zadam/trilium
1
1
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-06 05:25:37 +08:00
Code Issues Projects Releases Packages Wiki Activity

feat(docs): try to also improve how environment variables are shown in docs

Browse source
This commit is contained in:
perf3ct 2025-08-21 02:21:00 +00:00
parent 8abd3ed3f1
commit 4ce9102f93
No known key found for this signature in database
GPG key ID: 569C4EEC436F5232
8 changed files with 511 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

358
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Advanced Usage/Configuration (config.ini or e.html generated vendored
View file

@ -1,27 +1,335 @@
<p>Trilium supports configuration via a file named <code>config.ini</code> and
environment variables. Please review the file named <a href="https://github.com/TriliumNext/Trilium/blob/main/apps/server/src/assets/config-sample.ini">config-sample.ini</a> in
the <a href="https://github.com/TriliumNext/Trilium">Trilium</a> repository
to see what values are supported.</p>
<p>You can provide the same values via environment variables instead of the <code>config.ini</code> file,
and these environment variables use the following format:</p>
<p>Trilium supports configuration via a file named <code>config.ini</code> and environment variables. This document provides a comprehensive reference for all configuration options.</p>
<h2>Configuration Precedence</h2>
<p>Configuration values are loaded in the following order of precedence (highest to lowest):</p>
<ol>
<li>Environment variables should be prefixed with <code>TRILIUM_</code> and
use underscores to represent the INI section structure.</li>
<li>The format is: <code>TRILIUM_&lt;SECTION&gt;_&lt;KEY&gt;=&lt;VALUE&gt;</code>
</li>
<li>The environment variables will override any matching values from config.ini</li>
<li><strong>Environment variables</strong> (checked first)</li>
<li><strong>config.ini file values</strong></li>
<li><strong>Default values</strong></li>
</ol>
<p>For example, if you have this in your config.ini:</p><pre><code class="language-text-x-trilium-auto">[Network]
host=localhost
port=8080</code></pre>
<p>You can override these values using environment variables:</p><pre><code class="language-text-x-trilium-auto">TRILIUM_NETWORK_HOST=0.0.0.0
TRILIUM_NETWORK_PORT=9000</code></pre>
<p>The code will:</p>
<ol>
<li>First load the <code>config.ini</code> file as before</li>
<li>Then scan all environment variables for ones starting with <code>TRILIUM_</code>
</li>
<li>Parse these variables into section/key pairs</li>
<li>Merge them with the config from the file, with environment variables taking
precedence</li>
</ol>
<h2>Environment Variable Patterns</h2>
<p>Trilium supports multiple environment variable patterns for flexibility. The primary pattern is: <code>TRILIUM_[SECTION]_[KEY]</code></p>
<p>Where:</p>
<ul>
<li><code>SECTION</code> is the INI section name in UPPERCASE</li>
<li><code>KEY</code> is the camelCase configuration key converted to UPPERCASE (e.g., <code>instanceName</code><code>INSTANCENAME</code>)</li>
</ul>
<p>Additionally, shorter aliases are available for common configurations (see Alternative Variables section below).</p>
<h2>Environment Variable Reference</h2>
<h3>General Section</h3>
<table>
<thead>
<tr>
<th>Environment Variable</th>
<th>Type</th>
<th>Default</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>TRILIUM_GENERAL_INSTANCENAME</code></td>
<td>string</td>
<td>""</td>
<td>Instance name for API identification</td>
</tr>
<tr>
<td><code>TRILIUM_GENERAL_NOAUTHENTICATION</code></td>
<td>boolean</td>
<td>false</td>
<td>Disable authentication (server only)</td>
</tr>
<tr>
<td><code>TRILIUM_GENERAL_NOBACKUP</code></td>
<td>boolean</td>
<td>false</td>
<td>Disable automatic backups</td>
</tr>
<tr>
