starred/ntfy
1
0
Fork 0
mirror of https://github.com/binwiederhier/ntfy.git synced 2026-05-09 08:26:00 +02:00
Code Issues 368 Projects Packages Wiki Activity

[GH-ISSUE #1070] Ntfy server is impossible to set up on NixOS 23.11 #748

New issue
Closed
opened 2026-05-07 00:27:08 +02:00 by BreizhHardware · 1 comment
BreizhHardware commented 2026-05-07 00:27:08 +02:00
Owner
Copy link

Originally created by @deivpaukst on GitHub (Mar 26, 2024).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1070

🐞 Describe the bug
When installing ntfy-sh by enabling it as a module, the state directory is created in /var/lib/private/ntfy-sh and linked to /var/lib/ntfy-sh. This is a problem as the private folder is owned by root which makes the symlink inaccessible. Changing the permissions of the private folder seems to create other problems as ntfy-sh requests the folder be owned by root with permissions 0700 and that makes this problem a Catch-22 as by default ntfy-sh can't access the files in it's state folder and if permissions are changed, ntfy-sh does not want to access it's folder.

💻 Components impacted
ntfy server v2.8.0

💡 Screenshots and/or logs
Default:

× ntfy-sh.service - Push notifications server
     Loaded: loaded (/etc/systemd/system/ntfy-sh.service; enabled; preset: enabled)
     Active: failed (Result: exit-code) since Tue 2024-03-26 21:07:07 EET; 1s ago
   Duration: 71ms
    Process: 11056 ExecStart=/nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy serve -c /nix/store/ma711yry2gs6s8vsnrah1cy9fx0iipdv-server.yml (code=exited, status=1/FAILURE)
   Main PID: 11056 (code=exited, status=1/FAILURE)
         IP: 0B in, 0B out
        CPU: 69ms

Mar 26 21:07:07 server systemd[1]: Started Push notifications server.
Mar 26 21:07:07 server ntfy[11056]: 2024/03/26 21:07:07 FATAL attempt to write a readonly database (exit_code=1)
Mar 26 21:07:07 server ntfy[11056]: attempt to write a readonly database
Mar 26 21:07:07 server systemd[1]: ntfy-sh.service: Main process exited, code=exited, status=1/FAILURE
Mar 26 21:07:07 server systemd[1]: ntfy-sh.service: Failed with result 'exit-code'.

Too permissive:

× ntfy-sh.service - Push notifications server
     Loaded: loaded (/etc/systemd/system/ntfy-sh.service; enabled; preset: enabled)
     Active: failed (Result: exit-code) since Tue 2024-03-26 21:03:03 EET; 1s ago
   Duration: 2ms
    Process: 8743 ExecStart=/nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy serve -c /nix/store/ma711yry2gs6s8vsnrah1cy9fx0iipdv-server.yml (code=exited, status=238/STATE_DIRECTORY)
   Main PID: 8743 (code=exited, status=238/STATE_DIRECTORY)
         IP: 0B in, 0B out
        CPU: 882us

Mar 26 21:03:03 server systemd[1]: Started Push notifications server.
Mar 26 21:03:03 server (ntfy)[8743]: Directory "/var/lib/private" already exists, but has mode 0750 that is too permissive (0700 was requested), refusing.
Mar 26 21:03:03 server (ntfy)[8743]: ntfy-sh.service: Failed to set up special execution directory in /var/lib: File exists
Mar 26 21:03:03 server (ntfy)[8743]: ntfy-sh.service: Failed at step STATE_DIRECTORY spawning /nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy: File exists
Mar 26 21:03:03 server systemd[1]: ntfy-sh.service: Main process exited, code=exited, status=238/STATE_DIRECTORY
Mar 26 21:03:03 server systemd[1]: ntfy-sh.service: Failed with result 'exit-code'.

Wrong User:

× ntfy-sh.service - Push notifications server
     Loaded: loaded (/etc/systemd/system/ntfy-sh.service; enabled; preset: enabled)
     Active: failed (Result: exit-code) since Tue 2024-03-26 21:04:50 EET; 1s ago
   Duration: 3ms
    Process: 9917 ExecStart=/nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy serve -c /nix/store/ma711yry2gs6s8vsnrah1cy9fx0iipdv-server.yml (code=exited, status=238/STATE_DIRECTORY)
   Main PID: 9917 (code=exited, status=238/STATE_DIRECTORY)
         IP: 0B in, 0B out
        CPU: 922us

