch strings.ToUpper(matches[2]) { + case "T": + return int64(value) * 1024 * 1024 * 1024 * 1024, nil case "G": return int64(value) * 1024 * 1024 * 1024, nil case "M": @@ -226,8 +229,23 @@ func ParseSize(s string) (int64, error) { } } -// FormatSize formats bytes into a human-readable notation, e.g. 2.1 MB +// FormatSize formats the size in a way that it can be parsed by ParseSize. +// It does not include decimal places. Uneven sizes are rounded down. func FormatSize(b int64) string { + const unit = 1024 + if b < unit { + return fmt.Sprintf("%d", b) + } + div, exp := int64(unit), 0 + for n := b / unit; n >= unit; n /= unit { + div *= unit + exp++ + } + return fmt.Sprintf("%d%c", int(math.Floor(float64(b)/float64(div))), "KMGT"[exp]) +} + +// FormatSizeHuman formats bytes into a human-readable notation, e.g. 2.1 MB +func FormatSizeHuman(b int64) string { const unit = 1024 if b < unit { return fmt.Sprintf("%d bytes", b) @@ -237,7 +255,7 @@ func FormatSize(b int64) string { div *= unit exp++ } - return fmt.Sprintf("%.1f %cB", float64(b)/float64(div), "KMGTPE"[exp]) + return fmt.Sprintf("%.1f %cB", float64(b)/float64(div), "KMGT"[exp]) } // ReadPassword will read a password from STDIN. If the terminal supports it, it will not print the diff --git a/util/util_test.go b/util/util_test.go index f0f45c287..d539d6752 100644 --- a/util/util_test.go +++ b/util/util_test.go @@ -110,35 +110,49 @@ func TestShortTopicURL(t *testing.T) { func TestParseSize_10GSuccess(t *testing.T) { s, err := ParseSize("10G") - if err != nil { - t.Fatal(err) - } + require.Nil(t, err) require.Equal(t, int64(10*1024*1024*1024), s) } func TestParseSize_10MUpperCaseSuccess(t *testing.T) { s, err := ParseSize("10M") - if err != nil { - t.Fatal(err) - } + require.Nil(t, err) require.Equal(t, int64(10*1024*1024), s) } func TestParseSize_10kLowerCaseSuccess(t *testing.T) { s, err := ParseSize("10k") - if err != nil { - t.Fatal(err) - } + require.Nil(t, err) require.Equal(t, int64(10*1024), s) } func TestParseSize_FailureInvalid(t *testing.T) { _, err := ParseSize("not a size") - if err == nil { - t.Fatalf("expected error, but got none") + require.Nil(t, err) +} + +func TestFormatSize(t *testing.T) { + values := []struct { + size int64 + expected string + }{ + {10, "10"}, + {10 * 1024, "10K"}, + {10 * 1024 * 1024, "10M"}, + {10 * 1024 * 1024 * 1024, "10G"}, + } + for _, value := range values { + require.Equal(t, value.expected, FormatSize(value.size)) + s, err := ParseSize(FormatSize(value.size)) + require.Nil(t, err) + require.Equalf(t, value.size, s, "size does not match: %d != %d", value.size, s) } } +func TestFormatSize_Rounded(t *testing.T) { + require.Equal(t, "10K", FormatSize(10*1024+999)) +} + func TestSplitKV(t *testing.T) { key, value := SplitKV(" key = value ", "=") require.Equal(t, "key", key) From 243123fd7ec8efc300b11fea4340eb4652a8e43c Mon Sep 17 00:00:00 2001 From: binwiederhier Date: Thu, 7 Mar 2024 12:22:35 -0500 Subject: [PATCH 07/11] Convert duration flags, add docs --- cmd/serve.go | 42 +++++++++++++++++++++--------------------- docs/config.md | 42 +++++++++++++++++++++++++++--------------- docs/publish.md | 5 ++--- server/config.go | 1 + util/time.go | 22 +++++++++++----------- 5 files changed, 62 insertions(+), 50 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index 4b5ee7451..90f21a0e9 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -45,7 +45,7 @@ var flagsServe = append( altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-file", Aliases: []string{"cache_file", "C"}, EnvVars: []string{"NTFY_CACHE_FILE"}, Usage: "cache file used for message caching"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-duration", Aliases: []string{"cache_duration", "b"}, EnvVars: []string{"NTFY_CACHE_DURATION"}, Value: util.FormatDuration(server.DefaultCacheDuration), Usage: "buffer messages for this time to allow `since` requests"}), altsrc.NewIntFlag(&cli.IntFlag{Name: "cache-batch-size", Aliases: []string{"cache_batch_size"}, EnvVars: []string{"NTFY_BATCH_SIZE"}, Usage: "max size of messages to batch together when writing to message cache (if zero, writes are synchronous)"}), - altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-batch-timeout", Aliases: []string{"cache_batch_timeout"}, EnvVars: []string{"NTFY_CACHE_BATCH_TIMEOUT"}, Usage: "timeout for batched async writes to the message cache (if zero, writes are synchronous)"}), + altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-batch-timeout", Aliases: []string{"cache_batch_timeout"}, EnvVars: []string{"NTFY_CACHE_BATCH_TIMEOUT"}, Value: util.FormatDuration(server.DefaultCacheBatchTimeout), Usage: "timeout