Self-hosting with Docker
Requirements#
These instructions make the following assumptions:
- The machine you will be running the infrastructure on has at least 2GB of memory.
- You've just finished setting up a Linux server (say, Ubuntu 20.04 64-bit) and have installed Docker and Docker Compose on it.
- Due to mounted volumes we recommend running the setup as a root user. If you wish to run it as non-root user please remember about the post-installation steps for Linux.
- You've configured your security groups to allow for incoming SSH connections from your local IP.
- You've configured your security groups to allow for incoming TCP connections on port 80 and 443 from at least your local IP.
- You've configured a domain name (or subdomain) to point to your server's IP address.
Getting started#
Note If you are a user with an already existing legacy database of the Syncing Server, we've prepared a Migrating from Legacy guide.
SSH into your server and follow the steps below:
Make sure you are in your home directory and clone the Standard Notes Standalone Infrastructure project:
Initialize default configuration files by typing:
Customize your configuration
There are 4 environment variables that need to be filled in with generated secret keys:
AUTH_JWT_SECRETin the.envfileJWT_SECRET,LEGACY_JWT_SECRETandENCRYPTION_SERVER_KEYin thedocker/auth.envfile
You can generate values for them by using:
Note Environment variables cannot be changed with effect to take place while the docker containers are running. To change them, server needs to be restarted.
(Optional) Customize the port
By default the syncing server will run on port 3000. If it is the case that you have a different service running on that port you can customize the port on which you want to run the infrastructure on. To do that, edit the
EXPOSED_PORTvariable in the.envfile.Simply run:
This should load all the microservices that the infrastructure consists of.
Note First run might take a while since there are Docker images to be pulled and built and migrations initializing the database to be run.
Wait for the infrastructure to bootstrap
It takes a moment for the infrastructure to bootstrap and all the microservices to start. You can observe the process by typing:
Note You can safely escape from logs with CTRL+C
Note Microservices depend on each other and because of that they are starting sequentially in our setup. In the logs you will most probably observe that one service is waiting for another to start with lines like: "XYZ is unavailable yet - waiting for it to start" where XYZ is the dependent service name. This is expected.
Everything should be up and running once you observe that the
API Gatewayservice has started by seeing the following line as one of the last ones in logs:You can also check the state in which all the services are by typing:
All of the services should be in
Upstate at this stage.Test your access to the server locally:
You should be able now to check that the syncing server is running by checking
http://localhost:3000/healthcheck:Note If you changed the
EXPOSED_PORTvariable you will have to checkhttp://localhost:{EXPOSED_PORT}/healthcheck.You're done!
Securing Your Server#
In order to start using your new server with the Standard Notes app at https://app.standardnotes.org you will have to configure an HTTPS reverse proxy.
Unless you already have an HTTP/HTTPS server running that will serve as a reverse proxy to the standalone infrastructure, head over to Securing HTTP traffic of your Sync server.
Using your new server#
In the account menu, choose Advanced Options and enter the address of your new server in Sync Server Domain.
Then, register for a new account or log into an existing account and begin using your private new secure Standard Notes server!