Merge pull request #2014 from FliegendeWurst/demo-mode

feat(server): add option to mount database read-only
2025-11-01 19:05:59 +01:00 · 2025-05-26 16:47:10 +03:00
parent 6a29fae7c0 50d045b70e
commit 79422da733
9 changed files with 60 additions and 11 deletions
--- a/apps/server/src/routes/api/options.ts
+++ b/apps/server/src/routes/api/options.ts
@@ -7,6 +7,7 @@ import ValidationError from "../../errors/validation_error.js";
 import type { Request } from "express";
 import { changeLanguage, getLocales } from "../../services/i18n.js";
 import type { OptionNames } from "@triliumnext/commons";
+import config from "../../services/config.js";

 // options allowed to be updated directly in the Options dialog
 const ALLOWED_OPTIONS = new Set<OptionNames>([
@@ -127,6 +128,12 @@ function getOptions() {
    }

    resultMap["isPasswordSet"] = optionMap["passwordVerificationHash"] ? "true" : "false";
+    // if database is read-only, disable editing in UI by setting 0 here
+    if (config.General.readOnly) {
+        resultMap["autoReadonlySizeText"] = "0";
+        resultMap["autoReadonlySizeCode"] = "0";
+        resultMap["databaseReadonly"] = "true";
+    }

    return resultMap;
 }
--- a/apps/server/src/services/config.ts
+++ b/apps/server/src/services/config.ts
@@ -21,6 +21,7 @@ export interface TriliumConfig {
        noAuthentication: boolean;
        noBackup: boolean;
        noDesktopIcon: boolean;
+        readOnly: boolean;
    };
    Network: {
        host: string;
@@ -62,7 +63,10 @@ const config: TriliumConfig = {
            envToBoolean(process.env.TRILIUM_GENERAL_NOBACKUP) || iniConfig.General.noBackup || false,

        noDesktopIcon:
-            envToBoolean(process.env.TRILIUM_GENERAL_NODESKTOPICON) || iniConfig.General.noDesktopIcon || false
+            envToBoolean(process.env.TRILIUM_GENERAL_NODESKTOPICON) || iniConfig.General.noDesktopIcon || false,
+
+        readOnly:
+            envToBoolean(process.env.TRILIUM_GENERAL_READONLY) || iniConfig.General.readOnly || false
    },

    Network: {
--- a/apps/server/src/services/sql.ts
+++ b/apps/server/src/services/sql.ts
@@ -13,18 +13,20 @@ import Database from "better-sqlite3";
 import ws from "./ws.js";
 import becca_loader from "../becca/becca_loader.js";
 import entity_changes from "./entity_changes.js";
+import config from "./config.js";

 let dbConnection: DatabaseType = buildDatabase();
 let statementCache: Record<string, Statement> = {};

 function buildDatabase() {
+    // for integration tests, ignore the config's readOnly setting
    if (process.env.TRILIUM_INTEGRATION_TEST === "memory") {
        return buildIntegrationTestDatabase();
    } else if (process.env.TRILIUM_INTEGRATION_TEST === "memory-no-store") {
        return new Database(":memory:");
    }

-    return new Database(dataDir.DOCUMENT_PATH);
+    return new Database(dataDir.DOCUMENT_PATH, { readonly: config.General.readOnly });
 }

 function buildIntegrationTestDatabase(dbPath?: string) {
@@ -208,6 +210,13 @@ function getColumn<T>(query: string, params: Params = []): T[] {
 }

 function execute(query: string, params: Params = []): RunResult {
+    if (config.General.readOnly && (query.startsWith("UPDATE") || query.startsWith("INSERT") || query.startsWith("DELETE"))) {
+        log.error(`read-only DB ignored: ${query} with parameters ${JSON.stringify(params)}`);
+        return {
+            changes: 0,
+            lastInsertRowid: 0
+        };
+    }
    return wrap(query, (s) => s.run(params)) as RunResult;
 }

--- a/apps/server/src/services/sql_init.ts
+++ b/apps/server/src/services/sql_init.ts
@@ -186,6 +186,9 @@ function setDbAsInitialized() {
 }

 function optimize() {
+    if (config.General.readOnly) {
+        return;
+    }
    log.info("Optimizing database");
    const start = Date.now();