Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-03 20:06:08 +01:00
Code Issues Packages Projects Releases Activity

feat(docs): add some more documentation around features that previously weren't documented

Browse Source
This commit is contained in:
perf3ct
2025-08-21 20:29:34 +00:00
parent 4c8da70ef3
commit 5c79760a4a
59 changed files with 26206 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

855
docs/User Guide/!!!meta.json vendored
View File

File diff suppressed because it is too large Load Diff

465
docs/User Guide/User Guide/Advanced Usage/Search/Advanced-Search-Expressions.md vendored Normal file
View File

@@ -0,0 +1,465 @@
# Advanced-Search-Expressions
## Advanced Search Expressions
This guide covers complex search expressions that combine multiple criteria, use advanced operators, and leverage Trilium's relationship system for sophisticated queries.
## Complex Query Construction
### Boolean Logic with Parentheses
Use parentheses to group expressions and control evaluation order:
```
(#book OR #article) AND #author=Tolkien
```
Finds notes that are either books or articles, written by Tolkien.
```
#project AND (#status=active OR #status=pending)
```
Finds active or pending projects.
```
meeting AND (#priority=high OR #urgent) AND note.dateCreated >= TODAY-7
```
Finds recent high-priority or urgent meetings.
### Negation Patterns
Use `NOT` or the `not()` function to exclude certain criteria:
```
#book AND not(#genre=fiction)
```
Finds non-fiction books.
```
project AND not(note.isArchived=true)
```
Finds non-archived notes containing "project".
```
#!completed
```
Short syntax for notes without the "completed" label.
### Mixed Search Types
Combine full-text, attribute, and property searches:
```
development #category=work note.type=text note.dateModified >= TODAY-30
```
Finds text notes about development, categorized as work, modified in the last 30 days.
## Advanced Attribute Searches
### Fuzzy Attribute Matching
When fuzzy attribute search is enabled, you can use partial matches:
```
#lang
```
Matches labels like "language", "languages", "programming-lang", etc.
```
#category=prog
```
Matches categories like "programming", "progress", "program", etc.
### Multiple Attribute Conditions
```
#book #author=Tolkien #publicationYear>=1950 #publicationYear<1960
```
Finds Tolkien's books published in the 1950s.
```
#task #priority=high #status!=completed
```
Finds high-priority incomplete tasks.
### Complex Label Value Patterns
Use various operators for sophisticated label matching:
```
#isbn %= '978-[0-9-]+'
```
Finds notes with ISBN labels matching the pattern (regex).
```
#email *=* @company.com
```
Finds notes with email labels containing "@company.com".
```
#version >= 2.0
```
Finds notes with version labels of 2.0 or higher (numeric comparison).
## Relationship Traversal
### Basic Relation Queries
```
~author.title *=* Tolkien
```
Finds notes with an "author" relation to notes containing "Tolkien" in the title.
```
~project.labels.status = active
```
Finds notes related to projects with active status.
### Multi-Level Relationships
```
~author.relations.publisher.title = "Penguin Books"
```
Finds notes authored by someone published by Penguin Books.
```
~project.children.title *=* documentation
```
Finds notes related to projects that have child notes about documentation.
### Relationship Direction
```
note.children.title = "Chapter 1"
```
Finds parent notes that have a child titled "Chapter 1".
```
note.parents.labels.category = book
```
Finds notes whose parents are categorized as books.
```
note.ancestors.title = "Literature"
```
Finds notes with "Literature" anywhere in their ancestor chain.
## Property-Based Searches
### Note Metadata Queries
```
note.type=code note.mime=text/javascript note.dateCreated >= MONTH
```
Finds JavaScript code notes created this month.
```
note.isProtected=true note.contentSize > 1000
```
Finds large protected notes.
```
note.childrenCount >= 10 note.type=text
```
Finds text notes with many children.
### Advanced Property Combinations
```
note.parentCount > 1 #template
```
Finds template notes that are cloned in multiple places.
```
note.attributeCount > 5 note.type=text note.contentSize < 500
```
Finds small text notes with many attributes (heavily tagged short notes).
```
note.revisionCount > 10 note.dateModified >= TODAY-7
```
Finds frequently edited notes modified recently.
## Date and Time Expressions
### Relative Date Calculations
```
#dueDate <= TODAY+7 #dueDate >= TODAY
```
Finds tasks due in the next week.
```
note.dateCreated >= MONTH-2 note.dateCreated < MONTH
```
Finds notes created in the past two months.
```
#eventDate = YEAR note.dateCreated >= YEAR-1
```
Finds events scheduled for this year that were planned last year.
### Complex Date Logic
```
(#startDate <= TODAY AND #endDate >= TODAY) OR #status=ongoing
```
Finds current events or ongoing items.
```
#reminderDate <= NOW+3600 #reminderDate > NOW
```
Finds reminders due in the next hour (using seconds offset).
## Fuzzy Search Techniques
### Fuzzy Exact Matching
```
#title ~= managment
```
Finds notes with titles like "management" even with typos.
```
~category.title ~= progaming
```
Finds notes related to categories like "programming" with misspellings.
### Fuzzy Contains Matching
```
note.content ~* algoritm
```
Finds notes containing words like "algorithm" with spelling variations.
```
#description ~* recieve
```
Finds notes with descriptions containing "receive" despite the common misspelling.
### Progressive Fuzzy Strategy
By default, Trilium uses exact matching first, then fuzzy as fallback:
```
development project
```
First finds exact matches for "development" and "project", then adds fuzzy matches if needed.
To force fuzzy behavior:
```
#title ~= development #category ~= projet
```
## Ordering and Limiting
### Multiple Sort Criteria
```
#book orderBy #publicationYear desc, note.title asc limit 20
```
Orders books by publication year (newest first), then by title alphabetically, limited to 20 results.
```
#task orderBy #priority desc, #dueDate asc
```
Orders tasks by priority (high first), then by due date (earliest first).
### Dynamic Ordering
```
#meeting note.dateCreated >= TODAY-30 orderBy note.dateModified desc
```
Finds recent meetings ordered by last modification.
```
#project #status=active orderBy note.childrenCount desc limit 10
```
Finds the 10 most complex active projects (by number of sub-notes).
## Performance Optimization Patterns
### Efficient Query Structure
Start with the most selective criteria:
```
#book #author=Tolkien note.dateCreated >= 1950-01-01
```
Better than:
```
note.dateCreated >= 1950-01-01 #book #author=Tolkien
```
### Fast Search for Large Datasets
```
#category=project #status=active
```
With fast search enabled, this searches only attributes, not content.
### Limiting Expensive Operations
```
note.content *=* "complex search term" limit 50
```
Limits content search to prevent performance issues.
## Error Handling and Debugging
### Syntax Validation
Invalid syntax produces helpful error messages:
```
#book AND OR #author=Tolkien
```
Error: "Mixed usage of AND/OR - always use parentheses to group AND/OR expressions."
### Debug Mode
Enable debug mode to see how queries are parsed:
```
#book #author=Tolkien
```
With debug enabled, shows the internal expression tree structure.
### Common Pitfalls
* Unescaped special characters: Use quotes or backslashes
* Missing parentheses in complex boolean expressions
* Incorrect property names: Use `note.title` not `title`
* Case sensitivity assumptions: All searches are case-insensitive
## Expression Shortcuts
### Label Shortcuts
Full syntax:
```
note.labels.category = book
```
Shortcut:
```
#category = book
```
### Relation Shortcuts
Full syntax:
```
note.relations.author.title *=* Tolkien
```
Shortcut:
```
~author.title *=* Tolkien
```
### Property Shortcuts
Some properties have convenient shortcuts:
```
note.text *=* content
```
Searches both title and content for "content".
## Real-World Complex Examples
### Project Management
```
(#project OR #task) AND #status!=completed AND
(#priority=high OR #dueDate <= TODAY+7) AND
not(note.isArchived=true)
orderBy #priority desc, #dueDate asc
```
### Research Organization
```
(#paper OR #article OR #book) AND
~author.title *=* smith AND
#topic *=* "machine learning" AND
note.dateCreated >= YEAR-2
orderBy #citationCount desc limit 25
```
### Content Management
```
note.type=text AND note.contentSize > 5000 AND
#category=documentation AND note.childrenCount >= 3 AND
note.dateModified >= MONTH-1
orderBy note.dateModified desc
```
### Knowledge Base Maintenance
```
note.attributeCount = 0 AND note.childrenCount = 0 AND
note.parentCount = 1 AND note.contentSize < 100 AND
note.dateModified < TODAY-90
```
Finds potential cleanup candidates: small, untagged, isolated notes not modified in 90 days.
## Next Steps
* [Search Examples and Use Cases](Search-Examples-and-Use-Cases.md) - Practical applications
* [Saved Searches](Saved-Searches.md) - Creating reusable search configurations
* [Technical Search Details](Technical-Search-Details.md) - Implementation details and performance tuning

160
docs/User Guide/User Guide/Advanced Usage/Search/README.md vendored Normal file
View File

@@ -0,0 +1,160 @@
# README
## Trilium Search Documentation
Welcome to the comprehensive guide for Trilium's powerful search capabilities. This documentation covers everything from basic text searches to advanced query expressions and performance optimization.
## Quick Start
New to Trilium search? Start here:
* **[Search Fundamentals](Search-Fundamentals.md)** - Basic concepts, syntax, and operators
## Documentation Sections
### Core Search Features
* **[Search Fundamentals](Search-Fundamentals.md)** - Basic search syntax, operators, and concepts
* **[Advanced Search Expressions](Advanced-Search-Expressions.md)** - Complex queries, boolean logic, and relationship traversal
### Practical Applications
* **[Search Examples and Use Cases](Search-Examples-and-Use-Cases.md)** - Real-world examples for common workflows
* **[Saved Searches](Saved-Searches.md)** - Creating dynamic collections and dashboards
### Technical Reference
* **[Technical Search Details](Technical-Search-Details.md)** - Performance, implementation, and optimization
## Key Search Capabilities
### Full-Text Search
* Search note titles and content
* Exact phrase matching with quotes
* Case-insensitive with diacritic normalization
* Support for multiple note types (text, code, mermaid, canvas)
### Attribute-Based Search
* Label searches: `#tag`, `#category=book`
* Relation searches: `~author`, `~author.title=Tolkien`
* Complex attribute combinations
* Fuzzy attribute matching
### Property Search
* Note metadata: `note.type=text`, `note.dateCreated >= TODAY-7`
* Hierarchical queries: `note.parents.title=Books`
* Relationship traversal: `note.children.labels.status=active`
### Advanced Features
* **Progressive Search**: Exact matching first, fuzzy fallback when needed
* **Fuzzy Search**: Typo tolerance and spelling variations
* **Boolean Logic**: Complex AND/OR/NOT combinations
* **Date Arithmetic**: Dynamic date calculations (TODAY-30, YEAR+1)
* **Regular Expressions**: Pattern matching with `%=` operator
* **Ordering and Limiting**: Custom sort orders and result limits
## Search Operators Quick Reference
### Text Operators
* `=` - Exact match
* `!=` - Not equal
* `*=*` - Contains
* `=*` - Starts with
* `*=` - Ends with
* `%=` - Regular expression
* `~=` - Fuzzy exact match
* `~*` - Fuzzy contains match
### Numeric Operators
* `=`, `!=`, `>`, `>=`, `<`, `<=`
### Boolean Operators
* `AND`, `OR`, `NOT`
### Special Syntax
* `#labelName` - Label exists
* `#labelName=value` - Label equals value
* `~relationName` - Relation exists
* `~relationName.property` - Relation target property
* `note.property` - Note property access
* `"exact phrase"` - Quoted phrase search
## Common Search Patterns
### Simple Searches
```
hello world # Find notes containing both words
"project management" # Find exact phrase
#task # Find notes with "task" label
~author # Find notes with "author" relation
```
### Attribute Searches
```
#book #author=Tolkien # Books by Tolkien
#task #priority=high #status!=completed # High-priority incomplete tasks
~project.title *=* alpha # Notes related to projects with "alpha" in title
```
### Date-Based Searches
```
note.dateCreated >= TODAY-7 # Notes created in last week
#dueDate <= TODAY+30 # Items due in next 30 days
#eventDate = YEAR # Events scheduled for this year
```
### Complex Queries
```
(#book OR #article) AND #topic=programming AND note.dateModified >= MONTH
#project AND (#status=active OR #status=pending) AND not(note.isArchived=true)
```
## Getting Started Checklist
1. **Learn Basic Syntax** - Start with simple text and tag searches
2. **Understand Operators** - Master the core operators (`=`, `*=*`, etc.)
3. **Practice Attributes** - Use `#` for labels and `~` for relations
4. **Try Boolean Logic** - Combine searches with AND/OR/NOT
5. **Explore Properties** - Use `note.` prefix for metadata searches
6. **Create Saved Searches** - Turn useful queries into dynamic collections
7. **Optimize Performance** - Learn about fast search and limits
## Performance Tips
* **Use Fast Search** for attribute-only queries
* **Set Reasonable Limits** to prevent large result sets
* **Start Specific** with the most selective criteria first
* **Leverage Attributes** instead of content search when possible
* **Cache Common Queries** as saved searches
## Need Help?
* **Examples**: Check [Search Examples and Use Cases](Search-Examples-and-Use-Cases.md) for practical patterns
* **Complex Queries**: See [Advanced Search Expressions](Advanced-Search-Expressions.md) for sophisticated techniques
* **Performance Issues**: Review [Technical Search Details](Technical-Search-Details.md) for optimization
* **Dynamic Collections**: Learn about [Saved Searches](Saved-Searches.md) for automated organization
## Search Workflow Integration
Trilium's search integrates seamlessly with your note-taking workflow:
* **Quick Search** (Ctrl+S) for instant access
* **Saved Searches** for dynamic organization
* **Search from Subtree** for focused queries
* **Auto-complete** suggestions in search dialogs
* **URL-triggered searches** for bookmarkable queries
Start with the fundamentals and gradually explore advanced features as your needs grow. Trilium's search system is designed to scale from simple text queries to sophisticated knowledge management systems.
Happy searching! 🔍

