Skip to content

Administration

The Settings area gives you tools to manage your TiniVault instance — backups, storage, members, email configuration, and application settings.

Open Settings in the sidebar navigation, then pick the relevant section from the sub-navigation: Storage has its own page, while Admin holds the Settings, Members, Backup & Restore, and Email sections. You must be logged in as an administrator.

Backup & Restore

Regular backups protect your data. TiniVault makes backing up and restoring straightforward.

Creating a Backup

  1. Go to Settings → Admin in the sidebar and open the Backup & Restore section
  2. Click Download Backup
  3. A .zip file is downloaded to your device

The backup contains:

  • Your entire database (all items, fields, tags, templates, saved views, and settings)
  • All uploaded files (PDFs, images, documents)
  • All generated thumbnails

Keep your backup files somewhere safe — an external hard drive, cloud storage, or email them to yourself.

Admin page showing backup and restore section with download and upload buttons

Restoring from a Backup

WARNING

Restoring from a backup replaces all current data with the contents of the backup. This cannot be undone.

  1. Go to Settings → Admin in the sidebar and open the Backup & Restore section
  2. Click Restore from Backup
  3. Select your .zip backup file
  4. Confirm that you want to replace the current data
  5. Wait for the restore to complete (this may take a moment for large backups)
  6. TiniVault will restart and load the restored data

When to Backup

  • Before making major changes (e.g., deleting many items, restructuring tags)
  • Regularly — weekly or monthly, depending on how often you add new items
  • Before server updates

Storage Management

Over time, you may accumulate files that are no longer linked to any items. These orphaned files take up space and can be cleaned up safely.

Viewing Storage Usage

The Storage page shows your current storage usage — total files, total thumbnails, and disk space used.

Cleaning Up Orphaned Files

Orphaned files are files that exist on the server but aren't attached to any item (this can happen if an item was deleted without deleting its files, or if an upload was interrupted).

  1. Go to Settings → Storage in the sidebar
  2. Click Clean Up Orphaned Files to identify and remove files with no linked item
  3. Confirm the cleanup

The cleanup is safe — it only removes files that have no item referencing them.

Storage page showing disk usage and cleanup buttons

Email Configuration

Email must be configured to use Triggers & Automation features.

Configuring Email (SMTP)

Configure SMTP in Settings → Admin → Email (or via environment variables). The fields are:

  • SMTP server address, port, and TLS
  • Username and password
  • From address — the sender shown on outbound email
  • Recipient — where email actions are sent (test email, schedule, and trigger emails)

Testing Email

Once configured, you can verify the email settings work:

  1. Go to Settings → Admin in the sidebar
  2. Find the Email section
  3. Click Send Test Email
  4. Check your inbox — you should receive a test message within a few minutes

If the test email doesn't arrive, check with your administrator that the SMTP settings are correct.

Settings

Application-wide settings are available in the Settings section.

Date Format

Choose how dates are displayed throughout the app:

  • DD/MM/YYYY — day first (used in UK, Europe, Australia)
  • MM/DD/YYYY — month first (used in USA)
  • YYYY-MM-DD — ISO format (international standard)
  1. Go to AdminSettings
  2. Select your preferred date format
  3. Click Save

AI Language

If AI features are enabled, you can set the preferred language for AI responses. This affects the language the AI uses when chatting and describing items.

Settings page showing date format dropdown and AI language selector

Members

TiniVault is invite-only — an admin adds every account from Settings → Members.

Roles

Every member has one of two roles:

  • Admin — full access: create, edit, and delete items and everything else, plus manage members, settings, backups, and email.
  • Viewer — read-only: can browse and search everything, but every create/edit/delete control is shown disabled (hover shows why). The Members and Admin settings pages are admin-only — they don't appear in a viewer's settings navigation at all. Viewers can't change their own password or email either; if a viewer forgets their password, an admin resets it (see below) or, if they have an email on file, they use Forgot password?.

Existing accounts are all admins. Read-only enforcement is server-side, so a viewer can't make changes even outside the UI.

Adding a member

  1. Go to Settings → Members and click + Member.
  2. Pick a username for them (this is what they'll log in with — it can be changed later), optionally add their email, and choose their role (Viewer by default).
  3. Finish with one of:
    • Create & Invite (needs an email) — they get an email with a link to set their own password. If the email doesn't arrive, use ⋯ → Copy invite link on their row and send it yourself. The row shows Invited until they join; Resend and Revoke live in the same menu.
    • Create — the account is created without a password (badge: No password) and no email is sent. Hand them access via ⋯ → Reset password: type a password for them, or give them a single-use link (valid 24 hours) so they pick their own.