<td><code>TRILIUM_GENERAL_NODESKTOPICON</code></td>
<td>boolean</td>
<td>false</td>
<td>Disable desktop icon creation</td>
</tr>
<tr>
<td><code>TRILIUM_GENERAL_READONLY</code></td>
<td>boolean</td>
<td>false</td>
<td>Enable read-only mode</td>
</tr>
</tbody>
</table>
<h3>Network Section</h3>
<table>
<thead>
<tr>
<th>Environment Variable</th>
<th>Type</th>
<th>Default</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>TRILIUM_NETWORK_HOST</code></td>
<td>string</td>
<td>"0.0.0.0"</td>
<td>Server host binding</td>
</tr>
<tr>
<td><code>TRILIUM_NETWORK_PORT</code></td>
<td>string</td>
<td>"3000"</td>
<td>Server port</td>
</tr>
<tr>
<td><code>TRILIUM_NETWORK_HTTPS</code></td>
<td>boolean</td>
<td>false</td>
<td>Enable HTTPS</td>
</tr>
<tr>
<td><code>TRILIUM_NETWORK_CERTPATH</code></td>
<td>string</td>
<td>""</td>
<td>SSL certificate path</td>
</tr>
<tr>
<td><code>TRILIUM_NETWORK_KEYPATH</code></td>
<td>string</td>
<td>""</td>
<td>SSL key path</td>
</tr>
<tr>
<td><code>TRILIUM_NETWORK_TRUSTEDREVERSEPROXY</code></td>
<td>boolean/string</td>
<td>false</td>
<td>Reverse proxy trust settings</td>
</tr>
<tr>
<td><code>TRILIUM_NETWORK_CORSALLOWORIGIN</code></td>
<td>string</td>
<td>""</td>
<td>CORS allowed origins</td>
</tr>
<tr>
<td><code>TRILIUM_NETWORK_CORSALLOWMETHODS</code></td>
<td>string</td>
<td>""</td>
<td>CORS allowed methods</td>
</tr>
<tr>
<td><code>TRILIUM_NETWORK_CORSALLOWHEADERS</code></td>
<td>string</td>
<td>""</td>
<td>CORS allowed headers</td>
</tr>
</tbody>
</table>
<h3>Session Section</h3>
<table>
<thead>
<tr>
<th>Environment Variable</th>
<th>Type</th>
<th>Default</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>TRILIUM_SESSION_COOKIEMAXAGE</code></td>
<td>integer</td>
<td>1814400</td>
<td>Session cookie max age in seconds (21 days)</td>
</tr>
</tbody>
</table>
<h3>Sync Section</h3>
<table>
<thead>
<tr>
<th>Environment Variable</th>
<th>Type</th>
<th>Default</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>TRILIUM_SYNC_SYNCSERVERHOST</code></td>
<td>string</td>
<td>""</td>
<td>Sync server host URL</td>
</tr>
<tr>
<td><code>TRILIUM_SYNC_SYNCSERVERTIMEOUT</code></td>
<td>string</td>
<td>"120000"</td>
<td>Sync server timeout in milliseconds</td>
</tr>
<tr>
<td><code>TRILIUM_SYNC_SYNCPROXY</code></td>
<td>string</td>
<td>""</td>
<td>Sync proxy URL</td>
</tr>
</tbody>
</table>
<h3>MultiFactorAuthentication Section</h3>
<table>
<thead>
<tr>
<th>Environment Variable</th>
<th>Type</th>
<th>Default</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL</code></td>
<td>string</td>
<td>""</td>
<td>OAuth/OpenID base URL</td>
</tr>
<tr>
<td><code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTID</code></td>
<td>string</td>
<td>""</td>
<td>OAuth client ID</td>
</tr>
<tr>
<td><code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTSECRET</code></td>
<td>string</td>
<td>""</td>
<td>OAuth client secret</td>
</tr>
<tr>
<td><code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERBASEURL</code></td>
<td>string</td>
<td>"https://accounts.google.com"</td>
<td>OAuth issuer base URL</td>
</tr>
<tr>
<td><code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERNAME</code></td>
<td>string</td>
<td>"Google"</td>
<td>OAuth issuer display name</td>
</tr>
<tr>
<td><code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERICON</code></td>
<td>string</td>
<td>""</td>
<td>OAuth issuer icon URL</td>
</tr>
</tbody>
</table>
<h3>Logging Section</h3>
<table>
<thead>
<tr>
<th>Environment Variable</th>
<th>Type</th>
<th>Default</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>TRILIUM_LOGGING_RETENTIONDAYS</code></td>
<td>integer</td>
<td>90</td>
<td>Number of days to retain log files</td>
</tr>
</tbody>
</table>
<h2>Alternative Environment Variables</h2>
<p>The following alternative environment variable names are also supported and work identically to their longer counterparts:</p>
