Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2026-01-04 22:49:58 +01:00
Code Issues Packages Projects Releases Activity

chore(edit-docs): move Markdown documentation outside src for now

Browse Source
This commit is contained in:
Elian Doran
2025-03-11 16:11:16 +02:00
parent 971b388d1a
commit f67e2ebcd5
292 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
docs/User Guide/User Guide/Installation & Setup/Backup.md Normal file
View File

@@ -0,0 +1,43 @@
# Backup
Trilium supports simple backup scheme where it saves copy of the [document](#root/xjSsCcvVZf6H) on these events:
* once a day
* once a week
* once a month
* before DB migration to newer version
So in total you'll have at most 4 backups from different points in time which should protect you from various problems. These backups are stored by default in `backup` directory placed in the [data directory](Data%20directory.md).
This is only very basic backup solution, and you're encouraged to add some better backup solution - e.g. backing up the [document](#root/xjSsCcvVZf6H) to cloud / different computer etc.
Note that [synchronization](Synchronization.md) provides also some backup capabilities by its nature of distributing the data to other computers.
## Restoring backup
Let's assume you want to restore the weekly backup, here's how to do it:
* find [data directory](Data%20directory.md) Trilium uses - easy way is to open "About Trilium Notes" from "Menu" in upper left corner and looking at "data directory"
* I'll refer to `~/trilium-data` as data directory from now on
* find `~/trilium-data/backup/backup-weekly.db` - this is the [document](#root/xjSsCcvVZf6H)backup
* at this point stop/kill Trilium
* delete `~/trilium-data/document.db`, `~/trilium-data/document.db-wal` and `~/trilium-data/document.db-shm` (latter two files are auto generated)
* copy and rename this `~/trilium-data/backup/backup-weekly.db` to `~/trilium-data/document.db`
* make sure that the file is writable, e.g. with `chmod 600 document.db`
* start Trilium again
If you have configured sync then you need to do it across all members of the sync cluster, otherwise older version (restored backup) of the document will be detected and synced to the newer version.
## Disabling backup
Although this is not recommended, it is possible to disable backup in `config.ini` in the [data directory](Data%20directory.md):
```
[General]
... some other configs
# set to true to disable backups (e.g. because of limited space on server)
noBackup=true
```
You can also review the [configuration](../Advanced%20Usage/Configuration%20\(config.ini%20or%20e.md) file to provide all `config.ini` values as environment variables instead.
See [sample config](https://github.com/TriliumNext/Notes/blob/master/config-sample.ini). %%{WARNING}%%

88
docs/User Guide/User Guide/Installation & Setup/Data directory.md Normal file
View File

@@ -0,0 +1,88 @@
# Data directory
Data directory contains:
* `document.db` - [database](../Advanced%20Usage/Database.md)
* `config.ini` - instance level settings like port on which the Trilium application runs
* `backup` - contains automatically [backup](Backup.md) of documents
* `log` - contains application log files
## Location
Easy way how to find out which data directory Trilium uses is to look at the "About Trilium Notes" dialog (from "Menu" in upper left corner):
![](Data directory_image.png)
Here's how the location is decided:
Data directory is normally named `trilium-data` and it is stored in:
* `/home/[user]/.local/share` for Linux
* `C:\Users\[user]\AppData\Roaming` for Windows Vista and up
* `/Users/[user]/Library/Application Support` for Mac OS
* user's home is a fallback if some of the paths above don't exist
* user's home is also a default setup for \[\[docker|Docker server installation\]\]
If you want to back up your Trilium data, just backup this single directory - it contains everything you need.
### Changing the location of data directory
If you want to use some other location for the data directory than the default one, you may change it via TRILIUM\_DATA\_DIR environment variable to some other location:
#### Linux
```
export TRILIUM_DATA_DIR=/home/myuser/data/my-trilium-data
```
#### Mac OS X
You need to create a `.plist` file under `~/Library/LaunchAgents` to load it properly each login.
To load it manually, you need to use `launchctl setenv TRILIUM_DATA_DIR <yourpath>`
Here is a pre-defined template, where you just need to add your path to:
```
Label
set.trilium.env
RunAtLoad
ProgramArguments
launchctl
setenv
TRILIUM_DATA_DIR
/Users/YourUserName/Library/Application Support/trilium-data
```
### Create a script to run with specific data directory
An alternative to globally setting environment variable is to run only the Trilium Notes with this environment variable. This then allows for different setup styles like two [database](../Advanced%20Usage/Database.md) instances or "portable" installation.
To do this in unix based systems simply run trilium like this:
```
TRILIUM_DATA_DIR=/home/myuser/data/my-trilium-data trilium
```
You can then save the above command as a shell script on your path for convenience.
### Fine-grained directory/path location
It's possible to configure e.g. backup and log directories separately, with following environment variables:
* `TRILIUM_DOCUMENT_PATH`
* `TRILIUM_BACKUP_DIR`
* `TRILIUM_LOG_DIR`
* `TRILIUM_ANONYMIZED_DB_DIR`
* `TRILIUM_CONFIG_INI_PATH`
If these are not set, default paths within the data directory will be used.

