Update notifications; canary notifications

Fix double listing of amd64 in the docs (Fixes #251)

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,72 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main ]
+  schedule:
+    - cron: '21 10 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go', 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+        
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

.github/workflows/test.yaml

@@ -8,12 +8,18 @@ jobs:
         uses: actions/setup-go@v2
         with:
           go-version: '1.17.x'
+      - name: Install node
+        uses: actions/setup-node@v2
+        with:
+          node-version: '16'
       - name: Checkout code
         uses: actions/checkout@v2
       - name: Install dependencies
         run: sudo apt update && sudo apt install -y python3-pip curl
       - name: Build docs (required for tests)
         run: make docs
+      - name: Build web app (required for tests)
+        run: make web
       - name: Run tests, formatting, vetting and linting
         run: make check
       - name: Run coverage

.gitignore

@@ -1,7 +1,11 @@
 dist/
 build/
 .idea/
+*.swp
 server/docs/
+server/site/
 tools/fbsend/fbsend
 playground/
+secrets/
 *.iml
+node_modules/

.goreleaser.yml

@@ -4,7 +4,7 @@ before:
     - go mod tidy
 builds:
   -
-    id: ntfy
+    id: ntfy_linux_amd64
     binary: ntfy
     env:
       - CGO_ENABLED=1 # required for go-sqlite3
@@ -17,7 +17,20 @@ builds:
       post:
         - upx "{{ .Path }}" # apt install upx
   -
-    id: ntfy_armv7
+    id: ntfy_linux_armv6
+    binary: ntfy
+    env:
+      - CGO_ENABLED=1 # required for go-sqlite3
+      - CC=arm-linux-gnueabi-gcc # apt install gcc-arm-linux-gnueabi
+    tags: [sqlite_omit_load_extension,osusergo,netgo]
+    ldflags:
+      - "-linkmode=external -extldflags=-static -s -w -X main.version={{.Version}} -X main.commit={{.Commit}} -X main.date={{.Date}}"
+    goos: [linux]
+    goarch: [arm]
+    goarm: [6]
+    # No "upx" for ARM, see https://github.com/binwiederhier/ntfy/issues/191#issuecomment-1083406546
+  -
+    id: ntfy_linux_armv7
     binary: ntfy
     env:
       - CGO_ENABLED=1 # required for go-sqlite3
@@ -28,11 +41,9 @@ builds:
     goos: [linux]
     goarch: [arm]
     goarm: [7]
-    hooks:
-      post:
-        - upx "{{ .Path }}" # apt install upx
+    # No "upx" for ARM, see https://github.com/binwiederhier/ntfy/issues/191#issuecomment-1083406546
   -
-    id: ntfy_arm64
+    id: ntfy_linux_arm64
     binary: ntfy
     env:
       - CGO_ENABLED=1 # required for go-sqlite3
@@ -42,9 +53,28 @@ builds:
       - "-linkmode=external -extldflags=-static -s -w -X main.version={{.Version}} -X main.commit={{.Commit}} -X main.date={{.Date}}"
     goos: [linux]
     goarch: [arm64]
+    # No "upx" for ARM, see https://github.com/binwiederhier/ntfy/issues/191#issuecomment-1083406546
+  -
+    id: ntfy_windows_amd64
+    binary: ntfy
+    env:
+      - CGO_ENABLED=0 # explicitly disable, since we don't need go-sqlite3
+    ldflags:
+      - "-X main.version={{.Version}} -X main.commit={{.Commit}} -X main.date={{.Date}}"
+    goos: [windows]
+    goarch: [amd64]
     hooks:
       post:
         - upx "{{ .Path }}" # apt install upx
+  -
+    id: ntfy_darwin_all
+    binary: ntfy
+    env:
+      - CGO_ENABLED=0 # explicitly disable, since we don't need go-sqlite3
+    ldflags:
+      - "-X main.version={{.Version}} -X main.commit={{.Commit}} -X main.date={{.Date}}"
+    goos: [darwin]
+    goarch: [amd64, arm64] # will be combined to "universal binary" (see below)
 nfpms:
   -
     package_name: ntfy
@@ -59,12 +89,12 @@ nfpms:
     contents:
       - src: server/server.yml
         dst: /etc/ntfy/server.yml
-        type: config
+        type: "config|noreplace"
       - src: server/ntfy.service
         dst: /lib/systemd/system/ntfy.service
       - src: client/client.yml
         dst: /etc/ntfy/client.yml
-        type: config
+        type: "config|noreplace"
       - src: client/ntfy-client.service
         dst: /lib/systemd/system/ntfy-client.service
       - dst: /var/cache/ntfy
@@ -74,7 +104,7 @@ nfpms:
       - dst: /var/lib/ntfy
         type: dir
       - dst: /usr/share/ntfy/logo.png
-        src: server/static/img/ntfy.png
+        src: web/public/static/img/ntfy.png
     scripts:
       preinstall: "scripts/preinst.sh"
       postinstall: "scripts/postinst.sh"
@@ -82,6 +112,12 @@ nfpms:
       postremove: "scripts/postrm.sh"
 archives:
   -
+    id: ntfy_linux
+    builds:
+      - ntfy_linux_amd64
+      - ntfy_linux_armv6
+      - ntfy_linux_armv7
+      - ntfy_linux_arm64
     wrap_in_directory: true
     files:
       - LICENSE
@@ -91,8 +127,34 @@ archives:
       - client/client.yml
       - client/ntfy-client.service
     replacements:
-      386: i386
       amd64: x86_64
+  -
+    id: ntfy_windows
+    builds:
+      - ntfy_windows_amd64
+    format: zip
+    wrap_in_directory: true
+    files:
+      - LICENSE
+      - README.md
+      - client/client.yml
+    replacements:
+      amd64: x86_64
+  -
+    id: ntfy_darwin
+    builds:
+      - ntfy_darwin_all
+    wrap_in_directory: true
+    files:
+      - LICENSE
+      - README.md
+      - client/client.yml
+    replacements:
+      darwin: macOS
+universal_binaries:
+  -
+    id: ntfy_darwin_all
+    replace: true
 checksum:
   name_template: 'checksums.txt'
 snapshot:
@@ -126,14 +188,24 @@ dockers:
     goarm: 7
     build_flag_templates:
       - "--platform=linux/arm/v7"
+  - image_templates:
+      - &armv6_image "binwiederhier/ntfy:{{ .Tag }}-armv6"
+    use: buildx
+    dockerfile: Dockerfile
+    goarch: arm
+    goarm: 6
+    build_flag_templates:
+      - "--platform=linux/arm/v6"
 docker_manifests:
   - name_template: "binwiederhier/ntfy:latest"
     image_templates:
       - *amd64_image
       - *arm64v8_image
       - *armv7_image
+      - *armv6_image
   - name_template: "binwiederhier/ntfy:{{ .Tag }}"
     image_templates:
       - *amd64_image
       - *arm64v8_image
       - *armv7_image
+      - *armv6_image

Dockerfile

@@ -2,4 +2,6 @@ FROM alpine
 MAINTAINER Philipp C. Heckel <philipp.heckel@gmail.com>
 
 COPY ntfy /usr/bin
+
+EXPOSE 80/tcp
 ENTRYPOINT ["ntfy"]

Makefile

@@ -3,46 +3,154 @@ VERSION := $(shell git describe --tag)
 .PHONY:
 
 help:
-	@echo "Typical commands:"
-	@echo "  make check                       - Run all tests, vetting/formatting checks and linters"
-	@echo "  make fmt build-snapshot install  - Build latest and install to local system"
+	@echo "Typical commands (more see below):"
+	@echo "  make build                   - Build web app, documentation and server/client (sloowwww)"
+	@echo "  make cli-linux-amd64         - Build server/client binary (amd64, no web app or docs)"
+	@echo "  make install-linux-amd64     - Install ntfy binary to /usr/bin/ntfy (amd64)"
+	@echo "  make web                     - Build the web app"
+	@echo "  make docs                    - Build the documentation"
+	@echo "  make check                   - Run all tests, vetting/formatting checks and linters"
+	@echo
+	@echo "Build everything:"
+	@echo "  make build                   - Build web app, documentation and server/client"
+	@echo "  make clean                   - Clean build/dist folders"
+	@echo
+	@echo "Build server & client (not release version):"
+	@echo "  make cli                     - Build server & client (all architectures)"
+	@echo "  make cli-linux-amd64         - Build server & client (Linux, amd64 only)"
+	@echo "  make cli-linux-armv6         - Build server & client (Linux, armv6 only)"
+	@echo "  make cli-linux-armv7         - Build server & client (Linux, armv7 only)"
+	@echo "  make cli-linux-arm64         - Build server & client (Linux, arm64 only)"
+	@echo "  make cli-windows-amd64       - Build client (Windows, amd64 only)"
+	@echo "  make cli-darwin-amd64        - Build client (macOS, amd64 only)"
+	@echo
+	@echo "Build web app:"
+	@echo "  make web                     - Build the web app"
+	@echo "  make web-deps                - Install web app dependencies (npm install the universe)"
+	@echo "  make web-build               - Actually build the web app"
+	@echo
+	@echo "Build documentation:"
+	@echo "  make docs                    - Build the documentation"
+	@echo "  make docs-deps               - Install Python dependencies (pip3 install)"
+	@echo "  make docs-build              - Actually build the documentation"
 	@echo
 	@echo "Test/check:"
-	@echo "  make test                        - Run tests"
-	@echo "  make race                        - Run tests with -race flag"
-	@echo "  make coverage                    - Run tests and show coverage"
-	@echo "  make coverage-html               - Run tests and show coverage (as HTML)"
-	@echo "  make coverage-upload             - Upload coverage results to codecov.io"
+	@echo "  make test                    - Run tests"
+	@echo "  make race                    - Run tests with -race flag"
+	@echo "  make coverage                - Run tests and show coverage"
+	@echo "  make coverage-html           - Run tests and show coverage (as HTML)"
+	@echo "  make coverage-upload         - Upload coverage results to codecov.io"
 	@echo
 	@echo "Lint/format:"
-	@echo "  make fmt                         - Run 'go fmt'"
-	@echo "  make fmt-check                   - Run 'go fmt', but don't change anything"
-	@echo "  make vet                         - Run 'go vet'"
-	@echo "  make lint                        - Run 'golint'"
-	@echo "  make staticcheck                 - Run 'staticcheck'"
+	@echo "  make fmt                     - Run 'go fmt'"
+	@echo "  make fmt-check               - Run 'go fmt', but don't change anything"
+	@echo "  make vet                     - Run 'go vet'"
+	@echo "  make lint                    - Run 'golint'"
+	@echo "  make staticcheck             - Run 'staticcheck'"
 	@echo
-	@echo "Build:"
-	@echo "  make build                       - Build"
-	@echo "  make build-snapshot              - Build snapshot"
-	@echo "  make build-simple                - Build (using go build, without goreleaser)"
-	@echo "  make clean                       - Clean build folder"
-	@echo
-	@echo "Releasing (requires goreleaser):"
-	@echo "  make release                     - Create a release"
-	@echo "  make release-snapshot            - Create a test release"
+	@echo "Releasing:"
+	@echo "  make release                 - Create a release"
+	@echo "  make release-snapshot        - Create a test release"
 	@echo
 	@echo "Install locally (requires sudo):"
-	@echo "  make install                     - Copy binary from dist/ to /usr/bin"
-	@echo "  make install-deb                 - Install .deb from dist/"
-	@echo "  make install-lint                - Install golint"
+	@echo "  make install-linux-amd64     - Copy amd64 binary from dist/ to /usr/bin/ntfy"
+	@echo "  make install-linux-armv6     - Copy armv6 binary from dist/ to /usr/bin/ntfy"
+	@echo "  make install-linux-armv7     - Copy armv7 binary from dist/ to /usr/bin/ntfy"
+	@echo "  make install-linux-arm64     - Copy arm64 binary from dist/ to /usr/bin/ntfy"
+	@echo "  make install-linux-deb-amd64 - Install .deb from dist/ (amd64 only)"
+	@echo "  make install-linux-deb-armv6 - Install .deb from dist/ (armv6 only)"
+	@echo "  make install-linux-deb-armv7 - Install .deb from dist/ (armv7 only)"
+	@echo "  make install-linux-deb-arm64 - Install .deb from dist/ (arm64 only)"
+
+
+# Building everything
+
+clean: .PHONY
+	rm -rf dist build server/docs server/site
+
+build: web docs cli
+
+update: web-deps-update cli-deps-update docs-deps-update
 
 
 # Documentation
+
+docs: docs-deps docs-build
+
+docs-build: .PHONY
+	mkdocs build
+
 docs-deps: .PHONY
 	pip3 install -r requirements.txt
 
-docs: docs-deps
-	mkdocs build
+docs-deps-update: .PHONY
+	pip3 install -r requirements.txt --upgrade
+
+
+# Web app
+
+web: web-deps web-build
+
+web-build:
+	cd web \
+		&& npm run build \
+		&& mv build/index.html build/app.html \
+		&& rm -rf ../server/site \
+		&& mv build ../server/site \
+		&& rm \
+			../server/site/config.js \
+			../server/site/asset-manifest.json
+
+web-deps:
+	cd web && npm install
+	# If this fails for .svg files, optimize them with svgo
+
+web-deps-update:
+	cd web && npm update
+
+# Main server/client build
+
+cli: cli-deps
+	goreleaser build --snapshot --rm-dist --debug
+
+cli-linux-amd64: cli-deps-static-sites
+	goreleaser build --snapshot --rm-dist --debug --id ntfy_linux_amd64
+
+cli-linux-armv6: cli-deps-static-sites cli-deps-gcc-armv6-armv7
+	goreleaser build --snapshot --rm-dist --debug --id ntfy_linux_armv6
+
+cli-linux-armv7: cli-deps-static-sites cli-deps-gcc-armv6-armv7
+	goreleaser build --snapshot --rm-dist --debug --id ntfy_linux_armv7
+
+cli-linux-arm64: cli-deps-static-sites cli-deps-gcc-arm64
+	goreleaser build --snapshot --rm-dist --debug --id ntfy_linux_arm64
+
+cli-windows-amd64: cli-deps-static-sites
+	goreleaser build --snapshot --rm-dist --debug --id ntfy_windows_amd64
+
+cli-darwin-all: cli-deps-static-sites
+	goreleaser build --snapshot --rm-dist --debug --id ntfy_darwin_all
+
+cli-deps: cli-deps-static-sites cli-deps-all cli-deps-gcc
+
+cli-deps-gcc: cli-deps-gcc-armv6-armv7 cli-deps-gcc-arm64
+
+cli-deps-static-sites:
+	mkdir -p server/docs server/site
+	touch server/docs/index.html server/site/app.html
+
+cli-deps-all:
+	which upx || { echo "ERROR: upx not installed. On Ubuntu, run: apt install upx"; exit 1; }
+
+cli-deps-gcc-armv6-armv7:
+	which arm-linux-gnueabi-gcc || { echo "ERROR: ARMv6/ARMv7 cross compiler not installed. On Ubuntu, run: apt install gcc-arm-linux-gnueabi"; exit 1; }
+
+cli-deps-gcc-arm64:
+	which aarch64-linux-gnu-gcc || { echo "ERROR: ARM64 cross compiler not installed. On Ubuntu, run: apt install gcc-aarch64-linux-gnu"; exit 1; }
+
+cli-deps-update:
+	go get -u
+	go install honnef.co/go/tools/cmd/staticcheck@latest
 
 # Test/check targets
 
@@ -92,55 +200,55 @@ staticcheck: .PHONY
 	rm -rf build/staticcheck
 
 
-# Building targets
-
-build-deps: docs
-	which arm-linux-gnueabi-gcc || { echo "ERROR: ARMv6/v7 cross compiler not installed. On Ubuntu, run: apt install gcc-arm-linux-gnueabi"; exit 1; }
-	which aarch64-linux-gnu-gcc || { echo "ERROR: ARM64 cross compiler not installed. On Ubuntu, run: apt install gcc-aarch64-linux-gnu"; exit 1; }
-
-build: build-deps
-	goreleaser build --rm-dist --debug
-
-build-snapshot: build-deps
-	goreleaser build --snapshot --rm-dist --debug
-
-build-simple: clean
-	mkdir -p dist/ntfy_linux_amd64 server/docs
-	touch server/docs/dummy
-	export CGO_ENABLED=1
-	go build \
-		-o dist/ntfy_linux_amd64/ntfy \
-		-tags sqlite_omit_load_extension,osusergo,netgo \
-		-ldflags \
-		"-linkmode=external -extldflags=-static -s -w -X main.version=$(VERSION) -X main.commit=$(shell git rev-parse --short HEAD) -X main.date=$(shell date +%s)"
-
-clean: .PHONY
-	rm -rf dist build server/docs
-
-
 # Releasing targets
 
+release: clean update cli-deps release-check-tags docs web check
+	goreleaser release --rm-dist --debug
+
+release-snapshot: clean update cli-deps docs web check
+	goreleaser release --snapshot --skip-publish --rm-dist --debug
+
 release-check-tags:
 	$(eval LATEST_TAG := $(shell git describe --abbrev=0 --tags | cut -c2-))
 	if ! grep -q $(LATEST_TAG) docs/install.md; then\
 	 	echo "ERROR: Must update docs/install.md with latest tag first.";\
 	 	exit 1;\
 	fi
-
-release: build-deps release-check-tags check
-	goreleaser release --rm-dist --debug
-
-release-snapshot: build-deps
-	goreleaser release --snapshot --skip-publish --rm-dist --debug
+	if ! grep -q $(LATEST_TAG) docs/releases.md; then\
+		echo "ERROR: Must update docs/releases.md with latest tag first.";\
+		exit 1;\
+	fi
 
 
 # Installing targets
 
-install:
-	sudo rm -f /usr/bin/ntfy
-	sudo cp -a dist/ntfy_linux_amd64/ntfy /usr/bin/ntfy
+install-linux-amd64: remove-binary
+	sudo cp -a dist/ntfy_amd64_linux_amd64_v1/ntfy /usr/bin/ntfy
 
-install-deb:
+install-linux-armv6: remove-binary
+	sudo cp -a dist/ntfy_armv6_linux_arm_6/ntfy /usr/bin/ntfy
+
+install-linux-armv7: remove-binary
+	sudo cp -a dist/ntfy_armv7_linux_arm_7/ntfy /usr/bin/ntfy
+
+install-linux-arm64: remove-binary
+	sudo cp -a dist/ntfy_arm64_linux_arm64/ntfy /usr/bin/ntfy
+
+remove-binary:
+	sudo rm -f /usr/bin/ntfy
+
+install-linux-amd64-deb: purge-package
+	sudo dpkg -i dist/ntfy_*_linux_amd64.deb
+
+install-linux-armv6-deb: purge-package
+	sudo dpkg -i dist/ntfy_*_linux_armv6.deb
+
+install-linux-armv7-deb: purge-package
+	sudo dpkg -i dist/ntfy_*_linux_armv7.deb
+
+install-linux-arm64-deb: purge-package
+	sudo dpkg -i dist/ntfy_*_linux_arm64.deb
+
+purge-package:
 	sudo systemctl stop ntfy || true
 	sudo apt-get purge ntfy || true
-	sudo dpkg -i dist/ntfy_*_linux_amd64.deb

README.md

@@ -1,4 +1,4 @@
-![ntfy](server/static/img/ntfy.png)
+![ntfy](web/public/static/img/ntfy.png)
 
 # ntfy.sh | Send push notifications to your phone or desktop via PUT/POST
 [![Release](https://img.shields.io/github/release/binwiederhier/ntfy.svg?color=success&style=flat-square)](https://github.com/binwiederhier/ntfy/releases/latest)
@@ -18,11 +18,11 @@ I run a free version of it at **[ntfy.sh](https://ntfy.sh)**, and there's an [op
 too.
 
 <p>
-  <img src="server/static/img/screenshot-curl.png" height="180">
-  <img src="server/static/img/screenshot-web-detail.png" height="180">
-  <img src="server/static/img/screenshot-phone-main.jpg" height="180">
-  <img src="server/static/img/screenshot-phone-detail.jpg" height="180">
-  <img src="server/static/img/screenshot-phone-notification.jpg" height="180">
+  <img src="web/public/static/img/screenshot-curl.png" height="180">
+  <img src="web/public/static/img/screenshot-web-detail.png" height="180">
+  <img src="web/public/static/img/screenshot-phone-main.jpg" height="180">
+  <img src="web/public/static/img/screenshot-phone-detail.jpg" height="180">
+  <img src="web/public/static/img/screenshot-phone-notification.jpg" height="180">
 </p>
 
 ## **[Documentation](https://ntfy.sh/docs/)**
@@ -34,7 +34,14 @@ too.
 [Building](https://ntfy.sh/docs/develop/)
 
 ## Contributing
-I welcome any and all contributions. Just create a PR or an issue.
+I welcome any and all contributions. Just create a PR or an issue. To contribute code, check out 
+the [build instructions](https://ntfy.sh/docs/develop/) for the server and the Android app.
+Or, if you'd like to help translate 🇩🇪 🇺🇸 🇧🇬, you can start immediately in
+[Hosted Weblate](https://hosted.weblate.org/projects/ntfy/).
+
+<a href="https://hosted.weblate.org/engage/ntfy/">
+<img src="https://hosted.weblate.org/widgets/ntfy/-/multi-blue.svg" alt="Translation status" />
+</a>
 
 ## Contact me
 You can directly contact me **[on Discord](https://discord.gg/cT7ECsZj9w)** or [on Matrix](https://matrix.to/#/#ntfy:matrix.org) 
@@ -47,13 +54,21 @@ The project is dual licensed under the [Apache License 2.0](LICENSE) and the [GP
 
 Third party libraries and resources:
 * [github.com/urfave/cli/v2](https://github.com/urfave/cli/v2) (MIT) is used to drive the CLI
-* [Mixkit sound](https://mixkit.co/free-sound-effects/notification/) (Mixkit Free License) used as notification sound
-* [Lato Font](https://www.latofonts.com/) (OFL) is used as a font in the Web UI
+* [Mixkit sounds](https://mixkit.co/free-sound-effects/notification/) (Mixkit Free License) are used as notification sounds
+* [Sounds from notificationsounds.com](https://notificationsounds.com) (Creative Commons Attribution) are used as notification sounds
+* [Roboto Font](https://fonts.google.com/specimen/Roboto) (Apache 2.0) is used as a font in everything web
+* [React](https://reactjs.org/) (MIT) is used for the web app
+* [Material UI components](https://mui.com/) (MIT) are used in the web app
+* [MUI dashboard template](https://github.com/mui/material-ui/tree/master/docs/data/material/getting-started/templates/dashboard) (MIT) was used as a basis for the web app
+* [Dexie.js](https://github.com/dexie/Dexie.js) (Apache 2.0) is used for web app persistence in IndexedDB
 * [GoReleaser](https://goreleaser.com/) (MIT) is used to create releases
 * [go-smtp](https://github.com/emersion/go-smtp) (MIT) is used to receive e-mails
 * [stretchr/testify](https://github.com/stretchr/testify) (MIT) is used for unit and integration tests
 * [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) (MIT) is used to provide the persistent message cache
 * [Firebase Admin SDK](https://github.com/firebase/firebase-admin-go) (Apache 2.0) is used to send FCM messages
 * [github/gemoji](https://github.com/github/gemoji) (MIT) is used for emoji support (specifically the [emoji.json](https://raw.githubusercontent.com/github/gemoji/master/db/emoji.json) file)
-* [Lightbox with vanilla JS](https://yossiabramov.com/blog/vanilla-js-lightbox) 
+* [Lightbox with vanilla JS](https://yossiabramov.com/blog/vanilla-js-lightbox) as a lightbox on the landing page 
+* [HTTP middleware for gzip compression](https://gist.github.com/CJEnright/bc2d8b8dc0c1389a9feeddb110f822d7) (MIT) is used for serving static files
+* [Regex for auto-linking](https://github.com/bryanwoods/autolink-js) (MIT) is used to highlight links (the library is not used)
 * [Statically linking go-sqlite3](https://www.arp242.net/static-go.html)
+* [Linked tabs in mkdocs](https://facelessuser.github.io/pymdown-extensions/extensions/tabbed/#linked-tabs)

client/options.go

@@ -56,6 +56,12 @@ func WithClick(url string) PublishOption {
 	return WithHeader("X-Click", url)
 }
 
+// WithActions adds custom user actions to the notification. The value can be either a JSON array or the
+// simple format definition. See https://ntfy.sh/docs/publish/#action-buttons for details.
+func WithActions(value string) PublishOption {
+	return WithHeader("X-Actions", value)
+}
+
 // WithAttach sets a URL that will be used by the client to download an attachment
 func WithAttach(attach string) PublishOption {
 	return WithHeader("X-Attach", attach)

cmd/access_linux.go

@@ -8,6 +8,10 @@ import (
 	"heckel.io/ntfy/util"
 )
 
+func init() {
+	commands = append(commands, cmdAccess)
+}
+
 const (
 	userEveryone = "everyone"
 )
@@ -22,7 +26,7 @@ var cmdAccess = &cli.Command{
 	Usage:     "Grant/revoke access to a topic, or show access",
 	UsageText: "ntfy access [USERNAME [TOPIC [PERMISSION]]]",
 	Flags:     flagsAccess,
-	Before:    initConfigFileInputSource("config", flagsAccess),
+	Before:    initConfigFileInputSourceFunc("config", flagsAccess),
 	Action:    execUserAccess,
 	Category:  categoryServer,
 	Description: `Manage the access control list for the ntfy server.

cmd/app.go

@@ -2,23 +2,17 @@
 package cmd
 
 import (
-	"fmt"
 	"github.com/urfave/cli/v2"
-	"github.com/urfave/cli/v2/altsrc"
-	"heckel.io/ntfy/util"
 	"os"
 )
 
-var (
-	defaultClientRootConfigFile = "/etc/ntfy/client.yml"
-	defaultClientUserConfigFile = "~/.config/ntfy/client.yml"
-)
-
 const (
 	categoryClient = "Client commands"
 	categoryServer = "Server commands"
 )
 
+var commands = make([]*cli.Command, 0)
+
 // New creates a new CLI application
 func New() *cli.App {
 	return &cli.App{
@@ -30,42 +24,6 @@ func New() *cli.App {
 		Reader:                 os.Stdin,
 		Writer:                 os.Stdout,
 		ErrWriter:              os.Stderr,
-		Action:                 execMainApp,
-		Before:                 initConfigFileInputSource("config", flagsServe), // DEPRECATED, see deprecation notice
-		Flags:                  flagsServe,                                      // DEPRECATED, see deprecation notice
-		Commands: []*cli.Command{
-			// Server commands
-			cmdServe,
-			cmdUser,
-			cmdAccess,
-
-			// Client commands
-			cmdPublish,
-			cmdSubscribe,
-		},
-	}
-}
-
-func execMainApp(c *cli.Context) error {
-	fmt.Fprintln(c.App.ErrWriter, "\x1b[1;33mDeprecation notice: Please run the server using 'ntfy serve'; see 'ntfy -h' for help.\x1b[0m")
-	fmt.Fprintln(c.App.ErrWriter, "\x1b[1;33mThis way of running the server will be removed March 2022. See https://ntfy.sh/docs/deprecations/ for details.\x1b[0m")
-	return execServe(c)
-}
-
-// initConfigFileInputSource is like altsrc.InitInputSourceWithContext and altsrc.NewYamlSourceFromFlagFunc, but checks
-// if the config flag is exists and only loads it if it does. If the flag is set and the file exists, it fails.
-func initConfigFileInputSource(configFlag string, flags []cli.Flag) cli.BeforeFunc {
-	return func(context *cli.Context) error {
-		configFile := context.String(configFlag)
-		if context.IsSet(configFlag) && !util.FileExists(configFile) {
-			return fmt.Errorf("config file %s does not exist", configFile)
-		} else if !context.IsSet(configFlag) && !util.FileExists(configFile) {
-			return nil
-		}
-		inputSource, err := altsrc.NewYamlSourceFromFile(configFile)
-		if err != nil {
-			return err
-		}
-		return altsrc.ApplyInputSourceValues(context, inputSource, flags)
+		Commands:               commands,
 	}
 }

cmd/config_loader.go

@@ -0,0 +1,52 @@
+package cmd
+
+import (
+	"fmt"
+	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v2/altsrc"
+	"gopkg.in/yaml.v2"
+	"heckel.io/ntfy/util"
+	"os"
+)
+
+// initConfigFileInputSourceFunc is like altsrc.InitInputSourceWithContext and altsrc.NewYamlSourceFromFlagFunc, but checks
+// if the config flag is exists and only loads it if it does. If the flag is set and the file exists, it fails.
+func initConfigFileInputSourceFunc(configFlag string, flags []cli.Flag) cli.BeforeFunc {
+	return func(context *cli.Context) error {
+		configFile := context.String(configFlag)
+		if context.IsSet(configFlag) && !util.FileExists(configFile) {
+			return fmt.Errorf("config file %s does not exist", configFile)
+		} else if !context.IsSet(configFlag) && !util.FileExists(configFile) {
+			return nil
+		}
+		inputSource, err := newYamlSourceFromFile(configFile, flags)
+		if err != nil {
+			return err
+		}
+		return altsrc.ApplyInputSourceValues(context, inputSource, flags)
+	}
+}
+
+// newYamlSourceFromFile creates a new Yaml InputSourceContext from a filepath.
+//
+// This function also maps aliases, so a .yml file can contain short options, or options with underscores
+// instead of dashes. See https://github.com/binwiederhier/ntfy/issues/255.
+func newYamlSourceFromFile(file string, flags []cli.Flag) (altsrc.InputSourceContext, error) {
+	var rawConfig map[interface{}]interface{}
+	b, err := os.ReadFile(file)
+	if err != nil {
+		return nil, err
+	}
+	if err := yaml.Unmarshal(b, &rawConfig); err != nil {
+		return nil, err
+	}
+	for _, f := range flags {
+		flagName := f.Names()[0]
+		for _, flagAlias := range f.Names()[1:] {
+			if _, ok := rawConfig[flagAlias]; ok {
+				rawConfig[flagName] = rawConfig[flagAlias]
+			}
+		}
+	}
+	return altsrc.NewMapInputSource(file, rawConfig), nil
+}

cmd/config_loader_test.go

@@ -0,0 +1,38 @@
+package cmd
+
+import (
+	"github.com/stretchr/testify/require"
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+func TestNewYamlSourceFromFile(t *testing.T) {
+	filename := filepath.Join(t.TempDir(), "server.yml")
+	contents := `
+# Normal options
+listen-https: ":10443"
+
+# Note the underscore!
+listen_http: ":1080"
+
+# OMG this is allowed now ...
+K: /some/file.pem
+`
+	require.Nil(t, os.WriteFile(filename, []byte(contents), 0600))
+
+	ctx, err := newYamlSourceFromFile(filename, flagsServe)
+	require.Nil(t, err)
+
+	listenHTTPS, err := ctx.String("listen-https")
+	require.Nil(t, err)
+	require.Equal(t, ":10443", listenHTTPS)
+
+	listenHTTP, err := ctx.String("listen-http") // No underscore!
+	require.Nil(t, err)
+	require.Equal(t, ":1080", listenHTTP)
+
+	keyFile, err := ctx.String("key-file") // Long option!
+	require.Nil(t, err)
+	require.Equal(t, "/some/file.pem", keyFile)
+}

cmd/publish.go

@@ -12,6 +12,10 @@ import (
 	"strings"
 )
 
+func init() {
+	commands = append(commands, cmdPublish)
+}
+
 var cmdPublish = &cli.Command{
 	Name:      "publish",
 	Aliases:   []string{"pub", "send", "trigger"},
@@ -26,6 +30,7 @@ var cmdPublish = &cli.Command{
 		&cli.StringFlag{Name: "tags", Aliases: []string{"tag", "T"}, EnvVars: []string{"NTFY_TAGS"}, Usage: "comma separated list of tags and emojis"},
 		&cli.StringFlag{Name: "delay", Aliases: []string{"at", "in", "D"}, EnvVars: []string{"NTFY_DELAY"}, Usage: "delay/schedule message"},
 		&cli.StringFlag{Name: "click", Aliases: []string{"U"}, EnvVars: []string{"NTFY_CLICK"}, Usage: "URL to open when notification is clicked"},
+		&cli.StringFlag{Name: "actions", Aliases: []string{"A"}, EnvVars: []string{"NTFY_ACTIONS"}, Usage: "actions JSON array or simple definition"},
 		&cli.StringFlag{Name: "attach", Aliases: []string{"a"}, EnvVars: []string{"NTFY_ATTACH"}, Usage: "URL to send as an external attachment"},
 		&cli.StringFlag{Name: "filename", Aliases: []string{"name", "n"}, EnvVars: []string{"NTFY_FILENAME"}, Usage: "filename for the attachment"},
 		&cli.StringFlag{Name: "file", Aliases: []string{"f"}, EnvVars: []string{"NTFY_FILE"}, Usage: "file to upload as an attachment"},
@@ -58,8 +63,7 @@ Examples:
 Please also check out the docs on publishing messages. Especially for the --tags and --delay options, 
 it has incredibly useful information: https://ntfy.sh/docs/publish/.
 
-The default config file for all client commands is /etc/ntfy/client.yml (if root user),
-or ~/.config/ntfy/client.yml for all other users.`,
+` + clientCommandDescriptionSuffix,
 }
 
 func execPublish(c *cli.Context) error {
@@ -72,6 +76,7 @@ func execPublish(c *cli.Context) error {
 	tags := c.String("tags")
 	delay := c.String("delay")
 	click := c.String("click")
+	actions := c.String("actions")
 	attach := c.String("attach")
 	filename := c.String("filename")
 	file := c.String("file")
@@ -112,6 +117,9 @@ func execPublish(c *cli.Context) error {
 	if click != "" {
 		options = append(options, client.WithClick(click))
 	}
+	if actions != "" {
+		options = append(options, client.WithActions(strings.ReplaceAll(actions, "\n", " ")))
+	}
 	if attach != "" {
 		options = append(options, client.WithAttach(attach))
 	}

cmd/serve_linux.go

@@ -3,53 +3,59 @@ package cmd
 import (
 	"errors"
 	"fmt"
-	"github.com/urfave/cli/v2"
-	"github.com/urfave/cli/v2/altsrc"
-	"heckel.io/ntfy/server"
-	"heckel.io/ntfy/util"
 	"log"
 	"math"
 	"net"
 	"strings"
 	"time"
+
+	"github.com/urfave/cli/v2"
+	"github.com/urfave/cli/v2/altsrc"
+	"heckel.io/ntfy/server"
+	"heckel.io/ntfy/util"
 )
 
+func init() {
+	commands = append(commands, cmdServe)
+}
+
 var flagsServe = []cli.Flag{
 	&cli.StringFlag{Name: "config", Aliases: []string{"c"}, EnvVars: []string{"NTFY_CONFIG_FILE"}, Value: "/etc/ntfy/server.yml", DefaultText: "/etc/ntfy/server.yml", Usage: "config file"},
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "base-url", Aliases: []string{"B"}, EnvVars: []string{"NTFY_BASE_URL"}, Usage: "externally visible base URL for this host (e.g. https://ntfy.sh)"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-http", Aliases: []string{"l"}, EnvVars: []string{"NTFY_LISTEN_HTTP"}, Value: server.DefaultListenHTTP, Usage: "ip:port used to as HTTP listen address"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-https", Aliases: []string{"L"}, EnvVars: []string{"NTFY_LISTEN_HTTPS"}, Usage: "ip:port used to as HTTPS listen address"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-unix", Aliases: []string{"U"}, EnvVars: []string{"NTFY_LISTEN_UNIX"}, Usage: "listen on unix socket path"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "key-file", Aliases: []string{"K"}, EnvVars: []string{"NTFY_KEY_FILE"}, Usage: "private key file, if listen-https is set"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "cert-file", Aliases: []string{"E"}, EnvVars: []string{"NTFY_CERT_FILE"}, Usage: "certificate file, if listen-https is set"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "firebase-key-file", Aliases: []string{"F"}, EnvVars: []string{"NTFY_FIREBASE_KEY_FILE"}, Usage: "Firebase credentials file; if set additionally publish to FCM topic"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-file", Aliases: []string{"C"}, EnvVars: []string{"NTFY_CACHE_FILE"}, Usage: "cache file used for message caching"}),
-	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "cache-duration", Aliases: []string{"b"}, EnvVars: []string{"NTFY_CACHE_DURATION"}, Value: server.DefaultCacheDuration, Usage: "buffer messages for this time to allow `since` requests"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-file", Aliases: []string{"H"}, EnvVars: []string{"NTFY_AUTH_FILE"}, Usage: "auth database file used for access control"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-default-access", Aliases: []string{"p"}, EnvVars: []string{"NTFY_AUTH_DEFAULT_ACCESS"}, Value: "read-write", Usage: "default permissions if no matching entries in the auth database are found"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-cache-dir", EnvVars: []string{"NTFY_ATTACHMENT_CACHE_DIR"}, Usage: "cache directory for attached files"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-total-size-limit", Aliases: []string{"A"}, EnvVars: []string{"NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT"}, DefaultText: "5G", Usage: "limit of the on-disk attachment cache"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-file-size-limit", Aliases: []string{"Y"}, EnvVars: []string{"NTFY_ATTACHMENT_FILE_SIZE_LIMIT"}, DefaultText: "15M", Usage: "per-file attachment size limit (e.g. 300k, 2M, 100M)"}),
-	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "attachment-expiry-duration", Aliases: []string{"X"}, EnvVars: []string{"NTFY_ATTACHMENT_EXPIRY_DURATION"}, Value: server.DefaultAttachmentExpiryDuration, DefaultText: "3h", Usage: "duration after which uploaded attachments will be deleted (e.g. 3h, 20h)"}),
-	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "keepalive-interval", Aliases: []string{"k"}, EnvVars: []string{"NTFY_KEEPALIVE_INTERVAL"}, Value: server.DefaultKeepaliveInterval, Usage: "interval of keepalive messages"}),
-	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "manager-interval", Aliases: []string{"m"}, EnvVars: []string{"NTFY_MANAGER_INTERVAL"}, Value: server.DefaultManagerInterval, Usage: "interval of for message pruning and stats printing"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-sender-addr", EnvVars: []string{"NTFY_SMTP_SENDER_ADDR"}, Usage: "SMTP server address (host:port) for outgoing emails"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-sender-user", EnvVars: []string{"NTFY_SMTP_SENDER_USER"}, Usage: "SMTP user (if e-mail sending is enabled)"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-sender-pass", EnvVars: []string{"NTFY_SMTP_SENDER_PASS"}, Usage: "SMTP password (if e-mail sending is enabled)"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-sender-from", EnvVars: []string{"NTFY_SMTP_SENDER_FROM"}, Usage: "SMTP sender address (if e-mail sending is enabled)"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-server-listen", EnvVars: []string{"NTFY_SMTP_SERVER_LISTEN"}, Usage: "SMTP server address (ip:port) for incoming emails, e.g. :25"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-server-domain", EnvVars: []string{"NTFY_SMTP_SERVER_DOMAIN"}, Usage: "SMTP domain for incoming e-mail, e.g. ntfy.sh"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-server-addr-prefix", EnvVars: []string{"NTFY_SMTP_SERVER_ADDR_PREFIX"}, Usage: "SMTP email address prefix for topics to prevent spam (e.g. 'ntfy-')"}),
-	altsrc.NewIntFlag(&cli.IntFlag{Name: "global-topic-limit", Aliases: []string{"T"}, EnvVars: []string{"NTFY_GLOBAL_TOPIC_LIMIT"}, Value: server.DefaultTotalTopicLimit, Usage: "total number of topics allowed"}),
-	altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-subscription-limit", EnvVars: []string{"NTFY_VISITOR_SUBSCRIPTION_LIMIT"}, Value: server.DefaultVisitorSubscriptionLimit, Usage: "number of subscriptions per visitor"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-attachment-total-size-limit", EnvVars: []string{"NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT"}, Value: "100M", Usage: "total storage limit used for attachments per visitor"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-attachment-daily-bandwidth-limit", EnvVars: []string{"NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT"}, Value: "500M", Usage: "total daily attachment download/upload bandwidth limit per visitor"}),
-	altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-request-limit-burst", EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_BURST"}, Value: server.DefaultVisitorRequestLimitBurst, Usage: "initial limit of requests per visitor"}),
-	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "visitor-request-limit-replenish", EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_REPLENISH"}, Value: server.DefaultVisitorRequestLimitReplenish, Usage: "interval at which burst limit is replenished (one per x)"}),
-	altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-request-limit-exempt-hosts", EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS"}, Value: "", Usage: "hostnames and/or IP addresses of hosts that will be exempt from the visitor request limit"}),
-	altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-email-limit-burst", EnvVars: []string{"NTFY_VISITOR_EMAIL_LIMIT_BURST"}, Value: server.DefaultVisitorEmailLimitBurst, Usage: "initial limit of e-mails per visitor"}),
-	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "visitor-email-limit-replenish", EnvVars: []string{"NTFY_VISITOR_EMAIL_LIMIT_REPLENISH"}, Value: server.DefaultVisitorEmailLimitReplenish, Usage: "interval at which burst limit is replenished (one per x)"}),
-	altsrc.NewBoolFlag(&cli.BoolFlag{Name: "behind-proxy", Aliases: []string{"P"}, EnvVars: []string{"NTFY_BEHIND_PROXY"}, Value: false, Usage: "if set, use X-Forwarded-For header to determine visitor IP address (for rate limiting)"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "base-url", Aliases: []string{"base_url", "B"}, EnvVars: []string{"NTFY_BASE_URL"}, Usage: "externally visible base URL for this host (e.g. https://ntfy.sh)"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-http", Aliases: []string{"listen_http", "l"}, EnvVars: []string{"NTFY_LISTEN_HTTP"}, Value: server.DefaultListenHTTP, Usage: "ip:port used to as HTTP listen address"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-https", Aliases: []string{"listen_https", "L"}, EnvVars: []string{"NTFY_LISTEN_HTTPS"}, Usage: "ip:port used to as HTTPS listen address"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "listen-unix", Aliases: []string{"listen_unix", "U"}, EnvVars: []string{"NTFY_LISTEN_UNIX"}, Usage: "listen on unix socket path"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "key-file", Aliases: []string{"key_file", "K"}, EnvVars: []string{"NTFY_KEY_FILE"}, Usage: "private key file, if listen-https is set"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "cert-file", Aliases: []string{"cert_file", "E"}, EnvVars: []string{"NTFY_CERT_FILE"}, Usage: "certificate file, if listen-https is set"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "firebase-key-file", Aliases: []string{"firebase_key_file", "F"}, EnvVars: []string{"NTFY_FIREBASE_KEY_FILE"}, Usage: "Firebase credentials file; if set additionally publish to FCM topic"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "cache-file", Aliases: []string{"cache_file", "C"}, EnvVars: []string{"NTFY_CACHE_FILE"}, Usage: "cache file used for message caching"}),
+	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "cache-duration", Aliases: []string{"cache_duration", "b"}, EnvVars: []string{"NTFY_CACHE_DURATION"}, Value: server.DefaultCacheDuration, Usage: "buffer messages for this time to allow `since` requests"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-file", Aliases: []string{"auth_file", "H"}, EnvVars: []string{"NTFY_AUTH_FILE"}, Usage: "auth database file used for access control"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-default-access", Aliases: []string{"auth_default_access", "p"}, EnvVars: []string{"NTFY_AUTH_DEFAULT_ACCESS"}, Value: "read-write", Usage: "default permissions if no matching entries in the auth database are found"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-cache-dir", Aliases: []string{"attachment_cache_dir"}, EnvVars: []string{"NTFY_ATTACHMENT_CACHE_DIR"}, Usage: "cache directory for attached files"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-total-size-limit", Aliases: []string{"attachment_total_size_limit", "A"}, EnvVars: []string{"NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT"}, DefaultText: "5G", Usage: "limit of the on-disk attachment cache"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "attachment-file-size-limit", Aliases: []string{"attachment_file_size_limit", "Y"}, EnvVars: []string{"NTFY_ATTACHMENT_FILE_SIZE_LIMIT"}, DefaultText: "15M", Usage: "per-file attachment size limit (e.g. 300k, 2M, 100M)"}),
+	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "attachment-expiry-duration", Aliases: []string{"attachment_expiry_duration", "X"}, EnvVars: []string{"NTFY_ATTACHMENT_EXPIRY_DURATION"}, Value: server.DefaultAttachmentExpiryDuration, DefaultText: "3h", Usage: "duration after which uploaded attachments will be deleted (e.g. 3h, 20h)"}),
+	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "keepalive-interval", Aliases: []string{"keepalive_interval", "k"}, EnvVars: []string{"NTFY_KEEPALIVE_INTERVAL"}, Value: server.DefaultKeepaliveInterval, Usage: "interval of keepalive messages"}),
+	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "manager-interval", Aliases: []string{"manager_interval", "m"}, EnvVars: []string{"NTFY_MANAGER_INTERVAL"}, Value: server.DefaultManagerInterval, Usage: "interval of for message pruning and stats printing"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "web-root", Aliases: []string{"web_root"}, EnvVars: []string{"NTFY_WEB_ROOT"}, Value: "app", Usage: "sets web root to landing page (home), web app (app) or disabled (disable)"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-sender-addr", Aliases: []string{"smtp_sender_addr"}, EnvVars: []string{"NTFY_SMTP_SENDER_ADDR"}, Usage: "SMTP server address (host:port) for outgoing emails"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-sender-user", Aliases: []string{"smtp_sender_user"}, EnvVars: []string{"NTFY_SMTP_SENDER_USER"}, Usage: "SMTP user (if e-mail sending is enabled)"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-sender-pass", Aliases: []string{"smtp_sender_pass"}, EnvVars: []string{"NTFY_SMTP_SENDER_PASS"}, Usage: "SMTP password (if e-mail sending is enabled)"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-sender-from", Aliases: []string{"smtp_sender_from"}, EnvVars: []string{"NTFY_SMTP_SENDER_FROM"}, Usage: "SMTP sender address (if e-mail sending is enabled)"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-server-listen", Aliases: []string{"smtp_server_listen"}, EnvVars: []string{"NTFY_SMTP_SERVER_LISTEN"}, Usage: "SMTP server address (ip:port) for incoming emails, e.g. :25"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-server-domain", Aliases: []string{"smtp_server_domain"}, EnvVars: []string{"NTFY_SMTP_SERVER_DOMAIN"}, Usage: "SMTP domain for incoming e-mail, e.g. ntfy.sh"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "smtp-server-addr-prefix", Aliases: []string{"smtp_server_addr_prefix"}, EnvVars: []string{"NTFY_SMTP_SERVER_ADDR_PREFIX"}, Usage: "SMTP email address prefix for topics to prevent spam (e.g. 'ntfy-')"}),
+	altsrc.NewIntFlag(&cli.IntFlag{Name: "global-topic-limit", Aliases: []string{"global_topic_limit", "T"}, EnvVars: []string{"NTFY_GLOBAL_TOPIC_LIMIT"}, Value: server.DefaultTotalTopicLimit, Usage: "total number of topics allowed"}),
+	altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-subscription-limit", Aliases: []string{"visitor_subscription_limit"}, EnvVars: []string{"NTFY_VISITOR_SUBSCRIPTION_LIMIT"}, Value: server.DefaultVisitorSubscriptionLimit, Usage: "number of subscriptions per visitor"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-attachment-total-size-limit", Aliases: []string{"visitor_attachment_total_size_limit"}, EnvVars: []string{"NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT"}, Value: "100M", Usage: "total storage limit used for attachments per visitor"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-attachment-daily-bandwidth-limit", Aliases: []string{"visitor_attachment_daily_bandwidth_limit"}, EnvVars: []string{"NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT"}, Value: "500M", Usage: "total daily attachment download/upload bandwidth limit per visitor"}),
+	altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-request-limit-burst", Aliases: []string{"visitor_request_limit_burst"}, EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_BURST"}, Value: server.DefaultVisitorRequestLimitBurst, Usage: "initial limit of requests per visitor"}),
+	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "visitor-request-limit-replenish", Aliases: []string{"visitor_request_limit_replenish"}, EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_REPLENISH"}, Value: server.DefaultVisitorRequestLimitReplenish, Usage: "interval at which burst limit is replenished (one per x)"}),
+	altsrc.NewStringFlag(&cli.StringFlag{Name: "visitor-request-limit-exempt-hosts", Aliases: []string{"visitor_request_limit_exempt_hosts"}, EnvVars: []string{"NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS"}, Value: "", Usage: "hostnames and/or IP addresses of hosts that will be exempt from the visitor request limit"}),
+	altsrc.NewIntFlag(&cli.IntFlag{Name: "visitor-email-limit-burst", Aliases: []string{"visitor_email_limit_burst"}, EnvVars: []string{"NTFY_VISITOR_EMAIL_LIMIT_BURST"}, Value: server.DefaultVisitorEmailLimitBurst, Usage: "initial limit of e-mails per visitor"}),
+	altsrc.NewDurationFlag(&cli.DurationFlag{Name: "visitor-email-limit-replenish", Aliases: []string{"visitor_email_limit_replenish"}, EnvVars: []string{"NTFY_VISITOR_EMAIL_LIMIT_REPLENISH"}, Value: server.DefaultVisitorEmailLimitReplenish, Usage: "interval at which burst limit is replenished (one per x)"}),
+	altsrc.NewBoolFlag(&cli.BoolFlag{Name: "behind-proxy", Aliases: []string{"behind_proxy", "P"}, EnvVars: []string{"NTFY_BEHIND_PROXY"}, Value: false, Usage: "if set, use X-Forwarded-For header to determine visitor IP address (for rate limiting)"}),
 }
 
