Enable TLS by default

docker-compose.yml

@@ -8,10 +8,10 @@ services:
       - "8080:8080"
     environment:
       # Replace with your ntfy server URL (without topic path)
-      - NTFY_BASE_URL=https://ntfy.dangerzone.dev
+      - NTFY_BASE_URL=https://your-ntfy-server.com
       
       # For token-based authentication, uncomment and replace with your ntfy Bearer token (e.g., tk_xxxx)
-      - NTFY_TOKEN=tk_your_bearer_token_here
+      # - NTFY_TOKEN=tk_your_bearer_token_here
       
       # For username/password authentication, uncomment and replace with your ntfy credentials
       # - NTFY_USERNAME=your_username
@@ -20,7 +20,15 @@ services:
       # Bind configuration
       - BIND_ADDRESS=0.0.0.0
       - BIND_PORT=8080
+      # TLS Configuration
+      # Uncomment and replace with your certificate and key file paths (relative to the container)
+      # - TLS_CERT_FILE=/app/certs/server.crt
+      # - TLS_KEY_FILE=/app/certs/server.key
     restart: unless-stopped
+    volumes:
+      # Mount the local 'certs' directory into the container to provide TLS certificates
+      # Ensure you have server.crt and server.key in a 'certs' directory next to docker-compose.yml
+      - ./certs:/app/certs
     
     # Optional: Resource limits
     deploy:
@@ -34,7 +42,7 @@ services:
     
     # Health check using the built-in endpoint
     healthcheck:
-      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/health"]
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "https://localhost:8080/health"]
       interval: 30s
       timeout: 10s
       retries: 3