Durable rename

Pulls the local-client-cli and obsidian-plugin changes from
asch/fix-everything onto a fresh branch off main.

.editorconfig

@@ -0,0 +1,16 @@
+# https://editorconfig.org
+
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+charset = utf-8
+indent_style = space
+indent_size = 4
+tab_width = 4
+
+[*.{yml,yaml,md}]
+indent_size = 2
+tab_width = 2

.forgejo/workflows/check.yml

@@ -0,0 +1,35 @@
+name: Check
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+  workflow_dispatch:
+
+env:
+  CARGO_TERM_COLOR: always
+  RUSTFLAGS: "-Dwarnings"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js environment
+        uses: actions/setup-node@v4
+        with:
+          node-version: "25.x"
+
+      - name: Setup Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          toolchain: "1.92.0"
+          components: clippy, rustfmt
+
+      - name: Lint & test
+        run: scripts/check.sh

.forgejo/workflows/deploy-docs.yml

@@ -0,0 +1,38 @@
+name: Deploy Documentation
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "docs/**"
+      - ".forgejo/workflows/deploy-docs.yml"
+  workflow_dispatch:
+
+concurrency:
+  group: pages
+  cancel-in-progress: false
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js environment
+        uses: actions/setup-node@v4
+        with:
+          node-version: "25.x"
+
+      - name: Build docs
+        run: scripts/build-docs.sh
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: docs
+          path: docs/.vitepress/dist

.forgejo/workflows/e2e.yml

@@ -0,0 +1,71 @@
+name: E2E tests
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+  schedule:
+    - cron: "0 * * * *"
+  workflow_dispatch:
+
+concurrency:
+  group: e2e-tests
+  cancel-in-progress: false
+
+env:
+  RUSTFLAGS: "-Dwarnings"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js environment
+        uses: actions/setup-node@v4
+        with:
+          node-version: "25.x"
+
+      - name: Setup Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          toolchain: "1.92.0"
+          components: clippy, rustfmt
+
+      - name: Setup rust
+        run: |
+          which sqlx || cargo install sqlx-cli
+          cd sync-server
+          sqlx database create --database-url sqlite://db.sqlite3
+          sqlx migrate run --source src/app_state/database/migrations --database-url sqlite://db.sqlite3
+
+      - name: E2E tests
+        run: |
+          cd sync-server
+          cargo run config-e2e.yml --color never &
+          SERVER_PID=$!
+          cd ..
+
+          scripts/e2e.sh 8
+          EXIT_CODE=$?
+
+          kill $SERVER_PID 2>/dev/null || true
+          wait $SERVER_PID 2>/dev/null || true
+
+          exit $EXIT_CODE
+
+      - name: Upload e2e logs
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: e2e-logs
+          path: logs/
+          retention-days: 30
+
+      - name: Cleanup
+        if: always()
+        run: scripts/clean-up.sh

.forgejo/workflows/publish-cli-docker.yml

@@ -0,0 +1,51 @@
+name: Publish CLI
+
+on:
+  push:
+    branches: ["main"]
+    tags: ["*"]
+  pull_request:
+    branches: ["main"]
+
+jobs:
+  publish-docker:
+    runs-on: ubuntu-docker
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Extract registry hostname
+        id: registry
+        run: echo "host=$(echo '${{ github.server_url }}' | sed 's|https\?://||')" >> "$GITHUB_OUTPUT"
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log into container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ steps.registry.outputs.host }}
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ steps.registry.outputs.host }}/${{ github.repository }}-cli
+
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@v5
+        with:
+          context: frontend
+          file: frontend/local-client-cli/Dockerfile
+          platforms: linux/amd64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=registry,ref=${{ steps.registry.outputs.host }}/${{ github.repository }}-cli:buildcache
+          cache-to: type=registry,ref=${{ steps.registry.outputs.host }}/${{ github.repository }}-cli:buildcache,mode=max

.forgejo/workflows/publish-plugin.yml

@@ -0,0 +1,71 @@
+name: Publish Obsidian plugin
+
+on:
+  push:
+    tags: ["*"]
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  publish-plugin:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js environment
+        uses: actions/setup-node@v4
+        with:
+          node-version: "25.x"
+
+      - name: Build plugin
+        run: |
+          cd frontend
+          npm ci
+          npm run build
+
+      - name: Setup Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          toolchain: "1.92.0"
+          components: clippy, rustfmt
+
+      - name: Install cross-compilation tools
+        run: |
+          apt update
+          apt install -y gcc-aarch64-linux-gnu musl-tools gcc-mingw-w64-x86-64 jq
+
+      - name: Build Linux and Windows binaries
+        run: ./scripts/build-sync-server-binaries.sh
+
+      - name: Create release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SERVER_URL: ${{ github.server_url }}
+          REPO: ${{ github.repository }}
+        run: |
+          tag="${GITHUB_REF#refs/tags/}"
+
+          mkdir -p release
+          cp frontend/obsidian-plugin/dist/* release/
+          cp sync-server/artifacts/sync-server-* release/
+
+          # Create draft release via Forgejo API
+          RELEASE_ID=$(curl -s -X POST \
+            "${SERVER_URL}/api/v1/repos/${REPO}/releases" \
+            -H "Authorization: token ${GITHUB_TOKEN}" \
+            -H "Content-Type: application/json" \
+            -d "{\"tag_name\": \"${tag}\", \"name\": \"${tag}\", \"draft\": true}" \
+            | jq -r '.id')
+
+          # Upload release assets
+          for file in release/*; do
+            filename=$(basename "$file")
+            curl -s -X POST \
+              "${SERVER_URL}/api/v1/repos/${REPO}/releases/${RELEASE_ID}/assets?name=${filename}" \
+              -H "Authorization: token ${GITHUB_TOKEN}" \
+              -F "attachment=@${file}"
+          done

.forgejo/workflows/publish-server-docker.yml

@@ -0,0 +1,51 @@
+name: Publish server Docker image
+
+on:
+  push:
+    branches: ["main"]
+    tags: ["*"]
+  pull_request:
+    branches: ["main"]
+
+jobs:
+  publish-docker:
+    runs-on: ubuntu-docker
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Extract registry hostname
+        id: registry
+        run: echo "host=$(echo '${{ github.server_url }}' | sed 's|https\?://||')" >> "$GITHUB_OUTPUT"
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log into container registry
+        if: github.ref_type == 'tag'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ steps.registry.outputs.host }}
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ steps.registry.outputs.host }}/${{ github.repository }}
+
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@v5
+        with:
+          context: sync-server
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.ref_type == 'tag' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=registry,ref=${{ steps.registry.outputs.host }}/${{ github.repository }}:buildcache
+          cache-to: type=registry,ref=${{ steps.registry.outputs.host }}/${{ github.repository }}:buildcache,mode=max

.github/workflows/check.yml

@@ -1,51 +0,0 @@
-name: Check
-
-on:
-  push:
-    branches: ["master"]
-  pull_request:
-    branches: ["master"]
-
-env:
-  CARGO_TERM_COLOR: always
-  RUSTFLAGS: "-Dwarnings"
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup
-        run: |
-          rustup install nightly
-          rustup default nightly
-          rustup component add clippy rustfmt
-          cargo install sqlx-cli
-          cd backend
-          sqlx database create --database-url sqlite://db.sqlite3
-          sqlx migrate run --source sync_server/src/database/migrations --database-url sqlite://db.sqlite3
-
-      - name: Build wasm
-        run: |
-          cd backend
-          cargo install wasm-pack
-          wasm-pack build --target web sync_lib --features wee_alloc
-
-      - name: Lint backend
-        run: |
-          cd backend
-          cargo clippy --all-targets --all-features
-          cargo fmt --all -- --check
-
-      - name: Test backend
-        run: |
-          cd backend
-          cargo test --verbose
-
-      - name: Lint frontend
-        run: |
-          cd plugin
-          npm install
-          npm run lint

.github/workflows/publish-docker.yml

@@ -1,91 +0,0 @@
-name: Publish server Docker image
-
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
-on:
-  push:
-    tags:
-      - "*"
-
-env:
-  # Use docker.io for Docker Hub if empty
-  REGISTRY: ghcr.io
-  # github.repository as <account>/<repo>
-  IMAGE_NAME: ${{ github.repository }}
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-      # This is used to complete the identity challenge
-      # with sigstore/fulcio when running outside of PRs.
-      id-token: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      # Install the cosign tool except on PR
-      # https://github.com/sigstore/cosign-installer
-      - name: Install cosign
-        if: github.event_name != 'pull_request'
-        uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 #v3.5.0
-        with:
-          cosign-release: "v2.2.4"
-
-      # Set up BuildKit Docker container builder to be able to build
-      # multi-platform images and export cache
-      # https://github.com/docker/setup-buildx-action
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
-
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
-      - name: Log into registry ${{ env.REGISTRY }}
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
-      - name: Extract Docker metadata
-        id: meta
-        uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-
-      # Build and push Docker image with Buildx (don't push on PR)
-      # https://github.com/docker/build-push-action
-      - name: Build and push Docker image
-        id: build-and-push
-        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
-        with:
-          context: backend
-          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-
-      # Sign the resulting Docker image digest except on PRs.
-      # This will only write to the public Rekor transparency log when the Docker
-      # repository is public to avoid leaking data. If you would like to publish
-      # transparency data even for private images, pass --force to cosign below.
-      # https://github.com/sigstore/cosign
-      - name: Sign the published Docker image
-        if: ${{ github.event_name != 'pull_request' }}
-        env:
-          # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
-          TAGS: ${{ steps.meta.outputs.tags }}
-          DIGEST: ${{ steps.build-and-push.outputs.digest }}
-        # This step uses the identity token to provision an ephemeral certificate
-        # against the sigstore community Fulcio instance.
-        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

.github/workflows/publish-plugin.yml

@@ -1,46 +0,0 @@
-name: Publish Obsidian plugin
-
-on:
-  push:
-    tags:
-      - "*"
-
-env:
-  CARGO_TERM_COLOR: always
-
-jobs:
-  build-plugin:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v3
-
-      - name: Use Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: "18.x"
-
-      - name: Build wasm
-        run: |
-          cd backend
-          cargo install wasm-pack
-          wasm-pack build --target web sync_lib --features wee_alloc
-
-      - name: Build plugin
-        run: |
-          cd plugin
-          npm install
-          npm run build
-
-      - name: Create release
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          tag="${GITHUB_REF#refs/tags/}"
-
-          cd plugin/build
-
-          gh release create "$tag" \
-            --title="$tag" \
-            --draft \
-            main.js manifest.json styles.css

.gitignore

@@ -1,19 +1,24 @@
-# vscode
-.vscode 
-
-# npm
-node_modules
-
-# Exclude macOS Finder (System Explorer) View States
-.DS_Store
-
-# Rust build folder
-backend/target
-
-# Obsidian plugin build folder
-plugin/build
-
-backend/db.sqlite3*
-backend/config.yaml
-
-*.log
+# npm
+node_modules
+
+# Exclude macOS Finder (System Explorer) View States
+.DS_Store
+
+# Frontend build folders
+frontend/*/dist
+
+# Rust build folders
+sync-server/target
+sync-server/artifacts
+sync-server/bindings/*.ts
+
+# build folders
+sync-server/db.sqlite3*
+**/databases
+
+*.log
+*.sqlx
+
+target
+
+.task

.vscode/settings.json

@@ -0,0 +1,10 @@
+{
+    "jest.jestCommandLine": "NODE_OPTIONS=\"$NODE_OPTIONS --experimental-vm-modules\" npx jest",
+    "jest.rootPath": "plugin",
+    "files.exclude": {
+        "**/dist": true,
+        "**/node_modules": true,
+        "**/.sqlx": true,
+        "**/target": true
+    }
+}

CLAUDE.md

@@ -0,0 +1,155 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project shape
+
+VaultLink is a self-hosted Obsidian file-sync system. Two halves of one repo:
+
+- `sync-server/` — Rust (axum + sqlx/SQLite). Source of truth for vault state, broadcasts changes via WebSocket.
+- `frontend/` — npm workspaces. The sync engine (`sync-client`) is consumed by an Obsidian plugin, a standalone CLI, a fuzz E2E harness, a scripted determinism harness, and a history UI.
+
+The HTTP/WS API types are generated from Rust (`ts-rs`) and mirrored into the TS workspaces. **Never hand-edit files in `frontend/sync-client/src/services/types/` or `frontend/history-ui/src/lib/types/`** — run `scripts/update-api-types.sh` after changing anything Serde-derived in the server.
+
+### Frontend workspaces
+
+- `sync-client` — the sync engine; published to consumers via `dist/`. All other TS workspaces depend on it via `file:../sync-client`.
+- `obsidian-plugin` — Obsidian plugin built from `sync-client`.
+- `local-client-cli` — same engine wrapped as a standalone CLI.
+- `history-ui` — vault-history web UI.
+- `test-client` — fuzz E2E harness (random ops across N processes).
+- `deterministic-tests` — scripted multi-client tests with an in-memory FS, run against a real server.
+
+## Common commands
+
+Pre-push hygiene (formats, lints, runs tests, requires clean git state):
+
+```sh
+scripts/check.sh --fix
+```
+
+Run the fuzz E2E (N parallel processes):
+
+```sh
+scripts/e2e.sh 12
+# Logs land in logs/log_<i>.log. Clean with scripts/clean-up.sh
+```
+
+Run deterministic tests (require a release-built server in `sync-server/target/release/sync_server` — they spawn it themselves):
+
+```sh
+cd sync-server && cargo build --release && cd ..
+cd frontend
+npm run build -w sync-client -w deterministic-tests
+node deterministic-tests/dist/cli.js                       # all
+node deterministic-tests/dist/cli.js --filter=rename       # subset
+node deterministic-tests/dist/cli.js --filter=… -j 4       # cap parallelism
+```
+
+Run a single sync-client unit test by file:
+
+```sh
+cd frontend/sync-client && npx tsx --test 'src/**/sync-event-queue.test.ts'
+```
+
+Server: dev runs from `sync-server/` against `config-e2e.yml`:
+
+```sh
+cd sync-server
+cargo run config-e2e.yml          # dev
+cargo build --release             # used by both e2e harnesses
+cargo test                        # unit + ts-rs binding export tests
+```
+
+Frontend dev (sync-client + obsidian-plugin watch in parallel):
+
+```sh
+cd frontend && npm install && npm run dev
+```
+
+Regenerate TS bindings from Rust types (touches `frontend/{sync-client,history-ui}/src/.../types/`):
+
+```sh
+scripts/update-api-types.sh
+```
+
+## SQLite / sqlx
+
+The server uses `sqlx::query!` macros that need a prepared `.sqlx` cache to compile offline. Touching any SQL means regenerating it:
+
+```sh
+cd sync-server
+sqlx database create --database-url sqlite://db.sqlite3
+sqlx migrate run --source src/app_state/database/migrations --database-url sqlite://db.sqlite3
+cargo sqlx prepare --workspace
+```
+
+New migrations: `sqlx migrate add --source src/app_state/database/migrations <name>`.
+
+## Sync engine architecture
+
+Read `frontend/sync-client/src/sync-operations/` to follow the sync engine; the rest of `sync-client` is plumbing (filesystem ops, persistence, services, telemetry).
+
+The engine is **two independent loops with separate invariants**:
+
+- **Wire loop** (`syncer.ts`) — drains the single-consumer FIFO queue. HTTP and WS handlers update record fields (`remoteRelativePath`, `parentVersionId`, `remoteHash`) and write content to the file at `record.localPath`. They never move files for path placement.
+- **Path reconciler** (`reconciler.ts`) — runs after every drained event. Best-effort pass that moves files to make `localPath === remoteRelativePath`. The move graph is topologically sorted; cycles are resolved by reading every file in the cycle into memory and writing each back to its new slot (no tmp files). Records with pending local events are skipped on each pass — the reconciler operates only on settled records. Failures (slot occupied by an untracked file, etc.) are silent skips; the next pass retries.
+
+**`SyncEventQueue`** (`sync-event-queue.ts`) holds:
+
+- `byDocId: Map<DocumentId, DocumentRecord>` — primary record store.
+- `byLocalPath: Map<RelativePath, DocumentRecord>` — derived index for path lookups, maintained at every mutation point.
+- `events: SyncEvent[]` — pending wire ops in FIFO drain order.
+
+```ts
+DocumentRecord = {
+    documentId,
+    parentVersionId,
+    remoteHash?,
+    remoteRelativePath,
+    localPath: RelativePath | undefined
+}
+```
+
+`localPath === undefined` means the doc has no local file yet — typically a remote create whose target slot was occupied at receive time; the reconciler will fetch and place when the slot frees (the bytes wait in `pendingPlacementContent`).
+
+Local FS events from the watcher update `localPath` synchronously at enqueue time via `setLocalPath` / `upsertRecord`. The wire loop never updates it for path placement; only the reconciler does. A user rename onto a tracked slot enqueues a `LocalDelete` for the displaced doc (the OS rename clobbered its content) and clears that doc's `localPath`.
+
+**Pending creates** use a `Promise<DocumentId>` chain to serialize dependent ops (`LocalUpdate`, `LocalDelete`) behind the still-in-flight `LocalCreate`. `resolveCreate` resolves the promise once the server returns a docId, and `replacePendingDocumentId` swaps the resolved id across already-queued events. `findLatestCreateForPath` is the lookup the watcher uses to attach dependents; `updatePendingCreatePath` rewrites a pending create's `event.path` in place when the user renames the file before its create has acked.
+
+**Watermark.** `lastSeenUpdateId` uses a `MinCovered` (a contiguous-prefix tracker over a stream of integers): we only advance the published min when the next consecutive id has been processed, so out-of-order RemoteChange ids don't fool the WebSocket handshake into requesting a too-recent catch-up.
+
+**Server catch-up.** The server's WS handshake replays events newer than the client's `last_seen_vault_update_id` from the `latest_document_versions` view (one row per doc, the latest). On those replayed rows `is_new_file` means _new to this client_ (`creation_vault_update_id > last_seen_vault_update_id`), not "this row is the doc's first version" — necessary because the catch-up only carries the latest version; if a doc was created and updated past the watermark, the client never sees its create otherwise.
+
+## Edge-case patterns the sync engine has to survive
+
+The two-loop split defuses most of the old race catalogue (slot-collision stashes, conflict-uuid divergence, `MoveOnConflict.NEW`/`EXISTING` policy choices) by separating wire transport from path placement. What's left:
+
+**Pending-create docId is a `Promise`, not a string, until the create acks.** Any `LocalUpdate` / `LocalDelete` queued behind a still-in-flight `LocalCreate` carries the create's `resolvers.promise` as its `documentId`. `replacePendingDocumentId` swaps the resolved id across queued events when the create resolves; `===` comparisons against the resolved string elsewhere will silently fail until that swap runs. Anything that walks `events[]` looking for a docId match must either run after the swap or be tolerant of `Promise`-typed ids.
+
+**`processCreate` reads `event.path` live, not `event.originalPath`.** The watcher rewrites `event.path` in place via `updatePendingCreatePath` when the user renames a pending-create file. `originalPath` was removed from `LocalCreate` events specifically because reading it would send the stale pre-rename path to the server.
+
+**`record.localPath` mutates in place across awaits.** When the watcher renames a doc while a drain handler is awaiting an HTTP roundtrip, the queue mutates the in-flight event's record so subsequent reads see the new path. Snapshotting `record.localPath` into a local at function entry and using it after an `await` reads/writes a now-vacated slot. Read `record.localPath` live; only snapshot for the deliberate "did it change while I was awaiting" comparison.
+
+**Reconciler-defer is the wire-loop's contract with the reconciler.** The reconciler skips records where `hasPendingLocalEventsForDocumentId` returns true. Wire-loop handlers can therefore freely write `remoteRelativePath` to whatever the server returned — even if it disagrees with `localPath` — knowing the reconciler won't move the file out from under a queued user rename.
+
+**Watermark advancement is load-bearing both ways.** Branches that _skip_ a remote event without advancing `lastSeenUpdateId` create permanent gaps that re-deliver forever. Branches that _advance_ without applying the content lose data: the server has no further event to re-deliver, the catch-up only carries the latest version, and any state in between is gone. Don't advance unless the event was actually applied (or deliberately discarded after weighing both halves).
+
+**`isNewFile` semantics differ between catch-up and real-time.** On WS handshake replay it means _new to this client_ (`creation_vault_update_id > last_seen_vault_update_id`); on real-time broadcasts it means _this version is the create_ (`creation_vault_update_id == vault_update_id`). A handler that decides based on one interpretation will be wrong on the other channel; reasoning about fetch-and-treat-as-new vs. ignore needs to know which channel delivered the event.
+
+**Pause / disable-sync mid-flight** is the one race the new model doesn't structurally fix. An HTTP that committed server-side but whose response was discarded leaves the server holding a doc the client has no record of. Resume → offline scan → server-side dedupe handles it (the server merges the duplicate create into the existing doc), but if the merge produces a deconflict, the client picks up an extra file. Out of scope for the two-loop split.
+
+**Cycle reconciliation uses in-memory content swap.** When the move graph contains a cycle, the reconciler reads every file in the cycle into memory and writes each back to its new slot, with no tmp files. A write-ahead marker at `.vaultlink/swap-<uuid>.json` lists each leg; on startup the reconciler reads the marker, hashes each `from` to determine which legs ran, and replays the rest. The `.vaultlink/**` glob is hard-coded as an internal ignore pattern so swap markers don't get sync'd.
+
+## Two complementary E2E harnesses
+
+- **`test-client` (fuzz):** random ops across N parallel processes for many minutes. Used by `scripts/e2e.sh`. Catches bugs nobody thought to write a test for, but reproductions are noisy.
+- **`deterministic-tests`:** scripted scenarios with an in-memory FS pinned to a real server. Used to _capture_ a fuzz-discovered bug as a minimal repro before fixing it. See `frontend/deterministic-tests/README.md` for the step grammar (`pause-server`, `pause-websocket`, `barrier`, `assert-consistent`, etc.).
+
+When a fuzz failure surfaces, the workflow is: root-cause from logs → write a deterministic test that fails on the bug → fix → confirm both the deterministic test and `e2e.sh` pass.
+
+## Style
+
+- TS: 4-space indent, no tabs, LF, prettier (`trailingComma: "none"`). YAML/MD use 2-space indent.
+- Rust: `rustfmt.toml` enforces 4-space spaces, LF.
+- Lint: ESLint for TS, Clippy for Rust, `cargo machete` for unused deps. All wired into `scripts/check.sh`.