<h3>Network CORS Variables</h3>
<ul>
<li><code>TRILIUM_NETWORK_CORS_ALLOW_ORIGIN</code> (alternative to <code>TRILIUM_NETWORK_CORSALLOWORIGIN</code>)</li>
<li><code>TRILIUM_NETWORK_CORS_ALLOW_METHODS</code> (alternative to <code>TRILIUM_NETWORK_CORSALLOWMETHODS</code>)</li>
<li><code>TRILIUM_NETWORK_CORS_ALLOW_HEADERS</code> (alternative to <code>TRILIUM_NETWORK_CORSALLOWHEADERS</code>)</li>
</ul>
<h3>Sync Variables</h3>
<ul>
<li><code>TRILIUM_SYNC_SERVER_HOST</code> (alternative to <code>TRILIUM_SYNC_SYNCSERVERHOST</code>)</li>
<li><code>TRILIUM_SYNC_SERVER_TIMEOUT</code> (alternative to <code>TRILIUM_SYNC_SYNCSERVERTIMEOUT</code>)</li>
<li><code>TRILIUM_SYNC_SERVER_PROXY</code> (alternative to <code>TRILIUM_SYNC_SYNCPROXY</code>)</li>
</ul>
<h3>OAuth/MFA Variables</h3>
<ul>
<li><code>TRILIUM_OAUTH_BASE_URL</code> (alternative to <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL</code>)</li>
<li><code>TRILIUM_OAUTH_CLIENT_ID</code> (alternative to <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTID</code>)</li>
<li><code>TRILIUM_OAUTH_CLIENT_SECRET</code> (alternative to <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTSECRET</code>)</li>
<li><code>TRILIUM_OAUTH_ISSUER_BASE_URL</code> (alternative to <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERBASEURL</code>)</li>
<li><code>TRILIUM_OAUTH_ISSUER_NAME</code> (alternative to <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERNAME</code>)</li>
<li><code>TRILIUM_OAUTH_ISSUER_ICON</code> (alternative to <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERICON</code>)</li>
</ul>
<h3>Logging Variables</h3>
<ul>
<li><code>TRILIUM_LOGGING_RETENTION_DAYS</code> (alternative to <code>TRILIUM_LOGGING_RETENTIONDAYS</code>)</li>
</ul>
<h2>Boolean Values</h2>
<p>Boolean environment variables accept the following values:</p>
<ul>
<li><strong>True</strong>: <code>"true"</code>, <code>"1"</code>, <code>1</code></li>
<li><strong>False</strong>: <code>"false"</code>, <code>"0"</code>, <code>0</code></li>
<li>Any other value defaults to <code>false</code></li>
</ul>
<h2>Using Environment Variables</h2>
<p>Both naming patterns are fully supported and can be used interchangeably:</p>
<ul>
<li>The longer format follows the section/key pattern for consistency with the INI file structure</li>
<li>The shorter alternatives provide convenience for common configurations</li>
<li>You can use whichever format you prefer - both are equally valid</li>
</ul>
<h2>Examples</h2>
<h3>Docker Compose Example</h3>
<pre><code class="language-yaml">services:
trilium:
image: triliumnext/notes
environment:
# Using full format
TRILIUM_GENERAL_INSTANCENAME: "My Trilium Instance"
TRILIUM_NETWORK_PORT: "8080"
TRILIUM_NETWORK_CORSALLOWORIGIN: "https://myapp.com"
TRILIUM_SYNC_SYNCSERVERHOST: "https://sync.example.com"
TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL: "https://auth.example.com"
# Or using shorter alternatives (equally valid)
# TRILIUM_NETWORK_CORS_ALLOW_ORIGIN: "https://myapp.com"
# TRILIUM_SYNC_SERVER_HOST: "https://sync.example.com"
# TRILIUM_OAUTH_BASE_URL: "https://auth.example.com"</code></pre>
<h3>Shell Export Example</h3>
<pre><code class="language-bash"># Using either format
export TRILIUM_GENERAL_NOAUTHENTICATION=false
export TRILIUM_NETWORK_HTTPS=true
export TRILIUM_NETWORK_CERTPATH=/path/to/cert.pem
export TRILIUM_NETWORK_KEYPATH=/path/to/key.pem
export TRILIUM_LOGGING_RETENTIONDAYS=30
# Start Trilium
npm start</code></pre>
<h2>config.ini Reference</h2>
<p>For the complete list of configuration options and their INI file format, please review the <a href="https://github.com/TriliumNext/Trilium/blob/main/apps/server/src/assets/config-sample.ini">config-sample.ini</a> file in the Trilium repository.</p>

