Draft for review
Goal: make the wiki reachable remotely without making day-to-day editing miserable. The plan assumes you’re happy to use VPN/Tailscale sometimes for sync.
Goal: make the wiki reachable remotely without making day-to-day editing miserable. The plan assumes you’re happy to use VPN/Tailscale sometimes for sync.
Obsidian Remote Wiki Access Plan
Published via the Hogwarts Nginx web root for easy review.
Executive summary
Obsidian works best when each device has a local vault. A pure network-mounted vault is possible, but it’s the most fragile option. The cleanest self-hosted path is:
- Local vault on each device
- Tailscale for secure access to the home network when needed
- Syncthing or Git to sync changes between devices
If you want the least-maintenance option, Obsidian Sync is the simplest. If you want control and don’t mind turning on VPN occasionally, Tailscale + Syncthing is the best fit.
Options reviewed
Option A — Obsidian Sync
- Simple setup
- No VPN needed for normal use
- Best UX if you value convenience
Trade-off: paid service, less self-hosted control.
Option B — Tailscale + Syncthing
- Self-hosted
- Each device keeps a local vault
- Good offline behaviour
Trade-off: more moving parts, but still sane.
Option C — Remote-mounted vault
- Looks simple on paper
- One shared location
- Can be accessed over VPN
Trade-off: most brittle if the link drops or a device sleeps.
Recommendation
Recommended Tailscale + Syncthing
- Keep the vault local on each device.
- Use Tailscale when you need to reach Hogwarts securely.
- Use Syncthing to keep the vault in sync.
- Only fall back to Obsidian Sync if you want a simpler hosted solution.
Why this is the best balance
- Obsidian remains happy because the vault stays local.
- VPN use is optional and can be limited to sync/admin moments.
- You avoid relying on a fragile network drive for daily editing.
- You keep control over where the data lives.
Proposed rollout
Phase 1 — Decide the sync model
- Confirm whether you want Obsidian Sync or Syncthing.
- If you want self-hosted control, choose Syncthing.
Phase 2 — Define the vault layout
- Pick the canonical vault folder name.
- Keep attachments inside the vault so links stay portable.
- Avoid syncing caches or app-specific junk.
Phase 3 — Secure remote access
- Use Tailscale for any access to the home machine or home services.
- Do not expose the vault directly to the public internet.
- Use LAN/VPN access for admin work, not a raw public share.
Phase 4 — Validate behaviour
- Test on two devices first.
- Confirm file conflicts are handled cleanly.
- Check that mobile/desktop both open the same notes correctly.
Risks to keep an eye on
- Conflict risk: two devices editing the same note offline at once.
- Sleep/roaming risk: network-mounted filesystems can get cranky.
- Exposure risk: a public share should not contain anything sensitive.
- Operational friction: if you dislike extra steps, Obsidian Sync may be worth it.
Decision points for you
- Do you want the simplest route, or the self-hosted route?
- Should the first setup target Tailscale + Syncthing?
- Do you want a public Nginx page for this plan only, or also a longer permanent wiki note?
If you approve this direction, I can turn it into a concrete setup checklist next.