Mar 26 21:04:50 server systemd[1]: Started Push notifications server.
Mar 26 21:04:50 server (ntfy)[9917]: Directory "/var/lib/private" already exists, but is owned by 989:986 (0:0 was requested), refusing.
Mar 26 21:04:50 server (ntfy)[9917]: ntfy-sh.service: Failed to set up special execution directory in /var/lib: File exists
Mar 26 21:04:50 server (ntfy)[9917]: ntfy-sh.service: Failed at step STATE_DIRECTORY spawning /nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy: File exists
Mar 26 21:04:50 server systemd[1]: ntfy-sh.service: Main process exited, code=exited, status=238/STATE_DIRECTORY
Mar 26 21:04:50 server systemd[1]: ntfy-sh.service: Failed with result 'exit-code'.
Originally created by @deivpaukst on GitHub (Mar 26, 2024). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1070 :lady_beetle: **Describe the bug** When installing ntfy-sh by enabling it as a module, the state directory is created in `/var/lib/private/ntfy-sh` and linked to `/var/lib/ntfy-sh`. This is a problem as the private folder is owned by root which makes the symlink inaccessible. Changing the permissions of the private folder seems to create other problems as ntfy-sh requests the folder be owned by root with permissions 0700 and that makes this problem a Catch-22 as by default ntfy-sh can't access the files in it's state folder and if permissions are changed, ntfy-sh does not want to access it's folder. :computer: **Components impacted** ntfy server v2.8.0 :bulb: **Screenshots and/or logs** Default: ``` × ntfy-sh.service - Push notifications server Loaded: loaded (/etc/systemd/system/ntfy-sh.service; enabled; preset: enabled) Active: failed (Result: exit-code) since Tue 2024-03-26 21:07:07 EET; 1s ago Duration: 71ms Process: 11056 ExecStart=/nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy serve -c /nix/store/ma711yry2gs6s8vsnrah1cy9fx0iipdv-server.yml (code=exited, status=1/FAILURE) Main PID: 11056 (code=exited, status=1/FAILURE) IP: 0B in, 0B out CPU: 69ms Mar 26 21:07:07 server systemd[1]: Started Push notifications server. Mar 26 21:07:07 server ntfy[11056]: 2024/03/26 21:07:07 FATAL attempt to write a readonly database (exit_code=1) Mar 26 21:07:07 server ntfy[11056]: attempt to write a readonly database Mar 26 21:07:07 server systemd[1]: ntfy-sh.service: Main process exited, code=exited, status=1/FAILURE Mar 26 21:07:07 server systemd[1]: ntfy-sh.service: Failed with result 'exit-code'. ``` Too permissive: ``` × ntfy-sh.service - Push notifications server Loaded: loaded (/etc/systemd/system/ntfy-sh.service; enabled; preset: enabled) Active: failed (Result: exit-code) since Tue 2024-03-26 21:03:03 EET; 1s ago Duration: 2ms Process: 8743 ExecStart=/nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy serve -c /nix/store/ma711yry2gs6s8vsnrah1cy9fx0iipdv-server.yml (code=exited, status=238/STATE_DIRECTORY) Main PID: 8743 (code=exited, status=238/STATE_DIRECTORY) IP: 0B in, 0B out CPU: 882us Mar 26 21:03:03 server systemd[1]: Started Push notifications server. Mar 26 21:03:03 server (ntfy)[8743]: Directory "/var/lib/private" already exists, but has mode 0750 that is too permissive (0700 was requested), refusing. Mar 26 21:03:03 server (ntfy)[8743]: ntfy-sh.service: Failed to set up special execution directory in /var/lib: File exists Mar 26 21:03:03 server (ntfy)[8743]: ntfy-sh.service: Failed at step STATE_DIRECTORY spawning /nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy: File exists Mar 26 21:03:03 server systemd[1]: ntfy-sh.service: Main process exited, code=exited, status=238/STATE_DIRECTORY Mar 26 21:03:03 server systemd[1]: ntfy-sh.service: Failed with result 'exit-code'. ``` Wrong User: ``` × ntfy-sh.service - Push notifications server Loaded: loaded (/etc/systemd/system/ntfy-sh.service; enabled; preset: enabled) Active: failed (Result: exit-code) since Tue 2024-03-26 21:04:50 EET; 1s ago Duration: 3ms Process: 9917 ExecStart=/nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy serve -c /nix/store/ma711yry2gs6s8vsnrah1cy9fx0iipdv-server.yml (code=exited, status=238/STATE_DIRECTORY) Main PID: 9917 (code=exited, status=238/STATE_DIRECTORY) IP: 0B in, 0B out CPU: 922us Mar 26 21:04:50 server systemd[1]: Started Push notifications server. Mar 26 21:04:50 server (ntfy)[9917]: Directory "/var/lib/private" already exists, but is owned by 989:986 (0:0 was requested), refusing. Mar 26 21:04:50 server (ntfy)[9917]: ntfy-sh.service: Failed to set up special execution directory in /var/lib: File exists Mar 26 21:04:50 server (ntfy)[9917]: ntfy-sh.service: Failed at step STATE_DIRECTORY spawning /nix/store/wgb20j6kkxz0j6d5ihmn9g29giqx6wmp-ntfy-sh-2.8.0/bin/ntfy: File exists Mar 26 21:04:50 server systemd[1]: ntfy-sh.service: Main process exited, code=exited, status=238/STATE_DIRECTORY Mar 26 21:04:50 server systemd[1]: ntfy-sh.service: Failed with result 'exit-code'. ```
BreizhHardware 2026-05-07 00:27:08 +02:00
  • closed this issue
  • added the
    🪲 bug
         label
BreizhHardware commented 2026-05-07 00:27:09 +02:00
Author
Owner
Copy link