for batched async writes to the message cache (if zero, writes are synchronous)"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-startup-queries", Aliases: []string{"cache_startup_queries"}, EnvVars: []string{"NTFY_CACHE_STARTUP_QUERIES"}, Usage: "queries run when the cache database is initialized"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-file", Aliases: []string{"auth_file", "H"}, EnvVars: []string{"NTFY_AUTH_FILE"}, Usage: "auth database file used for access control"}), altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-startup-queries", Aliases: []string{"auth_startup_queries"}, EnvVars: []string{"NTFY_AUTH_STARTUP_QUERIES"}, Usage: "queries run when the auth database is initialized"}), @@ -195,57 +195,57 @@ func execServe(c *cli.Context) error { // Convert durations cacheDuration, err := util.ParseDuration(cacheDurationStr) if err != nil { - return err + return fmt.Errorf("invalid cache duration: %s", cacheDurationStr) } cacheBatchTimeout, err := util.ParseDuration(cacheBatchTimeoutStr) if err != nil { - return err + return fmt.Errorf("invalid cache batch timeout: %s", cacheBatchTimeoutStr) } attachmentExpiryDuration, err := util.ParseDuration(attachmentExpiryDurationStr) if err != nil { - return err + return fmt.Errorf("invalid attachment expiry duration: %s", attachmentExpiryDurationStr) } keepaliveInterval, err := util.ParseDuration(keepaliveIntervalStr) if err != nil { - return err + return fmt.Errorf("invalid keepalive interval: %s", keepaliveIntervalStr) } managerInterval, err := util.ParseDuration(managerIntervalStr) if err != nil { - return err + return fmt.Errorf("invalid manager interval: %s", managerIntervalStr) } messageDelayLimit, err := util.ParseDuration(messageDelayLimitStr) if err != nil { - return err + return fmt.Errorf("invalid message delay limit: %s", messageDelayLimitStr) } visitorRequestLimitReplenish, err := util.ParseDuration(visitorRequestLimitReplenishStr) if err != nil { - return err + return fmt.Errorf("invalid visitor request limit replenish: %s", visitorRequestLimitReplenishStr) } visitorEmailLimitReplenish, err := util.ParseDuration(visitorEmailLimitReplenishStr) if err != nil { - return err + return fmt.Errorf("invalid visitor email limit replenish: %s", visitorEmailLimitReplenishStr) } // Convert sizes to bytes - messageSizeLimit, err := parseSize(messageSizeLimitStr, server.DefaultMessageSizeLimit) + messageSizeLimit, err := util.ParseSize(messageSizeLimitStr) if err != nil { - return err + return fmt.Errorf("invalid message size limit: %s", messageSizeLimitStr) } - attachmentTotalSizeLimit, err := parseSize(attachmentTotalSizeLimitStr, server.DefaultAttachmentTotalSizeLimit) + attachmentTotalSizeLimit, err := util.ParseSize(attachmentTotalSizeLimitStr) if err != nil { - return err + return fmt.Errorf("invalid attachment total size limit: %s", attachmentTotalSizeLimitStr) } - attachmentFileSizeLimit, err := parseSize(attachmentFileSizeLimitStr, server.DefaultAttachmentFileSizeLimit) + attachmentFileSizeLimit, err := util.ParseSize(attachmentFileSizeLimitStr) if err != nil { - return err + return fmt.Errorf("invalid attachment file size limit: %s", attachmentFileSizeLimitStr) } - visitorAttachmentTotalSizeLimit, err := parseSize(visitorAttachmentTotalSizeLimitStr, server.DefaultVisitorAttachmentTotalSizeLimit) + visitorAttachmentTotalSizeLimit, err := util.ParseSize(visitorAttachmentTotalSizeLimitStr) if err != nil { - return err + return fmt.Errorf("invalid visitor attachment total size limit: %s", visitorAttachmentTotalSizeLimitStr) } - visitorAttachmentDailyBandwidthLimit, err := parseSize(visitorAttachmentDailyBandwidthLimitStr, server.DefaultVisitorAttachmentDailyBandwidthLimit) + visitorAttachmentDailyBandwidthLimit, err := util.ParseSize(visitorAttachmentDailyBandwidthLimitStr) if err != nil { - return err + return fmt.Errorf("invalid visitor attachment daily bandwidth limit: %s", visitorAttachmentDailyBandwidthLimitStr) } else if visitorAttachmentDailyBandwidthLimit > math.MaxInt { return fmt.Errorf("config option visitor-attachment-daily-bandwidth-limit must be lower than %d", math.MaxInt) } @@ -293,8 +293,8 @@ func execServe(c *cli.Context) error { return errors.New("if stripe-secret-key is set, stripe-webhook-key and base-url must also be set") } else if twilioAccount != "" && (twilioAuthToken == "" || twilioPhoneNumber == "" || twilioVerifyService == "" || baseURL == "" || authFile == "") { return errors.New("if twilio-account is set, twilio-auth-token, twilio-phone-number, twilio-verify-service, base-url, and auth-file must also be set") - } else if messageSizeLimit > 4096 { - log.Warn("message-size-limit is >4K, this is not recommended and largely untested, and may lead to issues with some clients") + } else if messageSizeLimit > server.DefaultMessageSizeLimit { + log.Warn("message-size-limit is greater than 4K, this is not recommended and largely untested, and may lead to issues with some clients") if messageSizeLimit > 5*1024*1024 { return errors.New("message-size-limit cannot be higher than 5M") } diff --git a/docs/config.md b/docs/config.md index 61d5f3a7c..5fc1b6e54 100644 --- a/docs/config.md +++ b/docs/config.md @@ -995,6 +995,15 @@ are the easiest), and then configure the following options: After you have configured phone calls, create a [tier](#tiers) with a call limit (e.g. `ntfy tier create --call-limit=10 ...`), and then assign it to a user. Users may then use the `X-Call` header to receive a phone call when publishing a message. +## Message limits +There are a few message limits that you can configure: + +* `message-size-limit` defines the max size of a message body. Please note message sizes >4K are **not recommended, + and largely untested**. The Android/iOS and other clients may not work, or work properly. If FCM and/or APNS is used, + the limit should stay 4K, because their limits are around that size. If you increase this size limit regardless, + FCM and APNS will NOT work for large messages. +* `message-delay-limit` defines the max delay of a message when using the "Delay" header and [scheduled delivery](publish.md#scheduled-delivery). + ## Rate limiting !!! info Be aware that if you are running ntfy behind a proxy, you must set the `behind-proxy` flag. @@ -1092,8 +1101,8 @@ response if no "rate visitor" has been previously registered. This is to avoid b To enable subscriber-based rate limiting, set `visitor-subscriber-rate-limiting: true`. !!! info - Due to a denial-of-service issue, support for the `Rate-Topics` header was removed entirely. This is unfortunate, - but subscriber-based rate limiting will still work for `up*` topics. + Due to a [denial-of-service issue](https://github.com/binwiederhier/ntfy/issues/1048), support for the `Rate-Topics` + header was removed entirely. This is unfortunate, but subscriber-based rate limiting will still work for `up*` topics. ## Tuning for scale If you're running ntfy for your home server, you probably don't need to worry about scale at all. In its default config, @@ -1391,6 +1400,8 @@ variable before running the `ntfy` command (e.g. `export NTFY_LISTEN_HTTP=:80`). | `twilio-verify-service` | `NTFY_TWILIO_VERIFY_SERVICE` | *string* | - | Twilio Verify service SID, e.g. VA12345beefbeef67890beefbeef122586 | | `keepalive-interval` | `NTFY_KEEPALIVE_INTERVAL` | *duration* | 45s | Interval in which keepalive messages are sent to the client. This is to prevent intermediaries closing the connection for inactivity. Note that the Android app has a hardcoded timeout at 77s, so it should be less than that. | | `manager-interval` | `NTFY_MANAGER_INTERVAL` | *duration* | 1m | Interval in which the manager prunes old messages, deletes topics and prints the stats. | +| `message-size-limit` | `NTFY_MESSAGE_SIZE_LIMIT` | *size* | 4K | The size limit for the message body. Please note that this is largely untested, and that FCM/APNS have limits around 4KB. If you increase this size limit, FCM and APNS will NOT work for large messages. | +| `message-delay-limit` | `NTFY_MESSAGE_DELAY_LIMIT` | *duration* | 3d | Amount of time a message can be [scheduled](publish.md#scheduled-delivery) into the future when using the `Delay` header | | `global-topic-limit` | `NTFY_GLOBAL_TOPIC_LIMIT` | *number* | 15,000 | Rate limiting: Total number of topics before the server rejects new topics. | | `upstream-base-url` | `NTFY_UPSTREAM_BASE_URL` | *URL* | `https://ntfy.sh` | Forward poll request to an upstream server, this is needed for iOS push notifications for self-hosted servers | | `upstream-access-token` | `NTFY_UPSTREAM_ACCESS_TOKEN` | *string* | `tk_zyYLYj...