Joplin server on Debian 11 without docker

Hi folks,

I discovered Joplin server a few weeks ago and I tried to make it works on Debian 11 without Docker.

Hopefully I found @hi-ko gists on github (can't post link ?)

So I tried to write my own doc doing the following

  • Install joplin server
  • Generate ssl self signed cert
  • Install and configure nginx as a frontend webserver.
  • If needed, add a config to haproxy.

I don't know if I'm in the right place and if it will be usefull for someone but here is the gist I wrote (can't post link so copy / paste just below).

Please just change the starting vars according your configuration and let me known if it works :slight_smile:

#!/bin/bash
# Set variables 
JOPLIN_HOME="/home/joplin"
JOPLIN_URL="joplin.domain.tld" # WITHOUT HTTP OR HTTPS
POSTGRES_ADM_PASS="changeme"
POSTGRES_USER_PASS="changeme"
POSTGRES_USER="joplindbuser"
POSTGRES_DB="joplindb"


# dl and install dep
apt update
apt -y install wget rsync sudo postgresql postgresql-client nginx rsyslog
mkdir /usr/local/src/joplin-server && cd $_

# download @ki-ho scripts
wget https://gist.githubusercontent.com/hi-ko/fbbd6f0f82955f55bb23c6f4db29bdb2/raw/73c69cbeb8d809952ca5cd38d8ca14203b90305f/joplin-build.sh
wget https://gist.githubusercontent.com/hi-ko/fbbd6f0f82955f55bb23c6f4db29bdb2/raw/73c69cbeb8d809952ca5cd38d8ca14203b90305f/joplin-requirements.sh
wget https://gist.githubusercontent.com/hi-ko/fbbd6f0f82955f55bb23c6f4db29bdb2/raw/73c69cbeb8d809952ca5cd38d8ca14203b90305f/joplin.service
wget https://gist.githubusercontent.com/hi-ko/fbbd6f0f82955f55bb23c6f4db29bdb2/raw/73c69cbeb8d809952ca5cd38d8ca14203b90305f/run.sh
chmod u+x ./joplin-requirements.sh
./joplin-requirements.sh
update-alternatives --install /usr/bin/python python /usr/bin/python2.7 2
update-alternatives --install /usr/bin/python python /usr/bin/python3.9 0
mv ./joplin-build.sh /home/joplin
mv ./run.sh /home/joplin
chown joplin: /home/joplin/*.sh
chmod u+x /home/joplin/*.sh
mv ./joplin.service /etc/systemd/system/joplin-server.service
cd /tmp/
su -c "psql -c \"ALTER USER postgres WITH password '${POSTGRES_ADM_PASS}'\"" postgres
su -c "createuser ${POSTGRES_USER}" postgres
su -c "createdb ${POSTGRES_DB} -O ${POSTGRES_USER}" postgres
su -c "psql -c \"ALTER USER ${POSTGRES_USER} WITH password '${POSTGRES_USER_PASS}';\"" postgres
su -c "${JOPLIN_HOME}/joplin-build.sh" joplin
sed -i "s|APP_BASE_URL.*|APP_BASE_URL=https:\/\/${JOPLIN_URL}|g" ${JOPLIN_HOME}/run.sh
sed -i "s/POSTGRES_PASSWORD.*/POSTGRES_PASSWORD=${POSTGRES_USER_PASS}/g" ${JOPLIN_HOME}/run.sh
sed -i "s/POSTGRES_DATABASE.*/POSTGRES_DATABASE=${POSTGRES_DB}/g" ${JOPLIN_HOME}/run.sh
sed -i "s/POSTGRES_USER.*/POSTGRES_USER=${POSTGRES_USER}/g" ${JOPLIN_HOME}/run.sh
sed -i "s/POSTGRES_HOST.*/POSTGRES_HOST=localhost/g" ${JOPLIN_HOME}/run.sh
systemctl daemon-reload
systemctl restart joplin-server
curl ${JOPLIN_URL}:22300/api/ping

# Web / TLS configuration
# Generate self signed cert

openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 \
    -subj "/C=FR/ST=Off/L=Off/O=Dis/CN=${JOPLIN_URL}" \
    -keyout /etc/ssl/private/${JOPLIN_URL}.key -out /etc/ssl/certs/${JOPLIN_URL}.crt

# Install and configuration Nginx
systemctl stop nginx
rm /etc/nginx/sites-enabled/default
echo "server {
    listen 443 ssl http2;
    server_name "${JOPLIN_URL}";

    proxy_read_timeout 720s;
    proxy_connect_timeout 720s;
    proxy_send_timeout 720s;

    client_max_body_size 50m;

    # Proxy headers
    proxy_set_header X-Forwarded-Host \$host;
    proxy_set_header Host \$host;
    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto \$scheme;
    proxy_set_header X-Real-IP \$remote_addr;

    # SSL parameters
    ssl_certificate /etc/ssl/certs/${JOPLIN_URL}.crt;
    ssl_certificate_key /etc/ssl/private/${JOPLIN_URL}.key;
    ssl_protocols  TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers '"EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"';

    # log files
    access_log /var/log/nginx/joplin.access.log;
    error_log /var/log/nginx/joplin.error.log;

    # Handle / requests and redirect to a specific port on localhost
    location / {
       proxy_redirect off;
       proxy_pass http://127.0.0.1:22300;
    }
}" >> /etc/nginx/sites-enabled/joplin
systemctl start nginx

Regards,

2 Likes

Hi @Unam, since gist is not the best source to track changes and collaborate I moved the updated version for the latest joplin-server to GitHub - hi-ko/joplin-server-ubuntu-install: install joplin-server on Ubuntu 20