README.md

@@ -1,76 +1,79 @@
-## VaultLink self-hosted Obsidian sync plugin
+# VaultLink self-hosted Obsidian plugin for file syncing
 
-[![Check](https://github.com/schmelczer/obsidian-shared-sync/actions/workflows/check.yml/badge.svg)](https://github.com/schmelczer/obsidian-shared-sync/actions/workflows/check.yml)
-[![Publish Docker](https://github.com/schmelczer/obsidian-shared-sync/actions/workflows/publish-docker.yml/badge.svg)](https://github.com/schmelczer/obsidian-shared-sync/actions/workflows/publish-docker.yml)
-[![Publish plugin](https://github.com/schmelczer/obsidian-shared-sync/actions/workflows/publish-plugin.yml/badge.svg)](https://github.com/schmelczer/obsidian-shared-sync/actions/workflows/publish-plugin.yml)
+[![Check](https://github.com/schmelczer/vault-link/actions/workflows/check.yml/badge.svg)](https://github.com/schmelczer/vault-link/actions/workflows/check.yml)
+[![E2E tests](https://github.com/schmelczer/vault-link/actions/workflows/e2e.yml/badge.svg)](https://github.com/schmelczer/vault-link/actions/workflows/e2e.yml)
+[![Publish server Docker image](https://github.com/schmelczer/vault-link/actions/workflows/publish-server-docker.yml/badge.svg)](https://github.com/schmelczer/vault-link/actions/workflows/publish-server-docker.yml)
+[![Publish CLI](https://github.com/schmelczer/vault-link/actions/workflows/publish-cli-docker.yml/badge.svg)](https://github.com/schmelczer/vault-link/actions/workflows/publish-cli-docker.yml)
+[![Publish Obsidian plugin](https://github.com/schmelczer/vault-link/actions/workflows/publish-plugin.yml/badge.svg)](https://github.com/schmelczer/vault-link/actions/workflows/publish-plugin.yml)
 
+## Develop
 
-## Install [nvm](https://github.com/nvm-sh/nvm)
+### Set up Node.JS 25 with [nvm](https://github.com/nvm-sh/nvm)
 
 - `curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash`
-- `nvm install 20`
-- `nvm use 20`
-- Optionally set the system-wide default: `nvm alias default 20`
+- `nvm install 25`
+- `nvm use 25`
+- Optionally, set the system-wide default: `nvm alias default 25`
 
-
-## Set up Rust
+### Set up Rust
 
 - Install [`rustup`](https://rustup.rs): `curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh`
-- `sudo apt install llvm -y`
-- `rustup self update`
-- `rustup update`
-- `rustup install nightly`
-- `rustup default nightly`
-- `rustup component add llvm-tools-preview`
-- `cargo install cargo-generate cargo-fuzz cargo-insta rustfilt cargo-binutils`
 - Install [`wasm-pack`](https://rustwasm.github.io/wasm-pack/installer): `curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh`
-- `cargo install cargo-insta sqlx-cli cargo-edit`
+- `cargo install cargo-insta sqlx-cli`
 
-
-## Publish new version 
+### Install Obsidian on Linux
 
 ```sh
-./bump-version.sh patch
+apt install flatpak
+flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
+flatpak install flathub md.obsidian.Obsidian
+flatpak run md.obsidian.Obsidian
 ```
 
+#### Run in development mode
 
-## Update HTTP API TS bindings
+Start the server:
 
-```sh 
-npm install -g openapi-typescript
-openapi-typescript http://localhost:3030/api.json --output plugin/src/services/types.ts
+```sh
+cargo install sqlx-cli
+cd sync-server
+cargo run config-e2e.yml
 ```
 
+```sh
+cd frontend
+npm install
+npm run dev
 ```
-## Todos
 
-- Add users to vaults
-- Websocket for db updates
-- async read body
-- e2e tests
-- add clap
-- add auth middleware
-- shard db per user
-- update card title max width
-- retry
-- CI for:
-    - publish reconcile
-    - cross-platform build server
-    - run load test on server
-    - build and publish plugin with openapi types
+### Scripts
 
-todo: enable
-[workspace.lints.clippy]
-single_call_fn = { level = "allow", priority = 1 }
-absolute_paths = { level = "allow", priority = 1 }
-arithmetic_side_effects = { level = "allow", priority = 1 }
-similar_names = { level = "allow", priority = 1 }
-self_named_module_files = { level = "allow", priority = 1 }
-single_char_lifetime_names = { level = "allow", priority = 1 }
-missing_docs_in_private_items = { level = "allow", priority = 1 }
-question_mark_used =  { level = "allow", priority = 1 }
-implicit_return = { level = "allow", priority = 1 }
-pedantic = { level = "warn", priority = 0 }
-cargo = { level = "warn", priority = 0 }
+#### Before pushing
 
