Adds the option to skip TLS verification for a Gotify instance (#544)

docs/notifications.md

@@ -170,6 +170,8 @@ docker run -d \
   containrrr/watchtower
 ```
 
+If you want to disable TLS verification for the Gotify instance, you can use either `-e WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY=true` or `--notification-gotify-tls-skip-verify`. 
+
 ### [containrrr/shoutrrr](https://github.com/containrrr/shoutrrr)
 
 To send notifications via shoutrrr, the following command-line options, or their corresponding environment variables, can be set:

internal/flags/flags.go

@@ -183,10 +183,8 @@ func RegisterNotificationFlags(rootCmd *cobra.Command) {
 		"notification-email-server-tls-skip-verify",
 		"",
 		viper.GetBool("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_TLS_SKIP_VERIFY"),
-		`
-Controls whether watchtower verifies the SMTP server's certificate chain and host name.
-Should only be used for testing.
-`)
+		`Controls whether watchtower verifies the SMTP server's certificate chain and host name.
+Should only be used for testing.`)
 
 	flags.StringP(
 		"notification-email-server-user",
@@ -253,12 +251,20 @@ Should only be used for testing.
 		"",
 		viper.GetString("WATCHTOWER_NOTIFICATION_GOTIFY_URL"),
 		"The Gotify URL to send notifications to")
+
 	flags.StringP(
 		"notification-gotify-token",
 		"",
 		viper.GetString("WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN"),
 		"The Gotify Application required to query the Gotify API")
 
+	flags.BoolP(
+		"notification-gotify-tls-skip-verify",
+		"",
+		viper.GetBool("WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY"),
+		`Controls whether watchtower verifies the Gotify server's certificate chain and host name.
+Should only be used for testing.`)
+
 	flags.StringP(
 		"notification-template",
 		"",

pkg/api/api.go

@@ -18,7 +18,7 @@ func init() {
 	lock <- true
 }
 
-// SetupHTTPUpdates configures the endopint needed for triggering updates via http
+// SetupHTTPUpdates configures the endpoint needed for triggering updates via http
 func SetupHTTPUpdates(apiToken string, updateFunction func()) error {
 	if apiToken == "" {
 		return errors.New("api token is empty or has not been set. not starting api")

pkg/notifications/gotify.go

@@ -2,6 +2,7 @@ package notifications
 
 import (
 	"bytes"
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"net/http"
@@ -17,9 +18,10 @@ const (
 )
 
 type gotifyTypeNotifier struct {
-	gotifyURL      string
-	gotifyAppToken string
-	logLevels      []log.Level
+	gotifyURL                string
+	gotifyAppToken           string
+	gotifyInsecureSkipVerify bool
+	logLevels                []log.Level
 }
 
 func newGotifyNotifier(c *cobra.Command, acceptedLogLevels []log.Level) t.Notifier {
@@ -39,10 +41,13 @@ func newGotifyNotifier(c *cobra.Command, acceptedLogLevels []log.Level) t.Notifi
 		log.Fatal("Required argument --notification-gotify-token(cli) or WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN(env) is empty.")
 	}
 
+	gotifyInsecureSkipVerify, _ := flags.GetBool("notification-gotify-tls-skip-verify")
+
 	n := &gotifyTypeNotifier{
-		gotifyURL:      gotifyURL,
-		gotifyAppToken: gotifyToken,
-		logLevels:      acceptedLogLevels,
+		gotifyURL:                gotifyURL,
+		gotifyAppToken:           gotifyToken,
+		gotifyInsecureSkipVerify: gotifyInsecureSkipVerify,
+		logLevels:                acceptedLogLevels,
 	}
 
 	log.AddHook(n)
@@ -79,8 +84,16 @@ func (n *gotifyTypeNotifier) Fire(entry *log.Entry) error {
 			return
 		}
 
+		// Explicitly define the client so we can set InsecureSkipVerify to the desired value.
+		client := &http.Client{
+			Transport: &http.Transport{
+				TLSClientConfig: &tls.Config{
+					InsecureSkipVerify: n.gotifyInsecureSkipVerify,
+				},
+			},
+		}
 		jsonBodyBuffer := bytes.NewBuffer([]byte(jsonBody))
-		resp, err := http.Post(n.getURL(), "application/json", jsonBodyBuffer)
+		resp, err := client.Post(n.getURL(), "application/json", jsonBodyBuffer)
 		if err != nil {
 			fmt.Println("Failed to send Gotify notification: ", err)
 			return