 var cmdServe = &cli.Command{
@@ -59,7 +65,7 @@ var cmdServe = &cli.Command{
 	Action:    execServe,
 	Category:  categoryServer,
 	Flags:     flagsServe,
-	Before:    initConfigFileInputSource("config", flagsServe),
+	Before:    initConfigFileInputSourceFunc("config", flagsServe),
 	Description: `Run the ntfy server and listen for incoming requests
 
 The command will load the configuration from /etc/ntfy/server.yml. Config options can 
@@ -93,6 +99,7 @@ func execServe(c *cli.Context) error {
 	attachmentExpiryDuration := c.Duration("attachment-expiry-duration")
 	keepaliveInterval := c.Duration("keepalive-interval")
 	managerInterval := c.Duration("manager-interval")
+	webRoot := c.String("web-root")
 	smtpSenderAddr := c.String("smtp-sender-addr")
 	smtpSenderUser := c.String("smtp-sender-user")
 	smtpSenderPass := c.String("smtp-sender-pass")
@@ -136,8 +143,13 @@ func execServe(c *cli.Context) error {
 		return errors.New("if set, base-url must start with http:// or https://")
 	} else if !util.InStringList([]string{"read-write", "read-only", "write-only", "deny-all"}, authDefaultAccess) {
 		return errors.New("if set, auth-default-access must start set to 'read-write', 'read-only', 'write-only' or 'deny-all'")
+	} else if !util.InStringList([]string{"app", "home", "disable"}, webRoot) {
+		return errors.New("if set, web-root must be 'home' or 'app'")
 	}
 
+	webRootIsApp := webRoot == "app"
+	enableWeb := webRoot != "disable"
+
 	// Default auth permissions
 	authDefaultRead := authDefaultAccess == "read-write" || authDefaultAccess == "read-only"
 	authDefaultWrite := authDefaultAccess == "read-write" || authDefaultAccess == "write-only"
@@ -200,6 +212,7 @@ func execServe(c *cli.Context) error {
 	conf.AttachmentExpiryDuration = attachmentExpiryDuration
 	conf.KeepaliveInterval = keepaliveInterval
 	conf.ManagerInterval = managerInterval
+	conf.WebRootIsApp = webRootIsApp
 	conf.SMTPSenderAddr = smtpSenderAddr
 	conf.SMTPSenderUser = smtpSenderUser
 	conf.SMTPSenderPass = smtpSenderPass
@@ -217,6 +230,7 @@ func execServe(c *cli.Context) error {
 	conf.VisitorEmailLimitBurst = visitorEmailLimitBurst
 	conf.VisitorEmailLimitReplenish = visitorEmailLimitReplenish
 	conf.BehindProxy = behindProxy
+	conf.EnableWeb = enableWeb
 	s, err := server.New(conf)
 	if err != nil {
 		log.Fatalln(err)

cmd/subscribe.go

@@ -10,9 +10,20 @@ import (
 	"os"
 	"os/exec"
 	"os/user"
+	"path/filepath"
 	"strings"
 )
 
+func init() {
+	commands = append(commands, cmdSubscribe)
+}
+
+const (
+	clientRootConfigFileUnixAbsolute    = "/etc/ntfy/client.yml"
+	clientUserConfigFileUnixRelative    = "ntfy/client.yml"
+	clientUserConfigFileWindowsRelative = "ntfy\\client.yml"
+)
+
 var cmdSubscribe = &cli.Command{
 	Name:      "subscribe",
 	Aliases:   []string{"sub"},
@@ -60,19 +71,17 @@ ntfy subscribe TOPIC COMMAND
 
   Examples:
     ntfy sub mytopic 'notify-send "$m"'    # Execute command for incoming messages
-    ntfy sub topic1 /my/script.sh          # Execute script for incoming messages
+    ntfy sub topic1 myscript.sh            # Execute script for incoming messages
 
 ntfy subscribe --from-config
-  Service mode (used in ntfy-client.service). This reads the config file (/etc/ntfy/client.yml 
-  or ~/.config/ntfy/client.yml) and sets up subscriptions for every topic in the "subscribe:" 
-  block (see config file).
+  Service mode (used in ntfy-client.service). This reads the config file and sets up 
+  subscriptions for every topic in the "subscribe:" block (see config file).
 
   Examples: 
     ntfy sub --from-config                           # Read topics from config file
-    ntfy sub --config=/my/client.yml --from-config   # Read topics from alternate config file
+    ntfy sub --config=myclient.yml --from-config     # Read topics from alternate config file
 
-The default config file for all client commands is /etc/ntfy/client.yml (if root user),
-or ~/.config/ntfy/client.yml for all other users.`,
+` + clientCommandDescriptionSuffix,
 }
 
 func execSubscribe(c *cli.Context) error {
@@ -156,8 +165,8 @@ func doPollSingle(c *cli.Context, cl *client.Client, topic, command string, opti
 }
 
 func doSubscribe(c *cli.Context, cl *client.Client, conf *client.Config, topic, command string, options ...client.SubscribeOption) error {
-	commands := make(map[string]string) // Subscription ID -> command
-	for _, s := range conf.Subscribe {  // May be nil
+	cmds := make(map[string]string)    // Subscription ID -> command
+	for _, s := range conf.Subscribe { // May be nil
 		topicOptions := append(make([]client.SubscribeOption, 0), options...)
 		for filter, value := range s.If {
 			topicOptions = append(topicOptions, client.WithFilter(filter, value))
@@ -166,18 +175,18 @@ func doSubscribe(c *cli.Context, cl *client.Client, conf *client.Config, topic,
 			topicOptions = append(topicOptions, client.WithBasicAuth(s.User, s.Password))
 		}
 		subscriptionID := cl.Subscribe(s.Topic, topicOptions...)
-		commands[subscriptionID] = s.Command
+		cmds[subscriptionID] = s.Command
 	}
 	if topic != "" {
 		subscriptionID := cl.Subscribe(topic, options...)
-		commands[subscriptionID] = command
+		cmds[subscriptionID] = command
 	}
 	for m := range cl.Messages {
-		command, ok := commands[m.SubscriptionID]
+		cmd, ok := cmds[m.SubscriptionID]
 		if !ok {
 			continue
 		}
-		printMessageOrRunCommand(c, m, command)
+		printMessageOrRunCommand(c, m, cmd)
 	}
 	return nil
 }
@@ -196,17 +205,17 @@ func runCommand(c *cli.Context, command string, m *client.Message) {
 	}
 }
 
-func runCommandInternal(c *cli.Context, command string, m *client.Message) error {
-	scriptFile, err := createTmpScript(command)
-	if err != nil {
+func runCommandInternal(c *cli.Context, script string, m *client.Message) error {
+	scriptFile := fmt.Sprintf("%s/ntfy-subscribe-%s.%s", os.TempDir(), util.RandomString(10), scriptExt)
+	if err := os.WriteFile(scriptFile, []byte(scriptHeader+script), 0700); err != nil {
 		return err
 	}
 	defer os.Remove(scriptFile)
 	verbose := c.Bool("verbose")
 	if verbose {
-		log.Printf("[%s] Executing: %s (for message: %s)", util.ShortTopicURL(m.TopicURL), command, m.Raw)
+		log.Printf("[%s] Executing: %s (for message: %s)", util.ShortTopicURL(m.TopicURL), script, m.Raw)
 	}
-	cmd := exec.Command("sh", "-c", scriptFile)
+	cmd := exec.Command(scriptLauncher[0], append(scriptLauncher[1:], scriptFile)...)
 	cmd.Stdin = c.App.Reader
 	cmd.Stdout = c.App.Writer
 	cmd.Stderr = c.App.ErrWriter
@@ -214,15 +223,6 @@ func runCommandInternal(c *cli.Context, command string, m *client.Message) error
 	return cmd.Run()
 }
 
-func createTmpScript(command string) (string, error) {
-	scriptFile := fmt.Sprintf("%s/ntfy-subscribe-%s.sh.tmp", os.TempDir(), util.RandomString(10))
-	script := fmt.Sprintf("#!/bin/sh\n%s", command)
-	if err := os.WriteFile(scriptFile, []byte(script), 0700); err != nil {
-		return "", err
-	}
-	return scriptFile, nil
-}
-
 func envVars(m *client.Message) []string {
 	env := os.Environ()
 	env = append(env, envVar(m.ID, "NTFY_ID", "id")...)
@@ -249,13 +249,26 @@ func loadConfig(c *cli.Context) (*client.Config, error) {
 	if filename != "" {
 		return client.LoadConfig(filename)
 	}
-	u, _ := user.Current()
-	configFile := defaultClientRootConfigFile
-	if u.Uid != "0" {
-		configFile = util.ExpandHome(defaultClientUserConfigFile)
-	}
+	configFile := defaultConfigFile()
 	if s, _ := os.Stat(configFile); s != nil {
 		return client.LoadConfig(configFile)
 	}
 	return client.NewConfig(), nil
 }
+
+//lint:ignore U1000 Conditionally used in different builds
+func defaultConfigFileUnix() string {
+	u, _ := user.Current()
+	configFile := clientRootConfigFileUnixAbsolute
+	if u.Uid != "0" {
+		homeDir, _ := os.UserConfigDir()
+		return filepath.Join(homeDir, clientUserConfigFileUnixRelative)
+	}
+	return configFile
+}
+
+//lint:ignore U1000 Conditionally used in different builds
+func defaultConfigFileWindows() string {
+	homeDir, _ := os.UserConfigDir()
+	return filepath.Join(homeDir, clientUserConfigFileWindowsRelative)
+}

cmd/subscribe_darwin.go

@@ -0,0 +1,16 @@
+package cmd
+
+const (
+	scriptExt                      = "sh"
+	scriptHeader                   = "#!/bin/sh\n"
+	clientCommandDescriptionSuffix = `The default config file for all client commands is /etc/ntfy/client.yml (if root user),
+or "~/Library/Application Support/ntfy/client.yml" for all other users.`
+)
+
+var (
+	scriptLauncher = []string{"sh", "-c"}
+)
+
+func defaultConfigFile() string {
+	return defaultConfigFileUnix()
+}

cmd/subscribe_linux.go

@@ -0,0 +1,16 @@
+package cmd
+
+const (
+	scriptExt                      = "sh"
+	scriptHeader                   = "#!/bin/sh\n"
+	clientCommandDescriptionSuffix = `The default config file for all client commands is /etc/ntfy/client.yml (if root user),
+or ~/.config/ntfy/client.yml for all other users.`
+)
+
+var (
+	scriptLauncher = []string{"sh", "-c"}
+)
+
+func defaultConfigFile() string {
+	return defaultConfigFileUnix()
+}

cmd/subscribe_windows.go

@@ -0,0 +1,15 @@
+package cmd
+
+const (
+	scriptExt                      = "bat"
+	scriptHeader                   = ""
+	clientCommandDescriptionSuffix = `The default config file for all client commands is %AppData%\ntfy\client.yml.`
+)
+
+var (
+	scriptLauncher = []string{"cmd.exe", "/Q", "/C"}
+)
+
+func defaultConfigFile() string {
+	return defaultConfigFileWindows()
+}

cmd/user_linux.go

@@ -11,13 +11,18 @@ import (
 	"strings"
 )
 
+func init() {
+	commands = append(commands, cmdUser)
+}
+
 var flagsUser = userCommandFlags()
+
 var cmdUser = &cli.Command{
 	Name:      "user",
 	Usage:     "Manage/show users",
 	UsageText: "ntfy user [list|add|remove|change-pass|change-role] ...",
 	Flags:     flagsUser,
-	Before:    initConfigFileInputSource("config", flagsUser),
+	Before:    initConfigFileInputSourceFunc("config", flagsUser),
 	Category:  categoryServer,
 	Subcommands: []*cli.Command{
 		{
@@ -25,7 +30,6 @@ var cmdUser = &cli.Command{
 			Aliases:   []string{"a"},
 			Usage:     "Adds a new user",
 			UsageText: "ntfy user add [--role=admin|user] USERNAME",
-			Before:    inheritRootReaderFunc,
 			Action:    execUserAdd,
 			Flags: []cli.Flag{
 				&cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"},
@@ -46,7 +50,6 @@ Examples:
 			Aliases:   []string{"del", "rm"},
 			Usage:     "Removes a user",
 			UsageText: "ntfy user remove USERNAME",
-			Before:    inheritRootReaderFunc,
 			Action:    execUserDel,
 			Description: `Remove a user from the ntfy user database.
 
@@ -59,7 +62,6 @@ Example:
 			Aliases:   []string{"chp"},
 			Usage:     "Changes a user's password",
 			UsageText: "ntfy user change-pass USERNAME",
-			Before:    inheritRootReaderFunc,
 			Action:    execUserChangePass,
 			Description: `Change the password for the given user.
 
@@ -75,7 +77,6 @@ Example:
 			Aliases:   []string{"chr"},
 			Usage:     "Changes the role of a user",
 			UsageText: "ntfy user change-role USERNAME ROLE",
-			Before:    inheritRootReaderFunc,
 			Action:    execUserChangeRole,
 			Description: `Change the role for the given user to admin or user.
 
@@ -97,7 +98,6 @@ Example:
 			Name:    "list",
 			Aliases: []string{"l"},
 			Usage:   "Shows a list of users",
-			Before:  inheritRootReaderFunc,
 			Action:  execUserList,
 			Description: `Shows a list of all configured users, including the everyone ('*') user.
 
@@ -275,14 +275,3 @@ func userCommandFlags() []cli.Flag {
 		altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-default-access", Aliases: []string{"p"}, EnvVars: []string{"NTFY_AUTH_DEFAULT_ACCESS"}, Value: "read-write", Usage: "default permissions if no matching entries in the auth database are found"}),
 	}
 }
-
-// inheritRootReaderFunc is a workaround for a urfave/cli bug that makes subcommands not inherit the App.Reader.
-// This bug was fixed in master, but not in v2.3.0.
-func inheritRootReaderFunc(ctx *cli.Context) error {
-	for _, c := range ctx.Lineage() {
-		if c.App != nil && c.App.Reader != nil {
-			ctx.App.Reader = c.App.Reader
-		}
-	}
-	return nil
-}

docs/config.md

@@ -346,7 +346,7 @@ statuspage.io (though these days most services also support webhooks and HTTP ca
 To configure the SMTP server, you must at least set `smtp-server-listen` and `smtp-server-domain`:
 
 * `smtp-server-listen` defines the IP address and port the SMTP server will listen on, e.g. `:25` or `1.2.3.4:25`
-* `smtp-server-domain` is the e-mail domain, e.g. `ntfy.sh`
+* `smtp-server-domain` is the e-mail domain, e.g. `ntfy.sh` (must be identical to MX record, see below)
 * `smtp-server-addr-prefix` is an optional prefix for the e-mail addresses to prevent spam. If set to `ntfy-`, for instance,
   only e-mails to `ntfy-$topic@ntfy.sh` will be accepted. If this is not set, all emails to `$topic@ntfy.sh` will be
   accepted (which may obviously be a spam problem).
@@ -369,6 +369,42 @@ configured (in [Amazon Route 53](https://aws.amazon.com/route53/)):
   <figcaption>DNS records for incoming mail</figcaption>
 </figure>
 
+You can check if everything is working correctly by sending an email as raw SMTP via `nc`. Create a text file, e.g. 
+`email.txt`
+
+```
+EHLO example.com
+MAIL FROM: phil@example.com
+RCPT TO: ntfy-mytopic@ntfy.sh
+DATA
+Subject: Email for you
+Content-Type: text/plain; charset="UTF-8"
+
+Hello from 🇩🇪
+.
+```
+
+And then send the mail via `nc` like this. If you see any lines starting with `451`, those are errors from the 
+ntfy server. Read them carefully.
+
+```
+$ cat email.txt | nc -N ntfy.sh 25
+220 ntfy.sh ESMTP Service Ready
+250-Hello example.com
+...
+250 2.0.0 Roger, accepting mail from <phil@example.com>
+250 2.0.0 I'll make sure <ntfy-mytopic@ntfy.sh> gets this
+```
+
+As for the DNS setup, be sure to verify that `dig MX` and `dig A` are returning results similar to this:
+
+```
+$ dig MX ntfy.sh +short 
+10 mx1.ntfy.sh.
+$ dig A mx1.ntfy.sh +short 
+3.139.215.220
+```
+
 ## Behind a proxy (TLS, etc.)
 !!! warning
     If you are running ntfy behind a proxy, you must set the `behind-proxy` flag. Otherwise, all visitors are
@@ -399,8 +435,10 @@ HTTP challenge. I've found [this guide](https://nandovieira.com/using-lets-encry
 be incredibly helpful.
 
 ### nginx/Apache2/caddy
-For your convenience, here's a working config that'll help configure things behind a proxy. In this 
-example, ntfy runs on `:2586` and we proxy traffic to it. We also redirect HTTP to HTTPS for GET requests against a topic
+For your convenience, here's a working config that'll help configure things behind a proxy. Be sure to **enable WebSockets**
+by forwarding the `Connection` and `Upgrade` headers accordingly. 
+
+In this example, ntfy runs on `:2586` and we proxy traffic to it. We also redirect HTTP to HTTPS for GET requests against a topic
 or the root domain:
 
 === "nginx (/etc/nginx/sites-*/ntfy)"
@@ -481,19 +519,27 @@ or the root domain:
     ```
     <VirtualHost *:80>
         ServerName ntfy.sh
-        
-        SetEnv proxy-nokeepalive 1
-        SetEnv proxy-sendchunked 1
-        
+
+        # Proxy connections to ntfy (requires "a2enmod proxy")
         ProxyPass / http://127.0.0.1:2586/
         ProxyPassReverse / http://127.0.0.1:2586/
-        
+
+        SetEnv proxy-nokeepalive 1
+        SetEnv proxy-sendchunked 1
+
         # Higher than the max message size of 4096 bytes
         LimitRequestBody 102400
+
+        # Enable mod_rewrite (requires "a2enmod rewrite")
+        RewriteEngine on
+
+        # WebSockets support (requires "a2enmod rewrite proxy_wstunnel")
+        RewriteCond %{HTTP:Upgrade} websocket [NC]
+        RewriteCond %{HTTP:Connection} upgrade [NC]
+        RewriteRule ^/?(.*) "ws://127.0.0.1:2586/$1" [P,L]
         
         # Redirect HTTP to HTTPS, but only for GET topic addresses, since we want 
         # it to work with curl without the annoying https:// prefix 
-        RewriteEngine on
         RewriteCond %{REQUEST_METHOD} GET
         RewriteRule ^/([-_A-Za-z0-9]{0,64})$ https://%{SERVER_NAME}/$1 [R,L]
     </VirtualHost>
@@ -505,21 +551,24 @@ or the root domain:
         SSLCertificateFile /etc/letsencrypt/live/ntfy.sh/fullchain.pem
         SSLCertificateKeyFile /etc/letsencrypt/live/ntfy.sh/privkey.pem
         Include /etc/letsencrypt/options-ssl-apache.conf
-        
-        SetEnv proxy-nokeepalive 1
-        SetEnv proxy-sendchunked 1
-        
+
+        # Proxy connections to ntfy (requires "a2enmod proxy")
         ProxyPass / http://127.0.0.1:2586/
         ProxyPassReverse / http://127.0.0.1:2586/
-        
+
+        SetEnv proxy-nokeepalive 1
+        SetEnv proxy-sendchunked 1
+
         # Higher than the max message size of 4096 bytes 
         LimitRequestBody 102400
-        
-        # Redirect HTTP to HTTPS, but only for GET topic addresses, since we want 
-        # it to work with curl without the annoying https:// prefix 
+
+        # Enable mod_rewrite (requires "a2enmod rewrite")
         RewriteEngine on
-        RewriteCond %{REQUEST_METHOD} GET
-        RewriteRule ^/([-_A-Za-z0-9]{0,64})$ https://%{SERVER_NAME}/$1 [R,L]
+
+        # WebSockets support (requires "a2enmod rewrite proxy_wstunnel")
+        RewriteCond %{HTTP:Upgrade} websocket [NC]
+        RewriteCond %{HTTP:Connection} upgrade [NC]
+        RewriteRule ^/?(.*) "ws://127.0.0.1:2586/$1" [P,L] 
     </VirtualHost>
     ```
 
@@ -530,6 +579,15 @@ or the root domain:
 
     ntfy.sh, http://nfty.sh {
         reverse_proxy 127.0.0.1:2586
+
+        # Redirect HTTP to HTTPS, but only for GET topic addresses, since we want
+        # it to work with curl without the annoying https:// prefix
+        @httpget {
+            protocol http
+            method GET
+            path_regexp ^/([-_a-z0-9]{0,64}$|docs/|static/)
+        }
+        redir @httpget https://{host}{uri}
     }
     ```
 
@@ -717,42 +775,48 @@ Each config option can be set in the config file `/etc/ntfy/server.yml` (e.g. `l
 CLI option (e.g. `--listen-http :80`. Here's a list of all available options. Alternatively, you can set an environment
 variable before running the `ntfy` command (e.g. `export NTFY_LISTEN_HTTP=:80`).
 
-| Config option                              | Env variable                                    | Format                                              | Default | Description                                                                                                                                                                                                                     |
-|--------------------------------------------|-------------------------------------------------|-----------------------------------------------------|---------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `base-url`                                 | `NTFY_BASE_URL`                                 | *URL*                                               | -       | Public facing base URL of the service (e.g. `https://ntfy.sh`)                                                                                                                                                                  |
-| `listen-http`                              | `NTFY_LISTEN_HTTP`                              | `[host]:port`                                       | `:80`   | Listen address for the HTTP web server                                                                                                                                                                                          |
-| `listen-https`                             | `NTFY_LISTEN_HTTPS`                             | `[host]:port`                                       | -       | Listen address for the HTTPS web server. If set, you also need to set `key-file` and `cert-file`.                                                                                                                               |
-| `listen-unix`                              | `NTFY_LISTEN_UNIX`                              | *filename*                                          | -       | Path to a Unix socket to listen on                                                                                                                                                                                              |
-| `key-file`                                 | `NTFY_KEY_FILE`                                 | *filename*                                          | -       | HTTPS/TLS private key file, only used if `listen-https` is set.                                                                                                                                                                 |
-| `cert-file`                                | `NTFY_CERT_FILE`                                | *filename*                                          | -       | HTTPS/TLS certificate file, only used if `listen-https` is set.                                                                                                                                                                 |
-| `firebase-key-file`                        | `NTFY_FIREBASE_KEY_FILE`                        | *filename*                                          | -       | If set, also publish messages to a Firebase Cloud Messaging (FCM) topic for your app. This is optional and only required to save battery when using the Android app. See [Firebase (FCM](#firebase-fcm).                        |
-| `cache-file`                               | `NTFY_CACHE_FILE`                               | *filename*                                          | -       | If set, messages are cached in a local SQLite database instead of only in-memory. This allows for service restarts without losing messages in support of the since= parameter. See [message cache](#message-cache).             |
-| `cache-duration`                           | `NTFY_CACHE_DURATION`                           | *duration*                                          | 12h     | Duration for which messages will be buffered before they are deleted. This is required to support the `since=...` and `poll=1` parameter. Set this to `0` to disable the cache entirely.                                        |
-| `auth-file`                                | `NTFY_AUTH_FILE`                                | *filename*                                          | -       | Auth database file used for access control. If set, enables authentication and access control. See [access control](#access-control).                                                                                           |
-| `auth-default-access`                      | `NTFY_AUTH_DEFAULT_ACCESS`                      | `read-write`, `read-only`, `write-only`, `deny-all` | -       | Default permissions if no matching entries in the auth database are found. Default is `read-write`.                                                                                                                             |
-| `behind-proxy`                             | `NTFY_BEHIND_PROXY`                             | *bool*                                              | false   | If set, the X-Forwarded-For header is used to determine the visitor IP address instead of the remote address of the connection.                                                                                                 |
-| `attachment-cache-dir`                     | `NTFY_ATTACHMENT_CACHE_DIR`                     | *directory*                                         | -       | Cache directory for attached files. To enable attachments, this has to be set.                                                                                                                                                  |
-| `attachment-total-size-limit`              | `NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT`              | *size*                                              | 5G      | Limit of the on-disk attachment cache directory. If the limits is exceeded, new attachments will be rejected.                                                                                                                   |
-| `attachment-file-size-limit`               | `NTFY_ATTACHMENT_FILE_SIZE_LIMIT`               | *size*                                              | 15M     | Per-file attachment size limit (e.g. 300k, 2M, 100M). Larger attachment will be rejected.                                                                                                                                       |
-| `attachment-expiry-duration`               | `NTFY_ATTACHMENT_EXPIRY_DURATION`               | *duration*                                          | 3h      | Duration after which uploaded attachments will be deleted (e.g. 3h, 20h). Strongly affects `visitor-attachment-total-size-limit`.                                                                                               |
-| `smtp-sender-addr`                         | `NTFY_SMTP_SENDER_ADDR`                         | `host:port`                                         | -       | SMTP server address to allow email sending                                                                                                                                                                                      |
-| `smtp-sender-user`                         | `NTFY_SMTP_SENDER_USER`                         | *string*                                            | -       | SMTP user; only used if e-mail sending is enabled                                                                                                                                                                               |
-| `smtp-sender-pass`                         | `NTFY_SMTP_SENDER_PASS`                         | *string*                                            | -       | SMTP password; only used if e-mail sending is enabled                                                                                                                                                                           |
-| `smtp-sender-from`                         | `NTFY_SMTP_SENDER_FROM`                         | *e-mail address*                                    | -       | SMTP sender e-mail address; only used if e-mail sending is enabled                                                                                                                                                              |
-| `smtp-server-listen`                       | `NTFY_SMTP_SERVER_LISTEN`                       | `[ip]:port`                                         | -       | Defines the IP address and port the SMTP server will listen on, e.g. `:25` or `1.2.3.4:25`                                                                                                                                      |
-| `smtp-server-domain`                       | `NTFY_SMTP_SERVER_DOMAIN`                       | *domain name*                                       | -       | SMTP server e-mail domain, e.g. `ntfy.sh`                                                                                                                                                                                       |
-| `smtp-server-addr-prefix`                  | `NTFY_SMTP_SERVER_ADDR_PREFIX`                  | `[ip]:port`                                         | -       | Optional prefix for the e-mail addresses to prevent spam, e.g. `ntfy-`                                                                                                                                                          |
-| `keepalive-interval`                       | `NTFY_KEEPALIVE_INTERVAL`                       | *duration*                                          | 45s     | Interval in which keepalive messages are sent to the client. This is to prevent intermediaries closing the connection for inactivity. Note that the Android app has a hardcoded timeout at 77s, so it should be less than that. |
-| `manager-interval`                         | `$NTFY_MANAGER_INTERVAL`                        | *duration*                                          | 1m      | Interval in which the manager prunes old messages, deletes topics and prints the stats.                                                                                                                                         |
-| `global-topic-limit`                       | `NTFY_GLOBAL_TOPIC_LIMIT`                       | *number*                                            | 15,000  | Rate limiting: Total number of topics before the server rejects new topics.                                                                                                                                                     |
-| `visitor-subscription-limit`               | `NTFY_VISITOR_SUBSCRIPTION_LIMIT`               | *number*                                            | 30      | Rate limiting: Number of subscriptions per visitor (IP address)                                                                                                                                                                 |
-| `visitor-attachment-total-size-limit`      | `NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT`      | *size*                                              | 100M    | Rate limiting: Total storage limit used for attachments per visitor, for all attachments combined. Storage is freed after attachments expire. See `attachment-expiry-duration`.                                                 |
-| `visitor-attachment-daily-bandwidth-limit` | `NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT` | *size*                                              | 500M    | Rate limiting: Total daily attachment download/upload traffic limit per visitor. This is to protect your bandwidth costs from exploding.                                                                                        |
-| `visitor-request-limit-burst`              | `NTFY_VISITOR_REQUEST_LIMIT_BURST`              | *number*                                            | 60      | Rate limiting: Allowed GET/PUT/POST requests per second, per visitor. This setting is the initial bucket of requests each visitor has                                                                                           |
-| `visitor-request-limit-replenish`          | `NTFY_VISITOR_REQUEST_LIMIT_REPLENISH`          | *duration*                                          | 5s      | Rate limiting: Strongly related to `visitor-request-limit-burst`: The rate at which the bucket is refilled                                                                                                                      |
-| `visitor-request-limit-exempt-hosts`       | `NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS`       | *comma-separated host/IP list*                      | -       | Rate limiting: List of hostnames and IPs to be exempt from request rate limiting                                                                                                                                                |
-| `visitor-email-limit-burst`                | `NTFY_VISITOR_EMAIL_LIMIT_BURST`                | *number*                                            | 16      | Rate limiting:Initial limit of e-mails per visitor                                                                                                                                                                              |
-| `visitor-email-limit-replenish`            | `NTFY_VISITOR_EMAIL_LIMIT_REPLENISH`            | *duration*                                          | 1h      | Rate limiting: Strongly related to `visitor-email-limit-burst`: The rate at which the bucket is refilled                                                                                                                        |
+!!! info
+    All config options can also be defined in the `server.yml` file using underscores instead of dashes, e.g. 
+    `cache_duration` and `cache-duration` are both supported. This is to support stricter YAML parsers that do 
+    not support dashes.
+
+| Config option                              | Env variable                                    | Format                                              | Default      | Description                                                                                                                                                                                                                     |
+|--------------------------------------------|-------------------------------------------------|-----------------------------------------------------|--------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `base-url`                                 | `NTFY_BASE_URL`                                 | *URL*                                               | -            | Public facing base URL of the service (e.g. `https://ntfy.sh`)                                                                                                                                                                  |
+| `listen-http`                              | `NTFY_LISTEN_HTTP`                              | `[host]:port`                                       | `:80`        | Listen address for the HTTP web server                                                                                                                                                                                          |
+| `listen-https`                             | `NTFY_LISTEN_HTTPS`                             | `[host]:port`                                       | -            | Listen address for the HTTPS web server. If set, you also need to set `key-file` and `cert-file`.                                                                                                                               |
+| `listen-unix`                              | `NTFY_LISTEN_UNIX`                              | *filename*                                          | -            | Path to a Unix socket to listen on                                                                                                                                                                                              |
+| `key-file`                                 | `NTFY_KEY_FILE`                                 | *filename*                                          | -            | HTTPS/TLS private key file, only used if `listen-https` is set.                                                                                                                                                                 |
+| `cert-file`                                | `NTFY_CERT_FILE`                                | *filename*                                          | -            | HTTPS/TLS certificate file, only used if `listen-https` is set.                                                                                                                                                                 |
+| `firebase-key-file`                        | `NTFY_FIREBASE_KEY_FILE`                        | *filename*                                          | -            | If set, also publish messages to a Firebase Cloud Messaging (FCM) topic for your app. This is optional and only required to save battery when using the Android app. See [Firebase (FCM](#firebase-fcm).                        |
+| `cache-file`                               | `NTFY_CACHE_FILE`                               | *filename*                                          | -            | If set, messages are cached in a local SQLite database instead of only in-memory. This allows for service restarts without losing messages in support of the since= parameter. See [message cache](#message-cache).             |
+| `cache-duration`                           | `NTFY_CACHE_DURATION`                           | *duration*                                          | 12h          | Duration for which messages will be buffered before they are deleted. This is required to support the `since=...` and `poll=1` parameter. Set this to `0` to disable the cache entirely.                                        |
+| `auth-file`                                | `NTFY_AUTH_FILE`                                | *filename*                                          | -            | Auth database file used for access control. If set, enables authentication and access control. See [access control](#access-control).                                                                                           |
+| `auth-default-access`                      | `NTFY_AUTH_DEFAULT_ACCESS`                      | `read-write`, `read-only`, `write-only`, `deny-all` | `read-write` | Default permissions if no matching entries in the auth database are found. Default is `read-write`.                                                                                                                             |
+| `behind-proxy`                             | `NTFY_BEHIND_PROXY`                             | *bool*                                              | false        | If set, the X-Forwarded-For header is used to determine the visitor IP address instead of the remote address of the connection.                                                                                                 |
+| `attachment-cache-dir`                     | `NTFY_ATTACHMENT_CACHE_DIR`                     | *directory*                                         | -            | Cache directory for attached files. To enable attachments, this has to be set.                                                                                                                                                  |
+| `attachment-total-size-limit`              | `NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT`              | *size*                                              | 5G           | Limit of the on-disk attachment cache directory. If the limits is exceeded, new attachments will be rejected.                                                                                                                   |
+| `attachment-file-size-limit`               | `NTFY_ATTACHMENT_FILE_SIZE_LIMIT`               | *size*                                              | 15M          | Per-file attachment size limit (e.g. 300k, 2M, 100M). Larger attachment will be rejected.                                                                                                                                       |
+| `attachment-expiry-duration`               | `NTFY_ATTACHMENT_EXPIRY_DURATION`               | *duration*                                          | 3h           | Duration after which uploaded attachments will be deleted (e.g. 3h, 20h). Strongly affects `visitor-attachment-total-size-limit`.                                                                                               |
+| `smtp-sender-addr`                         | `NTFY_SMTP_SENDER_ADDR`                         | `host:port`                                         | -            | SMTP server address to allow email sending                                                                                                                                                                                      |
+| `smtp-sender-user`                         | `NTFY_SMTP_SENDER_USER`                         | *string*                                            | -            | SMTP user; only used if e-mail sending is enabled                                                                                                                                                                               |
+| `smtp-sender-pass`                         | `NTFY_SMTP_SENDER_PASS`                         | *string*                                            | -            | SMTP password; only used if e-mail sending is enabled                                                                                                                                                                           |
+| `smtp-sender-from`                         | `NTFY_SMTP_SENDER_FROM`                         | *e-mail address*                                    | -            | SMTP sender e-mail address; only used if e-mail sending is enabled                                                                                                                                                              |
+| `smtp-server-listen`                       | `NTFY_SMTP_SERVER_LISTEN`                       | `[ip]:port`                                         | -            | Defines the IP address and port the SMTP server will listen on, e.g. `:25` or `1.2.3.4:25`                                                                                                                                      |
+| `smtp-server-domain`                       | `NTFY_SMTP_SERVER_DOMAIN`                       | *domain name*                                       | -            | SMTP server e-mail domain, e.g. `ntfy.sh`                                                                                                                                                                                       |
+| `smtp-server-addr-prefix`                  | `NTFY_SMTP_SERVER_ADDR_PREFIX`                  | `[ip]:port`                                         | -            | Optional prefix for the e-mail addresses to prevent spam, e.g. `ntfy-`                                                                                                                                                          |
+| `keepalive-interval`                       | `NTFY_KEEPALIVE_INTERVAL`                       | *duration*                                          | 45s          | Interval in which keepalive messages are sent to the client. This is to prevent intermediaries closing the connection for inactivity. Note that the Android app has a hardcoded timeout at 77s, so it should be less than that. |
+| `manager-interval`                         | `$NTFY_MANAGER_INTERVAL`                        | *duration*                                          | 1m           | Interval in which the manager prunes old messages, deletes topics and prints the stats.                                                                                                                                         |
+| `web-root`                                 | `NTFY_WEB_ROOT`                                 | `app`, `home` or `disable`                          | `app`        | Sets web root to landing page (home), web app (app) or disables the web app entirely (disable)                                                                                                                                  |
+| `global-topic-limit`                       | `NTFY_GLOBAL_TOPIC_LIMIT`                       | *number*                                            | 15,000       | Rate limiting: Total number of topics before the server rejects new topics.                                                                                                                                                     |
+| `visitor-subscription-limit`               | `NTFY_VISITOR_SUBSCRIPTION_LIMIT`               | *number*                                            | 30           | Rate limiting: Number of subscriptions per visitor (IP address)                                                                                                                                                                 |
+| `visitor-attachment-total-size-limit`      | `NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT`      | *size*                                              | 100M         | Rate limiting: Total storage limit used for attachments per visitor, for all attachments combined. Storage is freed after attachments expire. See `attachment-expiry-duration`.                                                 |
+| `visitor-attachment-daily-bandwidth-limit` | `NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT` | *size*                                              | 500M         | Rate limiting: Total daily attachment download/upload traffic limit per visitor. This is to protect your bandwidth costs from exploding.                                                                                        |
+| `visitor-request-limit-burst`              | `NTFY_VISITOR_REQUEST_LIMIT_BURST`              | *number*                                            | 60           | Rate limiting: Allowed GET/PUT/POST requests per second, per visitor. This setting is the initial bucket of requests each visitor has                                                                                           |
+| `visitor-request-limit-replenish`          | `NTFY_VISITOR_REQUEST_LIMIT_REPLENISH`          | *duration*                                          | 5s           | Rate limiting: Strongly related to `visitor-request-limit-burst`: The rate at which the bucket is refilled                                                                                                                      |
+| `visitor-request-limit-exempt-hosts`       | `NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS`       | *comma-separated host/IP list*                      | -            | Rate limiting: List of hostnames and IPs to be exempt from request rate limiting                                                                                                                                                |
+| `visitor-email-limit-burst`                | `NTFY_VISITOR_EMAIL_LIMIT_BURST`                | *number*                                            | 16           | Rate limiting:Initial limit of e-mails per visitor                                                                                                                                                                              |
+| `visitor-email-limit-replenish`            | `NTFY_VISITOR_EMAIL_LIMIT_REPLENISH`            | *duration*                                          | 1h           | Rate limiting: Strongly related to `visitor-email-limit-burst`: The rate at which the bucket is refilled                                                                                                                        |
 
