Syncing Notes with Obsidian

In a previous post I mentioned my quest for an interoperable successor to OneNote, and how I ended up settling with Obsidian. I often braindump in bed, before picking up the ideas and fleshing them out on a computer the next day. This means I need to synchronise Obsidian between my computers and phone.

I have an iPhone, a GNOME personal laptop and a work MacbookPro. I need a solution to synchronise Obsidian between all those devices, that doesn’t store data unencrypted on a machine I don’t own, and that is sustainable. Let’s cover the most popular solutions and why I decided to go with Obsidian Sync.

One of the key strengths of Obsidian is the interoperable format it relies on. This is true for notes themselves which are plain markdown files, but also for the Obsidian Vaults. A Vault is nothing more than a plain filesystem folder. This enables users to try various synchronisation solutions. In this article I’m testing Syncthing, iCloud, the Obsidian Git plugin, manual git synchronisation, and Obsidian Sync.

Syncthing

Syncthing is a file synchronisation solution. It relies on the Block Exchange Protocol to keep the files on several devices in sync, thanks to a Syncthing client installed on each of them. If the devices are on a typical unrestricted home network they should be able to talk to one another directly. If they are on different networks, Syncthing can connect them over the Internet by relying on a Discovery Server and a Relay Server. All the devices that wish to participate in the synchronisation cluster need to have the Syncthing CLI installed or a GUI wrapper for it.

Syncthing offers public Discovery and Relay servers by default, but those can be self-hosted too. According to the Security section of Syncthing’s documentation, ”All device to device traffic is protected by TLS.” and ”Any data exchanged between the two devices is encrypted […] and not subject to inspection by the relay.”. The data isn’t stored anywhere other than on the clients kept in sync.

There are two major downsides to syncthing itself:

  • You need to have devices online at the same time for the synchronisation to happen
  • The conflict resolution happens at the file level only. If you edited a list of tasks on different devices that weren’t talking to one another

The Syncthing project doesn’t offer an iOS app although there is a third-party client for iOS. There are community wrappers around the upstream CLI to support macOS and Linux devices.

Syncthing is backed by the Syncthing Foundation whose annual report for the 2020 fiscal year (the last published one) shows that more money goes in than out. Syncthing also exists since 2015 and seems to have a steady development pace. It seems to be a sustainable solution.

I didn’t try the third-party iOS app but I’m not too confident it can be configured once and forgotten about: iOS prevents apps from running background tasks longer than 30s. If iOS allowed me to configure Syncthing once and forget about it, this is probably the solution I would have picked. I would also have bought an Obsidian Catalyst licence to support the development of the app.

CriterionPasses
Works on iOSThird-party app
Works on macOS
Works on GNOME
Doesn’t store data unencrypted on a server
Is sustainable

iCloud

When creating a new vault, Obsidian has an toggle to enable iCloud Sync. This option cannot be changed after the vault creation.

A screenshot of Obsidian when creating a new vault.

iCloud is Apple’s set of service that comes with any Apple device. It obviously works on iOS and macOS, but Apple is notorious for making its devices and services a “walled garden”. There is unsurprisingly no native way to access iCloud Drive files on GNOME.

Apple is advertising itself as a company respectful of their user’s privacy. It encrypts data in transit and at rest. Apple is also a company selling services to the general public, and End-to-End Encryption can sometimes be a footgun: if you lose the keys used to encrypted your files, they become completely unreadable and there is nothing anyone can do about it. The “forgot my password” option technically no longer exists.

Understandably, Apple keeps a copy of the keys used to encrypt data on their services by default, but it’s possible to turn on Advanced Data Protection so the keys only live on end users devices.

I don’t think I need to expand on Apple’s profitability and sustainability.

CriterionPasses
Works on iOS
Works on macOS
Works on GNOME
Doesn’t store data unencrypted on a serverOnly with Advanced Data Protection enabled
Is sustainable

Obsidian Git plugin

Obsidian supports plugins to extends its features. It has Core Plugins, supported by upstream, and Community Plugins. I usually consider community plugins to be a liability (one thing I want to explore in a future blog post) and avoid them as much as possible, although they can be useful.

There is a community Obsidian Git plugin that supports committing changes and pushing them to a git repository. The plugin itself is quite cumbersome to set-up. While relying on the command palette gives flexibility for advanced use cases, it can be quite discouraging during the onboarding.

Trying to do a backup of my notes triggers an error.

Some fields seem to appear in the configuration between when I first log in and when I first try to ship my changes in the repository.

The vault is synchronised with a git repository, which means the notes are stored unencrypted on a remote server, e.g. Github, although I could self-host the git repo where the notes are sent. I want to avoid having my notes unencrypted on a server, regardless of whether I own the server or not: if my server was breached, all my notes would leak. This is already a show-stopper for me, but I thought it was interesting to cover this plugin for people with a different threat model.

The synchronisation doesn’t happen automatically by default. I need to create a backup via the command palette.

