How to access to API of Joplin headless server

  • Joplin cli-v1.0.150
  • OS: Ubuntu 18.04

I started headless Jopline:
$ joplin --profile ~/.config/joplin/ server start &

I can see it working fine:

curl http://127.0.0.1:41184/ping
2019-12-18 14:16:08: "Request: GET /ping"
JoplinClipperServer

I need to use api from integromate (for now as an example), so trying to initiate HTTP GET request to http://<public_ip>:41184/ping
but I always getting timeout error.

Maybe I’m missing something to enable access to Joplin api over internet. Thanks to advice.

The port is bound to the local loopback adapter only. Therefore you can’t connect to it directly. You would have to setup a reverse proxy.

Thanks @tessus. I will try to setyp reverse proxy on apache although I didn’t do that before.

Don’t forget to secure it somehow. TLS and user credentials might be a good idea.

After some readings and trials, simply the steps are:

  1. Had enabled Apache proxy modules:

    sudo a2enmod proxy
    sudo a2enmod proxy_http
    
  2. And created /etc/apache2/sites-available/joplin.conf , contains:

    <VirtualHost *:8001>
        ProxyPass / http://localhost:41184/
    </VirtualHost>
    
  3. Enable the new conf: sudo a2ensite joplin

and it works :slight_smile:

Just to be clear: Your config transfers data in plain text, which means the token is also transferred easily readable by adversaries.

2 Likes

I had:
[x] Enable end-to-end encryption
[x] Periodic sync on server

crontab -e
*/30 * * * /usr/bin/joplin sync

Next I want configure:
[ ] Auto start joblin as a service when vm start
[ ] Create and install SSL

I saw you are using Apache httpd. There’s a module that takes care of Let’s Encrypt certs. If you want more control about the process, here’s an article I wrote a while back on how to use and automate certbot.

1 Like

Is there a reason for not also giving the ability to bind to 0.0.0.0?

Yep, for security reasons. The traffic to the clipper server is not encrypted. People do the strangest things…