 The format for a *duration* is: `<number>(smh)`, e.g. 30s, 20m or 1h.   
 The format for a *size* is: `<number>(GMK)`, e.g. 1G, 200M or 4000k.
@@ -780,41 +844,42 @@ DESCRIPTION:
      ntfy serve --listen-http :8080  # Starts server with alternate port
 
 OPTIONS:
-   --config value, -c value                          config file (default: /etc/ntfy/server.yml) [$NTFY_CONFIG_FILE]
-   --base-url value, -B value                        externally visible base URL for this host (e.g. https://ntfy.sh) [$NTFY_BASE_URL]
-   --listen-http value, -l value                     ip:port used to as HTTP listen address (default: ":80") [$NTFY_LISTEN_HTTP]
-   --listen-https value, -L value                    ip:port used to as HTTPS listen address [$NTFY_LISTEN_HTTPS]
-   --listen-unix value, -U value                     listen on unix socket path [$NTFY_LISTEN_UNIX]
-   --key-file value, -K value                        private key file, if listen-https is set [$NTFY_KEY_FILE]
-   --cert-file value, -E value                       certificate file, if listen-https is set [$NTFY_CERT_FILE]
-   --firebase-key-file value, -F value               Firebase credentials file; if set additionally publish to FCM topic [$NTFY_FIREBASE_KEY_FILE]
-   --cache-file value, -C value                      cache file used for message caching [$NTFY_CACHE_FILE]
-   --cache-duration since, -b since                  buffer messages for this time to allow since requests (default: 12h0m0s) [$NTFY_CACHE_DURATION]
-   --auth-file value, -H value                       auth database file used for access control [$NTFY_AUTH_FILE]
-   --auth-default-access value, -p value             default permissions if no matching entries in the auth database are found (default: "read-write") [$NTFY_AUTH_DEFAULT_ACCESS]
-   --attachment-cache-dir value                      cache directory for attached files [$NTFY_ATTACHMENT_CACHE_DIR]
-   --attachment-total-size-limit value, -A value     limit of the on-disk attachment cache (default: 5G) [$NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT]
-   --attachment-file-size-limit value, -Y value      per-file attachment size limit (e.g. 300k, 2M, 100M) (default: 15M) [$NTFY_ATTACHMENT_FILE_SIZE_LIMIT]
-   --attachment-expiry-duration value, -X value      duration after which uploaded attachments will be deleted (e.g. 3h, 20h) (default: 3h) [$NTFY_ATTACHMENT_EXPIRY_DURATION]
-   --keepalive-interval value, -k value              interval of keepalive messages (default: 45s) [$NTFY_KEEPALIVE_INTERVAL]
-   --manager-interval value, -m value                interval of for message pruning and stats printing (default: 1m0s) [$NTFY_MANAGER_INTERVAL]
-   --smtp-sender-addr value                          SMTP server address (host:port) for outgoing emails [$NTFY_SMTP_SENDER_ADDR]
-   --smtp-sender-user value                          SMTP user (if e-mail sending is enabled) [$NTFY_SMTP_SENDER_USER]
-   --smtp-sender-pass value                          SMTP password (if e-mail sending is enabled) [$NTFY_SMTP_SENDER_PASS]
-   --smtp-sender-from value                          SMTP sender address (if e-mail sending is enabled) [$NTFY_SMTP_SENDER_FROM]
-   --smtp-server-listen value                        SMTP server address (ip:port) for incoming emails, e.g. :25 [$NTFY_SMTP_SERVER_LISTEN]
-   --smtp-server-domain value                        SMTP domain for incoming e-mail, e.g. ntfy.sh [$NTFY_SMTP_SERVER_DOMAIN]
-   --smtp-server-addr-prefix value                   SMTP email address prefix for topics to prevent spam (e.g. 'ntfy-') [$NTFY_SMTP_SERVER_ADDR_PREFIX]
-   --global-topic-limit value, -T value              total number of topics allowed (default: 15000) [$NTFY_GLOBAL_TOPIC_LIMIT]
-   --visitor-subscription-limit value                number of subscriptions per visitor (default: 30) [$NTFY_VISITOR_SUBSCRIPTION_LIMIT]
-   --visitor-attachment-total-size-limit value       total storage limit used for attachments per visitor (default: "100M") [$NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT]
-   --visitor-attachment-daily-bandwidth-limit value  total daily attachment download/upload bandwidth limit per visitor (default: "500M") [$NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT]
-   --visitor-request-limit-burst value               initial limit of requests per visitor (default: 60) [$NTFY_VISITOR_REQUEST_LIMIT_BURST]
-   --visitor-request-limit-replenish value           interval at which burst limit is replenished (one per x) (default: 5s) [$NTFY_VISITOR_REQUEST_LIMIT_REPLENISH]
-   --visitor-request-limit-exempt-hosts value        hostnames and/or IP addresses of hosts that will be exempt from the visitor request limit [$NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS]
-   --visitor-email-limit-burst value                 initial limit of e-mails per visitor (default: 16) [$NTFY_VISITOR_EMAIL_LIMIT_BURST]
-   --visitor-email-limit-replenish value             interval at which burst limit is replenished (one per x) (default: 1h0m0s) [$NTFY_VISITOR_EMAIL_LIMIT_REPLENISH]
-   --behind-proxy, -P                                if set, use X-Forwarded-For header to determine visitor IP address (for rate limiting) (default: false) [$NTFY_BEHIND_PROXY]
-   --help, -h                                        show help (default: false)
+   --config value, -c value                                                                            config file (default: /etc/ntfy/server.yml) [$NTFY_CONFIG_FILE]
+   --base-url value, --base_url value, -B value                                                        externally visible base URL for this host (e.g. https://ntfy.sh) [$NTFY_BASE_URL]
+   --listen-http value, --listen_http value, -l value                                                  ip:port used to as HTTP listen address (default: ":80") [$NTFY_LISTEN_HTTP]
+   --listen-https value, --listen_https value, -L value                                                ip:port used to as HTTPS listen address [$NTFY_LISTEN_HTTPS]
+   --listen-unix value, --listen_unix value, -U value                                                  listen on unix socket path [$NTFY_LISTEN_UNIX]
+   --key-file value, --key_file value, -K value                                                        private key file, if listen-https is set [$NTFY_KEY_FILE]
+   --cert-file value, --cert_file value, -E value                                                      certificate file, if listen-https is set [$NTFY_CERT_FILE]
+   --firebase-key-file value, --firebase_key_file value, -F value                                      Firebase credentials file; if set additionally publish to FCM topic [$NTFY_FIREBASE_KEY_FILE]
+   --cache-file value, --cache_file value, -C value                                                    cache file used for message caching [$NTFY_CACHE_FILE]
+   --cache-duration since, --cache_duration since, -b since                                            buffer messages for this time to allow since requests (default: 12h0m0s) [$NTFY_CACHE_DURATION]
+   --auth-file value, --auth_file value, -H value                                                      auth database file used for access control [$NTFY_AUTH_FILE]
+   --auth-default-access value, --auth_default_access value, -p value                                  default permissions if no matching entries in the auth database are found (default: "read-write") [$NTFY_AUTH_DEFAULT_ACCESS]
+   --attachment-cache-dir value, --attachment_cache_dir value                                          cache directory for attached files [$NTFY_ATTACHMENT_CACHE_DIR]
+   --attachment-total-size-limit value, --attachment_total_size_limit value, -A value                  limit of the on-disk attachment cache (default: 5G) [$NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT]
+   --attachment-file-size-limit value, --attachment_file_size_limit value, -Y value                    per-file attachment size limit (e.g. 300k, 2M, 100M) (default: 15M) [$NTFY_ATTACHMENT_FILE_SIZE_LIMIT]
+   --attachment-expiry-duration value, --attachment_expiry_duration value, -X value                    duration after which uploaded attachments will be deleted (e.g. 3h, 20h) (default: 3h) [$NTFY_ATTACHMENT_EXPIRY_DURATION]
+   --keepalive-interval value, --keepalive_interval value, -k value                                    interval of keepalive messages (default: 45s) [$NTFY_KEEPALIVE_INTERVAL]
+   --manager-interval value, --manager_interval value, -m value                                        interval of for message pruning and stats printing (default: 1m0s) [$NTFY_MANAGER_INTERVAL]
+   --web-root value, --web_root value                                                                  sets web root to landing page (home), web app (app) or disabled (disable) (default: "app") [$NTFY_WEB_ROOT]
+   --smtp-sender-addr value, --smtp_sender_addr value                                                  SMTP server address (host:port) for outgoing emails [$NTFY_SMTP_SENDER_ADDR]
+   --smtp-sender-user value, --smtp_sender_user value                                                  SMTP user (if e-mail sending is enabled) [$NTFY_SMTP_SENDER_USER]
+   --smtp-sender-pass value, --smtp_sender_pass value                                                  SMTP password (if e-mail sending is enabled) [$NTFY_SMTP_SENDER_PASS]
+   --smtp-sender-from value, --smtp_sender_from value                                                  SMTP sender address (if e-mail sending is enabled) [$NTFY_SMTP_SENDER_FROM]
+   --smtp-server-listen value, --smtp_server_listen value                                              SMTP server address (ip:port) for incoming emails, e.g. :25 [$NTFY_SMTP_SERVER_LISTEN]
+   --smtp-server-domain value, --smtp_server_domain value                                              SMTP domain for incoming e-mail, e.g. ntfy.sh [$NTFY_SMTP_SERVER_DOMAIN]
+   --smtp-server-addr-prefix value, --smtp_server_addr_prefix value                                    SMTP email address prefix for topics to prevent spam (e.g. 'ntfy-') [$NTFY_SMTP_SERVER_ADDR_PREFIX]
+   --global-topic-limit value, --global_topic_limit value, -T value                                    total number of topics allowed (default: 15000) [$NTFY_GLOBAL_TOPIC_LIMIT]
+   --visitor-subscription-limit value, --visitor_subscription_limit value                              number of subscriptions per visitor (default: 30) [$NTFY_VISITOR_SUBSCRIPTION_LIMIT]
+   --visitor-attachment-total-size-limit value, --visitor_attachment_total_size_limit value            total storage limit used for attachments per visitor (default: "100M") [$NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT]
+   --visitor-attachment-daily-bandwidth-limit value, --visitor_attachment_daily_bandwidth_limit value  total daily attachment download/upload bandwidth limit per visitor (default: "500M") [$NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT]
+   --visitor-request-limit-burst value, --visitor_request_limit_burst value                            initial limit of requests per visitor (default: 60) [$NTFY_VISITOR_REQUEST_LIMIT_BURST]
+   --visitor-request-limit-replenish value, --visitor_request_limit_replenish value                    interval at which burst limit is replenished (one per x) (default: 5s) [$NTFY_VISITOR_REQUEST_LIMIT_REPLENISH]
+   --visitor-request-limit-exempt-hosts value, --visitor_request_limit_exempt_hosts value              hostnames and/or IP addresses of hosts that will be exempt from the visitor request limit [$NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS]
+   --visitor-email-limit-burst value, --visitor_email_limit_burst value                                initial limit of e-mails per visitor (default: 16) [$NTFY_VISITOR_EMAIL_LIMIT_BURST]
+   --visitor-email-limit-replenish value, --visitor_email_limit_replenish value                        interval at which burst limit is replenished (one per x) (default: 1h0m0s) [$NTFY_VISITOR_EMAIL_LIMIT_REPLENISH]
+   --behind-proxy, --behind_proxy, -P                                                                  if set, use X-Forwarded-For header to determine visitor IP address (for rate limiting) (default: false) [$NTFY_BEHIND_PROXY]
+   --help, -h                                                                                          show help (default: false)
 ```
 

docs/deprecations.md

@@ -4,16 +4,28 @@ This page is used to list deprecation notices for ntfy. Deprecated commands and
 
 ## Active deprecations
 
-### Android app: Using `since=<timestamp>` instead of `since=<id>` 
-> since 2022-02-27
+### Android app: WebSockets will become the default connection protocol  
+> Active since 2022-03-13, behavior will change in **June 2022**
+
+In future versions of the Android app, instant delivery connections and connections to self-hosted servers will
+be using the WebSockets protocol. This potentially requires [configuration changes in your proxy](https://ntfy.sh/docs/config/#nginxapache2caddy).
+
+Due to [reports of varying battery consumption](https://github.com/binwiederhier/ntfy/issues/190) (which entirely 
+seems to depend on the phone), JSON HTTP stream support will not be removed. Instead, I'll just flip the default to 
+WebSocket in June.
+
+### Android app: Using `since=<timestamp>` instead of `since=<id>`
+> Active since 2022-02-27, behavior will change in **May 2022**
 
 In about 3 months, the Android app will start using `since=<id>` instead of `since=<timestamp>`, which means that it will
 not work with servers older than v1.16.0 anymore. This is to simplify handling of deduplication in the Android app.
 
 The `since=<timestamp>` endpoint will continue to work. This is merely a notice that the Android app behavior will change.
 
+## Previous deprecations
+
 ### Running server via `ntfy` (instead of `ntfy serve`)
-> since 2021-12-17
+> Deprecated 2021-12-17, behavior changed with v1.10.0
 
 As more commands are added to the `ntfy` CLI tool, using just `ntfy` to run the server is not practical
 anymore. Please use `ntfy serve` instead. This also applies to Docker images, as they can also execute more than

docs/develop.md

@@ -1,51 +1,289 @@
-# Building
+# Development
+Hurray 🥳 🎉, you are interested in writing code for ntfy! **That's awesome.** 😎
+
+I tried my very best to write up detailed instructions, but if at any point in time you run into issues, don't 
+hesitate to **contact me on [Discord](https://discord.gg/cT7ECsZj9w) or [Matrix](https://matrix.to/#/#ntfy:matrix.org)**.
 
 ## ntfy server
-The ntfy server source code is available [on GitHub](https://github.com/binwiederhier/ntfy). 
-To quickly build on amd64, you can use `make build-simple`:
+The ntfy server source code is available [on GitHub](https://github.com/binwiederhier/ntfy). The codebase for the
+server consists of three components:
 
-```
-git clone git@github.com:binwiederhier/ntfy.git
-cd ntfy
-make build-simple
+* **The main server/client** is written in [Go](https://go.dev/) (so you'll need Go). Its main entrypoint is at 
+  [main.go](https://github.com/binwiederhier/ntfy/blob/main/main.go), and the meat you're likely interested in is 
+  in [server.go](https://github.com/binwiederhier/ntfy/blob/main/server/server.go). Notably, the server uses a 
+  [SQLite](https://sqlite.org) library called [go-sqlite3](https://github.com/mattn/go-sqlite3), which requires 
+  [Cgo](https://go.dev/blog/cgo) and `CGO_ENABLED=1` to be set. Otherwise things will not work (see below).
+* **The documentation** is generated by [MkDocs](https://www.mkdocs.org/) and [Material for MkDocs](https://squidfunk.github.io/mkdocs-material/),
+  which is written in [Python](https://www.python.org/). You'll need Python and MkDocs (via `pip`) only if you want to
+  build the docs.
+* **The web app** is written in [React](https://reactjs.org/), using [MUI](https://mui.com/). It uses [Create React App](https://create-react-app.dev/)
+  to build the production build. If you want to modify the web app, you need [nodejs](https://nodejs.org/en/) (for `npm`) 
+  and install all the 100,000 dependencies (*sigh*).
+
+All of these components are built and then **baked into one binary**. 
+
+### Navigating the code
+Code:
+
+* [main.go](https://github.com/binwiederhier/ntfy/blob/main/main.go) - Main entrypoint into the CLI, for both server and client
+* [cmd/](https://github.com/binwiederhier/ntfy/tree/main/cmd) - CLI commands, such as `serve` or `publish`
+* [server/](https://github.com/binwiederhier/ntfy/tree/main/server) - The meat of the server logic
+* [docs/](https://github.com/binwiederhier/ntfy/tree/main/docs) - The [MkDocs](https://www.mkdocs.org/) documentation, also see `mkdocs.yml`
+* [web/](https://github.com/binwiederhier/ntfy/tree/main/web) - The [React](https://reactjs.org/) application, also see `web/package.json`
+
+Build related:
+
+* [Makefile](https://github.com/binwiederhier/ntfy/blob/main/Makefile) - Main entrypoint for all things related to building
+* [.goreleaser.yml](https://github.com/binwiederhier/ntfy/blob/main/.goreleaser.yml) - Describes all build outputs (for [GoReleaser](https://goreleaser.com/))
+* [go.mod](https://github.com/binwiederhier/ntfy/blob/main/go.mod) - Go modules dependency file
+* [mkdocs.yml](https://github.com/binwiederhier/ntfy/blob/main/mkdocs.yml) - Config file for the docs (for [MkDocs](https://www.mkdocs.org/))
+* [web/package.json](https://github.com/binwiederhier/ntfy/blob/main/web/package.json) - Build and dependency file for web app (for npm)
+
+
+The `web/` and `docs/` folder are the sources for web app and documentation. During the build process,
+the generated output is copied to `server/site` (web app and landing page) and `server/docs` (documentation).
+
+### Build requirements
+
+* [Go](https://go.dev/) (required for main server)
+* [gcc](https://gcc.gnu.org/) (required main server, for SQLite cgo-based bindings)
+* [Make](https://www.gnu.org/software/make/) (required for convenience)
+* [libsqlite3/libsqlite3-dev](https://www.sqlite.org/) (required for main server, for SQLite cgo-based bindings)
+* [GoReleaser](https://goreleaser.com/) (required for a proper main server build)
+* [Python](https://www.python.org/) (for `pip`, only to build the docs) 
+* [nodejs](https://nodejs.org/en/) (for `npm`, only to build the web app)
+
+### Install dependencies
+These steps **assume Ubuntu**. Steps may vary on different Linux distributions.
+
+First, install [Go](https://go.dev/) (see [official instructions](https://go.dev/doc/install)):
+``` shell
+wget https://go.dev/dl/go1.18.linux-amd64.tar.gz
+rm -rf /usr/local/go && tar -C /usr/local -xzf go1.18.linux-amd64.tar.gz
+export PATH=$PATH:/usr/local/go/bin:$HOME/go/bin
+go version   # verifies that it worked
 ```
 
-That'll generate a statically linked binary in `dist/ntfy_linux_amd64/ntfy`.
-
-For all other platforms (including Docker), and for production or other snapshot builds, you should use the amazingly 
-awesome [GoReleaser](https://goreleaser.com/) make targets:
-
-```
-Build:
-  make build                       - Build
-  make build-snapshot              - Build snapshot
-  make build-simple                - Build (using go build, without goreleaser)
-  make clean                       - Clean build folder
-
-Releasing (requires goreleaser):
-  make release                     - Create a release
-  make release-snapshot            - Create a test release
+Install [GoReleaser](https://goreleaser.com/) (see [official instructions](https://goreleaser.com/install/)):
+``` shell
+go install github.com/goreleaser/goreleaser@latest
+goreleaser -v   # verifies that it worked
 ```
 
-There are currently no platform-specific make targets, so they will build for all platforms (which may take a while).
+Install [nodejs](https://nodejs.org/en/) (see [official instructions](https://nodejs.org/en/download/package-manager/)):
+``` shell
+curl -fsSL https://deb.nodesource.com/setup_17.x | sudo -E bash -
+sudo apt-get install -y nodejs
+npm -v   # verifies that it worked
+```
+
+Then install a few other things required:
+``` shell
+sudo apt install \
+    build-essential \
+    libsqlite3-dev \
+    gcc-arm-linux-gnueabi \
+    gcc-aarch64-linux-gnu \
+    python3-pip \
+    upx \
+    git
+```
+
+### Check out code
+Now check out via git from the [GitHub repository](https://github.com/binwiederhier/ntfy):
+
+=== "via HTTPS"
+    ``` shell
+    git clone https://github.com/binwiederhier/ntfy.git
+    cd ntfy
+    ```
+
+=== "via SSH"
+    ``` shell
+    git clone git@github.com:binwiederhier/ntfy.git 
+    cd ntfy
+    ```
+
+### Build all the things
+Now you can finally build everything. There are tons of `make` targets, so maybe just review what's there first 
+by typing `make`:
+
+``` shell
+$ make 
+Typical commands (more see below):
+  make build                   - Build web app, documentation and server/client (sloowwww)
+  make cli-linux-amd64         - Build server/client binary (amd64, no web app or docs)
+  make install-linux-amd64     - Install ntfy binary to /usr/bin/ntfy (amd64)
+  make web                     - Build the web app
+  make docs                    - Build the documentation
+  make check                   - Run all tests, vetting/formatting checks and linters
+...
+```
+
+If you want to build the **ntfy binary including web app and docs for all supported architectures** (amd64, armv7, and arm64), 
+you can simply run `make build`:
+
+``` shell
+$ make build
+...
+# This builds web app, docs, and the ntfy binary (for amd64, armv7 and arm64). 
+# This will be SLOW (5+ minutes on my laptop on the first run). Maybe look at the other make targets?
+```
+
+You'll see all the outputs in the `dist/` folder afterwards:
+
+``` bash
+$ find dist 
+dist
+dist/metadata.json
+dist/ntfy_arm64_linux_arm64
+dist/ntfy_arm64_linux_arm64/ntfy
+dist/ntfy_armv7_linux_arm_7
+dist/ntfy_armv7_linux_arm_7/ntfy
+dist/ntfy_amd64_linux_amd64
+dist/ntfy_amd64_linux_amd64/ntfy
+dist/config.yaml
+dist/artifacts.json
+```
+
+If you also want to build the **Debian/RPM packages and the Docker images for all supported architectures**, you can 
+use the `make release-snapshot` target:
+
+``` shell
+$ make release-snapshot
+...
+# This will be REALLY SLOW (sometimes 5+ minutes on my laptop)
+```
+
+During development, you may want to be more picky and build only certain things. Here are a few examples.
+
+### Build the ntfy binary
+To build only the `ntfy` binary **without the web app or documentation**, use the `make cli-...` targets:
+
+``` shell
+$ make
+Build server & client (not release version):
+  make cli                     - Build server & client (all architectures)
+  make cli-linux-amd64         - Build server & client (Linux, amd64 only)
+  make cli-linux-armv6         - Build server & client (Linux, armv6 only)
+  make cli-linux-armv7         - Build server & client (Linux, armv7 only)
+  make cli-linux-arm64         - Build server & client (Linux, arm64 only)
+  make cli-windows-amd64       - Build client (Windows, amd64 only)
+```
+
+So if you're on an amd64/x86_64-based machine, you may just want to run `make cli-linux-amd64` during testing. On a modern
+system, this shouldn't take longer than 5-10 seconds. I often combine it with `install-linux-amd64` so I can run the binary
+right away:
+
+``` shell
+$ make cli-linux-amd64 install-linux-amd64
+$ ntfy serve
+```
+
+**During development of the main app, you can also just use `go run main.go`**, as long as you run 
+`make cli-deps-static-sites`at least once and `CGO_ENABLED=1`:
+
+``` shell
+$ export CGO_ENABLED=1
+$ make cli-deps-static-sites
+$ go run main.go serve
+2022/03/18 08:43:55 Listening on :2586[http]
+...
+```
+
+If you don't run `cli-deps-static-sites`, you may see an error *`pattern ...: no matching files found`*:
+```
+$ go run main.go serve
+server/server.go:85:13: pattern docs: no matching files found
+```
+
+This is because we use `go:embed` to embed the documentation and web app, so the Go code expects files to be
+present at `server/docs` and `server/site`. If they are not, you'll see the above error. The `cli-deps-static-sites`
+target creates dummy files that ensures that you'll be able to build.
+
+
+### Build the web app
+The sources for the web app live in `web/`. As long as you have `npm` installed (see above), building the web app 
+is really simple. Just type `make web` and you're in business:
+
+``` shell
+$ make web
+...
+```
+
+This will build the web app using Create React App and then **copy the production build to the `server/site` folder**, so 
+that when you `make cli` (or `make cli-linux-amd64`, ...), you will have the web app included in the `ntfy` binary.
+
+If you're developing on the web app, it's best to just `cd web` and run `npm start` manually. This will open your browser
+at `http://127.0.0.1:3000` with the web app, and as you edit the source files, they will be recompiled and the browser 
+will automatically refresh:
+
+``` shell
+$ cd web
+$ npm start
+```
+
+### Build the docs
+The sources for the docs live in `docs/`. Similarly to the web app, you can simply run `make docs` to build the 
+documentation. As long as you have `mkdocs` installed (see above), this should work fine:
+
+``` shell
+$ make docs
+...
+```
+
+If you are changing the documentation, you should be running `mkdocs serve` directly. This will build the documentation, 
+serve the files at `http://127.0.0.1:8000/`, and rebuild every time you save the source files: 
+
+```
+$ mkdocs serve
+INFO     -  Building documentation...
+INFO     -  Cleaning site directory
+INFO     -  Documentation built in 5.53 seconds
+INFO     -  [16:28:14] Serving on http://127.0.0.1:8000/
+```
+
+Then you can navigate to http://127.0.0.1:8000/ and whenever you change a markdown file in your text editor it'll automatically update.
 
 ## Android app
 The ntfy Android app source code is available [on GitHub](https://github.com/binwiederhier/ntfy-android).
 The Android app has two flavors:
 
-* **Google Play:** The `play` flavor includes Firebase (FCM) and requires a Firebase account
+* **Google Play:** The `play` flavor includes [Firebase (FCM)](https://firebase.google.com/) and requires a Firebase account
 * **F-Droid:** The `fdroid` flavor does not include Firebase or Google dependencies
 
+### Navigating the code
+* [main/](https://github.com/binwiederhier/ntfy-android/tree/main/app/src/main) - Main Android app source code
+* [play/](https://github.com/binwiederhier/ntfy-android/tree/main/app/src/play) - Google Play / Firebase specific code
+* [fdroid/](https://github.com/binwiederhier/ntfy-android/tree/main/app/src/fdroid) - F-Droid Firebase stubs
+* [build.gradle](https://github.com/binwiederhier/ntfy-android/blob/main/app/build.gradle) - Main build file
+
+### IDE/Environment
+You should download [Android Studio](https://developer.android.com/studio) (or [IntelliJ IDEA](https://www.jetbrains.com/idea/) 
+with the relevant Android plugins). Everything else will just be a pain for you. Do yourself a favor. 😀 
+
+### Check out the code
 First check out the repository:
 
-```
-git clone git@github.com:binwiederhier/ntfy-android.git
-cd ntfy-android
-```
+=== "via HTTPS"
+    ``` shell
+    git clone https://github.com/binwiederhier/ntfy-android.git
+    cd ntfy-android
+    ```
+
+=== "via SSH"
+    ``` shell
+    git clone git@github.com:binwiederhier/ntfy-android.git
+    cd ntfy-android
+    ```
 
 Then either follow the steps for building with or without Firebase.
 
-### Building without Firebase (F-Droid flavor)
+### Build F-Droid flavor (no FCM)
+!!! info
+    I do build the ntfy Android app using IntelliJ IDEA (Android Studio), so I don't know if these Gradle commands will
+    work without issues. Please give me feedback if it does/doesn't work for you.
+
 Without Firebase, you may want to still change the default `app_base_url` in [strings.xml](https://github.com/binwiederhier/ntfy-android/blob/main/app/src/main/res/values/strings.xml)
 if you're self-hosting the server. Then run:
 ```
@@ -56,8 +294,13 @@ if you're self-hosting the server. Then run:
 ./gradlew bundleFdroidRelease
 ```
 
-### Building with Firebase (FCM, Google Play flavor)
+### Build Play flavor (FCM)
+!!! info
+    I do build the ntfy Android app using IntelliJ IDEA (Android Studio), so I don't know if these Gradle commands will
+    work without issues. Please give me feedback if it does/doesn't work for you.
+
 To build your own version with Firebase, you must:
+
 * Create a Firebase/FCM account
 * Place your account file at `app/google-services.json`
 * And change `app_base_url` in [strings.xml](https://github.com/binwiederhier/ntfy-android/blob/main/app/src/main/res/values/strings.xml)

docs/examples.md

@@ -16,6 +16,27 @@ rsync -a root@laptop /backups/laptop \
   || curl -H tags:warning -H prio:high -d "Laptop backup failed" ntfy.sh/backups
 ```
 
+## Low disk space alerts
+Here's a simple cronjob that I use to alert me when the disk space on the root disk is running low. It's simple, but 
+effective. 
+
+``` bash 
+#!/bin/bash
+
+mingigs=10
+avail=$(df | awk '$6 == "/" && $4 < '$mingigs' * 1024*1024 { print $4/1024/1024 }')
+topicurl=https://ntfy.sh/mytopic
+
+if [ -n "$avail" ]; then
+  curl \
+    -d "Only $avail GB available on the root disk. Better clean that up." \
+    -H "Title: Low disk space alert on $(hostname)" \
+    -H "Priority: high" \
+    -H "Tags: warning,cd" \
+    $topicurl
+fi
+```
+
 ## Server-sent messages in your web app
 Just as you can [subscribe to topics in the Web UI](subscribe/web.md), you can use ntfy in your own
 web application. Check out the <a href="/example.html">live example</a> or just look the source of this page.
@@ -93,3 +114,255 @@ Or, if you only want to send notifications using shoutrrr:
 ```
 shoutrrr send -u "generic+https://ntfy.sh/my_watchtower_topic?title=WatchtowerUpdates" -m "testMessage"
 ```
+
+## Random cronjobs
+Alright, here's one for the history books. I desperately want the `github.com/ntfy` organization, but all my tickets with
+GitHub have been hopeless. In case it ever becomes available, I want to know immediately.
+
+``` cron
+# Check github/ntfy user
+*/6 * * * * if curl -s https://api.github.com/users/ntfy | grep "Not Found"; then curl -d "github.com/ntfy is available" -H "Tags: tada" -H "Prio: high" ntfy.sh/my-alerts; fi
+~           
+```
+
+## Download notifications (Sonarr, Radarr, Lidarr, Readarr, Prowlarr, SABnzbd)
+It's possible to use custom scripts for all the *arr services, plus SABnzbd. Notifications for downloads, warnings, grabs etc.
+Some simple bash scripts to achieve this are kindly provided in [nickexyz's repository](https://github.com/nickexyz/ntfy-shellscripts). 
+
+## Node-RED
+You can use the HTTP request node to send messages with [Node-RED](https://nodered.org), some examples:
+
+
+<details>
+<summary>Example: Send a message (click to expand)</summary>
+
+```
+[
+    {
+        "id": "c956e688cc74ad8e",
+        "type": "http request",
+        "z": "fabdd7a3.4045a",
+        "name": "ntfy.sh",
+        "method": "POST",
+        "ret": "txt",
+        "paytoqs": "ignore",
+        "url": "https://ntfy.sh/mytopic",
+        "tls": "",
+        "persist": false,
+        "proxy": "",
+        "authType": "",
+        "senderr": false,
+        "credentials":
+        {
+            "user": "",
+            "password": ""
+        },
+        "x": 590,
+        "y": 3160,
+        "wires":
+        [
+            []
+        ]
+    },
+    {
+        "id": "32ee1eade51fae50",
+        "type": "function",
+        "z": "fabdd7a3.4045a",
+        "name": "data",
+        "func": "msg.payload = \"Something happened\";\nmsg.headers = {};\nmsg.headers['tags'] = 'house';\nmsg.headers['X-Title'] = 'Home Assistant';\n\nreturn msg;",
+        "outputs": 1,
+        "noerr": 0,
+        "initialize": "",
+        "finalize": "",
+        "libs": [],
+        "x": 470,
+        "y": 3160,
+        "wires":
+        [
+            [
+                "c956e688cc74ad8e"
+            ]
+        ]
+    },
+    {
+        "id": "b287e59cd2311815",
+        "type": "inject",
+        "z": "fabdd7a3.4045a",
+        "name": "Manual start",
+        "props":
+        [
+            {
+                "p": "payload"
+            },
+            {
+                "p": "topic",
+                "vt": "str"
+            }
+        ],
+        "repeat": "",
+        "crontab": "",
+        "once": false,
+        "onceDelay": "20",
+        "topic": "",
+        "payload": "",
+        "payloadType": "date",
+        "x": 330,
+        "y": 3160,
+        "wires":
+        [
+            [
+                "32ee1eade51fae50"
+            ]
+        ]
+    }
+]
+```
+
+</details>
+
+![Node red message flow](static/img/nodered-message.png)
+
+<details>
+<summary>Example: Send a picture (click to expand)</summary>
+
+```
+[
+    {
+        "id": "d135a13eadeb9d6d",
+        "type": "http request",
+        "z": "fabdd7a3.4045a",
+        "name": "Download image",
+        "method": "GET",
+        "ret": "bin",
+        "paytoqs": "ignore",
+        "url": "https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png",
+        "tls": "",
+        "persist": false,
+        "proxy": "",
+        "authType": "",
+        "senderr": false,
+        "credentials":
+        {
+            "user": "",
+            "password": ""
+        },
+        "x": 490,
+        "y": 3320,
+        "wires":
+        [
+            [
+                "6e75bc41d2ec4a03"
+            ]
+        ]
+    },
+    {
+        "id": "6e75bc41d2ec4a03",
+        "type": "function",
+        "z": "fabdd7a3.4045a",
+        "name": "data",
+        "func": "msg.payload = msg.payload;\nmsg.headers = {};\nmsg.headers['tags'] = 'house';\nmsg.headers['X-Title'] = 'Home Assistant - Picture';\n\nreturn msg;",
+        "outputs": 1,
+        "noerr": 0,
+        "initialize": "",
+        "finalize": "",
+        "libs": [],
+        "x": 650,
+        "y": 3320,
+        "wires":
+        [
+            [
+                "eb160615b6ceda98"
+            ]
+        ]
+    },
+    {
+        "id": "eb160615b6ceda98",
+        "type": "http request",
+        "z": "fabdd7a3.4045a",
+        "name": "ntfy.sh",
+        "method": "PUT",
+        "ret": "bin",
+        "paytoqs": "ignore",
+        "url": "https://ntfy.sh/mytopic",
+        "tls": "",
+        "persist": false,
+        "proxy": "",
+        "authType": "",
+        "senderr": false,
+        "credentials":
+        {
+            "user": "",
+            "password": ""
+        },
+        "x": 770,
+        "y": 3320,
+        "wires":
+        [
+            []
+        ]
+    },
+    {
+        "id": "5b8dbf15c8a7a3a5",
+        "type": "inject",
+        "z": "fabdd7a3.4045a",
+        "name": "Manual start",
+        "props":
+        [
+            {
+                "p": "payload"
+            },
+            {
+                "p": "topic",
+                "vt": "str"
+            }
+        ],
+        "repeat": "",
+        "crontab": "",
+        "once": false,
+        "onceDelay": "20",
+        "topic": "",
+        "payload": "",
+        "payloadType": "date",
+        "x": 310,
+        "y": 3320,
+        "wires":
+        [
+            [
+                "d135a13eadeb9d6d"
+            ]
+        ]
+    }
+]
+```
+
+</details>
+
+![Node red picture flow](static/img/nodered-picture.png)
+
+## Gatus service health check
+
+An example for a custom alert with <a href="https://github.com/TwiN/gatus">Gatus</a>
+```
+alerting:
+  custom:
+    url: "https://ntfy.sh"
+    method: "POST"
+    body: |
+      {
+        "topic": "mytopic",
+        "message": "[ENDPOINT_NAME] - [ALERT_DESCRIPTION]",
+        "title": "Gatus",
+        "tags": ["[ALERT_TRIGGERED_OR_RESOLVED]"],
+        "priority": 3
+      }
+    default-alert:
+      enabled: true
+      description: "health check failed"
+      send-on-resolved: true
+      failure-threshold: 3
+      success-threshold: 3
+    placeholders:
+      ALERT_TRIGGERED_OR_RESOLVED:
+        TRIGGERED: "warning"
+        RESOLVED: "white_check_mark"
+```

docs/faq.md

@@ -33,10 +33,11 @@ If you do not care for Firebase, I suggest you install the [F-Droid version](htt
 of the app and [self-host your own ntfy server](install.md).
 
 ## How much battery does the Android app use?
-If you use the ntfy.sh server and you don't use the [instant delivery](subscribe/phone.md#instant-delivery) feature, 
+If you use the ntfy.sh server, and you don't use the [instant delivery](subscribe/phone.md#instant-delivery) feature, 
 the Android app uses no additional battery, since Firebase Cloud Messaging (FCM) is used. If you use your own server, 
-or you use *instant delivery*, the app has to maintain a constant connection to the server, which consumes about 4% of
-battery in 17h of use (on my phone). I use it, and it makes no difference to me.
+or you use *instant delivery*, the app has to maintain a constant connection to the server, which consumes about 0-1% of
+battery in 17h of use (on my phone). There has been a ton of testing and improvement around this. I think it's pretty 
+decent now.
 
 ## What is instant delivery?
 [Instant delivery](subscribe/phone.md#instant-delivery) is a feature in the Android app. If turned on, the app maintains a constant connection to the

docs/install.md

@@ -13,36 +13,51 @@ The ntfy server comes as a statically linked binary and is shipped as tarball, d
 We support amd64, armv7 and arm64.
 
 1. Install ntfy using one of the methods described below
-2. Then (optionally) edit `/etc/ntfy/server.yml` for the server (see [configuration](config.md) or [sample server.yml](https://github.com/binwiederhier/ntfy/blob/main/server/server.yml))
+2. Then (optionally) edit `/etc/ntfy/server.yml` for the server (Linux only, see [configuration](config.md) or [sample server.yml](https://github.com/binwiederhier/ntfy/blob/main/server/server.yml))
 3. Or (optionally) create/edit `~/.config/ntfy/client.yml` (or `/etc/ntfy/client.yml`, see [sample client.yml](https://github.com/binwiederhier/ntfy/blob/main/client/client.yml))
 
 To run the ntfy server, then just run `ntfy serve` (or `systemctl start ntfy` when using the deb/rpm).
 To send messages, use `ntfy publish`. To subscribe to topics, use `ntfy subscribe` (see [subscribing via CLI][subscribe/cli.md]
 for details). 
 
-## Binaries and packages
+## Linux binaries
 Please check out the [releases page](https://github.com/binwiederhier/ntfy/releases) for binaries and
 deb/rpm packages.
 