+```sh
+scripts/check.sh --fix
 ```
+
+#### Update HTTP API TS bindings
+
+```sh
+scripts/update-api-types.sh
+```
+
+#### Publish new version
+
+```sh
+scripts/bump-version.sh patch
+```
+
+#### Run E2E tests
+
+```sh
+scripts/e2e.sh 8
+```
+
+And to clean up the logs & database files, run `scripts/clean-up.sh`
+
+## Projects
+
+- [Sync server](./sync-server/README.md)

backend/Cargo.toml

@@ -1,54 +0,0 @@
-[workspace]
-resolver = "2"
-members = [
-    "reconcile",
-    "fuzz",
-    "sync_server", 
-    "sync_lib"
-]
-
-[workspace.package]
-rust-version = "1.83"
-
-[workspace.dependencies]  
-serde = { version = "1.0.214", default-features = false, features = ["derive"] }
-thiserror = { version = "1.0.66", default-features = false  } 
-
-[profile.release]
-codegen-units = 1
-lto = true
-opt-level = 3
-
-[workspace.lints.rust]
-unsafe_code = "forbid"
-rust_2018_idioms = { level = "warn", priority = -1 }
-missing_debug_implementations = "warn"
-
-[workspace.lints.clippy]
-await_holding_lock = "warn"
-dbg_macro = "warn"
-empty_enum = "warn"
-enum_glob_use = "warn"
-exit = "warn"
-filter_map_next = "warn"
-fn_params_excessive_bools = "warn"
-if_let_mutex = "warn"
-imprecise_flops = "warn"
-inefficient_to_string = "warn"
-linkedlist = "warn"
-lossy_float_literal = "warn"
-macro_use_imports = "warn"
-match_on_vec_items = "warn"
-match_wildcard_for_single_variants = "warn"
-mem_forget = "warn"
-needless_borrow = "warn"
-needless_continue = "warn"
-option_option = "warn"
-rest_pat_in_fully_bound_structs = "warn"
-str_to_string = "warn"
-suboptimal_flops = "warn"
-todo = "warn"
-uninlined_format_args = "warn"
-unnested_or_patterns = "warn"
-unused_self = "warn"
-verbose_file_reads = "warn"

backend/Dockerfile

@@ -1,23 +0,0 @@
-FROM rust:1.83 AS builder
-
-WORKDIR /usr/src/backend
-
-RUN apt update && apt install -y musl-tools
-RUN rustup install nightly && rustup default nightly
-RUN rustup target add x86_64-unknown-linux-musl
-RUN cargo install sqlx-cli
-
-COPY . .
-
-RUN sqlx database create --database-url sqlite://db.sqlite3
-RUN sqlx migrate run --source sync_server/src/database/migrations --database-url sqlite://db.sqlite3
-
-RUN cargo build --package sync_server --release --target x86_64-unknown-linux-musl
-
-FROM alpine:3.21.0
-
-COPY --from=builder /usr/src/backend/target/x86_64-unknown-linux-musl/release/sync_server /app/sync_server
-
-WORKDIR /data
-
-ENTRYPOINT ["/app/sync_server"]

backend/fuzz/.gitignore

@@ -1,4 +0,0 @@
-target
-corpus
-artifacts
-coverage

backend/fuzz/Cargo.toml

@@ -1,22 +0,0 @@
-[package]
-name = "reconcile-fuzz"
-version = "0.0.8"
-publish = false
-edition = "2021"
-
-[package.metadata]
-cargo-fuzz = true
-
-[dependencies]
-libfuzzer-sys = "0.4"
-reconcile = { path = "../reconcile" }
-
-[[bin]]
-name = "reconcile"
-path = "fuzz_targets/reconcile.rs"
-test = false
-doc = false
-bench = false
-
-[lints]
-workspace = true

backend/fuzz/fuzz_targets/reconcile.rs

@@ -1,8 +0,0 @@
-#![no_main]
-
-use libfuzzer_sys::fuzz_target;
-
-fuzz_target!(|texts: (String, String, String)| {
-    let (original, left, right) = texts;
-    let _ = reconcile::reconcile(&original, &left, &right);
-});

backend/reconcile/Cargo.toml

@@ -1,18 +0,0 @@
-[package]
-name = "reconcile"
-version = "0.0.8"
-edition = "2021"
-
-[dependencies]
-serde = { version = "1.0.215", optional = true }
-
-[features]
-serde = [ "dep:serde" ]
-
-[dev-dependencies]
-insta = "1.41.1"
-pretty_assertions = "1.4.1"
-test-case = "3.3.1"
-
-[lints]
-workspace = true

backend/reconcile/src/diffs.rs

@@ -1,2 +0,0 @@
-pub mod myers;
-pub mod raw_operation;

backend/reconcile/src/diffs/myers.rs

@@ -1,291 +0,0 @@
-//! Taken from <https://github.com/mitsuhiko/similar/blob/7e15c44de11a1cd61e1149189929e189ef977fd8/src/algorithms/myers.rs>
-//! Myers' diff algorithm.
-//!
-//! * time: `O((N+M)D)`
-//! * space `O(N+M)`
-//!
-//! See [the original article by Eugene W. Myers](http://www.xmailserver.org/diff2.pdf)
-//! describing it.
-//!
-//! The implementation of this algorithm is based on the implementation by
-//! Brandon Williams.
-//!
-//! # Heuristics
-//!
-//! At present this implementation of Myers' does not implement any more
-//! advanced heuristics that would solve some pathological cases.  For instance
-//! passing two large and completely distinct sequences to the algorithm will
-//! make it spin without making reasonable progress.
-//! For potential improvements here see [similar#15](https://github.com/mitsuhiko/similar/issues/15).
-
-use std::{
-    ops::{Index, IndexMut, Range},
-    vec,
-};
-
-use super::raw_operation::RawOperation;
-use crate::{
-    tokenizer::token::Token,
-    utils::{common_prefix_len::common_prefix_len, common_suffix_len::common_suffix_len},
-};
-
-/// Myers' diff algorithm with deadline.
-///
-/// Diff `old`, between indices `old_range` and `new` between indices
-/// `new_range`.
-///
-/// This diff is done with an optional deadline that defines the maximal
-/// execution time permitted before it bails and falls back to an approximation.
-pub fn diff<T>(old: &[Token<T>], new: &[Token<T>]) -> Vec<RawOperation<T>>
-where
-    T: PartialEq + Clone,
-{
-    let max_d = max_d(old.len(), new.len());
-    let mut vb = V::new(max_d);
-    let mut vf = V::new(max_d);
-    let mut result: Vec<RawOperation<T>> = vec![];
-    conquer(
-        old,
-        0..old.len(),
-        new,
-        0..new.len(),
-        &mut vf,
-        &mut vb,
-        &mut result,
-    );
-    result
-}
-
-// A D-path is a path which starts at (0,0) that has exactly D non-diagonal
-// edges. All D-paths consist of a (D - 1)-path followed by a non-diagonal edge
-// and then a possibly empty sequence of diagonal edges called a snake.
-
-/// `V` contains the endpoints of the furthest reaching `D-paths`. For each
-/// recorded endpoint `(x,y)` in diagonal `k`, we only need to retain `x`
-/// because `y` can be computed from `x - k`. In other words, `V` is an array of
-/// integers where `V[k]` contains the row index of the endpoint of the furthest
-/// reaching path in diagonal `k`.
-///
-/// We can't use a traditional Vec to represent `V` since we use `k` as an index
-/// and it can take on negative values. So instead `V` is represented as a
-/// light-weight wrapper around a Vec plus an `offset` which is the maximum
-/// value `k` can take on in order to map negative `k`'s back to a value >= 0.
-#[derive(Debug)]
-struct V {
-    offset: isize,
-    v: Vec<usize>, // Look into initializing this to -1 and storing isize
-}
-
-impl V {
-    fn new(max_d: usize) -> Self {
-        Self {
-            offset: max_d as isize,
-            v: vec![0; 2 * max_d],
-        }
-    }
-
-    fn len(&self) -> usize { self.v.len() }
-}
-
-impl Index<isize> for V {
-    type Output = usize;
-
-    fn index(&self, index: isize) -> &Self::Output { &self.v[(index + self.offset) as usize] }
-}
-
-impl IndexMut<isize> for V {
-    fn index_mut(&mut self, index: isize) -> &mut Self::Output {
-        &mut self.v[(index + self.offset) as usize]
-    }
-}
-
-fn max_d(len1: usize, len2: usize) -> usize {
-    // XXX look into reducing the need to have the additional '+ 1'
-    (len1 + len2 + 1) / 2 + 1
-}
-
-#[inline(always)]
-fn split_at(range: Range<usize>, at: usize) -> (Range<usize>, Range<usize>) {
-    (range.start..at, at..range.end)
-}
-
-/// A `Snake` is a sequence of diagonal edges in the edit graph.  Normally
-/// a snake has a start end end point (and it is possible for a snake to have
-/// a length of zero, meaning the start and end points are the same) however
-/// we do not need the end point which is why it's not implemented here.
-///
-/// The divide part of a divide-and-conquer strategy. A D-path has D+1 snakes
-/// some of which may be empty. The divide step requires finding the ceil(D/2) +
-/// 1 or middle snake of an optimal D-path. The idea for doing so is to
-/// simultaneously run the basic algorithm in both the forward and reverse
-/// directions until furthest reaching forward and reverse paths starting at
-/// opposing corners 'overlap'.
-fn find_middle_snake<T>(
-    old: &[Token<T>],
-    old_range: Range<usize>,
-    new: &[Token<T>],
-    new_range: Range<usize>,
-    vf: &mut V,
-    vb: &mut V,
-) -> Option<(usize, usize)>
-where
-    T: PartialEq + Clone,
-{
-    let n = old_range.len();
-    let m = new_range.len();
-
-    // By Lemma 1 in the paper, the optimal edit script length is odd or even as
-    // `delta` is odd or even.
-    let delta = n as isize - m as isize;
-    let odd = delta & 1 == 1;
-
-    // The initial point at (0, -1)
-    vf[1] = 0;
-    // The initial point at (N, M+1)
-    vb[1] = 0;
-
-    // We only need to explore ceil(D/2) + 1
-    let d_max = max_d(n, m);
-    assert!(vf.len() >= d_max);
-    assert!(vb.len() >= d_max);
-
-    for d in 0..d_max as isize {
-        // Forward path
-        for k in (-d..=d).rev().step_by(2) {
-            let mut x = if k == -d || (k != d && vf[k - 1] < vf[k + 1]) {
-                vf[k + 1]
-            } else {
-                vf[k - 1] + 1
-            };
-            let y = (x as isize - k) as usize;
-
-            // The coordinate of the start of a snake
-            let (x0, y0) = (x, y);
-            //  While these sequences are identical, keep moving through the
-            //  graph with no cost
-            if x < old_range.len() && y < new_range.len() {
-                let advance = common_prefix_len(
-                    old,
-                    old_range.start + x..old_range.end,
-                    new,
-                    new_range.start + y..new_range.end,
-                );
-                x += advance;
-            }
-
-            // This is the new best x value
-            vf[k] = x;
-
-            // Only check for connections from the forward search when N - M is
-            // odd and when there is a reciprocal k line coming from the other
-            // direction.
-            if odd && (k - delta).abs() <= (d - 1) {
-                // TODO optimize this so we don't have to compare against n
-                if vf[k] + vb[-(k - delta)] >= n {
-                    // Return the snake
-                    return Some((x0 + old_range.start, y0 + new_range.start));
-                }
-            }
-        }
-
-        // Backward path
-        for k in (-d..=d).rev().step_by(2) {
-            let mut x = if k == -d || (k != d && vb[k - 1] < vb[k + 1]) {
-                vb[k + 1]
-            } else {
-                vb[k - 1] + 1
-            };
-            let mut y = (x as isize - k) as usize;
-
-            // The coordinate of the start of a snake
-            if x < n && y < m {
-                let advance = common_suffix_len(
-                    old,
-                    old_range.start..old_range.start + n - x,
-                    new,
-                    new_range.start..new_range.start + m - y,
-                );
-                x += advance;
-                y += advance;
-            }
-
-            // This is the new best x value
-            vb[k] = x;
-
-            if !odd && (k - delta).abs() <= d {
-                // TODO optimize this so we don't have to compare against n
-                if vb[k] + vf[-(k - delta)] >= n {
-                    // Return the snake
-                    return Some((n - x + old_range.start, m - y + new_range.start));
-                }
-            }
-        }
-
-        // TODO: Maybe there's an opportunity to optimize and bail early?
-    }
-
-    None
-}
-
-fn conquer<T>(
-    old: &[Token<T>],
-    mut old_range: Range<usize>,
-    new: &[Token<T>],
-    mut new_range: Range<usize>,
-    vf: &mut V,
-    vb: &mut V,
-    result: &mut Vec<RawOperation<T>>,
-) where
-    T: PartialEq + Clone,
-{
-    // Check for common prefix
-    let common_prefix_len = common_prefix_len(old, old_range.clone(), new, new_range.clone());
-    if common_prefix_len > 0 {
-        result.push(RawOperation::Equal(
-            old[old_range.start..old_range.start + common_prefix_len].to_vec(),
-        ));
-    }
-    old_range.start += common_prefix_len;
-    new_range.start += common_prefix_len;
-
-    // Check for common suffix
-    let common_suffix_len = common_suffix_len(old, old_range.clone(), new, new_range.clone());
-    let common_suffix = (
-        old_range.end - common_suffix_len,
-        new_range.end - common_suffix_len,
-    );
-    old_range.end -= common_suffix_len;
-    new_range.end -= common_suffix_len;
-
-    if old_range.is_empty() && new_range.is_empty() {
-        // Do nothing
-    } else if new_range.is_empty() {
-        result.push(RawOperation::Delete(
-            old[old_range.start..old_range.start + old_range.len()].to_vec(),
-        ));
-    } else if old_range.is_empty() {
-        result.push(RawOperation::Insert(
-            new[new_range.start..new_range.start + new_range.len()].to_vec(),
-        ));
-    } else if let Some((x_start, y_start)) =
-        find_middle_snake(old, old_range.clone(), new, new_range.clone(), vf, vb)
-    {
-        let (old_a, old_b) = split_at(old_range, x_start);
-        let (new_a, new_b) = split_at(new_range, y_start);
-        conquer(old, old_a, new, new_a, vf, vb, result);
-        conquer(old, old_b, new, new_b, vf, vb, result);
-    } else {
-        result.push(RawOperation::Delete(
-            old[old_range.start..old_range.end].to_vec(),
-        ));
-        result.push(RawOperation::Insert(
-            new[new_range.start..new_range.end].to_vec(),
-        ));
-    }
-
-    if common_suffix_len > 0 {
-        result.push(RawOperation::Equal(
-            old[common_suffix.0..common_suffix.0 + common_suffix_len].to_vec(),
-        ));
-    }
-}

backend/reconcile/src/diffs/raw_operation.rs

@@ -1,48 +0,0 @@
-use crate::tokenizer::token::Token;
-
-#[derive(Debug, Clone, PartialEq)]
-pub enum RawOperation<T>
-where
-    T: PartialEq + Clone,
-{
-    Insert(Vec<Token<T>>),
-    Delete(Vec<Token<T>>),
-    Equal(Vec<Token<T>>),
-}
-
-impl<T> RawOperation<T>
-where
-    T: PartialEq + Clone,
-{
-    pub fn tokens(&self) -> &Vec<Token<T>> {
-        match self {
-            RawOperation::Insert(tokens) => tokens,
-            RawOperation::Delete(tokens) => tokens,
-            RawOperation::Equal(tokens) => tokens,
-        }
-    }
-
-    pub fn original_text_length(&self) -> usize {
-        self.tokens().iter().map(Token::get_original_length).sum()
-    }
-
-    pub fn get_original_text(self) -> String { self.tokens().iter().map(Token::original).collect() }
-
-    /// Extends the operation with another operation if returning the new
-    /// operation. Only operations of the same type can be used to extend.
-    /// If the operations are of different types, returns None.
-    pub fn extend(self, other: RawOperation<T>) -> Option<RawOperation<T>> {
-        match (self, other) {
-            (RawOperation::Insert(tokens1), RawOperation::Insert(tokens2)) => Some(
-                RawOperation::Insert(tokens1.into_iter().chain(tokens2).collect()),
-            ),
-            (RawOperation::Delete(tokens1), RawOperation::Delete(tokens2)) => Some(
-                RawOperation::Delete(tokens1.into_iter().chain(tokens2).collect()),
-            ),
-            (RawOperation::Equal(tokens1), RawOperation::Equal(tokens2)) => Some(
-                RawOperation::Equal(tokens1.into_iter().chain(tokens2).collect()),
-            ),
-            _ => None,
-        }
-    }
-}

backend/reconcile/src/lib.rs

@@ -1,7 +0,0 @@
-mod diffs;
-mod operation_transformation;
-mod tokenizer;
-mod utils;
-
-pub use operation_transformation::{reconcile, reconcile_with_tokenizer, EditedText};
-pub use tokenizer::token::Token;

backend/reconcile/src/operation_transformation.rs

@@ -1,200 +0,0 @@
-mod edited_text;
-mod merge_context;
-mod operation;
-
-pub use edited_text::EditedText;
-pub use operation::Operation;
-
-use crate::tokenizer::Tokenizer;
-
-#[must_use]
-pub fn reconcile(original: &str, left: &str, right: &str) -> String {
-    if left == right {
-        return left.to_owned();
-    }
-
-    if original == left {
-        return right.to_owned();
-    }
-
-    if original == right {
-        return left.to_owned();
-    }
-
-    let left_operations = EditedText::from_strings(original, left);
-    let right_operations = EditedText::from_strings(original, right);
-
-    let merged_operations = left_operations.merge(right_operations);
-    merged_operations.apply()
-}
-
-pub fn reconcile_with_tokenizer<F, T>(
-    original: &str,
-    left: &str,
-    right: &str,
-    tokenizer: &Tokenizer<T>,
-) -> String
-where
-    T: PartialEq + Clone,
-{
-    let left_operations = EditedText::from_strings_with_tokenizer(original, left, tokenizer);
-    let right_operations = EditedText::from_strings_with_tokenizer(original, right, tokenizer);
-
-    let merged_operations = left_operations.merge(right_operations);
-    merged_operations.apply()
-}
-
-#[cfg(test)]
-mod test {
-    use std::{fs, ops::Range, path::Path};
-
-    use pretty_assertions::assert_eq;
-    use test_case::test_matrix;
-
-    use super::*;
-
-    #[test]
-    fn test_merges() {
-        // Both replaced one token but different
-        test_merge_both_ways(
-            "original_1 original_2 original_3",
-            "original_1 edit_1 original_3",
-            "original_1 original_2 edit_2",
-            "original_1 edit_1 edit_2",
-        );
-
-        // Both replaced the same one token
-        test_merge_both_ways(
-            "original_1 original_2 original_3",
-            "original_1 edit_1 original_3",
-            "original_1 edit_1 original_3",
-            "original_1 edit_1 original_3",
-        );
-
-        // One deleted a large range, the other deleted subranges and inserted as well
-        test_merge_both_ways(
-            "original_1 original_2 original_3 original_4 original_5",
-            "original_1 original_5",
-            "original_1 edit_1 original_3 edit_2 original_5",
-            "original_1 edit_1 edit_2 original_5",
-        );
-
-        // One deleted a large range, the other inserted and deleted a partially
-        // overlapping range
-        test_merge_both_ways(
-            "original_1 original_2 original_3 original_4 original_5",
-            "original_1 original_5",
-            "original_1 edit_1 original_3 edit_2",
-            "original_1 edit_1 edit_2",
-        );
-
-        // Merge a replace and an append
-        test_merge_both_ways("a b ", "c d ", "a b c d ", "c d c d ");
-
-        test_merge_both_ways("a b c d e", "a e", "a c e", "a e");
-
-        test_merge_both_ways("a 0 1 2 b", "a b", "a E 1 F b", "a E F b");
-
-        test_merge_both_ways(
-            "a this one delete b",
-            "a b",
-            "a my one change b",
-            "a my change b",
-        );
-
-        test_merge_both_ways(
-            "this stays, this is one big delete, don't touch this",
-            "this stays, don't touch this",
-            "this stays, my one change, don't touch this",
-            "this stays, my change, don't touch this",
-        );
-
-        test_merge_both_ways("1 2 3 4 5 6", "1 6", "1 2 4 ", "1 ");
-
-        test_merge_both_ways(
-            "hello world",
-            "hi, world",
-            "hello my friend!",
-            "hi, my friend!",
-        );
-
-        // test_merge_both_ways("hello world", "world !", "hi hello world", "hi world
-        // !");
-
-        test_merge_both_ways(
-            "both delete the same word",
-            "both the same word",
-            "both the same word",
-            "both the same word",
-        );
-
-        test_merge_both_ways("    ", "it’s utf-8!", "   ", "it’s utf-8!");
-
-        test_merge_both_ways(
-            "both delete the same word but one a bit more",
-            "both the same word",
-            "both same word",
-            "both same word",
-        );
-
-        test_merge_both_ways(
-            "long text with one big delete and many small",
-            "long small",
-            "long with big and small",
-            "long small",
-        );
-    }
-
-    #[ignore = "it's too slow"]
-    #[test_matrix( [
-        "pride_and_prejudice.txt",
-        "romeo_and_juliet.txt",
-        "room_with_a_view.txt",
-        "kun_lu.txt",
-
-    ],  [
-        "pride_and_prejudice.txt",
-        "romeo_and_juliet.txt",
-        "room_with_a_view.txt",
-        "kun_lu.txt"
-    ],  [
-        "pride_and_prejudice.txt",
-        "romeo_and_juliet.txt",
-        "room_with_a_view.txt",
-        "kun_lu.txt"
-    ], [0..10000, 10000..20000], [0..10000, 10000..20000], [0..10000, 10000..20000])]
-    fn test_merge_files_without_panic(
-        file_name_1: &str,
-        file_name_2: &str,
-        file_name_3: &str,
-        range_1: Range<usize>,
-        range_2: Range<usize>,
-        range_3: Range<usize>,
-    ) {
-        let files = [file_name_1, file_name_2, file_name_3];
-        let permutations = [range_1, range_2, range_3];
-
-        let root = Path::new("test/resources/");
-
-        let contents = files
-            .iter()
-            .zip(permutations.iter())
-            .map(|(file, range)| {
-                let path = root.join(file);
-                fs::read_to_string(&path)
-                    .unwrap()
-                    .chars()
-                    .skip(range.start)
-                    .take(range.end)
-                    .collect::<String>()
-            })
-            .collect::<Vec<_>>();
-
-        let _ = reconcile(&contents[0], &contents[1], &contents[2]);
-    }
-
-    fn test_merge_both_ways(original: &str, edit_1: &str, edit_2: &str, expected: &str) {
-        assert_eq!(reconcile(original, edit_1, edit_2), expected);
-        assert_eq!(reconcile(original, edit_2, edit_1), expected);
-    }
-}

backend/reconcile/src/operation_transformation/edited_text.rs

@@ -1,299 +0,0 @@
-use core::iter;
-
-#[cfg(feature = "serde")]
-use serde::{Deserialize, Serialize};
-
-use super::Operation;
-use crate::{
-    diffs::{myers::diff, raw_operation::RawOperation},
-    operation_transformation::merge_context::MergeContext,
-    tokenizer::{word_tokenizer::word_tokenizer, Tokenizer},
-    utils::{
-        merge_iters::MergeSorted as _, ordered_operation::OrderedOperation, side::Side,
-        string_builder::StringBuilder,
-    },
-};
-
-/// A sequence of operations that can be applied to a text document.
-/// `EditedText` supports merging two sequences of operations using the
-/// principle of Operational Transformation.
-///
-/// It's mainly created through the `from_strings` method, then merged with
-/// another `EditedText` derived from the same original text and then applied to
-/// the original text to get the reconciled text of concurrent edits.
-#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
-#[derive(Debug, Clone, PartialEq, Default)]
-pub struct EditedText<'a, T>
-where
-    T: PartialEq + Clone,
-{
-    text: &'a str,
-    operations: Vec<OrderedOperation<T>>,
-}
-
-impl<'a> EditedText<'a, String> {
-    /// Create an `EditedText` from the given original (old) and updated (new)
-    /// strings. The returned `EditedText` represents the changes from the
-    /// original to the updated text. When the return value is applied to
-    /// the original text, it will result in the updated text. The default
-    /// word tokenizer is used to tokenize the text which splits the text on
-    /// whitespaces.
-    #[must_use]
-    pub fn from_strings(original: &'a str, updated: &str) -> Self {
-        Self::from_strings_with_tokenizer(original, updated, &word_tokenizer)
-    }
-}
-
-impl<'a, T> EditedText<'a, T>
-where
-    T: PartialEq + Clone,
-{
-    /// Create an `EditedText` from the given original (old) and updated (new)
-    /// strings. The returned `EditedText` represents the changes from the
-    /// original to the updated text. When the return value is applied to
-    /// the original text, it will result in the updated text. The tokenizer
-    /// function is used to tokenize the text.
-    pub fn from_strings_with_tokenizer(
-        original: &'a str,
-        updated: &str,
-        tokenizer: &Tokenizer<T>,
-    ) -> Self {
-        let original_tokens = (tokenizer)(original);
-        let updated_tokens = (tokenizer)(updated);
-
-        let diff: Vec<RawOperation<T>> = diff(&original_tokens, &updated_tokens);
-
-        Self::new(
-            original,
-            // Self::cook_operations(diff),
-            Self::cook_operations(Self::elongate_operations(diff)).collect(),
-        )
-    }
-
-    // Turn raw operations into ordered operations while keeping track of old & new
-    // indexes.
-    fn cook_operations<I>(raw_operations: I) -> impl Iterator<Item = OrderedOperation<T>>
-    where
-        I: IntoIterator<Item = RawOperation<T>>,
-    {
-        let mut new_index = 0; // this is the start index of the operation on the new text
-        let mut order = 0; // this is the start index of the operation on the original text
-
-        raw_operations.into_iter().flat_map(move |raw_operation| {
-            let length = raw_operation.original_text_length();
-
-            let operation = match raw_operation {
-                RawOperation::Equal(..) => {
-                    new_index += length;
-                    order += length;
-
-                    None
-                }
-                RawOperation::Insert(tokens) => {
-                    let op = Operation::create_insert(new_index, tokens)
-                        .map(|operation| OrderedOperation { order, operation });
-
-                    new_index += length;
-
-                    op
-                }
-                RawOperation::Delete(..) => {
-                    let op = if cfg!(debug_assertions) {
-                        Operation::create_delete_with_text(
-                            new_index,
-                            raw_operation.get_original_text(),
-                        )
-                    } else {
-                        Operation::create_delete(new_index, length)
-                    }
-                    .map(|operation| OrderedOperation { order, operation });
-
-                    order += length;
-
-                    op
-                }
-            };
-
-            operation.into_iter()
-        })
-    }
-
-    fn elongate_operations<I>(raw_operations: I) -> Vec<RawOperation<T>>
-    where
-        I: IntoIterator<Item = RawOperation<T>>,
-    {
-        let mut maybe_previous_insert: Option<RawOperation<T>> = None;
-        let mut maybe_previous_delete: Option<RawOperation<T>> = None;
-
-        let mut result: Vec<RawOperation<T>> = raw_operations
-            .into_iter()
-            .flat_map(|next| match next {
-                RawOperation::Insert(..) => {
