Have a Kubernetes cluster and want to run your own ntfy server?
Hopefully this makes it simple for you!
- A functional k8s cluster.
- A dedicated namespace for this project (default is
ntfy). - An Ingress provider (I use
ingress-nginx, not to be confused withnginx-ingress)
- If you have
cert-managerinstalled and functional, you can easily enable TLS in your Ingress by enablingcomponent/ingress/tlsinkustomization.yaml.
See settings/config.properties:
# NTFY
environment=staging
storage_size=500Mi
timezone=UTC
log_level=INFO
debug=false
# Resources
requests_cpu=150m
requests_mem=150Mi
limits_cpu=500m
limits_mem=500Mi
# Ingress
ingress_fqdn=ntfy.example.comenvironmentis used to set theNODE_ENVenvironment variablestorage_sizedetermines the size of/var/ntfy/cachetimezoneis used to set theTZenvironment variablelog_levelis used to set theNTFY_LOG_LEVELenvironment variabledebugis used to set theNTFY_DEBUGenvironment variable
The Resources settings set the pod resource limits (should be self-explanatory)
ingress_fqdnsets the host name in your Ingress manifest.
Optional (require components to be enabled):
# TLS component (must be enabled in kustomization.yaml)
# For production, you probably want letsencrypt-prod, or whatever you named it
ingress_cert_manager=letsencrypt-staging
ingress_tls=ntfy-tls-certificate
# OTel component (must be enabled in kustomization.yaml)
otel_endpoint=http://my-otel-collector.opentelemetry-operator-system.svc:4318
otel_service_name=ntfyThese settings will do nothing unless components/ingress/tls is enabled in
kustomization.yaml:
ingress_cert_manageris the name of yourcert-managerIssuer (cluster or not)ingress_tlsis the (arbitrary) name of the TLS certificate for your Ingress
These settings will do nothing unless components/statefulset/otel is enabled in
kustomization.yaml, and you have selected a replacement container image that
supports OTel (at this time, my custom build Docker container is available at
untergeek/ntfy:v2.11.0-symbols)
otel_endpointis the target endpoint for the OTel dataotel_service_nameis the name to apply as the service name to all OTel data.
You can use the default namespace, ntfy, or change to use your own. In either
case, the namespace must be created before deployment.
Currently, the most recent release is v2.11.0. To run a different release, replace
v2.11.0 with the desired tag.
images:
- name: binwiederhier/ntfy
newTag: v2.11.0One of the few reasons you might need this is to add any other environment variables you may want.
This file will be used to create a ConfigMap that will be mounted as
/etc/ntfy/server.yml, and contains the settings used to configure ntfy. At the
very least, you should edit patches/configmap/server.yml and configure:
base_url: https://ntfy.example.com/which should be the FQDN you set in your Ingress.
Any other settings are at your discretion.
-
(Optional) To preview generated configuration before deploying:
kubectl kustomize .
-
Run the following command to build and deploy:
kubectl apply -k .
-
Copy
kustomization.yaml, and thepatches,replacements, andsettingsdirectories files tooverlays/NAME, or whatever directory structure you prefer. -
Each
overlays/NAMEshould have its ownkustomization.yaml,patches,replacements, andsettingsdirectories. -
Be sure to update the paths in the
resourcesandcomponentssection ofkustomization.yamlaccordingly (since the relative paths have changed):resources: - ../../base components: - ../../components/ingress/tls
Apply the same configuration steps as above for each overlay/NAME path you
create.
-
(Optional) To preview generated configuration before deploying:
kubectl kustomize overlays/NAME
-
Run the following command to build and deploy:
kubectl apply -k overlays/NAME