 === "x86_64/amd64"
     ```bash
-    wget https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_x86_64.tar.gz
-    sudo tar -C /usr/bin -zxf ntfy_*.tar.gz ntfy
-    sudo ./ntfy serve
+    wget https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_x86_64.tar.gz
+    tar zxvf ntfy_1.22.0_linux_x86_64.tar.gz
+    sudo cp -a ntfy_1.22.0_linux_x86_64/ntfy /usr/bin/ntfy
+    sudo mkdir /etc/ntfy && sudo cp ntfy_1.22.0_linux_x86_64/{client,server}/*.yml /etc/ntfy
+    sudo ntfy serve
+    ```
+
+=== "armv6"
+    ```bash
+    wget https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_armv6.tar.gz
+    tar zxvf ntfy_1.22.0_linux_armv6.tar.gz
+    sudo cp -a ntfy_1.22.0_linux_armv6/ntfy /usr/bin/ntfy
+    sudo mkdir /etc/ntfy && sudo cp ntfy_1.22.0_linux_armv6/{client,server}/*.yml /etc/ntfy
+    sudo ntfy serve
     ```
 
 === "armv7/armhf"
     ```bash
-    wget https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_armv7.tar.gz
-    sudo tar -C /usr/bin -zxf ntfy_*.tar.gz ntfy
-    sudo ./ntfy serve
+    wget https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_armv7.tar.gz
+    tar zxvf ntfy_1.22.0_linux_armv7.tar.gz
+    sudo cp -a ntfy_1.22.0_linux_armv7/ntfy /usr/bin/ntfy
+    sudo mkdir /etc/ntfy && sudo cp ntfy_1.22.0_linux_armv7/{client,server}/*.yml /etc/ntfy
+    sudo ntfy serve
     ```
 
 === "arm64"
     ```bash
-    wget https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_arm64.tar.gz
-    sudo tar -C /usr/bin -zxf ntfy_*.tar.gz ntfy
-    sudo ./ntfy serve
+    wget https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_arm64.tar.gz
+    tar zxvf ntfy_1.22.0_linux_arm64.tar.gz
+    sudo cp -a ntfy_1.22.0_linux_arm64/ntfy /usr/bin/ntfy
+    sudo mkdir /etc/ntfy && sudo cp ntfy_1.22.0_linux_arm64/{client,server}/*.yml /etc/ntfy
+    sudo ntfy serve
     ```
 
 ## Debian/Ubuntu repository
@@ -88,7 +103,15 @@ Manually installing the .deb file:
 
 === "x86_64/amd64"
     ```bash
-    wget https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_amd64.deb
+    wget https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_amd64.deb
+    sudo dpkg -i ntfy_*.deb
+    sudo systemctl enable ntfy
+    sudo systemctl start ntfy
+    ```
+
+=== "armv6"
+    ```bash
+    wget https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_armv6.deb
     sudo dpkg -i ntfy_*.deb
     sudo systemctl enable ntfy
     sudo systemctl start ntfy
@@ -96,7 +119,7 @@ Manually installing the .deb file:
 
 === "armv7/armhf"
     ```bash
-    wget https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_armv7.deb
+    wget https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_armv7.deb
     sudo dpkg -i ntfy_*.deb
     sudo systemctl enable ntfy
     sudo systemctl start ntfy
@@ -104,7 +127,7 @@ Manually installing the .deb file:
 
 === "arm64"
     ```bash
-    wget https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_arm64.deb
+    wget https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_arm64.deb
     sudo dpkg -i ntfy_*.deb
     sudo systemctl enable ntfy
     sudo systemctl start ntfy
@@ -114,21 +137,28 @@ Manually installing the .deb file:
 
 === "x86_64/amd64"
     ```bash
-    sudo rpm -ivh https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_amd64.rpm
+    sudo rpm -ivh https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_amd64.rpm
     sudo systemctl enable ntfy 
     sudo systemctl start ntfy
     ```
 
+=== "armv6"
+    ```bash
+    sudo rpm -ivh https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_armv6.rpm
+    sudo systemctl enable ntfy
+    sudo systemctl start ntfy
+    ```
+
 === "armv7/armhf"
     ```bash
-    sudo rpm -ivh https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_armv7.rpm
+    sudo rpm -ivh https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_armv7.rpm
     sudo systemctl enable ntfy 
     sudo systemctl start ntfy
     ```
 
 === "arm64"
     ```bash
-    sudo rpm -ivh https://github.com/binwiederhier/ntfy/releases/download/v1.16.0/ntfy_1.16.0_linux_arm64.rpm
+    sudo rpm -ivh https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_1.22.0_linux_arm64.rpm
     sudo systemctl enable ntfy 
     sudo systemctl start ntfy
     ```
@@ -146,10 +176,40 @@ cd ntfysh-bin
 makepkg -si
 ```
 
+## macOS
+The [ntfy CLI](subscribe/cli.md) (`ntfy publish` and `ntfy subscribe` only) is supported on macOS as well. 
+To install, please download the tarball, extract it and place it somewhere in your `PATH` (e.g. `/usr/local/bin/ntfy`). 
+
+If run as `root`, ntfy will look for its config at `/etc/ntfy/client.yml`. For all other users, it'll look for it at 
+`~/Library/Application Support/ntfy/client.yml` (sample included in the tarball).
+
+```bash
+curl https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_v1.22.0_macOS_all.tar.gz > ntfy_v1.22.0_macOS_all.tar.gz
+tar zxvf ntfy_v1.22.0_macOS_all.tar.gz
+sudo cp -a ntfy_v1.22.0_macOS_all/ntfy /usr/local/bin/ntfy
+mkdir ~/Library/Application\ Support/ntfy 
+cp ntfy_v1.22.0_macOS_all/client/client.yml ~/Library/Application\ Support/ntfy/client.yml
+ntfy --help
+```
+
+!!! info
+    If there is a desire to install ntfy via [Homebrew](https://brew.sh/), please create a 
+    [GitHub issue](https://github.com/binwiederhier/ntfy/issues) to let me know. 
+
+## Windows
+The [ntfy CLI](subscribe/cli.md) (`ntfy publish` and `ntfy subscribe` only) is supported on Windows as well.
+To install, please [download the latest ZIP](https://github.com/binwiederhier/ntfy/releases/download/v1.22.0/ntfy_v1.22.0-next_windows_x86_64.zip),
+extract it and place the `ntfy.exe` binary somewhere in your `%Path%`. 
+
+The default path for the client config file is at `%AppData%\ntfy\client.yml` (not created automatically, sample in the ZIP file).
+
+!!! info
+    There is currently no installer for Windows, and the binary is not signed. If this is desired, please create a
+    [GitHub issue](https://github.com/binwiederhier/ntfy/issues) to let me know.
 
 ## Docker
-The [ntfy image](https://hub.docker.com/r/binwiederhier/ntfy) is available for amd64, armv7 and arm64. It should be pretty
-straight forward to use.
+The [ntfy image](https://hub.docker.com/r/binwiederhier/ntfy) is available for amd64, armv6, armv7 and arm64. It should 
+be pretty straight forward to use.
 
 The server exposes its web UI and the API on port 80, so you need to expose that in Docker. To use the persistent 
 [message cache](config.md#message-cache), you also need to map a volume to `/var/cache/ntfy`. To change other settings, 
@@ -181,6 +241,24 @@ docker run \
   serve
 ```
 
+Using docker-compose:
+```yaml
+version: "2.1"
+
+services:
+  ntfy:
+    image: binwiederhier/ntfy
+    container_name: ntfy
+    command:
+      - serve
+    volumes:
+      - /var/cache/ntfy:/var/cache/ntfy
+      - /etc/ntfy:/etc/ntfy
+    ports:
+      - 80:80
+    restart: unless-stopped
+```
+
 Alternatively, you may wish to build a customized Docker image that can be run with fewer command-line arguments and without delivering the configuration file separately.
 ```
 FROM binwiederhier/ntfy
@@ -188,13 +266,3 @@ COPY server.yml /etc/ntfy/server.yml
 ENTRYPOINT ["ntfy", "serve"]
 ```
 This image can be pushed to a container registry and shipped independently. All that's needed when running it is mapping ntfy's port to a host port.
-
-## Go
-To install via Go, simply run:
-```bash
-go install heckel.io/ntfy@latest
-```
-
-!!! info
-    Please [let me know](https://github.com/binwiederhier/ntfy/issues) if there are any issues with this installation
-    method. The SQLite bindings require CGO and it works for me, but I have the feeling it may not work for everyone.

docs/releases.md

@@ -2,12 +2,326 @@
 Binaries for all releases can be found on the GitHub releases pages for the [ntfy server](https://github.com/binwiederhier/ntfy/releases)
 and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/releases).
 
+<!--
+
+## ntfy server v1.23.0 (UNRELEASED)
+
+**Features:**
+
+* [Windows](https://ntfy.sh/docs/install/#windows) and [macOS](https://ntfy.sh/docs/install/#macos) builds for the [ntfy CLI](https://ntfy.sh/docs/subscribe/cli/) ([#112](https://github.com/binwiederhier/ntfy/issues/112))
+* Ability to disable the web app entirely ([#238](https://github.com/binwiederhier/ntfy/issues/238)/[#249](https://github.com/binwiederhier/ntfy/pull/249), thanks to [@Curid](https://github.com/Curid))
+
+**Bugs:**
+
+* Support underscores in server.yml config options ([#255](https://github.com/binwiederhier/ntfy/issues/255), thanks to [@ajdelgado](https://github.com/ajdelgado))
+
+**Documentation:**
+
+* Typo in install instructions ([#252](https://github.com/binwiederhier/ntfy/pull/252)/[#251](https://github.com/binwiederhier/ntfy/issues/251), thanks to [@oddlama](https://github.com/oddlama))
+
+**Additional translations:**
+
+* Portuguese/Brazil (thanks to [@tiagotriques](https://hosted.weblate.org/user/tiagotriques/))
+
+-->
+
+## ntfy Android app v1.13.0
+Released May 11, 2022
+
+This release brings a slightly altered design for the detail view, featuring a card layout to make notifications more easily
+distinguishable from one another. It also ships per-topic settings that allow overriding minimum priority, auto delete threshold
+and custom icons. Aside from that, we've got tons of bug fixes as usual.
+
+**Features:**
+
+* Per-subscription settings, custom subscription icons ([#155](https://github.com/binwiederhier/ntfy/issues/155), thanks to [@mztiq](https://github.com/mztiq) for reporting)
+* Cards in notification detail view ([#175](https://github.com/binwiederhier/ntfy/issues/175), thanks to [@cmeis](https://github.com/cmeis) for reporting)
+
+**Bugs:**
+
+* Accurate naming of "mute notifications" from "pause notifications" ([#224](https://github.com/binwiederhier/ntfy/issues/224), thanks to [@shadow00](https://github.com/shadow00) for reporting)
+* Make messages with links selectable ([#226](https://github.com/binwiederhier/ntfy/issues/226), thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov) for reporting)
+* Restoring topics or settings from backup doesn't work ([#223](https://github.com/binwiederhier/ntfy/issues/223), thanks to [@shadow00](https://github.com/shadow00) for reporting)
+* Fix app icon on old Android versions ([#128](https://github.com/binwiederhier/ntfy/issues/128), thanks to [@shadow00](https://github.com/shadow00) for reporting)
+* Fix races in UnifiedPush registration ([#230](https://github.com/binwiederhier/ntfy/issues/230), thanks to @Jakob for reporting)
+* Prevent view action from crashing the app ([#233](https://github.com/binwiederhier/ntfy/issues/233))
+* Prevent long topic names and icons from overlapping ([#240](https://github.com/binwiederhier/ntfy/issues/240), thanks to [@cmeis](https://github.com/cmeis) for reporting)
+
+**Additional translations:**
+
+* Dutch (*incomplete*, thanks to [@diony](https://hosted.weblate.org/user/diony/))
+
+**Thank you:**
+
+Thanks to [@cmeis](https://github.com/cmeis), [@StoyanDimitrov](https://github.com/StoyanDimitrov), [@Fallenbagel](https://github.com/Fallenbagel) for testing, and
+to [@Joeharrison94](https://github.com/Joeharrison94) for the input. And thank you very much to all the translators for catching up so quickly.
+
+## ntfy server v1.22.0
+Released May 7, 2022
+
+This release makes the web app more accessible to people with disabilities, and introduces a "mark as read" icon in the web app.
+It also fixes a curious bug with WebSockets and Apache and makes the notification sounds in the web app a little quieter.
+
+We've also improved the documentation a little and added translations for three more languages.
+
+**Features:**
+
+* Make web app more accessible ([#217](https://github.com/binwiederhier/ntfy/issues/217))
+* Better parsing of the user actions, allowing quotes (no ticket)
+* Add "mark as read" icon button to notification ([#243](https://github.com/binwiederhier/ntfy/pull/243), thanks to [@wunter8](https://github.com/wunter8))
+
+**Bugs:**
+
+* `Upgrade` header check is now case in-sensitive ([#228](https://github.com/binwiederhier/ntfy/issues/228), thanks to [@wunter8](https://github.com/wunter8) for finding it)
+* Made web app sounds quieter ([#222](https://github.com/binwiederhier/ntfy/issues/222))
+* Add "private browsing"-specific error message for Firefox/Safari ([#208](https://github.com/binwiederhier/ntfy/issues/208), thanks to [@julianfoad](https://github.com/julianfoad) for reporting)
+
+**Documentation:**
+
+* Improved caddy configuration (no ticket, thanks to @Stnby)
+* Additional multi-line examples on the [publish page](https://ntfy.sh/docs/publish/) ([#234](https://github.com/binwiederhier/ntfy/pull/234), thanks to [@aTable](https://github.com/aTable))
+* Fixed PowerShell auth example to use UTF-8 ([#242](https://github.com/binwiederhier/ntfy/pull/242), thanks to [@SMAW](https://github.com/SMAW))
+
+**Additional translations:**
+
+* Czech (thanks to [@waclaw66](https://hosted.weblate.org/user/waclaw66/))
+* French (thanks to [@nathanaelhoun](https://hosted.weblate.org/user/nathanaelhoun/))
+* Hungarian (thanks to [@agocsdaniel](https://hosted.weblate.org/user/agocsdaniel/))
+
+**Thanks for testing:**
+
+Thanks to [@wunter8](https://github.com/wunter8) for testing.
+
+## ntfy Android app v1.12.0
+Released Apr 25, 2022
+
+The main feature in this Android release is [Action Buttons](https://ntfy.sh/docs/publish/#action-buttons), a feature
+that allows users to add actions to the notifications. Actions can be to view a website or app, send a broadcast, or
+send a HTTP request. 
+
+We also added support for [ntfy:// deep links](https://ntfy.sh/docs/subscribe/phone/#ntfy-links), added three more 
+languages and fixed a ton of bugs. 
+
+**Features:**
+
+* Custom notification [action buttons](https://ntfy.sh/docs/publish/#action-buttons) ([#134](https://github.com/binwiederhier/ntfy/issues/134),
+  thanks to [@mrherman](https://github.com/mrherman) for reporting)
+* Support for [ntfy:// deep links](https://ntfy.sh/docs/subscribe/phone/#ntfy-links) ([#20](https://github.com/binwiederhier/ntfy/issues/20), thanks
+  to [@Copephobia](https://github.com/Copephobia) for reporting)
+* [Fastlane metadata](https://hosted.weblate.org/projects/ntfy/android-fastlane/) can now be translated too ([#198](https://github.com/binwiederhier/ntfy/issues/198),
+  thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov) for reporting)
+* Channel settings option to configure DND override, sounds, etc. ([#91](https://github.com/binwiederhier/ntfy/issues/91))
+
+**Bugs:**
+
+* Validate URLs when changing default server and server in user management ([#193](https://github.com/binwiederhier/ntfy/issues/193),
+  thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov) for reporting)
+* Error in sending test notification in different languages ([#209](https://github.com/binwiederhier/ntfy/issues/209),
+  thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov) for reporting)
+* "[x] Instant delivery in doze mode" checkbox does not work properly ([#211](https://github.com/binwiederhier/ntfy/issues/211))
+* Disallow "http" GET/HEAD actions with body ([#221](https://github.com/binwiederhier/ntfy/issues/221), thanks to
+  [@cmeis](https://github.com/cmeis) for reporting)
+* Action "view" with "clear=true" does not work on some phones ([#220](https://github.com/binwiederhier/ntfy/issues/220), thanks to
+  [@cmeis](https://github.com/cmeis) for reporting)
+* Do not group foreground service notification with others ([#219](https://github.com/binwiederhier/ntfy/issues/219), thanks to
+  [@s-h-a-r-d](https://github.com/s-h-a-r-d) for reporting)
+
+**Additional translations:**
+
+* Czech (thanks to [@waclaw66](https://hosted.weblate.org/user/waclaw66/))
+* French (thanks to [@nathanaelhoun](https://hosted.weblate.org/user/nathanaelhoun/))
+* Japanese (thanks to [@shak](https://hosted.weblate.org/user/shak/))
+* Russian (thanks to [@flamey](https://hosted.weblate.org/user/flamey/) and [@ilya.mikheev.coder](https://hosted.weblate.org/user/ilya.mikheev.coder/))
+
+**Thanks for testing:**
+
+Thanks to [@s-h-a-r-d](https://github.com/s-h-a-r-d) (aka @Shard), [@cmeis](https://github.com/cmeis),
+@poblabs, and everyone I forgot for testing.
+
+## ntfy server v1.21.2
+Released Apr 24, 2022
+
+In this release, the web app got translation support and was translated into 9 languages already 🇧🇬 🇩🇪 🇺🇸 🌎. 
+It also re-adds support for ARMv6, and adds server-side support for Action Buttons. [Action Buttons](https://ntfy.sh/docs/publish/#action-buttons)
+is a feature that will be released in the Android app soon. It allows users to add actions to the notifications. 
+Limited support is available in the web app.
+
+**Features:**
+
+* Custom notification [action buttons](https://ntfy.sh/docs/publish/#action-buttons) ([#134](https://github.com/binwiederhier/ntfy/issues/134),
+  thanks to [@mrherman](https://github.com/mrherman) for reporting)
+* Added ARMv6 build ([#200](https://github.com/binwiederhier/ntfy/issues/200), thanks to [@jcrubioa](https://github.com/jcrubioa) for reporting)
+* Web app internationalization support 🇧🇬 🇩🇪 🇺🇸 🌎 ([#189](https://github.com/binwiederhier/ntfy/issues/189))
+
+**Bugs:**
+
+* Web app: English language strings fixes, additional descriptions for settings ([#203](https://github.com/binwiederhier/ntfy/issues/203), thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov))
+* Web app: Show error message snackbar when sending test notification fails ([#205](https://github.com/binwiederhier/ntfy/issues/205), thanks to [@cmeis](https://github.com/cmeis))
+* Web app: basic URL validation in user management ([#204](https://github.com/binwiederhier/ntfy/issues/204), thanks to [@cmeis](https://github.com/cmeis))
+* Disallow "http" GET/HEAD actions with body ([#221](https://github.com/binwiederhier/ntfy/issues/221), thanks to
+  [@cmeis](https://github.com/cmeis) for reporting)
+
+**Translations (web app):**
+
+* Bulgarian (thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov))
+* German (thanks to [@cmeis](https://github.com/cmeis))
+* Indonesian (thanks to [@linerly](https://hosted.weblate.org/user/linerly/))
+* Japanese (thanks to [@shak](https://hosted.weblate.org/user/shak/))
+* Norwegian Bokmål (thanks to [@comradekingu](https://github.com/comradekingu))
+* Russian (thanks to [@flamey](https://hosted.weblate.org/user/flamey/) and [@ilya.mikheev.coder](https://hosted.weblate.org/user/ilya.mikheev.coder/))
+* Spanish (thanks to [@rogeliodh](https://github.com/rogeliodh))
+* Turkish (thanks to [@ersen](https://ersen.moe/))
+
+**Integrations:**
+
+[Apprise](https://github.com/caronc/apprise) support was fully released in [v0.9.8.2](https://github.com/caronc/apprise/releases/tag/v0.9.8.2)
+of Apprise. Thanks to [@particledecay](https://github.com/particledecay) and [@caronc](https://github.com/caronc) for their fantastic work. 
+You can try it yourself like this (detailed usage in the [Apprise wiki](https://github.com/caronc/apprise/wiki/Notify_ntfy)):
+
+```
+pip3 install apprise
+apprise -b "Hi there" ntfys://mytopic
+```
+
+## ntfy Android app v1.11.0
+Released Apr 7, 2022
+
+**Features:**
+
+* Download attachments to cache folder ([#181](https://github.com/binwiederhier/ntfy/issues/181))
+* Regularly delete attachments for deleted notifications ([#142](https://github.com/binwiederhier/ntfy/issues/142))
+* Translations to different languages ([#188](https://github.com/binwiederhier/ntfy/issues/188), thanks to
+  [@StoyanDimitrov](https://github.com/StoyanDimitrov) for initiating things)
+
+**Bugs:**
+
+* IllegalStateException: Failed to build unique file ([#177](https://github.com/binwiederhier/ntfy/issues/177), thanks to [@Fallenbagel](https://github.com/Fallenbagel) for reporting)
+* SQLiteConstraintException: Crash during UP registration ([#185](https://github.com/binwiederhier/ntfy/issues/185))
+* Refresh preferences screen after settings import (#183, thanks to [@cmeis](https://github.com/cmeis) for reporting)
+* Add priority strings to strings.xml to make it translatable (#192, thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov))
+
+**Translations:**
+
+* English language improvements (thanks to [@comradekingu](https://github.com/comradekingu))
+* Bulgarian (thanks to [@StoyanDimitrov](https://github.com/StoyanDimitrov))
+* Chinese/Simplified (thanks to [@poi](https://hosted.weblate.org/user/poi) and [@PeterCxy](https://hosted.weblate.org/user/PeterCxy))
+* Dutch (*incomplete*, thanks to [@diony](https://hosted.weblate.org/user/diony))
+* French (thanks to [@Kusoneko](https://kusoneko.moe/) and [@mlcsthor](https://hosted.weblate.org/user/mlcsthor/))
+* German (thanks to [@cmeis](https://github.com/cmeis))
+* Italian (thanks to [@theTranslator](https://hosted.weblate.org/user/theTranslator/))
+* Indonesian (thanks to [@linerly](https://hosted.weblate.org/user/linerly/))
+* Norwegian Bokmål (*incomplete*, thanks to [@comradekingu](https://github.com/comradekingu))
+* Portuguese/Brazil (thanks to [@LW](https://hosted.weblate.org/user/LW/))
+* Spanish (thanks to [@rogeliodh](https://github.com/rogeliodh))
+* Turkish (thanks to [@ersen](https://ersen.moe/))
+
+**Thanks:**
+
+* Many thanks to [@cmeis](https://github.com/cmeis), [@Fallenbagel](https://github.com/Fallenbagel), [@Joeharrison94](https://github.com/Joeharrison94),
+  and [@rogeliodh](https://github.com/rogeliodh) for input on the new attachment logic, and for testing the release
+
+## ntfy server v1.20.0
+Released Apr 6, 2022
+
+**Features:**:
+
+* Added message bar and publish dialog ([#196](https://github.com/binwiederhier/ntfy/issues/196)) 
+
+**Bugs:**
+
+* Added `EXPOSE 80/tcp` to Dockerfile to support auto-discovery in [Traefik](https://traefik.io/) ([#195](https://github.com/binwiederhier/ntfy/issues/195), thanks to [@s-h-a-r-d](https://github.com/s-h-a-r-d))
+
+**Documentation:**
+
+* Added docker-compose example to [install instructions](install.md#docker) ([#194](https://github.com/binwiederhier/ntfy/pull/194), thanks to [@s-h-a-r-d](https://github.com/s-h-a-r-d))
+
+**Integrations:**
+
+* [Apprise](https://github.com/caronc/apprise) has added integration into ntfy ([#99](https://github.com/binwiederhier/ntfy/issues/99), [apprise#524](https://github.com/caronc/apprise/pull/524),
+  thanks to [@particledecay](https://github.com/particledecay) and [@caronc](https://github.com/caronc) for their fantastic work)
+
+## ntfy server v1.19.0
+Released Mar 30, 2022
+
+**Bugs:**
+
+* Do not pack binary with `upx` for armv7/arm64 due to `illegal instruction` errors ([#191](https://github.com/binwiederhier/ntfy/issues/191), thanks to [@iexos](https://github.com/iexos))
+* Do not allow comma in topic name in publish via GET endpoint (no ticket)
+* Add "Access-Control-Allow-Origin: *" for attachments (no ticket, thanks to @FrameXX)
+* Make pruning run again in web app ([#186](https://github.com/binwiederhier/ntfy/issues/186))
+* Added missing params `delay` and `email` to publish as JSON body (no ticket)
+
+**Documentation:**
+
+* Improved [e-mail publishing](config.md#e-mail-publishing) documentation
+
+## ntfy server v1.18.1
+Released Mar 21, 2022   
+_This release ships no features or bug fixes. It's merely a documentation update._
+
+**Documentation:**
+
+* Overhaul of [developer documentation](https://ntfy.sh/docs/develop/)
+* PowerShell examples for [publish documentation](https://ntfy.sh/docs/publish/) ([#138](https://github.com/binwiederhier/ntfy/issues/138), thanks to [@Joeharrison94](https://github.com/Joeharrison94))
+* Additional examples for [NodeRED, Gatus, Sonarr, Radarr, ...](https://ntfy.sh/docs/examples/) (thanks to [@nickexyz](https://github.com/nickexyz))
+* Fixes in developer instructions (thanks to [@Fallenbagel](https://github.com/Fallenbagel) for reporting)
+
+## ntfy Android app v1.10.0
+Released Mar 21, 2022
+
+**Features:**
+
+* Support for UnifiedPush 2.0 specification (bytes messages, [#130](https://github.com/binwiederhier/ntfy/issues/130))
+* Export/import settings and subscriptions ([#115](https://github.com/binwiederhier/ntfy/issues/115), thanks [@cmeis](https://github.com/cmeis) for reporting)
+* Open "Click" link when tapping notification ([#110](https://github.com/binwiederhier/ntfy/issues/110), thanks [@cmeis](https://github.com/cmeis) for reporting)
+* JSON stream deprecation banner ([#164](https://github.com/binwiederhier/ntfy/issues/164))
+
+**Bug fixes:**
+
+* Display locale-specific times, with AM/PM or 24h format ([#140](https://github.com/binwiederhier/ntfy/issues/140), thanks [@hl2guide](https://github.com/hl2guide) for reporting)
+
+## ntfy server v1.18.0
+Released Mar 16, 2022
+
+**Features:**
+
+* [Publish messages as JSON](https://ntfy.sh/docs/publish/#publish-as-json) ([#133](https://github.com/binwiederhier/ntfy/issues/133), 
+  thanks [@cmeis](https://github.com/cmeis) for reporting, thanks to [@Joeharrison94](https://github.com/Joeharrison94) and 
+  [@Fallenbagel](https://github.com/Fallenbagel) for testing)
+
+**Bug fixes:**
+
+* rpm: do not overwrite server.yaml on package upgrade ([#166](https://github.com/binwiederhier/ntfy/issues/166), thanks [@waclaw66](https://github.com/waclaw66) for reporting)
+* Typo in [ntfy.sh/announcements](https://ntfy.sh/announcements) topic ([#170](https://github.com/binwiederhier/ntfy/pull/170), thanks to [@sandebert](https://github.com/sandebert))
+* Readme image URL fixes ([#156](https://github.com/binwiederhier/ntfy/pull/156), thanks to [@ChaseCares](https://github.com/ChaseCares))
+
+**Deprecations:**
+
+* Removed the ability to run server as `ntfy` (as opposed to `ntfy serve`) as per [deprecation](deprecations.md)
+
+## ntfy server v1.17.1
+Released Mar 12, 2022
+
+**Bug fixes:**
+
+* Replace `crypto.subtle` with `hashCode` to errors with Brave/FF-Windows (#157, thanks for reporting @arminus)
+
+## ntfy server v1.17.0
+Released Mar 11, 2022
+
+**Features & bug fixes:**
+
+* Replace [web app](https://ntfy.sh/app) with a React/MUI-based web app from the 21st century (#111)
+* Web UI broken with auth (#132, thanks for reporting @arminus)
+* Send static web resources as `Content-Encoding: gzip`, i.e. docs and web app (no ticket)
+* Add support for auth via `?auth=...` query param, used by WebSocket in web app (no ticket) 
+
 ## ntfy server v1.16.0
 Released Feb 27, 2022
 
 **Features & Bug fixes:**
 
-* Add auth support for subscribing with CLI (#147/#148, thanks @lrabane)
+* Add [auth support](https://ntfy.sh/docs/subscribe/cli/#authentication) for subscribing with CLI (#147/#148, thanks @lrabane)
 * Add support for [?since=<id>](https://ntfy.sh/docs/subscribe/api/#fetch-cached-messages) (#151, thanks for reporting @nachotp)
 
 **Documentation:**

docs/static/css/extra.css

@@ -1,13 +1,17 @@
 :root {
-    --md-primary-fg-color:        #3a9784;
-    --md-primary-fg-color--light: #3a9784;
-    --md-primary-fg-color--dark:  #3a9784;
+    --md-primary-fg-color:        #338574;
+    --md-primary-fg-color--light: #338574;
+    --md-primary-fg-color--dark:  #338574;
 }
 
 .md-header__button.md-logo :is(img, svg) {
     width: unset !important;
 }
 
+.md-header__topic:first-child {
+    font-weight: 400;
+}
+
 .md-typeset h4 {
     font-weight: 500 !important;
     margin: 0 !important;

docs/subscribe/cli.md

@@ -123,7 +123,7 @@ which will read the `subscribe` config from the config file. Please also check o
 
 Here's an example config file that subscribes to three different topics, executing a different command for each of them:
 
-=== "~/.config/ntfy/client.yml"
+=== "~/.config/ntfy/client.yml (Linux)"
     ```yaml
     subscribe:
     - topic: echo-this
@@ -145,12 +145,42 @@ Here's an example config file that subscribes to three different topics, executi
             fi
     ```
 
+
+=== "~/Library/Application Support/ntfy/client.yml (macOS)"
+    ```yaml
+    subscribe:
+      - topic: echo-this
+        command: 'echo "Message received: $message"'
+      - topic: alerts
+        command: osascript -e "display notification \"$message\""
+        if:
+          priority: high,urgent
+      - topic: calc
+        command: open -a Calculator
+    ```
+
+=== "%AppData%\ntfy\client.yml (Windows)"
+    ```yaml
+    subscribe:
+    - topic: echo-this
+      command: 'echo Message received: %message%'
+    - topic: alerts
+      command: |
+        notifu /m "%NTFY_MESSAGE%"
+        exit 0
+      if:
+        priority: high,urgent
+    - topic: calc
+      command: calc
+    ```
+
 In this example, when `ntfy subscribe --from-config` is executed:
 
 * Messages to `echo-this` simply echos to standard out
-* Messages to `alerts` display as desktop notification for high priority messages using [notify-send](https://manpages.ubuntu.com/manpages/focal/man1/notify-send.1.html)
-* Messages to `calc` open the gnome calculator 😀 (*because, why not*)
-* Messages to `print-temp` execute an inline script and print the CPU temperature
+* Messages to `alerts` display as desktop notification for high priority messages using [notify-send](https://manpages.ubuntu.com/manpages/focal/man1/notify-send.1.html) (Linux), 
+  [notifu](https://www.paralint.com/projects/notifu/) (Windows) or `osascript` (macOS) 
+* Messages to `calc` open the calculator 😀 (*because, why not*)
+* Messages to `print-temp` execute an inline script and print the CPU temperature (Linux version only)
 
 I hope this shows how powerful this command is. Here's a short video that demonstrates the above example:
 

docs/subscribe/phone.md

@@ -31,7 +31,7 @@ If those screenshots are still not enough, here's a video:
 </figure>
 
 ## Message priority
-When you [publish messages](../publish.md#message-priority) to a topic, you can define a priority. This priority defines
+When you [publish messages](../publish.md#message-priority) to a topic, you can **define a priority**. This priority defines
 how urgently Android will notify you about the notification, and whether they make a sound and/or vibrate.
 
 By default, messages with default priority or higher (>= 3) will vibrate and make a sound. Messages with high or urgent
@@ -42,11 +42,19 @@ priority (>= 4) will also show as pop-over, like so:
   <figcaption>High and urgent notifications show as pop-over</figcaption>
 </figure>
 
-You can change these settings in Android by long-pressing on the app, and tapping "Notifications". You can then configure
-the settings (and custom sounds or vibration) for each of the priorities:
+You can change these settings in Android by long-pressing on the app, and tapping "Notifications", or from the "Settings"
+menu under "Channel settings". There is one notification channel for each priority:
 
 <figure markdown>
-  ![notification settings](../static/img/android-notification-settings.png){ width=500 }
+  ![notification settings](../static/img/android-screenshot-notification-settings.png){ width=500 }
+  <figcaption>Per-priority channels</figcaption>
+</figure>
+
+Per notification channel, you can configure a **channel-specific sound**, whether to **override the Do Not Disturb (DND)**
+setting, and other settings such as popover or notification dot:
+
+<figure markdown>
+  ![channel details](../static/img/android-screenshot-notification-details.jpg){ width=500 }
   <figcaption>Per-priority sound/vibration settings</figcaption>
 </figure>
 
@@ -80,6 +88,34 @@ notifications. Firebase is overall pretty bad at delivering messages in time, bu
 The ntfy Android app uses Firebase only for the main host `ntfy.sh`, and only in the Google Play flavor of the app.
 It won't use Firebase for any self-hosted servers, and not at all in the the F-Droid flavor.
 
+## Share to topic
+You can share files to a topic using Android's "Share" feature. This works in almost any app that supports sharing files
+or text, and it's useful for sending yourself links, files or other things. The feature remembers a few of the last topics
+you shared content to and lists them at the bottom.
+
+The feature is pretty self-explanatory, and one picture says more than a thousand words. So here are two pictures:
+
+<div id="share-to-topic-screenshots" class="screenshots">
+    <a href="../../static/img/android-screenshot-share-1.jpg"><img src="../../static/img/android-screenshot-share-1.jpg"/></a>
+    <a href="../../static/img/android-screenshot-share-2.jpg"><img src="../../static/img/android-screenshot-share-2.jpg"/></a>
+</div>
+
+## ntfy:// links
+The ntfy Android app supports deep linking directly to topics. This is useful when integrating with [automation apps](#automation-apps)
+such as [MacroDroid](https://play.google.com/store/apps/details?id=com.arlosoft.macrodroid) or [Tasker](https://play.google.com/store/apps/details?id=net.dinglisch.android.taskerm),
+or to simply directly link to a topic from a mobile website. 
+
+!!! info
+    Android deep linking of http/https links is very brittle and limited, which is why something like `https://<host>/<topic>/subscribe` is 
+    **not possible**, and instead `ntfy://` links have to be used. More details in [issue #20](https://github.com/binwiederhier/ntfy/issues/20).
+
+**Supported link formats:**
+
+| Link format                                                                   | Example                                   | Description                                                                                                                                                                                         |
+|-------------------------------------------------------------------------------|-------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| <span style="white-space: nowrap">`ntfy://<host>/<topic>`</span>              | `ntfy://ntfy.sh/mytopic`                  | Directly opens the Android app detail view for the given topic and server. Subscribes to the topic if not already subscribed. This is equivalent to the web view `https://ntfy.sh/mytopic` (HTTPS!) |
+| <span style="white-space: nowrap">`ntfy://<host>/<topic>?secure=false`</span> | `ntfy://example.com/mytopic?secure=false` | Same as above, except that this will use HTTP instead of HTTPS as topic URL. This is equivalent to the web view `http://example.com/mytopic` (HTTP!)                                                |
+
 ## Integrations
 
 ### UnifiedPush
@@ -130,19 +166,21 @@ notification popups:
 
 Here's a list of extras you can access. Most likely, you'll want to filter for `topic` and react on `message`:
 
-| Extra name | Type | Example | Description |
-|---|---|---|---|
-| `id` | *string* | `bP8dMjO8ig` | Randomly chosen message identifier (likely not very useful for task automation) |
-| `base_url` | *string* | `https://ntfy.sh` | Root URL of the ntfy server this message came from |
-| `topic` ❤️ | *string* | `mytopic` | Topic name; **you'll likely want to filter for a specific topic** |
-| `muted` | *bool* | `true` | Indicates whether the subscription was muted in the app |
-| `muted_str` | *string (`true` or `false`)* | `true` | Same as `muted`, but as string `true` or `false` |
-| `time` | *int* | `1635528741` | Message date time, as Unix time stamp |
-| `title` | *string* | `Some title` | Message [title](../publish.md#message-title); may be empty if not set |
-| `message` ❤️ | *string* | `Some message` | Message body; **this is likely what you're interested in** |
-| `tags` | *string* | `tag1,tag2,..` | Comma-separated list of [tags](../publish.md#tags-emojis) |
-| `tags_map` | *string* | `0=tag1,1=tag2,..` | Map of tags to make it easier to map first, second, ... tag |
-| `priority` | *int (between 1-5)* | `4` | Message [priority](../publish.md#message-priority) with 1=min, 3=default and 5=max |
+| Extra name      | Type                         | Example            | Description                                                                        |
+|-----------------|------------------------------|--------------------|------------------------------------------------------------------------------------|
+| `id`            | *String*                     | `bP8dMjO8ig`       | Randomly chosen message identifier (likely not very useful for task automation)    |
+| `base_url`      | *String*                     | `https://ntfy.sh`  | Root URL of the ntfy server this message came from                                 |
+| `topic` ❤️      | *String*                     | `mytopic`          | Topic name; **you'll likely want to filter for a specific topic**                  |
+| `muted`         | *Boolean*                    | `true`             | Indicates whether the subscription was muted in the app                            |
+| `muted_str`     | *String (`true` or `false`)* | `true`             | Same as `muted`, but as string `true` or `false`                                   |
+| `time`          | *Int*                        | `1635528741`       | Message date time, as Unix time stamp                                              |
+| `title`         | *String*                     | `Some title`       | Message [title](../publish.md#message-title); may be empty if not set              |
+| `message` ❤️    | *String*                     | `Some message`     | Message body; **this is likely what you're interested in**                         |
+| `message_bytes` | *ByteArray*                  | `(binary data)`    | Message body as binary data                                                        |
+| `encoding`️     | *String*                     | -                  | Message encoding (empty or "base64")                                               |
+| `tags`          | *String*                     | `tag1,tag2,..`     | Comma-separated list of [tags](../publish.md#tags-emojis)                          |
+| `tags_map`      | *String*                     | `0=tag1,1=tag2,..` | Map of tags to make it easier to map first, second, ... tag                        |
+| `priority`      | *Int (between 1-5)*          | `4`                | Message [priority](../publish.md#message-priority) with 1=min, 3=default and 5=max |
 
 #### Send messages using intents
 To send messages from other apps (such as [MacroDroid](https://play.google.com/store/apps/details?id=com.arlosoft.macrodroid)
@@ -164,14 +202,14 @@ Here's what that looks like:
 
 The following intent extras are supported when for the intent with the `io.heckel.ntfy.SEND_MESSAGE` action:
 
-| Extra name | Required | Type | Example | Description |
-|---|---|---|---|---|
-| `base_url` | - | *string* | `https://ntfy.sh` | Root URL of the ntfy server this message came from, defaults to `https://ntfy.sh` |
-| `topic` ❤️ | ✔ | *string* | `mytopic` | Topic name; **you must set this** |
-| `title` | - | *string* | `Some title` | Message [title](../publish.md#message-title); may be empty if not set |
-| `message` ❤️ | ✔ | *string* | `Some message` | Message body; **you must set this** |
-| `tags` | - | *string* | `tag1,tag2,..` | Comma-separated list of [tags](../publish.md#tags-emojis) |
-| `priority` | - | *string or int (between 1-5)* | `4` | Message [priority](../publish.md#message-priority) with 1=min, 3=default and 5=max |
+| Extra name   | Required | Type                          | Example           | Description                                                                        |
+|--------------|----------|-------------------------------|-------------------|------------------------------------------------------------------------------------|
+| `base_url`   | -        | *String*                      | `https://ntfy.sh` | Root URL of the ntfy server this message came from, defaults to `https://ntfy.sh`  |
+| `topic` ❤️   | ✔        | *String*                      | `mytopic`         | Topic name; **you must set this**                                                  |
+| `title`      | -        | *String*                      | `Some title`      | Message [title](../publish.md#message-title); may be empty if not set              |
+| `message` ❤️ | ✔        | *String*                      | `Some message`    | Message body; **you must set this**                                                |
+| `tags`       | -        | *String*                      | `tag1,tag2,..`    | Comma-separated list of [tags](../publish.md#tags-emojis)                          |
+| `priority`   | -        | *String or Int (between 1-5)* | `4`               | Message [priority](../publish.md#message-priority) with 1=min, 3=default and 5=max |
 
 ## iPhone/iOS
 I almost feel devious for putting the *Download on the App Store* button on this page. Currently, there is no iOS app

docs/subscribe/web.md

@@ -6,9 +6,9 @@ keep a connection open and listen for incoming notifications.
 To learn how to send messages, check out the [publishing page](../publish.md).
 