` | Access token to use for the upstream server; needed only if upstream rate limits are exceeded or upstream server requires auth | @@ -1416,9 +1427,8 @@ variable before running the `ntfy` command (e.g. `export NTFY_LISTEN_HTTP=:80`). | `web-push-file` | `NTFY_WEB_PUSH_FILE` | *string* | - | Web Push: Database file that stores subscriptions | | `web-push-email-address` | `NTFY_WEB_PUSH_EMAIL_ADDRESS` | *string* | - | Web Push: Sender email address | | `web-push-startup-queries` | `NTFY_WEB_PUSH_STARTUP_QUERIES` | *string* | - | Web Push: SQL queries to run against subscription database at startup | -| `message-limit` | `NTFY_MESSAGE_LIMIT` | *number* | - | The size limit (in bytes) for a ntfy message. NOTE: FCM has size limit at 4000 bytes. APNS has size limit at 4KB. If you increase this size limit, FCM and APNS will NOT work for large messages. | -The format for a *duration* is: `(smh)`, e.g. 30s, 20m or 1h. +The format for a *duration* is: `(smhd)`, e.g. 30s, 20m, 1h or 3d. The format for a *size* is: `(GMK)`, e.g. 1G, 200M or 4000k. ## Command line options @@ -1450,7 +1460,7 @@ OPTIONS: --log-level-overrides value, --log_level_overrides value [ --log-level-overrides value, --log_level_overrides value ] set log level overrides [$NTFY_LOG_LEVEL_OVERRIDES] --log-format value, --log_format value set log format (default: "text") [$NTFY_LOG_FORMAT] --log-file value, --log_file value set log file, default is STDOUT [$NTFY_LOG_FILE] - --config value, -c value config file (default: /etc/ntfy/server.yml) [$NTFY_CONFIG_FILE] + --config value, -c value config file (default: "/etc/ntfy/server.yml") [$NTFY_CONFIG_FILE] --base-url value, --base_url value, -B value externally visible base URL for this host (e.g. https://ntfy.sh) [$NTFY_BASE_URL] --listen-http value, --listen_http value, -l value ip:port used as HTTP listen address (default: ":80") [$NTFY_LISTEN_HTTP] --listen-https value, --listen_https value, -L value ip:port used as HTTPS listen address [$NTFY_LISTEN_HTTPS] @@ -1460,19 +1470,19 @@ OPTIONS: --cert-file value, --cert_file value, -E value certificate file, if listen-https is set [$NTFY_CERT_FILE] --firebase-key-file value, --firebase_key_file value, -F value Firebase credentials file; if set additionally publish to FCM topic [$NTFY_FIREBASE_KEY_FILE] --cache-file value, --cache_file value, -C value cache file used for message caching [$NTFY_CACHE_FILE] - --cache-duration since, --cache_duration since, -b since buffer messages for this time to allow since requests (default: 12h0m0s) [$NTFY_CACHE_DURATION] + --cache-duration since, --cache_duration since, -b since buffer messages for this time to allow since requests (default: "12h") [$NTFY_CACHE_DURATION] --cache-batch-size value, --cache_batch_size value max size of messages to batch together when writing to message cache (if zero, writes are synchronous) (default: 0) [$NTFY_BATCH_SIZE] - --cache-batch-timeout value, --cache_batch_timeout value timeout for batched async writes to the message cache (if zero, writes are synchronous) (default: 0s) [$NTFY_CACHE_BATCH_TIMEOUT] + --cache-batch-timeout value, --cache_batch_timeout value timeout for batched async writes to the message cache (if zero, writes are synchronous) (default: "0s") [$NTFY_CACHE_BATCH_TIMEOUT] --cache-startup-queries value, --cache_startup_queries value queries run when the cache database is initialized [$NTFY_CACHE_STARTUP_QUERIES] --auth-file value, --auth_file value, -H value auth database file used for access control [$NTFY_AUTH_FILE] --auth-startup-queries value, --auth_startup_queries value queries run when the auth database is initialized [$NTFY_AUTH_STARTUP_QUERIES] --auth-default-access value, --auth_default_access value, -p value default permissions if no matching entries in the auth database are found (default: "read-write") [$NTFY_AUTH_DEFAULT_ACCESS] --attachment-cache-dir value, --attachment_cache_dir value cache directory for attached files [$NTFY_ATTACHMENT_CACHE_DIR] - --attachment-total-size-limit value, --attachment_total_size_limit value, -A value limit of the on-disk attachment cache (default: 5G) [$NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT] - --attachment-file-size-limit value, --attachment_file_size_limit value, -Y value per-file attachment size limit (e.g. 300k, 2M, 100M) (default: 15M) [$NTFY_ATTACHMENT_FILE_SIZE_LIMIT] - --attachment-expiry-duration value, --attachment_expiry_duration value, -X value duration after which uploaded attachments will be deleted (e.g. 3h, 20h) (default: 3h) [$NTFY_ATTACHMENT_EXPIRY_DURATION] - --keepalive-interval value, --keepalive_interval value, -k value interval of keepalive messages (default: 45s) [$NTFY_KEEPALIVE_INTERVAL] - --manager-interval value, --manager_interval value, -m value interval of for message pruning and stats printing (default: 1m0s) [$NTFY_MANAGER_INTERVAL] + --attachment-total-size-limit value, --attachment_total_size_limit value, -A value limit of the on-disk attachment cache (default: "5G") [$NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT] + --attachment-file-size-limit value, --attachment_file_size_limit value, -Y value per-file attachment size limit (e.g. 300k, 2M, 100M) (default: "15M") [$NTFY_ATTACHMENT_FILE_SIZE_LIMIT] + --attachment-expiry-duration