1
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Using Docker.html generated vendored
View file

@ -134,6 +134,7 @@ docker run -d --name trilium -p 8080:8080 --user $(id -u):$(id -g) -v ~/trilium-
<li><code>TRILIUM_DATA_DIR</code>: Path to the data directory inside the container
(default: <code>/home/node/trilium-data</code>)</li>
</ul>
<p>For a complete list of configuration environment variables (network settings, authentication, sync, etc.), see <a class="reference-link" href="#root/_help_Gzjqa934BdH4">Configuration (config.ini or environment variables)</a>.</p>
<h3>Volume Permissions</h3>
<p>If you encounter permission issues with the data volume, ensure that:</p>
<ol>

15
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/Multi-Factor Authentication.html generated vendored
View file

@ -49,7 +49,12 @@ class="admonition warning">
the <code>config.ini</code> file (check&nbsp;<a class="reference-link" href="#root/_help_Gzjqa934BdH4">Configuration (config.ini or environment variables)</a>&nbsp;for
more information).
<ol>
<li>You can also setup through environment variables (<code>TRILIUM_OAUTH_BASE_URL</code>, <code>TRILIUM_OAUTH_CLIENT_ID</code> and <code>TRILIUM_OAUTH_CLIENT_SECRET</code>).</li>
<li>You can also setup through environment variables:
<ul>
<li>Standard: <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL</code>, <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTID</code>, <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTSECRET</code></li>
<li>Legacy (still supported): <code>TRILIUM_OAUTH_BASE_URL</code>, <code>TRILIUM_OAUTH_CLIENT_ID</code>, <code>TRILIUM_OAUTH_CLIENT_SECRET</code></li>
</ul>
</li>
<li><code>oauthBaseUrl</code> should be the link of your Trilium instance server,
for example, <code>https://&lt;your-trilium-domain&gt;</code>.</li>
</ol>
@ -64,8 +69,12 @@ class="admonition warning">
<p>The default OAuth issuer is Google. To use other services such as Authentik
or Auth0, you can configure the settings via <code>oauthIssuerBaseUrl</code>, <code>oauthIssuerName</code>,
and <code>oauthIssuerIcon</code> in the <code>config.ini</code> file. Alternatively,
these values can be set using environment variables: <code>TRILIUM_OAUTH_ISSUER_BASE_URL</code>, <code>TRILIUM_OAUTH_ISSUER_NAME</code>,
and <code>TRILIUM_OAUTH_ISSUER_ICON</code>. <code>oauthIssuerName</code> and <code>oauthIssuerIcon</code> are
these values can be set using environment variables:
<ul>
<li>Standard: <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERBASEURL</code>, <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERNAME</code>, <code>TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERICON</code></li>
<li>Legacy (still supported): <code>TRILIUM_OAUTH_ISSUER_BASE_URL</code>, <code>TRILIUM_OAUTH_ISSUER_NAME</code>, <code>TRILIUM_OAUTH_ISSUER_ICON</code></li>
</ul>
<code>oauthIssuerName</code> and <code>oauthIssuerIcon</code> are
required for displaying correct issuer information at the Login page.</p>
</aside>
<h4>Authentik</h4>