BIN
docs/User Guide/User Guide/Installation & Setup/Data directory_image.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 44 KiB

19
docs/User Guide/User Guide/Installation & Setup/Desktop Installation.md Normal file
View File

@@ -0,0 +1,19 @@
# Desktop Installation
To install Trilium on your desktop, follow these steps:
1. **Download the Latest Release**: Obtain the appropriate binary release for your operating system from the [latest release page](https://github.com/TriliumNext/Notes/releases/latest) on GitHub.
2. **Extract the Package**: Unzip the downloaded package to a location of your choice.
3. **Run the Application**: Launch Trilium by executing the `trilium` executable found within the unzipped folder.
## Startup Scripts
Trilium offers various startup scripts to customize your experience:
* `**trilium-no-cert-check**`: Starts Trilium without validating [TLS certificates](Server%20Installation/TLS%20Configuration.md), useful if connecting to a server with a self-signed certificate.
* Alternatively, set the `NODE_TLS_REJECT_UNAUTHORIZED=0` environment variable before starting Trilium.
* `**trilium-portable**`: Launches Trilium in portable mode, where the [data directory](Data%20directory.md) is created within the application's directory, making it easy to move the entire setup.
* `**trilium-safe-mode**`: Boots Trilium in "safe mode," disabling any startup scripts that might cause the application to crash.
## Synchronization
For Trilium desktp users who wish to synchronize their data with a server instance, refer to the [Synchronization Guide](Synchronization.md) for detailed instructions.

34
docs/User Guide/User Guide/Installation & Setup/Mobile Frontend.md Normal file
View File

@@ -0,0 +1,34 @@
# Mobile Frontend
Trilium ([server edition](Server%20Installation.md)) has a mobile web frontend which is optimized for touch based devices - smartphones and tablets. It is activated automatically during login process based on browser detection.
Mobile frontend is limited in features compared to full desktop frontend. See below for more details on this.
Note that this is not an Android/iOS app, this is just mobile friendly web page served on the [server edition](Server%20Installation.md).
## Screenshots
### Mobile phone
![](../Attachments/mobile-smartphone.png)
### Tablet
![](../Attachments/mobile-tablet.png)
## Limitations
Mobile frontend provides only some of the features of the full desktop frontend:
* it is possible to browse the whole note tree, read and edit all types of notes, but you can create only text notes
* reading and editing [protected notes](../Basic%20Concepts/Note/Protected%20Notes.md) is possible, but creating them is not supported
* editing options is not supported
* cloning notes is not supported
* uploading file attachments is not supported
## Forcing mobile/desktop frontend
Trilium decides automatically whether to use mobile or desktop frontend. If this is not appropriate, you can use `?mobile` or `?desktop` query param on **login** page (Note: you might need to log out).
## Scripting
You can alter the behavior with [scripts](../Advanced%20Usage/Code%20Notes/Scripts.md) just like for normal frontend. For script notes to be executed, they need to have labeled `#run=mobileStartup`.

70
docs/User Guide/User Guide/Installation & Setup/Server Installation.md Normal file
View File

@@ -0,0 +1,70 @@
# Server Installation
This guide outlines the steps to install Trilium on your own server. You might consider this option if you want to set up [synchronization](Synchronization.md) or use Trilium in a browser - accessible from anywhere.
## Installation Options
There are several ways to install Trilium on a server, each with its own advantages:
* **Recommended**: [Docker Installation](Server%20Installation/1.%20Installing%20the%20server/Docker%20Server%20Installation.md) - Available for **AMD64** and **ARM** architectures.
* [Packaged Server Installation](Server%20Installation/1.%20Installing%20the%20server/Packaged%20server%20installation.md)
* [PikaPods managed hosting](https://www.pikapods.com/pods?run=trilium-next)
* [Manual Installation](Server%20Installation/1.%20Installing%20the%20server/Manual%20server%20installation.md)
* [Kubernetes](Server%20Installation/1.%20Installing%20the%20server/Kubernetes%20server%20installation.md)
* [Cloudron](https://www.cloudron.io/store/com.github.trilium.cloudronapp.html)
* [HomelabOS](https://homelabos.com/docs/software/trilium/)
* [NixOS Module](Server%20Installation/1.%20Installing%20the%20server/NixOS%20server%20installation.md)
The server installation includes both web and [mobile frontends](Mobile%20Frontend.md).
## Configuration
After setting up your server installation, you may want to configure settings such as the port or enable [TLS](Server%20Installation/TLS%20Configuration.md). Configuration is managed via the Trilium `config.ini` file, which is located in the [data directory](Data%20directory.md) by default. To begin customizing your setup, copy the provided `config-sample.ini` file with default values to `config.ini`.
You can also review the [configuration](../Advanced%20Usage/Configuration%20\(config.ini%20or%20e.md) file to provide all `config.ini` values as environment variables instead.
### Config Location
By default, `config.ini`, the [database](../Advanced%20Usage/Database.md), and other important Trilium data files are stored in the [data directory](Data%20directory.md). If you prefer a different location, you can change it by setting the `TRILIUM_DATA_DIR` environment variable:
```
export TRILIUM_DATA_DIR=/home/myuser/data/my-trilium-data
```
### Disabling Authentication
If you are running Trilium on localhost only or if authentication is handled by another component, you can disable Triliums authentication by adding the following to `config.ini`:
```
[General]
noAuthentication=true
```
## Reverse Proxy Setup
To configure a reverse proxy for Trilium, you can use either **nginx** or **Apache**.
### nginx
Add the following configuration to your `nginx` setup to proxy requests to Trilium:
```
location /trilium/ {
proxy_pass http://127.0.0.1:8080/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
```
To avoid limiting the size of payloads, include this in the `server {}` block:
```
# Set to 0 for unlimited. Default is 1M.
client_max_body_size 0;
```
### Apache
For an Apache setup, refer to the [Apache proxy setup](Server%20Installation/2.%20Reverse%20proxy/Apache.md) guide.

