"Demo" server mode (read-only and no authentication)

[FliegendeWurst]

It would be nice if the sync server can be run in a "demo" mode, where the database is opened read-only and no authentication is required.

The second part is already possible (noAuthentication=true in config.ini), but at the moment there is no way to make the database truly read-only.
Part of the problem is that the server offers RCE-as-a-service (api.runOnBackend / /api/script/exec), which could probably be used to bypass most protections in the code. It is fairly easy to open the database in read-only mode (pass { readonly: true } as options), but a lot of code just assumes the database is writable. So the user can easily get spammed with error messages about failed database writes.

I can imagine several use cases for a demo mode:

• Sharing a fully-functional view of a Trilium document. The current sharing functionality focuses solely on the note content.
• Something like https://github.com/Nriver/awesome-trilium, but with most projects integrated into a single demo instance. (This is what I'm working on currently.)

[SiriusXT]

Looking forward to seeing your demo in action! A read-only database can indeed impose some limitations and lead to unexpected bugs. Assigning a separate instance for each IP is a great idea—it allows for simulating isolated environments while maintaining data separation. We can also set up multiple distributed servers; once you're done, we can deploy them as well to help balance the load and improve stability.

[FliegendeWurst]

Assigning a separate instance for each IP is a great idea—it allows for simulating isolated environments while maintaining data separation.

Is a bit heavyweight, since each server instance eats about ~200 MB of RAM.

[FliegendeWurst]

I've begun implementing this in TriliumNext/Notes#2014