TiddlyWiki on Ubuntu 24.04 on Azure User Guide
Overview
TiddlyWiki is the open source, self-contained personal wiki and non-linear notebook. Instead of rigid pages, everything you write is captured as a small, individually addressable note called a tiddler, and tiddlers link, tag and transclude each other freely so a knowledge base grows the way you think. The cloudimg image runs TiddlyWiki's own built-in Node.js server (the tiddlywiki npm package, pinned to a stable release) as a dedicated tiddlywiki system user, storing each tiddler as a file under a server wiki folder at /var/lib/tiddlywiki/mywiki, fronted by nginx on port 80. Access is protected by TiddlyWiki's own HTTP Basic Authentication, and a unique admin password is generated on the first boot of every VM - there is no default login. Backed by 24/7 cloudimg support.
What is included:
- TiddlyWiki 5.4.x running on its built-in Node.js server as the
tiddlywikisystem user - Node.js 22 LTS preinstalled from the NodeSource apt repository
- The TiddlyWiki notebook UI on
:80, fronted by nginx - TiddlyWiki's built-in HTTP Basic Authentication requiring a per-VM credential for every read and write
- A unique admin password generated on first boot and recorded in a root-only file
tiddlywiki.service+nginx.serviceas systemd units, enabled and active- An unauthenticated
/healthzendpoint for Azure Load Balancer health probes - 24/7 cloudimg support
Prerequisites
An active Azure subscription, an SSH key pair, and a VNet + subnet in the target region. Standard_B2s (2 vCPU / 4 GiB RAM) is a comfortable starting point - TiddlyWiki is a lightweight single-user notebook server. NSG inbound: allow 22/tcp from your management network and 80/tcp. TiddlyWiki serves plain HTTP on port 80; for production, terminate TLS in front of it with your own domain and consider adding 443/tcp (see Maintenance).
Step 1 - Deploy from the Azure Marketplace
Sign in to the Azure Portal, choose Create a resource, search the Marketplace for TiddlyWiki by cloudimg, and select Create. On Basics pick your subscription, resource group, region and size; under Administrator account choose SSH public key and paste your key; under Inbound port rules allow SSH (22) and HTTP (80). Then Review + create -> Create.
Step 2 - Deploy from the Azure CLI
az vm create \
--resource-group <your-rg> \
--name tiddlywiki \
--image <marketplace-image-urn> \
--size Standard_B2s \
--admin-username azureuser \
--ssh-key-values ~/.ssh/id_ed25519.pub \
--vnet-name <your-vnet> --subnet <your-subnet> \
--public-ip-sku Standard
az vm open-port --resource-group <your-rg> --name tiddlywiki --port 80 --priority 1010
Step 3 - Connect to your VM
ssh azureuser@<vm-public-ip>
Step 4 - Confirm the services are running
systemctl is-active tiddlywiki.service nginx.service
tiddlywiki --version
node --version
Both systemd units report active. tiddlywiki.service runs TiddlyWiki's Node.js server bound to the loopback connector 127.0.0.1:8080, and nginx.service fronts it on port 80.

Step 5 - Retrieve your login credentials
The appliance's access gate is TiddlyWiki's built-in HTTP Basic Auth (user admin). The password is generated uniquely on the first boot of your VM and written to a root-only file:
sudo cat /root/tiddlywiki-credentials.txt
This file contains TIDDLYWIKI_URL, TIDDLYWIKI_USERNAME and TIDDLYWIKI_PASSWORD. Store the password somewhere safe - it is the key to your wiki.

Step 6 - Confirm the health endpoint
nginx serves an unauthenticated health endpoint for load balancers and probes:
curl -s http://localhost/healthz
It returns ok. This endpoint never requires authentication, so it is safe for an Azure Load Balancer health probe.
Step 7 - Confirm the login password is enforced
Because a password is set on first boot, an unauthenticated request to the wiki is rejected (HTTP 401), so nobody reaches your notes without the password:
curl -s -o /dev/null -w '%{http_code}\n' http://127.0.0.1/
It prints 401. A wrong password is also rejected with 401; only the per-VM password from Step 5 returns 200:
curl -s -o /dev/null -w '%{http_code}\n' -u 'admin:<TIDDLYWIKI_PASSWORD>' http://127.0.0.1/
This prints 200. TiddlyWiki requires this credential for every read and every write, so the wiki is never world-readable or world-writable.

Step 8 - Sign in to your wiki
Browse to http://<vm-public-ip>/. Your browser prompts for HTTP Basic Auth credentials - enter admin and the password from Step 5. TiddlyWiki then loads its notebook view: the story river on the left shows your open tiddlers (starting with a GettingStarted note), and the sidebar on the right gives you the new-tiddler, control panel and save controls, a search box, and the Open / Recent / Tools / More tabs.

Step 9 - Create and edit a note
Click the + (new tiddler) button at the top of the sidebar. TiddlyWiki opens an edit view: give the note a title, add tags, and type its body using the formatting toolbar (bold, italic, headings, lists, links, images and more). Click the check mark to save; the change is written straight back to the server wiki folder on your VM.

Step 10 - Search across your wiki
Type into the search box at the top of the sidebar to find tiddlers instantly - TiddlyWiki matches on titles and full text as you type and shows the results in a live dropdown. This is how you navigate a growing knowledge base without any folder hierarchy.

Step 11 - Adjust settings in the Control Panel
Open the Control Panel (the gear icon in the sidebar) to configure your wiki: set the title and subtitle, choose which tiddlers open at startup, manage appearance and themes, plugins, saving and keyboard shortcuts. The Info tab confirms the running TiddlyWiki version and the admin sign-in username.

Step 12 - Confirm where your wiki is stored
Every tiddler is saved as a file under the server wiki folder on your VM, so your notes persist across reboots and are captured with the disk:
sudo ls -la /var/lib/tiddlywiki/mywiki
You will see the tiddlywiki.info server configuration and a tiddlers directory that holds one file per note. Back up /var/lib/tiddlywiki to preserve your whole wiki.
Maintenance
- Login password: the Basic Auth password is generated on first boot and stored in
/root/tiddlywiki-credentials.txt. To change it, runsudo sh -c 'printf "%s" "NEW_PASSWORD" > /var/lib/tiddlywiki/.tw-password' && sudo chown tiddlywiki:tiddlywiki /var/lib/tiddlywiki/.tw-password && sudo systemctl restart tiddlywiki. - Your wiki data: all notes live under
/var/lib/tiddlywiki/mywiki/tiddlers, one file per tiddler. Back up/var/lib/tiddlywikito preserve your content and password. - Upgrades: TiddlyWiki is installed globally via npm. To upgrade an already running VM, run
sudo npm install -g tiddlywiki@latestthensudo systemctl restart tiddlywiki. - TLS: TiddlyWiki serves plain HTTP on port 80; front it with TLS (for example certbot with your own domain) before production use.
- Security patches: unattended-upgrades remains enabled so the OS continues to receive security updates automatically.
- License: TiddlyWiki is BSD 3-Clause licensed. This image ships the open source TiddlyWiki; the cloudimg charge covers packaging, security patching, image maintenance and support.
Support
cloudimg provides 24/7 expert support for this image. Contact support@cloudimg.co.uk.