Notify17 looks great, and I plan on giving it a go.
However, since their example is a curl with plaintext body, I question their assertion that "Whatever your content is, we will never know about it".
It sounds to me more like the content is encrypted at rest, which is important but I still have to trust that N17 isn't squirreling away a plaintext copy or accidentally leaking it via logs or something similar.
One similar self-hosted solution is https://gotify.net/ , which also has Android and web apps and a similarly simple way to push messages using curl/http.
I just wanted to point out that there is not a single part of the flow which is not encrypted at rest, and, apart from text-processing areas, in transit.
All user-content arguments sent to the hook endpoints (to generate notifications) are obscured for the whole flow of the notification generation. Which causes trouble when trying to debug issues, but oh well, I believe privacy is more important than anything else in this context.
I dream for this tool to be used by devops people (I'm mainly one of them!), so I value the privacy element in this project above all. It happens that I end up asking users "what the hell did you type there to break things to much" :D
Very cool. I did something similar with an ESP8266, and an iftt web hook configured to flash the hue lights in my house and SMS me. I think texting is no longer offered by iftt.
you can still email a phone number. there are common email extensions for various carriers like 5558675309@vtext.com for Verizon for example. you can get the carrier email extension by sending a text message to an email address. it will be in the reply line of your email client.
This is cool. I do the same thing with a webhook to a self-hosted Mattermost, and then use their mobile app to sign in to my own instance to get the notifications (via the free public mattermost notification proxy).
12 comments
[ 2.6 ms ] story [ 11.1 ms ] threadhttps://news.ycombinator.com/item?id=19936420
and I immediately signed up for it, but hadn't used it until this project. And now that I fully understand it, I'll be using it a lot more.
However, since their example is a curl with plaintext body, I question their assertion that "Whatever your content is, we will never know about it".
It sounds to me more like the content is encrypted at rest, which is important but I still have to trust that N17 isn't squirreling away a plaintext copy or accidentally leaking it via logs or something similar.
The only way I've found to do encrypted notifications is using Signal and signald, through a library I wrote:
https://gitlab.com/stavros/pysignald
signald isn't as reliable as I'd like, but it works well enough. Still, if there were a simpler alternative, I'd switch.
I just wanted to point out that there is not a single part of the flow which is not encrypted at rest, and, apart from text-processing areas, in transit.
All user-content arguments sent to the hook endpoints (to generate notifications) are obscured for the whole flow of the notification generation. Which causes trouble when trying to debug issues, but oh well, I believe privacy is more important than anything else in this context.
I dream for this tool to be used by devops people (I'm mainly one of them!), so I value the privacy element in this project above all. It happens that I end up asking users "what the hell did you type there to break things to much" :D
For the matter of logs, I'm so happy about having used Go for this project, because I can mask fields here and there nicely (e.g. https://github.com/cmaster11/structs/blob/master/structs.go#... ).
I might switch to Notify17 for some stuff.