119
docs/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Docker Server Installation.md Normal file
View File

@@ -0,0 +1,119 @@
# Docker Server Installation
Official docker images are published on docker hub for **AMD64**, **ARMv7** and **ARM64/v8**: [https://hub.docker.com/r/triliumnext/notes/](https://hub.docker.com/r/triliumnext/notes/)
## Prerequisites
Ensure Docker is installed on your system.
If you need help installing Docker, reference the [Docker Installation Docs](https://docs.docker.com/engine/install/)
**Note:** Trilium's Docker container requires root privileges to operate correctly.
> \[!WARNING\] If you're using a SMB/CIFS share or folder as your Trilium data directory, [you'll need](https://github.com/TriliumNext/Notes/issues/415#issuecomment-2344824400) to add the mount options of `nobrl` and `noperm` when mounting your SMB share.
## Running with Docker Compose
### Grab the latest docker-compose.yml:
```
wget https://raw.githubusercontent.com/TriliumNext/Notes/master/docker-compose.yml
```
Optionally, edit the `docker-compose.yml` file to configure the container settings prior to starting it. Unless configured otherwise, the data directory will be `~/trilium-data` and the container will be accessible at port 8080.
### Start the container:
Run the following command to start the container in the background:
```
docker compose up -d
```
## Running without Docker Compose / Further Configuration
### Pulling the Docker Image
To pull the image, use the following command, replacing `[VERSION]` with the desired version or tag, such as `v0.91.6` or just `latest`. (See published tag names at [https://hub.docker.com/r/triliumnext/notes/tags](https://hub.docker.com/r/triliumnext/notes/tags).):
```
docker pull triliumnext/notes:v0.91.6
```
**Warning:** Avoid using the "latest" tag, as it may automatically upgrade your instance to a new minor version, potentially disrupting sync setups or causing other issues.
### Preparing the Data Directory
Trilium requires a directory on the host system to store its data. This directory must be mounted into the Docker container with write permissions.
### Running the Docker Container
#### Local Access Only
Run the container to make it accessible only from the localhost. This setup is suitable for testing or when using a proxy server like Nginx or Apache.
```
sudo docker run -t -i -p 127.0.0.1:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/notes:[VERSION]
```
1. Verify the container is running using `docker ps`.
2. Access Trilium via a web browser at `127.0.0.1:8080`.
#### Local Network Access
To make the container accessible only on your local network, first create a new Docker network:
```
docker network create -d macvlan -o parent=eth0 --subnet 192.168.2.0/24 --gateway 192.168.2.254 --ip-range 192.168.2.252/27 mynet
```
Then, run the container with the network settings:
```
docker run --net=mynet -d -p 127.0.0.1:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/notes:-latest
```
To set a different user ID (UID) and group ID (GID) for the saved data, use the `USER_UID` and `USER_GID` environment variables:
```
docker run --net=mynet -d -p 127.0.0.1:8080:8080 -e "USER_UID=1001" -e "USER_GID=1001" -v ~/trilium-data:/home/node/trilium-data triliumnext/notes:-latest
```
Find the local IP address using `docker inspect [container_name]` and access the service from devices on the local network.
```
docker ps
docker inspect [container_name]
```
#### Global Access
To allow access from any IP address, run the container as follows:
```
docker run -d -p 0.0.0.0:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/notes:[VERSION]
```
Stop the container with `docker stop <CONTAINER ID>`, where the container ID is obtained from `docker ps`.
### Custom Data Directory
For a custom data directory, use:
```
-v ~/YourOwnDirectory:/home/node/trilium-data triliumnext/notes:[VERSION]
```
If you want to run your instance in a non-default way, please use the volume switch as follows: `-v ~/YourOwnDirectory:/home/node/trilium-data triliumnext/notes:<VERSION>`. It is important to be aware of how Docker works for volumes, with the first path being your own and the second the one to virtually bind to. [https://docs.docker.com/storage/volumes/](https://docs.docker.com/storage/volumes/) The path before the colon is the host directory, and the path after the colon is the container's path. More details can be found in the [Docker Volumes Documentation](https://docs.docker.com/storage/volumes/).
## Reverse Proxy
1. [Nginx](../2.%20Reverse%20proxy/Nginx.md)
2. [Apache](../2.%20Reverse%20proxy/Apache.md)
### Note on --user Directive
The `--user` directive is unsupported. Instead, use the `USER_UID` and `USER_GID` environment variables to set the appropriate user and group IDs.
### Note on timezones
If you are having timezone issues and you are not using docker-compose, you may need to add a `TZ` environment variable with the [TZ identifier](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) of your local timezone.

