Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ntfy credentials support? #18005

Closed
shaohme opened this issue Dec 6, 2024 · 2 comments
Closed

ntfy credentials support? #18005

shaohme opened this issue Dec 6, 2024 · 2 comments

Comments

@shaohme
Copy link

shaohme commented Dec 6, 2024

The ntfy (https://ntfy.sh/) server implements authentication and ACLs to secure its push messages.
Matrix Synapse homeserver currently supports it well, but without authentication.

The ntfy configuration (https://docs.ntfy.sh/config/?h=access#access-control-list-acl) manual states that administrator could allow anonymous (everyone/) to have write access to "up*" topics while having auth-default-access: "deny-all" to mitigate this problem.

A user expressed this issue at binwiederhier/ntfy#1034

Have synapse developers considered this issue, like allowing configured credentials for ntfy server, or should this problem be addressed otherwise, like the Element X client announcing to synapse which credentials synapse should use to notify with?

Maybe this is a non-issue for most people. I just got curious ...
@reivilibre
Copy link
Contributor

Synapse doesn't actually have any built-in support for ntfy, it's more the other way around: Synapse sends out push notifications using the Push Gateway API which ntfy supports (https://github.com/binwiederhier/ntfy/blob/630f2957deb670dcacfe0a338091d7561f176b9c/server/server_matrix.go#L108).

Supporting ntfy auth is therefore a little bit tricky.

The ntfy manual's approach seems most sensible to me — reserve a namespace (the up* topics) for UnifiedPush usage and then allow anyone to send to those. Since the topic name should be long and random (secret), this is as good as authenticated.

If it's really considered necessary that any additional authentication is needed I suspect the right place to add it would be the Ntfy client and the Ntfy server, sending it through the pushkey or the data (PusherData) payload. (I do appreciate this is awkward for Ntfy since it's trying to be a generic mechanism, but it already needs special Matrix support and pragmatically this seems the most viable way to do this.)
That said: Do you really want to give your own ntfy credentials to your homeserver (Synapse), which might be operated by someone else (that you don't trust with your ntfy credentials)?
Having a single-purpose random token (the up* topic) actually seems better for security anyway.

@shaohme
Copy link
Author

shaohme commented Jan 7, 2025

Thanks. That covers it for me :-)

@shaohme shaohme closed this as completed Jan 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@shaohme @reivilibre