 <div id="web-screenshots" class="screenshots">
-    <a href="../../static/img/web-subscribe.png"><img src="../../static/img/web-subscribe.png"/></a>
-    <a href="../../static/img/web-notification.png"><img src="../../static/img/web-notification.png"/></a>
     <a href="../../static/img/web-detail.png"><img src="../../static/img/web-detail.png"/></a> 
+    <a href="../../static/img/web-notification.png"><img src="../../static/img/web-notification.png"/></a>
+    <a href="../../static/img/web-subscribe.png"><img src="../../static/img/web-subscribe.png"/></a>
 </div>
 
 To keep receiving desktop notifications from ntfy, you need to keep the website open. What I do, and what I highly recommend,

go.mod

@@ -4,48 +4,50 @@ go 1.17
 
 require (
 	cloud.google.com/go/firestore v1.6.1 // indirect
-	cloud.google.com/go/storage v1.19.0 // indirect
+	cloud.google.com/go/storage v1.22.0 // indirect
 	firebase.google.com/go v3.13.0+incompatible
-	github.com/BurntSushi/toml v1.0.0 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect
+	github.com/BurntSushi/toml v1.1.0 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
 	github.com/emersion/go-smtp v0.15.0
 	github.com/gabriel-vasile/mimetype v1.4.0
-	github.com/gorilla/websocket v1.4.2
-	github.com/mattn/go-sqlite3 v1.14.11
+	github.com/gorilla/websocket v1.5.0
+	github.com/mattn/go-sqlite3 v1.14.13
 	github.com/olebedev/when v0.0.0-20211212231525-59bd4edcf9d6
 	github.com/stretchr/testify v1.7.0
-	github.com/urfave/cli/v2 v2.3.0
-	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
-	golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
-	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
-	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
-	golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11
-	google.golang.org/api v0.67.0
+	github.com/urfave/cli/v2 v2.6.0
+	golang.org/x/crypto v0.0.0-20220513210258-46612604a0f9
+	golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect
+	golang.org/x/sync v0.0.0-20220513210516-0976fa681c29
+	golang.org/x/term v0.0.0-20220411215600-e5f449aeb171
+	golang.org/x/time v0.0.0-20220411224347-583f2d630306
+	google.golang.org/api v0.79.0
 	gopkg.in/yaml.v2 v2.4.0
 )
 
+require github.com/pkg/errors v0.9.1 // indirect
+
 require (
-	cloud.google.com/go v0.100.2 // indirect
-	cloud.google.com/go/compute v1.2.0 // indirect
-	cloud.google.com/go/iam v0.1.1 // indirect
-	github.com/AlekSi/pointer v1.0.0 // indirect
+	cloud.google.com/go v0.101.1 // indirect
+	cloud.google.com/go/compute v1.6.1 // indirect
+	cloud.google.com/go/iam v0.3.0 // indirect
+	github.com/AlekSi/pointer v1.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/emersion/go-sasl v0.0.0-20211008083017-0b9dcfb154ac // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/google/go-cmp v0.5.7 // indirect
-	github.com/googleapis/gax-go/v2 v2.1.1 // indirect
-	github.com/pkg/errors v0.9.1 // indirect
+	github.com/google/go-cmp v0.5.8 // indirect
+	github.com/googleapis/gax-go/v2 v2.4.0 // indirect
+	github.com/googleapis/go-type-adapters v1.0.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	go.opencensus.io v0.23.0 // indirect
-	golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d // indirect
-	golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27 // indirect
+	golang.org/x/net v0.0.0-20220516133312-45b265872317 // indirect
+	golang.org/x/sys v0.0.0-20220513210249-45d2b4557a2a // indirect
 	golang.org/x/text v0.3.7 // indirect
-	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+	golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20220203182621-f4ae394cde3f // indirect
-	google.golang.org/grpc v1.44.0 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
+	google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3 // indirect
+	google.golang.org/grpc v1.46.2 // indirect
+	google.golang.org/protobuf v1.28.0 // indirect
 	gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
 )

go.sum

@@ -26,9 +26,9 @@ cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+Y
 cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4=
 cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc=
 cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA=
-cloud.google.com/go v0.100.1/go.mod h1:fs4QogzfH5n2pBXBP9vRiU+eCny7lD2vmFZy79Iuw1U=
-cloud.google.com/go v0.100.2 h1:t9Iw5QH5v4XtlEQaCtUY7x6sCABps8sW0acw7e2WQ6Y=
 cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A=
+cloud.google.com/go v0.101.1 h1:3+/0TAm9JD/PyhkrDWQWi2L197h3euCsM+H+J4iYTR8=
+cloud.google.com/go v0.101.1/go.mod h1:55HwjsGW4CHD3JrNuMdZtSDsgTs0CuCB/bBTugD+7AA=
 cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
 cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
 cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
@@ -36,14 +36,17 @@ cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUM
 cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
 cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
 cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow=
-cloud.google.com/go/compute v1.2.0 h1:EKki8sSdvDU0OO9mAXGwPXOTOgPz2l08R0/IutDH11I=
-cloud.google.com/go/compute v1.2.0/go.mod h1:xlogom/6gr8RJGBe7nT2eGsQYAFUbbv8dbC29qE3Xmw=
+cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM=
+cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M=
+cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz/FMzPu0s=
+cloud.google.com/go/compute v1.6.1 h1:2sMmt8prCn7DPaG4Pmh0N3Inmc8cT8ae5k1M6VJ9Wqc=
+cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU=
 cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
 cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
 cloud.google.com/go/firestore v1.6.1 h1:8rBq3zRjnHx8UtBvaOWqBB1xq9jH6/wltfQLlTMh2Fw=
 cloud.google.com/go/firestore v1.6.1/go.mod h1:asNXNOzBdyVQmEU+ggO8UPodTkEVFW5Qx+rwHnAz+EY=
-cloud.google.com/go/iam v0.1.1 h1:4CapQyNFjiksks1/x7jsvsygFPhihslYk5GptIrlX68=
-cloud.google.com/go/iam v0.1.1/go.mod h1:CKqrcnI/suGpybEHxZ7BMehL0oA4LpdyJdUlTl9jVMw=
+cloud.google.com/go/iam v0.3.0 h1:exkAomrVUuzx9kWFI1wm3KI0uoDeUFPB4kKGzx6x+Gc=
+cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY=
 cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
 cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
 cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
@@ -53,16 +56,17 @@ cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0Zeo
 cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
 cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
-cloud.google.com/go/storage v1.19.0 h1:XOQSnPJD8hRtZJ3VdCyK0mBZsGGImrzPAMbSWcHSe6Q=
-cloud.google.com/go/storage v1.19.0/go.mod h1:6rgiTRjOqI/Zd9YKimub5TIB4d+p3LH33V3ZE1DMuUM=
+cloud.google.com/go/storage v1.22.0 h1:NUV0NNp9nkBuW66BFRLuMgldN60C57ET3dhbwLIYio8=
+cloud.google.com/go/storage v1.22.0/go.mod h1:GbaLEoMqbVm6sx3Z0R++gSiBlgMv6yUi2q1DeGFKQgE=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
 firebase.google.com/go v3.13.0+incompatible h1:3TdYC3DDi6aHn20qoRkxwGqNgdjtblwVAyRLQwGn/+4=
 firebase.google.com/go v3.13.0+incompatible/go.mod h1:xlah6XbEyW6tbfSklcfe5FHJIwjt8toICdV5Wh9ptHs=
-github.com/AlekSi/pointer v1.0.0 h1:KWCWzsvFxNLcmM5XmiqHsGTTsuwZMsLFwWF9Y+//bNE=
 github.com/AlekSi/pointer v1.0.0/go.mod h1:1kjywbfcPFCmncIxtk6fIEub6LKrfMz3gc5QKVOSOA8=
+github.com/AlekSi/pointer v1.2.0 h1:glcy/gc4h8HnG2Z3ZECSzZ1IX1x2JxRVuDzaJwQE0+w=
+github.com/AlekSi/pointer v1.2.0/go.mod h1:gZGfd3dpW4vEc/UlyfKKi1roIqcCgwOIvb0tSNSBle0=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/BurntSushi/toml v1.0.0 h1:dtDWrepsVPfW9H/4y7dDgFc2MBUSeJhlaDtK13CxFlU=
-github.com/BurntSushi/toml v1.0.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
+github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I=
+github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
@@ -80,10 +84,11 @@ github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XP
 github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU=
 github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
+github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -100,6 +105,7 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.m
 github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
 github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
 github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
+github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/gabriel-vasile/mimetype v1.4.0 h1:Cn9dkdYsMIu56tGho+fqzh7XmvY2YyGU0FnbhiOsEro=
 github.com/gabriel-vasile/mimetype v1.4.0/go.mod h1:fA8fi6KUiG7MgQQ+mEWotXoEOvmxRtOJlERCzSmRvr8=
@@ -155,14 +161,16 @@ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
 github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
+github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
+github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
 github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
-github.com/google/martian/v3 v3.2.1 h1:d8MncMlErDFTwQGBK1xhv026j9kqhvw1Qv9IbWT1VLQ=
 github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
+github.com/google/martian/v3 v3.3.2 h1:IqNFLAmvJOgVlpdEBiQbDc2EwKW77amAycfTuWKdfvw=
+github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
@@ -182,10 +190,16 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
 github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0=
-github.com/googleapis/gax-go/v2 v2.1.1 h1:dp3bWCh+PPO1zjRRiCSczJav13sBvG4UhNyVTa1KqdU=
 github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM=
-github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc=
-github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM=
+github.com/googleapis/gax-go/v2 v2.3.0 h1:nRJtk3y8Fm770D42QV6T90ZnvFZyk7agSo3Q+Z9p3WI=
+github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM=
+github.com/googleapis/gax-go/v2 v2.4.0 h1:dS9eYAjhrE2RjmzYw2XAPvcXfmcQLtFEQWn0CR82awk=
+github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c=
+github.com/googleapis/go-type-adapters v1.0.0 h1:9XdMn+d/G57qq1s8dNc5IesGCXHf6V2HZ2JwRxfA2tA=
+github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4=
+github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
+github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
@@ -199,8 +213,10 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/mattn/go-sqlite3 v1.14.11 h1:gt+cp9c0XGqe9S/wAHTL3n/7MqY+siPWgWJgqdsFrzQ=
-github.com/mattn/go-sqlite3 v1.14.11/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
+github.com/mattn/go-sqlite3 v1.14.12 h1:TJ1bhYJPV44phC+IMu1u2K/i5RriLTPe+yc68XDJ1Z0=
+github.com/mattn/go-sqlite3 v1.14.12/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
+github.com/mattn/go-sqlite3 v1.14.13 h1:1tj15ngiFfcZzii7yd82foL+ks+ouQcj8j/TPq3fk1I=
+github.com/mattn/go-sqlite3 v1.14.13/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/olebedev/when v0.0.0-20211212231525-59bd4edcf9d6 h1:oDSPaYiL2dbjcArLrFS8ANtwgJMyOLzvQCZon+XmFsk=
 github.com/olebedev/when v0.0.0-20211212231525-59bd4edcf9d6/go.mod h1:DPucAeQGDPUzYUt+NaWw6qsF5SFapWWToxEiVDh2aV0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -211,10 +227,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
-github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
@@ -223,8 +237,8 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M=
-github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
+github.com/urfave/cli/v2 v2.6.0 h1:yj2Drkflh8X/zUrkWlWlUjZYHyWN7WMmpVxyxXIUyv8=
+github.com/urfave/cli/v2 v2.6.0/go.mod h1:oDzoM7pVwz6wHn5ogWgFUU1s4VJayeQS+aEZDqXIEJs=
 github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
@@ -243,8 +257,13 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20220507011949-2cf3adece122 h1:NvGWuYG8dkDHFSKksI1P9faiVJ9rayE6l0+ouWVIDs8=
+golang.org/x/crypto v0.0.0-20220507011949-2cf3adece122/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88 h1:Tgea0cVUD0ivh5ADBX4WwuI12DUd2to3nCYe2eayMIw=
+golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220513210258-46612604a0f9 h1:NUzdAbFtCJSXU20AOXgeqaUwg8Ypg4MPYmL+d+rsB5c=
+golang.org/x/crypto v0.0.0-20220513210258-46612604a0f9/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -316,8 +335,15 @@ golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLd
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210505024714-0287a6fb4125/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d h1:LO7XpTYMwTqxjLcGWPijK3vRXg1aWdlNOVOHRq45d7c=
-golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 h1:HVyaeDAYux4pnY+D/SiwmLOR36ewZ4iGQIIrtnuCjFA=
+golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.0.0-20220516133312-45b265872317 h1:r49syLG49NYZTBMIAay/ng07NB4DW3GzH7LylUq15UM=
+golang.org/x/net v0.0.0-20220516133312-45b265872317/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -334,8 +360,11 @@ golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg=
 golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
+golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
+golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
+golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 h1:OSnWWcOd/CtWQC2cYSBgbTSJv3ciqd8r54ySIW2y3RE=
+golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -348,6 +377,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220513210516-0976fa681c29 h1:w8s32wxx3sY+OjLlv9qltkLU5yvJzxjjgiHWLjdIcw4=
+golang.org/x/sync v0.0.0-20220513210516-0976fa681c29/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -398,12 +429,20 @@ golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27 h1:XDXtA5hveEEV8JB2l7nhMTp3t3cHp9ZpwcdjqyEWLlo=
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6 h1:nonptSpoQ4vQjyraW20DXPAglgQfVnM9ZC6MmNLMR60=
+golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220513210249-45d2b4557a2a h1:N2T1jUrTQE9Re6TFF5PhvEHXHCguynGhKjWVsIUt5cY=
+golang.org/x/sys v0.0.0-20220513210249-45d2b4557a2a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.0.0-20220411215600-e5f449aeb171 h1:EH1Deb8WZJ0xc0WK//leUHXcX9aLE5SymusoTmMZye8=
+golang.org/x/term v0.0.0-20220411215600-e5f449aeb171/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -417,8 +456,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 h1:GZokNIeuVkl3aZHJchRrr13WCsols02MLUcz1U9is6M=
-golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20220411224347-583f2d630306 h1:+gHMid33q6pen7kv9xvT+JRinntgeXO2AeZVd0AWD3w=
+golang.org/x/time v0.0.0-20220411224347-583f2d630306/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
@@ -473,8 +512,9 @@ golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f h1:GGU+dLjvlC3qDwqYgL6UgRmHXhOOgns0bZu2Ty5mm6U=
+golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
 google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
 google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
@@ -507,11 +547,15 @@ google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdr
 google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUbuZU=
 google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I=
 google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo=
-google.golang.org/api v0.64.0/go.mod h1:931CdxA8Rm4t6zqTFGSsgwbAEZ2+GMYurbndwSimebM=
-google.golang.org/api v0.65.0/go.mod h1:ArYhxgGadlWmqO1IqVujw6Cs8IdD33bTmzKo2Sh+cbg=
-google.golang.org/api v0.66.0/go.mod h1:I1dmXYpX7HGwz/ejRxwQp2qj5bFAz93HiCU1C1oYd9M=
-google.golang.org/api v0.67.0 h1:lYaaLa+x3VVUhtosaK9xihwQ9H9KRa557REHwwZ2orM=
 google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g=
+google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA=
+google.golang.org/api v0.71.0/go.mod h1:4PyU6e6JogV1f9eA4voyrTY2batOLdgZ5qZ5HOCc4j8=
+google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs=
+google.golang.org/api v0.75.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA=
+google.golang.org/api v0.77.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA=
+google.golang.org/api v0.78.0/go.mod h1:1Sg78yoMLOhlQTeF+ARBoytAcH1NNyyl390YMy6rKmw=
+google.golang.org/api v0.79.0 h1:vaOcm0WdXvhGkci9a0+CcQVZqSRjN8ksSBlWv99f8Pg=
+google.golang.org/api v0.79.0/go.mod h1:xY3nI94gbvBrE0J6NHXhxOmW97HG7Khjkku6AFB3Hyg=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -559,6 +603,7 @@ google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6D
 google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
 google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
+google.golang.org/genproto v0.0.0-20210329143202-679c6ae281ee/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
 google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
 google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
 google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
@@ -582,15 +627,22 @@ google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ6
 google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
 google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
 google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20211223182754-3ac035c7e7cb/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220111164026-67b88f271998/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220114231437-d2e6a121cae0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
 google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220201184016-50beb8ab5c44/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220203182621-f4ae394cde3f h1:w9Sx4FBkwsN0jMZz8E42tMdmhZ5b2Z/vFx2LKAxxI9o=
-google.golang.org/genproto v0.0.0-20220203182621-f4ae394cde3f/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
+google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
+google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
+google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
+google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
+google.golang.org/genproto v0.0.0-20220310185008-1973136f34c6/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
+google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E=
+google.golang.org/genproto v0.0.0-20220405205423-9d709892a2bf/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
+google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
+google.golang.org/genproto v0.0.0-20220413183235-5e96e2839df9/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
+google.golang.org/genproto v0.0.0-20220414192740-2d67ff6cf2b4/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
+google.golang.org/genproto v0.0.0-20220421151946-72621c1f0bd3/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
+google.golang.org/genproto v0.0.0-20220429170224-98d788798c3e/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
+google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
+google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3 h1:q1kiSVscqoDeqTF27eQ2NnLLDmqF0I373qQNXYMy0fo=
+google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
 google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
@@ -617,8 +669,12 @@ google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnD
 google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE=
 google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
 google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
-google.golang.org/grpc v1.44.0 h1:weqSxi/TMs1SqFRMHCtBgXRs8k3X39QIDEZ0pRcttUg=
 google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
+google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ=
+google.golang.org/grpc v1.46.0 h1:oCjezcn6g6A75TGoKYBPgKmVBLexhYLM6MebdrPApP8=
+google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
+google.golang.org/grpc v1.46.2 h1:u+MLGgVf7vRdjEYZ8wDFhAVNmhkbJ5hmrA1LMWK1CAQ=
+google.golang.org/grpc v1.46.2/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
@@ -632,8 +688,9 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
+google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

main.go

@@ -19,10 +19,11 @@ func main() {
 Try 'ntfy COMMAND --help' or https://ntfy.sh/docs/ for more information.
 
 To report a bug, open an issue on GitHub: https://github.com/binwiederhier/ntfy/issues.
-If you want to chat, simply join the Discord server: https://discord.gg/cT7ECsZj9w.
+If you want to chat, simply join the Discord server (https://discord.gg/cT7ECsZj9w), or
+the Matrix room (https://matrix.to/#/#ntfy:matrix.org).
 
 ntfy %s (%s), runtime %s, built at %s
-Copyright (C) 2021 Philipp C. Heckel, licensed under Apache License 2.0 & GPLv2
+Copyright (C) 2022 Philipp C. Heckel, licensed under Apache License 2.0 & GPLv2
 `, version, commit[:7], runtime.Version(), date)
 
 	app := cmd.New()

requirements.txt

@@ -1,9 +1,3 @@
 # The documentation uses 'mkdocs', which is written in Python
-
-# See https://github.com/squidfunk/mkdocs-material/issues/2030
-jinja2>=2.11.1
-
-# mkdocs
-mkdocs
 mkdocs-material
 mkdocs-minify-plugin

scripts/emoji-convert.sh

@@ -10,7 +10,7 @@ if [ -z "$1" ]; then
     echo "Syntax: $0 FILE.(js|json|md)"
     echo "Example:"
     echo "  $0 emoji-converted.json"
-    echo "  $0 $ROOTDIR/server/static/js/emoji.js"
+    echo "  $0 $ROOTDIR/web/src/app/emojis.js"
     echo "  $0 $ROOTDIR/docs/emojis.md"
     exit 1
 fi
@@ -18,8 +18,8 @@ fi
 if [[ "$1" == *.js ]]; then
   echo -n "// This file is generated by scripts/emoji-convert.sh to reduce the size
 // Original data source: https://github.com/github/gemoji/blob/master/db/emoji.json
-const rawEmojis = " > "$1"
-    cat "$SCRIPTDIR/emoji.json" | jq -rc 'map({emoji: .emoji,aliases: .aliases})' >> "$1"
+export const rawEmojis = " > "$1"
+    cat "$SCRIPTDIR/emoji.json" | jq -rc 'map({emoji: .emoji, aliases: .aliases, tags: .tags, category: .category, description: .description, unicode_version: .unicode_version})' >> "$1"
 elif [[ "$1" == *.md ]]; then
   echo "# Emoji reference
 

server/actions.go

@@ -0,0 +1,307 @@
+package server
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"heckel.io/ntfy/util"
+	"regexp"
+	"strings"
+	"unicode/utf8"
+)
+
+const (
+	actionIDLength = 10
+	actionEOF      = rune(0)
+	actionsMax     = 3
+)
+
+const (
+	actionView      = "view"
+	actionBroadcast = "broadcast"
+	actionHTTP      = "http"
+)
+
+var (
+	actionsAll      = []string{actionView, actionBroadcast, actionHTTP}
+	actionsWithURL  = []string{actionView, actionHTTP}
+	actionsKeyRegex = regexp.MustCompile(`^([-.\w]+)\s*=\s*`)
+)
+
+type actionParser struct {
+	input string
+	pos   int
+}
+
+// parseActions parses the actions string as described in https://ntfy.sh/docs/publish/#action-buttons.
+// It supports both a JSON representation (if the string begins with "[", see parseActionsFromJSON),
+// and the "simple" format, which is more human-readable, but harder to parse (see parseActionsFromSimple).
+func parseActions(s string) (actions []*action, err error) {
+	// Parse JSON or simple format
+	s = strings.TrimSpace(s)
+	if strings.HasPrefix(s, "[") {
+		actions, err = parseActionsFromJSON(s)
+	} else {
+		actions, err = parseActionsFromSimple(s)
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	// Add ID field, ensure correct uppercase/lowercase
+	for i := range actions {
+		actions[i].ID = util.RandomString(actionIDLength)
+		actions[i].Action = strings.ToLower(actions[i].Action)
+		actions[i].Method = strings.ToUpper(actions[i].Method)
+	}
+
+	// Validate
+	if len(actions) > actionsMax {
+		return nil, fmt.Errorf("only %d actions allowed", actionsMax)
+	}
+	for _, action := range actions {
+		if !util.InStringList(actionsAll, action.Action) {
+			return nil, fmt.Errorf("parameter 'action' cannot be '%s', valid values are 'view', 'broadcast' and 'http'", action.Action)
+		} else if action.Label == "" {
+			return nil, fmt.Errorf("parameter 'label' is required")
+		} else if util.InStringList(actionsWithURL, action.Action) && action.URL == "" {
+			return nil, fmt.Errorf("parameter 'url' is required for action '%s'", action.Action)
+		} else if action.Action == actionHTTP && util.InStringList([]string{"GET", "HEAD"}, action.Method) && action.Body != "" {
+			return nil, fmt.Errorf("parameter 'body' cannot be set if method is %s", action.Method)
+		}
+	}
+
+	return actions, nil
+}
+
+// parseActionsFromJSON converts a JSON array into an array of actions
+func parseActionsFromJSON(s string) ([]*action, error) {
+	actions := make([]*action, 0)
+	if err := json.Unmarshal([]byte(s), &actions); err != nil {
+		return nil, fmt.Errorf("JSON error: %w", err)
+	}
+	return actions, nil
+}
+
+// parseActionsFromSimple parses the "simple" actions string (as described in
+// https://ntfy.sh/docs/publish/#action-buttons), into an array of actions.
+//
+// It can parse an actions string like this:
+//    view, "Look ma, commas and \"quotes\" too", url=https://..; action=broadcast, ...
+//
+// It works by advancing the position ("pos") through the input string ("input").
+//
+// The parser is heavily inspired by https://go.dev/src/text/template/parse/lex.go (which
+// is described by Rob Pike in this video: https://www.youtube.com/watch?v=HxaD_trXwRE),
+// though it does not use state functions at all.
+//
+// Other resources:
+//   https://adampresley.github.io/2015/04/12/writing-a-lexer-and-parser-in-go-part-1.html
+//   https://github.com/adampresley/sample-ini-parser/blob/master/services/lexer/lexer/Lexer.go
+//   https://github.com/benbjohnson/sql-parser/blob/master/scanner.go
+//   https://blog.gopheracademy.com/advent-2014/parsers-lexers/
+func parseActionsFromSimple(s string) ([]*action, error) {
+	if !utf8.ValidString(s) {
+		return nil, errors.New("invalid utf-8 string")
+	}
+	parser := &actionParser{
+		pos:   0,
+		input: s,
+	}
+	return parser.Parse()
+}
+
+// Parse loops trough parseAction() until the end of the string is reached
+func (p *actionParser) Parse() ([]*action, error) {
+	actions := make([]*action, 0)
+	for !p.eof() {
+		a, err := p.parseAction()
+		if err != nil {
+			return nil, err
+		}
+		actions = append(actions, a)
+	}
+	return actions, nil
+}
+
+// parseAction parses the individual sections of an action using parseSection into key/value pairs,
+// and then uses populateAction to interpret the keys/values. The function terminates
+// when EOF or ";" is reached.
+func (p *actionParser) parseAction() (*action, error) {
+	a := newAction()
+	section := 0
+	for {
+		key, value, last, err := p.parseSection()
+		if err != nil {
+			return nil, err
+		}
+		if err := populateAction(a, section, key, value); err != nil {
+			return nil, err
+		}
+		p.slurpSpaces()
+		if last {
+			return a, nil
+		}
+		section++
+	}
+}
+
+// populateAction is the "business logic" of the parser. It applies the key/value
+// pair to the action instance.
+func populateAction(newAction *action, section int, key, value string) error {
+	// Auto-expand keys based on their index
+	if key == "" && section == 0 {
+		key = "action"
+	} else if key == "" && section == 1 {
+		key = "label"
+	} else if key == "" && section == 2 && util.InStringList(actionsWithURL, newAction.Action) {
+		key = "url"
+	}
+
+	// Validate
+	if key == "" {
+		return fmt.Errorf("term '%s' unknown", value)
+	}
+
+	// Populate
+	if strings.HasPrefix(key, "headers.") {
+		newAction.Headers[strings.TrimPrefix(key, "headers.")] = value
+	} else if strings.HasPrefix(key, "extras.") {
+		newAction.Extras[strings.TrimPrefix(key, "extras.")] = value
+	} else {
+		switch strings.ToLower(key) {
+		case "action":
+			newAction.Action = value
+		case "label":
+			newAction.Label = value
+		case "clear":
+			lvalue := strings.ToLower(value)
+			if !util.InStringList([]string{"true", "yes", "1", "false", "no", "0"}, lvalue) {
+				return fmt.Errorf("parameter 'clear' cannot be '%s', only boolean values are allowed (true/yes/1/false/no/0)", value)
+			}
+			newAction.Clear = lvalue == "true" || lvalue == "yes" || lvalue == "1"
+		case "url":
+			newAction.URL = value
+		case "method":
+			newAction.Method = value
+		case "body":
+			newAction.Body = value
+		default:
+			return fmt.Errorf("key '%s' unknown", key)
+		}
+	}
+	return nil
+}
+
+// parseSection parses a section ("key=value") and returns a key/value pair. It terminates
+// when EOF or "," is reached.
+func (p *actionParser) parseSection() (key string, value string, last bool, err error) {
+	p.slurpSpaces()
+	key = p.parseKey()
+	r, w := p.peek()
+	if isSectionEnd(r) {
+		p.pos += w
+		last = isLastSection(r)
+		return
+	} else if r == '"' || r == '\'' {
+		value, last, err = p.parseQuotedValue(r)
+		return
+	}
+	value, last = p.parseValue()
+	return
+}
+
+// parseKey uses a regex to determine whether the current position is a key definition ("key =")
+// and returns the key if it is, or an empty string otherwise.
+func (p *actionParser) parseKey() string {
+	matches := actionsKeyRegex.FindStringSubmatch(p.input[p.pos:])
+	if len(matches) == 2 {
+		p.pos += len(matches[0])
+		return matches[1]
+	}
+	return ""
+}
+
+// parseValue reads the input until EOF, "," or ";" and returns the value string. Unlike parseQuotedValue,
+// this function does not support "," or ";" in the value itself, and spaces in the beginning and end of the
+// string are trimmed.
+func (p *actionParser) parseValue() (value string, last bool) {
+	start := p.pos
+	for {
+		r, w := p.peek()
+		if isSectionEnd(r) {
+			last = isLastSection(r)
+			value = strings.TrimSpace(p.input[start:p.pos])
+			p.pos += w
+			return
+		}
+		p.pos += w
+	}
+}
+
+// parseQuotedValue reads the input until it finds an unescaped end quote character ("), and then
+// advances the position beyond the section end. It supports quoting strings using backslash (\).
+func (p *actionParser) parseQuotedValue(quote rune) (value string, last bool, err error) {
+	p.pos++
+	start := p.pos
+	var prev rune
+	for {
+		r, w := p.peek()
+		if r == actionEOF {
+			err = fmt.Errorf("unexpected end of input, quote started at position %d", start)
+			return
+		} else if r == quote && prev != '\\' {
+			value = strings.ReplaceAll(p.input[start:p.pos], "\\"+string(quote), string(quote)) // \" -> "
+			p.pos += w
+
+			// Advance until section end (after "," or ";")
+			p.slurpSpaces()
+			r, w := p.peek()
+			last = isLastSection(r)
+			if !isSectionEnd(r) {
+				err = fmt.Errorf("unexpected character '%c' at position %d", r, p.pos)
+				return
+			}
+			p.pos += w
+			return
+		}
+		prev = r
+		p.pos += w
+	}
+}
+
+// slurpSpaces reads all space characters and advances the position
+func (p *actionParser) slurpSpaces() {
+	for {
+		r, w := p.peek()
+		if r == actionEOF || !isSpace(r) {
+			return
+		}
+		p.pos += w
+	}
+}
+
+// peek returns the next run and its width
+func (p *actionParser) peek() (rune, int) {
+	if p.eof() {
+		return actionEOF, 0
+	}
+	return utf8.DecodeRuneInString(p.input[p.pos:])
+}
+
+// eof returns true if the end of the input has been reached
+func (p *actionParser) eof() bool {
+	return p.pos >= len(p.input)
+}
+
+func isSpace(r rune) bool {
+	return r == ' ' || r == '\t' || r == '\r' || r == '\n'
+}
+
+func isSectionEnd(r rune) bool {
+	return r == actionEOF || r == ';' || r == ','
+}
+
+func isLastSection(r rune) bool {
+	return r == actionEOF || r == ';'
+}

server/actions_test.go

@@ -0,0 +1,176 @@
+package server
+
+import (
+	"github.com/stretchr/testify/require"
+	"testing"
+)
+
+func TestParseActions(t *testing.T) {
+	actions, err := parseActions("[]")
+	require.Nil(t, err)
+	require.Empty(t, actions)
+
+	// Basic test
+	actions, err = parseActions("action=http, label=Open door, url=https://door.lan/open; view, Show portal, https://door.lan")
+	require.Nil(t, err)
+	require.Equal(t, 2, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, "Open door", actions[0].Label)
+	require.Equal(t, "https://door.lan/open", actions[0].URL)
+	require.Equal(t, "view", actions[1].Action)
+	require.Equal(t, "Show portal", actions[1].Label)
+	require.Equal(t, "https://door.lan", actions[1].URL)
+
+	// JSON
+	actions, err = parseActions(`[{"action":"http","label":"Open door","url":"https://door.lan/open"}, {"action":"view","label":"Show portal","url":"https://door.lan"}]`)
+	require.Nil(t, err)
+	require.Equal(t, 2, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, "Open door", actions[0].Label)
+	require.Equal(t, "https://door.lan/open", actions[0].URL)
+	require.Equal(t, "view", actions[1].Action)
+	require.Equal(t, "Show portal", actions[1].Label)
+	require.Equal(t, "https://door.lan", actions[1].URL)
+
+	// Other params
+	actions, err = parseActions("action=http, label=Open door, url=https://door.lan/open, body=this is a body, method=PUT")
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, "Open door", actions[0].Label)
+	require.Equal(t, "https://door.lan/open", actions[0].URL)
+	require.Equal(t, "PUT", actions[0].Method)
+	require.Equal(t, "this is a body", actions[0].Body)
+
+	// Extras with underscores
+	actions, err = parseActions("action=broadcast, label=Do a thing, extras.command=some command, extras.some_param=a parameter")
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "broadcast", actions[0].Action)
+	require.Equal(t, "Do a thing", actions[0].Label)
+	require.Equal(t, 2, len(actions[0].Extras))
+	require.Equal(t, "some command", actions[0].Extras["command"])
+	require.Equal(t, "a parameter", actions[0].Extras["some_param"])
+
+	// Headers with dashes
+	actions, err = parseActions("action=http, label=Send request, url=http://example.com, method=GET, headers.Content-Type=application/json, headers.Authorization=Basic sdasffsf")
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, "Send request", actions[0].Label)
+	require.Equal(t, 2, len(actions[0].Headers))
+	require.Equal(t, "application/json", actions[0].Headers["Content-Type"])
+	require.Equal(t, "Basic sdasffsf", actions[0].Headers["Authorization"])
+
+	// Quotes
+	actions, err = parseActions(`action=http, "Look ma, \"quotes\"; and semicolons", url=http://example.com`)
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, `Look ma, "quotes"; and semicolons`, actions[0].Label)
+	require.Equal(t, `http://example.com`, actions[0].URL)
+
+	// Single quotes
+	actions, err = parseActions(`action=http, '"quotes" and \'single quotes\'', url=http://example.com`)
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, `"quotes" and 'single quotes'`, actions[0].Label)
+	require.Equal(t, `http://example.com`, actions[0].URL)
+
+	// Single quotes (JSON)
+	actions, err = parseActions(`action=http, Post it, url=http://example.com, body='{"temperature": 65}'`)
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, "Post it", actions[0].Label)
+	require.Equal(t, `http://example.com`, actions[0].URL)
+	require.Equal(t, `{"temperature": 65}`, actions[0].Body)
+
+	// Out of order
+	actions, err = parseActions(`label="Out of order!" , action="http", url=http://example.com`)
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, `Out of order!`, actions[0].Label)
+	require.Equal(t, `http://example.com`, actions[0].URL)
+
+	// Spaces
+	actions, err = parseActions(`action = http, label = 'this is a label', url = "http://google.com"`)
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, `this is a label`, actions[0].Label)
+	require.Equal(t, `http://google.com`, actions[0].URL)
+
+	// Non-ASCII
+	actions, err = parseActions(`action = http, 'Кохайтеся а не воюйте, 💙🫤', url = "http://google.com"`)
+	require.Nil(t, err)
+	require.Equal(t, 1, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, `Кохайтеся а не воюйте, 💙🫤`, actions[0].Label)
+	require.Equal(t, `http://google.com`, actions[0].URL)
+
+	// Multiple actions, awkward spacing
+	actions, err = parseActions(`http , 'Make love, not war 💙🫤' , https://ntfy.sh ; view, " yo ", https://x.org, clear=true`)
+	require.Nil(t, err)
+	require.Equal(t, 2, len(actions))
+	require.Equal(t, "http", actions[0].Action)
+	require.Equal(t, `Make love, not war 💙🫤`, actions[0].Label)
+	require.Equal(t, `https://ntfy.sh`, actions[0].URL)
+	require.Equal(t, false, actions[0].Clear)
+	require.Equal(t, "view", actions[1].Action)
+	require.Equal(t, " yo ", actions[1].Label)
+	require.Equal(t, `https://x.org`, actions[1].URL)
+	require.Equal(t, true, actions[1].Clear)
+
+	// Invalid syntax
+	_, err = parseActions(`label="Out of order!" x, action="http", url=http://example.com`)
+	require.EqualError(t, err, "unexpected character 'x' at position 22")
+
+	_, err = parseActions(`label="", action="http", url=http://example.com`)
+	require.EqualError(t, err, "parameter 'label' is required")
+
+	_, err = parseActions(`label=, action="http", url=http://example.com`)
+	require.EqualError(t, err, "parameter 'label' is required")
+
+	_, err = parseActions(`label="xx", action="http", url=http://example.com, what is this anyway`)
+	require.EqualError(t, err, "term 'what is this anyway' unknown")
+
+	_, err = parseActions(`fdsfdsf`)
+	require.EqualError(t, err, "parameter 'action' cannot be 'fdsfdsf', valid values are 'view', 'broadcast' and 'http'")
+
+	_, err = parseActions(`aaa=a, "bbb, 'ccc, ddd, eee "`)
+	require.EqualError(t, err, "key 'aaa' unknown")
+
+	_, err = parseActions(`action=http, label="omg the end quote is missing`)
+	require.EqualError(t, err, "unexpected end of input, quote started at position 20")
+
+	_, err = parseActions(`;;;;`)
+	require.EqualError(t, err, "only 3 actions allowed")
+
+	_, err = parseActions(`,,,,,,;;`)
+	require.EqualError(t, err, "term '' unknown")
+
+	_, err = parseActions(`''";,;"`)
+	require.EqualError(t, err, "unexpected character '\"' at position 2")
+
+	_, err = parseActions(`action=http, label=a label, body=somebody`)
+	require.EqualError(t, err, "parameter 'url' is required for action 'http'")
+
+	_, err = parseActions(`action=http, label=a label, url=http://ntfy.sh, method=HEAD, body=somebody`)
+	require.EqualError(t, err, "parameter 'body' cannot be set if method is HEAD")
+
+	_, err = parseActions(`[ invalid json ]`)
+	require.EqualError(t, err, "JSON error: invalid character 'i' looking for beginning of value")
+
+	_, err = parseActions(`[ { "some": "object" } ]`)
+	require.EqualError(t, err, "parameter 'action' cannot be '', valid values are 'view', 'broadcast' and 'http'")
+
+	_, err = parseActions("\x00\x01\xFFx\xFE")
+	require.EqualError(t, err, "invalid utf-8 string")
+
+	_, err = parseActions(`http, label, http://x.org, clear=x`)
+	require.EqualError(t, err, "parameter 'clear' cannot be 'x', only boolean values are allowed (true/yes/1/false/no/0)")
+
+}

server/config.go

@@ -64,6 +64,7 @@ type Config struct {
 	AttachmentExpiryDuration             time.Duration
 	KeepaliveInterval                    time.Duration
 	ManagerInterval                      time.Duration
+	WebRootIsApp                         bool
 	AtSenderInterval                     time.Duration
 	FirebaseKeepaliveInterval            time.Duration
 	SMTPSenderAddr                       string
@@ -87,6 +88,7 @@ type Config struct {
 	VisitorEmailLimitBurst               int
 	VisitorEmailLimitReplenish           time.Duration
 	BehindProxy                          bool
+	EnableWeb                            bool
 }
 
 // NewConfig instantiates a default new server config
@@ -125,5 +127,6 @@ func NewConfig() *Config {
 		VisitorEmailLimitBurst:               DefaultVisitorEmailLimitBurst,
 		VisitorEmailLimitReplenish:           DefaultVisitorEmailLimitReplenish,
 		BehindProxy:                          false,
+		EnableWeb:                            true,
 	}
 }

server/errors.go

@@ -2,6 +2,7 @@ package server
 
 import (
 	"encoding/json"
+	"fmt"
 	"net/http"
 )
 
@@ -22,6 +23,15 @@ func (e errHTTP) JSON() string {
 	return string(b)
 }
 
+func wrapErrHTTP(err *errHTTP, message string, args ...interface{}) *errHTTP {
+	return &errHTTP{
+		Code:     err.Code,
+		HTTPCode: err.HTTPCode,
+		Message:  fmt.Sprintf("%s, %s", err.Message, fmt.Sprintf(message, args...)),
+		Link:     err.Link,
+	}
+}
+
 var (
 	errHTTPBadRequestEmailDisabled                   = &errHTTP{40001, http.StatusBadRequest, "e-mail notifications are not enabled", "https://ntfy.sh/docs/config/#e-mail-notifications"}
 	errHTTPBadRequestDelayNoCache                    = &errHTTP{40002, http.StatusBadRequest, "cannot disable cache for delayed message", ""}
@@ -34,14 +44,18 @@ var (
 	errHTTPBadRequestTopicInvalid                    = &errHTTP{40009, http.StatusBadRequest, "invalid topic: path invalid", ""}
 	errHTTPBadRequestTopicDisallowed                 = &errHTTP{40010, http.StatusBadRequest, "invalid topic: topic name is disallowed", ""}
 	errHTTPBadRequestMessageNotUTF8                  = &errHTTP{40011, http.StatusBadRequest, "invalid message: message must be UTF-8 encoded", ""}
-	errHTTPBadRequestAttachmentTooLarge              = &errHTTP{40012, http.StatusBadRequest, "invalid request: attachment too large, or bandwidth limit reached", ""}
-	errHTTPBadRequestAttachmentURLInvalid            = &errHTTP{40013, http.StatusBadRequest, "invalid request: attachment URL is invalid", ""}
-	errHTTPBadRequestAttachmentsDisallowed           = &errHTTP{40014, http.StatusBadRequest, "invalid request: attachments not allowed", ""}
-	errHTTPBadRequestAttachmentsExpiryBeforeDelivery = &errHTTP{40015, http.StatusBadRequest, "invalid request: attachment expiry before delayed delivery date", ""}
-	errHTTPBadRequestWebSocketsUpgradeHeaderMissing  = &errHTTP{40016, http.StatusBadRequest, "invalid request: client not using the websocket protocol", ""}
+	errHTTPBadRequestAttachmentURLInvalid            = &errHTTP{40013, http.StatusBadRequest, "invalid request: attachment URL is invalid", "https://ntfy.sh/docs/publish/#attachments"}
+	errHTTPBadRequestAttachmentsDisallowed           = &errHTTP{40014, http.StatusBadRequest, "invalid request: attachments not allowed", "https://ntfy.sh/docs/config/#attachments"}
+	errHTTPBadRequestAttachmentsExpiryBeforeDelivery = &errHTTP{40015, http.StatusBadRequest, "invalid request: attachment expiry before delayed delivery date", "https://ntfy.sh/docs/publish/#scheduled-delivery"}
+	errHTTPBadRequestWebSocketsUpgradeHeaderMissing  = &errHTTP{40016, http.StatusBadRequest, "invalid request: client not using the websocket protocol", "https://ntfy.sh/docs/subscribe/api/#websockets"}
+	errHTTPBadRequestJSONInvalid                     = &errHTTP{40017, http.StatusBadRequest, "invalid request: request body must be message JSON", "https://ntfy.sh/docs/publish/#publish-as-json"}
+	errHTTPBadRequestActionsInvalid                  = &errHTTP{40018, http.StatusBadRequest, "invalid request: actions invalid", "https://ntfy.sh/docs/publish/#action-buttons"}
+	errHTTPBadRequestDelayExpected                   = &errHTTP{40019, http.StatusBadRequest, "invalid request: expected delay in request, but none found", ""}
 	errHTTPNotFound                                  = &errHTTP{40401, http.StatusNotFound, "page not found", ""}
+	errHTTPNotFoundMessageDoesNotExist               = &errHTTP{40402, http.StatusNotFound, "message not found", ""}
 	errHTTPUnauthorized                              = &errHTTP{40101, http.StatusUnauthorized, "unauthorized", "https://ntfy.sh/docs/publish/#authentication"}
 	errHTTPForbidden                                 = &errHTTP{40301, http.StatusForbidden, "forbidden", "https://ntfy.sh/docs/publish/#authentication"}
+	errHTTPEntityTooLargeAttachmentTooLarge          = &errHTTP{41301, http.StatusRequestEntityTooLarge, "attachment too large, or bandwidth limit reached", "https://ntfy.sh/docs/publish/#limitations"}
 	errHTTPTooManyRequestsLimitRequests              = &errHTTP{42901, http.StatusTooManyRequests, "limit reached: too many requests, please be nice", "https://ntfy.sh/docs/publish/#limitations"}
 	errHTTPTooManyRequestsLimitEmails                = &errHTTP{42902, http.StatusTooManyRequests, "limit reached: too many emails, please be nice", "https://ntfy.sh/docs/publish/#limitations"}
 	errHTTPTooManyRequestsLimitSubscriptions         = &errHTTP{42903, http.StatusTooManyRequests, "limit reached: too many active subscriptions, please be nice", "https://ntfy.sh/docs/publish/#limitations"}

server/message_cache.go

@@ -2,6 +2,7 @@ package server
 
 import (
 	"database/sql"
+	"encoding/json"
 	"errors"
 	"fmt"
 	_ "github.com/mattn/go-sqlite3" // SQLite driver
@@ -29,6 +30,7 @@ const (
 			priority INT NOT NULL,
 			tags TEXT NOT NULL,
 			click TEXT NOT NULL,
+			actions TEXT NOT NULL,
 			attachment_name TEXT NOT NULL,
 			attachment_type TEXT NOT NULL,
 			attachment_size INT NOT NULL,
@@ -43,41 +45,51 @@ const (
 		COMMIT;
 	`
 	insertMessageQuery = `
-		INSERT INTO messages (mid, time, topic, message, title, priority, tags, click, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding, published) 
-		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+		INSERT INTO messages (mid, time, topic, message, title, priority, tags, click, actions, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding, published) 
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+	`
+	updateMessageQuery = `
+		UPDATE messages 
+		SET time = ?
+		WHERE topic = ? AND mid = ? AND published = 0 
 	`
 	pruneMessagesQuery           = `DELETE FROM messages WHERE time < ? AND published = 1`
 	selectRowIDFromMessageID     = `SELECT id FROM messages WHERE topic = ? AND mid = ?`
 	selectMessagesSinceTimeQuery = `
-		SELECT mid, time, topic, message, title, priority, tags, click, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
+		SELECT mid, time, topic, message, title, priority, tags, click, actions, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
 		FROM messages 
 		WHERE topic = ? AND time >= ? AND published = 1
 		ORDER BY time, id
 	`
 	selectMessagesSinceTimeIncludeScheduledQuery = `
-		SELECT mid, time, topic, message, title, priority, tags, click, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
+		SELECT mid, time, topic, message, title, priority, tags, click, actions, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
 		FROM messages 
 		WHERE topic = ? AND time >= ?
 		ORDER BY time, id
 	`
 	selectMessagesSinceIDQuery = `
-		SELECT mid, time, topic, message, title, priority, tags, click, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
+		SELECT mid, time, topic, message, title, priority, tags, click, actions, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
 		FROM messages 
 		WHERE topic = ? AND id > ? AND published = 1 
 		ORDER BY time, id
 	`
 	selectMessagesSinceIDIncludeScheduledQuery = `
-		SELECT mid, time, topic, message, title, priority, tags, click, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
+		SELECT mid, time, topic, message, title, priority, tags, click, actions, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
 		FROM messages 
 		WHERE topic = ? AND (id > ? OR published = 0)
 		ORDER BY time, id
 	`
 	selectMessagesDueQuery = `
-		SELECT mid, time, topic, message, title, priority, tags, click, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
+		SELECT mid, time, topic, message, title, priority, tags, click, actions, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
 		FROM messages 
 		WHERE time <= ? AND published = 0
 		ORDER BY time, id
 	`
+	selectMessagesScheduledByTagOrID = `
+		SELECT mid, time, topic, message, title, priority, tags, click, actions, attachment_name, attachment_type, attachment_size, attachment_expires, attachment_url, attachment_owner, encoding
+		FROM messages 
+		WHERE topic = ? AND (tags LIKE ? OR mid = ?) AND published = 0
+	`
 	updateMessagePublishedQuery     = `UPDATE messages SET published = 1 WHERE mid = ?`
 	selectMessagesCountQuery        = `SELECT COUNT(*) FROM messages`
 	selectMessageCountForTopicQuery = `SELECT COUNT(*) FROM messages WHERE topic = ?`
@@ -88,7 +100,7 @@ const (
 