5
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/TLS Configuration.html generated vendored
View file

@ -26,7 +26,10 @@ https=true
certPath=/[username]/.acme.sh/[hostname]/fullchain.cer
keyPath=/[username]/.acme.sh/[hostname]/example.com.key</code></pre>
<p>You can also review the <a href="#root/_help_Gzjqa934BdH4">configuration</a> file
to provide all <code>config.ini</code> values as environment variables instead.</p>
to provide all <code>config.ini</code> values as environment variables instead. For example, you can configure TLS using environment variables:</p>
<pre><code class="language-bash">export TRILIUM_NETWORK_HTTPS=true
export TRILIUM_NETWORK_CERTPATH=/path/to/cert.pem
export TRILIUM_NETWORK_KEYPATH=/path/to/key.pem</code></pre>
<p>The above example shows how this is set up in an environment where the
certificate was generated using Let's Encrypt's ACME utility. Your paths
may differ. For Docker installations, ensure these paths are within a volume

163
docs/User Guide/User Guide/Advanced Usage/Configuration (config.ini or e.md vendored
View file

@ -1,30 +1,155 @@
# Configuration (config.ini or environment variables)
Trilium supports configuration via a file named `config.ini` and environment variables. Please review the file named [config-sample.ini](https://github.com/TriliumNext/Trilium/blob/main/apps/server/src/assets/config-sample.ini) in the [Trilium](https://github.com/TriliumNext/Trilium) repository to see what values are supported.
You can provide the same values via environment variables instead of the `config.ini` file, and these environment variables use the following format:
Trilium supports configuration via a file named `config.ini` and environment variables. This document provides a comprehensive reference for all configuration options.
1. Environment variables should be prefixed with `TRILIUM_` and use underscores to represent the INI section structure.
2. The format is: `TRILIUM_<SECTION>_<KEY>=<VALUE>`
3. The environment variables will override any matching values from config.ini
## Configuration Precedence
For example, if you have this in your config.ini:
Configuration values are loaded in the following order of precedence (highest to lowest):
1. **Environment variables** (checked first)
2. **config.ini file values**
3. **Default values**
```
[Network]
host=localhost
port=8080
## Environment Variable Patterns
Trilium supports multiple environment variable patterns for flexibility. The primary pattern is: `TRILIUM_[SECTION]_[KEY]`
Where:
- `SECTION` is the INI section name in UPPERCASE
- `KEY` is the camelCase configuration key converted to UPPERCASE (e.g., `instanceName``INSTANCENAME`)
Additionally, shorter aliases are available for common configurations (see Alternative Variables section below).
## Environment Variable Reference
### General Section
| Environment Variable | Type | Default | Description |
|------------------|------|---------|-------------|
| `TRILIUM_GENERAL_INSTANCENAME` | string | "" | Instance name for API identification |
| `TRILIUM_GENERAL_NOAUTHENTICATION` | boolean | false | Disable authentication (server only) |