-                    if let Some(prev) = maybe_previous_insert.take() {
-                        maybe_previous_insert = prev.extend(next);
-                    } else {
-                        maybe_previous_insert = Some(next);
-                    }
-
-                    Box::new(iter::empty()) as Box<dyn Iterator<Item = RawOperation<T>>>
-                }
-                RawOperation::Delete(..) => {
-                    if let Some(prev) = maybe_previous_delete.take() {
-                        maybe_previous_delete = prev.extend(next);
-                    } else {
-                        maybe_previous_delete = Some(next);
-                    }
-
-                    Box::new(iter::empty()) as Box<dyn Iterator<Item = RawOperation<T>>>
-                }
-                RawOperation::Equal(..) => Box::new(
-                    maybe_previous_insert
-                        .take()
-                        .into_iter()
-                        .chain(maybe_previous_delete.take())
-                        .chain(iter::once(next)),
-                )
-                    as Box<dyn Iterator<Item = RawOperation<T>>>,
-            })
-            .collect();
-
-        if let Some(prev) = maybe_previous_insert {
-            result.push(prev);
-        }
-
-        if let Some(prev) = maybe_previous_delete {
-            result.push(prev);
-        }
-
-        result
-    }
-
-    /// Create a new `EditedText` with the given operations.
-    /// The operations must be in the order in which they are meant to be
-    /// applied. The operations must not overlap.
-    fn new(text: &'a str, operations: Vec<OrderedOperation<T>>) -> Self {
-        operations
-            .iter()
-            .zip(operations.iter().skip(1))
-            .for_each(|(previous, next)| {
-                debug_assert!(
-                    previous.operation.start_index() <= next.operation.start_index(),
-                    "{} must not come before {} yet it does",
-                    previous.operation,
-                    next.operation
-                );
-            });
-
-        Self { text, operations }
-    }
-
-    #[must_use]
-    pub fn merge(self, other: Self) -> Self {
-        debug_assert_eq!(
-            self.text, other.text,
-            "EditedTexts must be derived from the same text to be mergable"
-        );
-
-        let mut left_merge_context = MergeContext::default();
-        let mut right_merge_context = MergeContext::default();
-
-        Self::new(
-            self.text,
-            self.operations
-                .into_iter()
-                .map(|op| (op, Side::Left))
-                .merge_sorted_by_key(
-                    other.operations.into_iter().map(|op| (op, Side::Right)),
-                    |(operation, _)| {
-                        (
-                            operation.order,
-                            // Operations on left and right must come in the same order so that
-                            // inserts can be merged with other inserts and deletes with deletes.
-                            usize::from(matches!(operation.operation, Operation::Delete { .. })),
-                        )
-                    },
-                )
-                .flat_map(|(OrderedOperation { order, operation }, side)| {
-                    match side {
-                        Side::Left => operation.merge_operations_with_context(
-                            &mut right_merge_context,
-                            &mut left_merge_context,
-                        ),
-                        Side::Right => operation.merge_operations_with_context(
-                            &mut left_merge_context,
-                            &mut right_merge_context,
-                        ),
-                    }
-                    .map(|operation| OrderedOperation { order, operation })
-                    .into_iter()
-                })
-                .collect(),
-        )
-    }
-
-    /// Apply the operations to the text and return the resulting text.
-    ///
-    /// # Errors
-    ///
-    /// Returns an `SyncLibError::OperationError` if the operations cannot be
-    /// applied to the text.
-    #[must_use]
-    pub fn apply(&self) -> String {
-        let mut builder: StringBuilder<'_> = StringBuilder::new(self.text);
-
-        for OrderedOperation { operation, .. } in &self.operations {
-            builder = operation.apply(builder);
-        }
-
-        builder.build()
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use std::env;
-
-    use pretty_assertions::assert_eq;
-
-    use super::*;
-
-    #[test]
-    fn test_calculate_operations() {
-        let left = "hello world! How are you?  Adam";
-        let right = "Hello, my friend! How are you doing? Albert";
-
-        let operations = EditedText::from_strings(left, right);
-
-        insta::assert_debug_snapshot!(operations);
-
-        let new_right = operations.apply();
-        assert_eq!(new_right.to_string(), right);
-    }
-
-    #[test]
-    fn test_calculate_operations_with_no_diff() {
-        let text = "hello world!";
-
-        let operations = EditedText::from_strings(text, text);
-
-        assert_eq!(operations.operations.len(), 0);
-
-        let new_right = operations.apply();
-
-        assert_eq!(new_right.to_string(), text);
-    }
-
-    #[test]
-    fn test_calculate_operations_with_insert() {
-        let original = "hello world! ...";
-        let left = "Hello world! I'm Andras.";
-        let right = "Hello world! How are you?";
-        let expected = "Hello world! I'm Andras.How are you?";
-
-        let operations_1 = EditedText::from_strings(original, left);
-        let operations_2 = EditedText::from_strings(original, right);
-
-        let operations = operations_1.merge(operations_2);
-        assert_eq!(operations.apply(), expected);
-    }
-}

backend/reconcile/src/operation_transformation/merge_context.rs

@@ -1,91 +0,0 @@
-use core::fmt::Debug;
-
-use crate::operation_transformation::Operation;
-
-#[derive(Clone)]
-pub struct MergeContext<T>
-where
-    T: PartialEq + Clone,
-{
-    last_operation: Option<Operation<T>>,
-    pub shift: i64,
-}
-
-impl<T> Default for MergeContext<T>
-where
-    T: PartialEq + Clone,
-{
-    fn default() -> Self {
-        MergeContext {
-            last_operation: None,
-            shift: 0,
-        }
-    }
-}
-
-impl<T> Debug for MergeContext<T>
-where
-    T: PartialEq + Clone,
-{
-    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
-        f.debug_struct("MergeContext")
-            .field("last_operation", &self.last_operation)
-            .field("shift", &self.shift)
-            .finish()
-    }
-}
-
-impl<T> MergeContext<T>
-where
-    T: PartialEq + Clone,
-{
-    pub fn last_operation(&self) -> Option<&Operation<T>> { self.last_operation.as_ref() }
-
-    /// Replace the last delete operation (if there was one) with a new one
-    /// while applying it to the shift.
-    pub fn consume_and_replace_last_operation(&mut self, operation: Option<Operation<T>>) {
-        if let Some(Operation::Delete {
-            deleted_character_count,
-            ..
-        }) = self.last_operation.take()
-        {
-            self.shift -= deleted_character_count as i64;
-        }
-
-        self.last_operation = operation;
-    }
-
-    pub fn replace_last_operation(&mut self, operation: Option<Operation<T>>) {
-        self.last_operation = operation;
-    }
-
-    /// Remove the last operation (if there was one) in case it is behind the
-    /// threshold operation. This changes the shift in case the last operation
-    /// was a delete.
-    pub fn consume_last_operation_if_it_is_too_behind(
-        &mut self,
-        threshold_operation: &Operation<T>,
-    ) {
-        if let Some(last_operation) = self.last_operation.as_ref() {
-            if let Operation::Delete {
-                deleted_character_count,
-                ..
-            } = last_operation
-            {
-                if threshold_operation.start_index() as i64 + self.shift
-                    > last_operation.end_index() as i64
-                {
-                    self.shift -= *deleted_character_count as i64;
-                    self.last_operation = None;
-                }
-            } else if let Operation::Insert { .. } = last_operation {
-                if threshold_operation.start_index() as i64 + self.shift
-                    - last_operation.len() as i64
-                    > last_operation.end_index() as i64
-                {
-                    self.last_operation = None;
-                }
-            }
-        }
-    }
-}

backend/reconcile/src/operation_transformation/operation.rs

@@ -1,378 +0,0 @@
-use core::{
-    fmt::{Debug, Display},
-    ops::Range,
-};
-
-#[cfg(feature = "serde")]
-use serde::{Deserialize, Serialize};
-
-use super::merge_context::MergeContext;
-use crate::{
-    utils::{find_common_overlap::find_common_overlap, string_builder::StringBuilder},
-    Token,
-};
-
-/// Represents a change that can be applied to a text document.
-/// Operation is tied to a `ropey::Rope` and is mainly expected to be
-/// created by `EditedText`.
-#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
-#[derive(Clone, PartialEq)]
-pub enum Operation<T>
-where
-    T: PartialEq + Clone,
-{
-    Insert {
-        index: usize,
-        text: Vec<Token<T>>,
-    },
-
-    Delete {
-        index: usize,
-        deleted_character_count: usize,
-
-        #[cfg(debug_assertions)]
-        deleted_text: Option<String>,
-    },
-}
-
-impl<T> Operation<T>
-where
-    T: PartialEq + Clone,
-{
-    /// Creates an insert operation with the given index and text.
-    /// If the text is empty (meaning that the operation would be a no-op),
-    /// returns None.
-    pub fn create_insert(index: usize, text: Vec<Token<T>>) -> Option<Self> {
-        if text.is_empty() {
-            return None;
-        }
-
-        Some(Operation::Insert { index, text })
-    }
-
-    /// Creates a delete operation with the given index and number of
-    /// to-be-deleted characters. If the operation would delete 0 (meaning
-    /// that the operation would be a no-op), returns None.
-    pub fn create_delete(index: usize, deleted_character_count: usize) -> Option<Self> {
-        if deleted_character_count == 0 {
-            return None;
-        }
-
-        Some(Operation::Delete {
-            index,
-            deleted_character_count,
-
-            #[cfg(debug_assertions)]
-            deleted_text: None,
-        })
-    }
-
-    pub fn create_delete_with_text(index: usize, text: String) -> Option<Self> {
-        if text.is_empty() {
-            return None;
-        }
-
-        Some(Operation::Delete {
-            index,
-            deleted_character_count: text.chars().count(),
-
-            #[cfg(debug_assertions)]
-            deleted_text: Some(text),
-        })
-    }
-
-    /// Tries to apply the operation to the given `ropey::Rope` text, returning
-    /// the modified text.
-    ///
-    /// # Errors
-    ///
-    /// Returns a `SyncLibError::OperationApplicationError` if the operation
-    /// cannot be applied.
-    ///
-    /// # Panics
-    ///
-    /// When compiled in debug mode, panics if a delete operation is attempted
-    /// on a range of text that does not match the text to be deleted.
-    pub fn apply<'a>(&self, mut builder: StringBuilder<'a>) -> StringBuilder<'a> {
-        match self {
-            Operation::Insert { text, .. } => builder.insert(
-                self.start_index(),
-                &text.iter().map(Token::original).collect::<String>(),
-            ),
-            Operation::Delete {
-                #[cfg(debug_assertions)]
-                deleted_text,
-                ..
-            } => {
-                #[cfg(debug_assertions)]
-                debug_assert!(
-                    deleted_text
-                        .as_ref()
-                        .is_none_or(|text| builder.get_slice(self.range()) == *text),
-                    "Text to delete does not match the text in the range"
-                );
-
-                builder.delete(self.range());
-            }
-        };
-
-        builder
-    }
-
-    /// Returns the index of the first character that the operation affects.
-    pub fn start_index(&self) -> usize {
-        match self {
-            Operation::Insert { index, .. } => *index,
-            Operation::Delete { index, .. } => *index,
-        }
-    }
-
-    /// Returns the index of the last character that the operation affects.
-    pub fn end_index(&self) -> usize {
-        debug_assert!(
-            self.len() > 0,
-            " len() must be greater than 0 because operations must be non-empty"
-        );
-        self.start_index() + self.len() - 1
-    }
-
-    /// Returns the range of indices of characters that the operation affects.
-    pub fn range(&self) -> Range<usize> { self.start_index()..self.end_index() + 1 }
-
-    /// Returns the number of affected characters. It is always greater than 0
-    /// because empty operations cannot be created.
-    pub fn len(&self) -> usize {
-        match self {
-            Operation::Insert { text, .. } => text.iter().map(Token::get_original_length).sum(),
-            Operation::Delete {
-                deleted_character_count,
-                ..
-            } => *deleted_character_count,
-        }
-    }
-
-    /// Creates a new operation with the same type and text but with the given
-    /// index.
-    pub fn with_index(self, index: usize) -> Self {
-        match self {
-            Operation::Insert { text, .. } => Operation::Insert { index, text },
-            Operation::Delete {
-                deleted_character_count,
-
-                #[cfg(debug_assertions)]
-                deleted_text,
-                ..
-            } => Operation::Delete {
-                index,
-                deleted_character_count,
-
-                #[cfg(debug_assertions)]
-                deleted_text,
-            },
-        }
-    }
-
-    /// Creates a new operation with the same type and text but with the index
-    /// shifted by the given offset. The offset can be negative but the
-    /// resulting index must be non-negative.
-    ///
-    /// # Panics
-    ///
-    /// In debug mode, panics if the resulting index is negative.
-    pub fn with_shifted_index(self, offset: i64) -> Self {
-        let index = self.start_index() as i64 + offset;
-        debug_assert!(index >= 0, "Shifted index must be non-negative");
-
-        self.with_index(index as usize)
-    }
-
-    /// Merges the operation with the given context, producing a new operation
-    /// and updating the context. This implements a comples FSM that handles
-    /// the merging of operations in a way that is consistent with the text.
-    /// The contexts are updated in-place.
-    pub fn merge_operations_with_context(
-        self,
-        affecting_context: &mut MergeContext<T>,
-        produced_context: &mut MergeContext<T>,
-    ) -> Option<Operation<T>> {
-        affecting_context.consume_last_operation_if_it_is_too_behind(&self);
-        let operation = self.with_shifted_index(affecting_context.shift);
-
-        match (operation, affecting_context.last_operation()) {
-            (operation @ Operation::Insert { .. }, None) => {
-                produced_context.shift += operation.len() as i64;
-                produced_context.consume_and_replace_last_operation(Some(operation.clone()));
-                Some(operation)
-            }
-
-            (
-                Operation::Insert { text, index },
-                Some(Operation::Insert {
-                    text: previous_inserted_text,
-                    ..
-                }),
-            ) => {
-                let offset_in_tokens = find_common_overlap(previous_inserted_text, &text);
-                let trimmed_length_in_tokens = previous_inserted_text.len() - offset_in_tokens;
-                let trimmed_length = previous_inserted_text
-                    .iter()
-                    .skip(offset_in_tokens)
-                    .map(Token::get_original_length)
-                    .sum::<usize>();
-                let trimmed_operation =
-                    Operation::create_insert(index, text[trimmed_length_in_tokens..].to_vec());
-
-                affecting_context.shift -= trimmed_length as i64;
-                produced_context.shift += trimmed_operation
-                    .as_ref()
-                    .map(Operation::len)
-                    .unwrap_or_default() as i64;
-                produced_context.consume_and_replace_last_operation(trimmed_operation.clone());
-
-                trimmed_operation
-            }
-
-            (operation @ Operation::Delete { .. }, None | Some(Operation::Insert { .. })) => {
-                produced_context.consume_and_replace_last_operation(Some(operation.clone()));
-                Some(operation)
-            }
-
-            (
-                operation @ Operation::Insert { .. },
-                Some(last_delete @ Operation::Delete { .. }),
-            ) => {
-                produced_context.shift += operation.len() as i64;
-
-                debug_assert!(
-                    last_delete.range().contains(&operation.start_index()),
-                    "There is a last delete ({last_delete}) but the operation ({operation}) is \
-                     not contained in it"
-                );
-
-                let difference = operation.start_index() as i64 - last_delete.start_index() as i64;
-
-                let moved_operation = operation.with_index(last_delete.start_index());
-
-                affecting_context.replace_last_operation(Operation::create_delete(
-                    moved_operation.end_index() + 1,
-                    (last_delete.len() as i64 - difference) as usize,
-                ));
-                affecting_context.shift -= difference;
-
-                produced_context.consume_and_replace_last_operation(Some(moved_operation.clone()));
-
-                Some(moved_operation)
-            }
-
-            (
-                operation @ Operation::Delete { .. },
-                Some(last_delete @ Operation::Delete { .. }),
-            ) => {
-                debug_assert!(
-                    last_delete.range().contains(&operation.start_index()),
-                    "There is a last delete ({last_delete}) but the operation ({operation}) is \
-                     not contained in it"
-                );
-
-                let difference = operation.start_index() as i64 - last_delete.start_index() as i64;
-
-                let updated_delete = Operation::create_delete(
-                    last_delete.start_index(),
-                    0.max(operation.end_index() as i64 - last_delete.end_index() as i64) as usize,
-                );
-
-                affecting_context.replace_last_operation(Operation::create_delete(
-                    last_delete.start_index(),
-                    0.max(last_delete.end_index() as i64 - operation.end_index() as i64) as usize,
-                ));
-                affecting_context.shift -= difference;
-
-                produced_context.consume_and_replace_last_operation(updated_delete.clone());
-
-                updated_delete
-            }
-        }
-    }
-}
-
-impl<T> Display for Operation<T>
-where
-    T: PartialEq + Clone,
-{
-    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
-        match self {
-            Operation::Insert { index, text } => {
-                write!(
-                    f,
-                    "<insert '{}' from index {}>",
-                    text.iter().map(Token::original).collect::<String>(),
-                    index
-                )
-            }
-            Operation::Delete {
-                index,
-                deleted_character_count,
-
-                #[cfg(debug_assertions)]
-                deleted_text,
-            } => {
-                #[cfg(debug_assertions)]
-                write!(
-                    f,
-                    "<delete {} from index {}>",
-                    deleted_text
-                        .as_ref()
-                        .map(|text| format!("'{text}'"))
-                        .unwrap_or(format!("{deleted_character_count} characters")),
-                    index
-                )?;
-
-                #[cfg(not(debug_assertions))]
-                write!(
-                    f,
-                    "<delete {deleted_character_count} characters from index {index}>",
-                )?;
-
-                Ok(())
-            }
-        }
-    }
-}
-
-impl<T> Debug for Operation<T>
-where
-    T: PartialEq + Clone,
-{
-    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result { write!(f, "{self}") }
-}
-
-#[cfg(test)]
-mod tests {
-    use pretty_assertions::assert_eq;
-
-    use super::*;
-
-    #[test]
-    #[should_panic]
-    fn test_shifting_error() {
-        insta::assert_debug_snapshot!(Operation::create_insert(1, vec!["hi".into()])
-            .unwrap()
-            .with_shifted_index(-2));
-    }
-
-    #[test]
-    fn test_apply_delete_with_create() {
-        let builder = StringBuilder::new("hello world");
-        let operation = Operation::<()>::create_delete_with_text(5, " world".to_owned()).unwrap();
-
-        assert_eq!(operation.apply(builder).build(), "hello");
-    }
-
-    #[test]
-    fn test_apply_insert() {
-        let builder = StringBuilder::new("hello");
-        let operation = Operation::create_insert(5, vec![" my friend".into()]).unwrap();
-
-        assert_eq!(operation.apply(builder).build(), "hello my friend");
-    }
-}

backend/reconcile/src/operation_transformation/snapshots/reconcile__operation_transformation__edited_text__tests__calculate_operations.snap

@@ -1,26 +0,0 @@
----
-source: reconcile/src/operation_transformation/edited_text.rs
-expression: operations
-snapshot_kind: text
----
-EditedText {
-    text: "hello world! How are you?  Adam",
-    operations: [
-        OrderedOperation {
-            order: 0,
-            operation: <insert 'Hello, my friend! ' from index 0>,
-        },
-        OrderedOperation {
-            order: 0,
-            operation: <delete 'hello world! ' from index 18>,
-        },
-        OrderedOperation {
-            order: 21,
-            operation: <insert 'you doing? Albert' from index 26>,
-        },
-        OrderedOperation {
-            order: 21,
-            operation: <delete 'you?  Adam' from index 43>,
-        },
-    ],
-}

backend/reconcile/src/operation_transformation/snapshots/reconcile__operations__edited_text__tests__calculate_operations.snap

@@ -1,61 +0,0 @@
----
-source: reconcile/src/operations/edited_text.rs
-expression: operations
-snapshot_kind: text
----
-EditedText {
-    text: "hello world! How are you?  Adam",
-    operations: [
-        OrderedOperation {
-            order: 0,
-            operation: Insert {
-                index: 0,
-                text: "Hello, my friend! ",
-            },
-        },
-        OrderedOperation {
-            order: 0,
-            operation: Delete {
-                index: 18,
-                deleted_character_count: 13,
-                deleted_text: Some(
-                    "hello world! ",
-                ),
-            },
-        },
-        OrderedOperation {
-            order: 21,
-            operation: Delete {
-                index: 26,
-                deleted_character_count: 5,
-                deleted_text: Some(
-                    "you? ",
-                ),
-            },
-        },
-        OrderedOperation {
-            order: 26,
-            operation: Delete {
-                index: 26,
-                deleted_character_count: 5,
-                deleted_text: Some(
-                    " Adam",
-                ),
-            },
-        },
-        OrderedOperation {
-            order: 31,
-            operation: Insert {
-                index: 26,
-                text: "you ",
-            },
-        },
-        OrderedOperation {
-            order: 31,
-            operation: Insert {
-                index: 30,
-                text: "doing? Albert",
-            },
-        },
-    ],
-}

backend/reconcile/src/operation_transformation/snapshots/reconcile__operations__operation_sequence__tests__calculate_operations.snap

@@ -1,60 +0,0 @@
----
-source: reconcile/src/operations/operation_sequence.rs
-expression: operations
-snapshot_kind: text
----
-EditedText {
-    operations: [
-        OrderedOperation {
-            order: 0,
-            operation: Insert {
-                index: 0,
-                text: "Hello, my friend! ",
-            },
-        },
-        OrderedOperation {
-            order: 0,
-            operation: Delete {
-                index: 18,
-                deleted_character_count: 13,
-                deleted_text: Some(
-                    "hello world! ",
-                ),
-            },
-        },
-        OrderedOperation {
-            order: 21,
-            operation: Delete {
-                index: 26,
-                deleted_character_count: 5,
-                deleted_text: Some(
-                    "you? ",
-                ),
-            },
-        },
-        OrderedOperation {
-            order: 26,
-            operation: Delete {
-                index: 26,
-                deleted_character_count: 5,
-                deleted_text: Some(
-                    " Adam",
-                ),
-            },
-        },
-        OrderedOperation {
-            order: 31,
-            operation: Insert {
-                index: 26,
-                text: "you ",
-            },
-        },
-        OrderedOperation {
-            order: 31,
-            operation: Insert {
-                index: 30,
-                text: "doing? Albert",
-            },
-        },
-    ],
-}

backend/reconcile/src/tokenizer.rs

@@ -1,6 +0,0 @@
-use token::Token;
-
-pub mod token;
-pub mod word_tokenizer;
-
-pub type Tokenizer<T> = dyn Fn(&str) -> Vec<Token<T>>;

backend/reconcile/src/tokenizer/token.rs

@@ -1,49 +0,0 @@
-#[cfg(feature = "serde")]
-use serde::{Deserialize, Serialize};
-
-/// A token is a string that has been normalised in some way.
-/// The normalised form is used for comparison, while the original form is used
-/// for applying Operations.
-#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
-#[derive(Debug, Clone)]
-pub struct Token<T>
-where
-    T: PartialEq + Clone,
-{
-    normalised: T,
-    original: String,
-}
-
-impl From<&str> for Token<String> {
-    fn from(s: &str) -> Self {
-        Token {
-            normalised: s.to_owned(),
-            original: s.to_owned(),
-        }
-    }
-}
-
-impl<T> Token<T>
-where
-    T: PartialEq + Clone,
