An offline first, self hostable note taking application
Anchor focuses on speed, privacy, simplicity, and reliability across mobile and web. Notes are stored locally, editable offline, and synced across devices when online.
- Rich Text Editor - Create and edit notes with powerful formatting (bold, italic, underline, headings, lists, checkboxes)
- Offline First - All edits work offline with local database
- Note Sharing - Share notes with other users (viewer or editor)
- Tags System - Organize notes with custom tags and colors
- Attachments - Attach images and audio to notes
- Note Backgrounds - Customize notes with solid colors and patterns
- Pin Notes - Pin important notes for quick access
- Archive Notes - Archive notes for later reference
- Search - Search notes locally by title or content
- Trash - Soft delete notes with recovery period
- Automatic Sync - Sync changes across devices when online
- Admin Panel - User management, registration control, and system statistics
- OIDC Authentication - Sign in with OpenID Connect providers (Pocket ID, Authelia, Keycloak, etc.)
-
Create a
docker-compose.ymlfile:services: anchor: image: ghcr.io/zhfahim/anchor:latest container_name: anchor restart: unless-stopped ports: - "3000:3000" volumes: - anchor_data:/data volumes: anchor_data:
-
(Optional) Configure environment: Add environment variables to the
environmentsection. Most users can skip this step - defaults work out of the box.Available options:
Variable Required Default Description APP_URLNo http://localhost:3000Base URL where Anchor is served JWT_SECRETNo (auto-generated) Auth token secret PG_HOSTNo (empty) External Postgres host (leave empty for embedded) PG_PORTNo 5432Postgres port PG_USERNo anchorPostgres username PG_PASSWORDNo passwordPostgres password PG_DATABASENo anchorDatabase name USER_SIGNUPNo (not set) Sign up mode: disabled,enabled, orreview. If not set, admins can control it via the admin panelOIDC_ENABLEDNo — Enable OIDC authentication OIDC_PROVIDER_NAMENo "OIDC Provider"Display name for the login button OIDC_ISSUER_URLWhen OIDC enabled — Base URL of your OIDC provider OIDC_CLIENT_IDWhen OIDC enabled — OIDC client ID OIDC_CLIENT_SECRETNo — OIDC client secret. Omit for public client (PKCE) DISABLE_INTERNAL_AUTHNo falseHide local login form when OIDC is enabled (OIDC-only mode) -
Start the container:
docker compose up -d
-
Access the app: Open http://localhost:3000
To test upcoming features before they are officially released, use the next tag:
services:
anchor:
image: ghcr.io/zhfahim/anchor:next
container_name: anchor
restart: unless-stopped
ports:
- "3000:3000"
volumes:
- anchor_data:/data
volumes:
anchor_data:Warning: The
nextimage is built from thenextbranch and may contain incomplete features or breaking changes. Do not use it in production. Back up your data before switching.
If you want to build from source or customize the image:
-
Clone the project:
git clone https://github.com/zhfahim/anchor.git cd anchor -
Start the container:
docker compose up -d
The
docker-compose.ymlfile will build the image from source automatically.
Download the Android mobile app.
-
Visit the releases page: Go to GitHub Releases.
-
Download the latest release: Multiple APK files are available:
- Universal APK (
anchor-{version}.apk) - Recommended for most users, works on all devices - Architecture-specific APKs - Smaller file sizes for specific CPU architectures
- Universal APK (
Anchor supports OpenID Connect (OIDC) authentication for simplified credential management and streamlined multi-user deployments.
- Support for standard OIDC providers (Pocket ID, Authelia, Authentik, Keycloak, etc.)
- Configuration via environment variables or admin settings UI
- OIDC only mode: disable local username/password login
- Support for public OIDC clients (PKCE, no client secret required)
- Auto create users on first login (if user signup is not disabled)
- Auto link existing users by email
If you want to use OIDC in the mobile app, configure Anchor as a Public client (PKCE, no client secret) in your OIDC provider. Add this redirect URI in your OIDC provider:
anchor://oidc/callback
When configuring your OIDC provider for web login, add this callback/redirect URL:
{APP_URL}/api/auth/oidc/callback
For example, if your Anchor instance is at https://notes.example.com, the callback URL would be:
https://notes.example.com/api/auth/oidc/callback
Configure OIDC via environment variables in your docker-compose.yml. Pocket ID example:
services:
anchor:
image: ghcr.io/zhfahim/anchor:latest
environment:
- OIDC_ENABLED=true
- OIDC_PROVIDER_NAME=Pocket ID
- OIDC_ISSUER_URL=https://pocketid.example.com
- OIDC_CLIENT_ID=your-client-id
- OIDC_CLIENT_SECRET=your-client-secret # Optional for public clients
- DISABLE_INTERNAL_AUTH=false
- APP_URL=https://notes.example.comAlternatively, configure OIDC via the admin panel (Settings → OIDC Authentication) when the three env vars are not all set.
Future planned features:
- Reminders and notifications
- Real-time collaboration
- Backend: Nest.js, PostgreSQL, Prisma
- Mobile: Flutter
- Web: Next.js, TypeScript
- Fork the repository
- Create a feature branch:
git checkout -b feature/your-feature
- Make your changes
- Ensure builds pass:
- Web:
cd web && pnpm build - Server:
cd server && pnpm build
- Web:
- Commit changes:
git commit -m "Describe your change" - Push and create a Pull Request
If you find Anchor useful, consider supporting its development:
This project is licensed under the GNU Affero General Public License v3.0 (AGPL v3) - see the LICENSE file for details.