commit 0c9bf84f7f21f0001eaf12128e90695020d17699
parent 052e818132865d3d83401b7f97be3a4c3ad854a6
author: nathanael <nathanael@dalliard.ch>
date: Sat, 15 Nov 2025 09:15:14 +0000
s2: add ntfy
diffstat:
3 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/s2/packages b/s2/packages
@@ -3,3 +3,4 @@ got--
gotd--
hugo--
mollysocket--
+ntfy--
diff --git a/s2/sysfiles/acme-client.conf b/s2/sysfiles/acme-client.conf
@@ -5,6 +5,7 @@ authority letsencrypt {
domain s2.dalliard.ch {
alternative names {
src.dalliard.ch
+ msg.dalliard.ch
ms.dalliard.ch
}
domain key "/etc/ssl/private/s2.dalliard.ch.key"
diff --git a/s2/sysfiles/relayd.conf b/s2/sysfiles/relayd.conf
@@ -2,6 +2,7 @@ ipv4="152.53.196.107"
ipv6="2a03:4000:0:170d::1"
table <httpd> { 127.0.0.1 }
table <molly> { 127.0.0.1 }
+table <ntfy> { 127.0.0.1 }
http protocol https {
tls { no tlsv1.0, tlsv1.1, ciphers "ECDHE+AESGCM:ECDHE+CHACHA20:!aNULL:!MD5:!DSS" }
tls keypair "s2.dalliard.ch"
@@ -20,17 +21,22 @@ http protocol https {
match response tagged "static" header set "Cache-Control" value "public, max-age=31536000, immutable"
pass request quick header "Host" value "ms.dalliard.ch" forward to <molly>
+ pass request quick header "Host" value "msg.dalliard.ch" forward to <ntfy>
pass request forward to <httpd>
+
+ http websockets
}
relay wwwtls4 {
listen on $ipv4 port https tls
protocol https
forward to <httpd> port https
forward to <molly> port 8020
+ forward to <ntfy> port 8010
}
relay wwwtls6 {
listen on $ipv6 port https tls
protocol https
forward to <httpd> port https
forward to <molly> port 8020
+ forward to <ntfy> port 8010
}
