Syncing Obsidian Across Devices with Syncthing and a Home Server

I use Obsidian for all my notes: projects, recipes, finances, travel plans, everything. OK, that’s a lie. I use Notion as well. I’ve been trying to migrate over to Obsidian for years. The main reason why I haven’t yet done it is a seamless sync between my MacBook and my Android phone without relying on a cloud service. Obsidian Sync exists, but I already have a home server running 24/7. So, why not use it?

Syncthing is an open-source, peer-to-peer file synchronization tool. No central server, no account, end-to-end encrypted. Exactly what I needed.

My setup

My home server is an HP EliteDesk running Proxmox VE. Inside it:

LXC 100 — Caddy reverse proxy (192.168.21.51)
VM 101 — production-docker (192.168.21.52) running Docker with a UFW firewall

I already use this setup to host Calibre Web for my ebook library and Umami for website analytics. A 40 GB virtual drive called “Dionysus” (thanks Yann), mounted at /dionysus, stores all persistent data.

The plan: run Syncthing as a Docker container on VM 101, store the vault on Dionysus alongside my Calibre library, and sync to my MacBook and phone. The server acts as an always-on hub. Even if my laptop is asleep when I edit a note on my phone, the changes flow through the server and sync to the MacBook when it wakes up.

Step 1: Syncthing on the server

I created directories for the Syncthing config and the vault data:

mkdir -p /home/ilias/docker/syncthing/config
mkdir -p /dionysus/obsidian/vault

The config lives alongside my other Docker services (/home/ilias/docker/syncthing/), while the actual vault data goes on the Dionysus drive.

Here’s the docker-compose.yml:

services:
  syncthing:
    image: syncthing/syncthing:latest
    container_name: syncthing
    hostname: hp-elitedesk-syncthing
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ./config:/var/syncthing/config
      - /dionysus/obsidian/vault:/var/syncthing/data
    network_mode: host
    restart: unless-stopped
    healthcheck:
      test: curl -fkLsS -m 2 127.0.0.1:8384/rest/noauth/health | grep -o --color=never OK || exit 1
      interval: 1m
      timeout: 10s
      retries: 3

network_mode: host is important: Docker’s default bridge networking breaks Syncthing’s local device discovery. Without it, devices on the same LAN won’t find each other automatically.

cd /home/ilias/docker/syncthing
docker compose up -d

Step 2: Firewall rules

Syncthing needs a few ports open on the VM:

sudo ufw allow 22000/tcp comment 'Syncthing sync'
sudo ufw allow 22000/udp comment 'Syncthing QUIC sync'
sudo ufw allow 21027/udp comment 'Syncthing local discovery'
sudo ufw allow from 192.168.21.0/24 to any port 8384 proto tcp comment 'Syncthing GUI (LAN only)'

Port	Protocol	Purpose
22000	TCP+UDP	Sync protocol + QUIC
21027	UDP	Local discovery
8384	TCP	Web GUI (LAN only)

The GUI is restricted to the local network. For remote access, I use Caddy (more on that later).

Step 3: Secure the GUI

The Syncthing web GUI is available at http://192.168.21.52:8384. First thing: set a username and password under Actions > Settings > GUI. Then note the Device ID. You’ll need it to connect other devices.

Step 4: macOS setup

On my MacBook:

brew install syncthing
brew services start syncthing

The GUI opens at http://127.0.0.1:8384. I added the server’s Device ID via + Add Remote Device, then accepted the connection on the server side.

On the server GUI, I created a shared folder:

Folder Label: Obsidian Vault
Folder ID: obsidian-vault (must match exactly on all devices)
Folder Path: /var/syncthing/data (maps to /dionysus/obsidian/vault on the host)
Folder Type: Send & Receive
File Versioning: Staggered (keeps recent versions frequently, older versions at increasing intervals. This is a safety net against accidental deletions propagating everywhere)

On the MacBook I accepted the folder and pointed it to ~/ObsidianVault. Since the vault already existed on my MacBook, Syncthing detected the matching files and skipped re-transferring them.

Step 6: Android setup

The original Syncthing Android app is deprecated. Install Syncthing-Fork (by catfriend1) from F-Droid.

Critical Android settings:

Disable battery optimization: Android Settings > Apps > Syncthing-Fork > Battery > Unrestricted. Without this, Android kills the app in the background and sync stops.
Grant All Files Access: needed on Android 11+ to sync files outside the app’s own directory.

Then add the server’s Device ID, accept on the server side, and accept the shared folder pointing to /storage/emulated/0/ObsidianVault. Install Obsidian from the Play Store and open the vault from that path.

Step 7: The .stignore file

Syncthing’s .stignore file works like .gitignore. It tells Syncthing which files to skip. This file is not synced between devices, so you need to create it on each one separately, in the root of the vault.

// Obsidian workspace state (device-specific, changes constantly)
.obsidian/workspace.json
.obsidian/workspace-mobile.json

// OS junk
.DS_Store
Thumbs.db
._*

// Temp/lock files
*.tmp
~*

The workspace.json ignore is the most important one. This file changes every time you click anything in Obsidian. Without ignoring it, you’d get constant sync activity and frequent conflicts.

Step 8: Remote access

Direct sync from anywhere

On my local network, devices connect directly. But away from home, Syncthing falls back to relay servers. They are encrypted, but slower. To enable direct connections from anywhere, I added a port forwarding rule on my Unifi UDR7 router:

Port: 22000 (TCP + UDP)
Forward to: 192.168.21.52:22000

Web GUI via Caddy

I already have Caddy reverse-proxying other self-hosted services. Adding the Syncthing GUI was one more block in the Caddyfile:

syncthing.example.com {
        header {
                X-Content-Type-Options nosniff
                X-Frame-Options DENY
                X-XSS-Protection "1; mode=block"
        }
        reverse_proxy 192.168.21.52:8384 {
                header_up Host {upstream_hostport}
                header_up X-Scheme https
        }
}

After adding a DNS record in Cloudflare and reloading Caddy, the GUI was accessible from anywhere.

The result

I now have my Obsidian vault syncing across three devices with no cloud dependency:

Home server — always-on hub, stores the vault on a dedicated virtual drive
MacBook — full bidirectional sync
Android phone — full bidirectional sync

Editing a note on my phone while on the go, then picking up right where I left off on my laptop at home. It just works! And if anything goes wrong, staggered file versioning keeps old versions around for recovery.

Total cost: a bit of time setting it up, and zero monthly fees.

I wonder, however, how much battery the Syncthing-Fork app will consume on my phone. To be continued…