429
docs/User Guide/User Guide/Advanced Usage/Search/Saved-Searches.md vendored Normal file
View File

@@ -0,0 +1,429 @@
# Saved-Searches
## Saved Searches
Saved searches in Trilium allow you to create dynamic collections of notes that automatically update based on search criteria. They appear as special notes in your tree and provide a powerful way to organize and access related content.
## Understanding Saved Searches
A saved search is a special note type that:
* Stores search criteria and configuration
* Dynamically displays matching notes as children
* Updates automatically when notes change
* Can be bookmarked and accessed like any other note
* Supports all search features including ordering and limits
## Creating Saved Searches
### From Search Dialog
1. Open the search dialog (Ctrl+S or search icon)
2. Configure your search criteria and options
3. Click "Save to note" button
4. Choose a name and location for the saved search
### Manual Creation
1. Create a new note and set its type to "Saved Search"
2. Configure the search using labels:
* `#searchString` - The search query
* `#fastSearch` - Enable fast search mode
* `#includeArchivedNotes` - Include archived notes
* `#orderBy` - Sort field
* `#orderDirection` - "asc" or "desc"
* `#limit` - Maximum number of results
### Using Search Scripts
For complex logic, create a JavaScript note and link it:
* `~searchScript` - Relation pointing to a backend script note
## Basic Saved Search Examples
### Simple Text Search
```
#searchString=project management
```
Finds all notes containing "project management".
### Tag-Based Collection
```
#searchString=#book #author=Tolkien
#orderBy=publicationYear
#orderDirection=desc
```
Creates a collection of Tolkien's books ordered by publication year.
### Task Dashboard
```
#searchString=#task #status!=completed #assignee=me
#orderBy=priority
#orderDirection=desc
#limit=20
```
Shows your top 20 incomplete tasks by priority.
### Recent Activity
```
#searchString=note.dateModified >= TODAY-7
#orderBy=dateModified
#orderDirection=desc
#limit=50
```
Shows the 50 most recently modified notes from the last week.
## Advanced Saved Search Patterns
### Dynamic Date-Based Collections
#### This Week's Content
```
#searchString=note.dateCreated >= TODAY-7 note.dateCreated < TODAY
#orderBy=dateCreated
#orderDirection=desc
```
#### Monthly Review Collection
```
#searchString=#reviewed=false note.dateCreated >= MONTH note.dateCreated < MONTH+1
#orderBy=dateCreated
```
#### Upcoming Deadlines
```
#searchString=#dueDate >= TODAY #dueDate <= TODAY+14 #status!=completed
#orderBy=dueDate
#orderDirection=asc
```
### Project-Specific Collections
#### Project Dashboard
```
#searchString=#project=alpha (#task OR #milestone OR #document)
#orderBy=priority
#orderDirection=desc
```
#### Project Health Monitor
```
#searchString=#project=alpha #status=blocked OR (#dueDate < TODAY #status!=completed)
#orderBy=dueDate
#orderDirection=asc
```
### Content Type Collections
#### Documentation Hub
```
#searchString=(#documentation OR #guide OR #manual) #product=api
#orderBy=dateModified
#orderDirection=desc
```
#### Learning Path
```
#searchString=#course #level=beginner #topic=programming
#orderBy=difficulty
#orderDirection=asc
```
## Search Script Examples
For complex logic that can't be expressed in search strings, use JavaScript:
### Custom Business Logic
```javascript
// Find notes that need attention based on complex criteria
const api = require('api');
const cutoffDate = new Date();
cutoffDate.setDate(cutoffDate.getDate() - 30);
const results = [];
// Find high-priority tasks overdue by more than a week
const overdueTasks = api.searchForNotes(`
#task #priority=high #dueDate < TODAY-7 #status!=completed
`);
// Find projects with no recent activity
const staleProjets = api.searchForNotes(`
#project #status=active note.dateModified < TODAY-30
`);
// Find notes with many attributes but no content
const overlabeledNotes = api.searchForNotes(`
note.attributeCount > 5 note.contentSize < 100
`);
return [...overdueTasks, ...staleProjects, ...overlabeledNotes]
.map(note => note.noteId);
```
### Dynamic Tag-Based Grouping
```javascript
// Group notes by quarter based on creation date
const api = require('api');
const currentYear = new Date().getFullYear();
const results = [];
for (let quarter = 1; quarter <= 4; quarter++) {
const startMonth = (quarter - 1) * 3 + 1;
const endMonth = quarter * 3;
const quarterNotes = api.searchForNotes(`
note.dateCreated >= "${currentYear}-${String(startMonth).padStart(2, '0')}-01"
note.dateCreated < "${currentYear}-${String(endMonth + 1).padStart(2, '0')}-01"
#project
`);
results.push(...quarterNotes.map(note => note.noteId));
}
return results;
```
### Conditional Search Logic
```javascript
// Smart dashboard that changes based on day of week
const api = require('api');
const today = new Date();
const dayOfWeek = today.getDay(); // 0 = Sunday, 1 = Monday, etc.
let searchQuery;
if (dayOfWeek === 1) { // Monday - weekly planning
searchQuery = '#task #status=planned #week=' + getWeekNumber(today);
} else if (dayOfWeek === 5) { // Friday - weekly review
searchQuery = '#task #completed=true #week=' + getWeekNumber(today);
} else { // Regular days - focus on today's work
searchQuery = '#task #dueDate=TODAY #status!=completed';
}
const notes = api.searchForNotes(searchQuery);
return notes.map(note => note.noteId);
function getWeekNumber(date) {
const firstDay = new Date(date.getFullYear(), 0, 1);
const pastDays = Math.floor((date - firstDay) / 86400000);
return Math.ceil((pastDays + firstDay.getDay() + 1) / 7);
}
```
## Performance Optimization
### Fast Search for Large Collections
For collections that don't need content search:
```
#searchString=#category=reference #type=article
#fastSearch=true
#limit=100
```
### Efficient Ordering
Use indexed properties for better performance:
```
#orderBy=dateCreated
#orderBy=title
#orderBy=noteId
```
Avoid complex calculated orderings in large collections.
### Result Limiting
Always set reasonable limits for large collections:
```
#limit=50
```
For very large result sets, consider breaking into multiple saved searches.
## Saved Search Organization
### Hierarchical Organization
Create a folder structure for saved searches:
```
📁 Searches
├── 📁 Projects
│ ├── 🔍 Active Projects
│ ├── 🔍 Overdue Tasks
│ └── 🔍 Project Archive
├── 📁 Content
│ ├── 🔍 Recent Drafts
│ ├── 🔍 Published Articles
│ └── 🔍 Review Queue
└── 📁 Maintenance
├── 🔍 Untagged Notes
├── 🔍 Cleanup Candidates
└── 🔍 Orphaned Notes
```
### Search Naming Conventions
Use clear, descriptive names:
* "Active High-Priority Tasks"
* "This Month's Meeting Notes"
* "Unprocessed Inbox Items"
* "Literature Review Papers"
### Search Labels
Tag saved searches for organization:
```
#searchType=dashboard
#searchType=maintenance
#searchType=archive
#frequency=daily
#frequency=weekly
```
## Dashboard Creation
### Personal Dashboard
Combine multiple saved searches in a parent note:
```
📋 My Dashboard
├── 🔍 Today's Tasks
├── 🔍 Urgent Items
├── 🔍 Recent Notes
├── 🔍 Upcoming Deadlines
└── 🔍 Weekly Review Items
```
### Project Dashboard
```
📋 Project Alpha Dashboard
├── 🔍 Active Tasks
├── 🔍 Blocked Items
├── 🔍 Recent Updates
├── 🔍 Milestones
└── 🔍 Team Notes
```
### Content Dashboard
```
📋 Content Management
├── 🔍 Draft Articles
├── 🔍 Review Queue
├── 🔍 Published This Month
├── 🔍 High-Engagement Posts
└── 🔍 Content Ideas
```
## Maintenance and Updates
### Regular Review
Periodically review saved searches for:
* Outdated search criteria
* Performance issues
* Unused collections
* Scope creep
### Search Evolution
As your note-taking evolves, update searches:
* Add new tags to existing searches
* Refine criteria based on usage patterns
* Split large collections into smaller ones
* Merge rarely-used collections
### Performance Monitoring
Watch for performance issues:
* Slow-loading saved searches
* Memory usage with large result sets
* Search timeout errors
## Troubleshooting
### Common Issues
#### Empty Results
* Check search syntax
* Verify tag spellings
* Ensure notes have required attributes
* Test search components individually
#### Performance Problems
* Add `#fastSearch=true` for attribute-only searches
* Reduce result limits
* Simplify complex criteria
* Use indexed properties for ordering
#### Unexpected Results
* Enable debug mode to see query parsing
* Test search in search dialog first
* Check for case sensitivity issues
* Verify date formats and ranges
### Best Practices
#### Search Design
* Start simple and add complexity gradually
* Test searches thoroughly before saving
* Document complex search logic
* Use meaningful names and descriptions
#### Performance
* Set appropriate limits
* Use fast search when possible
* Avoid overly complex expressions
* Monitor search execution time
#### Organization
* Group related searches
* Use consistent naming conventions
* Archive unused searches
* Regular cleanup and maintenance
## Next Steps
* [Technical Search Details](Technical-Search-Details.md) - Understanding search performance and implementation
* [Search Examples and Use Cases](Search-Examples-and-Use-Cases.md) - More practical examples
* [Advanced Search Expressions](Advanced-Search-Expressions.md) - Complex query construction

539
docs/User Guide/User Guide/Advanced Usage/Search/Search-Examples-and-Use-Cases.md vendored Normal file
View File

