Hi folks,
I discovered Joplin server a few weeks ago and I tried to make it works on Debian 11 without Docker.
Hopefully I found @hi-ko gists on github (can't post link ?)
So I tried to write my own doc doing the following
- Install joplin server
- Generate ssl self signed cert
- Install and configure nginx as a frontend webserver.
- If needed, add a config to haproxy.
I don't know if I'm in the right place and if it will be usefull for someone but here is the gist I wrote (can't post link so copy / paste just below).
Please just change the starting vars according your configuration and let me known if it works
#!/bin/bash
# Set variables
JOPLIN_HOME="/home/joplin"
JOPLIN_URL="joplin.domain.tld" # WITHOUT HTTP OR HTTPS
POSTGRES_ADM_PASS="changeme"
POSTGRES_USER_PASS="changeme"
POSTGRES_USER="joplindbuser"
POSTGRES_DB="joplindb"
# dl and install dep
apt update
apt -y install wget rsync sudo postgresql postgresql-client nginx rsyslog
mkdir /usr/local/src/joplin-server && cd $_
# download @ki-ho scripts
wget https://gist.githubusercontent.com/hi-ko/fbbd6f0f82955f55bb23c6f4db29bdb2/raw/73c69cbeb8d809952ca5cd38d8ca14203b90305f/joplin-build.sh
wget https://gist.githubusercontent.com/hi-ko/fbbd6f0f82955f55bb23c6f4db29bdb2/raw/73c69cbeb8d809952ca5cd38d8ca14203b90305f/joplin-requirements.sh
wget https://gist.githubusercontent.com/hi-ko/fbbd6f0f82955f55bb23c6f4db29bdb2/raw/73c69cbeb8d809952ca5cd38d8ca14203b90305f/joplin.service
wget https://gist.githubusercontent.com/hi-ko/fbbd6f0f82955f55bb23c6f4db29bdb2/raw/73c69cbeb8d809952ca5cd38d8ca14203b90305f/run.sh
chmod u+x ./joplin-requirements.sh
./joplin-requirements.sh
update-alternatives --install /usr/bin/python python /usr/bin/python2.7 2
update-alternatives --install /usr/bin/python python /usr/bin/python3.9 0
mv ./joplin-build.sh /home/joplin
mv ./run.sh /home/joplin
chown joplin: /home/joplin/*.sh
chmod u+x /home/joplin/*.sh
mv ./joplin.service /etc/systemd/system/joplin-server.service
cd /tmp/
su -c "psql -c \"ALTER USER postgres WITH password '${POSTGRES_ADM_PASS}'\"" postgres
su -c "createuser ${POSTGRES_USER}" postgres
su -c "createdb ${POSTGRES_DB} -O ${POSTGRES_USER}" postgres
su -c "psql -c \"ALTER USER ${POSTGRES_USER} WITH password '${POSTGRES_USER_PASS}';\"" postgres
su -c "${JOPLIN_HOME}/joplin-build.sh" joplin
sed -i "s|APP_BASE_URL.*|APP_BASE_URL=https:\/\/${JOPLIN_URL}|g" ${JOPLIN_HOME}/run.sh
sed -i "s/POSTGRES_PASSWORD.*/POSTGRES_PASSWORD=${POSTGRES_USER_PASS}/g" ${JOPLIN_HOME}/run.sh
sed -i "s/POSTGRES_DATABASE.*/POSTGRES_DATABASE=${POSTGRES_DB}/g" ${JOPLIN_HOME}/run.sh
sed -i "s/POSTGRES_USER.*/POSTGRES_USER=${POSTGRES_USER}/g" ${JOPLIN_HOME}/run.sh
sed -i "s/POSTGRES_HOST.*/POSTGRES_HOST=localhost/g" ${JOPLIN_HOME}/run.sh
systemctl daemon-reload
systemctl restart joplin-server
curl ${JOPLIN_URL}:22300/api/ping
# Web / TLS configuration
# Generate self signed cert
openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 \
-subj "/C=FR/ST=Off/L=Off/O=Dis/CN=${JOPLIN_URL}" \
-keyout /etc/ssl/private/${JOPLIN_URL}.key -out /etc/ssl/certs/${JOPLIN_URL}.crt
# Install and configuration Nginx
systemctl stop nginx
rm /etc/nginx/sites-enabled/default
echo "server {
listen 443 ssl http2;
server_name "${JOPLIN_URL}";
proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;
client_max_body_size 50m;
# Proxy headers
proxy_set_header X-Forwarded-Host \$host;
proxy_set_header Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Real-IP \$remote_addr;
# SSL parameters
ssl_certificate /etc/ssl/certs/${JOPLIN_URL}.crt;
ssl_certificate_key /etc/ssl/private/${JOPLIN_URL}.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers '"EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"';
# log files
access_log /var/log/nginx/joplin.access.log;
error_log /var/log/nginx/joplin.error.log;
# Handle / requests and redirect to a specific port on localhost
location / {
proxy_redirect off;
proxy_pass http://127.0.0.1:22300;
}
}" >> /etc/nginx/sites-enabled/joplin
systemctl start nginx
Regards,