-{
-    pub fn new(normalised: T, original: String) -> Self {
-        Token {
-            normalised,
-            original,
-        }
-    }
-
-    pub fn original(&self) -> &str { &self.original }
-
-    pub fn normalised(&self) -> &T { &self.normalised }
-
-    pub fn get_original_length(&self) -> usize { self.original.chars().count() }
-}
-
-impl<T> PartialEq for Token<T>
-where
-    T: PartialEq + Clone,
-{
-    fn eq(&self, other: &Self) -> bool { self.normalised == other.normalised }
-}

backend/reconcile/src/tokenizer/word_tokenizer.rs

@@ -1,7 +0,0 @@
-use super::token::Token;
-
-pub fn word_tokenizer(text: &str) -> Vec<Token<String>> {
-    text.split_inclusive(char::is_whitespace)
-        .map(|s| Token::new(s.to_owned(), s.to_owned()))
-        .collect()
-}

backend/reconcile/src/utils.rs

@@ -1,7 +0,0 @@
-pub mod common_prefix_len;
-pub mod common_suffix_len;
-pub mod find_common_overlap;
-pub mod merge_iters;
-pub mod ordered_operation;
-pub mod side;
-pub mod string_builder;

backend/reconcile/src/utils/common_prefix_len.rs

@@ -1,47 +0,0 @@
-use core::ops::{Index, Range};
-
-/// Given two lookups and ranges calculates the length of the common prefix.
-/// Copied from <https://github.com/mitsuhiko/similar/blob/7e15c44de11a1cd61e1149189929e189ef977fd8/src/algorithms/utils.rs>
-pub fn common_prefix_len<Old, New>(
-    old: &Old,
-    old_range: Range<usize>,
-    new: &New,
-    new_range: Range<usize>,
-) -> usize
-where
-    Old: Index<usize> + ?Sized,
-    New: Index<usize> + ?Sized,
-    New::Output: PartialEq<Old::Output>,
-{
-    new_range
-        .zip(old_range)
-        .take_while(|x| new[x.0] == old[x.1])
-        .count()
-}
-
-#[cfg(test)]
-mod tests {
-    use pretty_assertions::assert_eq;
-
-    use super::*;
-
-    #[test]
-    fn test_common_prefix_len() {
-        assert_eq!(
-            common_prefix_len("".as_bytes(), 0..0, "".as_bytes(), 0..0),
-            0
-        );
-        assert_eq!(
-            common_prefix_len("foobarbaz".as_bytes(), 0..9, "foobarblah".as_bytes(), 0..10),
-            7
-        );
-        assert_eq!(
-            common_prefix_len("foobarbaz".as_bytes(), 0..9, "blablabla".as_bytes(), 0..9),
-            0
-        );
-        assert_eq!(
-            common_prefix_len("foobarbaz".as_bytes(), 3..9, "foobarblah".as_bytes(), 3..10),
-            4
-        );
-    }
-}

backend/reconcile/src/utils/common_suffix_len.rs

@@ -1,48 +0,0 @@
-use core::ops::{Index, Range};
-
-/// Given two lookups and ranges calculates the length of common suffix.
-/// Copied from <https://github.com/mitsuhiko/similar/blob/7e15c44de11a1cd61e1149189929e189ef977fd8/src/algorithms/utils.rs>
-pub fn common_suffix_len<Old, New>(
-    old: &Old,
-    old_range: Range<usize>,
-    new: &New,
-    new_range: Range<usize>,
-) -> usize
-where
-    Old: Index<usize> + ?Sized,
-    New: Index<usize> + ?Sized,
-    New::Output: PartialEq<Old::Output>,
-{
-    new_range
-        .rev()
-        .zip(old_range.rev())
-        .take_while(|x| new[x.0] == old[x.1])
-        .count()
-}
-
-#[cfg(test)]
-mod tests {
-    use pretty_assertions::assert_eq;
-
-    use super::*;
-
-    #[test]
-    fn test_common_suffix_len() {
-        assert_eq!(
-            common_suffix_len("".as_bytes(), 0..0, "".as_bytes(), 0..0),
-            0
-        );
-        assert_eq!(
-            common_suffix_len("1234".as_bytes(), 0..4, "X0001234".as_bytes(), 0..8),
-            4
-        );
-        assert_eq!(
-            common_suffix_len("1234".as_bytes(), 0..4, "Xxxx".as_bytes(), 0..4),
-            0
-        );
-        assert_eq!(
-            common_suffix_len("1234".as_bytes(), 2..4, "01234".as_bytes(), 2..5),
-            2
-        );
-    }
-}

backend/reconcile/src/utils/find_common_overlap.rs

@@ -1,71 +0,0 @@
-use crate::Token;
-
-/// Given two lists of tokens, returns the offset in the first (old) list from
-/// which the two lists have the same tokens until the end of the first list.
-/// Thus, the suffix of the old list from the offset to the end is equal to a
-/// prefix of the new list.
-///
-/// If there is no overlap, the function returns the maxmium offset, the length
-/// of the old list.
-///
-/// ## Example
-///
-/// ```not_rust
-/// old: [0, 1, 9, 0, 2, 5]
-/// new:       [9, 0, 2, 5, 1]
-/// ```
-/// > results in an offset of 2
-pub fn find_common_overlap<T>(old: &[Token<T>], new: &[Token<T>]) -> usize
-where
-    T: PartialEq + Clone,
-{
-    let minimum_offset = old.len().saturating_sub(new.len());
-    for offset in minimum_offset..old.len() {
-        if old.iter().skip(offset).zip(new.iter()).all(|(a, b)| a == b) {
-            return offset;
-        }
-    }
-
-    old.len()
-}
-
-#[cfg(test)]
-mod tests {
-    use pretty_assertions::assert_eq;
-
-    use super::*;
-
-    #[test]
-    fn test_common_overlap() {
-        assert_eq!(find_common_overlap(&["".into()], &["".into()]), 0);
-
-        assert_eq!(
-            find_common_overlap(
-                &["a".into(), "b".into(), "c".into()],
-                &["b".into(), "c".into(), "a".into()]
-            ),
-            1
-        );
-
-        assert_eq!(
-            find_common_overlap(
-                &["a".into(), "a".into(), "a".into()],
-                &["a".into(), "b".into(), "c".into()]
-            ),
-            2
-        );
-
-        assert_eq!(
-            find_common_overlap(
-                &["a".into(), "b".into(), "c".into()],
-                &["d".into(), "e".into(), "a".into()]
-            ),
-            3
-        );
-
-        assert_eq!(
-            find_common_overlap(&["a".into(), "a".into()], &["a".into()]),
-            1
-        );
-    }
-}

backend/reconcile/src/utils/merge_iters.rs

@@ -1,87 +0,0 @@
-use core::{cmp::Ordering, iter::Peekable};
-
-pub struct MergeAscending<L, R, F, O>
-where
-    L: Iterator<Item = R::Item>,
-    R: Iterator,
-    F: Fn(&R::Item) -> O,
-    O: PartialOrd,
-{
-    left: Peekable<L>,
-    right: Peekable<R>,
-    get_key: F,
-}
-
-impl<L, R, F, O> MergeAscending<L, R, F, O>
-where
-    L: Iterator<Item = R::Item>,
-    R: Iterator,
-    F: Fn(&R::Item) -> O,
-    O: PartialOrd,
-{
-    fn new(left: L, right: R, get_key: F) -> Self {
-        MergeAscending {
-            left: left.peekable(),
-            right: right.peekable(),
-            get_key,
-        }
-    }
-}
-
-impl<L, R, F, O> Iterator for MergeAscending<L, R, F, O>
-where
-    L: Iterator<Item = R::Item>,
-    R: Iterator,
-    F: Fn(&R::Item) -> O,
-    O: PartialOrd,
-{
-    type Item = L::Item;
-
-    fn next(&mut self) -> Option<L::Item> {
-        let order = match (self.left.peek(), self.right.peek()) {
-            (Some(l), Some(r)) => (self.get_key)(l).partial_cmp(&(self.get_key)(r)),
-            (Some(_), None) => Some(Ordering::Less),
-            (None, Some(_)) => Some(Ordering::Greater),
-            (None, None) => return None,
-        };
-
-        match order {
-            Some(Ordering::Less) | None => self.left.next(),
-            Some(Ordering::Equal) => self.left.next(),
-            Some(Ordering::Greater) => self.right.next(),
-        }
-    }
-}
-
-pub trait MergeSorted: Iterator {
-    fn merge_sorted_by_key<R, F, O>(self, other: R, get_key: F) -> MergeAscending<Self, R, F, O>
-    where
-        Self: Sized,
-        R: Iterator<Item = Self::Item>,
-        F: Fn(&Self::Item) -> O,
-        O: PartialOrd,
-    {
-        MergeAscending::new(self, other, get_key)
-    }
-}
-
-impl<T: ?Sized> MergeSorted for T where T: Iterator {}
-
-#[cfg(test)]
-mod tests {
-    use pretty_assertions::assert_eq;
-
-    use super::*;
-
-    #[test]
-    fn test_merge_sorted_by_key() {
-        let left = [9, 7, 5, 3, 1];
-        let right = [7, 6, 5, 4, 3];
-
-        let result: Vec<i32> = left
-            .into_iter()
-            .merge_sorted_by_key(right.into_iter(), |x| -1 * x)
-            .collect();
-        assert_eq!(result, vec![9, 7, 7, 6, 5, 5, 4, 3, 3, 1]);
-    }
-}

backend/reconcile/src/utils/ordered_operation.rs

@@ -1,14 +0,0 @@
-#[cfg(feature = "serde")]
-use serde::{Deserialize, Serialize};
-
-use crate::operation_transformation::Operation;
-
-#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
-#[derive(Debug, Clone, PartialEq)]
-pub struct OrderedOperation<T>
-where
-    T: PartialEq + Clone,
-{
-    pub order: usize,
-    pub operation: Operation<T>,
-}

backend/reconcile/src/utils/side.rs

@@ -1,4 +0,0 @@
-pub enum Side {
-    Left,
-    Right,
-}

backend/reconcile/src/utils/string_builder.rs

@@ -1,111 +0,0 @@
-use core::ops::Range;
-
-/// A helper for building a string in order based on an original string and a
-/// series of insertions and deletions applied to it. It is safe to use with
-/// UTF-8 strings as all operations are based on character indices.
-#[derive(Debug, Clone)]
-pub struct StringBuilder<'a> {
-    original: &'a str,
-    last_old_char_index: usize,
-    buffer: String,
-}
-
-impl StringBuilder<'_> {
-    pub fn new(original: &str) -> StringBuilder<'_> {
-        StringBuilder {
-            original,
-            last_old_char_index: 0,
-            buffer: String::with_capacity(original.len()),
-        }
-    }
-
-    /// Insert a string at the given index after copying the original string up
-    /// to that index from the last insertion or deletion.
-    pub fn insert(&mut self, from: usize, text: &str) {
-        self.copy_until(from);
-        self.buffer.push_str(text);
-    }
-
-    /// Delete a string at the given index after copying the original string up
-    /// to that index from the last insertion or deletion.
-    pub fn delete(&mut self, range: core::ops::Range<usize>) {
-        self.copy_until(range.start);
-        self.last_old_char_index += range.len();
-    }
-
-    fn copy_until(&mut self, index: usize) {
-        let current_char_count = self.buffer.chars().count();
-        debug_assert!(
-            index >= current_char_count,
-            "String builder only support building in order"
-        );
-
-        let jump = index - current_char_count;
-
-        self.buffer.push_str(
-            &self
-                .original
-                .chars()
-                .skip(self.last_old_char_index)
-                .take(jump)
-                .collect::<String>(),
-        );
-        self.last_old_char_index += jump;
-    }
-
-    /// Finish building the string after copying the remaining original string
-    /// since the last insertion or deletion.
-    pub fn build(mut self) -> String {
-        self.buffer.push_str(
-            &self
-                .original
-                .chars()
-                .skip(self.last_old_char_index)
-                .collect::<String>(),
-        );
-
-        self.buffer
-    }
-
-    #[allow(dead_code)]
-    pub fn get_slice(&self, range: Range<usize>) -> String {
-        let result = self
-            .buffer
-            .chars()
-            .chain(self.original.chars().skip(self.last_old_char_index))
-            .skip(range.start)
-            .take(range.end - range.start)
-            .collect::<String>();
-
-        debug_assert_eq!(result.chars().count(), range.len(), "Range out of bounds",);
-
-        result
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn test_string_builder() {
-        let original = "aaa bbb ccc";
-        let mut builder = StringBuilder::new(original);
-
-        builder.insert(0, "ddd ");
-        builder.delete(4..8);
-        builder.insert(11, " eee");
-
-        assert_eq!(builder.build(), "ddd bbb ccc eee");
-    }
-
-    #[test]
-    fn test_string_builder2() {
-        let original = "abcde";
-        let mut builder = StringBuilder::new(original);
-
-        builder.delete(1..4);
-
-        assert_eq!(builder.build(), "ae");
-    }
-}

backend/rustfmt.toml

@@ -1,8 +0,0 @@
-imports_granularity = "crate"
-condense_wildcard_suffixes = true
-fn_single_line = true
-format_strings = true
-reorder_impl_items = true
-group_imports = "StdExternalCrate"
-use_field_init_shorthand = true
-wrap_comments=true

backend/sync_lib/Cargo.toml

@@ -1,32 +0,0 @@
-[package]
-name = "sync_lib"
-version = "0.0.8"
-authors = ["Andras Schmelczer <andras@schmelczer.dev>"]
-edition = "2018"
-
-[lib]
-crate-type = ["cdylib", "rlib"]
-
-[dependencies]
-base64 = "0.22.1"
-reconcile = { path = "../reconcile" }
-wasm-bindgen = "0.2.84"
-getrandom = { version = "0.2.3", features = ["js"] }
-thiserror = { workspace = true }
-
-# The `console_error_panic_hook` crate provides better debugging of panics by
-# logging them with `console.error`. This is great for development, but requires
-# all the `std::fmt` and `std::panicking` infrastructure, so isn't great for
-# code size when deploying.
-console_error_panic_hook = { version = "0.1.7", optional = true }
-
-wee_alloc = { version = "0.4.5", optional = true }
-
-[dev-dependencies]
-wasm-bindgen-test = "0.3.34"
-
-[features]
-default = ["console_error_panic_hook"]
-
-[lints]
-workspace = true

backend/sync_lib/README.md

@@ -1,84 +0,0 @@
-<div align="center">
-
-  <h1><code>wasm-pack-template</code></h1>
-
-  <strong>A template for kick starting a Rust and WebAssembly project using <a href="https://github.com/rustwasm/wasm-pack">wasm-pack</a>.</strong>
-
-  <p>
-    <a href="https://travis-ci.org/rustwasm/wasm-pack-template"><img src="https://img.shields.io/travis/rustwasm/wasm-pack-template.svg?style=flat-square" alt="Build Status" /></a>
-  </p>
-
-  <h3>
-    <a href="https://rustwasm.github.io/docs/wasm-pack/tutorials/npm-browser-packages/index.html">Tutorial</a>
-    <span> | </span>
-    <a href="https://discordapp.com/channels/442252698964721669/443151097398296587">Chat</a>
-  </h3>
-
-  <sub>Built with 🦀🕸 by <a href="https://rustwasm.github.io/">The Rust and WebAssembly Working Group</a></sub>
-</div>
-
-## About
-
-[**📚 Read this template tutorial! 📚**][template-docs]
-
-This template is designed for compiling Rust libraries into WebAssembly and
-publishing the resulting package to NPM.
-
-Be sure to check out [other `wasm-pack` tutorials online][tutorials] for other
-templates and usages of `wasm-pack`.
-
-[tutorials]: https://rustwasm.github.io/docs/wasm-pack/tutorials/index.html
-[template-docs]: https://rustwasm.github.io/docs/wasm-pack/tutorials/npm-browser-packages/index.html
-
-## 🚴 Usage
-
-### 🐑 Use `cargo generate` to Clone this Template
-
-[Learn more about `cargo generate` here.](https://github.com/ashleygwilliams/cargo-generate)
-
-```
-cargo generate --git https://github.com/rustwasm/wasm-pack-template.git --name my-project
-cd my-project
-```
-
-### 🛠️ Build with `wasm-pack build`
-
-```
-wasm-pack build
-```
-
-### 🔬 Test in Headless Browsers with `wasm-pack test`
-
-```
-wasm-pack test --headless --firefox
-```
-
-### 🎁 Publish to NPM with `wasm-pack publish`
-
-```
-wasm-pack publish
-```
-
-## 🔋 Batteries Included
-
-* [`wasm-bindgen`](https://github.com/rustwasm/wasm-bindgen) for communicating
-  between WebAssembly and JavaScript.
-* [`console_error_panic_hook`](https://github.com/rustwasm/console_error_panic_hook)
-  for logging panic messages to the developer console.
-* `LICENSE-APACHE` and `LICENSE-MIT`: most Rust projects are licensed this way, so these are included for you
-
-## License
-
-Licensed under either of
-
-* Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)
-* MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)
-
-at your option.
-
-### Contribution
-
-Unless you explicitly state otherwise, any contribution intentionally
-submitted for inclusion in the work by you, as defined in the Apache-2.0
-license, shall be dual licensed as above, without any additional terms or
-conditions.

backend/sync_lib/src/errors.rs

@@ -1,42 +0,0 @@
-use std::str::Utf8Error;
-
-use base64::DecodeError;
-use thiserror::Error;
-use wasm_bindgen::JsValue;
-
-#[derive(Error, Debug)]
-pub enum SyncLibError {
-    #[error("Base64 decoding error because of {}", .reason)]
-    Base64DecodingError { reason: String },
-
-    #[error("Bytes cannot be decoded as UTF-8 string because of {}", .reason)]
-    StringDecodingError { reason: String },
-}
-
-impl From<DecodeError> for SyncLibError {
-    fn from(e: DecodeError) -> Self {
-        SyncLibError::Base64DecodingError {
-            reason: e.to_string(),
-        }
-    }
-}
-
-impl From<Utf8Error> for SyncLibError {
-    fn from(e: Utf8Error) -> Self {
-        SyncLibError::StringDecodingError {
-            reason: e.to_string(),
-        }
-    }
-}
-
-impl From<std::string::FromUtf8Error> for SyncLibError {
-    fn from(e: std::string::FromUtf8Error) -> Self {
-        SyncLibError::Base64DecodingError {
-            reason: e.to_string(),
-        }
-    }
-}
-
-impl From<SyncLibError> for JsValue {
-    fn from(val: SyncLibError) -> Self { JsValue::from_str(&val.to_string()) }
-}

backend/sync_lib/src/lib.rs

@@ -1,64 +0,0 @@
-use core::str;
-
-use base64::{engine::general_purpose::STANDARD_NO_PAD, Engine as _};
-use errors::SyncLibError;
-use wasm_bindgen::prelude::*;
-
-pub mod errors;
-
-// When the `wee_alloc` feature is enabled, use `wee_alloc` as the global
-// allocator.
-#[cfg(feature = "wee_alloc")]
-#[global_allocator]
-static ALLOC: wee_alloc::WeeAlloc<'_> = wee_alloc::WeeAlloc::INIT;
-
-#[wasm_bindgen(js_name = bytesToBase64)]
-pub fn bytes_to_base64(input: &[u8]) -> String { STANDARD_NO_PAD.encode(input) }
-
-#[wasm_bindgen(js_name = stringToBase64)]
-pub fn string_to_base64(input: &str) -> String { bytes_to_base64(input.as_bytes()) }
-
-#[wasm_bindgen(js_name = base64ToBytes)]
-pub fn base64_to_bytes(input: &str) -> Result<Vec<u8>, SyncLibError> {
-    STANDARD_NO_PAD.decode(input).map_err(SyncLibError::from)
-}
-
-#[wasm_bindgen(js_name = base64ToString)]
-pub fn base64_to_string(input: &str) -> Result<String, SyncLibError> {
-    let bytes = base64_to_bytes(input)?;
-    String::from_utf8(bytes).map_err(SyncLibError::from)
-}
-
-#[wasm_bindgen]
-pub fn merge(parent: &[u8], left: &[u8], right: &[u8]) -> Result<Vec<u8>, SyncLibError> {
-    Ok(if is_binary(right) {
-        right.to_vec()
-    } else {
-        reconcile::reconcile(
-            str::from_utf8(parent).map_err(SyncLibError::from)?,
-            str::from_utf8(left).map_err(SyncLibError::from)?,
-            str::from_utf8(right).map_err(SyncLibError::from)?,
-        )
-        .into_bytes()
-    })
-}
-
-#[wasm_bindgen(js_name = mergeText)]
-pub fn merge_text(parent: &str, left: &str, right: &str) -> String {
-    reconcile::reconcile(parent, left, right)
-}
-
-#[wasm_bindgen(js_name = isBinary)]
-pub fn is_binary(data: &[u8]) -> bool { data.iter().any(|&b| b == 0) }
-
-#[wasm_bindgen(js_name = setPanicHook)]
-pub fn set_panic_hook() {
-    // When the `console_error_panic_hook` feature is enabled, we can call the
-    // `set_panic_hook` function at least once during initialization, and then
-    // we will get better error messages if our code ever panics.
-    //
-    // For more details see
-    // https://github.com/rustwasm/console_error_panic_hook#readme
-    #[cfg(feature = "console_error_panic_hook")]
-    console_error_panic_hook::set_once();
-}

backend/sync_lib/tests/web.rs

@@ -1,13 +0,0 @@
-//! Test suite for the Web and headless browsers.
-
-#![cfg(target_arch = "wasm32")]
-
-extern crate wasm_bindgen_test;
-use wasm_bindgen_test::*;
-
-wasm_bindgen_test_configure!(run_in_browser);
-
-#[wasm_bindgen_test]
-fn pass() {
-    assert_eq!(1 + 1, 2);
-}

backend/sync_server/Cargo.toml

@@ -1,30 +0,0 @@
-[package]
-name = "sync_server"
-version = "0.0.8"
-edition = "2021"
-
-[dependencies]
-reconcile = { path = "../reconcile" }
-sync_lib = { path = "../sync_lib" }
-
-serde = { workspace = true }
-thiserror = { workspace = true }
-
-tokio = { version = "1.42.0", features = ["full"]}
-uuid = { version = "1.11.0", features = ["v4", "serde"] }
-log = { version = "0.4.22" }
-anyhow =  { version = "1.0.94", features = ["backtrace"] }
-axum = { version = "0.7.9", features = ["ws", "macros", "tracing"]}
-axum-extra = { version = "0.9.6", features = ["typed-header"] }
-tower-http = { version = "0.6.1", features = ["cors", "trace"] }
-tracing-subscriber = { version = "0.3.19", features = ["fmt", "env-filter"]}
-serde_yaml = "0.9.34"
-sqlx = { version = "0.8.2", features = ["sqlite", "runtime-tokio", "uuid", "chrono"] }
-chrono = { version = "0.4.38", features = ["serde"] }
-aide = { version = "0.13.4", features = ["axum", "axum-ws", "scalar", "axum-headers"] }
-schemars = { version = "0.8.21", features = ["chrono", "uuid1"] }
-tracing = "0.1"
-rand = "0.8.5"
-
-[lints]
-workspace = true

backend/sync_server/README.md

@@ -1,4 +0,0 @@
-
-cargo install sqlx-cli
-rm db.sqlite3; sqlx database create --database-url sqlite://db.sqlite3
-sqlx migrate run --source sync_server/src/database/migrations --database-url sqlite://db.sqlite3

backend/sync_server/src/app_state.rs

@@ -1,20 +0,0 @@
-use anyhow::Result;
-
-use crate::{config::Config, consts::CONFIG_PATH, database::Database};
-
-#[derive(Clone, Debug)]
-pub struct AppState {
-    pub config: Config,
-    pub database: Database,
-}
-
-impl AppState {
-    pub async fn try_new() -> Result<Self> {
-        let path = std::path::Path::new(CONFIG_PATH);
-
-        let config = Config::read_or_create(path).await?;
-        let database = Database::try_new(&config.database).await?;
-
-        Ok(Self { config, database })
-    }
-}

backend/sync_server/src/config/database_config.rs

@@ -1,32 +0,0 @@
-use log::debug;
-use serde::{Deserialize, Serialize};
-
-use crate::consts::{DEFAULT_MAX_CONNECTIONS, DEFAULT_SQLITE_URL};
-
-#[derive(Debug, Deserialize, Serialize, Clone)]
-pub struct DatabaseConfig {
-    #[serde(default = "default_sqlite_url")]
-    pub sqlite_url: String,
-
-    #[serde(default = "default_max_connections")]
-    pub max_connections: u32,
-}
-
-fn default_sqlite_url() -> String {
-    debug!("Using default sqlite url: {}", DEFAULT_SQLITE_URL);
-    DEFAULT_SQLITE_URL.to_owned()
-}
-
-fn default_max_connections() -> u32 {
-    debug!("Using default max connections: {}", DEFAULT_MAX_CONNECTIONS);
-    DEFAULT_MAX_CONNECTIONS
-}
-
-impl Default for DatabaseConfig {
-    fn default() -> Self {
-        Self {
-            sqlite_url: default_sqlite_url(),
-            max_connections: default_max_connections(),
-        }
-    }
-}

backend/sync_server/src/config/server_config.rs

@@ -1,43 +0,0 @@
-use log::debug;
-use serde::{Deserialize, Serialize};
-
-use crate::consts::{DEFAULT_HOST, DEFAULT_MAX_BODY_SIZE_MB, DEFAULT_PORT};
-#[derive(Debug, Deserialize, Serialize, Clone)]
-pub struct ServerConfig {
-    #[serde(default = "default_host")]
-    pub host: String,
-
-    #[serde(default = "default_port")]
-    pub port: u16,
-
-    #[serde(default = "default_max_body_size_mb")]
-    pub max_body_size_mb: usize,
-}
-
-fn default_host() -> String {
-    debug!("Using default server host: {}", DEFAULT_HOST);
-    DEFAULT_HOST.to_owned()
-}
-
-fn default_port() -> u16 {
-    debug!("Using default server port: {}", DEFAULT_PORT);
-    DEFAULT_PORT
-}
-
-fn default_max_body_size_mb() -> usize {
-    debug!(
-        "Using default max body size (MB): {}",
-        DEFAULT_MAX_BODY_SIZE_MB
-    );
-    DEFAULT_MAX_BODY_SIZE_MB
-}
-
-impl Default for ServerConfig {
-    fn default() -> Self {
-        Self {
-            host: default_host(),
-            port: default_port(),
-            max_body_size_mb: default_max_body_size_mb(),
-        }
-    }
-}

backend/sync_server/src/config/user_config.rs

@@ -1,43 +0,0 @@
-use rand::{distributions::Alphanumeric, thread_rng, Rng as _};
-use serde::{Deserialize, Serialize};
-
-#[derive(Debug, Deserialize, Serialize, Clone)]
-pub struct UserConfig {
-    #[serde(default = "default_users")]
-    pub user_tokens: Vec<User>,
-}
-
-impl UserConfig {
-    pub fn get_user(&self, token: &str) -> Option<&User> {
-        self.user_tokens.iter().find(|u| u.token == token)
-    }
-}
-
-#[derive(Debug, Deserialize, Serialize, Clone)]
-pub struct User {
-    pub name: String,
-    pub token: String,
-}
-
-impl Default for UserConfig {
-    fn default() -> Self {
-        Self {
-            user_tokens: default_users(),
-        }
-    }
-}
-
-fn default_users() -> Vec<User> {
-    vec![User {
-        name: "admin".to_owned(),
-        token: get_random_token(),
-    }]
-}
-
-pub fn get_random_token() -> String {
-    thread_rng()
-        .sample_iter(&Alphanumeric)
-        .take(64)
-        .map(char::from)
-        .collect()
-}

backend/sync_server/src/consts.rs

@@ -1,6 +0,0 @@
-pub const CONFIG_PATH: &str = "config.yaml";
-pub const DEFAULT_SQLITE_URL: &str = "db.sqlite3";
-pub const DEFAULT_HOST: &str = "127.0.0.1";
-pub const DEFAULT_PORT: u16 = 3000;
-pub const DEFAULT_MAX_CONNECTIONS: u32 = 12;
-pub const DEFAULT_MAX_BODY_SIZE_MB: usize = 4096;

backend/sync_server/src/database.rs

@@ -1,299 +0,0 @@
-use core::{str::FromStr as _, time::Duration};
-
-use anyhow::{Context as _, Result};
-use models::{
-    DocumentId, DocumentVersionWithoutContent, StoredDocumentVersion, VaultId, VaultUpdateId,
-};
-use sqlx::{sqlite::SqliteConnectOptions, types::chrono::Utc};
-pub mod models;
-use sqlx::{sqlite::SqlitePoolOptions, Pool, Sqlite};
-
-use crate::config::database_config::DatabaseConfig;
-
-#[derive(Clone, Debug)]
-pub struct Database {
-    connection_pool: Pool<Sqlite>,
-}
-
-pub type Transaction<'a> = sqlx::Transaction<'a, Sqlite>;
-
-impl Database {
-    pub async fn try_new(config: &DatabaseConfig) -> Result<Self> {
-        let connection_options = SqliteConnectOptions::from_str(&config.sqlite_url)?
-            .create_if_missing(true)
-            .busy_timeout(Duration::from_secs(3600))
-            .journal_mode(sqlx::sqlite::SqliteJournalMode::Wal);
-
-        let pool = SqlitePoolOptions::new()
-            .max_connections(config.max_connections)
-            .test_before_acquire(true)
-            .connect_with(connection_options)
-            .await
-            .with_context(|| {
-                format!(
-                    "Cannot connect to database with url: {}",
-                    &config.sqlite_url
-                )
-            })?;
-
-        Self::run_migrations(&pool).await?;
-
-        Ok(Self {
-            connection_pool: pool,
-        })
-    }
-
-    async fn run_migrations(pool: &Pool<Sqlite>) -> Result<()> {
-        sqlx::migrate!("src/database/migrations")
-            .run(pool)
-            .await
-            .context("Cannot check for pending migrations")
-    }
-
-    /// Attempting to write from this transaction might result in a
-    /// database locked error. Use this transaction for read-only operations.
-    pub async fn create_readonly_transaction(&self) -> Result<Transaction<'_>> {
-        self.connection_pool
-            .begin()
-            .await
-            .context("Cannot create transaction")
-    }
-