36
docs/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Kubernetes server installation.md Normal file
View File

@@ -0,0 +1,36 @@
# Kubernetes server installation
As Trilium can be run in Docker it also can be deployed in Kubernetes. You can either use our Helm chart, a community Helm chart, or roll your own Kubernetes deployment.
The recommended way is to use a Helm chart.
## Root privileges
> \[!NOTE\]
> The Trilium container at this time needs to be run with root privileges. It will swap to UID and GID `1000:1000` to run the `node` process after execution though, so the main process doesn't run with root privileges.
The Trilium docker container needs to be run with root privileges. The node process inside the container will be started with reduced privileges (uid:gid 1000:1000) after some initialization logic. Please make sure that you don't use a security context (PodSecurityContext) which changes the user ID. To use a different uid:gid for file storage and the application, please use the `USER_UID` & `USER_GID` environment variables.
The docker image will also fix the permissions of `/home/node` so you don't have to use an init container.
## Helm Charts
[Official Helm chart](https://github.com/TriliumNext/helm-charts) from TriliumNext Unofficial helm chart by [ohdearaugustin](https://github.com/ohdearaugustin): [https://github.com/ohdearaugustin/charts](https://github.com/ohdearaugustin/charts)
## Adding a Helm repository
Below is an example of how
```
helm repo add trilium https://triliumnext.github.io/helm-charts
"trilium" has been added to your repositories
```
## How to install a chart
After reviewing the [`values.yaml`](https://github.com/TriliumNext/helm-charts/blob/main/charts/trilium/values.yaml) from the Helm chart, modifying as required and then creating your own:
```
helm install --create-namespace --namespace trilium trilium trilium/trilium -f values.yaml
```
For more information on using Helm, please refer to the Helm documentation, or create a Discussion in the TriliumNext GitHub Organization.

62
docs/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Manual server installation.md Normal file
View File

@@ -0,0 +1,62 @@
# Manual server installation
This page describes manually installing Trilium on your server. **Note that this is a not well supported way to install Trilium, problems may appear, information laid out here is quite out of date. It is recommended to use either Docker or packaged build installation.**
## Requirements
Trilium is a node.js application. Supported (tested) version of node.js is latest 14.X.X and 16.X.X. Trilium might work with older versions as well.
You can check your node version with this command (node.js needs to be installed):
```
node --version
```
If your Linux distribution has only an outdated version of node.js, you can take a look at the installation instruction on node.js website, which covers most popular distributions.
### Dependencies
There are some dependencies required. You can see command for Debian and its derivatives (like Ubuntu) below:
```
sudo apt install libpng16-16 libpng-dev pkg-config autoconf libtool build-essential nasm libx11-dev libxkbfile-dev
```
## Installation
### Download
You can either download source code zip/tar from [https://github.com/TriliumNext/Notes/releases/latest\]\]](https://github.com/TriliumNext/Notes/releases/latest%5D%5D) %%{WARNING}%%or clone git repository **from stable branch** with
```
git clone -b stable https://github.com/triliumnext/notes.git %%{WARNING}%%
```
## Installation
```
cd trilium
# download all node dependencies
npm install
# make sure the better-sqlite3 binary is there
npm rebuild
# bundles & minifies frontend JavaScript
npm run webpack
```
## Run
```
cd trilium
# using nohup to make sure trilium keeps running after user logs out
nohup TRILIUM_ENV=dev node src/www &
```
The application by default starts up on port 8080, so you can open your browser and navigate to [http://localhost:8080](http://localhost:8080) to access Trilium (replace "localhost" with your hostname).
## TLS
Don't forget to [configure TLS](../TLS%20Configuration.md) which is required for secure usage!