value, --attachment_expiry_duration value, -X value duration after which uploaded attachments will be deleted (e.g. 3h, 20h) (default: "3h") [$NTFY_ATTACHMENT_EXPIRY_DURATION] + --keepalive-interval value, --keepalive_interval value, -k value interval of keepalive messages (default: "45s") [$NTFY_KEEPALIVE_INTERVAL] + --manager-interval value, --manager_interval value, -m value interval of for message pruning and stats printing (default: "1m") [$NTFY_MANAGER_INTERVAL] --disallowed-topics value, --disallowed_topics value [ --disallowed-topics value, --disallowed_topics value ] topics that are not allowed to be used [$NTFY_DISALLOWED_TOPICS] --web-root value, --web_root value sets root of the web app (e.g. /, or /app), or disables it (disable) (default: "/") [$NTFY_WEB_ROOT] --enable-signup, --enable_signup allows users to sign up via the web app, or API (default: false) [$NTFY_ENABLE_SIGNUP] @@ -1491,16 +1501,18 @@ OPTIONS: --twilio-auth-token value, --twilio_auth_token value Twilio auth token [$NTFY_TWILIO_AUTH_TOKEN] --twilio-phone-number value, --twilio_phone_number value Twilio number to use for outgoing calls [$NTFY_TWILIO_PHONE_NUMBER] --twilio-verify-service value, --twilio_verify_service value Twilio Verify service ID, used for phone number verification [$NTFY_TWILIO_VERIFY_SERVICE] + --message-size-limit value, --message_size_limit value size limit for the message (see docs for limitations) (default: "4K") [$NTFY_MESSAGE_SIZE_LIMIT] + --message-delay-limit value, --message_delay_limit value max duration a message can be scheduled into the future (default: "3d") [$NTFY_MESSAGE_DELAY_LIMIT] --global-topic-limit value, --global_topic_limit value, -T value total number of topics allowed (default: 15000) [$NTFY_GLOBAL_TOPIC_LIMIT] --visitor-subscription-limit value, --visitor_subscription_limit value number of subscriptions per visitor (default: 30) [$NTFY_VISITOR_SUBSCRIPTION_LIMIT] --visitor-attachment-total-size-limit value, --visitor_attachment_total_size_limit value total storage limit used for attachments per visitor (default: "100M") [$NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT] --visitor-attachment-daily-bandwidth-limit value, --visitor_attachment_daily_bandwidth_limit value total daily attachment download/upload bandwidth limit per visitor (default: "500M") [$NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT] --visitor-request-limit-burst value, --visitor_request_limit_burst value initial limit of requests per visitor (default: 60) [$NTFY_VISITOR_REQUEST_LIMIT_BURST] - --visitor-request-limit-replenish value, --visitor_request_limit_replenish value interval at which burst limit is replenished (one per x) (default: 5s) [$NTFY_VISITOR_REQUEST_LIMIT_REPLENISH] + --visitor-request-limit-replenish value, --visitor_request_limit_replenish value interval at which burst limit is replenished (one per x) (default: "5s") [$NTFY_VISITOR_REQUEST_LIMIT_REPLENISH] --visitor-request-limit-exempt-hosts value, --visitor_request_limit_exempt_hosts value hostnames and/or IP addresses of hosts that will be exempt from the visitor request limit [$NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS] --visitor-message-daily-limit value, --visitor_message_daily_limit value max messages per visitor per day, derived from request limit if unset (default: 0) [$NTFY_VISITOR_MESSAGE_DAILY_LIMIT] --visitor-email-limit-burst value, --visitor_email_limit_burst value initial limit of e-mails per visitor (default: 16) [$NTFY_VISITOR_EMAIL_LIMIT_BURST] - --visitor-email-limit-replenish value, --visitor_email_limit_replenish value interval at which burst limit is replenished (one per x) (default: 1h0m0s) [$NTFY_VISITOR_EMAIL_LIMIT_REPLENISH] + --visitor-email-limit-replenish value, --visitor_email_limit_replenish value interval at which burst limit is replenished (one per x) (default: "1h") [$NTFY_VISITOR_EMAIL_LIMIT_REPLENISH] --visitor-subscriber-rate-limiting, --visitor_subscriber_rate_limiting enables subscriber-based rate limiting (default: false) [$NTFY_VISITOR_SUBSCRIBER_RATE_LIMITING] --behind-proxy, --behind_proxy, -P if set, use X-Forwarded-For header to determine visitor IP address (for rate limiting) (default: false) [$NTFY_BEHIND_PROXY] --stripe-secret-key value, --stripe_secret_key value key used for the Stripe API communication, this enables payments [$NTFY_STRIPE_SECRET_KEY] @@ -1513,6 +1525,6 @@ OPTIONS: --web-push-private-key value, --web_push_private_key value private key used for web push notifications [$NTFY_WEB_PUSH_PRIVATE_KEY] --web-push-file value, --web_push_file value file used to store web push subscriptions [$NTFY_WEB_PUSH_FILE] --web-push-email-address value, --web_push_email_address value e-mail address of sender, required to use browser push services [$NTFY_WEB_PUSH_EMAIL_ADDRESS] - --web-push-startup-queries value, --web_push_startup-queries value queries run when the web push database is initialized [$NTFY_WEB_PUSH_STARTUP_QUERIES] + --web-push-startup-queries value, --web_push_startup_queries value queries run when the web push database is initialized [$NTFY_WEB_PUSH_STARTUP_QUERIES] --help, -h show help ``` diff --git a/docs/publish.md b/docs/publish.md index 413707786..411092905 100644 --- a/docs/publish.md +++ b/docs/publish.md @@ -738,9 +738,8 @@ Usage is pretty straight forward. You can set the delivery time using the `X-Del `3h`, `2 days`), or a natural language time string (e.g. `10am`, `8:30pm`, `tomorrow, 3pm`, `Tuesday, 7am`, [and more](https://github.com/olebedev/when)). -As of today, the minimum delay you can set is **10 seconds** and the maximum delay is **3 days**. This can currently -not be configured otherwise ([let me know](https://github.com/binwiederhier/ntfy/issues) if you'd like to change -these limits). +As of today, the minimum delay you can set is **10 seconds** and the maximum delay is **3 days**. This can be configured +with the `message-delay-limit` option). For the purposes of [message caching](config.md#message-cache), scheduled messages are kept in the cache until 12 hours after they were delivered (or whatever the server-side cache duration is set to). For instance, if a message is scheduled diff --git a/server/config.go b/server/config.go index d2c3bf066..7267ce9dc 100644 --- a/server/config.go +++ b/server/config.go @@ -12,6 +12,7 @@ import ( const ( DefaultListenHTTP = ":80" DefaultCacheDuration = 12 * time.Hour + DefaultCacheBatchTimeout = time.Duration(0) DefaultKeepaliveInterval = 45 * time.Second // Not too frequently to save battery (Android read timeout used to be 77s!) DefaultManagerInterval = time.Minute DefaultDelayedSenderInterval = 10 * time.Second diff --git a/util/time.go b/util/time.go index 0d4ed378e..d44052366 100644 --- a/util/time.go +++ b/util/time.go @@ -10,8 +10,8 @@ import ( ) var ( - errUnparsableTime = errors.New("unable to parse time") - durationStrRegex = regexp.MustCompile(`(?i)^(\d+)\s*(d|days?|h|hours?|m|mins?|minutes?|s|secs?|seconds?)$`) + errInvalidDuration = errors.New("unable to parse duration") + durationStrRegex = regexp.MustCompile(`(?i)^(\d+)\s*(d|days?|h|hours?|m|mins?|minutes?|s|secs?|seconds?)$`) ) const ( @@ -51,7 +51,7 @@ func ParseFutureTime(s string, now time.Time) (time.Time, error) { if err == nil { return t, nil } - return time.Time{}, errUnparsableTime + return time.Time{}, errInvalidDuration } // ParseDuration is like time.ParseDuration, except that it also understands days (d), which @@ -65,7 +65,7 @@ func ParseDuration(s string) (time.Duration, error) { if matches != nil { number, err := strconv.Atoi(matches[1]) if err != nil { - return 0, errUnparsableTime + return 0, errInvalidDuration } switch unit := matches[2][0:1]; unit { case "d": @@ -77,10 +77,10 @@ func ParseDuration(s string) (time.Duration, error) { case "s": return time.Duration(number) * time.Second, nil default: - return 0, errUnparsableTime + return 0, errInvalidDuration } } - return 0, errUnparsableTime + return 0, errInvalidDuration } func FormatDuration(d time.Duration) string { @@ -104,7 +104,7 @@ func parseFromDuration(s string, now time.Time) (time.Time, error) { if err == nil { return now.Add(d), nil } - return time.Time{}, errUnparsableTime + return time.Time{}, errInvalidDuration } func parseUnixTime(s string, now time.Time) (time.Time, error) { @@ -112,7 +112,7 @@ func parseUnixTime(s string, now time.Time) (time.Time, error) { if err != nil { return time.Time{}, err } else if int64(t) < now.Unix() { - return time.Time{}, errUnparsableTime + return time.Time{}, errInvalidDuration } return time.Unix(int64(t), 0).UTC(), nil } @@ -120,7 +120,7 @@ func parseUnixTime(s string, now time.Time) (time.Time, error) { func parseNaturalTime(s string, now time.Time) (time.Time, error) { r, err := when.EN.Parse(s, now) // returns "nil, nil" if no matches! if err != nil || r == nil { - return time.Time{}, errUnparsableTime + return time.Time{}, errInvalidDuration } else if r.Time.After(now) { return r.Time, nil } @@ -128,9 +128,9 @@ func parseNaturalTime(s string, now time.Time) (time.Time, error) { // simply append "tomorrow, " to it. r, err = when.EN.Parse("tomorrow, "+s, now) // returns "nil, nil" if no matches! if err != nil || r == nil { - return time.Time{}, errUnparsableTime + return time.Time{}, errInvalidDuration } else if r.Time.After(now) { return r.Time, nil } - return time.Time{}, errUnparsableTime + return time.Time{}, errInvalidDuration } From f2cd1edc57f6a8ab20da4bb5a9b89516cc336185 Mon Sep 17 00:00:00 2001 From: binwiederhier Date: Thu, 7 Mar 2024 12:44:31 -0500 Subject: [PATCH 08/11] Add some helper for base-url --- cmd/serve.go | 16 +++++++++++----- docs/releases.md | 8 ++++++++ util/util_test.go | 2 +- 3 files changed, 20 insertions(+), 6 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index 90f21a0e9..ba893872f 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -16,6 +16,7 @@ import ( "math" "net" "net/netip" + "net/url" "os" "os/signal" "strings" @@ -126,7 +127,7 @@ func execServe(c *cli.Context) error { // Read all the options config := c.String("config") - baseURL := c.String("base-url") + baseURL := strings.TrimSuffix(c.String("base-url"), "/") listenHTTP := c.String("listen-http") listenHTTPS := c.String("listen-https") listenUnix := c.String("listen-unix") @@ -273,10 +274,15 @@ func execServe(c *cli.Context) error { return errors.New("if smtp-server-listen is set, smtp-server-domain must also be set") } else if attachmentCacheDir != "" && baseURL == "" { return errors.New("if attachment-cache-dir is set, base-url must also be set") - } else if baseURL != "" && !strings.HasPrefix(baseURL, "http://") && !strings.HasPrefix(baseURL, "https://") { - return errors.New("if set, base-url must start with http:// or https://") - } else if baseURL != "" && strings.HasSuffix(baseURL, "/") { - return errors.New("if set, base-url must not end with a slash (/)") + } else if baseURL != "" { + u, err := url.Parse(baseURL) + if err != nil { + return fmt.Errorf("if set, base-url must be a valid URL, e.g. https://ntfy.mydomain.com: %v", err) + } else if u.Scheme != "http" && u.Scheme != "https" { + return errors.New("if set, base-url must be a valid URL starting with http:// or https://, e.g. https://ntfy.mydomain.com") + } else if u.Path != "" { + return fmt.Errorf("if set, base-url must not have a path (%s), as hosting ntfy on a sub-path is not supported, e.g. https://ntfy.mydomain.com", u.Path) + } } else if upstreamBaseURL != "" && !strings.HasPrefix(upstreamBaseURL, "http://") && !strings.HasPrefix(upstreamBaseURL, "https://") { return errors.New("if set, upstream-base-url must start with http:// or https://") } else if upstreamBaseURL != "" && strings.HasSuffix(upstreamBaseURL, "/") { diff --git a/docs/releases.md b/docs/releases.md index 3549330bb..654dbf284 100644 --- a/docs/releases.md +++ b/docs/releases.md @@ -1315,6 +1315,11 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release ### ntfy server v2.9.0 +**Features:** + +* Support for larger message delays with `message-delay-limit` (see [message limits](config.md#message-limits), [#1050](https://github.com/binwiederhier/ntfy/pull/1050)/[#1019](https://github.com/binwiederhier/ntfy/issues/1019), thanks to [@MrChadMWood](https://github.com/MrChadMWood) for reporting) +* Support for larger message body sizes with `message-size-limit` (use at your own risk, see [message limits](config.md#message-limits), [#1050](https://github.com/binwiederhier/ntfy/pull/1050), thanks to [@zhzy0077](https://github.com/zhzy0077) for implementing this, and to [@nkjshlsqja7331](https://github.com/nkjshlsqja7331) for reporting) + **Bug fixes + maintenance:** * Remove `Rate-Topics` header due to DoS security issue if `visitor-subscriber-rate-limiting: true` ([#1048](https://github.com/binwiederhier/ntfy/issues/1048)) @@ -1326,6 +1331,9 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release * Update Watchtower example ([#1014](https://github.com/binwiederhier/ntfy/pull/1014), thanks to [@lennart-m](https://github.com/lennart-m)) * Fix dead links ([#1022](https://github.com/binwiederhier/ntfy/pull/1022), thanks to [@DerRockWolf](https://github.com/DerRockWolf)) +!!! warning + **Breaking change**: The `Rate-Topics` header was removed due to a ([DoS issue](https://github.com/binwiederhier/ntfy/issues/1048). This only affects installations with `visitor-subscriber-rate-limiting: true`, which is not the default and likely very rarely used. + ### ntfy Android app v1.16.1 (UNRELEASED) **Features:** diff --git a/util/util_test.go b/util/util_test.go index d539d6752..9ddec58df 100644 --- a/util/util_test.go +++ b/util/util_test.go @@ -128,7 +128,7 @@ func TestParseSize_10kLowerCaseSuccess(t *testing.T) { func TestParseSize_FailureInvalid(t *testing.T) { _, err := ParseSize("not a size") - require.Nil(t, err) + require.Error(t, err) } func TestFormatSize(t *testing.T) { From 01b397a31afbf9e39b137fda1d831c5a70d6a3e5 Mon Sep 17 00:00:00 2001 From: binwiederhier Date: Thu, 7 Mar 2024 12:50:01 -0500 Subject: [PATCH 09/11] Release notes --- docs/releases.