Applications Azure

TiddlyWiki on Ubuntu 24.04 on Azure User Guide

| Product: TiddlyWiki on Ubuntu 24.04 LTS on Azure

Overview

TiddlyWiki is the open source, self-contained personal wiki and non-linear notebook. Instead of rigid pages, everything you write is captured as a small, individually addressable note called a tiddler, and tiddlers link, tag and transclude each other freely so a knowledge base grows the way you think. The cloudimg image runs TiddlyWiki's own built-in Node.js server (the tiddlywiki npm package, pinned to a stable release) as a dedicated tiddlywiki system user, storing each tiddler as a file under a server wiki folder at /var/lib/tiddlywiki/mywiki, fronted by nginx on port 80. Access is protected by TiddlyWiki's own HTTP Basic Authentication, and a unique admin password is generated on the first boot of every VM - there is no default login. Backed by 24/7 cloudimg support.

What is included:

  • TiddlyWiki 5.4.x running on its built-in Node.js server as the tiddlywiki system user
  • Node.js 22 LTS preinstalled from the NodeSource apt repository
  • The TiddlyWiki notebook UI on :80, fronted by nginx
  • TiddlyWiki's built-in HTTP Basic Authentication requiring a per-VM credential for every read and write
  • A unique admin password generated on first boot and recorded in a root-only file
  • tiddlywiki.service + nginx.service as systemd units, enabled and active
  • An unauthenticated /healthz endpoint for Azure Load Balancer health probes
  • 24/7 cloudimg support

Prerequisites

An active Azure subscription, an SSH key pair, and a VNet + subnet in the target region. Standard_B2s (2 vCPU / 4 GiB RAM) is a comfortable starting point - TiddlyWiki is a lightweight single-user notebook server. NSG inbound: allow 22/tcp from your management network and 80/tcp. TiddlyWiki serves plain HTTP on port 80; for production, terminate TLS in front of it with your own domain and consider adding 443/tcp (see Maintenance).

Step 1 - Deploy from the Azure Marketplace

Sign in to the Azure Portal, choose Create a resource, search the Marketplace for TiddlyWiki by cloudimg, and select Create. On Basics pick your subscription, resource group, region and size; under Administrator account choose SSH public key and paste your key; under Inbound port rules allow SSH (22) and HTTP (80). Then Review + create -> Create.

Step 2 - Deploy from the Azure CLI

az vm create \
  --resource-group <your-rg> \
  --name tiddlywiki \
  --image <marketplace-image-urn> \
  --size Standard_B2s \
  --admin-username azureuser \
  --ssh-key-values ~/.ssh/id_ed25519.pub \
  --vnet-name <your-vnet> --subnet <your-subnet> \
  --public-ip-sku Standard

az vm open-port --resource-group <your-rg> --name tiddlywiki --port 80 --priority 1010

Step 3 - Connect to your VM

ssh azureuser@<vm-public-ip>

Step 4 - Confirm the services are running

systemctl is-active tiddlywiki.service nginx.service
tiddlywiki --version
node --version

Both systemd units report active. tiddlywiki.service runs TiddlyWiki's Node.js server bound to the loopback connector 127.0.0.1:8080, and nginx.service fronts it on port 80.

tiddlywiki.service and nginx.service active, the TiddlyWiki version, and the loopback and public listeners

Step 5 - Retrieve your login credentials

The appliance's access gate is TiddlyWiki's built-in HTTP Basic Auth (user admin). The password is generated uniquely on the first boot of your VM and written to a root-only file:

sudo cat /root/tiddlywiki-credentials.txt

This file contains TIDDLYWIKI_URL, TIDDLYWIKI_USERNAME and TIDDLYWIKI_PASSWORD. Store the password somewhere safe - it is the key to your wiki.

The per-VM credentials file with the generated admin password and URL, its root-only permissions, and the first-boot sentinel

Step 6 - Confirm the health endpoint

nginx serves an unauthenticated health endpoint for load balancers and probes:

curl -s http://localhost/healthz

It returns ok. This endpoint never requires authentication, so it is safe for an Azure Load Balancer health probe.