 // Schema management queries
 const (
-	currentSchemaVersion          = 5
+	currentSchemaVersion          = 6
 	createSchemaVersionTableQuery = `
 		CREATE TABLE IF NOT EXISTS schemaVersion (
 			id INT PRIMARY KEY,
@@ -166,6 +178,11 @@ const (
 		ALTER TABLE messages_new RENAME TO messages;
 		COMMIT;
 	`
+
+	// 5 -> 6
+	migrate5To6AlterMessagesTableQuery = `
+		ALTER TABLE messages ADD COLUMN actions TEXT NOT NULL DEFAULT('');
+	`
 )
 
 type messageCache struct {
@@ -212,8 +229,7 @@ func createMemoryFilename() string {
 func (c *messageCache) AddMessage(m *message) error {
 	if m.Event != messageEvent {
 		return errUnexpectedMessageType
-	}
-	if c.nop {
+	} else if c.nop {
 		return nil
 	}
 	published := m.Time <= time.Now().Unix()
@@ -228,6 +244,14 @@ func (c *messageCache) AddMessage(m *message) error {
 		attachmentURL = m.Attachment.URL
 		attachmentOwner = m.Attachment.Owner
 	}
+	var actionsStr string
+	if len(m.Actions) > 0 {
+		actionsBytes, err := json.Marshal(m.Actions)
+		if err != nil {
+			return err
+		}
+		actionsStr = string(actionsBytes)
+	}
 	_, err := c.db.Exec(
 		insertMessageQuery,
 		m.ID,
@@ -238,6 +262,7 @@ func (c *messageCache) AddMessage(m *message) error {
 		m.Priority,
 		tags,
 		m.Click,
+		actionsStr,
 		attachmentName,
 		attachmentType,
 		attachmentSize,
@@ -250,6 +275,21 @@ func (c *messageCache) AddMessage(m *message) error {
 	return err
 }
 
+func (c *messageCache) UpdateMessage(m *message) error {
+	if m.Event != messageEvent {
+		return errUnexpectedMessageType
+	} else if c.nop {
+		return nil
+	}
+	_, err := c.db.Exec(
+		updateMessageQuery,
+		m.Time,
+		m.Topic,
+		m.ID,
+	)
+	return err
+}
+
 func (c *messageCache) Messages(topic string, since sinceMarker, scheduled bool) ([]*message, error) {
 	if since.IsNone() {
 		return make([]*message, 0), nil
@@ -355,7 +395,7 @@ func (c *messageCache) Prune(olderThan time.Time) error {
 	return err
 }
 
-func (c *messageCache) AttachmentsSize(owner string) (int64, error) {
+func (c *messageCache) AttachmentBytesUsed(owner string) (int64, error) {
 	rows, err := c.db.Query(selectAttachmentsSizeQuery, owner, time.Now().Unix())
 	if err != nil {
 		return 0, err
@@ -393,13 +433,31 @@ func (c *messageCache) AttachmentsExpired() ([]string, error) {
 	return ids, nil
 }
 
+func (c *messageCache) MessagesScheduledByTagOrID(topic, selector string) ([]*message, error) {
+	rows, err := c.db.Query(selectMessagesScheduledByTagOrID, topic, "%"+selector+"%", selector) // Ugly string matching search first, later match exactly
+	if err != nil {
+		return nil, err
+	}
+	maybeMatchingMessages, err := readMessages(rows)
+	if err != nil {
+		return nil, err
+	}
+	messages := make([]*message, 0)
+	for _, m := range maybeMatchingMessages {
+		if util.InStringList(m.Tags, selector) || m.ID == selector {
+			messages = append(messages, m)
+		}
+	}
+	return messages, nil
+}
+
 func readMessages(rows *sql.Rows) ([]*message, error) {
 	defer rows.Close()
 	messages := make([]*message, 0)
 	for rows.Next() {
 		var timestamp, attachmentSize, attachmentExpires int64
 		var priority int
-		var id, topic, msg, title, tagsStr, click, attachmentName, attachmentType, attachmentURL, attachmentOwner, encoding string
+		var id, topic, msg, title, tagsStr, click, actionsStr, attachmentName, attachmentType, attachmentURL, attachmentOwner, encoding string
 		err := rows.Scan(
 			&id,
 			&timestamp,
@@ -409,6 +467,7 @@ func readMessages(rows *sql.Rows) ([]*message, error) {
 			&priority,
 			&tagsStr,
 			&click,
+			&actionsStr,
 			&attachmentName,
 			&attachmentType,
 			&attachmentSize,
@@ -424,6 +483,12 @@ func readMessages(rows *sql.Rows) ([]*message, error) {
 		if tagsStr != "" {
 			tags = strings.Split(tagsStr, ",")
 		}
+		var actions []*action
+		if actionsStr != "" {
+			if err := json.Unmarshal([]byte(actionsStr), &actions); err != nil {
+				return nil, err
+			}
+		}
 		var att *attachment
 		if attachmentName != "" && attachmentURL != "" {
 			att = &attachment{
@@ -445,6 +510,7 @@ func readMessages(rows *sql.Rows) ([]*message, error) {
 			Priority:   priority,
 			Tags:       tags,
 			Click:      click,
+			Actions:    actions,
 			Attachment: att,
 			Encoding:   encoding,
 		})
@@ -490,6 +556,8 @@ func setupCacheDB(db *sql.DB) error {
 		return migrateFrom3(db)
 	} else if schemaVersion == 4 {
 		return migrateFrom4(db)
+	} else if schemaVersion == 5 {
+		return migrateFrom5(db)
 	}
 	return fmt.Errorf("unexpected schema version found: %d", schemaVersion)
 }
@@ -562,5 +630,16 @@ func migrateFrom4(db *sql.DB) error {
 	if _, err := db.Exec(updateSchemaVersion, 5); err != nil {
 		return err
 	}
+	return migrateFrom5(db)
+}
+
+func migrateFrom5(db *sql.DB) error {
+	log.Print("Migrating cache database schema: from 5 to 6")
+	if _, err := db.Exec(migrate5To6AlterMessagesTableQuery); err != nil {
+		return err
+	}
+	if _, err := db.Exec(updateSchemaVersion, 6); err != nil {
+		return err
+	}
 	return nil // Update this when a new version is added
 }

server/message_cache_test.go

@@ -337,11 +337,11 @@ func testCacheAttachments(t *testing.T, c *messageCache) {
 	require.Equal(t, "https://ntfy.sh/file/aCaRURL.jpg", messages[1].Attachment.URL)
 	require.Equal(t, "1.2.3.4", messages[1].Attachment.Owner)
 
-	size, err := c.AttachmentsSize("1.2.3.4")
+	size, err := c.AttachmentBytesUsed("1.2.3.4")
 	require.Nil(t, err)
 	require.Equal(t, int64(30000), size)
 
-	size, err = c.AttachmentsSize("5.6.7.8")
+	size, err = c.AttachmentBytesUsed("5.6.7.8")
 	require.Nil(t, err)
 	require.Equal(t, int64(0), size)
 

server/server.go

@@ -8,12 +8,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"github.com/emersion/go-smtp"
-	"github.com/gorilla/websocket"
-	"golang.org/x/sync/errgroup"
-	"heckel.io/ntfy/auth"
-	"heckel.io/ntfy/util"
-	"html/template"
 	"io"
 	"log"
 	"net"
@@ -29,6 +23,12 @@ import (
 	"sync"
 	"time"
 	"unicode/utf8"
+
+	"github.com/emersion/go-smtp"
+	"github.com/gorilla/websocket"
+	"golang.org/x/sync/errgroup"
+	"heckel.io/ntfy/auth"
+	"heckel.io/ntfy/util"
 )
 
 // Server is the main server, providing the UI and API for ntfy
@@ -51,45 +51,39 @@ type Server struct {
 	mu           sync.Mutex
 }
 
-type indexPage struct {
-	Topic         string
-	CacheDuration time.Duration
-}
-
 // handleFunc extends the normal http.HandlerFunc to be able to easily return errors
 type handleFunc func(http.ResponseWriter, *http.Request, *visitor) error
 
 var (
 	// If changed, don't forget to update Android App and auth_sqlite.go
-	topicRegex       = regexp.MustCompile(`^[-_A-Za-z0-9]{1,64}$`)  // No /!
-	topicPathRegex   = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}$`) // Regex must match JS & Android app!
-	jsonPathRegex    = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/json$`)
-	ssePathRegex     = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/sse$`)
-	rawPathRegex     = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/raw$`)
-	wsPathRegex      = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/ws$`)
-	authPathRegex    = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/auth$`)
-	publishPathRegex = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/(publish|send|trigger)$`)
+	topicRegex             = regexp.MustCompile(`^[-_A-Za-z0-9]{1,64}$`)  // No /!
+	topicPathRegex         = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}$`) // Regex must match JS & Android app!
+	updatePathRegex        = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}/[^/]+$`)
+	externalTopicPathRegex = regexp.MustCompile(`^/[^/]+\.[^/]+/[-_A-Za-z0-9]{1,64}$`) // Extended topic path, for web-app, e.g. /example.com/mytopic
+	jsonPathRegex          = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/json$`)
+	ssePathRegex           = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/sse$`)
+	rawPathRegex           = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/raw$`)
+	wsPathRegex            = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/ws$`)
+	authPathRegex          = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}(,[-_A-Za-z0-9]{1,64})*/auth$`)
+	publishPathRegex       = regexp.MustCompile(`^/[-_A-Za-z0-9]{1,64}/(publish|send|trigger)$`)
 
+	webConfigPath    = "/config.js"
+	userStatsPath    = "/user/stats"
 	staticRegex      = regexp.MustCompile(`^/static/.+`)
 	docsRegex        = regexp.MustCompile(`^/docs(|/.*)$`)
 	fileRegex        = regexp.MustCompile(`^/file/([-_A-Za-z0-9]{1,64})(?:\.[A-Za-z0-9]{1,16})?$`)
-	disallowedTopics = []string{"docs", "static", "file"} // If updated, also update in Android app
+	disallowedTopics = []string{"docs", "static", "file", "app", "settings"} // If updated, also update in Android app
 	attachURLRegex   = regexp.MustCompile(`^https?://`)
 
-	templateFnMap = template.FuncMap{
-		"durationToHuman": util.DurationToHuman,
-	}
-
-	//go:embed "index.gohtml"
-	indexSource   string
-	indexTemplate = template.Must(template.New("index").Funcs(templateFnMap).Parse(indexSource))
-
 	//go:embed "example.html"
 	exampleSource string
 
-	//go:embed static
-	webStaticFs       embed.FS
-	webStaticFsCached = &util.CachingEmbedFS{ModTime: time.Now(), FS: webStaticFs}
+	//go:embed site
+	webFs        embed.FS
+	webFsCached  = &util.CachingEmbedFS{ModTime: time.Now(), FS: webFs}
+	webSiteDir   = "/site"
+	webHomeIndex = "/home.html" // Landing page, only if "web-root: home"
+	webAppIndex  = "/app.html"  // React app
 
 	//go:embed docs
 	docsStaticFs     embed.FS
@@ -271,25 +265,31 @@ func (s *Server) handle(w http.ResponseWriter, r *http.Request) {
 
 func (s *Server) handleInternal(w http.ResponseWriter, r *http.Request, v *visitor) error {
 	if r.Method == http.MethodGet && r.URL.Path == "/" {
-		return s.handleHome(w, r)
+		return s.ensureWebEnabled(s.handleHome)(w, r, v)
 	} else if r.Method == http.MethodGet && r.URL.Path == "/example.html" {
-		return s.handleExample(w, r)
+		return s.ensureWebEnabled(s.handleExample)(w, r, v)
 	} else if r.Method == http.MethodHead && r.URL.Path == "/" {
-		return s.handleEmpty(w, r, v)
+		return s.ensureWebEnabled(s.handleEmpty)(w, r, v)
+	} else if r.Method == http.MethodGet && r.URL.Path == webConfigPath {
+		return s.ensureWebEnabled(s.handleWebConfig)(w, r, v)
+	} else if r.Method == http.MethodGet && r.URL.Path == userStatsPath {
+		return s.handleUserStats(w, r, v)
 	} else if r.Method == http.MethodGet && staticRegex.MatchString(r.URL.Path) {
-		return s.handleStatic(w, r)
+		return s.ensureWebEnabled(s.handleStatic)(w, r, v)
 	} else if r.Method == http.MethodGet && docsRegex.MatchString(r.URL.Path) {
-		return s.handleDocs(w, r)
+		return s.ensureWebEnabled(s.handleDocs)(w, r, v)
 	} else if r.Method == http.MethodGet && fileRegex.MatchString(r.URL.Path) && s.config.AttachmentCacheDir != "" {
 		return s.limitRequests(s.handleFile)(w, r, v)
 	} else if r.Method == http.MethodOptions {
-		return s.handleOptions(w, r)
-	} else if r.Method == http.MethodGet && topicPathRegex.MatchString(r.URL.Path) {
-		return s.handleTopic(w, r)
+		return s.ensureWebEnabled(s.handleOptions)(w, r, v)
+	} else if (r.Method == http.MethodPut || r.Method == http.MethodPost) && r.URL.Path == "/" {
+		return s.limitRequests(s.transformBodyJSON(s.authWrite(s.handlePublish)))(w, r, v)
 	} else if (r.Method == http.MethodPut || r.Method == http.MethodPost) && topicPathRegex.MatchString(r.URL.Path) {
 		return s.limitRequests(s.authWrite(s.handlePublish))(w, r, v)
 	} else if r.Method == http.MethodGet && publishPathRegex.MatchString(r.URL.Path) {
 		return s.limitRequests(s.authWrite(s.handlePublish))(w, r, v)
+	} else if (r.Method == http.MethodPut || r.Method == http.MethodPost) && updatePathRegex.MatchString(r.URL.Path) {
+		return s.limitRequests(s.authWrite(s.handleUpdate))(w, r, v)
 	} else if r.Method == http.MethodGet && jsonPathRegex.MatchString(r.URL.Path) {
 		return s.limitRequests(s.authRead(s.handleSubscribeJSON))(w, r, v)
 	} else if r.Method == http.MethodGet && ssePathRegex.MatchString(r.URL.Path) {
@@ -300,18 +300,22 @@ func (s *Server) handleInternal(w http.ResponseWriter, r *http.Request, v *visit
 		return s.limitRequests(s.authRead(s.handleSubscribeWS))(w, r, v)
 	} else if r.Method == http.MethodGet && authPathRegex.MatchString(r.URL.Path) {
 		return s.limitRequests(s.authRead(s.handleTopicAuth))(w, r, v)
+	} else if r.Method == http.MethodGet && (topicPathRegex.MatchString(r.URL.Path) || externalTopicPathRegex.MatchString(r.URL.Path)) {
+		return s.ensureWebEnabled(s.handleTopic)(w, r, v)
 	}
 	return errHTTPNotFound
 }
 
-func (s *Server) handleHome(w http.ResponseWriter, r *http.Request) error {
-	return indexTemplate.Execute(w, &indexPage{
-		Topic:         r.URL.Path[1:],
-		CacheDuration: s.config.CacheDuration,
-	})
+func (s *Server) handleHome(w http.ResponseWriter, r *http.Request, v *visitor) error {
+	if s.config.WebRootIsApp {
+		r.URL.Path = webAppIndex
+	} else {
+		r.URL.Path = webHomeIndex
+	}
+	return s.handleStatic(w, r, v)
 }
 
-func (s *Server) handleTopic(w http.ResponseWriter, r *http.Request) error {
+func (s *Server) handleTopic(w http.ResponseWriter, r *http.Request, v *visitor) error {
 	unifiedpush := readBoolParam(r, false, "x-unifiedpush", "unifiedpush", "up") // see PUT/POST too!
 	if unifiedpush {
 		w.Header().Set("Content-Type", "application/json")
@@ -319,7 +323,8 @@ func (s *Server) handleTopic(w http.ResponseWriter, r *http.Request) error {
 		_, err := io.WriteString(w, `{"unifiedpush":{"version":1}}`+"\n")
 		return err
 	}
-	return s.handleHome(w, r)
+	r.URL.Path = webAppIndex
+	return s.handleStatic(w, r, v)
 }
 
 func (s *Server) handleEmpty(_ http.ResponseWriter, _ *http.Request, _ *visitor) error {
@@ -333,18 +338,47 @@ func (s *Server) handleTopicAuth(w http.ResponseWriter, _ *http.Request, _ *visi
 	return err
 }
 
-func (s *Server) handleExample(w http.ResponseWriter, _ *http.Request) error {
+func (s *Server) handleExample(w http.ResponseWriter, _ *http.Request, _ *visitor) error {
 	_, err := io.WriteString(w, exampleSource)
 	return err
 }
 
-func (s *Server) handleStatic(w http.ResponseWriter, r *http.Request) error {
-	http.FileServer(http.FS(webStaticFsCached)).ServeHTTP(w, r)
+func (s *Server) handleWebConfig(w http.ResponseWriter, _ *http.Request, _ *visitor) error {
+	appRoot := "/"
+	if !s.config.WebRootIsApp {
+		appRoot = "/app"
+	}
+	disallowedTopicsStr := `"` + strings.Join(disallowedTopics, `", "`) + `"`
+	w.Header().Set("Content-Type", "text/javascript")
+	_, err := io.WriteString(w, fmt.Sprintf(`// Generated server configuration
+var config = {
+  appRoot: "%s",
+  disallowedTopics: [%s]
+};`, appRoot, disallowedTopicsStr))
+	return err
+}
+
+func (s *Server) handleUserStats(w http.ResponseWriter, r *http.Request, v *visitor) error {
+	stats, err := v.Stats()
+	if err != nil {
+		return err
+	}
+	w.Header().Set("Content-Type", "text/json")
+	w.Header().Set("Access-Control-Allow-Origin", "*") // CORS, allow cross-origin requests
+	if err := json.NewEncoder(w).Encode(stats); err != nil {
+		return err
+	}
 	return nil
 }
 
-func (s *Server) handleDocs(w http.ResponseWriter, r *http.Request) error {
-	http.FileServer(http.FS(docsStaticCached)).ServeHTTP(w, r)
+func (s *Server) handleStatic(w http.ResponseWriter, r *http.Request, _ *visitor) error {
+	r.URL.Path = webSiteDir + r.URL.Path
+	util.Gzip(http.FileServer(http.FS(webFsCached))).ServeHTTP(w, r)
+	return nil
+}
+
+func (s *Server) handleDocs(w http.ResponseWriter, r *http.Request, _ *visitor) error {
+	util.Gzip(http.FileServer(http.FS(docsStaticCached))).ServeHTTP(w, r)
 	return nil
 }
 
@@ -366,6 +400,7 @@ func (s *Server) handleFile(w http.ResponseWriter, r *http.Request, v *visitor)
 		return errHTTPTooManyRequestsAttachmentBandwidthLimit
 	}
 	w.Header().Set("Content-Length", fmt.Sprintf("%d", stat.Size()))
+	w.Header().Set("Access-Control-Allow-Origin", "*") // CORS, allow cross-origin requests
 	f, err := os.Open(file)
 	if err != nil {
 		return err
@@ -380,7 +415,7 @@ func (s *Server) handlePublish(w http.ResponseWriter, r *http.Request, v *visito
 	if err != nil {
 		return err
 	}
-	body, err := util.Peak(r.Body, s.config.MessageLimit)
+	body, err := util.Peek(r.Body, s.config.MessageLimit)
 	if err != nil {
 		return err
 	}
@@ -486,7 +521,7 @@ func (s *Server) parsePublishParams(r *http.Request, v *visitor, m *message) (ca
 			m.Tags = append(m.Tags, strings.TrimSpace(s))
 		}
 	}
-	delayStr := readParam(r, "x-delay", "delay", "x-at", "at", "x-in", "in")
+	delayStr := readDelayParam(r)
 	if delayStr != "" {
 		if !cache {
 			return false, false, "", false, errHTTPBadRequestDelayNoCache
@@ -494,15 +529,18 @@ func (s *Server) parsePublishParams(r *http.Request, v *visitor, m *message) (ca
 		if email != "" {
 			return false, false, "", false, errHTTPBadRequestDelayNoEmail // we cannot store the email address (yet)
 		}
-		delay, err := util.ParseFutureTime(delayStr, time.Now())
+		futureTime, err := s.parseDelay(delayStr)
 		if err != nil {
-			return false, false, "", false, errHTTPBadRequestDelayCannotParse
-		} else if delay.Unix() < time.Now().Add(s.config.MinDelay).Unix() {
-			return false, false, "", false, errHTTPBadRequestDelayTooSmall
-		} else if delay.Unix() > time.Now().Add(s.config.MaxDelay).Unix() {
-			return false, false, "", false, errHTTPBadRequestDelayTooLarge
+			return false, false, "", false, err
+		}
+		m.Time = futureTime
+	}
+	actionsStr := readParam(r, "x-actions", "actions", "action")
+	if actionsStr != "" {
+		m.Actions, err = parseActions(actionsStr)
+		if err != nil {
+			return false, false, "", false, wrapErrHTTP(errHTTPBadRequestActionsInvalid, err.Error())
 		}
-		m.Time = delay.Unix()
 	}
 	unifiedpush = readBoolParam(r, false, "x-unifiedpush", "unifiedpush", "up") // see GET too!
 	if unifiedpush {
@@ -512,6 +550,22 @@ func (s *Server) parsePublishParams(r *http.Request, v *visitor, m *message) (ca
 	return cache, firebase, email, unifiedpush, nil
 }
 
+func readDelayParam(r *http.Request) string {
+	return readParam(r, "x-delay", "delay", "x-at", "at", "x-in", "in")
+}
+
+func (s *Server) parseDelay(delayStr string) (int64, error) {
+	futureTime, err := util.ParseFutureTime(delayStr, time.Now())
+	if err != nil {
+		return 0, errHTTPBadRequestDelayCannotParse
+	} else if futureTime.Unix() < time.Now().Add(s.config.MinDelay).Unix() {
+		return 0, errHTTPBadRequestDelayTooSmall
+	} else if futureTime.Unix() > time.Now().Add(s.config.MaxDelay).Unix() {
+		return 0, errHTTPBadRequestDelayTooLarge
+	}
+	return futureTime.Unix(), nil
+}
+
 // handlePublishBody consumes the PUT/POST body and decides whether the body is an attachment or the message.
 //
 // 1. curl -T somebinarydata.bin "ntfy.sh/mytopic?up=1"
@@ -524,35 +578,35 @@ func (s *Server) parsePublishParams(r *http.Request, v *visitor, m *message) (ca
 //    If file.txt is <= 4096 (message limit) and valid UTF-8, treat it as a message
 // 5. curl -T file.txt ntfy.sh/mytopic
 //    If file.txt is > message limit, treat it as an attachment
-func (s *Server) handlePublishBody(r *http.Request, v *visitor, m *message, body *util.PeakedReadCloser, unifiedpush bool) error {
+func (s *Server) handlePublishBody(r *http.Request, v *visitor, m *message, body *util.PeekedReadCloser, unifiedpush bool) error {
 	if unifiedpush {
 		return s.handleBodyAsMessageAutoDetect(m, body) // Case 1
 	} else if m.Attachment != nil && m.Attachment.URL != "" {
 		return s.handleBodyAsTextMessage(m, body) // Case 2
 	} else if m.Attachment != nil && m.Attachment.Name != "" {
 		return s.handleBodyAsAttachment(r, v, m, body) // Case 3
-	} else if !body.LimitReached && utf8.Valid(body.PeakedBytes) {
+	} else if !body.LimitReached && utf8.Valid(body.PeekedBytes) {
 		return s.handleBodyAsTextMessage(m, body) // Case 4
 	}
 	return s.handleBodyAsAttachment(r, v, m, body) // Case 5
 }
 
-func (s *Server) handleBodyAsMessageAutoDetect(m *message, body *util.PeakedReadCloser) error {
-	if utf8.Valid(body.PeakedBytes) {
-		m.Message = string(body.PeakedBytes) // Do not trim
+func (s *Server) handleBodyAsMessageAutoDetect(m *message, body *util.PeekedReadCloser) error {
+	if utf8.Valid(body.PeekedBytes) {
+		m.Message = string(body.PeekedBytes) // Do not trim
 	} else {
-		m.Message = base64.StdEncoding.EncodeToString(body.PeakedBytes)
+		m.Message = base64.StdEncoding.EncodeToString(body.PeekedBytes)
 		m.Encoding = encodingBase64
 	}
 	return nil
 }
 
-func (s *Server) handleBodyAsTextMessage(m *message, body *util.PeakedReadCloser) error {
-	if !utf8.Valid(body.PeakedBytes) {
+func (s *Server) handleBodyAsTextMessage(m *message, body *util.PeekedReadCloser) error {
+	if !utf8.Valid(body.PeekedBytes) {
 		return errHTTPBadRequestMessageNotUTF8
 	}
-	if len(body.PeakedBytes) > 0 { // Empty body should not override message (publish via GET!)
-		m.Message = strings.TrimSpace(string(body.PeakedBytes)) // Truncates the message to the peak limit if required
+	if len(body.PeekedBytes) > 0 { // Empty body should not override message (publish via GET!)
+		m.Message = strings.TrimSpace(string(body.PeekedBytes)) // Truncates the message to the peek limit if required
 	}
 	if m.Attachment != nil && m.Attachment.Name != "" && m.Message == "" {
 		m.Message = fmt.Sprintf(defaultAttachmentMessage, m.Attachment.Name)
@@ -560,22 +614,21 @@ func (s *Server) handleBodyAsTextMessage(m *message, body *util.PeakedReadCloser
 	return nil
 }
 
-func (s *Server) handleBodyAsAttachment(r *http.Request, v *visitor, m *message, body *util.PeakedReadCloser) error {
+func (s *Server) handleBodyAsAttachment(r *http.Request, v *visitor, m *message, body *util.PeekedReadCloser) error {
 	if s.fileCache == nil || s.config.BaseURL == "" || s.config.AttachmentCacheDir == "" {
 		return errHTTPBadRequestAttachmentsDisallowed
 	} else if m.Time > time.Now().Add(s.config.AttachmentExpiryDuration).Unix() {
 		return errHTTPBadRequestAttachmentsExpiryBeforeDelivery
 	}
-	visitorAttachmentsSize, err := s.messageCache.AttachmentsSize(v.ip)
+	visitorStats, err := v.Stats()
 	if err != nil {
 		return err
 	}
-	remainingVisitorAttachmentSize := s.config.VisitorAttachmentTotalSizeLimit - visitorAttachmentsSize
 	contentLengthStr := r.Header.Get("Content-Length")
 	if contentLengthStr != "" { // Early "do-not-trust" check, hard limit see below
 		contentLength, err := strconv.ParseInt(contentLengthStr, 10, 64)
-		if err == nil && (contentLength > remainingVisitorAttachmentSize || contentLength > s.config.AttachmentFileSizeLimit) {
-			return errHTTPBadRequestAttachmentTooLarge
+		if err == nil && (contentLength > visitorStats.VisitorAttachmentBytesRemaining || contentLength > s.config.AttachmentFileSizeLimit) {
+			return errHTTPEntityTooLargeAttachmentTooLarge
 		}
 	}
 	if m.Attachment == nil {
@@ -584,7 +637,7 @@ func (s *Server) handleBodyAsAttachment(r *http.Request, v *visitor, m *message,
 	var ext string
 	m.Attachment.Owner = v.ip // Important for attachment rate limiting
 	m.Attachment.Expires = time.Now().Add(s.config.AttachmentExpiryDuration).Unix()
-	m.Attachment.Type, ext = util.DetectContentType(body.PeakedBytes, m.Attachment.Name)
+	m.Attachment.Type, ext = util.DetectContentType(body.PeekedBytes, m.Attachment.Name)
 	m.Attachment.URL = fmt.Sprintf("%s/file/%s%s", s.config.BaseURL, m.ID, ext)
 	if m.Attachment.Name == "" {
 		m.Attachment.Name = fmt.Sprintf("attachment%s", ext)
@@ -592,15 +645,55 @@ func (s *Server) handleBodyAsAttachment(r *http.Request, v *visitor, m *message,
 	if m.Message == "" {
 		m.Message = fmt.Sprintf(defaultAttachmentMessage, m.Attachment.Name)
 	}
-	m.Attachment.Size, err = s.fileCache.Write(m.ID, body, v.BandwidthLimiter(), util.NewFixedLimiter(remainingVisitorAttachmentSize))
+	m.Attachment.Size, err = s.fileCache.Write(m.ID, body, v.BandwidthLimiter(), util.NewFixedLimiter(visitorStats.VisitorAttachmentBytesRemaining))
 	if err == util.ErrLimitReached {
-		return errHTTPBadRequestAttachmentTooLarge
+		return errHTTPEntityTooLargeAttachmentTooLarge
 	} else if err != nil {
 		return err
 	}
 	return nil
 }
 
+func (s *Server) handleUpdate(w http.ResponseWriter, r *http.Request, v *visitor) error {
+	// Parse updatable params
+	parts := strings.Split(r.URL.Path, "/")
+	if len(parts) < 3 {
+		return errHTTPBadRequestTopicInvalid
+	}
+	t := parts[1]
+	selector := parts[2]
+	delayStr := readDelayParam(r)
+	if delayStr == "" {
+		return errHTTPBadRequestDelayExpected
+	}
+	futureTime, err := s.parseDelay(delayStr)
+	if err != nil {
+		return err
+	}
+
+	// Update matching message(s) and print them
+	messages, err := s.messageCache.MessagesScheduledByTagOrID(t, selector)
+	if err != nil {
+		return err
+	} else if len(messages) == 0 {
+		return s.handlePublish(w, r, v) // If no messages found, publish a new one!
+	}
+	for _, m := range messages {
+		m.Time = futureTime
+		if err := s.messageCache.UpdateMessage(m); err != nil {
+			return err
+		}
+	}
+	w.Header().Set("Content-Type", "application/json")
+	w.Header().Set("Access-Control-Allow-Origin", "*") // CORS, allow cross-origin requests
+	for _, m := range messages {
+		if err := json.NewEncoder(w).Encode(m); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 func (s *Server) handleSubscribeJSON(w http.ResponseWriter, r *http.Request, v *visitor) error {
 	encoder := func(msg *message) (string, error) {
 		var buf bytes.Buffer
@@ -702,7 +795,7 @@ func (s *Server) handleSubscribeHTTP(w http.ResponseWriter, r *http.Request, v *
 }
 
 func (s *Server) handleSubscribeWS(w http.ResponseWriter, r *http.Request, v *visitor) error {
-	if r.Header.Get("Upgrade") != "websocket" {
+	if strings.ToLower(r.Header.Get("Upgrade")) != "websocket" {
 		return errHTTPBadRequestWebSocketsUpgradeHeaderMissing
 	}
 	if err := v.SubscriptionAllowed(); err != nil {
@@ -867,9 +960,10 @@ func parseSince(r *http.Request, poll bool) (sinceMarker, error) {
 	return sinceNoMessages, errHTTPBadRequestSinceInvalid
 }
 
-func (s *Server) handleOptions(w http.ResponseWriter, _ *http.Request) error {
-	w.Header().Set("Access-Control-Allow-Origin", "*") // CORS, allow cross-origin requests
+func (s *Server) handleOptions(w http.ResponseWriter, _ *http.Request, _ *visitor) error {
 	w.Header().Set("Access-Control-Allow-Methods", "GET, PUT, POST")
+	w.Header().Set("Access-Control-Allow-Origin", "*")  // CORS, allow cross-origin requests
+	w.Header().Set("Access-Control-Allow-Headers", "*") // CORS, allow auth via JS // FIXME is this terrible?
 	return nil
 }
 
@@ -1080,6 +1174,71 @@ func (s *Server) limitRequests(next handleFunc) handleFunc {
 	}
 }
 
+func (s *Server) ensureWebEnabled(next handleFunc) handleFunc {
+	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
+		if !s.config.EnableWeb {
+			return errHTTPNotFound
+		}
+		return next(w, r, v)
+	}
+}
+
+// transformBodyJSON peeks the request body, reads the JSON, and converts it to headers
+// before passing it on to the next handler. This is meant to be used in combination with handlePublish.
+func (s *Server) transformBodyJSON(next handleFunc) handleFunc {
+	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
+		body, err := util.Peek(r.Body, s.config.MessageLimit)
+		if err != nil {
+			return err
+		}
+		defer r.Body.Close()
+		var m publishMessage
+		if err := json.NewDecoder(body).Decode(&m); err != nil {
+			return errHTTPBadRequestJSONInvalid
+		}
+		if !topicRegex.MatchString(m.Topic) {
+			return errHTTPBadRequestTopicInvalid
+		}
+		if m.Message == "" {
+			m.Message = emptyMessageBody
+		}
+		r.URL.Path = "/" + m.Topic
+		r.Body = io.NopCloser(strings.NewReader(m.Message))
+		if m.Title != "" {
+			r.Header.Set("X-Title", m.Title)
+		}
+		if m.Priority != 0 {
+			r.Header.Set("X-Priority", fmt.Sprintf("%d", m.Priority))
+		}
+		if m.Tags != nil && len(m.Tags) > 0 {
+			r.Header.Set("X-Tags", strings.Join(m.Tags, ","))
+		}
+		if m.Attach != "" {
+			r.Header.Set("X-Attach", m.Attach)
+		}
+		if m.Filename != "" {
+			r.Header.Set("X-Filename", m.Filename)
+		}
+		if m.Click != "" {
+			r.Header.Set("X-Click", m.Click)
+		}
+		if len(m.Actions) > 0 {
+			actionsStr, err := json.Marshal(m.Actions)
+			if err != nil {
+				return errHTTPBadRequestJSONInvalid
+			}
+			r.Header.Set("X-Actions", string(actionsStr))
+		}
+		if m.Email != "" {
+			r.Header.Set("X-Email", m.Email)
+		}
+		if m.Delay != "" {
+			r.Header.Set("X-Delay", m.Delay)
+		}
+		return next(w, r, v)
+	}
+}
+
 func (s *Server) authWrite(next handleFunc) handleFunc {
 	return s.withAuth(next, auth.PermissionWrite)
 }
@@ -1098,7 +1257,7 @@ func (s *Server) withAuth(next handleFunc, perm auth.Permission) handleFunc {
 			return err
 		}
 		var user *auth.User // may stay nil if no auth header!
-		username, password, ok := r.BasicAuth()
+		username, password, ok := extractUserPass(r)
 		if ok {
 			if user, err = s.auth.Authenticate(username, password); err != nil {
 				log.Printf("authentication failed: %s", err.Error())
@@ -1115,6 +1274,27 @@ func (s *Server) withAuth(next handleFunc, perm auth.Permission) handleFunc {
 	}
 }
 
+// extractUserPass reads the username/password from the basic auth header (Authorization: Basic ...),
+// or from the ?auth=... query param. The latter is required only to support the WebSocket JavaScript
+// class, which does not support passing headers during the initial request. The auth query param
+// is effectively double base64 encoded. Its format is base64(Basic base64(user:pass)).
+func extractUserPass(r *http.Request) (username string, password string, ok bool) {
+	username, password, ok = r.BasicAuth()
+	if ok {
+		return
+	}
+	authParam := readQueryParam(r, "authorization", "auth")
+	if authParam != "" {
+		a, err := base64.RawURLEncoding.DecodeString(authParam)
+		if err != nil {
+			return
+		}
+		r.Header.Set("Authorization", string(a))
+		return r.BasicAuth()
+	}
+	return
+}
+
 // visitor creates or retrieves a rate.Limiter for the given visitor.
 // This function was taken from https://www.alexedwards.net/blog/how-to-rate-limit-http-requests (MIT).
 func (s *Server) visitor(r *http.Request) *visitor {
@@ -1130,7 +1310,7 @@ func (s *Server) visitor(r *http.Request) *visitor {
 	}
 	v, exists := s.visitors[ip]
 	if !exists {
-		s.visitors[ip] = newVisitor(s.config, ip)
+		s.visitors[ip] = newVisitor(s.config, s.messageCache, ip)
 		return s.visitors[ip]
 	}
 	v.Keepalive()

server/server.yml

@@ -1,4 +1,7 @@
 # ntfy server config file
+#
+# Please refer to the documentation at https://ntfy.sh/docs/config/ for details.
+# All options also support underscores (_) instead of dashes (-) to comply with the YAML spec.
 
 # Public facing base URL of the service (e.g. https://ntfy.sh or https://ntfy.example.com)
 # This setting is currently only used by the attachments and e-mail sending feature (outgoing mail only).
@@ -126,6 +129,12 @@
 #
 # manager-interval: "1m"
 
+# Defines if the root route (/) is pointing to the landing page (as on ntfy.sh) or the
+# web app. If you self-host, you don't want to change this.
+# Can be "app" (default), "home" or "disable" to disable the web app entirely.
+#
+# web-root: app
+
 # Rate limiting: Total number of topics before the server rejects new topics.
 #
 # global-topic-limit: 15000

server/server_firebase.go

@@ -81,6 +81,13 @@ func toFirebaseMessage(m *message, auther auth.Auther) (*messaging.Message, erro
 				"message":  m.Message,
 				"encoding": m.Encoding,
 			}
+			if len(m.Actions) > 0 {
+				actions, err := json.Marshal(m.Actions)
+				if err != nil {
+					return nil, err
+				}
+				data["actions"] = string(actions)
+			}
 			if m.Attachment != nil {
 				data["attachment_name"] = m.Attachment.Name
 				data["attachment_type"] = m.Attachment.Type

server/server_test.go

@@ -6,9 +6,6 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
-	"github.com/stretchr/testify/require"
-	"heckel.io/ntfy/auth"
-	"heckel.io/ntfy/util"
 	"math/rand"
 	"net/http"
 	"net/http/httptest"
@@ -18,6 +15,10 @@ import (
 	"sync"
 	"testing"
 	"time"
+
+	"github.com/stretchr/testify/require"
+	"heckel.io/ntfy/auth"
+	"heckel.io/ntfy/util"
 )
 
 func TestServer_PublishAndPoll(t *testing.T) {
@@ -146,9 +147,9 @@ func TestServer_StaticSites(t *testing.T) {
 
 	rr = request(t, s, "GET", "/mytopic", "", nil)
 	require.Equal(t, 200, rr.Code)
-	require.Contains(t, rr.Body.String(), `<meta name="robots" content="noindex, nofollow" />`)
+	require.Contains(t, rr.Body.String(), `<meta name="robots" content="noindex, nofollow"/>`)
 
-	rr = request(t, s, "GET", "/static/css/app.css", "", nil)
+	rr = request(t, s, "GET", "/static/css/home.css", "", nil)
 	require.Equal(t, 200, rr.Code)
 	require.Contains(t, rr.Body.String(), `html, body {`)
 
@@ -162,6 +163,40 @@ func TestServer_StaticSites(t *testing.T) {
 	require.Contains(t, rr.Body.String(), "</html>")
 }
 
+func TestServer_WebEnabled(t *testing.T) {
+	conf := newTestConfig(t)
+	conf.EnableWeb = false
+	s := newTestServer(t, conf)
+
+	rr := request(t, s, "GET", "/", "", nil)
+	require.Equal(t, 404, rr.Code)
+
+	rr = request(t, s, "GET", "/example.html", "", nil)
+	require.Equal(t, 404, rr.Code)
+
+	rr = request(t, s, "GET", "/config.js", "", nil)
+	require.Equal(t, 404, rr.Code)
+
+	rr = request(t, s, "GET", "/static/css/home.css", "", nil)
+	require.Equal(t, 404, rr.Code)
+
+	conf2 := newTestConfig(t)
+	conf2.EnableWeb = true
+	s2 := newTestServer(t, conf2)
+
+	rr = request(t, s2, "GET", "/", "", nil)
+	require.Equal(t, 200, rr.Code)
+
+	rr = request(t, s2, "GET", "/example.html", "", nil)
+	require.Equal(t, 200, rr.Code)
+
+	rr = request(t, s2, "GET", "/config.js", "", nil)
+	require.Equal(t, 200, rr.Code)
+
+	rr = request(t, s2, "GET", "/static/css/home.css", "", nil)
+	require.Equal(t, 200, rr.Code)
+}
+
 func TestServer_PublishLargeMessage(t *testing.T) {
 	c := newTestConfig(t)
 	c.AttachmentCacheDir = "" // Disable attachments
@@ -203,6 +238,14 @@ func TestServer_PublishPriority(t *testing.T) {
 	require.Equal(t, 40007, toHTTPError(t, response.Body.String()).Code)
 }
 
+func TestServer_PublishGETOnlyOneTopic(t *testing.T) {
+	// This tests a bug that allowed publishing topics with a comma in the name (no ticket)
+
+	s := newTestServer(t, newTestConfig(t))
+	response := request(t, s, "GET", "/mytopic,mytopic2/publish?m=hi", "", nil)
+	require.Equal(t, 404, response.Code)
+}
+
 func TestServer_PublishNoCache(t *testing.T) {
 	s := newTestServer(t, newTestConfig(t))
 
@@ -654,6 +697,25 @@ func TestServer_Auth_Fail_CannotPublish(t *testing.T) {
 	require.Equal(t, 403, response.Code) // Anonymous read not allowed
 }
 
+func TestServer_Auth_ViaQuery(t *testing.T) {
+	c := newTestConfig(t)
+	c.AuthFile = filepath.Join(t.TempDir(), "user.db")
+	c.AuthDefaultRead = false
+	c.AuthDefaultWrite = false
+	s := newTestServer(t, c)
+
+	manager := s.auth.(auth.Manager)
+	require.Nil(t, manager.AddUser("ben", "some pass", auth.RoleAdmin))
+
+	u := fmt.Sprintf("/mytopic/json?poll=1&auth=%s", base64.RawURLEncoding.EncodeToString([]byte(basicAuth("ben:some pass"))))
+	response := request(t, s, "GET", u, "", nil)
+	require.Equal(t, 200, response.Code)
+
+	u = fmt.Sprintf("/mytopic/json?poll=1&auth=%s", base64.RawURLEncoding.EncodeToString([]byte(basicAuth("ben:WRONNNGGGG"))))
+	response = request(t, s, "GET", u, "", nil)
+	require.Equal(t, 401, response.Code)
+}
+
 /*
 func TestServer_Curl_Publish_Poll(t *testing.T) {
 	s, port := test.StartServer(t)
@@ -687,6 +749,12 @@ func (t *testMailer) Send(from, to string, m *message) error {
 	return nil
 }
 
+func (t *testMailer) Count() int {
+	t.mu.Lock()
+	defer t.mu.Unlock()
+	return t.count
+}
+
 func TestServer_PublishTooRequests_Defaults(t *testing.T) {
 	s := newTestServer(t, newTestConfig(t))
 	for i := 0; i < 60; i++ {
@@ -843,6 +911,103 @@ func TestServer_PublishUnifiedPushText(t *testing.T) {
 	require.Equal(t, "this is a unifiedpush text message", m.Message)
 }
 