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/releases.md b/docs/releases.md index 654dbf284..7285ebbac 100644 --- a/docs/releases.md +++ b/docs/releases.md @@ -13,7 +13,7 @@ Many thanks to [@tcaputi](https://github.com/tcaputi) for fixing the issues, and * UI not updating properly ([#267](https://github.com/binwiederhier/ntfy/issues/267)/[#402](https://github.com/binwiederhier/ntfy/issues/402), thanks to [@tcaputi](https://github.com/tcaputi)) -### ntfy server v2.8.0 +## ntfy server v2.8.0 Released November 19, 2023 This release brings a handful of random bug fixes: two unrelated access control list fixes, a fix around web app crashes for languages with underscores in the language code (e.g. `zh_Hant`, `zh_Hans`, `pt_BR`, ...), a workaround for the `Priority` header (often used in Cloudflare setups), and support among others support for HTML-only emails (finally), web app crash fixes @@ -1315,10 +1315,13 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release ### ntfy server v2.9.0 +!!! info + **Breaking change**: The `Rate-Topics` header was removed due to a [DoS issue](https://github.com/binwiederhier/ntfy/issues/1048). This only affects installations with `visitor-subscriber-rate-limiting: true`, which is not the default and likely very rarely used. + **Features:** * Support for larger message delays with `message-delay-limit` (see [message limits](config.md#message-limits), [#1050](https://github.com/binwiederhier/ntfy/pull/1050)/[#1019](https://github.com/binwiederhier/ntfy/issues/1019), thanks to [@MrChadMWood](https://github.com/MrChadMWood) for reporting) -* Support for larger message body sizes with `message-size-limit` (use at your own risk, see [message limits](config.md#message-limits), [#1050](https://github.com/binwiederhier/ntfy/pull/1050), thanks to [@zhzy0077](https://github.com/zhzy0077) for implementing this, and to [@nkjshlsqja7331](https://github.com/nkjshlsqja7331) for reporting) +* Support for larger message body sizes with `message-size-limit` (use at your own risk, see [message limits](config.md#message-limits), [#836](https://github.com/binwiederhier/ntfy/pull/836)/[#1050](https://github.com/binwiederhier/ntfy/pull/1050), thanks to [@zhzy0077](https://github.com/zhzy0077) for implementing this, and to [@nkjshlsqja7331](https://github.com/nkjshlsqja7331) for reporting) **Bug fixes + maintenance:** @@ -1331,9 +1334,6 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release * Update Watchtower example ([#1014](https://github.com/binwiederhier/ntfy/pull/1014), thanks to [@lennart-m](https://github.com/lennart-m)) * Fix dead links ([#1022](https://github.com/binwiederhier/ntfy/pull/1022), thanks to [@DerRockWolf](https://github.com/DerRockWolf)) -!!! warning - **Breaking change**: The `Rate-Topics` header was removed due to a ([DoS issue](https://github.com/binwiederhier/ntfy/issues/1048). This only affects installations with `visitor-subscriber-rate-limiting: true`, which is not the default and likely very rarely used. - ### ntfy Android app v1.16.1 (UNRELEASED) **Features:** From 94f60fb5b8b6be2cdcb48292b5a05c0b3bb6805e Mon Sep 17 00:00:00 2001 From: binwiederhier Date: Thu, 7 Mar 2024 12:53:39 -0500 Subject: [PATCH 10/11] Lint --- util/time.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/util/time.go b/util/time.go index d44052366..9fbee890e 100644 --- a/util/time.go +++ b/util/time.go @@ -83,6 +83,8 @@ func ParseDuration(s string) (time.Duration, error) { return 0, errInvalidDuration } +// FormatDuration formats a time.Duration into a human-readable string, e.g. "2d", "20h", "30m", "40s". +// It rounds to the largest unit that is not zero, thereby effectively rounding down. func FormatDuration(d time.Duration) string { if d >= 24*time.Hour { return strconv.Itoa(int(d/(24*time.Hour))) + "d" From 8931f25ac5a6a7fb522d84a42f0bba7ce753c490 Mon Sep 17 00:00:00 2001 From: binwiederhier Date: Thu, 7 Mar 2024 13:00:39 -0500 Subject: [PATCH 11/11] Ahh --- cmd/serve.go | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index ba893872f..62e0a14a0 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -432,17 +432,6 @@ func execServe(c *cli.Context) error { return nil } -func parseSize(s string, defaultValue int64) (v int64, err error) { - if s == "" { - return defaultValue, nil - } - v, err = util.ParseSize(s) - if err != nil { - return 0, err - } - return v, nil -} - func sigHandlerConfigReload(config string) { sigs := make(chan os.Signal, 1) signal.Notify(sigs, syscall.SIGHUP)