@@ -0,0 +1,539 @@
# Search-Examples-and-Use-Cases
## Search Examples and Use Cases
This guide provides practical examples of how to use Trilium's search capabilities for common organizational patterns and workflows.
## Personal Knowledge Management
### Research and Learning
Track your learning progress and find related materials:
```
#topic=javascript #status=learning
```
Find all JavaScript materials you're currently learning.
```
#course #completed=false note.dateCreated >= MONTH-1
```
Find courses started in the last month that aren't completed.
```
#book #topic *=* programming #rating >= 4
```
Find highly-rated programming books.
```
#paper ~author.title *=* "Andrew Ng" #field=machine-learning
```
Find machine learning papers by Andrew Ng.
### Meeting and Event Management
Organize meetings, notes, and follow-ups:
```
#meeting note.dateCreated >= TODAY-7 #attendee *=* smith
```
Find this week's meetings with Smith.
```
#meeting #actionItems #status!=completed
```
Find meetings with outstanding action items.
```
#event #date >= TODAY #date <= TODAY+30
```
Find upcoming events in the next 30 days.
```
#meeting #project=alpha note.dateCreated >= MONTH
```
Find this month's meetings about project alpha.
### Note Organization and Cleanup
Maintain and organize your note structure:
```
note.childrenCount = 0 note.parentCount = 1 note.contentSize < 50 note.dateModified < TODAY-180
```
Find small, isolated notes not modified in 6 months (cleanup candidates).
```
note.attributeCount = 0 note.type=text note.contentSize > 1000
```
Find large text notes without any labels (might need categorization).
```
#draft note.dateCreated < TODAY-30
```
Find old draft notes that might need attention.
```
note.parentCount > 3 note.type=text
```
Find notes that are heavily cloned (might indicate important content).
## Project Management
### Task Tracking
Manage tasks and project progress:
```
#task #priority=high #status!=completed #assignee=me
```
Find your high-priority incomplete tasks.
```
#task #dueDate <= TODAY+3 #dueDate >= TODAY #status!=completed
```
Find tasks due in the next 3 days.
```
#project=website #task #status=blocked
```
Find blocked tasks in the website project.
```
#task #estimatedHours > 0 #actualHours > 0 orderBy note.dateModified desc
```
Find tasks with time tracking data, sorted by recent updates.
### Project Oversight
Monitor project health and progress:
```
#project #status=active note.children.labels.status = blocked
```
Find active projects with blocked tasks.
```
#project #startDate <= TODAY-90 #status!=completed
```
Find projects that started over 90 days ago but aren't completed.
```
#milestone #targetDate <= TODAY #status!=achieved
```
Find overdue milestones.
```
#project orderBy note.childrenCount desc limit 10
```
Find the 10 largest projects by number of sub-notes.
### Resource Planning
Track resources and dependencies:
```
#resource #type=person #availability < 50
```
Find people with low availability.
```
#dependency #status=pending #project=mobile-app
```
Find pending dependencies for the mobile app project.
```
#budget #project #spent > #allocated
```
Find projects over budget.
## Content Creation and Writing
### Writing Projects
Manage articles, books, and documentation:
```
#article #status=draft #wordCount >= 1000
```
Find substantial draft articles.
```
#chapter #book=novel #status=outline
```
Find novel chapters still in outline stage.
```
#blog-post #published=false #topic=technology
```
Find unpublished technology blog posts.
```
#documentation #lastReviewed < TODAY-90 #product=api
```
Find API documentation not reviewed in 90 days.
### Editorial Workflow
Track editing and publication status:
```
#article #editor=jane #status=review
```
Find articles assigned to Jane for review.
```
#manuscript #submissionDate >= TODAY-30 #status=pending
```
Find manuscripts submitted in the last 30 days still pending.
```
#publication #acceptanceDate >= YEAR #status=accepted
```
Find accepted publications this year.
### Content Research
Organize research materials and sources:
```
#source #reliability >= 8 #topic *=* climate
```
Find reliable sources about climate topics.
```
#quote #author *=* Einstein #verified=true
```
Find verified Einstein quotes.
```
#citation #used=false #relevance=high
```
Find high-relevance citations not yet used.
## Business and Professional Use
### Client Management
Track client relationships and projects:
```
#client=acme #project #status=active
```
Find active projects for ACME client.
```
#meeting #client #date >= MONTH #followUp=required
```
Find client meetings this month requiring follow-up.
```
#contract #renewalDate <= TODAY+60 #renewalDate >= TODAY
```
Find contracts expiring in the next 60 days.
```
#invoice #status=unpaid #dueDate < TODAY
```
Find overdue unpaid invoices.
### Process Documentation
Maintain procedures and workflows:
```
#procedure #department=engineering #lastUpdated < TODAY-365
```
Find engineering procedures not updated in a year.
```
#workflow #status=active #automation=possible
```
Find active workflows that could be automated.
```
#checklist #process=onboarding #role=developer
```
Find onboarding checklists for developers.
### Compliance and Auditing
Track compliance requirements and audits:
```
#compliance #standard=sox #nextReview <= TODAY+30
```
Find SOX compliance items due for review soon.
```
#audit #finding #severity=high #status!=resolved
```
Find unresolved high-severity audit findings.
```
#policy #department=hr #effectiveDate >= YEAR
```
Find HR policies that became effective this year.
## Academic and Educational Use
### Course Management
Organize courses and educational content:
```
#course #semester=fall-2024 #assignment #dueDate >= TODAY
```
Find upcoming assignments for fall 2024 courses.
```
#lecture #course=physics #topic *=* quantum
```
Find physics lectures about quantum topics.
```
#student #grade < 70 #course=mathematics
```
Find students struggling in mathematics.
```
#syllabus #course #lastUpdated < TODAY-180
```
Find syllabi not updated in 6 months.
### Research Management
Track research projects and publications:
```
#experiment #status=running #endDate <= TODAY+7
```
Find experiments ending in the next week.
```
#dataset #size > 1000000 #cleaned=true #public=false
```
Find large, cleaned, private datasets.
```
#hypothesis #tested=false #priority=high
```
Find high-priority untested hypotheses.
```
#collaboration #institution *=* stanford #status=active
```
Find active collaborations with Stanford.
### Grant and Funding
Manage funding applications and requirements:
```
#grant #deadline <= TODAY+30 #deadline >= TODAY #status=in-progress
```
Find grant applications due in the next 30 days.
```
#funding #amount >= 100000 #status=awarded #startDate >= YEAR
```
Find large grants awarded this year.
```
#report #funding #dueDate <= TODAY+14 #status!=submitted
```
Find funding reports due in 2 weeks.
## Technical Documentation
### Code and Development
Track code-related notes and documentation:
```
#bug #severity=critical #status!=fixed #product=webapp
```
Find critical unfixed bugs in the web app.
```
#feature #version=2.0 #status=implemented #tested=false
```
Find version 2.0 features that are implemented but not tested.
```
#api #endpoint #deprecated=true #removalDate <= TODAY+90
```
Find deprecated API endpoints scheduled for removal soon.
```
#architecture #component=database #lastReviewed < TODAY-180
```
Find database architecture documentation not reviewed in 6 months.
### System Administration
Manage infrastructure and operations:
```
#server #status=maintenance #scheduledDate >= TODAY #scheduledDate <= TODAY+7
```
Find servers scheduled for maintenance this week.
```
#backup #status=failed #date >= TODAY-7
```
Find backup failures in the last week.
```
#security #vulnerability #severity=high #patched=false
```
Find unpatched high-severity vulnerabilities.
```
#monitoring #alert #frequency > 10 #period=week
```
Find alerts triggering more than 10 times per week.
## Data Analysis and Reporting
### Performance Tracking
Monitor metrics and KPIs:
```
#metric #kpi=true #trend=declining #period=month
```
Find declining monthly KPIs.
```
#report #frequency=weekly #lastGenerated < TODAY-10
```
Find weekly reports that haven't been generated in 10 days.
```
#dashboard #stakeholder=executive #lastUpdated < TODAY-7
```
Find executive dashboards not updated this week.
### Trend Analysis
Track patterns and changes over time:
```
#data #source=sales #period=quarter #analyzed=false
```
Find unanalyzed quarterly sales data.
```
#trend #direction=up #significance=high #period=month
```
Find significant positive monthly trends.
```
#forecast #accuracy < 80 #model=linear #period=quarter
```
Find inaccurate quarterly linear forecasts.
## Search Strategy Tips
### Building Effective Queries
1. **Start Specific**: Begin with the most selective criteria
2. **Add Gradually**: Build complexity incrementally
3. **Test Components**: Verify each part of complex queries
4. **Use Shortcuts**: Leverage `#` and `~` shortcuts for efficiency
### Performance Optimization
1. **Use Fast Search**: For large databases, enable fast search when content isn't needed
2. **Limit Results**: Add limits to prevent overwhelming result sets
3. **Order Strategically**: Put the most useful results first
4. **Cache Common Queries**: Save frequently used searches
### Maintenance Patterns
Regular queries for note maintenance:
```
# Weekly cleanup check
note.attributeCount = 0 note.type=text note.contentSize < 100 note.dateModified < TODAY-30
# Monthly project review
#project #status=active note.dateModified < TODAY-30
# Quarterly archive review
note.isArchived=false note.dateModified < TODAY-90 note.childrenCount = 0
```
## Next Steps
* [Saved Searches](Saved-Searches.md) - Convert these examples into reusable saved searches
* [Technical Search Details](Technical-Search-Details.md) - Understanding performance and implementation
* [Search Fundamentals](Search-Fundamentals.md) - Review basic concepts and syntax

214
docs/User Guide/User Guide/Advanced Usage/Search/Search-Fundamentals.md vendored Normal file
View File

@@ -0,0 +1,214 @@
# Search-Fundamentals
## Search Fundamentals
Trilium's search system is a powerful tool for finding and organizing notes. It supports multiple search modes, from simple text queries to complex expressions using attributes, relationships, and note properties.
## Search Types Overview
Trilium provides three main search approaches:
1. **Full-text Search** - Searches within note titles and content
2. **Attribute Search** - Searches based on labels and relations attached to notes
3. **Property Search** - Searches based on note metadata (type, creation date, etc.)
These can be combined in powerful ways to create precise queries.
## Basic Search Syntax
### Simple Text Search
```
hello world
```
Finds notes containing both "hello" and "world" anywhere in the title or content.
### Quoted Text Search
```
"hello world"
```
Finds notes containing the exact phrase "hello world".
### Attribute Search
```
#tag
```
Finds notes with the label "tag".
```
#category=book
```
Finds notes with label "category" set to "book".
### Relation Search
```
~author
```
Finds notes with a relation named "author".
```
~author.title=Tolkien
```
Finds notes with an "author" relation pointing to a note titled "Tolkien".
## Search Operators
### Text Operators
* `=` - Exact match
* `!=` - Not equal
* `*=*` - Contains (substring)
* `=*` - Starts with
* `*=` - Ends with
* `%=` - Regular expression match
* `~=` - Fuzzy exact match
* `~*` - Fuzzy contains match
### Numeric Operators
* `=` - Equal
* `!=` - Not equal
* `>` - Greater than
* `>=` - Greater than or equal
* `<` - Less than
* `<=` - Less than or equal
### Boolean Operators
* `AND` - Both conditions must be true
* `OR` - Either condition must be true
* `NOT` or `not()` - Condition must be false
## Search Context and Scope
### Search Scope
By default, search covers:
* Note titles
* Note content (for text-based note types)
* Label names and values
* Relation names
* Note properties
### Fast Search Mode
When enabled, fast search:
* Searches only titles and attributes
* Skips note content
* Provides faster results for large databases
### Archived Notes
* Excluded by default
* Can be included with "Include archived" option
## Case Sensitivity and Normalization
* All searches are case-insensitive
* Diacritics are normalized ("café" matches "cafe")
* Unicode characters are properly handled
## Performance Considerations
### Content Size Limits
* Note content is limited to 10MB for search processing
* Larger notes are still searchable by title and attributes
### Progressive Search Strategy
1. **Exact Search Phase**: Fast exact matching (handles 90%+ of searches)
2. **Fuzzy Search Phase**: Activated when exact search returns fewer than 5 high-quality results
3. **Result Ordering**: Exact matches always appear before fuzzy matches
### Search Optimization Tips
* Use specific terms rather than very common words
* Combine full-text with attribute searches for precision
* Use fast search for large databases when content search isn't needed
* Limit results when dealing with very large result sets
## Special Characters and Escaping
### Reserved Characters
These characters have special meaning in search queries:
* `#` - Label indicator
* `~` - Relation indicator
* `()` - Grouping
* `"` `'` `` ` `` - Quotes for exact phrases
### Escaping Special Characters
Use backslash to search for literal special characters:
```
\#hashtag
```
Searches for the literal text "#hashtag" instead of a label.
Use quotes to include special characters in phrases:
```
"note.txt file"
```
Searches for the exact phrase including the dot.
## Date and Time Values
### Special Date Keywords
* `TODAY` - Current date
* `NOW` - Current date and time
* `MONTH` - Current month
* `YEAR` - Current year
### Date Arithmetic
```
#dateCreated >= TODAY-30
```
Finds notes created in the last 30 days.
```
#eventDate = YEAR+1
```
Finds notes with eventDate set to next year.
## Search Results and Scoring
### Result Ranking
Results are ordered by:
1. Relevance score (based on term frequency and position)
2. Note depth (closer to root ranks higher)
3. Alphabetical order for ties
### Progressive Search Behavior
* Exact matches always rank before fuzzy matches
* High-quality exact matches prevent fuzzy search activation
* Fuzzy matches help find content with typos or variations
## Next Steps
* [Advanced Search Expressions](Advanced-Search-Expressions.md) - Complex queries and combinations
* [Search Examples and Use Cases](Search-Examples-and-Use-Cases.md) - Practical applications
* [Saved Searches](Saved-Searches.md) - Creating dynamic collections
* [Technical Search Details](Technical-Search-Details.md) - Under-the-hood implementation