There is an Automatic Backup feature, but… even as a regular user of git it asks me a lot when setting it up. I am easily distracted and regularly take notes in situations where it’s not my primary focus. I would certainly screw this up. Overall, this plugin seems to be powerful and very advanced users who care about the commit history of their vault might be happy with it. But it’s too git centric for me: I don’t want to use git to sync notes, I want to sync notes and git happens to be a medium that works for it.

The current (sole) maintainer is a student, accepting donations on Ko-Fi to support their work. The plugin is developed at a steady pace, with regular releases. It’s open source, which in theory means it’s possible to take over maintainership if the current maintainer didn’t have the time to maintain it anymore after their studies. In practice nothing guarantees it, which is why I don’t want to rely on a team of one maintaining it on their free time.

While this solution doesn’t fit the bill for me, advanced users who want more control over how their backups work should give it a go. Needless to say the audience for this plugin is probably developers.

CriterionPasses
Works on iOS😵‍💫
Works on macOS😵‍💫
Works on GNOME😵‍💫
Doesn’t store data unencrypted on a server
Is sustainable

Manually syncing with git

Working Copy is a git client for iOS that allows you to manually synchronise the content of a directory with a git repository. The app can be configured to follow a directory, so you can make it track your Obsidian Vault folder.

You have much more control over how to synchronise your notes and resolve potential conflicts that you would have with the Obsidian Git plugin. This solution is even more git centric than the previous one: you need to pull, resolve conflicts, commit and push manually every time you want to sync your vault.

On the computer side, your regular git client or CLI will do the trick and you will be able to synchronise your vault manually this way too.

While this solution feels sturdier and more sustainable than the Obsidian Git plugin, it keeps getting in the way for people like me who just want their notes to be synchronised and don’t need advanced setups. This is an option developers who want a lot of control over their backups should consider too, but it’s probably too difficult to use for the general public.

CriterionPasses
Works on iOSThird-party app
Works on macOS
Works on GNOME
Doesn’t store data unencrypted on a server
Is sustainable

Obsidian Sync

Obsidian’s editor is selling a synchronisation service called Obsidian Sync. For $10/month it offers up to 5 Remote Vaults for a total of up to 10GB of End-to-End Encrypted (E2EE) notes and files. It’s built into the app, so it works on all the platforms Obsidian supports (in my case iOS, macOS and GNOME).

Obsidian Sync is E2EE, and similarly to what Apple does with iCloud, Obsidian offers two key management modes:

  • End-to-end encryption, where the Obsidian client encrypts the vault on your device with an encryption key derived from a password, before it’s sent to Obsidian Sync’s servers.
  • Managed encryption, for which it’s difficult to find more technical details. It seems to be the regular E2EE mode, except Obsidian generates and manages the encryption password for you. This means the notes are end to end encrypted, but Obsidian Sync’s servers are one of the ends… so they technically could read them.

Same as for Apple, there is no malice with the “managed encryption” mode. E2EE can backfire and Obsidian is only providing an opt-in way to weaken the protection against them, to make sure you don’t lose access to your notes.

One key strength of Obsidian Sync is that is performs automatic conflict resolution, using Google’s diff-match-path algorithm.

I find the pricing to be frankly high for a synchronisation service. It also pays for all the design and development work which eventually helps with Obsidian’s sustainability and quality overall. Whether it is worth $10/month or $96/year is entirely up to you.

CriterionPasses
Works on iOS
Works on macOS
Works on GNOME
Doesn’t store data unencrypted on a server
Is sustainable

Conclusion

Obsidian Sync is very expensive, and I don’t blame anyone for thinking that $10/month is too expensive to synchronise markdown notes, even with a very polished editor.

I’m not too fond of subscriptions in general. I would rather pay a higher price every major release of the app and either host the synchronisation service myself. This is not likely to happen though because this would work against Obsidian’s main source of revenue.

With all that said, I’m happy that Obsidian offers a sync service: self-hosting remains an option only a few privileged ones can afford, and as self-hosters we can sometimes be reckless.

CriterionSyncthingiCloudGit PluginManual GitObsidian sync
Works on iOSThird party app😵‍💫Third-party app
Works on macOS😵‍💫
Works on GNOME😵‍💫
Doesn’t store data unencrypted on a machine I don’t controlOnly with Advanced Data Protection enabled
Is sustainable

Going further

If you’re curious and want to find other solutions, I recommend you to try the two following plugins for Obsidian:

  • Obsidian Syncthing Integration is a plugin to perform vault synchronisation via syncthing, from Obsidian itself. It solves the issue of running in the background. The plugin seems young, but it’s really promising and I will certainly keep an eye on it.
  • Remotely Save, a plugin to sync your vault with a S3 bucket, Dropbox, OneDrive, WebDAV (Nextcloud compatible) and much more. This means storing notes unencrypted on a server, which is a no-go from me, but it might be of interest for others.