| `TRILIUM_GENERAL_NOBACKUP` | boolean | false | Disable automatic backups |
| `TRILIUM_GENERAL_NODESKTOPICON` | boolean | false | Disable desktop icon creation |
| `TRILIUM_GENERAL_READONLY` | boolean | false | Enable read-only mode |
### Network Section
| Environment Variable | Type | Default | Description |
|------------------|------|---------|-------------|
| `TRILIUM_NETWORK_HOST` | string | "0.0.0.0" | Server host binding |
| `TRILIUM_NETWORK_PORT` | string | "3000" | Server port |
| `TRILIUM_NETWORK_HTTPS` | boolean | false | Enable HTTPS |
| `TRILIUM_NETWORK_CERTPATH` | string | "" | SSL certificate path |
| `TRILIUM_NETWORK_KEYPATH` | string | "" | SSL key path |
| `TRILIUM_NETWORK_TRUSTEDREVERSEPROXY` | boolean/string | false | Reverse proxy trust settings |
| `TRILIUM_NETWORK_CORSALLOWORIGIN` | string | "" | CORS allowed origins |
| `TRILIUM_NETWORK_CORSALLOWMETHODS` | string | "" | CORS allowed methods |
| `TRILIUM_NETWORK_CORSALLOWHEADERS` | string | "" | CORS allowed headers |
### Session Section
| Environment Variable | Type | Default | Description |
|------------------|------|---------|-------------|
| `TRILIUM_SESSION_COOKIEMAXAGE` | integer | 1814400 | Session cookie max age in seconds (21 days) |
### Sync Section
| Environment Variable | Type | Default | Description |
|------------------|------|---------|-------------|
| `TRILIUM_SYNC_SYNCSERVERHOST` | string | "" | Sync server host URL |
| `TRILIUM_SYNC_SYNCSERVERTIMEOUT` | string | "120000" | Sync server timeout in milliseconds |
| `TRILIUM_SYNC_SYNCPROXY` | string | "" | Sync proxy URL |
### MultiFactorAuthentication Section
| Environment Variable | Type | Default | Description |
|------------------|------|---------|-------------|
| `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL` | string | "" | OAuth/OpenID base URL |
| `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTID` | string | "" | OAuth client ID |
| `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTSECRET` | string | "" | OAuth client secret |
| `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERBASEURL` | string | "https://accounts.google.com" | OAuth issuer base URL |
| `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERNAME` | string | "Google" | OAuth issuer display name |
| `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERICON` | string | "" | OAuth issuer icon URL |
### Logging Section
| Environment Variable | Type | Default | Description |
|------------------|------|---------|-------------|
| `TRILIUM_LOGGING_RETENTIONDAYS` | integer | 90 | Number of days to retain log files |
## Alternative Environment Variables
The following alternative environment variable names are also supported and work identically to their longer counterparts:
### Network CORS Variables
- `TRILIUM_NETWORK_CORS_ALLOW_ORIGIN` (alternative to `TRILIUM_NETWORK_CORSALLOWORIGIN`)
- `TRILIUM_NETWORK_CORS_ALLOW_METHODS` (alternative to `TRILIUM_NETWORK_CORSALLOWMETHODS`)
- `TRILIUM_NETWORK_CORS_ALLOW_HEADERS` (alternative to `TRILIUM_NETWORK_CORSALLOWHEADERS`)
