How to setup a private Turtl server

server Feb 24, 2019

I have been wanting something to replace my Google Keep for a while and finally settled on Turtl [] as it seems OK and checks the boxes for my requirements [Open Source, Cross Platform, Works, etc etc].  The bar wasn't that high for me, but I wanted to run my own server to sync notes, and this app does that.  Here is a quick n' dirty tutorial to get you up and running as it took me an afternoon to figure it out. Hit me up on Twitter or Telegram if you have questions.

UPDATE March 2019:

After getting some feedback on this write up, I updated my Nginx config below.    Also, if you run a RPM based Linux OS [RHEL, CentOS, Fedora, etc] you can grab some prebuilt RPMs from this repo.

Thanks taw00 for the feedback and building the RPMs.


Get a VPS and configure it.  I should probably add an affiliate link to Digital Ocean, Linode, or something, but you can figure that out on your own time.

Install the Basics

Install the basics [These instructions are for Ubuntu 18.04, YMMV]

  • Update your server always
apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade && apt-get autoremove 
  • Install Nginx

sudo apt install nginx 

  • Install Postgresql

sudo apt install postgresql postgresql-contrib
  • Install PM2

sudo npm install pm2@latest -g 

Add/Configure a user for your Turtl server [unix account and postgresql account]

# change to the default postgres user
sudo -i -u postgres

# Open the psql terminal

# Run through the createuser wizard [add 'turtl' as superuser for dev, limit to turtl db for prod]
createuser --interactive
createdb turtl

# ctrl-D to log out of postgres terminal
# Add a Unix account for turtl
adduser turtl

# Add a directory for uploads and change the owner to the turtl user
mkdir -p /opt/turtl/server/public/uploads
chown -Rfv turtl:turtl /opt/turtl

Setup and configure your Turtl server

# Update postgresql password [\password command] so your DB connection in the config works

# Make a directory and clone the repo
mkdir turtl
cd turtl
git clone
cd server/

# Install all the things
npm install

# I ended up needing to fix something because Javascript or Node...
npm audit fix

# Copy the example config over and edit
# update the DB connection and other things local to you [emails, domain, upload directory, etc].
cp config/config.yaml.default config/config.yaml
nano config/config.yaml

# Add the plugin directory, for later use when plugins become available
mkdir -p /opt/turtl/server/plugins

# Init the DB structure

# Test that bad boy out, and fix the things you messed up
node server.js

# Run the server with PM2
pm2 start server.js

# Logout as turtl user

Setup and configure Nginx

Add a Nginx domain.conf file to your /sites-available directory and then create a symbolic link to /sites-enabled [I included an example conf file below which redirects properly]

Setup your domain and point DNS to your VPS [Beyond scope for today]

Setup ACME.SH [] as it is the best way for low end VPS to get a cert.

# Run it
service nginx stop

# Get your cert --issue --standalone -d YOURTURTLDOMAIN.COM

# copy your cert file to the directory you specified in the nginx conf file

# test nginx and start the service up if you didn't mess anything up [chances are good for failure]
nginx -t
service nginx start

Download Turtl clients and test your install

Set the Turtl server under advanced settings to your shiny new server

Start enjoying your new notes server and have fun with one less Google service to rely on.

This Nginx config should work, but YMMV on your server.  Make sure to test on to verify your work. This config should give you a A+ as of March 2019.

server {
    listen 80 ;
    listen [::]:80 ;
    server_name YOURTURTLDOMAIN.COM;
    return 302 https://$server_name$request_uri;

server {
    # for a public HTTP server:
    # listen {{nginx_http_port}};
    # for a public HTTPS server:

    listen 443 ssl http2  ;
    listen [::]:443 ssl http2  ;

    # SSL requires extra configuration!
    server_name YOURTURTLDOMAIN.COM;

    ### SSL Stuff
	# Note: point to where you save your certs
    ssl_certificate /etc/nginx/ssl/YOURTURTLDOMAIN.COM/fullchain.cer;
    ssl_certificate_key /etc/nginx/ssl/YOURTURTLDOMAIN.COM/YOURTURTLDOMAIN.COM.key;

	# Generate Diffie-Hellman Parameters
    # openssl dhparam -out /etc/ssl/dhparam.pem 4096
    ssl_dhparam /etc/ssl/dhparam.pem;

    ssl_protocols TLSv1.2 TLSv1.1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;

    ssl_session_cache shared:TLS:2m;

    # OCSP stapling
    ssl_stapling on;
    ssl_stapling_verify on;

    # Set HSTS to 365 days
    add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
    location / {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_set_header X-NginX-Proxy true;
	# Point to your Turtl app instance port
      #proxy_redirect off;




Utopia Machine

Enthusiastic highly imaginative senior technologist with creative approaches to solving problems