589
docs/User Guide/User Guide/Advanced Usage/Search/Technical-Search-Details.md vendored Normal file
View File

@@ -0,0 +1,589 @@
# Technical-Search-Details
## Technical Search Details
This guide provides technical information about Trilium's search implementation, performance characteristics, and optimization strategies for power users and administrators.
## Search Architecture Overview
### Three-Layer Search System
Trilium's search operates across three cache layers:
1. **Becca (Backend Cache)**: Server-side entity cache containing notes, attributes, and relationships
2. **Froca (Frontend Cache)**: Client-side mirror providing fast UI updates
3. **Database Layer**: SQLite database with FTS (Full-Text Search) support
### Search Processing Pipeline
1. **Lexical Analysis**: Query parsing and tokenization
2. **Expression Building**: Converting tokens to executable expressions
3. **Progressive Execution**: Exact search followed by optional fuzzy search
4. **Result Scoring**: Relevance calculation and ranking
5. **Result Presentation**: Formatting and highlighting
## Query Processing Details
### Lexical Analysis (Lex)
The lexer breaks down search queries into components:
```javascript
// Input: 'project #status=active note.dateCreated >= TODAY-7'
// Output:
{
fulltextTokens: ['project'],
expressionTokens: ['#status', '=', 'active', 'note', '.', 'dateCreated', '>=', 'TODAY-7']
}
```
#### Token Types
* **Fulltext Tokens**: Regular search terms
* **Expression Tokens**: Attributes, operators, and property references
* **Quoted Strings**: Exact phrase matches
* **Escaped Characters**: Literal special characters
### Expression Building (Parse)
Tokens are converted into executable expression trees:
```javascript
// Expression tree for: #book AND #author=Tolkien
AndExp([
AttributeExistsExp('label', 'book'),
LabelComparisonExp('label', 'author', equals('tolkien'))
])
```
#### Expression Types
* `AndExp`, `OrExp`, `NotExp`: Boolean logic
* `AttributeExistsExp`: Label/relation existence
* `LabelComparisonExp`: Label value comparison
* `RelationWhereExp`: Relation target queries
* `PropertyComparisonExp`: Note property filtering
* `NoteContentFulltextExp`: Content search
* `OrderByAndLimitExp`: Result ordering and limiting
### Progressive Search Strategy
#### Phase 1: Exact Search
```javascript
// Fast exact matching
const exactResults = performSearch(expression, searchContext, false);
```
Characteristics:
* Substring matching for text
* Exact attribute matching
* Property-based filtering
* Handles 90%+ of searches
* Sub-second response time
#### Phase 2: Fuzzy Fallback
```javascript
// Activated when exact results < 5 high-quality matches
if (highQualityResults.length < 5) {
const fuzzyResults = performSearch(expression, searchContext, true);
return mergeExactAndFuzzyResults(exactResults, fuzzyResults);
}
```
Characteristics:
* Edit distance calculations
* Phrase proximity matching
* Typo tolerance
* Performance safeguards
* Exact matches always rank first
## Performance Characteristics
### Search Limits and Thresholds
| Parameter | Value | Purpose |
| --- | --- | --- |
| `MAX_SEARCH_CONTENT_SIZE` | 2MB | Database-level content filtering |
| `MIN_FUZZY_TOKEN_LENGTH` | 3 chars | Minimum length for fuzzy matching |
| `MAX_EDIT_DISTANCE` | 2 chars | Maximum character changes for fuzzy |
| `MAX_PHRASE_PROXIMITY` | 10 words | Maximum distance for phrase matching |
| `RESULT_SUFFICIENCY_THRESHOLD` | 5 results | Threshold for fuzzy activation |
| `ABSOLUTE_MAX_CONTENT_SIZE` | 100MB | Hard limit to prevent system crash |
| `ABSOLUTE_MAX_WORD_COUNT` | 2M words | Hard limit for word processing |
### Performance Optimization
#### Database-Level Optimizations
```mariadb
-- Content size filtering at database level
SELECT noteId, type, mime, content, isProtected
FROM notes JOIN blobs USING (blobId)
WHERE type IN ('text', 'code', 'mermaid', 'canvas', 'mindMap')
AND isDeleted = 0
AND LENGTH(content) < 2097152 -- 2MB limit
```
#### Memory Management
* Single-array edit distance calculation
* Early termination for distant matches
* Progressive content processing
* Cached regular expressions
#### Search Context Optimization
```javascript
// Efficient search context configuration
const searchContext = new SearchContext({
fastSearch: true, // Skip content search
limit: 50, // Reasonable result limit
orderBy: 'dateCreated', // Use indexed property
includeArchivedNotes: false // Reduce search space
});
```
## Fuzzy Search Implementation
### Edit Distance Algorithm
Trilium uses an optimized Levenshtein distance calculation:
```javascript
// Optimized single-array implementation
function calculateOptimizedEditDistance(str1, str2, maxDistance) {
// Early termination checks
if (Math.abs(str1.length - str2.length) > maxDistance) {
return maxDistance + 1;
}
// Single array optimization
let previousRow = Array.from({ length: str2.length + 1 }, (_, i) => i);
let currentRow = new Array(str2.length + 1);
for (let i = 1; i <= str1.length; i++) {
currentRow[0] = i;
let minInRow = i;
for (let j = 1; j <= str2.length; j++) {
const cost = str1[i - 1] === str2[j - 1] ? 0 : 1;
currentRow[j] = Math.min(
previousRow[j] + 1, // deletion
currentRow[j - 1] + 1, // insertion
previousRow[j - 1] + cost // substitution
);
minInRow = Math.min(minInRow, currentRow[j]);
}
// Early termination if row minimum exceeds threshold
if (minInRow > maxDistance) return maxDistance + 1;
[previousRow, currentRow] = [currentRow, previousRow];
}
return previousRow[str2.length];
}
```
### Phrase Proximity Matching
For multi-token fuzzy searches:
```javascript
// Check if tokens appear within reasonable proximity
function hasProximityMatch(tokenPositions, maxDistance = 10) {
// For 2 tokens, simple distance check
if (tokenPositions.length === 2) {
const [pos1, pos2] = tokenPositions;
return pos1.some(p1 => pos2.some(p2 => Math.abs(p1 - p2) <= maxDistance));
}
// For multiple tokens, find sequence within range
const findSequence = (remaining, currentPos) => {
if (remaining.length === 0) return true;
const [nextPositions, ...rest] = remaining;
return nextPositions.some(pos =>
Math.abs(pos - currentPos) <= maxDistance &&
findSequence(rest, pos)
);
};
const [firstPositions, ...rest] = tokenPositions;
return firstPositions.some(startPos => findSequence(rest, startPos));
}
```
## Indexing and Storage
### Database Schema Optimization
```mariadb
-- Relevant indexes for search performance
CREATE INDEX idx_notes_type ON notes(type);
CREATE INDEX idx_notes_isDeleted ON notes(isDeleted);
CREATE INDEX idx_notes_dateCreated ON notes(dateCreated);
CREATE INDEX idx_notes_dateModified ON notes(dateModified);
CREATE INDEX idx_attributes_name ON attributes(name);
CREATE INDEX idx_attributes_type ON attributes(type);
CREATE INDEX idx_attributes_value ON attributes(value);
```
### Content Processing
Notes are processed differently based on type:
```javascript
// Content preprocessing by note type
function preprocessContent(content, type, mime) {
content = normalize(content.toString());
if (type === "text" && mime === "text/html") {
content = stripTags(content);
content = content.replace(/&nbsp;/g, " ");
} else if (type === "mindMap" && mime === "application/json") {
content = processMindmapContent(content);
} else if (type === "canvas" && mime === "application/json") {
const canvasData = JSON.parse(content);
const textElements = canvasData.elements
.filter(el => el.type === "text" && el.text)
.map(el => el.text);
content = normalize(textElements.join(" "));
}
return content.trim();
}
```
## Search Result Processing
### Scoring Algorithm
Results are scored based on multiple factors:
```javascript
function computeScore(fulltextQuery, highlightedTokens, enableFuzzyMatching) {
let score = 0;
// Title matches get higher score
if (this.noteTitle.toLowerCase().includes(fulltextQuery.toLowerCase())) {
score += 10;
}
// Path matches (hierarchical context)
const pathMatch = this.notePathArray.some(pathNote =>
pathNote.title.toLowerCase().includes(fulltextQuery.toLowerCase())
);
if (pathMatch) score += 5;
// Attribute matches
score += this.attributeMatches * 3;
// Content snippet quality
if (this.contentSnippet && this.contentSnippet.length > 0) {
score += 2;
}
// Fuzzy match penalty
if (enableFuzzyMatching && this.isFuzzyMatch) {
score *= 0.8; // 20% penalty for fuzzy matches
}
return score;
}
```
### Result Merging
Exact and fuzzy results are carefully merged:
```javascript
function mergeExactAndFuzzyResults(exactResults, fuzzyResults) {
// Deduplicate - exact results take precedence
const exactNoteIds = new Set(exactResults.map(r => r.noteId));
const additionalFuzzyResults = fuzzyResults.filter(r =>
!exactNoteIds.has(r.noteId)
);
// Sort within each category
exactResults.sort(byScoreAndDepth);
additionalFuzzyResults.sort(byScoreAndDepth);
// CRITICAL: Exact matches always come first
return [...exactResults, ...additionalFuzzyResults];
}
```
## Performance Monitoring
### Search Metrics
Monitor these performance indicators:
```javascript
// Performance tracking
const searchMetrics = {
totalQueries: 0,
exactSearchTime: 0,
fuzzySearchTime: 0,
resultCount: 0,
cacheHitRate: 0,
slowQueries: [] // queries taking > 1 second
};
```
### Memory Usage
Track memory consumption:
```javascript
// Memory monitoring
const memoryMetrics = {
searchCacheSize: 0,
activeSearchContexts: 0,
largeContentNotes: 0, // notes > 1MB
indexSize: 0
};
```
### Query Complexity Analysis
Identify expensive queries:
```javascript
// Query complexity factors
const complexityFactors = {
tokenCount: query.split(' ').length,
hasRegex: query.includes('%='),
hasFuzzy: query.includes('~=') || query.includes('~*'),
hasRelationTraversal: query.includes('.relations.'),
hasNestedProperties: (query.match(/\./g) || []).length > 2,
hasOrderBy: query.includes('orderBy'),
estimatedResultSize: 'unknown'
};
```
## Troubleshooting Performance Issues
### Common Performance Problems
#### Slow Full-Text Search
```javascript
// Diagnosis
- Check note content sizes
- Verify content type filtering
- Monitor regex usage
- Review fuzzy search activation
// Solutions
- Enable fast search for attribute-only queries
- Add content size limits
- Optimize regex patterns
- Tune fuzzy search thresholds
```
#### Memory Issues
```javascript
// Diagnosis
- Monitor result set sizes
- Check for large content processing
- Review search context caching
- Identify memory leaks
// Solutions
- Add result limits
- Implement progressive loading
- Clear unused search contexts
- Optimize content preprocessing
```
#### High CPU Usage
```javascript
// Diagnosis
- Profile fuzzy search operations
- Check edit distance calculations
- Monitor regex compilation
- Review phrase proximity matching
// Solutions
- Increase minimum fuzzy token length
- Reduce maximum edit distance
- Cache compiled regexes
- Limit phrase proximity distance
```
### Debugging Tools
#### Debug Mode
Enable search debugging:
```javascript
// Search context with debugging
const searchContext = new SearchContext({
debug: true // Logs expression parsing and execution
});
```
Output includes:
* Token parsing results
* Expression tree structure
* Execution timing
* Result scoring details
#### Performance Profiling
```javascript
// Manual performance measurement
const startTime = Date.now();
const results = searchService.findResultsWithQuery(query, searchContext);
const endTime = Date.now();
console.log(`Search took ${endTime - startTime}ms for ${results.length} results`);
```
#### Query Analysis
```javascript
// Analyze query complexity
function analyzeQuery(query) {
return {
tokenCount: query.split(/\s+/).length,
hasAttributes: /#|\~/.test(query),
hasProperties: /note\./.test(query),
hasRegex: /%=/.test(query),
hasFuzzy: /~[=*]/.test(query),
complexity: calculateComplexityScore(query)
};
}
```
## Configuration and Tuning
### Server Configuration
Relevant settings in `config.ini`:
```toml
# Search-related settings
[Search]
maxContentSize=2097152 # 2MB content limit
minFuzzyTokenLength=3 # Minimum chars for fuzzy
maxEditDistance=2 # Edit distance limit
resultSufficiencyThreshold=5 # Fuzzy activation threshold
enableProgressiveSearch=true # Enable progressive strategy
cacheSearchResults=true # Cache frequent searches
# Performance settings
[Performance]
searchTimeoutMs=30000 # 30 second search timeout
maxSearchResults=1000 # Hard limit on results
enableSearchProfiling=false # Performance logging
```
### Runtime Tuning
Adjust search behavior programmatically:
```javascript
// Dynamic configuration
const searchConfig = {
maxContentSize: 1024 * 1024, // 1MB for faster processing
enableFuzzySearch: false, // Exact only for speed
resultLimit: 50, // Smaller result sets
useIndexedPropertiesOnly: true // Skip expensive calculations
};
```
## Best Practices for Performance
### Query Design
1. **Start Specific**: Use selective criteria first
2. **Limit Results**: Always set reasonable limits
3. **Use Indexes**: Prefer indexed properties for ordering
4. **Avoid Regex**: Use simple operators when possible
5. **Cache Common Queries**: Save frequently used searches
### System Administration
1. **Monitor Performance**: Track slow queries and memory usage
2. **Regular Maintenance**: Clean up unused notes and attributes
3. **Index Optimization**: Ensure database indexes are current
4. **Content Management**: Archive or compress large content
### Development Guidelines
1. **Test Performance**: Benchmark complex queries
2. **Profile Regularly**: Identify performance regressions
3. **Optimize Incrementally**: Make small, measured improvements
4. **Document Complexity**: Note expensive operations
## Advanced Configuration
### Custom Search Extensions
Extend search functionality with custom expressions:
```javascript
// Custom expression example
class CustomDateRangeExp extends Expression {
constructor(dateField, startDate, endDate) {
super();
this.dateField = dateField;
this.startDate = startDate;
this.endDate = endDate;
}
execute(inputNoteSet, executionContext, searchContext) {
// Custom logic for date range filtering
// with optimized performance characteristics
}
}
```
### Search Result Caching
Implement result caching for frequent queries:
```javascript
// Simple LRU cache for search results
class SearchResultCache {
constructor(maxSize = 100) {
this.cache = new Map();
this.maxSize = maxSize;
}
get(queryKey) {
if (this.cache.has(queryKey)) {
// Move to end (most recently used)
const value = this.cache.get(queryKey);
this.cache.delete(queryKey);
this.cache.set(queryKey, value);
return value;
}
return null;
}
set(queryKey, results) {
if (this.cache.size >= this.maxSize) {
// Remove least recently used
const firstKey = this.cache.keys().next().value;
this.cache.delete(firstKey);
}
this.cache.set(queryKey, results);
}
}
```
## Next Steps
* [Search Fundamentals](Search-Fundamentals.md) - Basic concepts and syntax
* [Advanced Search Expressions](Advanced-Search-Expressions.md) - Complex query construction
* [Search Examples and Use Cases](Search-Examples-and-Use-Cases.md) - Practical applications
* [Saved Searches](Saved-Searches.md) - Creating dynamic collections

