I successfully ran this for some time as a multi-user internal organizational TiddlyWiki instance, as well as making a version that had public access turned on.
It runs on Google App Engine and with lazy loading was quite performant.
As mentioned, it doesn’t have differential access control.
Google App Engine means dealing with the full Google Cloud Platform, which is a pretty high technical bar. But, because it is fully serverless, once set up, it is both inexpensive and relatively problem free, because there are very few moving parts.
This is a minimal Google App Engine app, written in Go, that can serve as the back end for a personal TiddlyWiki
The TiddlyWiki5 implementation has a number of back end options. This app implements the backend expected by the “TiddlyWeb and TiddlySpace components” plugin.
The usual way to deploy TiddlyWeb is to run a fairly complex Python web server program. I’d rather not. Instead I implemented a minimal Go server that responds appropriately to the (relatively few) needed JSON API calls.
Authentication
The TiddlyWeb JSON API envisions a multiuser system in which different users have access to different sets of tiddlers. This Go server contains none of that: it assumes that all users have full access to everything, although it does record who created which tiddlers. The only access control is that the app.yaml here requires HTTPS and administrator login for all URLs, and as a “belt and suspenders” measure, the app itself also refuses to serve to non-admins, as checked by user.IsAdmin.
See the “Re Authentication” comment in tiddly.go for information about making the server publicly read-only (it’s not quite perfect).
Data model
The app stores the current tiddlers in Cloud Datastore as Tiddler entities. It also stores every version of every tiddler as TiddlerHistory entities. Currently nothing reads the TiddlerHistory, but in case of a mistake that wipes out important Tiddler contents it should be possible to reconstruct lost data from the TiddlerHistory.
The TiddlyWiki downloaded as index.html that runs in the browser downloads (through the JSON API) a master list of all tiddlers and their metadata when the page first loads and then lazily fetches individual tiddler content on demand.