Diego

If you don't have a network proxy you don't need to populate that field.

I use Watchtower, it will automatically update all your containers:
https://github.com/containrrr/watchtower

You can just go to %localappdata% and zip the SiYuan folder in there. The app will be portable but your worspace is not in that folder, it's proibably under C:\Users\%username%\SiYuan, so remember to carry it around along the app and point to it every time you open the portable SiYuan in a new machine.

If you want to access a machine in your home network from public internet you need a couple of things:

• NAT, or more specifically, PAT (Port Address Translation). This has to be configured in your router and it will map the internal IP and port of the service you want published to the internet to a port on your public IP address. You must check your router manual to find out how to do this.
• If your IP address is not static (most consumer-grade Internet services use a dynamic IP address) you probably will want to use a dynamic DNS service. Duck DNS is free and there are numerous solutions that will automate the process of updating your public IP address and map it to a domain name.

With this you will expose SiYuan on public internet, for anybody to try and break the SiYuan password. So set a strong one. I personally put my infrastructure behind Authelia, which adds another layer of authentication, requiring me to grant access from an app in my smartphone (Duo).

On top of that, all the traffic between any browser and SiYuan won't be encrypted, this means, HTTP instead of HTTPS, so the traffic can be inspected in transit. I personally use a reverse proxy, NGINX, to make the traffic secure with the use of signed certificates.

As I told Eric, these are very advanced topics which are probably beyond the scope of this forum, but you have some key words to google about if you want to learn more about these topics.

Usually the UID 1000 is assigned to the first user created, that's the user without privileges that "uses" the system (as you shouldn't be interacting with the system as root unless necessary).

So the default "1000:1000" suggested is intended for your regular user being the one running docker. If you created a dedicated user for this purpose, that UID and GID should match the one of that user (maybe 1001?).

You can list the UID of your users with:

cut -d: -f1,3 /etc/passwd

This is not a speciffic topic for SiYuan, it's a Docker topic and maybe the best forum to address docker permission issues spining containers is the source of the guide you used to install docker in your machine.

If I understand correctly your scenario, you might find it much easier to just enable the option "Network Serving" from within SiYuan, under "Settings" -> "About".

NOTE: Please remember to set a strong password under "Settings" -> "About" -> "Access authorization code".

That will make your SiYuan instance accessible from a web browser in the IP address of your Surface, no need to run a VM with Ubuntu or deploy a container.

The docker container is much more suitable for people that already have a setup at home running docker, probably a dedicated "home server", this makes it very easy for them to just add another container to their existing infrastructure.

Hi, I have not tried the "local-only" scenario as I want to have synchronization when I'm not at home, but I've tried both WebDAV (using my NextCloud server) and S3 (using Minio), and S3 is WAY BETTER.

Also, as far as I can see, you can run Minio in a Raspberry Pi:
https://medium.com/@ayusun/beginners-guide-to-setup-private-cloud-storage-using-raspberry-pi-541ff1ef8f3b

The basic Minio configuration, once it's up and running and you access the management console:

1. Create a new bucket and make it public access
2. Generate a set of Access Keys, save the details
3. Set Region to something, like "us-east-1" (it doesn't matter, but it has to match the S3 config in SiYuan)

You will probably have to set the "TLS Verify" option to "Skip" under the S3 configuration as being local-only you won't be able to get certs.

Also, if you cannot do exotic DNS stuff at home (you would need to have a subdomain for the bucket but you are probably reaching the Raspberry Pi by IP), you probably want to use the "Path-style" addressing, also under the S3 configuration:

If you feel adventurous, and your Raspberry Pi can handle it, you could setup containers on it:

• SWAG to act as a reverse proxy that will route the home Minio traffic to public interntet, and automatically renew certificates so you can enable TLS. You can add stuff in here like blacklisting countries you don't want to reach your home and it has "Fail2Ban" which can detect suspicious activity and ban those IPs.
• DuckDNS if your public IP is not static to have a free domain on public internet so you can call home from anywhere and sync.
• Minio as the S3-compatible object storage to sync SiYuan.

This trick might be useful for somebody: a second calendar panel. For me it's very annoying having to select the different notebooks from the drop-down menu. I want to see both.

As shown above, you can edit the plugin.json and change the name of the plugin (which must match the folder name). This means you can:

• Make a copy of the folder, call it "second-calendar-with-first-day-of-the-week"
• Then edit the plugin.json file inside and modify the second line so it shows:

  {
  "name": "second-calendar-with-first-day-of-the-week",
  [...]
  }
  

You might need to restart SiYuan, make change the panel position to top left/right and back to "Dock" for the second button to show up, then you can set one of them to "Right Top" and the other one to "Right Bottom", so they are both in the same dock.

This way you can have two Calendar Panels set for two different Notebooks:

For those thinking about self-hosting an S3-compatible object storage for SiYuan, it's totally worth it.

I've used Minio in a docker container, with SWAG to take care of the certs, and it works great. Much better than WebDAV, and being in Europe, there is a benefit in speed compared to using a server in another country, as latency impacts more the sync speed than bandwidth.

Just an advice, if somebody wants to use Minio, I recommend to avoid issues with the fourth-level domain needed for the S3 bucket by changing the mode in SiYuan Cloud config to "Path-style". You just need a minio.yourdomain.com subdomain, and both your certs and your NginX config will be much cleaner.

• Go to Settings -> About
• Enable "Network Serving"
• After SiYuan restarts, set a strong password under Settings -> About -> "Access authorization code"
• Now you can access SiYuan in your Android device from a browser in the LAN, just use a computer to access <YOUR_ANDOIRD_DEVICE_IP>:6806
• If you don't have a computer in the network you might be able to access from your own phone/tablet by navigating to http://127.0.0.1:6806/ and enabling the desktop mode, which will show the full interface for big screens. I haven't tested this scenario.
• With the full interface now you can enable plugins by going to Settings -> Marketplace -> "Trust"
• The Plugin "monaco-editor" or "Integrated Edit Environment" will allow you to browse the folders in your workspace and edit the files, including templates.

This is an example on my machine:

You should give more details about your setup, what Linux distro, how did you install docker, what docker-compose.yml did you use to deploy the container, at what stage do you get that "permission denied" error, spinning up the container or while trying to access from the browser.

If you are using the default Docker Compose suggested in GitHub, make sure the directory

/siyuan/workspace

exists, and that the permissions on that directory match the UID/GUID 1000:1000 specified. Or change accordingly.

This is an example for the default values on the Docker Compose from GitHub:

mkdir -p /siyuan/workspace
chmod 1000:1000 /siyuan/workspace

You might want to run chmod with "-R" for the parent directory /siyuan. It's hard to guess your problem with the little information you have provided.