+func TestServer_PublishActions_AndPoll(t *testing.T) {
+	s := newTestServer(t, newTestConfig(t))
+	response := request(t, s, "PUT", "/mytopic", "my message", map[string]string{
+		"Actions": "view, Open portal, https://home.nest.com/; http, Turn down, https://api.nest.com/device/XZ1D2, body=target_temp_f=65",
+	})
+	require.Equal(t, 200, response.Code)
+
+	response = request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
+	require.Equal(t, 200, response.Code)
+	m := toMessage(t, response.Body.String())
+	require.Equal(t, 2, len(m.Actions))
+	require.Equal(t, "view", m.Actions[0].Action)
+	require.Equal(t, "Open portal", m.Actions[0].Label)
+	require.Equal(t, "https://home.nest.com/", m.Actions[0].URL)
+	require.Equal(t, "http", m.Actions[1].Action)
+	require.Equal(t, "Turn down", m.Actions[1].Label)
+	require.Equal(t, "https://api.nest.com/device/XZ1D2", m.Actions[1].URL)
+	require.Equal(t, "target_temp_f=65", m.Actions[1].Body)
+}
+
+func TestServer_PublishAsJSON(t *testing.T) {
+	s := newTestServer(t, newTestConfig(t))
+	body := `{"topic":"mytopic","message":"A message","title":"a title\nwith lines","tags":["tag1","tag 2"],` +
+		`"not-a-thing":"ok", "attach":"http://google.com","filename":"google.pdf", "click":"http://ntfy.sh","priority":4,` +
+		`"delay":"30min"}`
+	response := request(t, s, "PUT", "/", body, nil)
+	require.Equal(t, 200, response.Code)
+
+	m := toMessage(t, response.Body.String())
+	require.Equal(t, "mytopic", m.Topic)
+	require.Equal(t, "A message", m.Message)
+	require.Equal(t, "a title\nwith lines", m.Title)
+	require.Equal(t, []string{"tag1", "tag 2"}, m.Tags)
+	require.Equal(t, "http://google.com", m.Attachment.URL)
+	require.Equal(t, "google.pdf", m.Attachment.Name)
+	require.Equal(t, "http://ntfy.sh", m.Click)
+	require.Equal(t, 4, m.Priority)
+	require.True(t, m.Time > time.Now().Unix()+29*60)
+	require.True(t, m.Time < time.Now().Unix()+31*60)
+}
+
+func TestServer_PublishAsJSON_WithEmail(t *testing.T) {
+	mailer := &testMailer{}
+	s := newTestServer(t, newTestConfig(t))
+	s.mailer = mailer
+	body := `{"topic":"mytopic","message":"A message","email":"phil@example.com"}`
+	response := request(t, s, "PUT", "/", body, nil)
+	require.Equal(t, 200, response.Code)
+
+	m := toMessage(t, response.Body.String())
+	require.Equal(t, "mytopic", m.Topic)
+	require.Equal(t, "A message", m.Message)
+	require.Equal(t, 1, mailer.Count())
+}
+
+func TestServer_PublishAsJSON_WithActions(t *testing.T) {
+	s := newTestServer(t, newTestConfig(t))
+	body := `{
+		"topic":"mytopic",
+		"message":"A message",
+		"actions": [
+			  {
+				"action": "view",
+				"label": "Open portal",
+				"url": "https://home.nest.com/"
+			  },
+			  {
+				"action": "http",
+				"label": "Turn down",
+				"url": "https://api.nest.com/device/XZ1D2",
+				"body": "target_temp_f=65"
+			  }
+		]
+	}`
+	response := request(t, s, "POST", "/", body, nil)
+	require.Equal(t, 200, response.Code)
+
+	m := toMessage(t, response.Body.String())
+	require.Equal(t, "mytopic", m.Topic)
+	require.Equal(t, "A message", m.Message)
+	require.Equal(t, 2, len(m.Actions))
+	require.Equal(t, "view", m.Actions[0].Action)
+	require.Equal(t, "Open portal", m.Actions[0].Label)
+	require.Equal(t, "https://home.nest.com/", m.Actions[0].URL)
+	require.Equal(t, "http", m.Actions[1].Action)
+	require.Equal(t, "Turn down", m.Actions[1].Label)
+	require.Equal(t, "https://api.nest.com/device/XZ1D2", m.Actions[1].URL)
+	require.Equal(t, "target_temp_f=65", m.Actions[1].Body)
+}
+
+func TestServer_PublishAsJSON_Invalid(t *testing.T) {
+	s := newTestServer(t, newTestConfig(t))
+	body := `{"topic":"mytopic",INVALID`
+	response := request(t, s, "PUT", "/", body, nil)
+	require.Equal(t, 400, response.Code)
+}
+
 func TestServer_PublishAttachment(t *testing.T) {
 	content := util.RandomString(5000) // > 4096
 	s := newTestServer(t, newTestConfig(t))
@@ -851,7 +1016,7 @@ func TestServer_PublishAttachment(t *testing.T) {
 	require.Equal(t, "attachment.txt", msg.Attachment.Name)
 	require.Equal(t, "text/plain; charset=utf-8", msg.Attachment.Type)
 	require.Equal(t, int64(5000), msg.Attachment.Size)
-	require.GreaterOrEqual(t, msg.Attachment.Expires, time.Now().Add(3*time.Hour).Unix())
+	require.GreaterOrEqual(t, msg.Attachment.Expires, time.Now().Add(179*time.Minute).Unix()) // Almost 3 hours
 	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
 	require.Equal(t, "", msg.Attachment.Owner) // Should never be returned
 	require.FileExists(t, filepath.Join(s.config.AttachmentCacheDir, msg.ID))
@@ -863,7 +1028,7 @@ func TestServer_PublishAttachment(t *testing.T) {
 	require.Equal(t, content, response.Body.String())
 
 	// Slightly unrelated cross-test: make sure we add an owner for internal attachments
-	size, err := s.messageCache.AttachmentsSize("9.9.9.9") // See request()
+	size, err := s.messageCache.AttachmentBytesUsed("9.9.9.9") // See request()
 	require.Nil(t, err)
 	require.Equal(t, int64(5000), size)
 }
@@ -892,7 +1057,7 @@ func TestServer_PublishAttachmentShortWithFilename(t *testing.T) {
 	require.Equal(t, content, response.Body.String())
 
 	// Slightly unrelated cross-test: make sure we add an owner for internal attachments
-	size, err := s.messageCache.AttachmentsSize("1.2.3.4")
+	size, err := s.messageCache.AttachmentBytesUsed("1.2.3.4")
 	require.Nil(t, err)
 	require.Equal(t, int64(21), size)
 }
@@ -912,7 +1077,7 @@ func TestServer_PublishAttachmentExternalWithoutFilename(t *testing.T) {
 	require.Equal(t, "", msg.Attachment.Owner)
 
 	// Slightly unrelated cross-test: make sure we don't add an owner for external attachments
-	size, err := s.messageCache.AttachmentsSize("127.0.0.1")
+	size, err := s.messageCache.AttachmentBytesUsed("127.0.0.1")
 	require.Nil(t, err)
 	require.Equal(t, int64(0), size)
 }
@@ -949,9 +1114,9 @@ func TestServer_PublishAttachmentTooLargeContentLength(t *testing.T) {
 		"Content-Length": "20000000",
 	})
 	err := toHTTPError(t, response.Body.String())
-	require.Equal(t, 400, response.Code)
-	require.Equal(t, 400, err.HTTPCode)
-	require.Equal(t, 40012, err.Code)
+	require.Equal(t, 413, response.Code)
+	require.Equal(t, 413, err.HTTPCode)
+	require.Equal(t, 41301, err.Code)
 }
 
 func TestServer_PublishAttachmentTooLargeBodyAttachmentFileSizeLimit(t *testing.T) {
@@ -961,9 +1126,9 @@ func TestServer_PublishAttachmentTooLargeBodyAttachmentFileSizeLimit(t *testing.
 	s := newTestServer(t, c)
 	response := request(t, s, "PUT", "/mytopic", content, nil)
 	err := toHTTPError(t, response.Body.String())
-	require.Equal(t, 400, response.Code)
-	require.Equal(t, 400, err.HTTPCode)
-	require.Equal(t, 40012, err.Code)
+	require.Equal(t, 413, response.Code)
+	require.Equal(t, 413, err.HTTPCode)
+	require.Equal(t, 41301, err.Code)
 }
 
 func TestServer_PublishAttachmentExpiryBeforeDelivery(t *testing.T) {
@@ -993,9 +1158,9 @@ func TestServer_PublishAttachmentTooLargeBodyVisitorAttachmentTotalSizeLimit(t *
 	content := util.RandomString(5001) // 5000+5001 > , see below
 	response = request(t, s, "PUT", "/mytopic", content, nil)
 	err := toHTTPError(t, response.Body.String())
-	require.Equal(t, 400, response.Code)
-	require.Equal(t, 400, err.HTTPCode)
-	require.Equal(t, 40012, err.Code)
+	require.Equal(t, 413, response.Code)
+	require.Equal(t, 413, err.HTTPCode)
+	require.Equal(t, 41301, err.Code)
 }
 
 func TestServer_PublishAttachmentAndPrune(t *testing.T) {
@@ -1069,8 +1234,32 @@ func TestServer_PublishAttachmentBandwidthLimitUploadOnly(t *testing.T) {
 	// And a failed one
 	response := request(t, s, "PUT", "/mytopic", content, nil)
 	err := toHTTPError(t, response.Body.String())
-	require.Equal(t, 400, response.Code)
-	require.Equal(t, 40012, err.Code)
+	require.Equal(t, 413, response.Code)
+	require.Equal(t, 41301, err.Code)
+}
+
+func TestServer_PublishAttachmentUserStats(t *testing.T) {
+	content := util.RandomString(4999) // > 4096
+
+	c := newTestConfig(t)
+	c.AttachmentFileSizeLimit = 5000
+	c.VisitorAttachmentTotalSizeLimit = 6000
+	s := newTestServer(t, c)
+
+	// Upload one attachment
+	response := request(t, s, "PUT", "/mytopic", content, nil)
+	msg := toMessage(t, response.Body.String())
+	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
+
+	// User stats
+	response = request(t, s, "GET", "/user/stats", "", nil)
+	require.Equal(t, 200, response.Code)
+	var stats visitorStats
+	require.Nil(t, json.NewDecoder(strings.NewReader(response.Body.String())).Decode(&stats))
+	require.Equal(t, int64(5000), stats.AttachmentFileSizeLimit)
+	require.Equal(t, int64(6000), stats.VisitorAttachmentBytesTotal)
+	require.Equal(t, int64(4999), stats.VisitorAttachmentBytesUsed)
+	require.Equal(t, int64(1001), stats.VisitorAttachmentBytesRemaining)
 }
 
 func newTestConfig(t *testing.T) *Config {
@@ -1149,7 +1338,7 @@ func firebaseServiceAccountFile(t *testing.T) string {
 		return os.Getenv("NTFY_TEST_FIREBASE_SERVICE_ACCOUNT_FILE")
 	} else if os.Getenv("NTFY_TEST_FIREBASE_SERVICE_ACCOUNT") != "" {
 		filename := filepath.Join(t.TempDir(), "firebase.json")
-		require.NotNil(t, os.WriteFile(filename, []byte(os.Getenv("NTFY_TEST_FIREBASE_SERVICE_ACCOUNT")), 0600))
+		require.NotNil(t, os.WriteFile(filename, []byte(os.Getenv("NTFY_TEST_FIREBASE_SERVICE_ACCOUNT")), 0o600))
 		return filename
 	}
 	t.SkipNow()

server/static/css/app.css

@@ -1,531 +0,0 @@
-/* general styling */
-
-html, body {
-    font-family: 'Roboto', sans-serif;
-    font-weight: 400;
-    font-size: 1.1em;
-    color: #444;
-    margin: 0;
-    padding: 0;
-}
-
-html {
-    /* prevent scrollbar from repositioning website:
-     * https://www.w3docs.com/snippets/css/how-to-prevent-scrollbar-from-repositioning-web-page.html */
-    overflow-y: scroll;
-}
-
-a, a:visited {
-    color: #3a9784;
-}
-
-a:hover {
-    text-decoration: none;
-    color: #317f6f;
-}
-
-h1 {
-    margin-top: 35px;
-    margin-bottom: 30px;
-    font-size: 2.5em;
-    word-wrap: break-word; /* For very long topics */
-    padding-right: 40px; /* For the X on the detail page */
-    font-weight: 300;
-    color: #666;
-}
-
-h2 {
-    margin-top: 30px;
-    margin-bottom: 5px;
-    font-size: 1.8em;
-    font-weight: 300;
-    color: #333;
-}
-
-h3 {
-    margin-top: 25px;
-    margin-bottom: 5px;
-    font-size: 1.3em;
-    font-weight: 300;
-    color: #333;
-}
-
-p {
-    margin-top: 10px;
-    margin-bottom: 20px;
-    line-height: 160%;
-    font-weight: 400;
-}
-
-p.smallMarginBottom {
-    margin-bottom: 10px;
-}
-
-b {
-    font-weight: 500;
-}
-
-tt {
-    background: #eee;
-    padding: 2px 7px;
-    border-radius: 3px;
-}
-
-code {
-    display: block;
-    background: #eee;
-    font-family: monospace;
-    padding: 20px;
-    border-radius: 3px;
-    margin-top: 10px;
-    margin-bottom: 20px;
-    overflow-x: auto;
-    white-space: nowrap;
-}
-
-/* Roboto font, embedded with the help of https://google-webfonts-helper.herokuapp.com/fonts/roboto?subsets=latin */
-
-/* roboto-300 - latin */
-@font-face {
-    font-family: 'Roboto';
-    font-style: normal;
-    font-weight: 300;
-    src: local(''),
-    url('../font/roboto-v29-latin-300.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
-    url('../font/roboto-v29-latin-300.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
-}
-
-/* roboto-regular - latin */
-@font-face {
-    font-family: 'Roboto';
-    font-style: normal;
-    font-weight: 400;
-    src: local(''),
-    url('../font/roboto-v29-latin-regular.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
-    url('../font/roboto-v29-latin-regular.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
-}
-
-/* roboto-500 - latin */
-@font-face {
-    font-family: 'Roboto';
-    font-style: normal;
-    font-weight: 500;
-    src: local(''),
-    url('../font/roboto-v29-latin-500.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
-    url('../font/roboto-v29-latin-500.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
-}
-
-/* Main page */
-
-#main {
-    max-width: 900px;
-    margin: 0 auto 50px auto;
-    padding: 0 10px;
-}
-
-#error {
-    color: darkred;
-    font-style: italic;
-}
-
-#ironicCenterTagDontFreakOut {
-    color: #666;
-}
-
-/* Anchors */
-
-.anchor .anchorLink {
-    color: #ccc;
-    text-decoration: none;
-    padding: 0 5px;
-    visibility: hidden;
-}
-
-.anchor:hover .anchorLink {
-    visibility: visible;
-}
-
-.anchor .anchorLink:hover {
-    color: #3a9784;
-    visibility: visible;
-}
-
-/* Figures */
-
-figure {
-    text-align: center;
-}
-
-figure img, figure video {
-    filter: drop-shadow(3px 3px 3px #ccc);
-    border-radius: 7px;
-    max-width: 100%;
-}
-
-figure video {
-    width: 100%;
-    max-height: 450px;
-}
-
-figcaption {
-    text-align: center;
-    font-style: italic;
-    padding-top: 10px;
-}
-
-/* Screenshots */
-
-#screenshots {
-    text-align: center;
-}
-
-#screenshots img {
-    height: 190px;
-    margin: 3px;
-    border-radius: 5px;
-    filter: drop-shadow(2px 2px 2px #ddd);
-}
-
-#screenshots .nowrap {
-    white-space: nowrap;
-}
-
-/* Lightbox; thanks to https://yossiabramov.com/blog/vanilla-js-lightbox */
-
-.lightbox {
-    opacity: 0;
-    visibility: hidden;
-    position: fixed;
-    left:0;
-    right: 0;
-    top: 0;
-    bottom: 0;
-    z-index: -1;
-    display: flex;
-    align-items: center;
-    justify-content: center;
-    transition: all 0.15s ease-in;
-}
-
-.lightbox.show {
-    background-color: rgba(0,0,0, 0.75);
-    opacity: 1;
-    visibility: visible;
-    z-index: 1000;
-}
-
-.lightbox img {
-    max-width: 90%;
-    max-height: 90%;
-    filter: drop-shadow(5px 5px 10px #222);
-    border-radius: 5px;
-}
-
-.lightbox .close-lightbox {
-    cursor: pointer;
-    position: absolute;
-    top: 30px;
-    right: 30px;
-    width: 20px;
-    height: 20px;
-}
-
-.lightbox .close-lightbox::after,
-.lightbox .close-lightbox::before {
-    content: '';
-    width: 3px;
-    height: 20px;
-    background-color: #ddd;
-    position: absolute;
-    border-radius: 5px;
-    transform: rotate(45deg);
-}
-
-.lightbox .close-lightbox::before {
-    transform: rotate(-45deg);
-}
-
-.lightbox .close-lightbox:hover::after,
-.lightbox .close-lightbox:hover::before {
-    background-color: #fff;
-}
-
-/* Header */
-
-#header {
-    background: #3a9784;
-    height: 130px;
-}
-
-#header #headerBox {
-    max-width: 900px;
-    margin: 0 auto;
-    padding: 0 10px;
-}
-
-#header #logo {
-    margin-top: 23px;
-    float: left;
-}
-
-#header #name {
-    float: left;
-    color: white;
-    font-size: 2.6em;
-    font-weight: 300;
-    margin: 35px 0 0 20px;
-}
-
-#header ol {
-    list-style-type: none;
-    float: right;
-    margin-top: 80px;
-}
-
-#header ol li {
-    display: inline-block;
-    margin: 0 10px;
-    font-weight: 400;
-}
-
-#header ol li a, nav ol li a:visited {
-    color: white;
-    text-decoration: none;
-}
-
-#header ol li a:hover {
-    text-decoration: underline;
-}
-
-/* Subscribe box */
-
-button {
-    background: #3a9784;
-    border: none;
-    border-radius: 3px;
-    padding: 3px 5px;
-    color: white;
-    cursor: pointer;
-}
-
-button:hover {
-    background: #317f6f;
-    padding: 5px;
-}
-
-ul {
-    padding-left: 1em;
-    list-style-type: circle;
-    padding-bottom: 0;
-    margin: 0;
-}
-
-li {
-    padding: 4px 0;
-    margin: 4px 0;
-    font-size: 0.9em;
-}
-
-
-/* Hide top menu SMALL SCREEN */
-@media only screen and (max-width: 780px) {
-    #header ol {
-        display: none;
-    }
-}
-
-/* Subscribe box SMALL SCREEN */
-@media only screen and (max-width: 1599px) {
-    #subscribeBox #subscribeForm {
-        border-left: 4px solid #3a9784;
-        padding: 10px;
-    }
-
-    #subscribeBox #topicsHeader {
-        margin-bottom: 0;
-    }
-
-    #subscribeBox input {
-        height: 24px;
-        min-width: 200px;
-        max-width: 300px;
-        border-radius: 3px;
-        border: none;
-        border-bottom: 1px solid #aaa;
-        font-size: 0.8em;
-    }
-
-    #subscribeBox input:focus {
-        border-bottom: 2px solid #3a9784;
-        outline: none;
-    }
-
-    #subscribeBox ul {
-        margin: 0;
-    }
-
-    #subscribeBox li {
-        margin: 3px 0;
-        padding: 0;
-    }
-
-    #subscribeBox li img {
-        width: 15px;
-        height: 15px;
-        vertical-align: bottom;
-    }
-
-    #subscribeBox li a {
-        padding: 0 5px 0 0;
-    }
-
-    #subscribeBox button {
-        font-size: 0.8em;
-        background: #3a9784;
-        border-radius: 3px;
-        padding: 5px;
-        color: white;
-        cursor: pointer;
-    }
-
-    #subscribeBox button:hover {
-        background: #317f6f;
-    }
-}
-
-/* Subscribe box BIG SCREEN */
-@media only screen and (min-width: 1600px) {
-    #subscribeBox {
-        position: fixed;
-        top: 170px;
-        right: 10px;
-        width: 300px;
-        border-left: 4px solid #3a9784;
-        padding: 10px;
-    }
-
-    #subscribeBox h3 {
-        margin-top: 0;
-        margin-bottom: 5px;
-        font-size: 1.1em;
-    }
-
-    #subscribeBox #topicsHeader {
-        margin-bottom: 0;
-    }
-
-    #subscribeBox p {
-        font-size: 0.9em;
-        margin-bottom: 10px;
-    }
-
-    #subscribeBox ul {
-        margin: 0;
-    }
-
-    #subscribeBox input {
-        height: 18px;
-        border-radius: 3px;
-        border: none;
-        border-bottom: 1px solid #aaa;
-    }
-
-    #subscribeBox input:focus {
-        border-bottom: 2px solid #3a9784;
-        outline: none;
-    }
-
-    #subscribeBox li {
-        margin: 3px 0;
-        padding: 0;
-    }
-
-    #subscribeBox li img {
-        width: 15px;
-        height: 15px;
-        vertical-align: bottom;
-    }
-
-    #subscribeBox li a {
-        padding: 0 5px 0 0;
-    }
-
-    #subscribeBox button {
-        font-size: 0.7em;
-        background: #3a9784;
-        border-radius: 3px;
-        padding: 5px;
-        color: white;
-        cursor: pointer;
-    }
-
-    #subscribeBox button:hover {
-        background: #317f6f;
-    }
-}
-
-/** Detail view */
-
-#detail .detailEntry {
-    margin-bottom: 20px;
-}
-
-#detail .detailDate {
-    margin-bottom: 2px;
-}
-
-#detail .detailDate, #detail .detailTags {
-    color: #888;
-    font-size: 0.9em;
-}
-
-#detail .detailTags {
-    margin-top: 2px;
-}
-
-#detail .detailDate img {
-    width: 20px;
-    height: 20px;
-    vertical-align: bottom;
-}
-
-#detail .detailTitle {
-    font-weight: bold;
-}
-
-#detail #detailMain {
-    max-width: 900px;
-    margin: 0 auto;
-    position: relative; /* required for close button's "position: absolute" */
-    padding: 0 10px 50px 10px; /* Chrome and Firefox behave differently regarding bottom margin */
-}
-
-#detail #detailCloseButton {
-    background: #eee;
-    border-radius: 5px;
-    border: none;
-    padding: 5px;
-    position: absolute;
-    right: 10px;
-    top: 10px;
-    display: block;
-}
-
-#detail #detailCloseButton:hover {
-    padding: 5px;
-    background: #ccc;
-}
-
-#detail #detailCloseButton img {
-    display: block; /* get rid of the weird bottom border */
-}
-
-#detail #detailNotificationsDisallowed {
-    display: none;
-    color: darkred;
-}
-
-#detail #events {
-    max-width: 900px;
-    margin: 0 auto 50px auto;
-}

server/static/img/close.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" height="24px" viewBox="0 0 24 24" width="24px" fill="#000000"><path d="M0 0h24v24H0V0z" fill="none"/><path d="M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>

server/static/img/priority-1.svg

@@ -1,47 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   height="24px"
-   viewBox="0 0 24 24"
-   width="24px"
-   fill="#000000"
-   version="1.1"
-   id="svg1428"
-   sodipodi:docname="priority_1_24dp.svg"
-   inkscape:version="1.1.1 (3bf5ae0, 2021-09-20)"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:svg="http://www.w3.org/2000/svg">
-  <defs
-     id="defs1432" />
-  <sodipodi:namedview
-     id="namedview1430"
-     pagecolor="#505050"
-     bordercolor="#eeeeee"
-     borderopacity="1"
-     inkscape:pageshadow="0"
-     inkscape:pageopacity="0"
-     inkscape:pagecheckerboard="0"
-     showgrid="false"
-     inkscape:zoom="20.517358"
-     inkscape:cx="22.834324"
-     inkscape:cy="15.742768"
-     inkscape:window-width="1863"
-     inkscape:window-height="1025"
-     inkscape:window-x="57"
-     inkscape:window-y="27"
-     inkscape:window-maximized="1"
-     inkscape:current-layer="svg1428" />
-  <path
-     style="color:#000000;fill:#999999;fill-opacity:1;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="m 12.195014,20.828316 a 1.2747098,1.2747098 0 0 0 0.661605,-0.185206 l 6.646593,-4.037178 a 1.2745823,1.2745823 0 0 0 0.427537,-1.751107 1.2745823,1.2745823 0 0 0 -1.750928,-0.427718 l -5.984807,3.635327 -5.9848086,-3.635327 a 1.2745823,1.2745823 0 0 0 -1.750927,0.427718 1.2745823,1.2745823 0 0 0 0.427536,1.751107 l 6.6464146,4.037178 a 1.2747098,1.2747098 0 0 0 0.661785,0.185206 z"
-     id="rect3554" />
-  <path
-     style="color:#000000;fill:#b3b3b3;fill-opacity:1;stroke:none;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="m 12.195014,15.694014 a 1.2747098,1.2747098 0 0 0 0.661605,-0.185206 l 6.646593,-4.037176 A 1.2745823,1.2745823 0 0 0 19.930749,9.7205243 1.2745823,1.2745823 0 0 0 18.179821,9.2928073 L 12.195014,12.928134 6.2102054,9.2928073 a 1.2745823,1.2745823 0 0 0 -1.750927,0.427717 1.2745823,1.2745823 0 0 0 0.427536,1.7511077 l 6.6464146,4.037176 a 1.2747098,1.2747098 0 0 0 0.661785,0.185206 z"
-     id="path9314" />
-  <path
-     style="color:#000000;fill:#cccccc;fill-opacity:1;stroke:none;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="m 12.116784,10.426777 a 1.2747098,1.2747098 0 0 0 0.661606,-0.185205 l 6.646593,-4.0371767 a 1.2745823,1.2745823 0 0 0 0.427537,-1.751108 1.2745823,1.2745823 0 0 0 -1.750928,-0.427718 l -5.984808,3.635327 -5.9848066,-3.635327 a 1.2745823,1.2745823 0 0 0 -1.750928,0.427718 1.2745823,1.2745823 0 0 0 0.427537,1.751108 L 11.455,10.241572 a 1.2747098,1.2747098 0 0 0 0.661784,0.185205 z"
-     id="path9316" />
-</svg>

server/static/img/priority-2.svg

@@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   height="24px"
-   viewBox="0 0 24 24"
-   width="24px"
-   fill="#000000"
-   version="1.1"
-   id="svg1428"
-   sodipodi:docname="priority_2_24dp.svg"
-   inkscape:version="1.1.1 (3bf5ae0, 2021-09-20)"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:svg="http://www.w3.org/2000/svg">
-  <defs
-     id="defs1432" />
-  <sodipodi:namedview
-     id="namedview1430"
-     pagecolor="#505050"
-     bordercolor="#eeeeee"
-     borderopacity="1"
-     inkscape:pageshadow="0"
-     inkscape:pageopacity="0"
-     inkscape:pagecheckerboard="0"
-     showgrid="false"
-     inkscape:zoom="20.517358"
-     inkscape:cx="22.834324"
-     inkscape:cy="15.742768"
-     inkscape:window-width="1863"
-     inkscape:window-height="1025"
-     inkscape:window-x="57"
-     inkscape:window-y="27"
-     inkscape:window-maximized="1"
-     inkscape:current-layer="svg1428" />
-  <path
-     style="color:#000000;fill:#999999;fill-opacity:1;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="m 12.172712,17.774352 a 1.2747098,1.2747098 0 0 0 0.661605,-0.185206 l 6.646593,-4.037178 a 1.2745823,1.2745823 0 0 0 0.427537,-1.751107 1.2745823,1.2745823 0 0 0 -1.750928,-0.427718 L 12.172712,15.00847 6.1879033,11.373143 a 1.2745823,1.2745823 0 0 0 -1.750927,0.427718 1.2745823,1.2745823 0 0 0 0.427536,1.751107 l 6.6464147,4.037178 a 1.2747098,1.2747098 0 0 0 0.661785,0.185206 z"
-     id="rect3554" />
-  <path
-     style="color:#000000;fill:#b3b3b3;fill-opacity:1;stroke:none;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="m 12.172712,12.64005 a 1.2747098,1.2747098 0 0 0 0.661605,-0.185206 L 19.48091,8.4176679 A 1.2745823,1.2745823 0 0 0 19.908447,6.6665602 1.2745823,1.2745823 0 0 0 18.157519,6.2388432 L 12.172712,9.8741699 6.1879033,6.2388432 a 1.2745823,1.2745823 0 0 0 -1.750927,0.427717 1.2745823,1.2745823 0 0 0 0.427536,1.7511077 l 6.6464147,4.0371761 a 1.2747098,1.2747098 0 0 0 0.661785,0.185206 z"
-     id="path9314" />
-</svg>

server/static/img/priority-4.svg

@@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   height="24px"
-   viewBox="0 0 24 24"
-   width="24px"
-   fill="#000000"
-   version="1.1"
-   id="svg1428"
-   sodipodi:docname="priority_4_24dp.svg"
-   inkscape:version="1.1.1 (3bf5ae0, 2021-09-20)"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:svg="http://www.w3.org/2000/svg">
-  <defs
-     id="defs1432" />
-  <sodipodi:namedview
-     id="namedview1430"
-     pagecolor="#505050"
-     bordercolor="#eeeeee"
-     borderopacity="1"
-     inkscape:pageshadow="0"
-     inkscape:pageopacity="0"
-     inkscape:pagecheckerboard="0"
-     showgrid="false"
-     inkscape:zoom="20.517358"
-     inkscape:cx="22.834324"
-     inkscape:cy="15.742768"
-     inkscape:window-width="1863"
-     inkscape:window-height="1025"
-     inkscape:window-x="57"
-     inkscape:window-y="27"
-     inkscape:window-maximized="1"
-     inkscape:current-layer="svg1428" />
-  <path
-     style="color:#000000;fill:#c60000;fill-opacity:1;stroke:none;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="M 12.116784,6.5394415 A 1.2747098,1.2747098 0 0 0 11.455179,6.724648 l -6.6465926,4.037176 a 1.2745823,1.2745823 0 0 0 -0.427537,1.751108 1.2745823,1.2745823 0 0 0 1.7509281,0.427717 l 5.9848065,-3.635327 5.984809,3.635327 A 1.2745823,1.2745823 0 0 0 19.85252,12.512932 1.2745823,1.2745823 0 0 0 19.424984,10.761824 L 12.778569,6.724648 A 1.2747098,1.2747098 0 0 0 12.116784,6.5394415 Z"
-     id="path9314" />
-  <path
-     style="color:#000000;fill:#de0000;fill-opacity:1;stroke:none;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="m 12.195014,11.806679 a 1.2747098,1.2747098 0 0 0 -0.661606,0.185205 l -6.6465924,4.037177 a 1.2745823,1.2745823 0 0 0 -0.427537,1.751108 1.2745823,1.2745823 0 0 0 1.750928,0.427718 l 5.9848074,-3.635327 5.984807,3.635327 a 1.2745823,1.2745823 0 0 0 1.750928,-0.427718 1.2745823,1.2745823 0 0 0 -0.427537,-1.751108 l -6.646414,-4.037177 a 1.2747098,1.2747098 0 0 0 -0.661784,-0.185205 z"
-     id="path9316" />
-</svg>

server/static/img/priority-5.svg

@@ -1,47 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   height="24px"
-   viewBox="0 0 24 24"
-   width="24px"
-   fill="#000000"
-   version="1.1"
-   id="svg1428"
-   sodipodi:docname="priority_5_24dp.svg"
-   inkscape:version="1.1.1 (3bf5ae0, 2021-09-20)"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:svg="http://www.w3.org/2000/svg">
-  <defs
-     id="defs1432" />
-  <sodipodi:namedview
-     id="namedview1430"
-     pagecolor="#505050"
-     bordercolor="#eeeeee"
-     borderopacity="1"
-     inkscape:pageshadow="0"
-     inkscape:pageopacity="0"
-     inkscape:pagecheckerboard="0"
-     showgrid="false"
-     inkscape:zoom="20.517358"
-     inkscape:cx="22.834323"
-     inkscape:cy="15.742767"
-     inkscape:window-width="1863"
-     inkscape:window-height="1025"
-     inkscape:window-x="57"
-     inkscape:window-y="27"
-     inkscape:window-maximized="1"
-     inkscape:current-layer="svg1428" />
-  <path
-     style="color:#000000;fill:#aa0000;fill-opacity:1;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="M 12.116784,3.40514 A 1.2747098,1.2747098 0 0 0 11.455179,3.5903463 L 4.8085864,7.6275238 A 1.2745823,1.2745823 0 0 0 4.3810494,9.3786313 1.2745823,1.2745823 0 0 0 6.1319775,9.8063489 L 12.116784,6.1710217 18.101593,9.8063489 A 1.2745823,1.2745823 0 0 0 19.85252,9.3786313 1.2745823,1.2745823 0 0 0 19.424984,7.6275238 L 12.778569,3.5903463 A 1.2747098,1.2747098 0 0 0 12.116784,3.40514 Z"
-     id="rect3554" />
-  <path
-     style="color:#000000;fill:#c60000;fill-opacity:1;stroke:none;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="M 12.116784,8.5394415 A 1.2747098,1.2747098 0 0 0 11.455179,8.724648 l -6.6465926,4.037176 a 1.2745823,1.2745823 0 0 0 -0.427537,1.751108 1.2745823,1.2745823 0 0 0 1.7509281,0.427717 l 5.9848065,-3.635327 5.984809,3.635327 A 1.2745823,1.2745823 0 0 0 19.85252,14.512932 1.2745823,1.2745823 0 0 0 19.424984,12.761824 L 12.778569,8.724648 A 1.2747098,1.2747098 0 0 0 12.116784,8.5394415 Z"
-     id="path9314" />
-  <path
-     style="color:#000000;fill:#de0000;fill-opacity:1;stroke:none;stroke-width:0.0919748;stroke-linecap:round;stroke-linejoin:round;-inkscape-stroke:none"
-     d="m 12.195014,13.806679 a 1.2747098,1.2747098 0 0 0 -0.661606,0.185205 l -6.6465924,4.037177 a 1.2745823,1.2745823 0 0 0 -0.427537,1.751108 1.2745823,1.2745823 0 0 0 1.750928,0.427718 l 5.9848074,-3.635327 5.984807,3.635327 a 1.2745823,1.2745823 0 0 0 1.750928,-0.427718 1.2745823,1.2745823 0 0 0 -0.427537,-1.751108 l -6.646414,-4.037177 a 1.2747098,1.2747098 0 0 0 -0.661784,-0.185205 z"
-     id="path9316" />
-</svg>

server/static/img/send.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" height="24px" viewBox="0 0 24 24" width="24px" fill="#ffffff"><path d="M0 0h24v24H0z" fill="none"/><path d="M2.01 21L23 12 2.01 3 2 10l15 2-15 2z"/></svg>

server/static/img/unsubscribe.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" height="24px" viewBox="0 0 24 24" width="24px" fill="#FFFFFF"><path d="M0 0h24v24H0V0z" fill="none"/><path d="M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>

server/static/js/app.js

@@ -1,435 +0,0 @@
-
-/**
- * Hello, dear curious visitor. I am not a web-guy, so please don't judge my horrible JS code.
- * In fact, please do tell me about all the things I did wrong and that I could improve. I've been trying
- * to read up on modern JS, but it's just a little much.
- *
- * Feel free to open tickets at https://github.com/binwiederhier/ntfy/issues. Thank you!
- */
-
-/* All the things */
-
-let topics = {};
-let currentTopic = "";
-let currentTopicUnsubscribeOnClose = false;
-let currentUrl = window.location.hostname;
-if (window.location.port) {
-    currentUrl += ':' + window.location.port
-}
-
-/* Main view */
-const main = document.getElementById("main");
-const topicsHeader = document.getElementById("topicsHeader");
-const topicsList = document.getElementById("topicsList");
-const topicField = document.getElementById("topicField");
-const notifySound = document.getElementById("notifySound");
-const subscribeButton = document.getElementById("subscribeButton");
-const errorField = document.getElementById("error");
-const originalTitle = document.title;
-
-/* Detail view */
-const detailView = document.getElementById("detail");
-const detailTitle = document.getElementById("detailTitle");
-const detailEventsList = document.getElementById("detailEventsList");
-const detailTopicUrl = document.getElementById("detailTopicUrl");
-const detailNoNotifications = document.getElementById("detailNoNotifications");
-const detailCloseButton = document.getElementById("detailCloseButton");
-const detailNotificationsDisallowed = document.getElementById("detailNotificationsDisallowed");
-
-/* Screenshots */
-const lightbox = document.getElementById("lightbox");
-
-const subscribe = (topic) => {
-    if (Notification.permission !== "granted") {
-        Notification.requestPermission().then((permission) => {
-            if (permission === "granted") {
-                subscribeInternal(topic, true, 0);
-            } else {
-                showNotificationDeniedError();
-            }
-        });
-    } else {
-        subscribeInternal(topic, true,0);
-    }
-};
-
-const subscribeInternal = (topic, persist, delaySec) => {
-    setTimeout(() => {
-        // Render list entry
-        let topicEntry = document.getElementById(`topic-${topic}`);
-        if (!topicEntry) {
-            topicEntry = document.createElement('li');
-            topicEntry.id = `topic-${topic}`;
-            topicEntry.innerHTML = `<a href="/${topic}" onclick="return showDetail('${topic}')">${topic}</a> <button onclick="test('${topic}'); return false;"> <img src="static/img/send.svg"> Test</button> <button onclick="unsubscribe('${topic}'); return false;"> <img src="static/img/unsubscribe.svg"> Unsubscribe</button>`;
-            topicsList.appendChild(topicEntry);
-        }
-        topicsHeader.style.display = '';
-
-        // Open event source
-        let eventSource = new EventSource(`${topic}/sse`);
-        eventSource.onopen = () => {
-            topicEntry.innerHTML = `<a href="/${topic}" onclick="return showDetail('${topic}')">${topic}</a> <button onclick="test('${topic}'); return false;"> <img src="static/img/send.svg"> Test</button> <button onclick="unsubscribe('${topic}'); return false;"> <img src="static/img/unsubscribe.svg"> Unsubscribe</button>`;
-            delaySec = 0; // Reset on successful connection
-        };
-        eventSource.onerror = (e) => {
-            topicEntry.innerHTML = `<a href="/${topic}" onclick="return showDetail('${topic}')">${topic}</a> <i>(Reconnecting)</i> <button disabled="disabled">Test</button> <button onclick="unsubscribe('${topic}'); return false;">Unsubscribe</button>`;
-            eventSource.close();
-            const newDelaySec = (delaySec + 5 <= 15) ? delaySec + 5 : 15;
-            subscribeInternal(topic, persist, newDelaySec);
-        };
-        eventSource.onmessage = (e) => {
-            const event = JSON.parse(e.data);
-            topics[topic]['messages'].push(event);
-            topics[topic]['messages'].sort((a, b) => { return a.time < b.time ? 1 : -1; }); // Newest first
-            if (currentTopic === topic) {
-                rerenderDetailView();
-            }
-            if (Notification.permission === "granted") {
-                notifySound.play();
-                const title = formatTitle(event);
-                const message = formatMessage(event);
-                const notification = new Notification(title, {
-                    body: message,
-                    icon: '/static/img/favicon.png'
-                });
-                notification.onclick = (e) => {
-                    showDetail(event.topic);
-                };
-            }
-        };
-        topics[topic] = {
-            'eventSource': eventSource,
-            'messages': [],
-            'persist': persist
-        };
-        fetchCachedMessages(topic).then(() => {
-            if (currentTopic === topic) {
-                rerenderDetailView();
-            }
-        })
-        let persistedTopicKeys = Object.keys(topics).filter(t => topics[t].persist);
-        localStorage.setItem('topics', JSON.stringify(persistedTopicKeys));
-    }, delaySec * 1000);
-};
-
-const unsubscribe = (topic) => {
-    topics[topic]['eventSource'].close();
-    delete topics[topic];
-    localStorage.setItem('topics', JSON.stringify(Object.keys(topics)));
-    document.getElementById(`topic-${topic}`).remove();
-    if (Object.keys(topics).length === 0) {
-        topicsHeader.style.display = 'none';
-    }
-};
-
-const test = (topic) => {
-    fetch(`/${topic}`, {
-        method: 'PUT',
-        body: `This is a test notification sent by the ntfy.sh Web UI at ${new Date().toString()}.`
-    });
-};
-
-const fetchCachedMessages = async (topic) => {
-    const topicJsonUrl = `/${topic}/json?poll=1`; // Poll!
-    for await (let line of makeTextFileLineIterator(topicJsonUrl)) {
-        const message = JSON.parse(line);
-        topics[topic]['messages'].push(message);
-    }
-    topics[topic]['messages'].sort((a, b) => { return a.time < b.time ? 1 : -1; }); // Newest first
-};
-
-const showDetail = (topic) => {
-    currentTopic = topic;
-    history.replaceState(topic, `${currentUrl}/${topic}`, `/${topic}`);
-    window.scrollTo(0, 0);
-    rerenderDetailView();
-    return false;
-};
-
-const rerenderDetailView = () => {
-    detailTitle.innerHTML = `${currentUrl}/${currentTopic}`; // document.location.replaceAll(..)
-    detailTopicUrl.innerHTML = `${currentUrl}/${currentTopic}`;
-    while (detailEventsList.firstChild) {
-        detailEventsList.removeChild(detailEventsList.firstChild);
-    }
-    topics[currentTopic]['messages'].forEach(m => {
-        const entryDiv = document.createElement('div');
-        const dateDiv = document.createElement('div');
-        const titleDiv = document.createElement('div');
-        const messageDiv = document.createElement('div');
-        const tagsDiv = document.createElement('div');
-
-        entryDiv.classList.add('detailEntry');
-        dateDiv.classList.add('detailDate');
-        titleDiv.classList.add('detailTitle');
-        messageDiv.classList.add('detailMessage');
-        tagsDiv.classList.add('detailTags');
-
-        const dateStr = new Date(m.time * 1000).toLocaleString();
-        if (m.priority && [1,2,4,5].includes(m.priority)) {
-            dateDiv.innerHTML = `${dateStr} <img src="static/img/priority-${m.priority}.svg"/>`;
-        } else {
-            dateDiv.innerHTML = `${dateStr}`;
-        }
-        messageDiv.innerText = formatMessage(m);
-        entryDiv.appendChild(dateDiv);
-        if (m.title) {
-            titleDiv.innerText = formatTitleA(m);
-            entryDiv.appendChild(titleDiv);
-        }
-        entryDiv.appendChild(messageDiv);
-        const otherTags = unmatchedTags(m.tags);
-        if (otherTags.length > 0) {
-            tagsDiv.innerText = `Tags: ${otherTags.join(", ")}`;
-            entryDiv.appendChild(tagsDiv);
-        }
-        detailEventsList.appendChild(entryDiv);
-    })
-    if (topics[currentTopic]['messages'].length === 0) {
-        detailNoNotifications.style.display = '';
-    } else {
-        detailNoNotifications.style.display = 'none';
-    }
-    if (Notification.permission === "granted") {
-        detailNotificationsDisallowed.style.display = 'none';
-    } else {
-        detailNotificationsDisallowed.style.display = 'block';
-    }
-    detailView.style.display = 'block';
-    main.style.display = 'none';
-};
-
-const hideDetailView = () => {
-    if (currentTopicUnsubscribeOnClose) {
-        unsubscribe(currentTopic);
-        currentTopicUnsubscribeOnClose = false;
-    }
-    currentTopic = "";
-    history.replaceState('', originalTitle, '/');
-    detailView.style.display = 'none';
-    main.style.display = 'block';
-    return false;
-};
-
-const requestPermission = () => {
-    if (Notification.permission !== "granted") {
-        Notification.requestPermission().then((permission) => {
-            if (permission === "granted") {
-                detailNotificationsDisallowed.style.display = 'none';
-            }
-        });
-    }
-    return false;
-};
-
-const showError = (msg) => {
-    errorField.innerHTML = msg;
-    topicField.disabled = true;
-    subscribeButton.disabled = true;
-};
-
-const showBrowserIncompatibleError = () => {
-    showError("Your browser is not compatible to use the web-based desktop notifications.");
-};
-
-const showNotificationDeniedError = () => {
-    showError("You have blocked desktop notifications for this website. Please unblock them and refresh to use the web-based desktop notifications.");
-};
-
-const showScreenshotOverlay = (e, el, index) => {
-    lightbox.classList.add('show');
-    document.addEventListener('keydown', nextScreenshotKeyboardListener);
-    return showScreenshot(e, index);
-};
-
-const showScreenshot = (e, index) => {
-    const actualIndex = resolveScreenshotIndex(index);
-    lightbox.innerHTML = '<div class="close-lightbox"></div>' + screenshots[actualIndex].innerHTML;
-    lightbox.querySelector('img').onclick = (e) => { return showScreenshot(e,actualIndex+1); };
-    currentScreenshotIndex = actualIndex;
-    e.stopPropagation();
-    return false;
-};
-
-const nextScreenshot = (e) => {
-    return showScreenshot(e, currentScreenshotIndex+1);
-};
-
-const previousScreenshot = (e) => {
-    return showScreenshot(e, currentScreenshotIndex-1);
-};
-
-const resolveScreenshotIndex = (index) => {
-    if (index < 0) {
-        return screenshots.length - 1;
-    } else if (index > screenshots.length - 1) {
-        return 0;
-    }
-    return index;
-};
-
-const hideScreenshotOverlay = (e) => {
-    lightbox.classList.remove('show');
-    document.removeEventListener('keydown', nextScreenshotKeyboardListener);
-};
-
-const nextScreenshotKeyboardListener = (e) => {
-    switch (e.keyCode) {
-        case 37:
-            previousScreenshot(e);
-            break;
-        case 39:
-            nextScreenshot(e);
-            break;
-    }
-};
-
-const formatTitle = (m) => {
-    if (m.title) {
-        return formatTitleA(m);
-    } else {
-        return `${location.host}/${m.topic}`;
-    }
-};
-
-const formatTitleA = (m) => {
-    const emojiList = toEmojis(m.tags);
-    if (emojiList.length > 0) {
-        return `${emojiList.join(" ")} ${m.title}`;
-    } else {
-        return m.title;
-    }
-};
-
-const formatMessage = (m) => {
-    if (m.title) {
-        return m.message;
-    } else {
-        const emojiList = toEmojis(m.tags);
-        if (emojiList.length > 0) {
-            return `${emojiList.join(" ")} ${m.message}`;
-        } else {
-            return m.message;
-        }
-    }
-};
-
-const toEmojis = (tags) => {
-    if (!tags) return [];
-    else return tags.filter(tag => tag in emojis).map(tag => emojis[tag]);
-}
-
-const unmatchedTags = (tags) => {
-    if (!tags) return [];
-    else return tags.filter(tag => !(tag in emojis));
-}
-
-// From: https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch
-async function* makeTextFileLineIterator(fileURL) {
-    const utf8Decoder = new TextDecoder('utf-8');
-    const response = await fetch(fileURL);
-    const reader = response.body.getReader();
-    let { value: chunk, done: readerDone } = await reader.read();
-    chunk = chunk ? utf8Decoder.decode(chunk) : '';
-
-    const re = /\n|\r|\r\n/gm;
-    let startIndex = 0;
-    let result;
-
-    for (;;) {
-        let result = re.exec(chunk);
-        if (!result) {
-            if (readerDone) {
-                break;
-            }
-            let remainder = chunk.substr(startIndex);
-            ({ value: chunk, done: readerDone } = await reader.read());
-            chunk = remainder + (chunk ? utf8Decoder.decode(chunk) : '');
-            startIndex = re.lastIndex = 0;
-            continue;
-        }
-        yield chunk.substring(startIndex, result.index);
-        startIndex = re.lastIndex;
-    }
-    if (startIndex < chunk.length) {
-        yield chunk.substr(startIndex); // last line didn't end in a newline char
-    }
-}
-
-subscribeButton.onclick = () => {
-    if (!topicField.value) {
-        return false;
-    }
-    subscribe(topicField.value);
-    topicField.value = "";
-    return false;
-};
-
-detailCloseButton.onclick = () => {
-    hideDetailView();
-};
-
-let currentScreenshotIndex = 0;
-const screenshots = [...document.querySelectorAll("#screenshots a")];
-screenshots.forEach((el, index) => {
-    el.onclick = (e) => { return showScreenshotOverlay(e, el, index); };
-});
-
-lightbox.onclick = hideScreenshotOverlay;
-
-// Disable Web UI if notifications of EventSource are not available
-if (!window["Notification"] || !window["EventSource"]) {
-    showBrowserIncompatibleError();
-} else if (Notification.permission === "denied") {
-    showNotificationDeniedError();
-}
-
-// Reset UI
-topicField.value = "";
-
-// Restore topics
-const storedTopics = JSON.parse(localStorage.getItem('topics') || "[]");
-if (storedTopics) {
-    storedTopics.forEach((topic) => { subscribeInternal(topic, true, 0); });
-    if (storedTopics.length === 0) {
-        topicsHeader.style.display = 'none';
-    }
-} else {
-    topicsHeader.style.display = 'none';
-}
-
-// (Temporarily) subscribe topic if we navigated to /sometopic URL
-const match = location.pathname.match(/^\/([-_a-zA-Z0-9]{1,64})$/) // Regex must match Go & Android app!
-if (match) {
-    currentTopic = match[1];
-    if (!storedTopics.includes(currentTopic)) {
-        subscribeInternal(currentTopic, false,0);
-        currentTopicUnsubscribeOnClose = true;
-    }
-}
-
-// Add anchor links
-document.querySelectorAll('.anchor').forEach((el) => {
-    if (el.hasAttribute('id')) {
-        const id = el.getAttribute('id');
-        const anchor = document.createElement('a');
-        anchor.innerHTML = `<a href="#${id}" class="anchorLink">#</a>`;
-        el.appendChild(anchor);
-    }
-});
-
-// Change ntfy.sh url and protocol to match self-hosted one
-document.querySelectorAll('.ntfyUrl').forEach((el) => {
-    el.innerHTML = currentUrl;
-});
-document.querySelectorAll('.ntfyProtocol').forEach((el) => {
-    el.innerHTML = window.location.protocol + "//";
-});
-
-// Format emojis (see emoji.js)
-const emojis = {};
-rawEmojis.forEach(emoji => {
-    emoji.aliases.forEach(alias => {
-        emojis[alias] = emoji.emoji;
-    });
-});