An invited person opens the link, sees their username, sets a password, and is signed in automatically. When single sign-on is enabled they can click their SSO provider on the login page instead — signing in with the invited email accepts the invitation automatically and the emailed link stops working.

Resetting a member's password

Open ⋯ → Reset password on their row. Three options:

  • Set password — you type their new password and tell them. You'll know it until they change it.
  • Copy link — a single-use reset link (valid 24 hours) to hand over however you like. They pick their own password; you never see it.
  • Email link — the same link, mailed to their address on file.

Either way, all of their existing sessions are signed out. You can't reset your own password here — use your Account page. Give members an email address where possible: a member without one can never recover or change their password on their own.

Editing a member

⋯ → Edit changes their username, email, and/or role. A renamed member logs in with the new username from then on — tell them, and remind them to update their password manager. Invites, password resets, and SSO sign-in all use the member's email — whoever controls that mailbox at your SSO provider can sign in to the account, so type it carefully.

Changing a member's role

Open ⋯ → Edit on their row and pick the new role. The change takes effect immediately, even mid-session. You can't demote the last remaining admin (that would lock everyone out of administration).

Enabling / disabling an account

⋯ → Disable account locks an account without deleting anything: they're signed out everywhere and can't sign in — by password or single sign-on — until you re-enable it. You can't disable your own account or the first account. You can still Set password on a disabled member (handy for prepping the guest account, or rotating a password before re-enabling) — the account stays locked until you enable it, so the new password doesn't grant access on its own. The shareable Copy link / Email link options aren't offered while an account is disabled: a reset link can't be redeemed until it's enabled. (Changing your own role or status isn't offered — manage your own account from the Account page.)

Removing a member

  • Revoke (pending invites) cancels the invite link only. The account stays as No password — you can still let them in later with a reset link, or delete the row.
  • ⋯ → Delete permanently removes the account, its sessions, and its notifications. There is no undo. You can't delete yourself, and the first account (the original admin, marked protected) can never be deleted — so there is always a way back in.

The first account is special

The original admin row is the install's recovery root. It can never be deleted, disabled, renamed, or have its role changed — by anyone, itself included. Its email and password are fully self-controlled: only that account can change them (Account page, or its own row's Edit). Other admins can't re-point its email, set its password, or mint a reset link for it — any of those would let a co-admin sign in as the root.

Every action here — creating, inviting, resetting, editing, deleting — is recorded in the audit log with who did it.

The built-in guest account

Every install ships with a guest account (a Viewer) that is disabled by default, so it's inert until you turn it on. To offer a read-only demo login: open ⋯ → Reset password on the guest row, set a password of your own, then Enable the account.

⚠️ guest ships with the well-known password guest — always set your own before enabling it on anything but a throwaway instance.

If the only admin is locked out

The seeded admin account has no email, so Forgot password? can't help it — and no other admin can reset the first account's password (see above). Two tips:

  • Add an email to the first account (Account page) so the email reset works — do this early.
  • For any other admin, a colleague admin can reset them. Only the first account has no rescue path beyond its own email; without one, recovery means editing the database directly (set a new Argon2id hash on the account row).

Security

Changing Your Password

It's important to change the default password (admin) immediately after first login.

  1. Click your username in the top-right corner
  2. Select Account
  3. Under Security, click Change Password
  4. Enter and confirm your new password
  5. Click Change Password

Choose a strong password that you haven't used elsewhere. You can also set your email address on the Account page (used for password resets and matching single sign-on).

Viewer accounts are read-only, so the Change Password and email controls are shown disabled for them — a viewer who needs a new password uses the Forgot password? email reset below.

Pinning the admin password from the environment

Operators can pin the built-in admin's password with the ADMIN_PASS environment variable (see Self-Hosting → Environment Variables). When it's set, the admin signs in with that value and the Change Password control is disabled with a hint — the password is managed by the server, not the app. It's a login-time override: the stored password is never overwritten, so removing ADMIN_PASS restores the previous database password and re-enables in-app changes. While it's set, Forgot password? won't reset the admin either.

Forgot Your Password?

If you can't sign in, you can reset your password by email — provided your account has an email address set.

  1. On the sign-in page, click Forgot password?
  2. Enter your email address and click Send reset link
  3. Open the email and click the reset link (it expires in 1 hour)
  4. Enter and confirm a new password, then sign in with it

For privacy, the confirmation message is the same whether or not an account exists for that email. If no email arrives, the address may not be set on any account — ask an administrator. (Accounts without an email address, including ones that only use single sign-on, can't use email reset.)

Logging Out

Click your username in the top-right corner, then select Log Out.

Security reminder

  • Change the default admin / admin credentials immediately
  • Log out when using TiniVault on a shared or public computer
  • Keep your TiniVault server behind your home network or VPN if possible

TiniVault · Family Asset Management · MIT License