### Sync Variables
- `TRILIUM_SYNC_SERVER_HOST` (alternative to `TRILIUM_SYNC_SYNCSERVERHOST`)
- `TRILIUM_SYNC_SERVER_TIMEOUT` (alternative to `TRILIUM_SYNC_SYNCSERVERTIMEOUT`)
- `TRILIUM_SYNC_SERVER_PROXY` (alternative to `TRILIUM_SYNC_SYNCPROXY`)
### OAuth/MFA Variables
- `TRILIUM_OAUTH_BASE_URL` (alternative to `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL`)
- `TRILIUM_OAUTH_CLIENT_ID` (alternative to `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTID`)
- `TRILIUM_OAUTH_CLIENT_SECRET` (alternative to `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTSECRET`)
- `TRILIUM_OAUTH_ISSUER_BASE_URL` (alternative to `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERBASEURL`)
- `TRILIUM_OAUTH_ISSUER_NAME` (alternative to `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERNAME`)
- `TRILIUM_OAUTH_ISSUER_ICON` (alternative to `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERICON`)
### Logging Variables
- `TRILIUM_LOGGING_RETENTION_DAYS` (alternative to `TRILIUM_LOGGING_RETENTIONDAYS`)
## Boolean Values
Boolean environment variables accept the following values:
- **True**: `"true"`, `"1"`, `1`
- **False**: `"false"`, `"0"`, `0`
- Any other value defaults to `false`
## Using Environment Variables
Both naming patterns are fully supported and can be used interchangeably:
- The longer format follows the section/key pattern for consistency with the INI file structure
- The shorter alternatives provide convenience for common configurations
- You can use whichever format you prefer - both are equally valid
## Examples
### Docker Compose Example
```yaml
services:
trilium:
image: triliumnext/notes
environment:
# Using full format
TRILIUM_GENERAL_INSTANCENAME: "My Trilium Instance"
TRILIUM_NETWORK_PORT: "8080"
TRILIUM_NETWORK_CORSALLOWORIGIN: "https://myapp.com"
TRILIUM_SYNC_SYNCSERVERHOST: "https://sync.example.com"
TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL: "https://auth.example.com"
# Or using shorter alternatives (equally valid)
# TRILIUM_NETWORK_CORS_ALLOW_ORIGIN: "https://myapp.com"
# TRILIUM_SYNC_SERVER_HOST: "https://sync.example.com"
# TRILIUM_OAUTH_BASE_URL: "https://auth.example.com"
```
You can override these values using environment variables:
### Shell Export Example
```bash
# Using either format
export TRILIUM_GENERAL_NOAUTHENTICATION=false
export TRILIUM_NETWORK_HTTPS=true
export TRILIUM_NETWORK_CERTPATH=/path/to/cert.pem
export TRILIUM_NETWORK_KEYPATH=/path/to/key.pem
export TRILIUM_LOGGING_RETENTIONDAYS=30
```
TRILIUM_NETWORK_HOST=0.0.0.0
TRILIUM_NETWORK_PORT=9000
# Start Trilium
npm start
```
The code will:
## config.ini Reference
1. First load the `config.ini` file as before
2. Then scan all environment variables for ones starting with `TRILIUM_`
3. Parse these variables into section/key pairs
4. Merge them with the config from the file, with environment variables taking precedence
For the complete list of configuration options and their INI file format, please review the [config-sample.ini](https://github.com/TriliumNext/Trilium/blob/main/apps/server/src/assets/config-sample.ini) file in the Trilium repository

2
docs/User Guide/User Guide/Installation & Setup/Server Installation/1. Installing the server/Using Docker.md vendored
View file

@ -187,6 +187,8 @@ docker run -d --name trilium -p 8080:8080 --user $(id -u):$(id -g) -v ~/trilium-
* `TRILIUM_GID`: GID to use for the container process (passed to Docker's `--user` flag)
* `TRILIUM_DATA_DIR`: Path to the data directory inside the container (default: `/home/node/trilium-data`)
For a complete list of configuration environment variables (network settings, authentication, sync, etc.), see <a class="reference-link" href="../../Advanced%20Usage/Configuration%20(config.ini%20or%20e.md">Configuration (config.ini or environment variables)</a>.
### Volume Permissions
If you encounter permission issues with the data volume, ensure that:

10
docs/User Guide/User Guide/Installation & Setup/Server Installation/Multi-Factor Authentication.md vendored
View file

@ -37,7 +37,9 @@ MFA can only be set up on a server instance.
In order to setup OpenID, you will need to setup a authentication provider. This requires a bit of extra setup. Follow [these instructions](https://developers.google.com/identity/openid-connect/openid-connect) to setup an OpenID service through google. The Redirect URL of Trilium is `https://<your-trilium-domain>/callback`.
1. Set the `oauthBaseUrl`, `oauthClientId` and `oauthClientSecret` in the `config.ini` file (check <a class="reference-link" href="../../Advanced%20Usage/Configuration%20(config.ini%20or%20e.md">Configuration (config.ini or environment variables)</a> for more information).
1. You can also setup through environment variables (`TRILIUM_OAUTH_BASE_URL`, `TRILIUM_OAUTH_CLIENT_ID` and `TRILIUM_OAUTH_CLIENT_SECRET`).
1. You can also setup through environment variables:
- Standard: `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL`, `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTID`, `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTSECRET`
- Legacy (still supported): `TRILIUM_OAUTH_BASE_URL`, `TRILIUM_OAUTH_CLIENT_ID`, `TRILIUM_OAUTH_CLIENT_SECRET`
2. `oauthBaseUrl` should be the link of your Trilium instance server, for example, `https://<your-trilium-domain>`.
2. Restart the server
3. Go to "Menu" -> "Options" -> "MFA"
@ -46,7 +48,11 @@ In order to setup OpenID, you will need to setup a authentication provider. This
6. Refresh the page and login through OpenID provider
> [!NOTE]
> The default OAuth issuer is Google. To use other services such as Authentik or Auth0, you can configure the settings via `oauthIssuerBaseUrl`, `oauthIssuerName`, and `oauthIssuerIcon` in the `config.ini` file. Alternatively, these values can be set using environment variables: `TRILIUM_OAUTH_ISSUER_BASE_URL`, `TRILIUM_OAUTH_ISSUER_NAME`, and `TRILIUM_OAUTH_ISSUER_ICON`. `oauthIssuerName` and `oauthIssuerIcon` are required for displaying correct issuer information at the Login page.
> The default OAuth issuer is Google. To use other services such as Authentik or Auth0, you can configure the settings via `oauthIssuerBaseUrl`, `oauthIssuerName`, and `oauthIssuerIcon` in the `config.ini` file. Alternatively, these values can be set using environment variables:
> - Standard: `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERBASEURL`, `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERNAME`, `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERICON`
> - Legacy (still supported): `TRILIUM_OAUTH_ISSUER_BASE_URL`, `TRILIUM_OAUTH_ISSUER_NAME`, `TRILIUM_OAUTH_ISSUER_ICON`
>
> `oauthIssuerName` and `oauthIssuerIcon` are required for displaying correct issuer information at the Login page.
#### Authentik

8
docs/User Guide/User Guide/Installation & Setup/Server Installation/TLS Configuration.md vendored
View file

@ -25,7 +25,13 @@ certPath=/[username]/.acme.sh/[hostname]/fullchain.cer
keyPath=/[username]/.acme.sh/[hostname]/example.com.key
```
You can also review the [configuration](../../Advanced%20Usage/Configuration%20\(config.ini%20or%20e.md) file to provide all `config.ini` values as environment variables instead.
You can also review the [configuration](../../Advanced%20Usage/Configuration%20\(config.ini%20or%20e.md) file to provide all `config.ini` values as environment variables instead. For example, you can configure TLS using environment variables:
```bash
export TRILIUM_NETWORK_HTTPS=true
export TRILIUM_NETWORK_CERTPATH=/path/to/cert.pem
export TRILIUM_NETWORK_KEYPATH=/path/to/key.pem
```
The above example shows how this is set up in an environment where the certificate was generated using Let's Encrypt's ACME utility. Your paths may differ. For Docker installations, ensure these paths are within a volume or another directory accessible by the Docker container, such as `/home/node/trilium-data/[DIR IN DATA DIRECTORY]`.