Yes feature is just missing at this point.
Hello everyone !
Thank you for this long-awaited feature! As far as I'm concerned anyway 
Server instance up and running (https://joplin.r9r.dev).
I confirm I have the exact same bug as above after modifying a user's password (changing the email or not doesn't matter). When creating a new user, the password is correctly stored though.
I managed to solve the issue using @jt196 solution. If anyone want to use Joplin Server before the fix, you can follow theses steps to keep it secure :
- connect to joplin the first time with default creds
- create a user "admin@local" for example
- follow jt196's instructions to give admin rights to the user
- delete the default admin
- create new users (and don't change theirs password atm)
1 Like
@laurent it should be possible to do the compression of the output in the NGiNX/Apache Proxy. Don't do that in your code.
it should be possible to do the compression of the output in the NGiNX/Apache Proxy. Don't do that in your code.
That would make sense actually, and one less thing to maintain. Is that what other Node apps do in general?
Not sure about node apps, but for (web)services it is quite common. If the "transport layer" can do compression, why do it in the app? If you are unlucdky compression could be done twice, which is rather a bad thing.
There might be reasons why the app itself does compression, e.g. there's no reverse proxy in the mix. But in such a case there's ususally a flag for compression.
1 Like
Hi @laurent, I did a short google search before my post and yes, I found a post on StackExchange where they discussed how to do compression for another node app. The solution there was to use the webserver's features.
This is what a webserver normally does, and it does that pretty efficiently. I would not recommend doing that compression in node.
1 Like
@laurent - are there any plans of merging the docker_server_update branch into dev? With the release of 1.7.2, it looks like that's not taking into account the changes in docker_server_update or am I missing something?
It's already merged. What's missing?
my bad! Didn't see the merge in the commit history at first. All good
Are there plans to provide paid joplin cloud services? I don't want to deploy the service myself. . . @laurent
1 Like
Yes, once the server is stable and has the sharing feature, there will be a paid option indeed for those who prefer not to manage their own server.
8 Likes
While I do look forward to Joplin Server being released, and will definitely try it out. I've just recently started my Nextcloud server, and enjoy the integration, plus I feel fairly confident in the security of my web server and Nextcloud configuration. Now, due to the Joplin Server being new software, it isn't out of the question that there could be currently unknown security vulnerabilities, and at the very least, it's not time tested software with the huge community that Nextcloud has.
Because of this, I'm wondering if synchronizing notes with Nextcloud will ever be possible again, or if that feature/plugin is going to be totally dead after Joplin Server is finished?
Actually, an idea I just had (maybe it's stupid, I don't know, but it came to mind): how viable would it be to synchronize notes between Nextcloud and Joplin Server (assuming both are running on the same server machine)? Even if it's as simple as making a symlink to the Joplin Server note storage location inside of one of Nextcloud's directories.
Edit: I realized that synchronization with Nextcloud isn't being removed just the sharing functionality, and while this does help, I was actually looking into note synchronization for the sole purpose of sharing them with someone else : ). At this point I'm not really sure what I'm trying to ask... The security "concerns" still stand though, but I don't store any sensitive information in my notes, I'm really only concerned with the security of my server itself.
1 Like
I had the same question regarding security, but Iâm not too worried because if Joplin community is probably smaller than Nextcloudâs, there are also a lot of vigilant devs here and that makes me feel confident.
As a precaution, my plan for now is to use the benefits of Joplin Severâs higher speed to activate E2EE. I hope it will still be faster than Nextcloud that way, I will see.
1 Like
I think how secure an app is proportional to the number of users. Like now, nobody would care to hack Joplin Server because very few people use it. Much better to spend time hacking widely used open source services, such as Nextcloud. If the number of users grow, it will get more attention from hackers, but also from security researchers (like the main Joplin apps do) and so there's a kind of virtuous circle happening.
Also is Nextcloud considered that secure in general? With new release sometimes they introduce critical bugs that can lead to user data being corrupted, so if these kind of bugs go through, I'd be surprised if subtle security issues also get in the codebase over time. Also one advantage of Joplin Server is that the attack surface is much smaller
3 Likes
I heard from you guys here, Joplin Server can also be run on a webspace with supports node.
My webspace supports. What's needed to run Joplin Server here.Can anyone help ?
Hey, installed a server, it's cool.
Just one question, why not make a separate folder to collect attachments, in the Docker settings.
If everything is in the database, the database will be too huge.
I just pulled the docker image to test this out with external database.
However, I found some potential bug during the first sync. I have around 3000 notes totaling 1.5GB, during sync I can see the external database growing in size appropriately.
However the actualy Joplin Server docker image also grew in size accordingly, totalling 3.5 GB when the sync is completed. Is this the expected behavior? or is the temp file not removed etc.
1 Like
I think by default the database is stored only inside the docker container, but you can use a volume to keep it externally. I have just finished setting up my docker compose in this way, but have yet to test it....
Yeah, but I specifically set it up to use external Postgres database. The data is indeed being populated on there, but I suspect the same data is also kept inside the container resulting in duplication.
A simple forced restart of the container shrunk the image volume size back down to 2GB. I'm just wondering if there's a simple fix to stop the internal database from being used.
I'm still learning Docker, but I was initially assuming I could handle updates the same I do with e.g. NextCloud (docker down, followed by docker pull and then docker up etc.). Would this work, if I have the db volume mapped, i.e.
volumes:
- ./data/joplin:/var/lib/postgresql/data
otherwise what is the recommended way of upgrading Joplin Server?