diff --git a/roles/custom/matrix-ntfy/defaults/main.yml b/roles/custom/matrix-ntfy/defaults/main.yml index a5cb6d986..65c317737 100644 --- a/roles/custom/matrix-ntfy/defaults/main.yml +++ b/roles/custom/matrix-ntfy/defaults/main.yml @@ -20,7 +20,6 @@ matrix_ntfy_global_topic_limit: 15000 # default matrix_ntfy_visitor_subscription_limit: 30 # default matrix_ntfy_visitor_request_limit_burst: 60 # default matrix_ntfy_visitor_request_limit_replenish: "5s" # default -matrix_ntfy_visitor_request_limit_exempt_hosts: "{{matrix_server_fqn_matrix}},localhost" # exempt our matrix server from rate limits, this may not work when the homeserver's outgoing IP is different from the incoming IP, but most small deployments should be fine. # Controls whether the container exposes its HTTP port (tcp/80 in the container). diff --git a/roles/custom/matrix-ntfy/templates/ntfy/server.yml.j2 b/roles/custom/matrix-ntfy/templates/ntfy/server.yml.j2 index 833ddd61b..9815fd6b4 100644 --- a/roles/custom/matrix-ntfy/templates/ntfy/server.yml.j2 +++ b/roles/custom/matrix-ntfy/templates/ntfy/server.yml.j2 @@ -8,5 +8,4 @@ global-topic-limit: {{ matrix_ntfy_global_topic_limit | to_json }} visitor-subscription-limit: {{ matrix_ntfy_visitor_subscription_limit | to_json }} visitor-request-limit-burst: {{ matrix_ntfy_visitor_request_limit_burst | to_json }} -visitor-request-limit-replenish: "{{ matrix_ntfy_visitor_request_limit_replenish | to_json }}" -visitor-request-limit-exempt-hosts: "{{ matrix_ntfy_visitor_request_limit_exempt_hosts | to_json }}" +visitor-request-limit-replenish: "{{ matrix_ntfy_visitor_request_limit_replenish }}" diff --git a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index a10cb5844..be07ac17b 100644 --- a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -11,11 +11,12 @@ Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' -ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ntfy \ +ExecStart={{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ntfy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ --read-only \ + --env NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS={{matrix_server_fqn_matrix}},localhost,$(docker network inspect {{matrix_docker_network}} -f "{{"{{"}} (index .IPAM.Config 0).Subnet {{"}}"}}") \ {% for arg in matrix_ntfy_container_extra_arguments %} {{ arg }} \ {% endfor %} @@ -26,7 +27,7 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name --mount type=bind,src={{ matrix_ntfy_config_dir_path }},dst=/etc/ntfy,ro \ --mount type=bind,src={{ matrix_ntfy_data_path }},dst=/data \ {{ matrix_ntfy_docker_image }} \ - serve + serve' ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true'