-    pub async fn create_write_transaction(&self) -> Result<Transaction<'_>> {
-        let mut transaction = self.create_readonly_transaction().await?;
-
-        // sqlx doesn't support immediate transactions for sqlite: https://github.com/launchbadge/sqlx/issues/481
-        sqlx::query!("END; BEGIN IMMEDIATE;")
-            .execute(&mut *transaction)
-            .await?;
-
-        Ok(transaction)
-    }
-
-    /// Return the latest state of all non-deleted documents in the vault
-    pub async fn get_latest_documents(
-        &self,
-        vault: &VaultId,
-        transaction: Option<&mut Transaction<'_>>,
-    ) -> Result<Vec<DocumentVersionWithoutContent>> {
-        let query = sqlx::query_as!(
-            DocumentVersionWithoutContent,
-            r#"
-            select 
-                vault_id,
-                vault_update_id,
-                document_id as "document_id: uuid::Uuid", 
-                relative_path,
-                created_date as "created_date: chrono::DateTime<Utc>",
-                updated_date as "updated_date: chrono::DateTime<Utc>",
-                is_deleted
-            from latest_document_versions
-            where is_deleted = false and vault_id = ?
-            "#,
-            vault,
-        );
-
-        if let Some(transaction) = transaction {
-            query.fetch_all(&mut **transaction).await
-        } else {
-            query.fetch_all(&self.connection_pool).await
-        }
-        .context("Cannot fetch latest documents")
-    }
-
-    /// Return the latest state of all documents (including deleted) in the
-    /// vault which have changed since the given update id
-    pub async fn get_latest_documents_since(
-        &self,
-        vault: &VaultId,
-        vault_update_id: VaultUpdateId,
-        transaction: Option<&mut Transaction<'_>>,
-    ) -> Result<Vec<DocumentVersionWithoutContent>> {
-        let query = sqlx::query_as!(
-            DocumentVersionWithoutContent,
-            r#"
-            select
-                vault_id,
-                vault_update_id,
-                document_id as "document_id: uuid::Uuid",
-                relative_path,
-                created_date as "created_date: chrono::DateTime<Utc>",
-                updated_date as "updated_date: chrono::DateTime<Utc>",
-                is_deleted
-            from latest_document_versions
-            where vault_id = ? and vault_update_id > ?
-            "#,
-            vault,
-            vault_update_id
-        );
-
-        if let Some(transaction) = transaction {
-            query.fetch_all(&mut **transaction).await
-        } else {
-            query.fetch_all(&self.connection_pool).await
-        }
-        .with_context(|| {
-            format!("Cannot fetch latest documents since vault_update_id {vault_update_id}")
-        })
-    }
-
-    pub async fn get_max_update_id_in_vault(
-        &self,
-        vault: &VaultId,
-        transaction: Option<&mut Transaction<'_>>,
-    ) -> Result<i64> {
-        let query = sqlx::query!(
-            r#"
-            select coalesce(max(vault_update_id), 0) as max_vault_update_id
-            from documents
-            where vault_id = ?
-            "#,
-            vault
-        );
-
-        if let Some(transaction) = transaction {
-            query.fetch_one(&mut **transaction).await
-        } else {
-            query.fetch_one(&self.connection_pool).await
-        }
-        .map(|row| row.max_vault_update_id)
-        .context("Cannot fetch max update id in vault")
-    }
-
-    pub async fn get_latest_document_by_path(
-        &self,
-        vault: &VaultId,
-        relative_path: &str,
-        transaction: Option<&mut Transaction<'_>>,
-    ) -> Result<Option<StoredDocumentVersion>> {
-        let query = sqlx::query_as!(
-            StoredDocumentVersion,
-            r#"
-            select 
-                vault_id,
-                vault_update_id,
-                document_id as "document_id: uuid::Uuid", 
-                relative_path,
-                created_date as "created_date: chrono::DateTime<Utc>",
-                updated_date as "updated_date: chrono::DateTime<Utc>",
-                content,
-                is_deleted
-            from latest_document_versions
-            where vault_id = ? and relative_path = ?
-            "#,
-            vault,
-            relative_path
-        );
-
-        if let Some(transaction) = transaction {
-            query.fetch_optional(&mut **transaction).await
-        } else {
-            query.fetch_optional(&self.connection_pool).await
-        }
-        .context("Cannot fetch latest document version")
-    }
-
-    pub async fn get_latest_document(
-        &self,
-        vault: &VaultId,
-        document_id: &DocumentId,
-        transaction: Option<&mut Transaction<'_>>,
-    ) -> Result<Option<StoredDocumentVersion>> {
-        let query = sqlx::query_as!(
-            StoredDocumentVersion,
-            r#"
-            select 
-                vault_id,
-                vault_update_id,
-                document_id as "document_id: uuid::Uuid", 
-                relative_path,
-                created_date as "created_date: chrono::DateTime<Utc>",
-                updated_date as "updated_date: chrono::DateTime<Utc>",
-                content,
-                is_deleted
-            from latest_document_versions
-            where vault_id = ? and document_id = ?
-            "#,
-            vault,
-            document_id
-        );
-
-        if let Some(transaction) = transaction {
-            query.fetch_optional(&mut **transaction).await
-        } else {
-            query.fetch_optional(&self.connection_pool).await
-        }
-        .context("Cannot fetch latest document version")
-    }
-
-    pub async fn get_document_version(
-        &self,
-        vault: &VaultId,
-        vault_update_id: VaultUpdateId,
-        transaction: Option<&mut Transaction<'_>>,
-    ) -> Result<Option<StoredDocumentVersion>> {
-        let query = sqlx::query_as!(
-            StoredDocumentVersion,
-            r#"
-            select 
-                vault_id,
-                vault_update_id,
-                document_id as "document_id: uuid::Uuid", 
-                relative_path,
-                created_date as "created_date: chrono::DateTime<Utc>",
-                updated_date as "updated_date: chrono::DateTime<Utc>",
-                content,
-                is_deleted
-            from documents
-            where vault_id = ? and vault_update_id = ?"#,
-            vault,
-            vault_update_id
-        );
-
-        if let Some(transaction) = transaction {
-            query.fetch_optional(&mut **transaction).await
-        } else {
-            query.fetch_optional(&self.connection_pool).await
-        }
-        .context("Cannot fetch document version")
-    }
-
-    pub async fn insert_document_version(
-        &self,
-        version: &StoredDocumentVersion,
-        transaction: Option<&mut Transaction<'_>>,
-    ) -> Result<()> {
-        let query = sqlx::query!(
-            r#"
-            insert into documents (
-                vault_id,
-                vault_update_id,
-                document_id, 
-                relative_path,
-                created_date,
-                updated_date,
-                content,
-                is_deleted
-            )
-            values (?, ?, ?, ?, ?, ?, ?, ?)
-            "#,
-            version.vault_id,
-            version.vault_update_id,
-            version.document_id,
-            version.relative_path,
-            version.created_date,
-            version.updated_date,
-            version.content,
-            version.is_deleted
-        );
-
-        if let Some(transaction) = transaction {
-            query.execute(&mut **transaction).await
-        } else {
-            query.execute(&self.connection_pool).await
-        }
-        .context("Cannot insert document version")?;
-
-        Ok(())
-    }
-}

backend/sync_server/src/database/migrations/20241207143519_bootstrap.sql

@@ -1,25 +0,0 @@
-CREATE TABLE IF NOT EXISTS documents (
-    vault_id TEXT NOT NULL,
-    vault_update_id INTEGER NOT NULL,
-    document_id TEXT NOT NULL,
-    relative_path TEXT NOT NULL,
-    created_date TIMESTAMP NOT NULL,
-    updated_date TIMESTAMP NOT NULL,
-    content BLOB NOT NULL,
-    is_deleted BOOLEAN NOT NULL,
-    PRIMARY KEY (vault_id, vault_update_id)
-);
-
-CREATE VIEW IF NOT EXISTS latest_document_versions AS
-SELECT d.*
-FROM documents d
-INNER JOIN (
-    SELECT vault_id, MAX(vault_update_id) AS max_version_id
-    FROM documents
-    GROUP BY vault_id, document_id
-) max_versions
-ON d.vault_id = max_versions.vault_id
-AND d.vault_update_id = max_versions.max_version_id;
-
-CREATE INDEX IF NOT EXISTS idx_documents_vault_id_relative_path
-ON documents (vault_id, relative_path);

backend/sync_server/src/main.rs

@@ -1,46 +0,0 @@
-mod app_state;
-mod config;
-mod consts;
-mod database;
-mod errors;
-mod server;
-
-use anyhow::{Context as _, Result};
-use app_state::AppState;
-use errors::{init_error, SyncServerError};
-use log::info;
-use server::create_server;
-use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
-
-#[tokio::main]
-async fn main() -> Result<(), SyncServerError> {
-    tracing_subscriber::registry()
-        .with(
-            tracing_subscriber::EnvFilter::try_from_default_env().unwrap_or_else(|_| {
-                format!(
-                    "{}=debug,tower_http=debug,axum::rejection=trace",
-                    env!("CARGO_CRATE_NAME")
-                )
-                .into()
-            }),
-        )
-        .with(tracing_subscriber::fmt::layer())
-        .try_init()
-        .context("Failed to initialise tracing")
-        .map_err(init_error)?;
-
-    info!(
-        "Starting VaultLink server version {}",
-        env!("CARGO_PKG_VERSION")
-    );
-
-    let app_state = AppState::try_new()
-        .await
-        .context("Failed to initialise app state")
-        .map_err(init_error)?;
-
-    create_server(app_state)
-        .await
-        .context("Failed to start server")
-        .map_err(init_error)
-}

backend/sync_server/src/server/auth.rs

@@ -1,14 +0,0 @@
-use crate::{
-    app_state::AppState,
-    config::user_config::User,
-    errors::{unauthorized_error, SyncServerError},
-};
-
-pub fn auth(app_state: &AppState, token: &str) -> Result<User, SyncServerError> {
-    app_state
-        .config
-        .users
-        .get_user(token)
-        .cloned()
-        .ok_or_else(|| unauthorized_error(anyhow::anyhow!("Invalid token")))
-}

backend/sync_server/src/server/create_document.rs

@@ -1,109 +0,0 @@
-use anyhow::Context as _;
-use axum::{
-    extract::{Path, State},
-    Json,
-};
-use axum_extra::{
-    headers::{authorization::Bearer, Authorization},
-    TypedHeader,
-};
-use schemars::JsonSchema;
-use serde::Deserialize;
-use sync_lib::{base64_to_bytes, merge};
-
-use super::{auth::auth, requests::CreateDocumentVersion};
-use crate::{
-    app_state::AppState,
-    database::models::{DocumentVersion, StoredDocumentVersion, VaultId},
-    errors::{client_error, server_error, SyncServerError},
-};
-
-// This is required for aide to infer the path parameter types and names
-#[derive(Deserialize, JsonSchema)]
-pub struct PathParams {
-    vault_id: VaultId,
-}
-
-/// Create a new document in case a document with the same doesn't exist
-/// already. If a document with the same path exists, a new version is created
-/// with their content merged.
-#[axum::debug_handler]
-pub async fn create_document(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
-    Path(PathParams { vault_id }): Path<PathParams>,
-    State(state): State<AppState>,
-    Json(request): Json<CreateDocumentVersion>,
-) -> Result<Json<DocumentVersion>, SyncServerError> {
-    auth(&state, auth_header.token())?;
-
-    let mut transaction = state
-        .database
-        .create_write_transaction()
-        .await
-        .map_err(server_error)?;
-
-    let last_update_id = state
-        .database
-        .get_max_update_id_in_vault(&vault_id, Some(&mut transaction))
-        .await
-        .map_err(server_error)?;
-
-    let maybe_existing_version = state
-        .database
-        .get_latest_document_by_path(&vault_id, &request.relative_path, Some(&mut transaction))
-        .await
-        .map_err(server_error)?
-        .and_then(|doc| if doc.is_deleted { None } else { Some(doc) });
-
-    let new_version = if let Some(existing_version) = maybe_existing_version {
-        let content_bytes = base64_to_bytes(&request.content_base64)
-            .context("Failed to decode base64 content in request")
-            .map_err(client_error)?;
-
-        let merged_content = merge(
-            &[], // the empty string is the first common parent of the two documents,
-            &existing_version.content,
-            &content_bytes,
-        )
-        .context("Failed to decode bytes as UTF-8")
-        .map_err(client_error)?;
-
-        StoredDocumentVersion {
-            vault_id,
-            vault_update_id: last_update_id + 1,
-            relative_path: request.relative_path,
-            document_id: existing_version.document_id,
-            content: merged_content,
-            created_date: request.created_date,
-            updated_date: chrono::Utc::now(),
-            is_deleted: false,
-        }
-    } else {
-        StoredDocumentVersion {
-            vault_id,
-            vault_update_id: last_update_id + 1,
-            document_id: uuid::Uuid::new_v4(),
-            relative_path: request.relative_path,
-            content: base64_to_bytes(&request.content_base64)
-                .context("Cannot convert base64 encoded content to bytes")
-                .map_err(client_error)?,
-            created_date: request.created_date,
-            updated_date: chrono::Utc::now(),
-            is_deleted: false,
-        }
-    };
-
-    state
-        .database
-        .insert_document_version(&new_version, Some(&mut transaction))
-        .await
-        .map_err(server_error)?;
-
-    transaction
-        .commit()
-        .await
-        .context("Failed to commit successful transaction")
-        .map_err(server_error)?;
-
-    Ok(Json(new_version.into()))
-}

backend/sync_server/src/server/delete_document.rs

@@ -1,75 +0,0 @@
-use anyhow::Context as _;
-use axum::{
-    extract::{Path, State},
-    Json,
-};
-use axum_extra::{
-    headers::{authorization::Bearer, Authorization},
-    TypedHeader,
-};
-use schemars::JsonSchema;
-use serde::Deserialize;
-
-use super::{auth::auth, requests::DeleteDocumentVersion};
-use crate::{
-    app_state::AppState,
-    database::models::{DocumentId, StoredDocumentVersion, VaultId},
-    errors::{server_error, SyncServerError},
-};
-
-// This is required for aide to infer the path parameter types and names
-#[derive(Deserialize, JsonSchema)]
-pub struct PathParams {
-    vault_id: VaultId,
-    document_id: DocumentId,
-}
-
-#[axum::debug_handler]
-pub async fn delete_document(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
-    Path(PathParams {
-        vault_id,
-        document_id,
-    }): Path<PathParams>,
-    State(state): State<AppState>,
-    Json(request): Json<DeleteDocumentVersion>,
-) -> Result<(), SyncServerError> {
-    auth(&state, auth_header.token())?;
-
-    let mut transaction = state
-        .database
-        .create_write_transaction()
-        .await
-        .map_err(server_error)?;
-
-    let last_update_id = state
-        .database
-        .get_max_update_id_in_vault(&vault_id, Some(&mut transaction))
-        .await
-        .map_err(server_error)?;
-
-    let new_version = StoredDocumentVersion {
-        vault_id,
-        vault_update_id: last_update_id + 1,
-        document_id,
-        relative_path: request.relative_path,
-        content: vec![],
-        created_date: request.created_date,
-        updated_date: chrono::Utc::now(),
-        is_deleted: true,
-    };
-
-    state
-        .database
-        .insert_document_version(&new_version, Some(&mut transaction))
-        .await
-        .map_err(server_error)?;
-
-    transaction
-        .commit()
-        .await
-        .context("Failed to commit successful transaction")
-        .map_err(server_error)?;
-
-    Ok(())
-}

backend/sync_server/src/server/fetch_latest_document_version.rs

@@ -1,51 +0,0 @@
-use anyhow::anyhow;
-use axum::{
-    extract::{Path, State},
-    Json,
-};
-use axum_extra::{
-    headers::{authorization::Bearer, Authorization},
-    TypedHeader,
-};
-use schemars::JsonSchema;
-use serde::Deserialize;
-
-use super::auth::auth;
-use crate::{
-    app_state::AppState,
-    database::models::{DocumentId, DocumentVersion, VaultId},
-    errors::{not_found_error, server_error, SyncServerError},
-};
-
-// This is required for aide to infer the path parameter types and names
-#[derive(Deserialize, JsonSchema)]
-pub struct PathParams {
-    vault_id: VaultId,
-    document_id: DocumentId,
-}
-
-#[axum::debug_handler]
-pub async fn fetch_latest_document_version(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
-    Path(PathParams {
-        vault_id,
-        document_id,
-    }): Path<PathParams>,
-    State(state): State<AppState>,
-) -> Result<Json<DocumentVersion>, SyncServerError> {
-    auth(&state, auth_header.token())?;
-
-    let latest_version = state
-        .database
-        .get_latest_document(&vault_id, &document_id, None)
-        .await
-        .map_err(server_error)?
-        .map(Ok)
-        .unwrap_or_else(|| {
-            Err(not_found_error(anyhow!(
-                "Document with id `{document_id}` not found",
-            )))
-        })?;
-
-    Ok(Json(latest_version.into()))
-}

backend/sync_server/src/server/ping.rs

@@ -1,22 +0,0 @@
-use axum::{extract::State, Json};
-use axum_extra::{
-    headers::{authorization::Bearer, Authorization},
-    TypedHeader,
-};
-
-use super::{auth::auth, responses::PingResponse};
-use crate::{app_state::AppState, errors::SyncServerError};
-
-#[axum::debug_handler]
-pub async fn ping(
-    maybe_auth_header: Option<TypedHeader<Authorization<Bearer>>>,
-    State(state): State<AppState>,
-) -> Result<Json<PingResponse>, SyncServerError> {
-    let is_authenticated =
-        maybe_auth_header.is_some_and(|auth_header| auth(&state, auth_header.token()).is_ok());
-
-    Ok(Json(PingResponse {
-        server_version: env!("CARGO_PKG_VERSION").to_owned(),
-        is_authenticated,
-    }))
-}

backend/sync_server/src/server/requests.rs

@@ -1,29 +0,0 @@
-use chrono::{DateTime, Utc};
-use schemars::JsonSchema;
-use serde::{self, Deserialize};
-
-use crate::database::models::VaultUpdateId;
-
-#[derive(Debug, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct CreateDocumentVersion {
-    pub relative_path: String,
-    pub created_date: DateTime<Utc>,
-    pub content_base64: String,
-}
-
-#[derive(Debug, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct UpdateDocumentVersion {
-    pub parent_version_id: VaultUpdateId,
-    pub relative_path: String,
-    pub created_date: DateTime<Utc>,
-    pub content_base64: String,
-}
-
-#[derive(Debug, Deserialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct DeleteDocumentVersion {
-    pub relative_path: String,
-    pub created_date: DateTime<Utc>,
-}

backend/sync_server/src/server/responses.rs

@@ -1,18 +0,0 @@
-use schemars::JsonSchema;
-use serde::{self, Serialize};
-
-use crate::database::models::{DocumentVersionWithoutContent, VaultUpdateId};
-
-#[derive(Debug, Clone, Serialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct PingResponse {
-    pub server_version: String,
-    pub is_authenticated: bool,
-}
-
-#[derive(Debug, Clone, Serialize, JsonSchema)]
-#[serde(rename_all = "camelCase")]
-pub struct FetchLatestDocumentsResponse {
-    pub latest_documents: Vec<DocumentVersionWithoutContent>,
-    pub last_update_id: VaultUpdateId,
-}

backend/sync_server/src/server/update_document.rs

@@ -1,141 +0,0 @@
-use anyhow::{anyhow, Context as _};
-use axum::{
-    extract::{Path, State},
-    Json,
-};
-use axum_extra::{
-    headers::{authorization::Bearer, Authorization},
-    TypedHeader,
-};
-use log::info;
-use schemars::JsonSchema;
-use serde::Deserialize;
-use sync_lib::{base64_to_bytes, merge};
-
-use super::{auth::auth, requests::UpdateDocumentVersion};
-use crate::{
-    app_state::AppState,
-    database::models::{DocumentId, DocumentVersion, StoredDocumentVersion, VaultId},
-    errors::{client_error, not_found_error, server_error, SyncServerError},
-};
-
-// This is required for aide to infer the path parameter types and names
-#[derive(Deserialize, JsonSchema)]
-pub struct PathParams {
-    vault_id: VaultId,
-    document_id: DocumentId,
-}
-
-#[axum::debug_handler]
-pub async fn update_document(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
-    Path(PathParams {
-        vault_id,
-        document_id,
-    }): Path<PathParams>,
-    State(state): State<AppState>,
-    Json(request): Json<UpdateDocumentVersion>,
-) -> Result<Json<DocumentVersion>, SyncServerError> {
-    auth(&state, auth_header.token())?;
-
-    // No need for a transaction as document versions are immutable
-    let parent_document = state
-        .database
-        .get_document_version(&vault_id, request.parent_version_id, None)
-        .await
-        .map_err(server_error)?
-        .map_or_else(
-            || {
-                Err(not_found_error(anyhow!(
-                    "Parent version with id `{}` not found",
-                    request.parent_version_id
-                )))
-            },
-            Ok,
-        )?;
-
-    let mut transaction = state
-        .database
-        .create_write_transaction()
-        .await
-        .map_err(server_error)?;
-
-    let last_update_id = state
-        .database
-        .get_max_update_id_in_vault(&vault_id, Some(&mut transaction))
-        .await
-        .map_err(server_error)?;
-
-    let latest_version = state
-        .database
-        .get_latest_document(&vault_id, &document_id, Some(&mut transaction))
-        .await
-        .map_err(server_error)?
-        .map_or_else(
-            || {
-                Err(not_found_error(anyhow!(
-                    "Document with id `{document_id}` not found",
-                )))
-            },
-            Ok,
-        )?;
-
-    let content_bytes = base64_to_bytes(&request.content_base64)
-        .context("Failed to decode base64 content in request")
-        .map_err(client_error)?;
-
-    // Return the latest version if the content and path are the same as the latest
-    // version
-    if content_bytes == latest_version.content
-        && request.relative_path == latest_version.relative_path
-    {
-        info!("Document content is the same as the latest version, skipping update");
-        transaction
-            .rollback()
-            .await
-            .context("Failed to rollback transaction")
-            .map_err(server_error)?;
-
-        return Ok(Json(latest_version.into()));
-    }
-
-    let merged_content = merge(
-        &parent_document.content,
-        &latest_version.content,
-        &content_bytes,
-    )
-    .context("Failed to decode bytes as UTF-8")
-    .map_err(client_error)?;
-
-    // We can only update the relative path if we're the first one to do so
-    let new_relative_path = if parent_document.relative_path == latest_version.relative_path {
-        request.relative_path.clone()
-    } else {
-        latest_version.relative_path.clone()
-    };
-
-    let new_version = StoredDocumentVersion {
-        vault_id,
-        document_id,
-        vault_update_id: last_update_id + 1,
-        relative_path: new_relative_path,
-        content: merged_content,
-        created_date: request.created_date,
-        updated_date: chrono::Utc::now(),
-        is_deleted: latest_version.is_deleted,
-    };
-
-    state
-        .database
-        .insert_document_version(&new_version, Some(&mut transaction))
-        .await
-        .map_err(server_error)?;
-
-    transaction
-        .commit()
-        .await
-        .context("Failed to commit successful transaction")
-        .map_err(server_error)?;
-
-    Ok(Json(new_version.into()))
-}

docs/.cspell.json

@@ -0,0 +1,87 @@
+{
+    "version": "0.2",
+    "language": "en-GB",
+    "dictionaries": ["en-gb"],
+    "ignorePaths": ["node_modules", ".vitepress/dist", ".vitepress/cache", "package-lock.json"],
+    "words": [
+        "VaultLink",
+        "Obsidian",
+        "WebSocket",
+        "SQLite",
+        "codebase",
+        "CRDT",
+        "CRDTs",
+        "YAML",
+        "nginx",
+        "Caddy",
+        "Traefik",
+        "systemd",
+        "localhost",
+        "vaultlink",
+        "Axum",
+        "Tokio",
+        "SQLx",
+        "reconcile",
+        "postgresql",
+        "VitePress",
+        "markdownlint",
+        "filesystem",
+        "backend",
+        "frontend",
+        "macOS",
+        "CLI",
+        "API",
+        "JSON",
+        "HTTP",
+        "HTTPS",
+        "SSL",
+        "TLS",
+        "WSS",
+        "TCP",
+        "VPS",
+        "Docker",
+        "Github",
+        "Dockerfile",
+        "dockerignore",
+        "Rustup",
+        "PostgreSQL",
+        "UUID",
+        "CORS",
+        "HSTS",
+        "CI",
+        "CD",
+        "OpenSSL",
+        "README",
+        "config",
+        "submodule",
+        "repo",
+        "autocomplete",
+        "autoformat",
+        "dedupe",
+        "diff",
+        "grep",
+        "stdout",
+        "stderr",
+        "chmod",
+        "mkdir",
+        "rclone",
+        "uuidgen",
+        "letsencrypt",
+        "fullchain",
+        "privkey",
+        "schmelczer",
+        "Schmelczer",
+        "ghcr",
+        "keepalive",
+        "healthcheck",
+        "writable",
+        "Cloudant",
+        "Syncthing",
+        "cadvisor",
+        "Caddyfile",
+        "nodelay",
+        "websecure",
+        "certresolver",
+        "rootfs"
+    ]
+}

docs/.gitignore

@@ -0,0 +1,2 @@
+.vitepress/dist/
+.vitepress/cache/

docs/.prettierignore

@@ -0,0 +1,4 @@
+node_modules/
+.vitepress/dist/
+.vitepress/cache/
+package-lock.json

docs/.prettierrc

@@ -0,0 +1,19 @@
+{
+    "printWidth": 120,
+    "tabWidth": 4,
+    "useTabs": false,
+    "semi": false,
+    "singleQuote": false,
+    "trailingComma": "none",
+    "endOfLine": "lf",
+    "proseWrap": "preserve",
+    "overrides": [
+        {
+            "files": "*.md",
+            "options": {
+                "proseWrap": "preserve",
+                "printWidth": 120
+            }
+        }
+    ]
+}

docs/.vitepress/config.mts

@@ -0,0 +1,60 @@
+import { defineConfig } from "vitepress"
+
