diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 72b9e360..1baa82c2 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -9,11 +9,11 @@ jobs: - name: Install Go uses: actions/setup-go@v4 with: - go-version: '1.24.x' + go-version: '1.25.x' - name: Install node uses: actions/setup-node@v3 with: - node-version: '20' + node-version: '24' cache: 'npm' cache-dependency-path: './web/package-lock.json' - name: Install dependencies diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 55a54d60..4ebb9d56 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -28,11 +28,11 @@ jobs: - name: Install Go uses: actions/setup-go@v4 with: - go-version: '1.24.x' + go-version: '1.25.x' - name: Install node uses: actions/setup-node@v3 with: - node-version: '20' + node-version: '24' cache: 'npm' cache-dependency-path: './web/package-lock.json' - name: Docker login diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 8d80b960..94f08fd9 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -25,11 +25,11 @@ jobs: - name: Install Go uses: actions/setup-go@v4 with: - go-version: '1.24.x' + go-version: '1.25.x' - name: Install node uses: actions/setup-node@v3 with: - node-version: '20' + node-version: '24' cache: 'npm' cache-dependency-path: './web/package-lock.json' - name: Install dependencies diff --git a/Dockerfile-build b/Dockerfile-build index 0fe16cf9..23503fd7 100644 --- a/Dockerfile-build +++ b/Dockerfile-build @@ -1,8 +1,8 @@ -FROM golang:1.24-bullseye as builder +FROM golang:1.25-bookworm AS builder ARG VERSION=dev ARG COMMIT=unknown -ARG NODE_MAJOR=18 +ARG NODE_MAJOR=24 RUN apt-get update && apt-get install -y \ build-essential ca-certificates curl gnupg \ @@ -21,14 +21,14 @@ ADD Makefile . # docs ADD ./requirements.txt . -RUN make docs-deps +RUN --mount=type=cache,target=/root/.cache/pip make docs-deps ADD ./mkdocs.yml . ADD ./docs ./docs RUN make docs-build # web ADD ./web/package.json ./web/package-lock.json ./web/ -RUN make web-deps +RUN --mount=type=cache,target=/root/.npm make web-deps ADD ./web ./web RUN make web-build @@ -41,7 +41,11 @@ ADD ./server ./server ADD ./user ./user ADD ./util ./util ADD ./payments ./payments -RUN make VERSION=$VERSION COMMIT=$COMMIT cli-linux-server +ADD ./db ./db +ADD ./message ./message +ADD ./model ./model +ADD ./webpush ./webpush +RUN --mount=type=cache,target=/go/pkg/mod --mount=type=cache,target=/root/.cache/go-build make VERSION=$VERSION COMMIT=$COMMIT cli-linux-server FROM alpine diff --git a/attachment/store.go b/attachment/store.go index 7d6b0620..3666bdd7 100644 --- a/attachment/store.go +++ b/attachment/store.go @@ -138,6 +138,9 @@ func (c *Store) Remove(ids ...string) error { // deletes orphans (not in the valid ID set and older than 1 hour), and recomputes // the total size from the remaining objects. func (c *Store) sync() error { + if c.localIDs == nil { + return nil + } localIDs, err := c.localIDs() if err != nil { return fmt.Errorf("attachment sync: failed to get valid IDs: %w", err) diff --git a/docs/faq.md b/docs/faq.md index 5153c700..1e8985b7 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -71,7 +71,8 @@ The web app is a static website without a backend (other than the ntfy API). All cache and local storage. That means it does not need to be protected with a login screen, and it poses no additional security risk. So technically, it does not need to be disabled. -However, if you still want to disable it, you can do so with the `web-root: disable` option in the `server.yml` file. +However, if you still want, you can require login with the `require-login: true` option, +or disable it with the `web-root: disable` option in the `server.yml` file. Think of the ntfy web app like an Android/iOS app. It is freely available and accessible to anyone, yet useless without a proper backend. So as long as you secure your backend with ACLs, exposing the ntfy web app to the Internet is harmless.