25
docs/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/NixOS server installation.md Normal file
View File

@@ -0,0 +1,25 @@
# NixOS server installation
This page describes configuring the Trilium module included in NixOS.
## Requirements
[NixOS](https://nixos.org/) installation.
## Configuration
Add this to your `configuration.nix`:
```
services.trilium-server.enable = true;
# default data directory: /var/lib/trilium
#services.trilium-server.dataDir = "/var/lib/trilium-sync-server";
# default bind address: 127.0.0.1, port 8080
#services.trilium-server.host = "0.0.0.0";
#services.trilium-server.port = 12783;
```
Uncomment any option you would like to change.
See the [NixOS options list](https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&type=packages&query=trilium-server) for more options (including nginx reverse proxy configuration).

79
docs/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Packaged server installation.md Normal file
View File

@@ -0,0 +1,79 @@
# Packaged server installation
This is essentially Trilium sources + node modules + node.js runtime packaged into one 7z file.
## Steps
* ssh into your server
* use `wget` (or `curl` or whatever) to download latest [trilium-linux-x64-server-\[VERSION\].xz](https://github.com/TriliumNext/Notes/releases/latest)%%{WARNING}%% (notice -server suffix) on your server
* unpack the archive, e.g. using `tar -xf -d trilium-linux-x64-server-[VERSION].tar.xz`
* `cd trilium-linux-x64-server`
* `./trilium.sh`
* you can open the browser and open http://\[your-server-hostname\]:8080 and you should see Trilium initialization page
The problem with above steps is that once you close the SSH connection, the Trilium process is terminated. To avoid that, you have two options:
* Kill it (with e.g. `CTRL-C`) and run again like this: `nohup ./trilium &`.
* Configure systemd to automatically run Trilium in the background on every boot
## Configure Trilium to auto-run on boot with systemd
* After downloading, extract and move Trilium:
```
tar -xvf trilium-linux-x64-server-[VERSION].tar.xz
sudo mv trilium-linux-x64-server /opt/trilium
```
* Create the service:
```
sudo nano /etc/systemd/system/trilium.service
```
* Paste this into the file (replace the user and group as needed):
```
[Unit]
Description=Trilium Daemon
After=syslog.target network.target
[Service]
User=xxx
Group=xxx
Type=simple
ExecStart=/opt/trilium/trilium.sh
WorkingDirectory=/opt/trilium/
TimeoutStopSec=20
# KillMode=process leads to error, according to https://www.freedesktop.org/software/systemd/man/systemd.kill.html
Restart=always
[Install]
WantedBy=multi-user.target
```
* Save the file (CTRL-S) and exit (CTRL-X)
* Enable and launch the service:
```
sudo systemctl enable --now -q trilium
```
* You can now open a browser to http://\[your-server-hostname\]:8080 and you should see the Trilium initialization page.
## Common issues
### Outdated glibc
```
Error: /usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.21' not found (required by /var/www/virtual/.../node_modules/@mlink/scrypt/build/Release/scrypt.node)
at Object.Module._extensions..node (module.js:681:18)
at Module.load (module.js:565:32)
at tryModuleLoad (module.js:505:12)
```
If you get an error like this, you need to either upgrade your glibc (typically by upgrading to up-to-date distribution version) or use some other [server installation](../../Server%20Installation.md) method.
## TLS
Don't forget to [configure TLS](../TLS%20Configuration.md), which is required for secure usage!

84
docs/User Guide/User Guide/Installation & Setup/Server Installation/2. Reverse proxy/Apache.md Normal file
View File

@@ -0,0 +1,84 @@
# Apache
I've assumed you have created a DNS A record for `trilium.yourdomain.com` that you want to use for your Trilium server.
1. Download docker image and create container
```
docker pull triliumnext/notes:[VERSION]
docker create --name trilium -t -p 127.0.0.1:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/notes:[VERSION]
```
2. Configure Apache proxy and websocket proxy
1. Enable apache proxy modules
```
a2enmod ssl
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_wstunnel
```
2. Create a new let's encrypt certificate
```
sudo certbot certonly -d trilium.mydomain.com
```
Choose standalone (2) and note the location of the created certificates (typically /etc/letsencrypt/live/...)
3. Create a new virtual host file for apache (you may want to use `apachectl -S` to determine the server root location, mine is /etc/apache2)
```
sudo nano /etc/apache2/sites-available/trilium.yourdomain.com.conf
```
Paste (and customize) the following text into the configuration file
```
ServerName http://trilium.yourdomain.com
RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ServerName https://trilium.yourdomain.com
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://localhost:8080/$1 [P,L]
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
SSLCertificateFile /etc/letsencrypt/live/trilium.yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/trilium.yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
```
4. Enable the virtual host with `sudo a2ensite trilium.yourdomain.com.conf`
5. Reload apache2 with `sudo systemctl reload apache2`
3. Create and enable a systemd service to start the docker container on boot
1. Create a new empty file called `/lib/systemd/system/trilium.service` with the contents
```
[Unit]
Description=Trilium Server
Requires=docker.service
After=docker.service
[Service]
Restart=always
ExecStart=/usr/bin/docker start -a trilium
ExecStop=/usr/bin/docker stop -t 2 trilium
[Install]
WantedBy=local.target
```
2. Install, enable and start service
```
sudo systemctl daemon-reload
sudo systemctl enable trilium.service
sudo systemctl start trilium.service
```