+export default defineConfig({
+    title: "VaultLink",
+    description: "Self-hosted real-time synchronisation for Obsidian",
+    base: "/vault-link/",
+    themeConfig: {
+        logo: "/logo.svg",
+        nav: [
+            { text: "Home", link: "/" },
+            { text: "Guide", link: "/guide/getting-started" },
+            { text: "Architecture", link: "/architecture/" },
+            { text: "GitHub", link: "https://github.com/schmelczer/vault-link" }
+        ],
+        sidebar: [
+            {
+                text: "Introduction",
+                items: [
+                    { text: "What is VaultLink?", link: "/guide/what-is-vaultlink" },
+                    { text: "Getting Started", link: "/guide/getting-started" },
+                    { text: "Limitations", link: "/guide/limitations" },
+                    { text: "Comparison with Alternatives", link: "/guide/alternatives" }
+                ]
+            },
+            {
+                text: "Setup",
+                items: [
+                    { text: "Server Setup", link: "/guide/server-setup" },
+                    { text: "Obsidian Plugin", link: "/guide/obsidian-plugin" },
+                    { text: "CLI Client", link: "/guide/cli-client" }
+                ]
+            },
+            {
+                text: "Configuration",
+                items: [
+                    { text: "Server Configuration", link: "/config/server" },
+                    { text: "Authentication", link: "/config/authentication" },
+                    { text: "Advanced Options", link: "/config/advanced" }
+                ]
+            },
+            {
+                text: "Architecture",
+                items: [
+                    { text: "Overview", link: "/architecture/" },
+                    { text: "Sync Algorithm", link: "/architecture/sync-algorithm" },
+                    { text: "Data Flow", link: "/architecture/data-flow" }
+                ]
+            }
+        ],
+        socialLinks: [{ icon: "github", link: "https://github.com/schmelczer/vault-link" }],
+        footer: {
+            message: "Released under the MIT License.",
+            copyright: "Copyright © 2024-present Andras Schmelczer"
+        },
+        search: {
+            provider: "local"
+        }
+    },
+    head: [["link", { rel: "icon", type: "image/svg+xml", href: "/vault-link/logo.svg" }]]
+})

docs/README.md

@@ -0,0 +1,159 @@
+# VaultLink Documentation
+
+This directory contains the VaultLink documentation site built with [VitePress](https://vitepress.dev/).
+
+## Development
+
+### Prerequisites
+
+- Node.js 18+
+- npm
+
+### Setup
+
+```bash
+cd docs
+npm install
+```
+
+### Local Development
+
+Start the development server with hot reload:
+
+```bash
+npm run dev
+```
+
+The site will be available at `http://localhost:5173/vault-link/`
+
+### Build
+
+Build the static site:
+
+```bash
+npm run build
+```
+
+Output will be in `.vitepress/dist/`
+
+### Preview
+
+Preview the built site:
+
+```bash
+npm run preview
+```
+
+### Format
+
+Format all markdown and TypeScript files:
+
+```bash
+npm run format
+```
+
+Check formatting without making changes:
+
+```bash
+npm run format:check
+```
+
+### Spell Check
+
+Check spelling (British English):
+
+```bash
+npm run spell
+```
+
+The spell checker enforces British English spellings (e.g., "synchronisation", "optimise", "behaviour").
+
+## Deployment
+
+The documentation is automatically deployed to GitHub Pages when changes are pushed to the `main` branch.
+
+The deployment workflow is configured in `.github/workflows/deploy-docs.yml`.
+
+## Structure
+
+```
+docs/
+├── .vitepress/
+│   └── config.ts          # VitePress configuration
+├── public/                # Static assets
+│   └── logo.svg          # VaultLink logo
+├── guide/                # User guides
+│   ├── what-is-vaultlink.md
+│   ├── getting-started.md
+│   ├── server-setup.md
+│   ├── obsidian-plugin.md
+│   └── cli-client.md
+├── architecture/         # Architecture documentation
+│   ├── index.md
+│   ├── sync-algorithm.md
+│   └── data-flow.md
+├── config/              # Configuration reference
+│   ├── server.md
+│   ├── authentication.md
+│   └── advanced.md
+└── index.md            # Home page
+
+```
+
+## Writing Documentation
+
+### Language
+
+All documentation uses **British English**. The spell checker enforces this in CI.
+
+### Markdown Features
+
+VitePress supports:
+
+- GitHub Flavoured Markdown
+- Custom containers (tip, warning, danger)
+- Code syntax highlighting
+- Mermaid diagrams
+- Emoji :rocket:
+
+### Custom Containers
+
+```markdown
+::: tip
+This is a tip
+:::
+
+::: warning
+This is a warning
+:::
+
+::: danger
+This is a danger message
+:::
+```
+
+### Code Blocks
+
+````markdown
+```bash
+npm install
+```
+
+```yaml
+server:
+    port: 3000
+```
+````
+
+## Contributing
+
+When adding new pages:
+
+1. Create the markdown file in the appropriate directory
+2. Add it to the sidebar in `.vitepress/config.ts`
+3. Test locally with `npm run dev`
+4. Submit a pull request
+
+## License
+
+MIT - Same as VaultLink

docs/architecture/data-flow.md

@@ -0,0 +1,553 @@
+# Data Flow
+
+How data flows through VaultLink, from client to server and back.
+
+## Connection Lifecycle
+
+### 1. Initial Connection
+
+```mermaid
+sequenceDiagram
+    participant C as Client
+    participant S as Server
+    participant DB as Database
+
+    C->>S: WebSocket connect
+    S->>S: Accept connection
+    C->>S: Auth message (token + vault)
+    S->>S: Validate token
+    S->>S: Check vault access
+    S-->>C: Auth success
+    Note over C,S: Connection established
+```
+
+**Steps**:
+
+1. Client initiates WebSocket connection to server
+2. Server accepts connection
+3. Client sends authentication message with token and vault name
+4. Server validates token against `config.yml`
+5. Server checks if user has access to requested vault
+6. Server responds with success or error
+7. Connection is ready for syncing
+
+### 2. Initial Sync
+
+After authentication, the client performs initial synchronisation:
+
+```mermaid
+sequenceDiagram
+    participant C as Client
+    participant S as Server
+    participant DB as SQLite
+
+    C->>C: Scan local filesystem
+    C->>S: Request file list
+    S->>DB: Query all files
+    DB-->>S: File metadata
+    S-->>C: File list with versions
+
+    loop For each local file
+        C->>C: Check if file on server
+        alt File not on server
+            C->>S: Upload file
+            S->>DB: Store file + metadata
+        else File on server (different version)
+            C->>C: Compare versions
+            C->>S: Upload newer or merge
+        end
+    end
+
+    loop For each server file
+        C->>C: Check if file local
+        alt File not local
+            C->>S: Download file
+            S->>DB: Retrieve file
+            DB-->>S: File content
+            S-->>C: File content
+            C->>C: Write to disk
+        end
+    end
+
+    S-->>C: Sync complete message
+```
+
+**Process**:
+
+1. Client scans local filesystem
+2. Client requests file list from server
+3. Server queries database and returns metadata
+4. Client uploads missing or changed local files
+5. Client downloads missing files from server
+6. Server sends sync complete notification
+
+### 3. Real-Time Synchronization
+
+After initial sync, changes are pushed in real-time:
+
+```mermaid
+sequenceDiagram
+    participant FS as Filesystem
+    participant C1 as Client 1
+    participant S as Server
+    participant DB as Database
+    participant C2 as Client 2
+
+    FS->>C1: File changed (fs.watch)
+    C1->>C1: Read file content
+    C1->>S: Upload file
+    S->>DB: Store new version
+    S->>S: Apply OT if needed
+    S-->>C1: Upload ACK
+    S->>C2: File update notification
+    C2->>S: Download file
+    S->>DB: Retrieve file
+    DB-->>S: File content
+    S-->>C2: File content
+    C2->>FS: Write to disk
+```
+
+**Flow**:
+
+1. Filesystem watcher detects local change
+2. Client reads file content
+3. Client uploads file via WebSocket
+4. Server stores in database
+5. Server applies operational transformation if concurrent edits
+6. Server acknowledges upload to sender
+7. Server broadcasts update to other clients
+8. Other clients download and apply changes
+
+## File Operations
+
+### Upload
+
+```
+┌─────────┐
+│ Client  │
+└───┬─-───┘
+    │ 1. Detect file change
+    │
+    ├─► 2. Read file content
+    │
+    ├─► 3. Create upload message
+    │    {
+    │      type: "upload_file",
+    │      path: "notes/daily.md",
+    │      content: "...",
+    │      version: 42,
+    │      timestamp: "2024-01-01T12:00:00Z"
+    │    }
+    │
+    ▼
+┌─────────┐
+│ Server  │
+└───┬────-┘
+    │ 4. Validate message
+    │
+    ├─► 5. Check permissions
+    │
+    ├─► 6. Apply OT (if conflicts)
+    │
+    ├─► 7. Store in database
+    │
+    ├─► 8. Update version
+    │
+    ├─► 9. Broadcast to clients
+    │
+    └─► 10. Send ACK to uploader
+```
+
+### Download
+
+```
+┌─────────┐
+│ Server  │
+└───┬─-───┘
+    │ 1. File updated by another client
+    │
+    ├─► 2. Broadcast notification
+    │    {
+    │      type: "file_updated",
+    │      path: "notes/daily.md",
+    │      version: 43
+    │    }
+    │
+    ▼
+┌─────────┐
+│ Client  │
+└───┬─-───┘
+    │ 3. Receive notification
+    │
+    ├─► 4. Request file download
+    │    {
+    │      type: "download_file",
+    │      path: "notes/daily.md",
+    │      version: 43
+    │    }
+    │
+    ▼
+┌─────────┐
+│ Server  │
+└───┬─=───┘
+    │ 5. Retrieve from database
+    │
+    └─► 6. Send file content
+          {
+            type: "file_content",
+            path: "notes/daily.md",
+            content: "...",
+            version: 43
+          }
+          │
+          ▼
+    ┌─────────┐
+    │ Client  │
+    └───-─┬───┘
+          │ 7. Write to filesystem
+          │
+          └─► 8. Update local metadata
+```
+
+### Delete
+
+```
+┌─────────┐
+│ Client  │
+└────┬────┘
+    │ 1. File deleted locally
+    │
+    ├─► 2. Send delete message
+    │    {
+    │      type: "delete_file",
+    │      path: "notes/old.md"
+    │    }
+    │
+    ▼
+┌─────────┐
+│ Server  │
+└────┬────┘
+    │ 3. Mark as deleted in DB
+    │    (soft delete for history)
+    │
+    ├─► 4. Broadcast deletion
+    │
+    └─► 5. ACK to sender
+          │
+          ▼
+    ┌─────────┐
+    │ Other   │
+    │ Clients │
+    └────┬────┘
+          │ 6. Delete local file
+          │
+          └─► 7. Update metadata
+```
+
+## Conflict Resolution Flow
+
+### Concurrent Edits Scenario
+
+```
+Time →
+
+Client A                    Server                      Client B
+  │                          │                            │
+  │ Edit file v10            │                            │
+  │ "Add line A"             │                            │ Edit file v10
+  │                          │                            │ "Add line B"
+  │                          │                            │
+  ├─── Upload @ t1 ─────────►│                            │
+  │                          │◄────── Upload @ t2 ────────┤
+  │                          │                            │
+  │                          │ 1. Receive both edits      │
+  │                          │    (based on v10)          │
+  │                          │                            │
+  │                          │ 2. Apply first edit        │
+  │                          │    → v11 (line A added)    │
+  │                          │                            │
+  │                          │ 3. Transform second edit   │
+  │                          │    against first           │
+  │                          │                            │
+  │                          │ 4. Apply transformed edit  │
+  │                          │    → v12 (both lines)      │
+  │                          │                            │
+  │◄──── v12 content ────────┤                            │
+  │                          ├───── v12 content ─────────►│
+  │                          │                            │
+  │ Apply v12                │                            │ Apply v12
+  │ (has both lines)         │                            │ (has both lines)
+  │                          │                            │
+```
+
+### Conflict Resolution Steps
+
+1. **Detection**: Server receives two edits based on the same version
+2. **Ordering**: Determine which edit to apply first (by timestamp or client ID)
+3. **First edit**: Apply directly to database
+4. **Transformation**: Transform second edit against first using OT
+5. **Second edit**: Apply transformed edit to database
+6. **Broadcast**: Send merged result to all clients
+7. **Application**: Clients apply merged version locally
+
+## Database Schema
+
+### Core Tables
+
+```sql
+-- Document metadata
+CREATE TABLE documents (
+    id INTEGER PRIMARY KEY,
+    path TEXT NOT NULL,
+    version INTEGER NOT NULL,
+    content_hash TEXT,
+    size INTEGER,
+    created_at TIMESTAMP,
+    updated_at TIMESTAMP,
+    deleted BOOLEAN DEFAULT FALSE
+);
+
+-- Version history
+CREATE TABLE versions (
+    id INTEGER PRIMARY KEY,
+    document_id INTEGER,
+    version INTEGER,
+    content BLOB,
+    created_at TIMESTAMP,
+    FOREIGN KEY (document_id) REFERENCES documents(id)
+);
+
+-- Client sync cursors
+CREATE TABLE cursors (
+    client_id TEXT PRIMARY KEY,
+    last_version INTEGER,
+    last_updated TIMESTAMP
+);
+```
+
+### Queries
+
+**Get files since version**:
+
+```sql
+SELECT * FROM documents
+WHERE version > ? AND deleted = FALSE
+ORDER BY version ASC;
+```
+
+**Store new version**:
+
+```sql
+INSERT INTO versions (document_id, version, content, created_at)
+VALUES (?, ?, ?, ?);
+
+UPDATE documents
+SET version = ?, updated_at = ?
+WHERE id = ?;
+```
+
+**Update cursor**:
+
+```sql
+INSERT OR REPLACE INTO cursors (client_id, last_version, last_updated)
+VALUES (?, ?, ?);
+```
+
+## Message Protocol
+
+### Client → Server Messages
+
+**Upload File**:
+
+```json
+{
+    "type": "upload_file",
+    "path": "notes/example.md",
+    "content": "File content here...",
+    "base_version": 10,
+    "timestamp": "2024-01-01T12:00:00Z"
+}
+```
+
+**Download File**:
+
+```json
+{
+    "type": "download_file",
+    "path": "notes/example.md"
+}
+```
+
+**Delete File**:
+
+```json
+{
+    "type": "delete_file",
+    "path": "notes/old.md"
+}
+```
+
+**List Files**:
+
+```json
+{
+    "type": "list_files",
+    "since_version": 0
+}
+```
+
+### Server → Client Messages
+
+**File Updated**:
+
+```json
+{
+    "type": "file_updated",
+    "path": "notes/example.md",
+    "version": 11,
+    "size": 1024,
+    "hash": "abc123..."
+}
+```
+
+**File Content**:
+
+```json
+{
+    "type": "file_content",
+    "path": "notes/example.md",
+    "content": "Updated content...",
+    "version": 11
+}
+```
+
+**File Deleted**:
+
+```json
+{
+    "type": "file_deleted",
+    "path": "notes/old.md",
+    "version": 12
+}
+```
+
+**Sync Complete**:
+
+```json
+{
+    "type": "sync_complete",
+    "total_files": 150,
+    "current_version": 200
+}
+```
+
+**Error**:
+
+```json
+{
+    "type": "error",
+    "message": "File too large",
+    "code": "FILE_TOO_LARGE"
+}
+```
+
+## Error Handling
+
+### Client-Side Errors
+
+**Network failure**:
+
+1. Detect WebSocket disconnect
+2. Queue pending operations
+3. Retry connection with exponential backoff
+4. Replay queued operations on reconnect
+
+**File read error**:
+
+1. Log error
+2. Skip file
+3. Continue with other files
+4. Report to user
+
+**Write conflict**:
+
+1. Receive updated version from server
+2. Apply OT merge locally
+3. Overwrite local file
+4. Continue syncing
+
+### Server-Side Errors
+
+**Database error**:
+
+1. Log error
+2. Return error to client
+3. Client retries operation
+
+**Invalid operation**:
+
+1. Validate message format
+2. Return specific error code
+3. Client handles error appropriately
+
+**Authentication failure**:
+
+1. Reject connection
+2. Send auth error
+3. Client prompts for new credentials
+
+## Performance Optimizations
+
+### Batching
+
+- Small, rapid changes are batched together
+- Reduces message overhead
+- Applied as single atomic update
+
+### Compression
+
+- Large files compressed before transmission
+- Reduces bandwidth usage
+- Transparent to application layer
+
+### Incremental Sync
+
+- Only changed portions of files sent
+- Uses content-based diffing
+- Significantly reduces data transfer
+
+### Caching
+
+- Server caches recent file versions
+- Reduces database queries
+- Improves response time
+
+## Monitoring Data Flow
+
+### Server Logs
+
+```
+2024-01-01 12:00:00 INFO WebSocket connection from 192.168.1.100
+2024-01-01 12:00:01 INFO User 'alice' authenticated for vault 'personal'
+2024-01-01 12:00:05 INFO Upload: notes/daily.md (v10 -> v11)
+2024-01-01 12:00:06 INFO Broadcast to 3 clients
+2024-01-01 12:00:10 INFO Conflict resolved: notes/shared.md (v12)
+```
+
+### Client Logs
+
+```
+2024-01-01 12:00:00 INFO Connecting to ws://sync.example.com
+2024-01-01 12:00:01 INFO Connected, authenticating...
+2024-01-01 12:00:01 INFO Authentication successful
+2024-01-01 12:00:02 INFO Starting initial sync
+2024-01-01 12:00:10 INFO Sync complete: 150 files, 200 MB
+2024-01-01 12:00:15 INFO Uploaded: notes/daily.md
+2024-01-01 12:00:20 INFO Downloaded: notes/shared.md (merged)
+```
+
+## Next Steps
+
+- [Understand the sync algorithm →](/architecture/sync-algorithm)
+- [Configure the server →](/config/server)
+- [Deploy VaultLink →](/guide/getting-started)

docs/architecture/index.md

@@ -0,0 +1,334 @@
+# Architecture Overview
+
+Central sync server with multiple clients. High-level architecture and design decisions.
+
+## System Components
+
+```
+┌─────────────────────────────────────────────────────────────┐
+│                        Clients                              │
+├─────────────────────┬───────────────────┬───────────────────┤
+│  Obsidian Plugin    │  Obsidian Plugin  │   CLI Client      │
+│  (User A - Device1) │  (User A - Device2│   (Server/Backup) │
+└──────────┬──────────┴─────────┬─────────┴──────────┬────────┘
+          │                    │                    │
+          │    WebSocket       │   WebSocket        │   WebSocket
+          │                    │                    │
+          └────────────────────┼────────────────────┘
+                                │
+                    ┌───────────▼───────────┐
+                    │   Sync Server         │
+                    │   (Rust + Axum)       │
+                    │                       │
+                    │  ┌─────────────────┐  │
+                    │  │  WebSocket Hub  │  │
+                    │  └────────┬────────┘  │
+                    │           │           │
+                    │  ┌────────▼────────┐  │
+                    │  │ Sync Engine     │  │
+                    │  │ (OT Algorithm)  │  │
+                    │  └────────┬────────┘  │
+                    │           │           │
+                    │  ┌────────▼────────┐  │
+                    │  │ SQLite Database │  │
+                    │  │ (Per Vault)     │  │
+                    │  └─────────────────┘  │
+                    └───────────────────────┘
+```
+
+## Core Components
+
+### Sync Server
+
+Central authority for synchronisation. Rust + Axum framework.
+
+**Responsibilities**:
+
+- Accept WebSocket connections from clients
+- Authenticate users via token-based auth
+- Store document versions in SQLite
+- Coordinate real-time updates between clients
+- Apply operational transformation for conflict resolution
+- Manage vault access control
+
+**Technology**:
+
+- **Language**: Rust 1.92+
+- **Framework**: Axum (async web framework)
+- **Database**: SQLite with SQLx
+- **Protocol**: WebSockets for real-time communication
+- **Sync Algorithm**: reconcile-text (operational transformation)
+
+### Sync Client Library
+
+TypeScript library with core sync logic. Used by Obsidian plugin and CLI client.
+
+**Responsibilities**:
+
+- Manage WebSocket connection to server
+- Watch local filesystem for changes
+- Upload and download files
+- Apply remote changes locally
+- Handle conflict resolution
+- Maintain sync metadata
+
+**Technology**:
+
+- **Language**: TypeScript
+- **Build**: Webpack
+- **Protocol**: WebSocket client
+- **File System**: Node.js `fs` API / Obsidian API
+
+### Obsidian Plugin
+
+Integration layer between sync client and Obsidian.
+
+**Responsibilities**:
+
+- Provide UI for configuration
+- Bridge sync client with Obsidian's file system API
+- Handle Obsidian lifecycle events
+- Display sync status to users
+
+**Technology**:
+
+- **Platform**: Obsidian Plugin API
+- **Core**: sync-client library
+- **UI**: Obsidian settings UI
+
+### CLI Client
+
+Standalone executable for syncing vaults without Obsidian.
+
+**Responsibilities**:
+
+- Command-line interface
+- File system access via Node.js
+- Daemon mode for continuous sync
+- Health check endpoint for monitoring
+
+**Technology**:
+
+- **Language**: TypeScript
+- **Runtime**: Node.js
+- **CLI**: Commander.js
+- **Core**: sync-client library
+
+## Data Flow
+
+### Initial Connection
+
+1. Client connects via WebSocket to server
+2. Server authenticates using provided token
+3. Server verifies user has access to requested vault
+4. Connection established, sync begins
+
+### File Upload Flow
+
+```
+Client                          Server
+  │                               │
+  │  1. File changed locally      │
+  │                               │
+  │  2. Read file content         │
+  │                               │
+  │  3. WebSocket: Upload file    │
+  ├──────────────────────────────►│
+  │                               │ 4. Store in SQLite
+  │                               │
+  │                               │ 5. Broadcast to other clients
+  │                               ├───────────────────────►
+  │  6. Ack upload                │
+  │◄──────────────────────────────┤
+```
+
+### File Download Flow
+
+```
+Client A                  Server                  Client B
+  │                         │                         │
+  │                         │  1. File uploaded       │
+  │                         │◄────────────────────────┤
+  │                         │                         │
+  │                         │ 2. Store in DB          │
+  │                         │                         │
+  │  3. Push notification   │                         │
+  │◄────────────────────────┤                         │
+  │                         │                         │
+  │  4. Download file       │                         │
+  ├────────────────────────►│                         │
+  │                         │                         │
+  │  5. Write locally       │                         │
+  │                         │                         │
+```
+
+### Conflict Resolution
+
+When two clients edit the same file simultaneously:
+
+```
+Client A                  Server                  Client B
+  │                         │                         │
+  │ 1. Edit file            │                         │ 1. Edit same file
+  │                         │                         │
+  │ 2. Upload changes       │                         │ 2. Upload changes
+  ├────────────────────────►│◄────────────────────────┤
+  │                         │                         │
+  │                         │ 3. Apply OT algorithm   │
+  │                         │    - Merge both edits   │
+  │                         │    - Preserve all changes│
+  │                         │                         │
+  │ 4. Receive merged ver.  │ 5. Receive merged ver.  │
+  │◄────────────────────────┤────────────────────────►│
+  │                         │                         │
+  │ 6. Apply locally        │                         │ 6. Apply locally
+```
+
+## Storage Architecture
+
+### Server Storage
+
+Each vault has its own SQLite database:
+
+```
+databases/
+├── vault-1.db
+├── vault-2.db
+└── shared-team.db
+```
+
+**Database Schema** (simplified):
+
+- **documents**: File metadata (path, size, modified time)
+- **versions**: Document content with version history
+- **cursors**: Client sync state
+
+### Client Storage
+
+Clients maintain sync metadata:
+
+```
+.vaultlink/
+├── metadata.json       # Sync state
+└── cache/              # Optional local cache
+```
+
+The `.vaultlink` directory tracks which files have been synced and their versions to enable efficient synchronisation.
+
+## Communication Protocol
+
+### WebSocket Messages
+
+Client-server communication uses JSON messages over WebSocket.
+
+**Message Types**:
+
+- `upload_file`: Client → Server (file upload)
+- `download_file`: Client → Server (request file)
+- `file_updated`: Server → Client (file changed notification)
+- `file_deleted`: Server → Client (file deleted notification)
+- `sync_complete`: Server → Client (initial sync finished)
+
+### Authentication
+
+Token-based authentication on connection:
+
+```typescript
+// Client sends token on connect
+{
+  type: "auth",
+  token: "user-auth-token",
+  vault: "vault-name"
+}
+
+// Server responds
+{
+  type: "auth_success"
+}
+// or
+{
+  type: "auth_error",
+  message: "Invalid token"
+}
+```
+
+## Scalability Considerations
+
+### Current Architecture
+
+- **SQLite per vault**: Simple, performant, limited to single server
+- **WebSocket connections**: Stateful, requires sticky sessions for load balancing
+- **Operational transformation**: Centralized on server
+
+### Scaling Approaches
+
+**Vertical Scaling**:
+
+- Increase server resources (CPU, RAM, storage)
+- Optimize database queries and indexing
+- Tune connection limits
+
+**Horizontal Scaling** (future):
+
+- Separate vault servers (vault sharding)
+- Load balancer with sticky sessions
+- Shared storage layer for SQLite databases
+- Consider alternative databases (PostgreSQL) for multi-server setups
+
+### Performance Characteristics
+
+- **Small vaults** (< 1000 files): Excellent performance
+- **Medium vaults** (1000-10000 files): Good performance with tuning
+- **Large vaults** (> 10000 files): May require optimisation
+- **Concurrent users**: Tested with dozens of simultaneous clients per vault
+
+## Security Model
+
+### Authentication
+
+- Token-based authentication
+- Tokens configured in server `config.yml`
+- No password hashing (tokens are secrets)
+
+### Authorization
+
+- Per-user vault access control
+- Allow-list or deny-list patterns
+- Global access or vault-specific access
+
+### Network Security
+
+- WebSocket over TLS (WSS) for encrypted transport
+- No built-in SSL (use reverse proxy)
+- CORS configured for web clients
+
+### Data Security
+
+- No encryption at rest (use encrypted filesystems if needed)