server/types.go

@@ -27,6 +27,7 @@ type message struct {
 	Priority   int         `json:"priority,omitempty"`
 	Tags       []string    `json:"tags,omitempty"`
 	Click      string      `json:"click,omitempty"`
+	Actions    []*action   `json:"actions,omitempty"`
 	Attachment *attachment `json:"attachment,omitempty"`
 	Title      string      `json:"title,omitempty"`
 	Message    string      `json:"message,omitempty"`
@@ -42,6 +43,41 @@ type attachment struct {
 	Owner   string `json:"-"` // IP address of uploader, used for rate limiting
 }
 
+type action struct {
+	ID      string            `json:"id"`
+	Action  string            `json:"action"`            // "view", "broadcast", or "http"
+	Label   string            `json:"label"`             // action button label
+	Clear   bool              `json:"clear"`             // clear notification after successful execution
+	URL     string            `json:"url,omitempty"`     // used in "view" and "http" actions
+	Method  string            `json:"method,omitempty"`  // used in "http" action, default is POST (!)
+	Headers map[string]string `json:"headers,omitempty"` // used in "http" action
+	Body    string            `json:"body,omitempty"`    // used in "http" action
+	Intent  string            `json:"intent,omitempty"`  // used in "broadcast" action
+	Extras  map[string]string `json:"extras,omitempty"`  // used in "broadcast" action
+}
+
+func newAction() *action {
+	return &action{
+		Headers: make(map[string]string),
+		Extras:  make(map[string]string),
+	}
+}
+
+// publishMessage is used as input when publishing as JSON
+type publishMessage struct {
+	Topic    string   `json:"topic"`
+	Title    string   `json:"title"`
+	Message  string   `json:"message"`
+	Priority int      `json:"priority"`
+	Tags     []string `json:"tags"`
+	Click    string   `json:"click"`
+	Actions  []action `json:"actions"`
+	Attach   string   `json:"attach"`
+	Filename string   `json:"filename"`
+	Email    string   `json:"email"`
+	Delay    string   `json:"delay"`
+}
+
 // messageEncoder is a function that knows how to encode a message
 type messageEncoder func(msg *message) (string, error)
 

server/util.go

@@ -14,12 +14,24 @@ func readBoolParam(r *http.Request, defaultValue bool, names ...string) bool {
 }
 
 func readParam(r *http.Request, names ...string) string {
+	value := readHeaderParam(r, names...)
+	if value != "" {
+		return value
+	}
+	return readQueryParam(r, names...)
+}
+
+func readHeaderParam(r *http.Request, names ...string) string {
 	for _, name := range names {
 		value := r.Header.Get(name)
 		if value != "" {
 			return strings.TrimSpace(value)
 		}
 	}
+	return ""
+}
+
+func readQueryParam(r *http.Request, names ...string) string {
 	for _, name := range names {
 		value := r.URL.Query().Get(strings.ToLower(name))
 		if value != "" {

server/visitor.go

@@ -22,6 +22,7 @@ var (
 // visitor represents an API user, and its associated rate.Limiter used for rate limiting
 type visitor struct {
 	config        *Config
+	messageCache  *messageCache
 	ip            string
 	requests      *rate.Limiter
 	emails        *rate.Limiter
@@ -31,9 +32,17 @@ type visitor struct {
 	mu            sync.Mutex
 }
 
-func newVisitor(conf *Config, ip string) *visitor {
+type visitorStats struct {
+	AttachmentFileSizeLimit         int64 `json:"attachmentFileSizeLimit"`
+	VisitorAttachmentBytesTotal     int64 `json:"visitorAttachmentBytesTotal"`
+	VisitorAttachmentBytesUsed      int64 `json:"visitorAttachmentBytesUsed"`
+	VisitorAttachmentBytesRemaining int64 `json:"visitorAttachmentBytesRemaining"`
+}
+
+func newVisitor(conf *Config, messageCache *messageCache, ip string) *visitor {
 	return &visitor{
 		config:        conf,
+		messageCache:  messageCache,
 		ip:            ip,
 		requests:      rate.NewLimiter(rate.Every(conf.VisitorRequestLimitReplenish), conf.VisitorRequestLimitBurst),
 		emails:        rate.NewLimiter(rate.Every(conf.VisitorEmailLimitReplenish), conf.VisitorEmailLimitBurst),
@@ -91,3 +100,20 @@ func (v *visitor) Stale() bool {
 	defer v.mu.Unlock()
 	return time.Since(v.seen) > visitorExpungeAfter
 }
+
+func (v *visitor) Stats() (*visitorStats, error) {
+	attachmentsBytesUsed, err := v.messageCache.AttachmentBytesUsed(v.ip)
+	if err != nil {
+		return nil, err
+	}
+	attachmentsBytesRemaining := v.config.VisitorAttachmentTotalSizeLimit - attachmentsBytesUsed
+	if attachmentsBytesRemaining < 0 {
+		attachmentsBytesRemaining = 0
+	}
+	return &visitorStats{
+		AttachmentFileSizeLimit:         v.config.AttachmentFileSizeLimit,
+		VisitorAttachmentBytesTotal:     v.config.VisitorAttachmentTotalSizeLimit,
+		VisitorAttachmentBytesUsed:      attachmentsBytesUsed,
+		VisitorAttachmentBytesRemaining: attachmentsBytesRemaining,
+	}, nil
+}

util/content_type_writer_test.go

@@ -44,7 +44,7 @@ func TestSniffWriter_WriteUnknownMimeType(t *testing.T) {
 	rr := httptest.NewRecorder()
 	sw := NewContentTypeWriter(rr, "")
 	randomBytes := make([]byte, 199)
-	rand.Read(randomBytes)
+	rand.Read(randomBytes[5:]) // Start at an offset; the test kept failing randomly because it hit random magic strings
 	sw.Write(randomBytes)
 	require.Equal(t, "application/octet-stream", rr.Header().Get("Content-Type"))
 }

util/gzip_handler.go

@@ -0,0 +1,52 @@
+package util
+
+import (
+	"compress/gzip"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"strings"
+	"sync"
+)
+
+// Gzip is a HTTP middleware to transparently compress responses using gzip.
+// Original code from https://gist.github.com/CJEnright/bc2d8b8dc0c1389a9feeddb110f822d7 (MIT)
+func Gzip(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if !strings.Contains(r.Header.Get("Accept-Encoding"), "gzip") {
+			next.ServeHTTP(w, r)
+			return
+		}
+		w.Header().Set("Content-Encoding", "gzip")
+
+		gz := gzPool.Get().(*gzip.Writer)
+		defer gzPool.Put(gz)
+
+		gz.Reset(w)
+		defer gz.Close()
+
+		r.Header.Del("Accept-Encoding") // prevent double-gzipping
+		next.ServeHTTP(&gzipResponseWriter{ResponseWriter: w, Writer: gz}, r)
+	})
+}
+
+var gzPool = sync.Pool{
+	New: func() interface{} {
+		w := gzip.NewWriter(ioutil.Discard)
+		return w
+	},
+}
+
+type gzipResponseWriter struct {
+	io.Writer
+	http.ResponseWriter
+}
+
+func (w *gzipResponseWriter) WriteHeader(status int) {
+	w.Header().Del("Content-Length")
+	w.ResponseWriter.WriteHeader(status)
+}
+
+func (w *gzipResponseWriter) Write(b []byte) (int, error) {
+	return w.Writer.Write(b)
+}

util/gzip_handler_test.go

@@ -0,0 +1,40 @@
+package util
+
+import (
+	"compress/gzip"
+	"github.com/stretchr/testify/require"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestGzipHandler(t *testing.T) {
+	s := Gzip(http.FileServer(http.FS(testFs)))
+
+	rr := httptest.NewRecorder()
+	req, _ := http.NewRequest("GET", "/embedfs/test.txt", nil)
+	req.Header.Set("Accept-Encoding", "gzip, deflate")
+	s.ServeHTTP(rr, req)
+	require.Equal(t, 200, rr.Code)
+	require.Equal(t, "gzip", rr.Header().Get("Content-Encoding"))
+	require.Equal(t, "", rr.Header().Get("Content-Length"))
+
+	gz, _ := gzip.NewReader(rr.Body)
+	b, _ := io.ReadAll(gz)
+	require.Equal(t, "This is a test file for embedfs_test.go\n", string(b))
+}
+
+func TestGzipHandler_NoGzip(t *testing.T) {
+	s := Gzip(http.FileServer(http.FS(testFs)))
+
+	rr := httptest.NewRecorder()
+	req, _ := http.NewRequest("GET", "/embedfs/test.txt", nil)
+	s.ServeHTTP(rr, req)
+	require.Equal(t, 200, rr.Code)
+	require.Equal(t, "", rr.Header().Get("Content-Encoding"))
+	require.Equal(t, "40", rr.Header().Get("Content-Length"))
+
+	b, _ := io.ReadAll(rr.Body)
+	require.Equal(t, "This is a test file for embedfs_test.go\n", string(b))
+}

util/peak.go

@@ -1,61 +0,0 @@
-package util
-
-import (
-	"bytes"
-	"io"
-	"strings"
-)
-
-// PeakedReadCloser is a ReadCloser that allows peaking into a stream and buffering it in memory.
-// It can be instantiated using the Peak function. After a stream has been peaked, it can still be fully
-// read by reading the PeakedReadCloser. It first drained from the memory buffer, and then from the remaining
-// underlying reader.
-type PeakedReadCloser struct {
-	PeakedBytes  []byte
-	LimitReached bool
-	peaked       io.Reader
-	underlying   io.ReadCloser
-	closed       bool
-}
-
-// Peak reads the underlying ReadCloser into memory up until the limit and returns a PeakedReadCloser
-func Peak(underlying io.ReadCloser, limit int) (*PeakedReadCloser, error) {
-	if underlying == nil {
-		underlying = io.NopCloser(strings.NewReader(""))
-	}
-	peaked := make([]byte, limit)
-	read, err := io.ReadFull(underlying, peaked)
-	if err != nil && err != io.ErrUnexpectedEOF && err != io.EOF {
-		return nil, err
-	}
-	return &PeakedReadCloser{
-		PeakedBytes:  peaked[:read],
-		LimitReached: read == limit,
-		underlying:   underlying,
-		peaked:       bytes.NewReader(peaked[:read]),
-		closed:       false,
-	}, nil
-}
-
-// Read reads from the peaked bytes and then from the underlying stream
-func (r *PeakedReadCloser) Read(p []byte) (n int, err error) {
-	if r.closed {
-		return 0, io.EOF
-	}
-	n, err = r.peaked.Read(p)
-	if err == io.EOF {
-		return r.underlying.Read(p)
-	} else if err != nil {
-		return 0, err
-	}
-	return
-}
-
-// Close closes the underlying stream
-func (r *PeakedReadCloser) Close() error {
-	if r.closed {
-		return io.EOF
-	}
-	r.closed = true
-	return r.underlying.Close()
-}

util/peek.go

@@ -0,0 +1,61 @@
+package util
+
+import (
+	"bytes"
+	"io"
+	"strings"
+)
+
+// PeekedReadCloser is a ReadCloser that allows peeking into a stream and buffering it in memory.
+// It can be instantiated using the Peek function. After a stream has been peeked, it can still be fully
+// read by reading the PeekedReadCloser. It first drained from the memory buffer, and then from the remaining
+// underlying reader.
+type PeekedReadCloser struct {
+	PeekedBytes  []byte
+	LimitReached bool
+	peeked       io.Reader
+	underlying   io.ReadCloser
+	closed       bool
+}
+
+// Peek reads the underlying ReadCloser into memory up until the limit and returns a PeekedReadCloser
+func Peek(underlying io.ReadCloser, limit int) (*PeekedReadCloser, error) {
+	if underlying == nil {
+		underlying = io.NopCloser(strings.NewReader(""))
+	}
+	peeked := make([]byte, limit)
+	read, err := io.ReadFull(underlying, peeked)
+	if err != nil && err != io.ErrUnexpectedEOF && err != io.EOF {
+		return nil, err
+	}
+	return &PeekedReadCloser{
+		PeekedBytes:  peeked[:read],
+		LimitReached: read == limit,
+		underlying:   underlying,
+		peeked:       bytes.NewReader(peeked[:read]),
+		closed:       false,
+	}, nil
+}
+
+// Read reads from the peeked bytes and then from the underlying stream
+func (r *PeekedReadCloser) Read(p []byte) (n int, err error) {
+	if r.closed {
+		return 0, io.EOF
+	}
+	n, err = r.peeked.Read(p)
+	if err == io.EOF {
+		return r.underlying.Read(p)
+	} else if err != nil {
+		return 0, err
+	}
+	return
+}
+
+// Close closes the underlying stream
+func (r *PeekedReadCloser) Close() error {
+	if r.closed {
+		return io.EOF
+	}
+	r.closed = true
+	return r.underlying.Close()
+}

util/peek_test.go

@@ -9,11 +9,11 @@ import (
 
 func TestPeak_LimitReached(t *testing.T) {
 	underlying := io.NopCloser(strings.NewReader("1234567890"))
-	peaked, err := Peak(underlying, 5)
+	peaked, err := Peek(underlying, 5)
 	if err != nil {
 		t.Fatal(err)
 	}
-	require.Equal(t, []byte("12345"), peaked.PeakedBytes)
+	require.Equal(t, []byte("12345"), peaked.PeekedBytes)
 	require.Equal(t, true, peaked.LimitReached)
 
 	all, err := io.ReadAll(peaked)
@@ -21,13 +21,13 @@ func TestPeak_LimitReached(t *testing.T) {
 		t.Fatal(err)
 	}
 	require.Equal(t, []byte("1234567890"), all)
-	require.Equal(t, []byte("12345"), peaked.PeakedBytes)
+	require.Equal(t, []byte("12345"), peaked.PeekedBytes)
 	require.Equal(t, true, peaked.LimitReached)
 }
 
 func TestPeak_LimitNotReached(t *testing.T) {
 	underlying := io.NopCloser(strings.NewReader("1234567890"))
-	peaked, err := Peak(underlying, 15)
+	peaked, err := Peek(underlying, 15)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -36,12 +36,12 @@ func TestPeak_LimitNotReached(t *testing.T) {
 		t.Fatal(err)
 	}
 	require.Equal(t, []byte("1234567890"), all)
-	require.Equal(t, []byte("1234567890"), peaked.PeakedBytes)
+	require.Equal(t, []byte("1234567890"), peaked.PeekedBytes)
 	require.Equal(t, false, peaked.LimitReached)
 }
 
 func TestPeak_Nil(t *testing.T) {
-	peaked, err := Peak(nil, 15)
+	peaked, err := Peek(nil, 15)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -50,6 +50,6 @@ func TestPeak_Nil(t *testing.T) {
 		t.Fatal(err)
 	}
 	require.Equal(t, []byte(""), all)
-	require.Equal(t, []byte(""), peaked.PeakedBytes)
+	require.Equal(t, []byte(""), peaked.PeekedBytes)
 	require.Equal(t, false, peaked.LimitReached)
 }

util/util.go

@@ -77,6 +77,16 @@ func SplitNoEmpty(s string, sep string) []string {
 	return res
 }
 
+// SplitKV splits a string into a key/value pair using a separator, and trimming space. If the separator
+// is not found, key is empty.
+func SplitKV(s string, sep string) (key string, value string) {
+	kv := strings.SplitN(strings.TrimSpace(s), sep, 2)
+	if len(kv) == 2 {
+		return strings.TrimSpace(kv[0]), strings.TrimSpace(kv[1])
+	}
+	return "", strings.TrimSpace(kv[0])
+}
+
 // RandomString returns a random string with a given length
 func RandomString(length int) string {
 	randomMutex.Lock() // Who would have thought that random.Intn() is not thread-safe?!
@@ -173,11 +183,6 @@ func PriorityString(priority int) (string, error) {
 	}
 }
 
-// ExpandHome replaces "~" with the user's home directory
-func ExpandHome(path string) string {
-	return os.ExpandEnv(strings.ReplaceAll(path, "~", "$HOME"))
-}
-
 // ShortTopicURL shortens the topic URL to be human-friendly, removing the http:// or https://
 func ShortTopicURL(s string) string {
 	return strings.TrimPrefix(strings.TrimPrefix(s, "https://"), "http://")

util/util_test.go

@@ -3,7 +3,6 @@ package util
 import (
 	"github.com/stretchr/testify/require"
 	"io/ioutil"
-	"os"
 	"path/filepath"
 	"testing"
 	"time"
@@ -75,14 +74,6 @@ func TestSplitNoEmpty(t *testing.T) {
 	require.Equal(t, []string{"tag1", "tag2"}, SplitNoEmpty("tag1,tag2,", ","))
 }
 
-func TestExpandHome_WithTilde(t *testing.T) {
-	require.Equal(t, os.Getenv("HOME")+"/this/is/a/path", ExpandHome("~/this/is/a/path"))
-}
-
-func TestExpandHome_NoTilde(t *testing.T) {
-	require.Equal(t, "/this/is/an/absolute/path", ExpandHome("/this/is/an/absolute/path"))
-}
-
 func TestParsePriority(t *testing.T) {
 	priorities := []string{"", "1", "2", "3", "4", "5", "min", "LOW", "   default ", "HIgh", "max", "urgent"}
 	expected := []int{0, 1, 2, 3, 4, 5, 1, 2, 3, 4, 5, 5}
@@ -152,3 +143,17 @@ func TestParseSize_FailureInvalid(t *testing.T) {
 		t.Fatalf("expected error, but got none")
 	}
 }
+
+func TestSplitKV(t *testing.T) {
+	key, value := SplitKV(" key = value ", "=")
+	require.Equal(t, "key", key)
+	require.Equal(t, "value", value)
+
+	key, value = SplitKV(" value ", "=")
+	require.Equal(t, "", key)
+	require.Equal(t, "value", value)
+
+	key, value = SplitKV("mykey=value=with=separator ", "=")
+	require.Equal(t, "mykey", key)
+	require.Equal(t, "value=with=separator", value)
+}

web/package.json

@@ -0,0 +1,43 @@
+{
+  "name": "ntfy",
+  "version": "1.0.0",
+  "private": true,
+  "scripts": {
+    "start": "react-scripts start",
+    "build": "react-scripts build",
+    "test": "react-scripts test",
+    "eject": "react-scripts eject"
+  },
+  "dependencies": {
+    "@emotion/react": "^11.8.2",
+    "@emotion/styled": "^11.8.1",
+    "@mui/icons-material": "^5.4.2",
+    "@mui/material": "latest",
+    "dexie": "^3.2.1",
+    "dexie-react-hooks": "^1.1.1",
+    "i18next": "^21.6.14",
+    "i18next-browser-languagedetector": "^6.1.4",
+    "i18next-http-backend": "^1.4.0",
+    "js-base64": "^3.7.2",
+    "react": "latest",
+    "react-dom": "latest",
+    "react-i18next": "^11.16.2",
+    "react-infinite-scroll-component": "^6.1.0",
+    "react-router-dom": "^6.2.2",
+    "react-scripts": "^5.0.0",
+    "stacktrace-gps": "^3.0.4",
+    "stacktrace-js": "^2.0.2"
+  },
+  "browserslist": {
+    "production": [
+      ">0.2%",
+      "not dead",
+      "not op_mini all"
+    ],
+    "development": [
+      "last 1 chrome version",
+      "last 1 firefox version",
+      "last 1 safari version"
+    ]
+  }
+}

web/public/config.js

@@ -0,0 +1,9 @@
+// Configuration injected by the ntfy server.
+//
+// This file is just an example. It is removed during the build process.
+// The actual config is dynamically generated server-side.
+
+var config = {
+    appRoot: "/",
+    disallowedTopics: ["docs", "static", "file", "app", "settings"]
+};

web/public/home.html

@@ -1,11 +1,10 @@
-{{- /*gotype: heckel.io/ntfy/server.indexPage*/ -}}
 <!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="UTF-8">
 
     <title>ntfy.sh | Send push notifications to your phone via PUT/POST</title>
-    <link rel="stylesheet" href="static/css/app.css" type="text/css">
+    <link rel="stylesheet" href="static/css/home.css" type="text/css">
 
     <!-- Mobile view -->
     <meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no">
@@ -24,14 +23,13 @@
     <meta property="og:type" content="website" />
     <meta property="og:locale" content="en_US" />
     <meta property="og:site_name" content="ntfy.sh" />
-    <meta property="og:title" content="ntfy.sh | Send push notifications to your phone or desktop via PUT/POST" />
+    <meta property="og:title" content="ntfy.sh | Push notifications to your phone or desktop via PUT/POST" />
     <meta property="og:description" content="ntfy is a simple HTTP-based pub-sub notification service. It allows you to send desktop notifications via scripts from any computer, entirely without signup or cost. Made with ❤ by Philipp C. Heckel, Apache License 2.0, source at https://heckel.io/ntfy." />
     <meta property="og:image" content="/static/img/ntfy.png" />
     <meta property="og:url" content="https://ntfy.sh" />
-{{if .Topic}}
-    <!-- Never index topic page -->
-    <meta name="robots" content="noindex, nofollow" />
-{{end}}
+
+    <!-- Fonts -->
+    <link rel="stylesheet" href="static/css/fonts.css" type="text/css">
 </head>
 <body>
 
@@ -40,15 +38,15 @@
         <img id="logo" src="static/img/ntfy.png" alt="logo"/>
         <div id="name">ntfy</div>
         <ol>
-            <li><a href="docs/">Getting started</a></li>
+            <li><a href="app">Web app</a></li>
             <li><a href="docs/subscribe/phone/">Android/iOS</a></li>
+            <li><a href="docs/">Docs</a></li>
             <li><a href="docs/publish/">API</a></li>
-            <li><a href="docs/install/">Self-hosting</a></li>
             <li><a href="https://github.com/binwiederhier/ntfy">GitHub</a></li>
         </ol>
     </div>
 </nav>
-<div id="main"{{if .Topic}} style="display: none"{{end}}>
+<div id="main">
     <h1>Send push notifications to your phone or desktop via PUT/POST</h1>
     <p>
         <b>ntfy</b> (pronounce: <i>notify</i>) is a simple HTTP-based <a href="https://en.wikipedia.org/wiki/Publish%E2%80%93subscribe_pattern">pub-sub</a> notification service.
@@ -94,7 +92,7 @@
         Here's what that looks like in the <a href="docs/subscribe/phone/">Android app</a>:
     </p>
     <figure>
-        <img src="static/img/priority-notification.png" style="max-height: 200px"/>
+        <img src="static/img/screenshot-phone-popover.png" style="max-height: 200px"/>
         <figcaption>Urgent notification with pop-over</figcaption>
     </figure>
 
@@ -122,31 +120,23 @@
         <figcaption>Sending push notifications to your Android phone</figcaption>
     </figure>
 
-    <div id="subscribeBox">
-        <h3 id="subscribe-web" class="anchor">Subscribe in this Web UI</h3>
-        <p id="error"></p>
-        <p>
-            Subscribe to topics here and receive messages as <b>desktop notification</b>. Topics are not password-protected,
-            so choose a name that's not easy to guess.
-        </p>
-        <form id="subscribeForm">
-            <p>
-                <b>Topic:</b><br/>
-                <input type="text" id="topicField" autocomplete="off" placeholder="Topic name, e.g. phil_alerts" maxlength="64" pattern="[-_A-Za-z0-9]{1,64}" />
-                <button id="subscribeButton">Subscribe</button>
-            </p>
-            <p id="topicsHeader"><b>Subscribed topics:</b></p>
-            <ul id="topicsList"></ul>
-        </form>
-        <audio id="notifySound" src="static/sound/mixkit-message-pop-alert-2354.mp3"></audio>
-    </div>
+    <h3 id="subscribe-web" class="anchor">Subscribe via web app</h3>
+    <p>
+        Subscribe to topics in the <a href="app">web app</a> and receive messages as <b>desktop notification</b>.
+        It is available at <b><a href="app"><span class="ntfyUrl">ntfy.sh</span>/app</a></b>.
+    </p>
+    <figure>
+        <a href="app"><img src="static/img/screenshot-web-detail.png" width="100%"/></a>
+        <figcaption>ntfy web app, available at <a href="app"><span class="ntfyUrl">ntfy.sh</span>/app</a></figcaption>
+    </figure>
 
     <h3 id="subscribe-api" class="anchor">Subscribe using the API</h3>
     <p>
         There's a super simple API that you can use to integrate your own app. You can consume
         a <a href="docs/subscribe/api/#subscribe-as-json-stream">JSON stream</a>,
-        an <a href="docs/subscribe/api/#subscribe-as-sse-stream">SSE/EventSource stream</a> (useful for web apps),
-        as well as a <a href="docs/subscribe/api/#subscribe-as-raw-stream">plain text stream</a>.
+        an <a href="docs/subscribe/api/#subscribe-as-sse-stream">SSE/EventSource stream</a>,
+        a <a href="docs/subscribe/api/#subscribe-as-raw-stream">plain text stream</a>,
+        or <a href="docs/subscribe/api/#websockets">via WebSockets</a>.
     </p>
     <p class="smallMarginBottom">
         Here's an example for JSON. The <b>connection stays open</b>, so you can retrieve messages as they come in:
@@ -186,33 +176,7 @@
 
     <center id="ironicCenterTagDontFreakOut"><i>Made with ❤️ by <a href="https://heckel.io">Philipp C. Heckel</a></i></center>
 </div>
-<div id="detail"{{if not .Topic}} style="display: none"{{end}}>
-    <div id="detailMain">
-        <button id="detailCloseButton"><img src="static/img/close.svg"/></button>
-        <h1><span id="detailTitle"></span></h1>
-        <p class="smallMarginBottom">
-            <b>ntfy</b> is a simple HTTP-based pub-sub notification service. This is a ntfy topic.
-            To send notifications to it, simply PUT or POST to the topic URL. Here's an example using <tt>curl</tt>:
-        </p>
-        <code>
-            curl -d "Backup failed" <span id="detailTopicUrl">ntfy.sh/topic</span>
-        </code>
-        <p id="detailNotificationsDisallowed">
-            If you'd like to receive desktop notifications when new messages arrive on this topic, you have to
-            <a href="#" onclick="return requestPermission()">grant the browser permission</a> to show notifications.
-            Click the link to do so.
-        </p>
-        <p class="smallMarginBottom">
-            <b>Recent notifications</b> ({{if .CacheDuration}}cached for {{.CacheDuration | durationToHuman}}{{else}}caching is disabled{{end}}):
-        </p>
-        <p id="detailNoNotifications">
-            <i>You haven't received any notifications for this topic yet.</i>
-        </p>
-        <div id="detailEventsList"></div>
-    </div>
-</div>
 <div id="lightbox" class="lightbox"></div>
-<script src="static/js/emoji.js"></script>
-<script src="static/js/app.js"></script>
+<script src="static/js/home.js"></script>
 </body>
 </html>

web/public/index.html

@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <title>ntfy web</title>
+
+  <!-- Mobile view -->
+  <meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+  <meta name="HandheldFriendly" content="true">
+
+  <!-- Mobile browsers, background color -->
+  <meta name="theme-color" content="#317f6f">
+  <meta name="msapplication-navbutton-color" content="#317f6f">
+  <meta name="apple-mobile-web-app-status-bar-style" content="#317f6f">
+
+  <!-- Favicon, see favicon.io -->
+  <link rel="icon" type="image/png" href="%PUBLIC_URL%/static/img/favicon.png">
+
+  <!-- Previews in Google, Slack, WhatsApp, etc. -->
+  <meta property="og:type" content="website" />
+  <meta property="og:locale" content="en_US" />
+  <meta property="og:site_name" content="ntfy web" />
+  <meta property="og:title" content="ntfy web" />
+  <meta property="og:description" content="ntfy lets you send push notifications via scripts from any computer or phone, entirely without signup or cost. Made with ❤ by Philipp C. Heckel, Apache License 2.0, source at https://heckel.io/ntfy." />
+  <meta property="og:image" content="%PUBLIC_URL%/static/img/ntfy.png" />
+  <meta property="og:url" content="https://ntfy.sh" />
+
+  <!-- Never index -->
+  <meta name="robots" content="noindex, nofollow" />
+
+  <!-- Fonts -->
+  <link rel="stylesheet" href="%PUBLIC_URL%/static/css/fonts.css" type="text/css">
+</head>
+<body>
+  <noscript>
+    ntfy web requires JavaScript, but you can also use the <a href="https://ntfy.sh/docs/subscribe/cli/">CLI</a>
+    or <a href="https://ntfy.sh/docs/subscribe/phone/">Android/iOS app</a> to subscribe.
+  </noscript>
+  <div id="root"></div>
+  <script src="%PUBLIC_URL%/config.js"></script>
+</body>
+</html>

web/public/static/css/fonts.css

@@ -0,0 +1,41 @@
+/* Roboto font, embedded with the help of https://google-webfonts-helper.herokuapp.com/fonts/roboto?subsets=latin */
+
+/* roboto-300 - latin */
+@font-face {
+    font-family: 'Roboto';
+    font-style: normal;
+    font-weight: 300;
+    src: local(''),
+    url('../fonts/roboto-v29-latin-300.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
+    url('../fonts/roboto-v29-latin-300.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
+}
+
+/* roboto-regular - latin */
+@font-face {
+    font-family: 'Roboto';
+    font-style: normal;
+    font-weight: 400;
+    src: local(''),
+    url('../fonts/roboto-v29-latin-regular.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
+    url('../fonts/roboto-v29-latin-regular.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
+}
+
+/* roboto-500 - latin */
+@font-face {
+    font-family: 'Roboto';
+    font-style: normal;
+    font-weight: 500;
+    src: local(''),
+    url('../fonts/roboto-v29-latin-500.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
+    url('../fonts/roboto-v29-latin-500.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
+}
+
+/* roboto-700 - latin */
+@font-face {
+    font-family: 'Roboto';
+    font-style: normal;
+    font-weight: 700;
+    src: local(''),
+    url('../fonts/roboto-v29-latin-700.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
+    url('../fonts/roboto-v29-latin-700.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
+}

web/public/static/css/home.css

@@ -0,0 +1,280 @@
+/* general styling */
+
+html, body {
+    font-family: 'Roboto', sans-serif;
+    font-weight: 400;
+    font-size: 1.1em;
+    color: #444;
+    margin: 0;
+    padding: 0;
+}
+
+html {
+    /* prevent scrollbar from repositioning website:
+     * https://www.w3docs.com/snippets/css/how-to-prevent-scrollbar-from-repositioning-web-page.html */
+    overflow-y: scroll;
+}
+
+a, a:visited {
+    color: #338574;
+}
+
+a:hover {
+    text-decoration: none;
+    color: #317f6f;
+}
+
+h1 {
+    margin-top: 35px;
+    margin-bottom: 30px;
+    font-size: 2.5em;
+    word-wrap: break-word; /* For very long topics */
+    padding-right: 40px; /* For the X on the detail page */
+    font-weight: 300;
+    color: #666;
+}
+
+h2 {
+    margin-top: 30px;
+    margin-bottom: 5px;
+    font-size: 1.8em;
+    font-weight: 300;
+    color: #333;
+}
+
+h3 {
+    margin-top: 25px;
+    margin-bottom: 5px;
+    font-size: 1.3em;
+    font-weight: 300;
+    color: #333;
+}
+
+p {
+    margin-top: 10px;
+    margin-bottom: 20px;
+    line-height: 160%;
+    font-weight: 400;
+}
+
+p.smallMarginBottom {
+    margin-bottom: 10px;
+}
+
+b {
+    font-weight: 500;
+}
+
+tt {
+    background: #eee;
+    padding: 2px 7px;
+    border-radius: 3px;
+}
+
+code {
+    display: block;
+    background: #eee;
+    font-family: monospace;
+    padding: 20px;
+    border-radius: 3px;
+    margin-top: 10px;
+    margin-bottom: 20px;
+    overflow-x: auto;
+    white-space: nowrap;
+}
+
+/* Main page */
+
+#main {
+    max-width: 900px;
+    margin: 0 auto 50px auto;
+    padding: 0 10px;
+}
+
+#error {
+    color: darkred;
+    font-style: italic;
+}
+
+#ironicCenterTagDontFreakOut {
+    color: #666;
+}
+
+/* Anchors */
+
+.anchor .anchorLink {
+    color: #ccc;
+    text-decoration: none;
+    padding: 0 5px;
+    visibility: hidden;
+}
+
+.anchor:hover .anchorLink {
+    visibility: visible;
+}
+
+.anchor .anchorLink:hover {
+    color: #338574;
+    visibility: visible;
+}
+
+/* Figures */
+
+figure {
+    text-align: center;
+}
+
+figure img, figure video {
+    filter: drop-shadow(3px 3px 3px #ccc);
+    border-radius: 7px;
+    max-width: 100%;
+}
+
+figure video {
+    width: 100%;
+    max-height: 450px;
+}
+
+figcaption {
+    text-align: center;
+    font-style: italic;
+    padding-top: 10px;
+}
+
+/* Screenshots */
+
+#screenshots {
+    text-align: center;
+}
+
+#screenshots img {
+    height: 190px;
+    margin: 3px;
+    border-radius: 5px;
+    filter: drop-shadow(2px 2px 2px #ddd);
+}
+
+#screenshots .nowrap {
+    white-space: nowrap;
+}
+
+/* Lightbox; thanks to https://yossiabramov.com/blog/vanilla-js-lightbox */
+
+.lightbox {
+    opacity: 0;
+    visibility: hidden;
+    position: fixed;
+    left:0;
+    right: 0;
+    top: 0;
+    bottom: 0;
+    z-index: -1;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    transition: all 0.15s ease-in;
+}
+
+.lightbox.show {
+    background-color: rgba(0,0,0, 0.75);
+    opacity: 1;
+    visibility: visible;
+    z-index: 1000;
+}
+
+.lightbox img {
+    max-width: 90%;
+    max-height: 90%;
+    filter: drop-shadow(5px 5px 10px #222);
+    border-radius: 5px;
+}
+
+.lightbox .close-lightbox {
+    cursor: pointer;
+    position: absolute;
+    top: 30px;
+    right: 30px;
+    width: 20px;
+    height: 20px;
+}
+
+.lightbox .close-lightbox::after,
+.lightbox .close-lightbox::before {
+    content: '';
+    width: 3px;
+    height: 20px;
+    background-color: #ddd;
+    position: absolute;
+    border-radius: 5px;
+    transform: rotate(45deg);
+}
+
+.lightbox .close-lightbox::before {
+    transform: rotate(-45deg);
+}
+
+.lightbox .close-lightbox:hover::after,
+.lightbox .close-lightbox:hover::before {
+    background-color: #fff;
+}
+
+/* Header */
+
+#header {
+    background: #338574;
+    height: 130px;
+}
+
+#header #headerBox {
+    max-width: 900px;
+    margin: 0 auto;
+    padding: 0 10px;
+}
+
+#header #logo {
+    margin-top: 23px;
+    float: left;
+}
+
+#header #name {
+    float: left;
+    color: white;
+    font-size: 2.6em;
+    font-weight: 300;
+    margin: 35px 0 0 20px;
+}
+
+#header ol {
+    list-style-type: none;
+    float: right;
+    margin-top: 80px;
+}
+
+#header ol li {
+    display: inline-block;
+    margin: 0 10px;
+    font-weight: 400;
+}
+
+#header ol li a, nav ol li a:visited {
+    color: white;
+    text-decoration: none;
+}
+
+#header ol li a:hover {
+    text-decoration: underline;
+}
+
+li {
+    padding: 4px 0;
+    margin: 4px 0;
+    font-size: 0.9em;
+}
+
+
+/* Hide top menu SMALL SCREEN */
+@media only screen and (max-width: 780px) {
+    #header ol {
+        display: none;
+    }
+}