From 276aa4b114f4b4d724926f92c81458e845deb7b1 Mon Sep 17 00:00:00 2001
From: "Antonio J. Delgado" <ad@susurrando.com>
Date: Tue, 21 Mar 2023 00:05:44 +0200
Subject: [PATCH] add option to handleufw

---
 defaults/main.yml   | 8 +++++---
 tasks/configure.yml | 1 +
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index e9a9cb0..d18dbee 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,12 +1,13 @@
 ---
 create_cache_file: true
 auth_file: /var/lib/ntfy/auth.sqlite
-base_url: notify.koti.site
+fqdn: ntfy.example.com
 listen_port: 4880
 attachment_cache_dir: /var/lib/ntfy/attachments
 attachment_total_size_limit: "100G"
 attachment_file_size_limit: "15M"
 attachment_expiry_duration: "8h"
+handle_ufw: false
 
 # Full list in
 # https://ntfy.sh/docs/config/
@@ -19,8 +20,9 @@ access_rules:
     topic: '*' # or something like mytopic* or my_topic
     permission: read-write # or read-only, write-only, deny
 ntfy_configuration:
-  behind-proxy: false
-  listen-http: ":4880"
+  behind-proxy: true
+  base_url: "http://{{ fqdn }}"
+  listen-http: "127.0.0.1:4880"
   cache-file: /var/lib/ntfy.sqlite
   cache-duration: 24h
   auth-file: "{{ auth_file }}"
diff --git a/tasks/configure.yml b/tasks/configure.yml
index c15ced0..6507dda 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -49,6 +49,7 @@
   ufw:
     rule: allow
     port: "{{ listen_port }}"
+  when: handle_ufw
 
 # - name: Configure administrators
 #   shell: "ntfy user add --role=admin {{ item.name }}"