Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-01 02:45:54 +01:00
Code Issues Packages Projects Releases Activity

docs: ✏️ Improve OIDC docs

Browse Source
This commit is contained in:
Jin
2025-08-12 22:03:36 +02:00
parent d8d0a64134
commit d224f33913
6 changed files with 183 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
docs/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Packaged version for Linux.md vendored
View File

@@ -60,15 +60,16 @@ sudo systemctl enable --now -q trilium
```
* You can now open a browser to http://\[your-server-hostname\]:8080 and you should see the Trilium initialization page.
## Simple Autoupdate for Server
Run as the same User Trilium runs
if you run as root please remove 'sudo' from the commands
if you run as root please remove 'sudo' from the commands
requires "jq" ```apt install jq```
requires "jq" `apt install jq`
It will stop the service above, overwrite everything (i expect no config.ini), and start service
It also creates a version file in the Trilium directory so it updates only with a newer Version
It will stop the service above, overwrite everything (i expect no config.ini), and start service It also creates a version file in the Trilium directory so it updates only with a newer Version
```
#!/bin/bash
@@ -177,4 +178,4 @@ If you get an error like this, you need to either upgrade your glibc (typically
## TLS
Don't forget to [configure TLS](../TLS%20Configuration.md), which is required for secure usage!
Don't forget to [configure TLS](../TLS%20Configuration.md), which is required for secure usage!

2
docs/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Using Docker.md vendored
View File

@@ -236,4 +236,4 @@ Available build arguments:
* `USER`: Username for the non-root user (default: trilium)
* `UID`: User ID for the non-root user (default: 1000)
* `GID`: Group ID for the non-root user (default: 1000)
* `GID`: Group ID for the non-root user (default: 1000)

16
docs/User Guide/User Guide/Installation & Setup/Server Installation/Multi-Factor Authentication.md vendored
View File

@@ -34,10 +34,11 @@ MFA can only be set up on a server instance.
### OpenID
In order to setup OpenID, you will need to setup a authentication provider. This requires a bit of extra setup. Follow [these instructions](https://developers.google.com/identity/openid-connect/openid-connect) to setup an OpenID service through google.
In order to setup OpenID, you will need to setup a authentication provider. This requires a bit of extra setup. Follow [these instructions](https://developers.google.com/identity/openid-connect/openid-connect) to setup an OpenID service through google. The Redirect URL of Trilium is `https://<your-trilium-domain>/callback`.
1. Set the `oauthBaseUrl`, `oauthClientId` and `oauthClientSecret` in the `config.ini` file (check <a class="reference-link" href="../../Advanced%20Usage/Configuration%20(config.ini%20or%20e.md">Configuration (config.ini or environment variables)</a> for more information).
1. You can also setup through environment variables (`TRILIUM_OAUTH_BASE_URL`, `TRILIUM_OAUTH_CLIENT_ID` and `TRILIUM_OAUTH_CLIENT_SECRET`).
2. `oauthBaseUrl` should be the link of your Trilium instance server, for example, `https://<your-trilium-domain>`.
2. Restart the server
3. Go to "Menu" -> "Options" -> "MFA"
4. Click the “Enable Multi-Factor Authentication” checkbox if not checked
@@ -45,4 +46,15 @@ In order to setup OpenID, you will need to setup a authentication provider. This
6. Refresh the page and login through OpenID provider
> [!NOTE]
> The default OAuth issuer is Google. To use other services such as Authentik or Auth0, you can configure the settings via `oauthIssuerBaseUrl`, `oauthIssuerName`, and `oauthIssuerIcon` in the `config.ini` file. Alternatively, these values can be set using environment variables: `TRILIUM_OAUTH_ISSUER_BASE_URL`, `TRILIUM_OAUTH_ISSUER_NAME`, and `TRILIUM_OAUTH_ISSUER_ICON`. `oauthIssuerName` and `oauthIssuerIcon` are required for displaying correct issuer information at the Login page.
> The default OAuth issuer is Google. To use other services such as Authentik or Auth0, you can configure the settings via `oauthIssuerBaseUrl`, `oauthIssuerName`, and `oauthIssuerIcon` in the `config.ini` file. Alternatively, these values can be set using environment variables: `TRILIUM_OAUTH_ISSUER_BASE_URL`, `TRILIUM_OAUTH_ISSUER_NAME`, and `TRILIUM_OAUTH_ISSUER_ICON`. `oauthIssuerName` and `oauthIssuerIcon` are required for displaying correct issuer information at the Login page.
#### Authentik
If you dont already have a running Authentik instance, please follow [these instructions](https://docs.goauthentik.io/docs/install-config/install/docker-compose) to set one up.
1. In the Authentik admin dashboard, create a new OAuth2 application by following [these steps](https://docs.goauthentik.io/docs/add-secure-apps/providers/oauth2/create-oauth2-provider). Make sure to set the Redirect URL to: `https://<your-trilium-domain>/callback`.
2. In your config.ini file, set the relevant OAuth variables:
1. `oauthIssuerBaseUrl` → Use the `OpenID Configuration Issuer` URL from your application's overview page.
2. `oauthIssuerName` and `oauthIssuerIcon` → Set these to customize the name and icon displayed on the login page. If omitted, Googles name and icon will be shown by default.
3. Apply the changes by restarting your server.
4. Proceed with the remaining steps starting from Step 3 in the OpenID section.