51
docs/User Guide/User Guide/Installation & Setup/Server Installation/2. Reverse proxy/Nginx.md Normal file
View File

@@ -0,0 +1,51 @@
# Nginx
Configure Nginx proxy and HTTPS. The operating system here is Ubuntu 18.04.
1. Download Nginx and remove Apache2
```sh
sudo apt-get install nginx
sudo apt-get remove apache2
```
2. Create configure file
```sh
cd /etc/nginx/conf.d
vim default.conf
```
3. Fill the file with the context shown below, part of the setting show be changed. Then you can enjoy your web with HTTPS forced and proxy.
```conf
# This part is for proxy and HTTPS configure
server {
listen 443 ssl;
server_name trilium.example.net; #change trilium.example.net to your domain without HTTPS or HTTP.
ssl_certificate /etc/ssl/note/example.crt; #change /etc/ssl/note/example.crt to your path of crt file.
ssl_certificate_key /etc/ssl/note/example.net.key; #change /etc/ssl/note/example.net.key to your path of key file.
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log; #check the path of access.log, if it doesn't fit your file, change it
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://127.0.0.1:8080; # change it to a different port if non-default is used
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:8080 https://trilium.example.net; # change them based on your IP, port and domain
}
}
# This part is for HTTPS forced
server {
listen 80;
server_name trilium.example.net; # change to your domain
return 301 https://$server_name$request_uri;
}
```

86
docs/User Guide/User Guide/Installation & Setup/Server Installation/Multi-Factor Authentication.md Normal file
View File

@@ -0,0 +1,86 @@
# Multi-Factor Authentication
**Note: This feature has not been merged yet, so it is not available.**
Multi-factor authentication (MFA) is a security process that requires users to provide two or more verification factors to gain access to a system, application, or account. This adds an extra layer of protection beyond just using a password.
By requiring more than one verification method, MFA helps reduce the risk of unauthorized access, even if someone has obtained your password. Its highly recommended for securing sensitive information stored in your notes.
Warning! OpenID and TOTP cannot be both used at the same time!
## Log in with your Google Account with OpenID!
OpenID is a standardized way to let you log into websites using an account from another service, like Google, to verify your identity.
## Why Time-based One Time Passwords?
TOTP (Time-Based One-Time Password) is a security feature that generates a unique, temporary code on your device, like a smartphone, which changes every 30 seconds. You use this code, along with your password, to log into your account, making it much harder for anyone else to access them.
## Setup
### TOTP
1. Start Trilium Notes normally.
2. Go to "Menu" -> "Options" -> "MFA"
3. Click the "Generate TOTP Secret" button
4. Copy the generated secret to your authentication app/extension
5. Set an environment variable "TOTP\_SECRET" as the generated secret. Environment variables can be set with a .env file in the root directory, by defining them in the command line, or with a docker container.
```
# .env in the project root directory
TOTP_ENABLED="true"
TOTP_SECRET="secret"
```
```
# Terminal/CLI
export TOTP_ENABLED="true"
export TOTP_SECRET="secret"
```
```
# Docker
docker run -p 8080:8080 -v ~/trilium-data:/home/node/trilium-data -e TOTP_ENABLED="true" -e TOTP_SECRET="secret" triliumnext/notes:[VERSION]
```
6. Restart Trilium
7. Go to "Options" -> "MFA"
8. Click the "Generate Recovery Codes" button
9. Save the recovery codes. Recovery codes can be used once in place of the TOTP if you loose access to your authenticator. After a rerecovery code is used, it will show the unix timestamp when it was used in the MFA options tab.
10. Load the secret into an authentication app like google authenticator
### OpenID
_Currently only compatible with Google. Other services like Authentik and Auth0 are planned on being added._
In order to setup OpenID, you will need to setup a authentication provider. This requires a bit of extra setup. Follow [these instructions](https://developers.google.com/identity/openid-connect/openid-connect) to setup an OpenID service through google.
Set an environment variable "SSO\_ENABLED" to true and add the client ID and secret you obtained from google. Environment variables can be set with a .env file in the root directory, by defining them in the command line, or with a docker container.
#### .env File
```
# .env in the project root directory
SSO_ENABLED="true"
BASE_URL="http://localhost:8080"
CLIENT_ID=
SECRET=
```
#### Environment variable (linux)
```
export SSO_ENABLED="true"
export BASE_URL="http://localhost:8080"
export CLIENT_ID=
export SECRET=
```
#### Docker
```
docker run -d -p 8080:8080 -v ~/trilium-data:/home/node/trilium-data -e SSO_ENABLED="true" -e BASE_URL="http://localhost:8080" -e CLIENT_ID= -e SECRET= triliumnext/notes:[VERSION]
```
After you restart Trilium Notes, you will be redirected to Google's account selection page. Login to an account and Trilium Next will bind to that account, allowing you to login with it.
You can now login using your google account.