@binwiederhier commented on GitHub (Mar 26, 2024):

The Nix package is linked in the install instructions, but not officially maintained by us. See https://github.com/binwiederhier/ntfy/pull/462 - You may want to reach out to @wamserma

<!-- gh-comment-id:2021483609 --> @binwiederhier commented on GitHub (Mar 26, 2024): The Nix package is linked in the install instructions, but not officially maintained by us. See https://github.com/binwiederhier/ntfy/pull/462 - You may want to reach out to @wamserma
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dependabot/npm_and_yarn/web/fast-uri-3.1.2
email-verification
attachment-no-http2
attachment-fixes
attachment-s3
config-generator
postgres-replica
dockers-v2
postgres-support
postgres-webpush+user+message
postgres-webpush+user
postgres-webpush
1364-copy-action
crashfix
user-header
scalar-api-docs
cancel-scheduled
update-available
windows-server
303-update-notifications
postgres
admin-ui
require-login
http-clipboard
message-cache-lock
debian-stripe
predefined-users
busy-timeout
template-dir
ipv6
client-ip-header
apns-fix
feat_optional_require_login
security-updates
pg-message-cache
templating-disallow
templating-3
templating-2
message-size-limit+delay-limit
remove-rate-topics
html-emails
cf-priority
acl-underscores
auth-user-header
markdown
img-attach
web-improvements
utf8-headers
matrix-507-reject
http-response-writer
new-homepage-design
e2e
canary
windows
electron
update-messages
webhook-templating
v2.22.0
v2.21.0
v2.20.1
v2.20.0
v2.19.2
v2.19.1
v2.19.0
v2.18.0
v2.17.0
v2.16.0
v2.15.0
v2.14.0
v2.13.0
v2.12.0
v2.11.0
v2.10.0
v2.9.0
v2.8.0
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.1
v2.0.0
v1.31.0
v1.30.1
v1.29.1
v1.29.0
v1.28.0
v1.27.2
v1.27.1
v1.26.0
v1.25.2
v1.25.1
v1.25.0
v1.24.0
v1.23.0
v1.22.0
v1.21.2
v1.21.1
v1.21.0
v1.20.0
v1.19.0
v1.18.1
v1.18.0
v1.17.1
v1.17.0
v1.16.0
v1.15.0
v1.14.1
v1.14.0
v1.13.0
v1.12.1
v1.12.0
v1.11.1
v1.11.2
v1.11.0
v1.10.0
v1.9.0
v1.8.0
v1.7.0
v1.6.1
v1.6.0
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.2
v1.3.3
v1.3.1
v1.3.0
v1.2.5
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.0
v0.0.5
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
ai-generated

   
android-app

   
android-app

   
android-app

   
🪲 bug

   
build

   
build

   
dependencies

   
docs

   
enhancement

   
enhancement

   
🔥 HOT

   
in-progress 🏃

   
ios

   
prio:low

   
prio:low

   
pull-request
Mirrored from GitHub Pull Request

  
question

   
🔒 security

   
server

   
server

   
unified-push

   
web-app

   
website
No labels
ai-generated
android-app
android-app
android-app
🪲 bug
build
build
dependencies
docs
enhancement
enhancement
🔥 HOT
in-progress 🏃
ios
prio:low
prio:low
pull-request
question
🔒 security
server
server
unified-push
web-app
website
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/ntfy#748
No description provided.