74
docs/User Guide/User Guide/Installation & Setup/1_Server Installation.md vendored Normal file
View File

@@ -0,0 +1,74 @@
# Server Installation
Running Trilium on a server lets you access your notes from any device through a web browser and enables synchronization between multiple Trilium instances. This guide covers the different ways to install and configure Trilium on your server.
## Choose Your Installation Method
The easiest way to get started is with Docker, which works on most systems and architectures. If you prefer not to manage your own server, PikaPods offers managed hosting.
**Recommended approaches:**
* [Docker Installation](1_Server%20Installation/1.%20Installing%20the%20server/Using%20Docker.md) - Works on AMD64 and ARM architectures
* [PikaPods managed hosting](https://www.pikapods.com/pods?run=trilium-next) - No server management required
* [Packaged Server Installation](1_Server%20Installation/1.%20Installing%20the%20server/Packaged%20version%20for%20Linux.md) - Native Linux packages
**Advanced options:**
* [Manual Installation](1_Server%20Installation/1.%20Installing%20the%20server/Manually.md) - Full control over the setup
* [Kubernetes](1_Server%20Installation/1.%20Installing%20the%20server/Using%20Kubernetes.md) - For container orchestration
* [NixOS Module](1_Server%20Installation/1.%20Installing%20the%20server/On%20NixOS.md) - Declarative configuration
All server installations include both desktop and mobile web interfaces.
## Configuration
Trilium stores its configuration in a `config.ini` file located in the [data directory](#root/dvbMBRXYMM2G). To customize your installation, copy the sample configuration file and modify it:
```sh
cp config-sample.ini config.ini
```
You can also use environment variables instead of the config file. This is particularly useful for Docker deployments. See the [configuration guide](#root/SneMubD5wTR6) for all available options.
### Changing the Data Directory
To store Trilium's data (database, config, backups) in a custom location, set the `TRILIUM_DATA_DIR` environment variable:
```sh
export TRILIUM_DATA_DIR=/path/to/your/trilium-data
```
### Upload Size Limits
By default, Trilium limits file uploads to 250MB. You can adjust this limit based on your needs:
```sh
# Increase limit to 450MB
export MAX_ALLOWED_FILE_SIZE_MB=450
# Remove limit entirely (use with caution)
export TRILIUM_NO_UPLOAD_LIMIT=true
```
### Disabling Authentication
See <a class="reference-link" href="1_Server%20Installation/Authentication.md">Authentication</a>.
## Reverse Proxy Setup
If you want to access Trilium through a domain name or alongside other web services, you'll need to configure a reverse proxy. Here's a basic nginx configuration:
```nginx
location /trilium/ {
proxy_pass http://127.0.0.1:8080/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
# Allow larger file uploads (in server block)
client_max_body_size 0; # 0 = unlimited
```
For Apache configuration, see the [Apache proxy setup](1_Server%20Installation/2.%20Reverse%20proxy/Apache.md) guide.

65
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/1. Installing the server/Manually.md vendored Normal file
View File

@@ -0,0 +1,65 @@
# Manually
> [!WARNING]
> This page describes manually installing Trilium on your server. **Note that this is a not well supported way to install Trilium, problems may appear, information laid out here is quite out of date. It is recommended to use either** <a class="reference-link" href="Using%20Docker.md">Docker Server Installation</a> **or** <a class="reference-link" href="Packaged%20version%20for%20Linux.md">Packaged server installation</a>**.**
## Requirements
Trilium is a node.js application. Supported (tested) version of node.js is latest 14.X.X and 16.X.X. Trilium might work with older versions as well.
You can check your node version with this command (node.js needs to be installed):
```
node --version
```
If your Linux distribution has only an outdated version of node.js, you can take a look at the installation instruction on node.js website, which covers most popular distributions.
### Dependencies
There are some dependencies required. You can see command for Debian and its derivatives (like Ubuntu) below:
```
sudo apt install libpng16-16 libpng-dev pkg-config autoconf libtool build-essential nasm libx11-dev libxkbfile-dev
```
## Installation
### Download
You can either download source code zip/tar from [https://github.com/TriliumNext/Trilium/releases/latest](https://github.com/TriliumNext/Trilium/releases/latest).
For the latest version including betas, clone Git repository **from** `main` **branch** with:
```
git clone -b main https://github.com/triliumnext/trilium.git
```
## Installation
```
cd trilium
# download all node dependencies
npm install
# make sure the better-sqlite3 binary is there
npm rebuild
# bundles & minifies frontend JavaScript
npm run webpack
```
## Run
```
cd trilium
# using nohup to make sure trilium keeps running after user logs out
nohup TRILIUM_ENV=dev node src/www &
```
The application by default starts up on port 8080, so you can open your browser and navigate to [http://localhost:8080](http://localhost:8080) to access Trilium (replace "localhost" with your hostname).
## TLS
Don't forget to [configure TLS](../TLS%20Configuration.md) which is required for secure usage!

22
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/1. Installing the server/Multiple server instances.md vendored Normal file
View File

@@ -0,0 +1,22 @@
# Multiple server instances
Trilium does not support multiple users. In order to have two or more persons with their own set of notes, multiple server instances must be set up. It is also not possible to use multiple [sync](#root/KFhm9yCthQOh) servers.
To allow multiple server instances on a single physical server:
* For <a class="reference-link" href="Packaged%20version%20for%20Linux.md">Packaged version for Linux</a> or <a class="reference-link" href="Manually.md">Manually</a>, if starting the server manually just specify a different port and data directory per instance:
```
TRILIUM_NETWORK_PORT=8080 TRILIUM_DATA_DIR=/path/to/your/data-dir-A /opt/trilium/trilium.sh
```
For a second instance:
```
TRILIUM_NETWORK_PORT=8081 TRILIUM_DATA_DIR=/path/to/your/data-dir-B /opt/trilium/trilium.sh
```
If using `systemd`, then set the [environment variables in the service configuration](https://serverfault.com/questions/413397/how-to-set-environment-variable-in-systemd-service).
* For <a class="reference-link" href="Using%20Docker.md">Using Docker</a>, simply use two different containers, each with their own port binding and data directory.
* For <a class="reference-link" href="On%20NixOS.md">On NixOS</a>, the only possible way is to use Docker OCI containers or at least one NixOS container with its own service definition.
For support or additional context, see the related [GitHub Discussion](https://github.com/orgs/TriliumNext/discussions/1642#discussioncomment-12768808).

25
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/1. Installing the server/On NixOS.md vendored Normal file
View File

@@ -0,0 +1,25 @@
# On NixOS
This page describes configuring the Trilium module included in NixOS.
## Requirements
[NixOS](https://nixos.org/) installation.
## Configuration
Add this to your `configuration.nix`:
```
services.trilium-server.enable = true;
# default data directory: /var/lib/trilium
#services.trilium-server.dataDir = "/var/lib/trilium-sync-server";
# default bind address: 127.0.0.1, port 8080
#services.trilium-server.host = "0.0.0.0";
#services.trilium-server.port = 12783;
```
Uncomment any option you would like to change.
See the [NixOS options list](https://search.nixos.org/options?channel=unstable&from=0&size=50&sort=relevance&type=packages&query=trilium-server) for more options (including nginx reverse proxy configuration).

181
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/1. Installing the server/Packaged version for Linux.md vendored Normal file
View File