0
docs/User Guide/User Guide/Installation & Setup/Server Installation/Reverse proxy setup.md Normal file
View File

47
docs/User Guide/User Guide/Installation & Setup/Server Installation/TLS Configuration.md Normal file
View File

@@ -0,0 +1,47 @@
# TLS Configuration
Configuring TLS is essential for [server installation](../Server%20Installation.md) in Trilium. This guide details the steps to set up TLS within Trilium itself.
For a more robust solution, consider using TLS termination with a reverse proxy (recommended, e.g., Nginx). You can follow a [guide like this](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04) for such setups.
## Obtaining a TLS Certificate
You have two options for obtaining a TLS certificate:
* **Recommended**: Obtain a TLS certificate signed by a root certificate authority. For personal use, [Let's Encrypt](https://letsencrypt.org) is an excellent choice. It is free, automated, and straightforward. Certbot can facilitate automatic TLS setup.
* Generate a self-signed certificate. This option is not recommended due to the additional complexity of importing the certificate into all machines connecting to the server.
## Modifying `config.ini`
Once you have your certificate, modify the `config.ini` file in the [data directory](../Data%20directory.md) to configure Trilium to use it:
```
[Network]
port=8080
# Set to true for TLS/SSL/HTTPS (secure), false for HTTP (insecure).
https=true
# Path to the certificate (run "bash bin/generate-cert.sh" to generate a self-signed certificate).
# Relevant only if https=true
certPath=/[username]/.acme.sh/[hostname]/fullchain.cer
keyPath=/[username]/.acme.sh/[hostname]/example.com.key
```
You can also review the [configuration](../../Advanced%20Usage/Configuration%20\(config.ini%20or%20e.md) file to provide all `config.ini` values as environment variables instead.
The above example shows how this is set up in an environment where the certificate was generated using Let's Encrypt's ACME utility. Your paths may differ. For Docker installations, ensure these paths are within a volume or another directory accessible by the Docker container, such as `/home/node/trilium-data/[DIR IN DATA DIRECTORY]`.
After configuring `config.ini`, restart Trilium and access the hostname using "https".
## Self-Signed Certificate
If you opt to use a self-signed certificate for your server instance, note that the desktop instance will not trust it by default.
To bypass this, disable certificate validation by setting the following environment variable (for Linux):
```
export NODE_TLS_REJECT_UNAUTHORIZED=0
trilium
```
Trilium provides scripts to start in this mode, such as `trilium-no-cert-check.bat` for Windows.
**Warning**: Disabling TLS certificate validation is insecure. Proceed only if you fully understand the implications.

70
docs/User Guide/User Guide/Installation & Setup/Synchronization.md Normal file
View File

@@ -0,0 +1,70 @@
# Synchronization
Trilium is an offline-first note-taking application that stores all data locally on the desktop client. However, it also offers the option to set up synchronization with a server instance, allowing multiple desktop clients to sync with a central server. This creates a star-shaped topology:
![](Synchronization_image.png)
In this setup, a central server (referred to as the _sync server_) and multiple _client_ (or _desktop_) instances synchronize with the sync server. Once configured, synchronization is automatic and ongoing, requiring no manual intervention.
## Setting Up Synchronization
### Security Considerations
Setting up the server securely is critical and can be complex. It is crucial to use a valid [TLS certificate](Server%20Installation/TLS%20Configuration.md) (HTTPS) rather than an unencrypted HTTP connection to ensure security and avoid potential vulnerabilities.
### Synchronizing a Desktop Instance with a Sync Server
This method is used when you already have a desktop instance of Trilium and want to set up a sync server on your web host.
1. **Server Deployment**: Ensure your server instance is deployed but uninitialized.
2. **Desktop Configuration**: Open your desktop instance, navigate to Options -> Sync tab -> Sync configuration, and set the "Server instance address" to your sync server's address. Click Save.
![screenshot of the sync settings options modal](../Attachments/sync-config.png)
1. **Testing Sync**: Click the "Test sync" button to verify the connection to the sync server. If successful, the client will start pushing all data to the server instance. This process may take some time, but you can continue using Trilium. Periodically check the server instance to confirm when the sync is complete. Once finished, you should see the login screen on the server.
### Synchronizing a Desktop Instance from a Sync Server
This method is used when you already have a sync server and want to configure a new desktop instance to sync with it.
1. **Desktop Setup**: Follow the [desktop installation page](Desktop%20Installation.md).
2. **Initial Configuration**: When prompted, choose the option to set up sync with a sync server.
![screenshot of the sync from server setup page](../Attachments/sync-init.png)
1. **Server Details**: Configure the Trilium server address and enter the correct username and password for authentication.
2. **Finish Setup**: Click the "Finish setup" button. If successful, you will see the following screen:
![screenshot of the sync page](../Attachments/sync-in-progress.png)
Once synchronization is complete, you will be automatically redirected to the Trilium application.
## Proxy Configuration
Two proxy setups are supported:
* **Explicit Proxy Configuration**: Set the proxy server in Options / Sync. Only unauthenticated proxy servers are supported.
* **System Proxy Settings**: If no proxy server is explicitly configured, Trilium will use the system proxy settings.
## Troubleshooting
### Date/Time Synchronization
For successful synchronization, both client and server must have the same date and time, with a tolerance of up to five minutes.
### Certificate Issues
When using TLS, Trilium will verify the server certificate. If verification fails (e.g., due to self-signed certificates or certain corporate proxies), you can run the Trilium client with the `NODE_TLS_REJECT_UNAUTHORIZED` environment variable set to `0`:
```
export NODE_TLS_REJECT_UNAUTHORIZED=0
```
This will disable TLS certificate verification, significantly reducing security and exposing the setup to MITM attacks. It is strongly recommended to use a valid signed server certificate. Newer Trilium versions include a script called `trilium-no-cert-check.sh` for this purpose.
### Conflict Resolution
If you edit the same note on multiple instances before synchronization, Trilium resolves conflicts by retaining the newer change and discarding the older one. The older version remains accessible in [note revisions](../Basic%20Concepts/Note/Note%20Revisions.md), allowing data recovery if needed.
### Hash Check
After each synchronization, Trilium computes a hash of all synced data on both the client and the sync server. If there is a discrepancy, Trilium will automatically initiate a recovery mechanism to resolve the issue.

