[GH-ISSUE #1000] systemctl script won't start server #700

New issue

Closed

opened 2026-05-07 00:26:41 +02:00 by BreizhHardware · 2 comments

BreizhHardware commented

2026-05-07 00:26:41 +02:00

Owner

Originally created by @bakerken on GitHub (Jan 11, 2024).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1000

🐞 Describe the bug
"systemctl start ntfy" fails, but "/usr/bin/ntfy serve --no-log-dates" works

The installed systemctl script fails to start the server. The error message from journalctl is:

Jan 11 18:06:04 ubuntu systemd[1]: Failed to start ntfy server.
Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Failed with result 'exit-code'.
Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Start request repeated too quickly.
Jan 11 18:06:04 ubuntu systemd[1]: Stopped ntfy server.
Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Scheduled restart job, restart counter is at 5.
Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Failed with result 'exit-code'.
Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Main process exited, code=exited, status=1/FAILURE
Jan 11 18:06:04 ubuntu ntfy[1102]: if set, key file must exist
Jan 11 18:06:04 ubuntu systemd[1]: Started ntfy server.
Jan 11 18:06:04 ubuntu systemd[1]: Stopped ntfy server.

starting the server with

/usr/bin/ntfy serve --no-log-dates

works. The web page is up, and I can send notifications to my phone client.

The cert is supplied by certbot, and exists. I've tried pointing the config file at the softlink (see below) or the hard files. Both fail.

💻 Components impacted
ntfy server
💡 Screenshots and/or logs
useful part of my server.yml

grep -v \# /etc/ntfy/server.yml | grep .
base-url: "http://ntfy.redacted.co.uk"
listen-http: ""
listen-https: ":443"
key-file: "/etc/letsencrypt/live/ntfy.redacted.co.uk/privkey.pem"
cert-file: "/etc/letsencrypt/live/ntfy.redacted.co.uk/fullchain.pem"
cache-file: "/var/cache/ntfy/cache.db"
cache-duration: "12h"
auth-file: /var/lib/ntfy/user.db
auth-default-access: "deny-all"
attachment-cache-dir: "/var/cache/ntfy/attachments"
attachment-total-size-limit: "1G"
attachment-file-size-limit: "15M"
attachment-expiry-duration: "3h"

🔮 Additional context

Originally created by @bakerken on GitHub (Jan 11, 2024). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1000 :lady_beetle: **Describe the bug** "systemctl start ntfy" fails, but "/usr/bin/ntfy serve --no-log-dates" works The installed systemctl script fails to start the server. The error message from journalctl is: <pre>Jan 11 18:06:04 ubuntu systemd[1]: Failed to start ntfy server. Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Failed with result 'exit-code'. Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Start request repeated too quickly. Jan 11 18:06:04 ubuntu systemd[1]: Stopped ntfy server. Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Scheduled restart job, restart counter is at 5. Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Failed with result 'exit-code'. Jan 11 18:06:04 ubuntu systemd[1]: ntfy.service: Main process exited, code=exited, status=1/FAILURE Jan 11 18:06:04 ubuntu ntfy[1102]: if set, key file must exist Jan 11 18:06:04 ubuntu systemd[1]: Started ntfy server. Jan 11 18:06:04 ubuntu systemd[1]: Stopped ntfy server.</pre> starting the server with <pre>/usr/bin/ntfy serve --no-log-dates</pre> works. The web page is up, and I can send notifications to my phone client. The cert is supplied by certbot, and exists. I've tried pointing the config file at the softlink (see below) or the hard files. Both fail. :computer: **Components impacted** ntfy server :bulb: **Screenshots and/or logs** useful part of my server.yml <pre> grep -v \# /etc/ntfy/server.yml | grep . base-url: "http://ntfy.redacted.co.uk" listen-http: "" listen-https: ":443" key-file: "/etc/letsencrypt/live/ntfy.redacted.co.uk/privkey.pem" cert-file: "/etc/letsencrypt/live/ntfy.redacted.co.uk/fullchain.pem" cache-file: "/var/cache/ntfy/cache.db" cache-duration: "12h" auth-file: /var/lib/ntfy/user.db auth-default-access: "deny-all" attachment-cache-dir: "/var/cache/ntfy/attachments" attachment-total-size-limit: "1G" attachment-file-size-limit: "15M" attachment-expiry-duration: "3h"</pre> :crystal_ball: **Additional context**

BreizhHardware

2026-05-07 00:26:41 +02:00

closed this issue
added the
🪲 bug
label

BreizhHardware commented

2026-05-07 00:26:42 +02:00

Author

Owner

@wunter8 commented on GitHub (Jan 11, 2024):

The systemd service (by default) runs ntfy as the ntfy user and ntfy group. I'm guessing the ntfy user doesn't have permissions to access the key/cert file. You can test with sudo -u ntfy ls /etc/letsencrypt/live/ntfy.redacted.co.uk/privkey.pem

@wunter8 commented on GitHub (Jan 11, 2024): The systemd service (by default) runs ntfy as the `ntfy` user and `ntfy` group. I'm guessing the ntfy user doesn't have permissions to access the key/cert file. You can test with `sudo -u ntfy ls /etc/letsencrypt/live/ntfy.redacted.co.uk/privkey.pem`

BreizhHardware commented

2026-05-07 00:26:42 +02:00

Author

Owner

@bakerken commented on GitHub (Jan 11, 2024):

<D'oh!> <slaps forehead> Of course, thanks wunter8. 😀

@bakerken commented on GitHub (Jan 11, 2024): \<D'oh!\> \<slaps forehead\> Of course, thanks wunter8. 😀

BreizhHardware referenced this issue

2026-05-07 01:02:03 +02:00

[PR #804] [MERGED] Web app: add RTL support #1429