@@ -0,0 +1,181 @@
# Packaged version for Linux
This is essentially Trilium sources + node modules + node.js runtime packaged into one 7z file.
## Steps
* SSH into your server
* use `wget` (or `curl`) to download latest `TriliumNotes-Server-[VERSION]-linux-x64.tar.xz` (copy link from [release page](https://github.com/TriliumNext/Trilium/releases), notice `-Server` suffix) on your server.
* unpack the archive, e.g. using `tar -xf -d TriliumNotes-Server-[VERSION]-linux-x64.tar.xz`
* `cd trilium-linux-x64-server`
* `./trilium.sh`
* you can open the browser and open http://\[your-server-hostname\]:8080 and you should see Trilium initialization page
The problem with above steps is that once you close the SSH connection, the Trilium process is terminated. To avoid that, you have two options:
* Kill it (with e.g. <kbd>Ctrl</kbd> + <kbd>C</kbd>) and run again like this: `nohup ./trilium.sh &`. (nohup keeps the process running in the background, `&` runs it in the background)
* Configure systemd to automatically run Trilium in the background on every boot
## Configure Trilium to auto-run on boot with systemd
* After downloading, extract and move Trilium:
```
tar -xvf TriliumNotes-Server-[VERSION]-linux-x64.tar.xz
sudo mv trilium-linux-x64-server /opt/trilium
```
* Create the service:
```
sudo nano /etc/systemd/system/trilium.service
```
* Paste this into the file (replace the user and group as needed):
```
[Unit]
Description=Trilium Daemon
After=syslog.target network.target
[Service]
User=xxx
Group=xxx
Type=simple
ExecStart=/opt/trilium/trilium.sh
WorkingDirectory=/opt/trilium/
TimeoutStopSec=20
# KillMode=process leads to error, according to https://www.freedesktop.org/software/systemd/man/systemd.kill.html
Restart=always
[Install]
WantedBy=multi-user.target
```
* Save the file (CTRL-S) and exit (CTRL-X)
* Enable and launch the service:
```
sudo systemctl enable --now -q trilium
```
* You can now open a browser to http://\[your-server-hostname\]:8080 and you should see the Trilium initialization page.
## Simple Autoupdate for Server
Run as the same User Trilium runs
if you run as root please remove 'sudo' from the commands
requires "jq" `apt install jq`
It will stop the service above, overwrite everything (i expect no config.ini), and start service It also creates a version file in the Trilium directory so it updates only with a newer Version
```
#!/bin/bash
# Configuration
REPO="TriliumNext/Trilium"
PATTERN="TriliumNotes-Server-.*-linux-x64.tar.xz"
DOWNLOAD_DIR="/var/tmp/trilium_download"
OUTPUT_DIR="/opt/trilium"
SERVICE_NAME="trilium"
VERSION_FILE="$OUTPUT_DIR/version.txt"
# Ensure dependencies are installed
command -v curl >/dev/null 2>&1 || { echo "Error: curl is required"; exit 1; }
command -v jq >/dev/null 2>&1 || { echo "Error: jq is required"; exit 1; }
command -v tar >/dev/null 2>&1 || { echo "Error: tar is required"; exit 1; }
# Create download directory
mkdir -p "$DOWNLOAD_DIR" || { echo "Error: Cannot create $DOWNLOAD_DIR"; exit 1; }
# Get the latest release version
LATEST_VERSION=$(curl -sL https://api.github.com/repos/$REPO/releases/latest | jq -r '.tag_name')
if [ -z "$LATEST_VERSION" ]; then
echo "Error: Could not fetch latest release version"
exit 1
fi
# Check current installed version (from version.txt or existing tarball)
CURRENT_VERSION=""
if [ -f "$VERSION_FILE" ]; then
CURRENT_VERSION=$(cat "$VERSION_FILE")
elif [ -f "$DOWNLOAD_DIR/TriliumNotes-Server-$LATEST_VERSION-linux-x64.tar.xz" ]; then
CURRENT_VERSION="$LATEST_VERSION"
fi
# Compare versions
if [ "$CURRENT_VERSION" = "$LATEST_VERSION" ]; then
echo "Latest version ($LATEST_VERSION) is already installed"
exit 0
fi
# Download the latest release
LATEST_URL=$(curl -sL https://api.github.com/repos/$REPO/releases/latest | jq -r ".assets[] | select(.name | test(\"$PATTERN\")) | .browser_download_url")
if [ -z "$LATEST_URL" ]; then
echo "Error: No asset found matching pattern '$PATTERN'"
exit 1
fi
FILE_NAME=$(basename "$LATEST_URL")
FILE_PATH="$DOWNLOAD_DIR/$FILE_NAME"
# Download if not already present
if [ -f "$FILE_PATH" ]; then
echo "Latest release $FILE_NAME already downloaded"
else
curl -LO --output-dir "$DOWNLOAD_DIR" "$LATEST_URL" || { echo "Error: Download failed"; exit 1; }
echo "Downloaded $FILE_NAME to $DOWNLOAD_DIR"
fi
# Extract the tarball
EXTRACT_DIR="$DOWNLOAD_DIR/extracted"
mkdir -p "$EXTRACT_DIR"
tar -xJf "$FILE_PATH" -C "$EXTRACT_DIR" || { echo "Error: Extraction failed"; exit 1; }
# Find the extracted directory (e.g., TriliumNotes-Server-0.97.2-linux-x64)
INNER_DIR=$(find "$EXTRACT_DIR" -maxdepth 1 -type d -name "TriliumNotes-Server-*-linux-x64" | head -n 1)
if [ -z "$INNER_DIR" ]; then
echo "Error: Could not find extracted directory matching TriliumNotes-Server-*-linux-x64"
exit 1
fi
# Stop the trilium-server service
if systemctl is-active --quiet "$SERVICE_NAME"; then
echo "Stopping $SERVICE_NAME service..."
sudo systemctl stop "$SERVICE_NAME" || { echo "Error: Failed to stop $SERVICE_NAME"; exit 1; }
fi
# Copy contents to /opt/trilium, overwriting existing files
echo "Copying contents from $INNER_DIR to $OUTPUT_DIR..."
sudo mkdir -p "$OUTPUT_DIR"
sudo cp -r "$INNER_DIR"/* "$OUTPUT_DIR"/ || { echo "Error: Copy failed"; exit 1; }
echo "$LATEST_VERSION" | sudo tee "$VERSION_FILE" >/dev/null
echo "Files copied to $OUTPUT_DIR"
# Start the trilium-server service
echo "Starting $SERVICE_NAME service..."
sudo systemctl start "$SERVICE_NAME" || { echo "Error: Failed to start $SERVICE_NAME"; exit 1; }
# Clean up
rm -rf "$EXTRACT_DIR"
echo "Cleanup complete. Trilium updated to $LATEST_VERSION."
```
## Common issues
### Outdated glibc
```
Error: /usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.21' not found (required by /var/www/virtual/.../node_modules/@mlink/scrypt/build/Release/scrypt.node)
at Object.Module._extensions..node (module.js:681:18)
at Module.load (module.js:565:32)
at tryModuleLoad (module.js:505:12)
```
If you get an error like this, you need to either upgrade your glibc (typically by upgrading to up-to-date distribution version) or use some other [server installation](../../1_Server%20Installation.md) method.
## TLS
Don't forget to [configure TLS](../TLS%20Configuration.md), which is required for secure usage!

241
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/1. Installing the server/Using Docker.md vendored Normal file
View File

@@ -0,0 +1,241 @@
# Using Docker
Official docker images are published on docker hub for **AMD64**, **ARMv7** and **ARM64/v8**: [https://hub.docker.com/r/triliumnext/trilium/](https://hub.docker.com/r/triliumnext/trilium/)
## Prerequisites
Ensure Docker is installed on your system.
If you need help installing Docker, reference the [Docker Installation Docs](https://docs.docker.com/engine/install/)
**Note:** Trilium's Docker container requires root privileges to operate correctly.
> [!WARNING]
> If you're using a SMB/CIFS share or folder as your Trilium data directory, [you'll need](https://github.com/TriliumNext/Notes/issues/415#issuecomment-2344824400) to add the mount options of `nobrl` and `noperm` when mounting your SMB share.
## Running with Docker Compose
### Grab the latest docker-compose.yml:
```
wget https://raw.githubusercontent.com/TriliumNext/Trilium/master/docker-compose.yml
```
Optionally, edit the `docker-compose.yml` file to configure the container settings prior to starting it. Unless configured otherwise, the data directory will be `~/trilium-data` and the container will be accessible at port 8080.
### Start the container:
Run the following command to start the container in the background:
```
docker compose up -d
```
## Running without Docker Compose / Further Configuration
### Pulling the Docker Image
To pull the image, use the following command, replacing `[VERSION]` with the desired version or tag, such as `v0.91.6` or just `latest`. (See published tag names at [https://hub.docker.com/r/triliumnext/trilium/tags](https://hub.docker.com/r/triliumnext/trilium/tags).):
```
docker pull triliumnext/trilium:v0.91.6
```
**Warning:** Avoid using the "latest" tag, as it may automatically upgrade your instance to a new minor version, potentially disrupting sync setups or causing other issues.
### Preparing the Data Directory
Trilium requires a directory on the host system to store its data. This directory must be mounted into the Docker container with write permissions.
### Running the Docker Container
#### Local Access Only
Run the container to make it accessible only from the localhost. This setup is suitable for testing or when using a proxy server like Nginx or Apache.
```
sudo docker run -t -i -p 127.0.0.1:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/trilium:[VERSION]
```
1. Verify the container is running using `docker ps`.
2. Access Trilium via a web browser at `127.0.0.1:8080`.
#### Local Network Access
To make the container accessible only on your local network, first create a new Docker network:
```
docker network create -d macvlan -o parent=eth0 --subnet 192.168.2.0/24 --gateway 192.168.2.254 --ip-range 192.168.2.252/27 mynet
```
Then, run the container with the network settings:
```
docker run --net=mynet -d -p 127.0.0.1:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/trilium:-latest
```
To set a different user ID (UID) and group ID (GID) for the saved data, use the `USER_UID` and `USER_GID` environment variables:
```
docker run --net=mynet -d -p 127.0.0.1:8080:8080 -e "USER_UID=1001" -e "USER_GID=1001" -v ~/trilium-data:/home/node/trilium-data triliumnext/trilium:-latest
```
Find the local IP address using `docker inspect [container_name]` and access the service from devices on the local network.
```
docker ps
docker inspect [container_name]
```
#### Global Access
To allow access from any IP address, run the container as follows:
```
docker run -d -p 0.0.0.0:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/trilium:[VERSION]
```
Stop the container with `docker stop <CONTAINER ID>`, where the container ID is obtained from `docker ps`.
### Custom Data Directory
For a custom data directory, use:
```
-v ~/YourOwnDirectory:/home/node/trilium-data triliumnext/trilium:[VERSION]
```
If you want to run your instance in a non-default way, please use the volume switch as follows: `-v ~/YourOwnDirectory:/home/node/trilium-data triliumnext/trilium:<VERSION>`. It is important to be aware of how Docker works for volumes, with the first path being your own and the second the one to virtually bind to. [https://docs.docker.com/storage/volumes/](https://docs.docker.com/storage/volumes/) The path before the colon is the host directory, and the path after the colon is the container's path. More details can be found in the [Docker Volumes Documentation](https://docs.docker.com/storage/volumes/).
## Reverse Proxy
1. [Nginx](../2.%20Reverse%20proxy/Nginx.md)
2. [Apache](../2.%20Reverse%20proxy/Apache.md)
### Note on --user Directive
The `--user` directive is unsupported. Instead, use the `USER_UID` and `USER_GID` environment variables to set the appropriate user and group IDs.
### Note on timezones
If you are having timezone issues and you are not using docker-compose, you may need to add a `TZ` environment variable with the [TZ identifier](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) of your local timezone.
## Rootless Docker Image
> [!NOTE]
> Please keep in mind that the data directory is at `/home/trilium/trilium-data` instead of the typical `/home/node/trilium-data`. This is because a new user is created and used to run Trilium within the rootless containers.
If you would prefer to run Trilium without having to run the Docker container as `root`, you can use either of the provided Debian (default) and Alpine-based images with the `rootless` tag. 
_**If you're unsure, stick to the “rootful” Docker image referenced above.**_
Below are some commands to pull the rootless images:
```
# For Debian-based image
docker pull triliumnext/trilium:rootless
# For Alpine-based image
docker pull triliumnext/trilium:rootless-alpine
```
### Why Rootless?
Running containers as non-root is a security best practice that reduces the potential impact of container breakouts. If an attacker manages to escape the container, they'll only have the permissions of the non-root user instead of full root access to the host.
### How It Works
The rootless Trilium image:
1. Creates a non-root user (`trilium`) during build time
2. Configures the application to run as this non-root user
3. Allows runtime customization of the user's UID/GID via Docker's `--user` flag
4. Does not require a separate Docker `entrypoint` script
### Usage
#### **Using docker-compose (Recommended)**
```
# Run with default UID/GID (1000:1000)
docker-compose -f docker-compose.rootless.yml up -d
# Run with custom UID/GID (e.g., match your host user)
TRILIUM_UID=$(id -u) TRILIUM_GID=$(id -g) docker-compose -f docker-compose.rootless.yml up -d
# Specify a custom data directory
TRILIUM_DATA_DIR=/path/to/your/data TRILIUM_UID=$(id -u) TRILIUM_GID=$(id -g) docker-compose -f docker-compose.rootless.yml up -d
```
#### **Using Docker CLI**
```
# Build the image
docker build -t triliumnext/trilium:rootless -f apps/server/Dockerfile.rootless .
# Run with default UID/GID (1000:1000)
docker run -d --name trilium -p 8080:8080 -v ~/trilium-data:/home/trilium/trilium-data triliumnext/trilium:rootless
# Run with custom UID/GID
docker run -d --name trilium -p 8080:8080 --user $(id -u):$(id -g) -v ~/trilium-data:/home/trilium/trilium-data triliumnext/trilium:rootless
```
### Environment Variables
* `TRILIUM_UID`: UID to use for the container process (passed to Docker's `--user` flag)
* `TRILIUM_GID`: GID to use for the container process (passed to Docker's `--user` flag)
* `TRILIUM_DATA_DIR`: Path to the data directory inside the container (default: `/home/node/trilium-data`)
For a complete list of configuration environment variables (network settings, authentication, sync, etc.), see <a class="reference-link" href="#root/1CEQXvOOO4EK">Configuration (config.ini or environment variables)</a>.
### Volume Permissions
If you encounter permission issues with the data volume, ensure that:
1. The host directory has appropriate permissions for the UID/GID you're using
2. You're setting both `TRILIUM_UID` and `TRILIUM_GID` to match the owner of the host directory
```
# For example, if your data directory is owned by UID 1001 and GID 1001:
TRILIUM_UID=1001 TRILIUM_GID=1001 docker-compose -f docker-compose.rootless.yml up -d
```
### Considerations
* The container starts with a specific UID/GID which can be customized at runtime
* Unlike the traditional setup, this approach does not use a separate entrypoint script with `usermod`/`groupmod` commands
* The container cannot modify its own UID/GID at runtime, which is a security feature of rootless containers
### Available Rootless Images
Two rootless variants are provided:
1. **Debian-based** (default): Uses the Debian Bullseye Slim base image
* Dockerfile: `apps/server/Dockerfile.rootless`
* Recommended for most users
2. **Alpine-based**: Uses the Alpine base image for smaller size
* Dockerfile: `apps/server/Dockerfile.alpine.rootless`
* Smaller image size, but may have compatibility issues with some systems
### Building Custom Rootless Images
If you would prefer, you can also customize the UID/GID at build time:
```
# For Debian-based image with custom UID/GID
docker build --build-arg USER=myuser --build-arg UID=1001 --build-arg GID=1001 \
-t triliumnext/trilium:rootless-custom -f apps/server/Dockerfile.rootless .
# For Alpine-based image with custom UID/GID
docker build --build-arg USER=myuser --build-arg UID=1001 --build-arg GID=1001 \
-t triliumnext/trilium:alpine-rootless-custom -f apps/server/Dockerfile.alpine.rootless .
```
Available build arguments:
* `USER`: Username for the non-root user (default: trilium)
* `UID`: User ID for the non-root user (default: 1000)
* `GID`: Group ID for the non-root user (default: 1000)

