How to: TiddlyWiki on NodeJS + nginx proxy + LetsEncrypt

I wanted to spin up a nodejs based TiddlyWiki for myself that would allow me easy access (provided I have internet) and it took a little bit to understand how all the pieces would fit together. Now that I know and am quite happy with the result I decided to share the knowledge here for others. For this guide I’m using Ubuntu Server 21.04 minimal.

Initial Setup

1. Get yourself a server, I’m using a Google Cloud free-tier instance but anything should work
2. Get yourself a domain, point @ and www at the external ip address of your server (you can also use a subdomain rather than @ and www)

Install Node

1. sudo apt update - update the list of packages available
2. sudo apt install nodejs npm - this will install nodejs and the node package manager making it easy to install TiddlyWiki, speaking of:

Install TiddlyWiki

1. sudo npm install -g tiddlywiki - globally installs the tiddlywiki command
2. mkdir ~/wiki- creates a wiki folder in our home directory, this will contain the wikis content
3. cd ~
4. tiddlywiki wiki --init server - fills the wiki folder with the basic files necessary for an empty wiki
5. nano ~/wiki/users.csv - start editing the list of users and credentials that can be used to log into the wiki, a sample version of this file can be found here: https://tiddlywiki.com/#WebServer%20Parameter%3A%20credentials

Install nginx + Let’s Encrypt

1. sudo apt install nginx
2. cd /etc/nginx/sites-available
3. sudo nano example.com - create and edit the configuration for our proxy server

server {
    server_name example.com
    client_max_body_size    100M;
    
    location / {
    proxy_pass   http://127.0.0.1:8080;
    proxy_set_header        Host             $host;
    proxy_set_header        X-Real-IP        $remote_addr;
    proxy_set_header        X-Forwarded-For  $proxy_add_x_forwarded_for;
    }
}

This will forward all traffic arriving at example.com to our wiki running on port 8080. It will also bump up the upload limit in case you wish to upload files larger than 2M.
4. sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled - this will enable the proxy
5. sudo apt install certbot python3-certbot-nginx - installs the Let’s Encrypt client and nginx plugin
6. sudo certbot --nginx - follow the instructions to create and install a certificate.

Run TiddlyWiki

1. cd ~

You now have a couple of different ways of starting the server based on who you’d like to give access

• tiddlywiki wiki --listen - starts the wiki but everyone has read/write access
• tiddlywiki wiki --listen credentials=users.csv "readers=(anon)" "writers=(authenticated)" - now anyone can read but only logged in users can edit
• tiddlywiki wiki --listen credentials=users.csv "readers=(authenticated)" "writers=(authenticated)" - completely private wiki, you need to log in to view, but you also get edit access

Once you’ve run one of the following commands you should be able to open your browser and go to your domain (example.com here) and find your fresh new TiddlyWiki!

Bonus: Install pm2
pm2 can be used to automatically restart the wiki should it crash and will start it up whenever the system boots/reboots

1. sudo npm install -g pm2@latest - globally installs the pm2 command
2. pm2 start /usr/local/bin/tiddlywiki -- /home/username/wiki --listen - this tells pm2 what command to run, we need to be a little bit more explicit and so we have to pass in the full path of the tiddlywiki command and our wiki folder. Feel free to tweak this command using one of the examples above to add authentication
3. pm2 startup will enable pm2 and the running of any services at boot

Awesome! This was on my list to document, thank you for sharing!

That is really fantastic documentation !!!

I just recently figured out how to get a “TiddlyWiki farm” (i.e. a bunch of TiddlyWikis) working in a Google Cloud Compute vm.

My setup involves TiddlyWiki on nodejs and nginx, but I used systemd for auto-launch on reboot of the machine.

(I must now look into “Let’s Encrypt”.)

Being really new to all of this, I wonder how systemd (which was already there with Debian) does compared to pm2. Are they pretty much six-of-one, half-a-dozen of another? (I’m wondering if pm2 would make my life easier the next time around.)

systemd is for system level services. NodeJS can crash, and pm helps detect this and will reboot it, without rebooting the whole server.

That’s the rough answer, you can combine the two by using systemd to run TW using pm.

Systemd is the system level init system which can be used to keep services alive and start them at boot. I bet you had to either write the systemd unit by hand or copy it from someone else. pm2 is nice because it will generate that unit for us. During regular operation it will monitor tiddlywiki and node, should they crash pm2 will restart them for us. Then on boot the systemd unit that it generated will start the monitoring up for us.

Really well presented! Mahalo (thanks)!

4 posts were split to a new topic: Problem with: NodeJS + nginx proxy + LetsEncrypt

Hello,

first, i wanted to apologize for necromancy, and to thank you for this tutorial. Even if i wont figure it out in the end, it at the very least was quite inspiring, and i will most likely try some other approach to achieve the same result, and that would still be thanks to this initial impetus!

I am trying to follow your tutorial, but I’m running into issues trying to connect to the server. When I set up a domain (i used duckdns.org) the connection times out when trying to get the lets encrypt certification and the error says that its likely firewall issue, and when i tried connecting without the encryption through the subdomain, my connection also timed out.
when going straight to the IP address of the server, i get the Nginx welcome page saying further configuration is needed. (even though i tried adding the IP address to the sites.enabled list for nginx and point it at the localhost, too
I have both HTTP and HTTPS allowed on the server, and the tiddlywiki is running on localhost.

any advice on how to attempt troubleshooting, or what could be wrong?
Thank you for any advice!

the connection times out when trying to get the lets encrypt certification

Are you using Terminal to issue the certificate?

Thank you for the reply! I’m not sure I understand the question, but ill explain what ive done in more detail.
The first step I’ve done was create a VM instance in Google Cloud services. I followed steps shown here How to Host a Website on the Google Cloud Free Tier – Tony Teaches Tech.

After I opened SSH, I started following this guide. So my first command in the SSH was sudo apt update and i went all the way to sudo apt certbot --nginx.

into the server_name in example file for the to configure the nginx (which i named after my subdomain) i put the url of my subdomain issued by duckdns which ive gotten, and i believe it worked, because the VM somehow gotten the IP address that the subdomain was assigned during the attempt to get certified by lets encrypt.
however the sudo certbot --nginx spat out an error, and said its likely to be a firewall

when i tried connecting directly to the IP of the server, i got the welcome message from nginx. when i tried adding the redirect to the servers IP it didnt do anything, and i believe the file wasnt in the list of sites to add encryption to by the certbot command, which leads me to believe i might have messed that particular experiment up

one idea i have, but have no idea how to begin testing, is that i somehow need to open the ports in SSH in the server on top of allowing the port traffic in the VM configuration, but i dont understand why that would be the case, and since im a complete beginner, i have no idea how i would go around doing that.