Joplin and webdav

What's Joplin?

Joplin is a cross-platform note taking app that I use a lot to keep track of my projects, and to organize my notes and thoughts. Joplin allows you to create note books, and add an infinite number of notes to them. You can link between notes, link to external sources, add images, tables, etc. Everythin in markdown, very easy to learn and use. It's basically an Evernote clone, without the subscription, and without one other thing that I'll talk about later.

Now I hear you say: "but Max, there are a 100 apps that do this, what makes this one special?" I'll tell you what makes this app special. Three things, really:

1. Joplin is cross platform, and is available on Linux, Android, Windows, basically everywhere. This means I can have my notes on my tablet, which I find very convenient. How do I get my notes on my tablet though?
2. That's where the second killer feature comes in: synchronization. Quite robust, cross-platform synchronization. All of my notes, available everywhere, always. Love it. This is what I'll be talking about next.
3. This is maybe not so interesting for everyone, but I like it a lot: the ability to sponsor development through Patreon. I love the idea that I can sponsor small time developers of software that I love. I don't think this model scales to things like Linux distributions or things like that, but for things like Joplin, it's brilliant.

There actually is a fourth reason: end-to-end encryption. Evernote does not have this, and Joplin does, and this is something I really, really want to have.

What's not to like?

So there's one thing I miss in Joplin, that Evernote does have, and that's the ability to take handwritten notes. I have Samsung gear (and I used to have Apple gear) that I would really welcome the ability to do handwritten notes for. On the other hand though, doing handwritten notes on Evernote on Android sucks, so there's that.

Syncing

Anyway, back to the topic at hand: syncing. Joplin supports various methods to sync: OneDrive, file system, Nextcloud, Dropbox, Webdav and S3 (which is in beta right now).

Filesystem sync and syncthing

Back when I first started using Joplin, I used to sync to the file system, and then have syncthing pick up the files and distribute them between my devices. I have a NAS that's always on, so that worked kind of OK.

However, when for some reason I would sync multiple devices at once (which I don't usually do, but occasionally happened), weird things could happen, like conflicting changes and clashing syncs.

Nextcloud

At some point, I had to build a server to temporary use, and decided to drop Nextcloud on it for syncing. I - falsely - assumed Nextcloud would be the easiest sync method to setup. Setting up Nextcloud is kind of a hassle, though, and sync performance has been a hit or miss for me. I have been hit by a bug that brought syncing to a crawl before, and when that bug seemed to return when I had to rebuild my server to run Fedora 32 instead of CentOS, I gave up on Nextcloud.

Apart from the slow syncing, the complexity of Nextcloud, in combination with the fact that I used exactly one feature of it (webdav), made me realize Joplin actually supports plain webdav. I don't know why, but originally I assumed setting up webdav would be complex, but it turns out it's in fact super easy.

Webdav

So assuming you already have apache running on your Fedora box, you create a virtualhost to point to your webdav directory, and prevent unauthorized access to it. Basic auth is enough here, since I'm the only one using it, and we're using SSL to prevent snooping.

<VirtualHost *:443>
  ServerName your.dav.server.com
  DocumentRoot "/var/webdav/files"
  ErrorLog logs/ssl_error_log_dav
  TransferLog logs/ssl_access_log_dav
  CustomLog logs/ssl_request_log_dav "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

  SSLEngine on
  SSLCipherSuite AES256+EECDH:AES256+EDH
  SSLProtocol All -SSLv2 -SSLv3
  SSLHonorCipherOrder On
  SSLCompression off
  SSLCertificateFile /etc/letsencrypt/live/your.dav.server/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/your.dav.server/privkey.pem
  SSLCertificateChainFile /etc/letsencrypt/live/your.dav.server/chain.pem

  <Location />
    Require valid-user
    AuthType "Basic"
    AuthName "Oh no you didn't"
    AuthBasicProvider file
    AuthUserFile /var/webdav/.htpasswd
    Dav On
  </Location>
</VirtualHost>

I'm assuming how to set up Let's Encrypt certificates and creating a virtual host on Apache is known. If not, I might do a follow-up post about that. Let me know ;)

Of course, we need to create and properly label our webdav directory before we can actually start running our server:

mkdir -p /var/webdav/files
semanage fcontext --add  -t httpd_sys_rw_content_t '/var/webdav/files(/.*)?'
systemctl enable --now httpd

And finally, we'll create the htpasswd file:

htpasswd -c5 /var/webdav/.htpasswd myuser

Now you can use the myuser and the password you just set up in your Joplin config, both on your Fedora desktop, as well as for any other platforms, like Android, and sync them all nicely and securely.

I still have end-to-end encryption enabled as well though :)