Set up SilverBullet on Apache server with reverse proxy

This is a guide on setting up SilverBullet on a classic LAMP server (Linux, Apache, MySQL, PHP). This guide is tested on a server that is accessible via SSH, runs Ubuntu server 20.04, and a domain (mydomain.org for the purposes of this guide) points to it (using DNS records provider).

The goal of this guide is to:

  • have SilverBullet (SB) accssible from anywhere on the Internet using the domain name you have binded to the server without employing any 3rd-party tunneling service like ngrok,
  • connect to SB securely, so TLS (HTTPS) is a must, and
  • restrict the SB instance only to authenticated people (--user switch).

SilverBullet doesn’t support URL paths, so it’s not possible to run the instance in a subdirectory under your domain root, e.g., https://mydomain.org/notes/SB. I assume you use your domain also for services other than SB so we’ll run SB under a subdomain: e.g., https://silverbul.mydomain.org.

Basic setup

  1. Create a directory for the subdomain under your server root, e.g. /var/www/silverbul.mydomainOrg
    The name doesn’t need to directly match the domain.
  2. Install and run SilverBullet there in a standard way. (after installation, you run SB using silverbullet .)
    I suggest using screen so that you can leave it running in the background.
  3. Create an Apache site config in /etc/apache2/sites-available//var/www/silverbul.mydomainOrg.conf with this content (adjust the paths, names):
<VirtualHost *:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/silverbul.mydomainOrg
    ServerName silverbul.mydomain.org
    AllowEncodedSlashes On
    ProxyPreserveHost On
    ProxyPass "/"  "http://localhost:3000/"
    ErrorLog ${APACHE_LOG_DIR}/error_silverbul.mydomainOrg.log
    CustomLog ${APACHE_LOG_DIR}/access_silverbul.mydomainOrg.log combined
</VirtualHost>
  1. Reload the Apache service: sudo systemctl reload apache2.service
    Depends on your OS, this is for Ubuntu Linux and similar.
  2. Test the insecure access to SB via http://silverbul.mydomain.org.
    If it works, continue. If not, search for errors, ask the Internets, …

Secure connection

  1. Create a valid SSL certificate for the subdomain using certbot (https://certbot.eff.org): sudo certbot -d silverbul.mydomain.org.
    You can, of course, use other means to get a valid certificate. In my opinion, this is the easiest by far.
  2. Certbot is a very comfy tool and if your subdomain site is accessible via HTTP, it should reconfigure the Apache site settings for the subdomain automatically (it did for me).
  3. Test the secure access to your SB instance via https://silverbul.mydomain.org.

Authentication

  1. Kill SilverBullet on your server (ctrl+C) and re-run it with a username and password: silverbullet --user pete:1234 . (use long and secure password of course, like Broadness=Sensitive=Stipend=Coronary=Stapling=Boil192).
  2. Go to https://silverbul.mydomain.org, reload the page and login with the usr:psw you set in the previous step.

That’s it. I hope you can now effortlessly and securely enjoy your self-hosted SilverBullet.


I hereby thank @TheNomad11 , @zef , and @i_am_dangry for helping me achieve this setup in the original support thread [SOLVED] How to set up SilverBullet on Apache server (reverse proxy) - Troubleshooting - SilverBullet Community. Without their help, I’d hardly have a functional SB instance securely running now.

I also encourage anyone with ideas to improve or extend this guide to share their vision in comments here.

3 Likes