I've got a new Joplin Server set up on a Raspberry Pi in RaspOS, fully up to date. I run Joplin mainly on Windows 10. I can't get it to start syncing with the new Joplin Server set up. I was syncing with OneDrive up to now but found that unsatisfactory.
In Joplin itself, I put https://pi3/joplin in the Joplin Server URL box, and, for now, the default email and password (it's on a home LAN).
When I press the Check synchronisation configuration button, I get:
request to https://pi3/joplin/api/sessions failed, reason: getaddrinfo ENOTFOUND pi3 (Code ENOTFOUND)
Can you suggest what I can do to troubleshoot, please?
which is just copied from the XDA article, with the only changes being adding indentation (after my problem with their docker-compose.yml shown with no indentation) and my server name.
Hm. My config looks very simliar but I use a seperate subdomain. So I don't know if the rewrite rule is correct. But it is like in the XDA Article, so it should be the right.
I've a slight deviation. I don't know if this helps, but give it a try: proxy_set_header Host $http_host;
I replaced all references to pi3 with its IP address 192.168.0.103 and that was the reason for the ENOTFOUND error, so it moved me forward to the next issue:
request to https://192.168.0.103/joplin/api/sessions failed, reason: unable to verify the first certificate (Code UNABLE_TO_VERIFY_LEAF_SIGNATURE)
I'd already made /etc/ssl/certs/nginx.crt and /etc/ssl/private/nginx.key but apart from creating those, I followed
I made /etc/nginx/snippets/self-signed.conf
that mentioned /etc/nginx/dhparam.pem which did not exist, so I followed instructions to make that (about 3 hours on a Rpi 3).
I added this to /etc/nginx/nginx.conf
# added by roy
server {
listen 443 ssl;
listen [::]:443 ssl;
include snippets/self-signed.conf;
server_name 192.168.0.103;
}
That didn't work, so reverted it and tried adding it to /etc/nginx/sites-available/default though this is not a multi-site server.
That also didn't work, and I still have the UNABLE_TO_VERIFY_LEAF_SIGNATURE message.
I'm wondering whether to try Let's Encrypt's certbot, but don't know if that's only good for websites and not for locally run apps.
The complete chain should always be used as the certificate, i.e. also all intermediate certificates needs to be included.
As this is a self sign certificate, the CA with which it was signed must be installed in windows and on all other devices, or Ignore TLS certificate errors must be activated in the advanced sync settings.
Personally, all my internal services also have valid certificates, e.g. from lets encrypt.
Pressing 'Check synchronisation configuration' now shows 'Success! Synchronisation configuration appears to be correct' with Joplin Server as well, so I pressed Re-upload local data to sync target.
Then I see
Completed: 17/01/2025 20:19 (30s)
Last error: Error: Error 413 Payload Too Large: 413 Request Entity Too Large
413 Request Entity Too Large
nginx/1.22.1
So I inserted client_max_body_size 40M; into nginx.conf, pressed Re-upload local data to sync target again, and now it's creating remote items.
I've now got Joplin Server on a Pi 3 fully synced with all notes in Joplin Desktop.
As advised by @JackGruber, I got this working using Ignore TLS certificate errors.
Now I've moved on to set an iPad to sync with the Pi3 and found that there's no Ignore TLS certificate errors possibility with the iOS version of Joplin.
In iPad, I installed a self-signed nginx.crt with a Common Name of 192.168.0.103, rebooted server and restarted iPad. I set the credentials to be the same as in Joplin desktop. When I press Check synchronisation configuration, it responds Network request failed.
Looking in the log, it seems to go wrong at
JoplinServerApi: Code <undefined>
JoplinServerApi: TypeError: Network request failed
I can't use Let's Encrypt on a server on a LAN, so I used the IP address as the Common Name in a self-signed certificate.
Is there no way past this? I only want the Joplin data accessible from Windows, iPad and iPhone when I'm within WiFi range of the LAN.