Step 7 - Confirm the login password is enforced

Because a password is set on first boot, an unauthenticated request to the wiki is rejected (HTTP 401), so nobody reaches your notes without the password:

curl -s -o /dev/null -w '%{http_code}\n' http://127.0.0.1/

It prints 401. A wrong password is also rejected with 401; only the per-VM password from Step 5 returns 200:

curl -s -o /dev/null -w '%{http_code}\n' -u 'admin:<TIDDLYWIKI_PASSWORD>' http://127.0.0.1/

This prints 200. TiddlyWiki requires this credential for every read and every write, so the wiki is never world-readable or world-writable.

The TiddlyWiki Basic Auth gate returning 200 for /healthz, 401 for an unauthenticated request and a wrong password, and 200 with the per-VM admin password

Step 8 - Sign in to your wiki

Browse to http://<vm-public-ip>/. Your browser prompts for HTTP Basic Auth credentials - enter admin and the password from Step 5. TiddlyWiki then loads its notebook view: the story river on the left shows your open tiddlers (starting with a GettingStarted note), and the sidebar on the right gives you the new-tiddler, control panel and save controls, a search box, and the Open / Recent / Tools / More tabs.

The TiddlyWiki notebook view with the story river and sidebar, loaded behind the Basic Auth gate

Step 9 - Create and edit a note

Click the + (new tiddler) button at the top of the sidebar. TiddlyWiki opens an edit view: give the note a title, add tags, and type its body using the formatting toolbar (bold, italic, headings, lists, links, images and more). Click the check mark to save; the change is written straight back to the server wiki folder on your VM.

Creating a new tiddler in the TiddlyWiki edit view with the title field, tag field and formatting toolbar

Step 10 - Search across your wiki

Type into the search box at the top of the sidebar to find tiddlers instantly - TiddlyWiki matches on titles and full text as you type and shows the results in a live dropdown. This is how you navigate a growing knowledge base without any folder hierarchy.

Live search across the wiki showing title and full-text matches in the TiddlyWiki sidebar

Step 11 - Adjust settings in the Control Panel

Open the Control Panel (the gear icon in the sidebar) to configure your wiki: set the title and subtitle, choose which tiddlers open at startup, manage appearance and themes, plugins, saving and keyboard shortcuts. The Info tab confirms the running TiddlyWiki version and the admin sign-in username.

The TiddlyWiki Control Panel showing the version, title, subtitle, sign-in username and default tiddlers settings

Step 12 - Confirm where your wiki is stored

Every tiddler is saved as a file under the server wiki folder on your VM, so your notes persist across reboots and are captured with the disk:

sudo ls -la /var/lib/tiddlywiki/mywiki

You will see the tiddlywiki.info server configuration and a tiddlers directory that holds one file per note. Back up /var/lib/tiddlywiki to preserve your whole wiki.

Maintenance

  • Login password: the Basic Auth password is generated on first boot and stored in /root/tiddlywiki-credentials.txt. To change it, run sudo sh -c 'printf "%s" "NEW_PASSWORD" > /var/lib/tiddlywiki/.tw-password' && sudo chown tiddlywiki:tiddlywiki /var/lib/tiddlywiki/.tw-password && sudo systemctl restart tiddlywiki.
  • Your wiki data: all notes live under /var/lib/tiddlywiki/mywiki/tiddlers, one file per tiddler. Back up /var/lib/tiddlywiki to preserve your content and password.
  • Upgrades: TiddlyWiki is installed globally via npm. To upgrade an already running VM, run sudo npm install -g tiddlywiki@latest then sudo systemctl restart tiddlywiki.
  • TLS: TiddlyWiki serves plain HTTP on port 80; front it with TLS (for example certbot with your own domain) before production use.
  • Security patches: unattended-upgrades remains enabled so the OS continues to receive security updates automatically.
  • License: TiddlyWiki is BSD 3-Clause licensed. This image ships the open source TiddlyWiki; the cloudimg charge covers packaging, security patching, image maintenance and support.

Support

cloudimg provides 24/7 expert support for this image. Contact support@cloudimg.co.uk.