36
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/1. Installing the server/Using Kubernetes.md vendored Normal file
View File

@@ -0,0 +1,36 @@
# Using Kubernetes
As Trilium can be run in Docker it also can be deployed in Kubernetes. You can either use our Helm chart, a community Helm chart, or roll your own Kubernetes deployment.
The recommended way is to use a Helm chart.
## Root privileges
> [!NOTE]
> The Trilium container at this time needs to be run with root privileges. It will swap to UID and GID `1000:1000` to run the `node` process after execution though, so the main process doesn't run with root privileges.
The Trilium docker container needs to be run with root privileges. The node process inside the container will be started with reduced privileges (uid:gid 1000:1000) after some initialization logic. Please make sure that you don't use a security context (PodSecurityContext) which changes the user ID. To use a different uid:gid for file storage and the application, please use the `USER_UID` & `USER_GID` environment variables.
The docker image will also fix the permissions of `/home/node` so you don't have to use an init container.
## Helm Charts
[Official Helm chart](https://github.com/TriliumNext/helm-charts) from TriliumNext Unofficial helm chart by [ohdearaugustin](https://github.com/ohdearaugustin): [https://github.com/ohdearaugustin/charts](https://github.com/ohdearaugustin/charts)
## Adding a Helm repository
Below is an example of how
```
helm repo add trilium https://triliumnext.github.io/helm-charts
"trilium" has been added to your repositories
```
## How to install a chart
After reviewing the [`values.yaml`](https://github.com/TriliumNext/helm-charts/blob/main/charts/trilium/values.yaml) from the Helm chart, modifying as required and then creating your own:
```
helm install --create-namespace --namespace trilium trilium trilium/trilium -f values.yaml
```
For more information on using Helm, please refer to the Helm documentation, or create a Discussion in the TriliumNext GitHub Organization.

81
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/2. Reverse proxy/Apache.md vendored Normal file
View File

@@ -0,0 +1,81 @@
# Apache
I've assumed you have created a DNS A record for `trilium.yourdomain.com` that you want to use for your Trilium server.
1. Download docker image and create container
```
docker pull triliumnext/trilium:[VERSION]
docker create --name trilium -t -p 127.0.0.1:8080:8080 -v ~/trilium-data:/home/node/trilium-data triliumnext/trilium:[VERSION]
```
2. Configure Apache proxy and websocket proxy
1. Enable apache proxy modules
```
a2enmod ssl
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_wstunnel
```
2. Create a new let's encrypt certificate
```
sudo certbot certonly -d trilium.mydomain.com
```
Choose standalone (2) and note the location of the created certificates (typically /etc/letsencrypt/live/...)
3. Create a new virtual host file for apache (you may want to use `apachectl -S` to determine the server root location, mine is /etc/apache2)
```
sudo nano /etc/apache2/sites-available/trilium.yourdomain.com.conf
```
Paste (and customize) the following text into the configuration file
```
ServerName http://trilium.yourdomain.com
RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ServerName https://trilium.yourdomain.com
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://localhost:8080/$1 [P,L]
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
SSLCertificateFile /etc/letsencrypt/live/trilium.yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/trilium.yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
```
4. Enable the virtual host with `sudo a2ensite trilium.yourdomain.com.conf`
5. Reload apache2 with `sudo systemctl reload apache2`
3. Create and enable a systemd service to start the docker container on boot
1. Create a new empty file called `/lib/systemd/system/trilium.service` with the contents
```
[Unit]
Description=Trilium Server
Requires=docker.service
After=docker.service
[Service]
Restart=always
ExecStart=/usr/bin/docker start -a trilium
ExecStop=/usr/bin/docker stop -t 2 trilium
[Install]
WantedBy=local.target
```
2. Install, enable and start service
```
sudo systemctl daemon-reload
sudo systemctl enable trilium.service
sudo systemctl start trilium.service
```

76
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/2. Reverse proxy/Nginx.md vendored Normal file
View File

@@ -0,0 +1,76 @@
# Nginx
Configure Nginx proxy and HTTPS. The operating system here is Ubuntu 18.04.
1. Download Nginx and remove Apache2
```
sudo apt-get install nginx
sudo apt-get remove apache2
```
2. Create configure file
```
cd /etc/nginx/conf.d
vim default.conf
```
3. Fill the file with the context shown below, part of the setting show be changed. Then you can enjoy your web with HTTPS forced and proxy.
```
# This part configures, where your Trilium server is running
upstream trilium {
zone trilium 64k;
server 127.0.0.1:8080; # change it to a different hostname and port if non-default is used
keepalive 2;
}
# This part is for proxy and HTTPS configure
server {
listen 443 ssl;
server_name trilium.example.net; #change trilium.example.net to your domain without HTTPS or HTTP.
ssl_certificate /etc/ssl/note/example.crt; #change /etc/ssl/note/example.crt to your path of crt file.
ssl_certificate_key /etc/ssl/note/example.net.key; #change /etc/ssl/note/example.net.key to your path of key file.
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log; #check the path of access.log, if it doesn't fit your file, change it
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://trilium;
proxy_read_timeout 90;
}
}
# This part is for HTTPS forced
server {
listen 80;
server_name trilium.example.net; # change to your domain
return 301 https://$server_name$request_uri;
}
```
4. Alternatively if you want to serve the instance under a different path (useful e.g. if you want to serve multiple instances), update the location block like so:
* update the location with your desired path (make sure to not leave a trailing slash "/", if your `proxy_pass` does not end on a slash as well)
* add the `proxy_cookie_path` directive with the same path: this allows you to stay logged in at multiple instances at the same time.
```
location /trilium/instance-one {
rewrite /trilium/instance-one/(.*) /$1 break;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://trilium;
proxy_cookie_path / /trilium/instance-one
proxy_read_timeout 90;
}
```

38
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/Authentication.md vendored Normal file
View File

@@ -0,0 +1,38 @@
# Authentication
## Disabling authentication
If you are running Trilium on `localhost` only or if authentication is handled by another component, you can disable Triliums authentication by adding the following to `config.ini`:
```
[General]
noAuthentication=true
```
Disabling authentication will bypass even the <a class="reference-link" href="Multi-Factor%20Authentication.md">Multi-Factor Authentication</a> since v0.94.1.
## Understanding how the session works
Once logged into Trilium, the application will store this information about the login into a cookie on the browser, but also as a session on the server.
If “Remember me” is checked, then the login will expire in 21 days. This period can be adjusted by modifying the `Session.cookieMaxAge` value in `config.ini`. For example, to have the session expire in one day:
```
[Session]
cookieMaxAge=86400
```
When “Remember me” is unchecked, the behavior is different. At client/browser level the authentication does not have any expiration date, but it will be automatically cleared as soon as the user closes the browser. Nevertheless, the server will also dismiss this authentication in around 24 hours from the _last interaction with the application_.
## Viewing active sessions
The login sessions are now stored in the same <a class="reference-link" href="#root/lvXOQ00dcRlk">Database</a> as the user data. In order to view which sessions are active, open the <a class="reference-link" href="#root/hDJ4mPkZJQ4E">SQL Console</a> and run the following query:
```
SELECT * FROM sessions
```
Expired sessions are periodically cleaned by the server, generally an hourly interval.
## See also
* <a class="reference-link" href="Multi-Factor%20Authentication.md">Multi-Factor Authentication</a>

67
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/Multi-Factor Authentication.md vendored Normal file
View File

@@ -0,0 +1,67 @@
# Multi-Factor Authentication
Multi-factor authentication (MFA) is a security process that requires users to provide two or more verification factors to gain access to a system, application, or account. This adds an extra layer of protection beyond just using a password.
By requiring more than one verification method, MFA helps reduce the risk of unauthorized access, even if someone has obtained your password. Its highly recommended for securing sensitive information stored in your notes.
> [!WARNING]
> OpenID and TOTP cannot be both used at the same time!
## Log in with your Google Account with OpenID!
OpenID is a standardized way to let you log into websites using an account from another service, like Google, to verify your identity.
## Why Time-based One Time Passwords?
TOTP (Time-Based One-Time Password) is a security feature that generates a unique, temporary code on your device, like a smartphone, which changes every 30 seconds. You use this code, along with your password, to log into your account, making it much harder for anyone else to access them.
## Setup
MFA can only be set up on a server instance.
> [!NOTE]
> When Multi-Factor Authentication (MFA) is enabled on a server instance, a new desktop instance may fail to sync with it. As a temporary workaround, you can disable MFA to complete the initial sync, then re-enable MFA afterward. This issue will be addressed in a future release.
### TOTP
1. Go to "Menu" -> "Options" -> "MFA"
2. Click the “Enable Multi-Factor Authentication” checkbox if not checked
3. Choose “Time-Based One-Time Password (TOTP)” under MFA Method
4. Click the "Generate TOTP Secret" button
5. Copy the generated secret to your authentication app/extension
6. Click the "Generate Recovery Codes" button
7. Save the recovery codes. Recovery codes can be used once in place of the TOTP if you loose access to your authenticator. After a rerecovery code is used, it will show the unix timestamp when it was used in the MFA options tab.
8. Re-login will be required after TOTP setup is finished (After you refreshing the page).
### OpenID
In order to setup OpenID, you will need to setup a authentication provider. This requires a bit of extra setup. Follow [these instructions](https://developers.google.com/identity/openid-connect/openid-connect) to setup an OpenID service through google. The Redirect URL of Trilium is `https://<your-trilium-domain>/callback`.
1. Set the `oauthBaseUrl`, `oauthClientId` and `oauthClientSecret` in the `config.ini` file (check <a class="reference-link" href="#root/SneMubD5wTR6">Configuration (config.ini or environment variables)</a> for more information).
1. You can also setup through environment variables:
* Standard: `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHBASEURL`, `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTID`, `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHCLIENTSECRET`
* Legacy (still supported): `TRILIUM_OAUTH_BASE_URL`, `TRILIUM_OAUTH_CLIENT_ID`, `TRILIUM_OAUTH_CLIENT_SECRET`
2. `oauthBaseUrl` should be the link of your Trilium instance server, for example, `https://<your-trilium-domain>`.
2. Restart the server
3. Go to "Menu" -> "Options" -> "MFA"
4. Click the “Enable Multi-Factor Authentication” checkbox if not checked
5. Choose “OAuth/OpenID” under MFA Method
6. Refresh the page and login through OpenID provider
> [!NOTE]
> The default OAuth issuer is Google. To use other services such as Authentik or Auth0, you can configure the settings via `oauthIssuerBaseUrl`, `oauthIssuerName`, and `oauthIssuerIcon` in the `config.ini` file. Alternatively, these values can be set using environment variables:
>
> * Standard: `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERBASEURL`, `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERNAME`, `TRILIUM_MULTIFACTORAUTHENTICATION_OAUTHISSUERICON`
> * Legacy (still supported): `TRILIUM_OAUTH_ISSUER_BASE_URL`, `TRILIUM_OAUTH_ISSUER_NAME`, `TRILIUM_OAUTH_ISSUER_ICON`
>
> `oauthIssuerName` and `oauthIssuerIcon` are required for displaying correct issuer information at the Login page.
#### Authentik
If you dont already have a running Authentik instance, please follow [these instructions](https://docs.goauthentik.io/docs/install-config/install/docker-compose) to set one up.
1. In the Authentik admin dashboard, create a new OAuth2 application by following [these steps](https://docs.goauthentik.io/docs/add-secure-apps/providers/oauth2/create-oauth2-provider). Make sure to set the Redirect URL to: `https://<your-trilium-domain>/callback`.
2. In your config.ini file, set the relevant OAuth variables:
1. `oauthIssuerBaseUrl` → Use the `OpenID Configuration Issuer` URL from your application's overview page.
2. `oauthIssuerName` and `oauthIssuerIcon` → Set these to customize the name and icon displayed on the login page. If omitted, Googles name and icon will be shown by default.
3. Apply the changes by restarting your server.
4. Proceed with the remaining steps starting from Step 3 in the OpenID section.

53
docs/User Guide/User Guide/Installation & Setup/1_Server Installation/TLS Configuration.md vendored Normal file
View File

@@ -0,0 +1,53 @@
# TLS Configuration
Configuring TLS is essential for [server installation](../1_Server%20Installation.md) in Trilium. This guide details the steps to set up TLS within Trilium itself.
For a more robust solution, consider using TLS termination with a reverse proxy (recommended, e.g., Nginx). You can follow a [guide like this](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04) for such setups.
## Obtaining a TLS Certificate
You have two options for obtaining a TLS certificate:
* **Recommended**: Obtain a TLS certificate signed by a root certificate authority. For personal use, [Let's Encrypt](https://letsencrypt.org) is an excellent choice. It is free, automated, and straightforward. Certbot can facilitate automatic TLS setup.
* Generate a self-signed certificate. This option is not recommended due to the additional complexity of importing the certificate into all machines connecting to the server.
## Modifying `config.ini`
Once you have your certificate, modify the `config.ini` file in the [data directory](#root/dvbMBRXYMM2G) to configure Trilium to use it:
```
[Network]
port=8080
# Set to true for TLS/SSL/HTTPS (secure), false for HTTP (insecure).
https=true
# Path to the certificate (run "bash bin/generate-cert.sh" to generate a self-signed certificate).
# Relevant only if https=true
certPath=/[username]/.acme.sh/[hostname]/fullchain.cer
keyPath=/[username]/.acme.sh/[hostname]/example.com.key
```
You can also review the [configuration](#root/SneMubD5wTR6) file to provide all `config.ini` values as environment variables instead. For example, you can configure TLS using environment variables:
```sh
export TRILIUM_NETWORK_HTTPS=true
export TRILIUM_NETWORK_CERTPATH=/path/to/cert.pem
export TRILIUM_NETWORK_KEYPATH=/path/to/key.pem
```
The above example shows how this is set up in an environment where the certificate was generated using Let's Encrypt's ACME utility. Your paths may differ. For Docker installations, ensure these paths are within a volume or another directory accessible by the Docker container, such as `/home/node/trilium-data/[DIR IN DATA DIRECTORY]`.
After configuring `config.ini`, restart Trilium and access the hostname using "https".
## Self-Signed Certificate
If you opt to use a self-signed certificate for your server instance, note that the desktop instance will not trust it by default.
To bypass this, disable certificate validation by setting the following environment variable (for Linux):
```
export NODE_TLS_REJECT_UNAUTHORIZED=0
trilium
```
Trilium provides scripts to start in this mode, such as `trilium-no-cert-check.bat` for Windows.
**Warning**: Disabling TLS certificate validation is insecure. Proceed only if you fully understand the implications.

279
docs/User Guide/User Guide/Installation & Setup/Security/Protected Notes and Encryption.md vendored Normal file
View File

@@ -0,0 +1,279 @@
# Protected Notes and Encryption
Trilium provides robust encryption capabilities through its Protected Notes system, ensuring your sensitive information remains secure even if your database is compromised.
## Overview
Protected notes in Trilium use **AES-128-CBC encryption** with scrypt-based key derivation to protect sensitive content. The encryption is designed to be:
* **Secure**: Uses industry-standard AES encryption with strong key derivation
* **Selective**: Only notes marked as protected are encrypted
* **Session-based**: Decrypted content remains accessible during a protected session
* **Zero-knowledge**: The server never stores unencrypted protected content
## How Encryption Works
### Encryption Algorithm
* **Cipher**: AES-128-CBC (Advanced Encryption Standard in Cipher Block Chaining mode)
* **Key Derivation**: Scrypt with configurable parameters (N=16384, r=8, p=1)
* **Initialization Vector**: 16-byte random IV generated for each encryption operation
* **Integrity Protection**: SHA-1 digest (first 4 bytes) prepended to plaintext for tamper detection
### Key Management
1. **Master Password**: User-provided password used for key derivation
2. **Data Key**: 32-byte random key generated during setup, encrypted with password-derived key
3. **Password-Derived Key**: Generated using scrypt from master password and salt
4. **Session Key**: Data key loaded into memory during protected session
### Encryption Process
```
1. Generate random 16-byte IV
2. Compute SHA-1 digest of plaintext (use first 4 bytes)
3. Prepend digest to plaintext
4. Encrypt (digest + plaintext) using AES-128-CBC
5. Prepend IV to encrypted data
6. Encode result as Base64
```
### Decryption Process
```
1. Decode Base64 ciphertext
2. Extract IV (first 16 bytes) and encrypted data
3. Decrypt using AES-128-CBC with data key and IV
4. Extract digest (first 4 bytes) and plaintext
5. Verify integrity by comparing computed vs. stored digest
6. Return plaintext if verification succeeds
```
## Setting Up Protected Notes
### Initial Setup
1. **Set Master Password**: Configure a strong password during initial setup
2. **Create Protected Note**: Right-click a note and select "Toggle Protected Status"
3. **Enter Protected Session**: Click the shield icon or use Ctrl+Shift+P
### Password Requirements
* **Minimum Length**: 8 characters (recommended: 12+ characters)
* **Complexity**: Use a mix of uppercase, lowercase, numbers, and symbols
* **Uniqueness**: Don't reuse passwords from other services
* **Storage**: Consider using a password manager for complex passwords
### Best Practices
1. **Strong Passwords**: Use passphrases or generated passwords
2. **Regular Changes**: Update passwords periodically
3. **Secure Storage**: Store password recovery information securely
4. **Backup Strategy**: Ensure encrypted backups are properly secured
## Protected Sessions
### Session Management
* **Automatic Timeout**: Sessions expire after configurable timeout (default: 10 minutes)
* **Manual Control**: Explicitly enter/exit protected sessions
* **Activity Tracking**: Session timeout resets with each protected note access
* **Multi-client**: Each client maintains its own protected session
### Session Lifecycle
1. **Enter Session**: User enters master password
2. **Key Derivation**: System derives data key from password
3. **Session Active**: Protected content accessible in plaintext
4. **Timeout/Logout**: Data key removed from memory
5. **Protection Restored**: Content returns to encrypted state
### Configuration Options
Access via Options → Protected Session:
* **Session Timeout**: Duration before automatic logout (seconds)
* **Password Verification**: Enable/disable password strength requirements
* **Recovery Options**: Configure password recovery mechanisms
## Performance Considerations
### Encryption Overhead
* **CPU Impact**: Scrypt key derivation is intentionally CPU-intensive
* **Memory Usage**: Minimal additional memory for encrypted content
* **Storage Size**: Encrypted content is slightly larger due to Base64 encoding
* **Network Transfer**: Encrypted notes transfer as Base64 strings
### Optimization Tips
1. **Selective Protection**: Only encrypt truly sensitive notes
2. **Session Management**: Keep sessions active during intensive work
3. **Hardware Acceleration**: Modern CPUs provide AES acceleration
4. **Batch Operations**: Group protected note operations when possible
## Security Considerations
### Threat Model
**Protected Against**:
* Database theft or unauthorized access
* Network interception (data at rest)
* Server-side data breaches
* Backup file compromise
**Not Protected Against**:
* Keyloggers or screen capture malware
* Physical access to unlocked device
* Memory dumps during active session
* Social engineering attacks
### Limitations
1. **Note Titles**: Currently encrypted, may leak structural information
2. **Metadata**: Creation dates, modification times remain unencrypted
3. **Search Indexing**: Protected notes excluded from full-text search
4. **Sync Conflicts**: May be harder to resolve for protected content
## Troubleshooting
### Common Issues
#### "Could not decrypt string" Error
**Causes**:
* Incorrect password entered
* Corrupted encrypted data
* Database migration issues
**Solutions**:
1. Verify password spelling and case sensitivity
2. Check for active protected session
3. Restart application and retry
4. Restore from backup if corruption suspected
#### Protected Session Won't Start
**Causes**:
* Password verification hash mismatch
* Missing encryption salt
* Database schema issues
**Solutions**:
1. Check error logs for specific error messages
2. Verify database integrity
3. Restore from known good backup
4. Contact support with error details
#### Performance Issues
**Symptoms**:
* Slow password verification
* Long delays entering protected session
* High CPU usage during encryption
**Solutions**:
1. Reduce scrypt parameters (advanced users only)
2. Limit number of protected notes
3. Upgrade hardware (more RAM/faster CPU)
4. Close other resource-intensive applications
### Recovery Procedures
#### Password Recovery
If you forget your master password:
1. **No Built-in Recovery**: Trilium cannot recover forgotten passwords
2. **Backup Restoration**: Restore from backup with known password
3. **Data Export**: Export unprotected content before password change
4. **Complete Reset**: Last resort - lose all protected content
#### Data Recovery
For corrupted protected notes:
1. **Verify Backup**: Check if backups contain uncorrupted data
2. **Export/Import**: Try exporting and re-importing the note
3. **Database Repair**: Use database repair tools if available
4. **Professional Help**: Contact data recovery services for critical data
## Advanced Configuration
### Custom Encryption Parameters
**Warning**: Modifying encryption parameters requires advanced knowledge and may break compatibility.
For expert users, encryption parameters can be modified in the source code:
```typescript
// In my_scrypt.ts
const scryptParams = {
N: 16384, // CPU/memory cost parameter
r: 8, // Block size parameter
p: 1 // Parallelization parameter
};
```
### Integration with External Tools
Protected notes can be accessed programmatically:
```javascript
// Backend script example
const protectedNote = api.getNote('noteId');
if (protectedNote.isProtected) {
// Content will be encrypted unless in protected session
const content = protectedNote.getContent();
}
```
## Compliance and Auditing
### Encryption Standards
* **Algorithm**: AES-128-CBC (FIPS 140-2 approved)
* **Key Derivation**: Scrypt (RFC 7914)
* **Random Generation**: Node.js crypto.randomBytes() (OS entropy)
### Audit Trail
* Protected session entry/exit events logged
* Encryption/decryption operations tracked
* Password verification attempts recorded
* Key derivation operations monitored
### Compliance Considerations
* **GDPR**: Encryption provides data protection safeguards
* **HIPAA**: AES encryption meets security requirements
* **SOX**: Audit trails support compliance requirements
* **PCI DSS**: Strong encryption protects sensitive data
## Migration and Backup
### Backup Strategies
1. **Encrypted Backups**: Regular backups preserve encrypted state
2. **Unencrypted Exports**: Export protected content during session
3. **Key Management**: Securely store password recovery information
4. **Testing**: Regularly test backup restoration procedures
### Migration Procedures
When moving to new installation:
1. **Export Data**: Export all notes including protected content
2. **Backup Database**: Create complete database backup
3. **Transfer Files**: Move exported files to new installation
4. **Import Data**: Import using same master password
5. **Verify**: Confirm all protected content accessible
Remember: The security of protected notes ultimately depends on choosing a strong master password and following security best practices for your overall system.