BIN
docs/User Guide/User Guide/Installation & Setup/Synchronization_image.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.9 KiB

17
docs/User Guide/User Guide/Installation & Setup/Upgrading TriliumNext.md Normal file
View File

@@ -0,0 +1,17 @@
# Upgrading TriliumNext
This document outlines the steps required to upgrade Trilium to a new release version.
## How to Upgrade
Trilium does not support built-in automatic upgrades; all updates must be performed manually. The upgrade process varies depending on the installation method:
* [**Docker Server Installation**](Server%20Installation/1.%20Installing%20the%20server/Docker%20Server%20Installation.md): Pull the new image and restart the container.
* **Other Installations**: Download the latest version from the [release page](https://github.com/TriliumNext/Notes/releases/latest) and replace the existing application files.
## Database Compatibility and Migration
Upon startup, Trilium will automatically migrate the [database](../Advanced%20Usage/Database.md) to the new version. Note that after migration, older versions of Trilium will be unable to read the database. If you need to revert to a previous version of Trilium and its database, you can restore the [backup](Backup.md) that is created prior to migration.
## Sync Compatibility
The [synchronization](Synchronization.md) protocol used by Trilium is versioned, requiring all members of the sync cluster to use the same protocol version. Therefore, when upgrading to a new version, you may need to upgrade all instances in the sync cluster. Changes to the sync protocol version are typically indicated on the release page.

37
docs/User Guide/User Guide/Installation & Setup/Web Clipper.md Normal file
View File

@@ -0,0 +1,37 @@
# Web Clipper
![](Web Clipper_image.png)
Trilium Web Clipper is a web browser extension which allows user to clip text, screenshots, whole pages and short notes and save them directly to Trilium Notes.
Project is hosted [here](https://github.com/TriliumNext/web-clipper).
Firefox and Chrome are supported browsers, but the chrome build should work on other chromium based browsers as well.
## Functionality
* select text and clip it with the right-click context menu
* click on an image or link and save it through context menu
* save whole page from the popup or context menu
* save screenshot (with crop tool) from either popup or context menu
* create short text note from popup
Trilium will save these clippings as a new child note under a "clipper inbox" note.
By default, that's the [day note](../Advanced%20Usage/Advanced%20Showcases/Day%20Notes.md) but you can override that by setting the [label](../Advanced%20Usage/Attributes.md) `clipperInbox`, on any other note.
If there's multiple clippings from the same page (and on the same day), then they will be added to the same note.
**Extension is available from:**
* [Project release page](https://github.com/TriliumNext/web-clipper/releases) - .xpi for Firefox and .zip for Chromium based browsers.
* %%{WARNING}%% [Chrome Web Store](https://chromewebstore.google.com/detail/trilium-web-clipper/dfhgmnfclbebfobmblelddiejjcijbjm)
## Configuration
The extension needs to connect to a running Trilium instance. By default, it scans a port range on the local computer to find a desktop Trilium instance.
It's also possible to configure the [server](Server%20Installation.md) address if you don't run the desktop application, or want it to work without the desktop application running.
## Username
Older versions of Trilium (before 0.50) required username & password to authenticate, but this is no longer the case. You may enter anything in that field, it will not have any effect.

BIN
docs/User Guide/User Guide/Installation & Setup/Web Clipper_image.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB