Home
Guide for self-hosting Notesnook on QNAP Container Station.
QNAP Container Station does not support ENV files directly, so we must make the necessary changes.
First, start with a clean working directory, where you will download the latest Docker files and also the src/Docker files.
# Download the latest Docker files.
wget https://raw.githubusercontent.com/streetwriters/notesnook-sync-server/master/docker-compose.yml
wget https://raw.githubusercontent.com/streetwriters/notesnook-sync-server/master/.envThere should be a "Container" shared folder on the NAS. If not, create it. After making the config file changes locally, copy and paste the "Docker" folder into the "Container" shared folder.
Configure the Notesnook .env file.
NOTESNOOK_API_SECRET string must be fewer than 128 characters. A long string causes login failure.
INSTANCE_NAME=notesnook.local.network
NOTESNOOK_API_SECRET=
DISABLE_SIGNUPS=false
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_HOST=
SMTP_PORT=
TWILIO_ACCOUNT_SID=
TWILIO_AUTH_TOKEN=
TWILIO_SERVICE_SID=
NOTESNOOK_CORS_ORIGINS=
NOTESNOOK_APP_PUBLIC_URL=https://app.notesnook.com
MONOGRAPH_PUBLIC_URL=https://monograph.notesnook.local.network:5265
AUTH_SERVER_PUBLIC_URL=https://auth.notesnook.local.network:5265
ATTACHMENTS_SERVER_PUBLIC_URL=https://s3.notesnook.local.network:5265
MINIO_ROOT_USER=
MINIO_ROOT_PASSWORD=Configure the Notesnook docker-compose.yml file. Because QNAP Container Station does not support ENV files directly, the environment variables must be replaced with the values manually.
Set the full path for the Notesnook .env file on the NAS:
x-env-files: &env-files
- /share/CACHEDEV1_DATA/Container/Docker/Notesnook/.envFind each environment variable starting with "${". Set environment variables:
# IDENTITY_SERVER_URL: ${AUTH_SERVER_PUBLIC_URL}
IDENTITY_SERVER_URL: http://identity-server:8264
# NOTESNOOK_APP_HOST: ${NOTESNOOK_APP_PUBLIC_URL}
NOTESNOOK_APP_HOST: https://app.notesnook.com
# S3_SERVICE_URL: "${ATTACHMENTS_SERVER_PUBLIC_URL}"
# S3_SERVICE_URL: "http://notesnook-s3:9000"
S3_SERVICE_URL: "https://s3.notesnook.local.network:5265"
# PUBLIC_URL: ${MONOGRAPH_PUBLIC_URL}
PUBLIC_URL: https://monograph.notesnook.local.network:5265If you set a custom MINIO_ROOT_USER and MINIO_ROOT_PASSWORD, then replace ${MINIO_ROOT_USER:-minioadmin} and ${MINIO_ROOT_PASSWORD:-minioadmin} as well.
An HTTPS server is required. Nginx will serve HTTPS and act as a reverse proxy for the Notesnook HTTP servers on the host.
This script will create a self-signed certificate for the server. If you are using an SSL service, you can skip this step.
Run in the "/Docker/Nginx/" directory and copy the "ssl" folder to the NAS directory "/Container/Docker/Nginx/". Script works on Fedora Linux.
Replace the variables with your domain info:
ORG="Administrator"
DOMAIN="local.network"
DAYS_VALID=30000After trusting the self-signed certificates, add the domains to the "hosts" file, which may be located at "/etc/hosts".
Add the following with your private NAS IP and domain info to the bottom:
# Notesnook.
10.0.1.1 notesnook.local.network sync.notesnook.local.network auth.notesnook.local.network events.notesnook.local.network monograph.notesnook.local.network s3.notesnook.local.network
Replace the ssl_certificate and server_name entries with your domain info.
ssl_certificate /etc/ssl/certs/local.network.crt;
ssl_certificate_key /etc/ssl/private/local.network.key;
server {
listen 5265 ssl;
server_name sync.notesnook.local.network;
# ...
}
Replace the certificate with your domain info.
- /share/CACHEDEV1_DATA/Container/Docker/Nginx/ssl/certs/local.network.crt:/etc/ssl/certs/local.network.crt:ro
- /share/CACHEDEV1_DATA/Container/Docker/Nginx/ssl/private/local.network.key:/etc/ssl/private/local.network.key:ro
Install Notesnook.
Container Station > Applications > Create > Upload > Local QNAP Device > Select YML file > Apply.
- Application name: notesnook
- Create.
Repeat for Nginx.
- Application name: nginx
- Create.
Select the "notesnook" application, and check if the 3 containers have exited 0 successfully:
- validate
- initiate-rs0
- setup-s3
"initiate-rs0" may suffer from a race condition and exit 1. Just start the container manually and look at the "Logs" tab.
After that, check "notesnook-db" "Logs" tab to confirm that the database has initialized correctly.
Check "identity-server" and other containers if they need to start manually.
These containers should be running:
- autoheal
- identity-server
- monograph-server
- notesnook-db
- notesnook-s3
- notesnook-server
- sse-server
Each one should return "Healthy".
# Check localhost.
curl http://localhost:5264/health
curl http://localhost:8264/health
curl http://localhost:7264/health
# Check internal IP.
curl http://10.0.1.1:5264/health
curl http://10.0.1.1:8264/health
curl http://10.0.1.1:7264/health
# Check Nginx HTTPS reverse proxy.
curl https://sync.notesnook.local.network:5265/health
curl https://auth.notesnook.local.network:5265/health
curl https://events.notesnook.local.network:5265/health
curl https://monograph.notesnook.local.network:5265
curl https://s3.notesnook.local.network:5265- Web app: https://app.notesnook.com/login
- Click "Configure" at the bottom of the web app or Settings > Servers in the desktop app.
- Enter the servers:
https://sync.notesnook.local.network:5265
https://auth.notesnook.local.network:5265
https://events.notesnook.local.network:5265
https://monograph.notesnook.local.network:5265
All servers must be HTTPS.
- Test connection > Save.
If your email server is not working or if you don't want email authentication, you must change the 2FA method to TOTP immediately. Otherwise, you will not be able to login again.
Settings > Authentication > Change 2FA method: Change > Setup using an authenticator app > Continue...
View recovery codes and save them.