obsidian-git-sync-mcp
A dockerised, self-hostable host that runs an Obsidian vault headlessly and serves it to MCP clients, with pluggable sync (git first).
README
obsidian-git-sync-mcp
A dockerised, self-hostable host that runs an Obsidian vault headlessly and serves it to MCP clients, with pluggable sync (git first).
It writes the vault filesystem directly, through the upstream
obsidian-web-mcp server, so
it is headless, containerisable, and sync-agnostic. That is the difference from
the common Obsidian MCP servers that drive the Obsidian desktop app via its
Local REST API plugin: those need a running desktop, a GUI session, and the
plugin. This one needs none of that — it serves a vault on disk, mirrors history
to git as a backup and audit trail, and (optionally) keeps human devices in step
via Obsidian Sync.
Architecture
The process is the upstream obsidian-web-mcp server with an in-process
GitSyncExtension loaded through its extension seam (serve([ext])). The
extension classifies vault changes into two event streams and funnels them to a
single git worker:
- MCP writes — files the upstream server writes on behalf of an MCP client,
committed with
mcp:messages. - Sweeps — a
.mdchange watcher plus a periodic timer that walks the whole tree (catching attachments and canvas the.mdwatcher cannot see), committed withsync:messages.
One git worker thread performs all git work: stage, commit, then a debounced local-wins rebase and push. MCP-written files can optionally have their frontmatter timestamp stamped before commit.
The Docker stack is two containers: an always-on mcp service, and an optional
obsidian-sync sidecar (opt-in via a Compose profile) that runs Obsidian
Headless Sync against the same vault working tree.
Quickstart
The vault must be a git working tree (the worker commits against it).
cp .env.example .env
# Edit .env: set VAULT_HOST_PATH (host path to your vault), VAULT_PATH
# (its path inside the container), and a strong VAULT_MCP_TOKEN.
docker compose up -d # mcp service only
Copied as-is, git sync is disabled — a safe, bootable no-op. To turn it on,
set in .env:
VAULT_GITSYNC_ENABLED=true
VAULT_GITSYNC_REMOTE=origin # or leave empty for commit-only (local backup, never pushes)
Pushing needs a credential the image must not bake in — mount an SSH deploy key
or use a token-bearing https remote configured in the vault. See the comments in
docker-compose.yml.
Every variable is annotated in .env.example, the configuration
source of truth.
Configuration
Upstream server (VAULT_*)
These belong to the upstream obsidian-web-mcp server; the deployment needs
them.
| Variable | Default | Meaning |
|---|---|---|
VAULT_PATH |
/vault |
Path to the vault git working tree inside the container. |
VAULT_HOST_PATH |
./vault |
Host path mapped to VAULT_PATH (Compose-only). |
VAULT_MCP_TOKEN |
— | Bearer token MCP clients must present. Required; set a strong random value. |
VAULT_MCP_PORT |
8420 |
Port the MCP transport listens on (and the port Compose publishes). |
VAULT_MCP_HOST |
0.0.0.0 |
Bind address. Must bind all interfaces inside a container to be reachable. |
VAULT_MCP_ALLOWED_HOSTS |
— | Extra hostnames allowed through DNS-rebinding protection (comma-separated). Add your proxy/tunnel hostname. |
VAULT_MCP_PUBLIC_URL |
— | Canonical public origin advertised in OAuth discovery and auth challenges. Empty = derive per request. |
VAULT_OAUTH_* |
see .env.example |
Optional OAuth (client id/secret, login gate, redirect URIs) for the Claude app browser integration. |
Git-sync extension (VAULT_GITSYNC_*)
Disabled by default. Set VAULT_GITSYNC_ENABLED truthy to turn the extension
on, then review the rest.
| Variable | Default | Meaning |
|---|---|---|
VAULT_GITSYNC_ENABLED |
(empty / off) | Master switch. true/1/yes/on enables; anything else disables. |
VAULT_GITSYNC_SWEEP_INTERVAL |
60 |
Seconds between periodic full-tree sweeps. Positive integer. |
VAULT_GITSYNC_REMOTE |
origin |
Remote to push to. Empty = commit-only (local backup, never pushes). |
VAULT_GITSYNC_BRANCH |
(empty) | Branch to push. Empty = the working tree's current branch. |
VAULT_GITSYNC_PUSH_DEBOUNCE |
10 |
Seconds the event queue must be quiet before the worker pushes batched commits. Positive number. |
VAULT_GITSYNC_PUSH_MAX_INTERVAL |
300 |
Upper bound (seconds) on time since last push, so sustained activity still pushes periodically. Positive number. |
VAULT_GITSYNC_GIT_AUTHOR_NAME |
(empty) | Commit author name. Empty = git's configured identity. |
VAULT_GITSYNC_GIT_AUTHOR_EMAIL |
(empty) | Commit author email. Empty = git's configured identity. |
VAULT_GITSYNC_STAMP |
(empty / on) | Frontmatter timestamp stamping. On by default; a falsey value (0/false/no/off) commits MCP-written files unstamped. |
VAULT_GITSYNC_HEARTBEAT_URL |
(empty) | Optional http(s) URL pinged after each successful push. Empty = disabled; never fires in commit-only mode. |
Obsidian Sync sidecar
The optional obsidian-sync sidecar runs Obsidian Headless Sync against the
same vault working tree, so a device edit synced down lands on disk where the
git-sync sweep commits it. It is opt-in via the Compose obsidian profile
(docker compose --profile obsidian up -d) and needs a one-time interactive
bootstrap that requires a real Obsidian account login. See
obsidian-sync/README.md for the bootstrap.
Exposure
Compose publishes only the MCP port; nothing else is exposed to the host. No tunnel is baked into the project. For remote access, put a reverse proxy, Cloudflare Tunnel, or Tailscale in front of the published port, then:
- add the public hostname to
VAULT_MCP_ALLOWED_HOSTS(so DNS-rebinding protection lets it through), and - set
VAULT_MCP_PUBLIC_URLto the canonical public origin (so OAuth discovery and auth challenges are pinned against Host spoofing).
Do not expose the published port directly to the internet.
Monitoring
Three independent layers, each answering a different question:
- Container healthcheck — a dependency-free TCP connect to the MCP port,
baked into the image
HEALTHCHECK(sodocker compose psreports health). Answers: is the port accepting connections? - Upstream liveness heartbeat (
VAULT_MCP_HEARTBEAT_URL) — the upstream server's outbound liveness ping. Answers: is the server process alive? - Git-sync push heartbeat (
VAULT_GITSYNC_HEARTBEAT_URL) — fired by the worker after each successful push. Answers: is sync actually reaching the remote? (Never fires in commit-only mode.)
Development
uv sync --extra dev
uv run pytest
This project consumes the upstream obsidian-web-mcp server and contributes
changes upstream rather than forking it. It loads through the upstream extension
seam (PR #57) and uses the write listener on the feat/write-listener branch
(PR #62); until that merges, the dependency is pinned to that git branch in
pyproject.toml and will be repinned to a released version
once it lands.
Development is spec-driven via OpenSpec
— proposals, designs, and specs live under openspec/.
Licence
MIT — see LICENSE.
推荐服务器
Baidu Map
百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Playwright MCP Server
一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。
Magic Component Platform (MCP)
一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。
Audiense Insights MCP Server
通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。
VeyraX
一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。
Kagi MCP Server
一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。
graphlit-mcp-server
模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。
e2b-mcp-server
使用 MCP 通过 e2b 运行代码。
Neon MCP Server
用于与 Neon 管理 API 和数据库交互的 MCP 服务器
Exa MCP Server
模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。