+- No end-to-end encryption (server sees all content)
+- Self-hosted model: you control the data
+
+## Technology Choices
+
+**Rust**: Low latency, memory safe, excellent async with Tokio, compile-time SQL verification
+
+**SQLite**: No separate database server, fast for reads, single file per vault, backups are file copies
+
+**WebSocket**: Bidirectional push, no polling overhead, built-in browser/Node.js support
+
+**Operational Transformation**: Automatic conflict resolution, preserves all edits, real-time collaboration
+
+## Design Principles
+
+1. **Self-hosted first**: Users control their data and infrastructure
+2. **Simplicity**: Easy to deploy and operate
+3. **Real-time**: Changes appear immediately
+4. **Reliability**: Handle network failures gracefully
+5. **Performance**: Fast sync for typical vault sizes
+6. **Privacy**: No third-party services or telemetry
+
+## Next Steps
+
+- [Learn about the sync algorithm →](/architecture/sync-algorithm)
+- [Understand data flow in detail →](/architecture/data-flow)
+- [Deploy the server →](/guide/server-setup)

docs/architecture/sync-algorithm.md

@@ -0,0 +1,438 @@
+# Sync Algorithm
+
+VaultLink uses operational transformation (OT) to handle concurrent edits and maintain consistency across clients.
+
+## Operational Transformation
+
+Operational transformation is a technique for managing concurrent edits to the same document. It transforms operations (edits) so they can be applied in different orders while preserving user intent.
+
+### Why OT?
+
+Traditional conflict resolution approaches:
+
+- **Last write wins**: Loses data, frustrating for users
+- **Manual merging**: Interrupts workflow, requires user intervention
+- **Version branching**: Complex, not suitable for real-time sync
+
+Operational transformation:
+
+- **Automatic**: No user intervention required
+- **Preserves all edits**: No data loss
+- **Real-time**: Changes appear immediately
+- **Intuitive**: Behaviour matches user expectations
+
+## The reconcile-text Library
+
+VaultLink uses the [`reconcile-text`](https://crates.io/crates/reconcile-text) Rust library for operational transformation on text documents.
+
+### Why reconcile-text over CRDTs?
+
+VaultLink faces a **differential synchronisation** challenge: users edit Obsidian vaults with various editors (Obsidian desktop, Obsidian mobile, Vim, VS Code, or any text editor), often while offline. This means we only observe the **final state** of each document after editing, not the individual keystrokes or operations that produced it.
+
+**The fundamental problem**:
+
+- **CRDTs and traditional OT** require capturing every individual operation (each character insertion, deletion, cursor movement)
+- **VaultLink's reality**: Users edit files with arbitrary tools, sync happens after the fact
+- **What we know**: Parent version and two modified versions
+- **What we don't know**: The sequence of operations that created those modifications
+
+**Why reconcile-text wins for this use case**:
+
+1. **Works with end states only**: reconcile-text performs conflict-free 3-way merging given just parent, left, and right versions—no operation history needed
+
+2. **Editor-agnostic**: Users can edit with any tool without requiring VaultLink-specific plugins or operation tracking
+
+3. **Offline-first**: Edits made while disconnected are merged cleanly when sync resumes, because we're diffing final states rather than replaying operations
+
+4. **No conflict markers**: Unlike Git merge, produces clean merged output without `<<<<<<<` markers that interrupt note-taking flow
+
+5. **Human text forgiveness**: For knowledge bases and documentation, a slightly imperfect merge (e.g., minor word order issues) is vastly preferable to manual conflict resolution
+
+6. **Simpler infrastructure**: No need for complex operation capture, transformation logs, or tombstone management that CRDTs require
+
+**The trade-off**:
+
+CRDTs excel when you control the entire editing infrastructure and can capture every operation. reconcile-text excels when you're synchronising independently-edited files—exactly VaultLink's scenario. The merge quality depends on Myers' diff algorithm rather than operation history, which is the correct trade-off for differential sync.
+
+For note-taking workflows where users value editor freedom and offline editing, this approach provides superior user experience compared to either CRDTs (which would require operation tracking) or Git-style merging (which requires manual conflict resolution).
+
+[Learn more about reconcile-text →](https://schmelczer.dev/reconcile)
+
+### How It Works
+
+Given three versions (parent, left, right), reconcile-text produces a merged result.
+
+**How reconcile-text works**:
+
+1. **Tokenisation**: Split text into words (using `BuiltinTokenizer::Word`)
+2. **Three-way diff**: Compare parent→left and parent→right changes
+3. **Merge**: Combine non-conflicting changes, prefer content preservation for conflicts
+4. **Result**: Merged text with both edits applied
+
+**Example**:
+
+```
+Parent:  "The quick brown fox"
+User A:  "The quick red fox"      (changes "brown" → "red")
+User B:  "The very quick brown fox"  (inserts "very ")
+
+Merged:  "The very quick red fox"  (both changes applied)
+```
+
+**Merge conditions**: Only `.md` and `.txt` files with valid UTF-8 get merged. Binary files or other extensions use last-write-wins.
+
+### Operation Types
+
+The algorithm handles these operations:
+
+- **Insert**: Add text at position
+- **Delete**: Remove text from position
+- **Retain**: Keep existing text unchanged
+
+### Transformation Process
+
+1. **Client A** makes edit and sends to server
+2. **Client B** makes concurrent edit and sends to server
+3. **Server** receives both edits
+4. **Server** transforms operations to account for concurrent changes
+5. **Server** applies merged result to database
+6. **Server** sends transformed operations to both clients
+7. **Clients** apply transformed operations locally
+
+## Sync State Management
+
+VaultLink maintains sync state to track which changes have been applied.
+
+### Version Vectors
+
+Each document has a version tracked by:
+
+- **Server version**: Incremented on each change
+- **Client cursors**: Track which version each client has seen
+
+This enables:
+
+- Efficient syncing (only send changes since last sync)
+- Conflict detection (concurrent edits to same version)
+- Ordering of operations
+
+### Cursor Management
+
+Clients maintain a cursor position:
+
+```rust
+struct Cursor {
+    vault_id: String,
+    client_id: String,
+    last_version: u64,
+    last_updated: DateTime,
+}
+```
+
+On sync:
+
+1. Client sends cursor (last seen version)
+2. Server returns all changes since that version
+3. Client applies changes and updates cursor
+
+## Conflict Resolution Flow
+
+### Scenario: Concurrent Edits
+
+Two users edit the same paragraph simultaneously.
+
+**Initial state**:
+
+```
+Version 10: "The quick brown fox jumps over the lazy dog."
+```
+
+**User A's edit** (version 11):
+
+```
+"The quick brown fox jumps over the very lazy dog."
+```
+
+_Inserts "very " at position 40_
+
+**User B's edit** (also from version 10):
+
+```
+"The quick red fox jumps over the lazy dog."
+```
+
+_Replaces "brown" with "red" at position 10_
+
+### Server Processing
+
+1. **Receive User A's operation**:
+    - Base: version 10
+    - Operation: Insert("very ", position=40)
+    - Apply to database → version 11
+
+2. **Receive User B's operation**:
+    - Base: version 10
+    - Operation: Replace("brown"→"red", position=10)
+    - **Conflict detected**: Base is version 10, but current is version 11
+
+3. **Transform User B's operation**:
+    - Transform against User A's operation
+    - Adjust positions/content as needed
+    - Apply transformed operation → version 12
+
+4. **Broadcast updates**:
+    - Send User A's operation to User B
+    - Send transformed User B's operation to User A
+
+### Final Result
+
+```
+Version 12: "The quick red fox jumps over the very lazy dog."
+```
+
+Both edits are preserved in the final document.
+
+## Edge Cases
+
+### 1. Delete vs Insert Conflict
+
+**Scenario**: User A deletes a paragraph while User B edits it.
+
+**Resolution**:
+
+- OT algorithm prioritizes preservation of content
+- Insert operation is transformed to account for deletion
+- Typically results in inserted content appearing nearby
+
+**Example**:
+
+```
+Base: "Line 1\nLine 2\nLine 3"
+
+User A: Delete Line 2 → "Line 1\nLine 3"
+User B: Edit Line 2 → "Line 1\nLine 2 modified\nLine 3"
+
+Result: "Line 1\nLine 2 modified\nLine 3"
+```
+
+(Insert takes precedence, preserving user content)
+
+### 2. Overlapping Edits
+
+**Scenario**: Two users edit overlapping regions.
+
+**Resolution**:
+
+- OT splits operations into non-overlapping segments
+- Applies each segment independently
+- Merges results
+
+### 3. Delete vs Delete
+
+**Scenario**: Two users delete overlapping text.
+
+**Resolution**:
+
+- Deletes are merged
+- Final result has the union of deleted ranges removed
+
+### 4. Network Partitions
+
+**Scenario**: Client loses connection, makes edits offline, reconnects.
+
+**Resolution**:
+
+1. Client queues edits locally
+2. On reconnect, sends all queued operations
+3. Server applies OT against all operations that happened during partition
+4. Client receives transformed operations and applies
+
+## Performance Characteristics
+
+### Time Complexity
+
+- **Single operation**: O(1) for most operations
+- **Transformation**: O(n) where n is operation size
+- **Conflict resolution**: O(m × n) where m is number of concurrent operations
+
+### Space Complexity
+
+- **Version history**: Grows with number of changes
+- **Cursors**: O(clients × vaults)
+- **Active operations**: Minimal (processed in real-time)
+
+### Optimisation
+
+VaultLink optimises for:
+
+- Small, frequent edits (typical typing patterns)
+- Text documents (not binary files)
+- Real-time processing (no batching delay)
+
+## Limitations
+
+### Binary and Non-Mergeable Files
+
+Only **`.md`** and **`.txt`** files get automatic merging. Everything else uses last-write-wins.
+
+**Binary detection**:
+
+- Files with NUL bytes (`0x00`)
+- Files failing UTF-8 validation
+
+Even `.md` files are treated as binary if they fail UTF-8 checks.
+
+**Last-write-wins behaviour**:
+
+```
+User A uploads image.png → Server version 1
+User B uploads image.png → Server version 2 (A's upload lost)
+```
+
+**Workaround**: Avoid concurrent edits to non-text files. [See all limitations →](/guide/limitations)
+
+### Large Documents
+
+Very large documents (> 1MB) may have:
+
+- Higher transformation costs
+- Slower sync times
+- Increased memory usage
+
+**Workaround**: Split large documents or increase timeout settings.
+
+### Complex Formatting
+
+Markdown with complex structures may occasionally produce unexpected results:
+
+- Nested lists
+- Tables
+- Code blocks
+
+**Workaround**: Manual cleanup if needed, or minimize concurrent edits to complex structures.
+
+## Consistency Guarantees
+
+### Strong Consistency
+
+VaultLink provides **strong eventual consistency**:
+
+- All clients eventually converge to the same state
+- Operations applied in causal order
+- No data loss under normal operation
+
+### Ordering Guarantees
+
+- Operations from the same client are applied in order
+- Concurrent operations may be applied in any order
+- Final result is independent of operation order (commutative)
+
+### Durability
+
+- Operations are written to SQLite before acknowledgment
+- SQLite ACID guarantees protect against data loss
+- Clients retry failed uploads
+
+## Comparison with Other Approaches
+
+### Git-style Merging
+
+| Aspect                     | Git Merge    | VaultLink OT            |
+| -------------------------- | ------------ | ----------------------- |
+| Real-time                  | No           | Yes                     |
+| Manual conflict resolution | Yes          | No                      |
+| Branching                  | Yes          | No                      |
+| Automatic merge            | Limited      | Always                  |
+| Use case                   | Code changes | Collaborative documents |
+
+### CRDTs (Conflict-free Replicated Data Types)
+
+| Aspect                        | CRDTs                                | VaultLink (reconcile-text)                        |
+| ----------------------------- | ------------------------------------ | ------------------------------------------------- |
+| **Operation tracking**        | Required (every keystroke)           | Not required (end states only)                    |
+| **Editor freedom**            | Limited (must use CRDT-aware editor) | Unlimited (any text editor works)                 |
+| **Offline editing**           | Requires operation log               | Works with file comparison                        |
+| **Server required**           | No                                   | Yes                                               |
+| **Memory overhead**           | Higher (tombstones, metadata)        | Lower (versions only)                             |
+| **Infrastructure complexity** | Higher                               | Lower                                             |
+| **Best for**                  | Controlled editing environments      | Independent file editing (Obsidian, Vim, VS Code) |
+
+**Key insight**: CRDTs are superior when you can capture every operation. reconcile-text is superior when users edit files independently with arbitrary tools—exactly VaultLink's scenario.
+
+### Last Write Wins
+
+| Aspect          | LWW  | VaultLink OT |
+| --------------- | ---- | ------------ |
+| Data loss       | Yes  | No           |
+| Simplicity      | High | Medium       |
+| User experience | Poor | Excellent    |
+| Performance     | Best | Good         |
+
+## Algorithm Details
+
+### Transformation Rules
+
+When transforming operation `A` against operation `B`:
+
+1. **Insert vs Insert**:
+    - If positions equal: Order by client ID
+    - If different positions: Adjust positions
+
+2. **Insert vs Delete**:
+    - If insert in deleted range: Shift insert position
+    - If insert after delete: Adjust position by deleted length
+
+3. **Delete vs Delete**:
+    - If ranges overlap: Merge delete ranges
+    - If ranges disjoint: Adjust positions
+
+4. **Retain vs Any**:
+    - Retain operations don't conflict
+    - Simply adjust positions
+
+### Transformation Example
+
+```rust
+// Pseudo-code for transformation
+fn transform(op_a: Operation, op_b: Operation) -> (Operation, Operation) {
+    match (op_a, op_b) {
+        (Insert(pos_a, text_a), Insert(pos_b, text_b)) => {
+            if pos_a < pos_b {
+                (op_a, Insert(pos_b + text_a.len(), text_b))
+            } else if pos_a > pos_b {
+                (Insert(pos_a + text_b.len(), text_a), op_b)
+            } else {
+                // Same position, use client ID to break tie
+                if client_id_a < client_id_b {
+                    (op_a, Insert(pos_b + text_a.len(), text_b))
+                } else {
+                    (Insert(pos_a + text_b.len(), text_a), op_b)
+                }
+            }
+        }
+        // ... other cases
+    }
+}
+```
+
+## Best Practices
+
+### For Smooth Collaboration
+
+1. **Small edits**: Make small, focused changes for easier merging
+2. **Coordinate major changes**: Discuss large refactors with team
+3. **Monitor sync status**: Ensure changes are uploaded before signing off
+4. **Test conflict resolution**: Verify behaviour matches expectations
+
+### For Developers
+
+1. **Text files preferred**: OT works best on text
+2. **Limit file sizes**: Keep documents reasonably sized
+3. **Binary files**: Use versioning or avoid concurrent edits
+4. **Testing**: Test concurrent edit scenarios thoroughly
+
+## Further Reading
+
+- [reconcile-text library](https://crates.io/crates/reconcile-text)
+- [Operational Transformation FAQ](https://en.wikipedia.org/wiki/Operational_transformation)
+- [Data flow architecture →](/architecture/data-flow)

docs/config/advanced.md

@@ -0,0 +1,603 @@
+# Advanced Configuration
+
+Advanced topics for optimising and customising your VaultLink deployment.
+
+## Database Optimisation
+
+### SQLite Tuning
+
+While VaultLink handles most SQLite configuration automatically, you can optimise for specific workloads.
+
+#### WAL Mode
+
+VaultLink uses Write-Ahead Logging (WAL) mode by default for better concurrency.
+
+**Benefits**:
+
+- Readers don't block writers
+- Writers don't block readers
+- Better performance for concurrent access
+
+**Maintenance**:
+
+```bash
+# Checkpoint WAL to main database (run periodically)
+sqlite3 databases/vault.db "PRAGMA wal_checkpoint(TRUNCATE);"
+```
+
+#### Database Size Management
+
+Over time, databases can grow with version history:
+
+```bash
+# Check database size
+du -h databases/*.db
+
+# Vacuum to reclaim space (offline only)
+sqlite3 databases/vault.db "VACUUM;"
+
+# Analyse for query optimisation
+sqlite3 databases/vault.db "ANALYZE;"
+```
+
+**Schedule maintenance**:
+
+```bash
+#!/bin/bash
+# monthly-maintenance.sh
+
+for db in databases/*.db; do
+    echo "Optimising $db"
+    sqlite3 "$db" "PRAGMA optimize;"
+    sqlite3 "$db" "PRAGMA wal_checkpoint(TRUNCATE);"
+done
+```
+
+### Version History Cleanup
+
+VaultLink stores **all versions indefinitely** by default. Database grows with every change.
+
+**Database schema**: Each version stored in `documents` table with `vault_update_id` (sequential).
+
+Manual cleanup (keep last 100 versions per document):
+
+```bash
+#!/bin/bash
+# prune-old-versions.sh
+
+for db in databases/*.db; do
+    sqlite3 "$db" <<EOF
+DELETE FROM documents
+WHERE vault_update_id NOT IN (
+    SELECT vault_update_id FROM documents d2
+    WHERE d2.document_id = documents.document_id
+    ORDER BY vault_update_id DESC
+    LIMIT 100
+);
+EOF
+done
+```
+
+**Warning**: This deletes old versions permanently. No undo.
+
+Run monthly via cron:
+
+```bash
+0 3 1 * * /opt/vaultlink/prune-old-versions.sh
+```
+
+## Performance Tuning
+
+### Connection Pool Sizing
+
+Calculate optimal `max_connections_per_vault`:
+
+```
+max_connections = (concurrent_users × avg_operations_per_user) + buffer
+```
+
+**Example**:
+
+- 20 concurrent users
+- 2 operations per user on average
+- 25% buffer
+
+```
+max_connections = (20 × 2) × 1.25 = 50
+```
+
+### Timeout Configuration
+
+Adjust timeouts based on network characteristics:
+
+**Fast local network**:
+
+```yaml
+database:
+    cursor_timeout_seconds: 30
+
+server:
+    response_timeout_seconds: 30
+```
+
+**Slow or unreliable network**:
+
+```yaml
+database:
+    cursor_timeout_seconds: 180
+
+server:
+    response_timeout_seconds: 120
+```
+
+**Mobile clients**:
+
+```yaml
+database:
+    cursor_timeout_seconds: 300 # Longer for intermittent connections
+
+server:
+    response_timeout_seconds: 180
+```
+
+## Reverse Proxy Configuration
+
+### Nginx with SSL
+
+Complete Nginx configuration for production:
+
+```nginx
+# Rate limiting
+limit_req_zone $binary_remote_addr zone=vaultlink:10m rate=10r/s;
+
+upstream vaultlink {
+    server localhost:3000;
+    keepalive 32;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name sync.example.com;
+
+    ssl_certificate /etc/letsencrypt/live/sync.example.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/sync.example.com/privkey.pem;
+
+    # SSL security settings
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+    ssl_prefer_server_ciphers on;
+
+    # HSTS
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+    # Rate limiting
+    limit_req zone=vaultlink burst=20 nodelay;
+
+    # Client body size (match server config)
+    client_max_body_size 512M;
+
+    # Timeouts
+    proxy_connect_timeout 90s;
+    proxy_send_timeout 90s;
+    proxy_read_timeout 3600s;  # WebSocket long-lived connections
+
+    # WebSocket headers
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    # Disable buffering for WebSocket
+    proxy_buffering off;
+
+    location / {
+        proxy_pass http://vaultlink;
+    }
+
+    # Health check endpoint (use any vault name)
+    location /health {
+        proxy_pass http://vaultlink/vaults/test/ping;
+        access_log off;
+    }
+}
+
+# Redirect HTTP to HTTPS
+server {
+    listen 80;
+    server_name sync.example.com;
+    return 301 https://$server_name$request_uri;
+}
+```
+
+### Caddy with Auto SSL
+
+Caddy handles SSL automatically:
+
+```caddy
+sync.example.com {
+    reverse_proxy localhost:3000 {
+        # WebSocket support
+        header_up X-Real-IP {remote_host}
+        header_up X-Forwarded-For {remote_host}
+        header_up X-Forwarded-Proto {scheme}
+
+        # Timeouts
+        transport http {
+            read_timeout 3600s
+            write_timeout 90s
+        }
+    }
+
+    # Rate limiting (requires caddy-rate-limit plugin)
+    rate_limit {
+        zone dynamic {
+            match {
+                remote_ip
+            }
+            rate 10r/s
+            burst 20
+        }
+    }
+}
+```
+
+### Traefik Configuration
+
+Using Docker labels:
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        labels:
+            - "traefik.enable=true"
+            - "traefik.http.routers.vaultlink.rule=Host(`sync.example.com`)"
+            - "traefik.http.routers.vaultlink.entrypoints=websecure"
+            - "traefik.http.routers.vaultlink.tls.certresolver=letsencrypt"
+            - "traefik.http.services.vaultlink.loadbalancer.server.port=3000"
+            # Middleware for timeouts
+            - "traefik.http.middlewares.vaultlink-timeout.timeout.request=3600s"
+```
+
+## Docker Optimizations
+
+### Resource Limits
+
+Limit container resources:
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        deploy:
+            resources:
+                limits:
+                    cpus: "2.0"
+                    memory: 4G
+                reservations:
+                    cpus: "1.0"
+                    memory: 2G
+```
+
+### Logging Configuration
+
+Optimize Docker logging:
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        logging:
+            driver: "json-file"
+            options:
+                max-size: "50m"
+                max-file: "5"
+```
+
+### Volume Optimization
+
+Use named volumes for better performance:
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        volumes:
+            - vaultlink-data:/data
+            - vaultlink-logs:/data/logs
+
+volumes:
+    vaultlink-data:
+        driver: local
+        driver_opts:
+            type: none
+            o: bind
+            device: /mnt/fast-ssd/vaultlink
+    vaultlink-logs:
+        driver: local
+```
+
+## High Availability
+
+### Health Checks
+
+Comprehensive health monitoring:
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        healthcheck:
+            test: ["CMD-SHELL", "curl -f http://localhost:3000/vaults/test/ping || exit 1"]
+            interval: 10s
+            timeout: 5s
+            retries: 3
+            start_period: 30s
+```
+
+Monitor health in production:
+
+```bash
+#!/bin/bash
+# health-monitor.sh
+
+while true; do
+    if ! curl -sf http://localhost:3000/vaults/test/ping > /dev/null; then
+        echo "Health check failed at $(date)" | mail -s "VaultLink Down" admin@example.com
+        # Optionally restart
+        # docker restart vaultlink-server
+    fi
+    sleep 30
+done
+```
+
+### Backup Automation
+
+Automated backup script:
+
+```bash
+#!/bin/bash
+# backup-vaultlink.sh
+
+BACKUP_DIR="/backup/vaultlink"
+DATA_DIR="/data"
+DATE=$(date +%Y%m%d-%H%M%S)
+RETENTION_DAYS=30
+
+# Create backup directory
+mkdir -p "$BACKUP_DIR/$DATE"
+
+# Backup databases (with WAL checkpoint)
+for db in "$DATA_DIR"/databases/*.db; do
+    sqlite3 "$db" "PRAGMA wal_checkpoint(TRUNCATE);"
+    cp "$db" "$BACKUP_DIR/$DATE/"
+    [ -f "${db}-wal" ] && cp "${db}-wal" "$BACKUP_DIR/$DATE/"
+    [ -f "${db}-shm" ] && cp "${db}-shm" "$BACKUP_DIR/$DATE/"
+done
+
+# Backup configuration
+cp "$DATA_DIR/config.yml" "$BACKUP_DIR/$DATE/"
+
+# Compress backup
+tar -czf "$BACKUP_DIR/vaultlink-$DATE.tar.gz" -C "$BACKUP_DIR" "$DATE"
+rm -rf "$BACKUP_DIR/$DATE"
+
+# Clean old backups
+find "$BACKUP_DIR" -name "vaultlink-*.tar.gz" -mtime +$RETENTION_DAYS -delete
+
+# Upload to remote storage (optional)
+# rclone copy "$BACKUP_DIR/vaultlink-$DATE.tar.gz" remote:backups/
+```
+
+Schedule with cron:
+
+```cron
+0 2 * * * /opt/vaultlink/backup-vaultlink.sh
+```
+
+### Restore from Backup
+
+```bash
+#!/bin/bash
+# restore-vaultlink.sh
+
+BACKUP_FILE="$1"
+DATA_DIR="/data"
+
+if [ -z "$BACKUP_FILE" ]; then
+    echo "Usage: $0 <backup-file.tar.gz>"
+    exit 1
+fi
+
+# Stop server
+docker stop vaultlink-server
+
+# Extract backup
+tar -xzf "$BACKUP_FILE" -C /tmp/
+BACKUP_DATE=$(basename "$BACKUP_FILE" .tar.gz | cut -d- -f2-)
+
+# Restore databases
+cp /tmp/"$BACKUP_DATE"/databases/*.db "$DATA_DIR/databases/"
+
+# Restore config (careful!)
+# cp /tmp/$BACKUP_DATE/config.yml "$DATA_DIR/"
+
+# Cleanup
+rm -rf /tmp/"$BACKUP_DATE"
+
+# Start server
+docker start vaultlink-server
+
+echo "Restore complete. Check server logs."
+```
+
+## Monitoring and Metrics
+
+### Prometheus Metrics
+
+While VaultLink doesn't expose metrics natively, monitor Docker:
+
+```yaml
+# docker-compose.yml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        labels:
+            - "prometheus.io/scrape=true"
+            - "prometheus.io/port=3000"
+
+    cadvisor:
+        image: gcr.io/cadvisor/cadvisor:latest
+        volumes:
+            - /:/rootfs:ro
+            - /var/run:/var/run:ro
+            - /sys:/sys:ro
+            - /var/lib/docker/:/var/lib/docker:ro
+        ports:
+            - 8080:8080
+```
+
+### Log Analysis
+
+Analyze logs for insights:
+
+```bash
+# Most active users
+grep "authenticated" logs/*.log | cut -d"'" -f2 | sort | uniq -c | sort -rn
+
+# Failed authentications by IP
+grep "Authentication failed" logs/*.log | grep -oP '\d+\.\d+\.\d+\.\d+' | sort | uniq -c | sort -rn
+
+# Upload activity
+grep "Upload:" logs/*.log | wc -l
+
+# Average files per vault
+grep "Sync complete" logs/*.log | grep -oP '\d+ files' | cut -d' ' -f1 | awk '{sum+=$1; count++} END {print sum/count}'
+```
+
+### Alerting
+
+Simple alerting with cron:
+
+```bash
+#!/bin/bash
+# alert-errors.sh
+
+ERROR_THRESHOLD=10
+ERROR_COUNT=$(grep -c "ERROR" logs/latest.log)
+
+if [ "$ERROR_COUNT" -gt "$ERROR_THRESHOLD" ]; then
+    echo "VaultLink has $ERROR_COUNT errors in the last hour" | \
+        mail -s "VaultLink Alert" admin@example.com
+fi
+```
+
+## Security Hardening
+
+### Network Isolation
+
+Run VaultLink in isolated network:
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        networks:
+            - vaultlink-internal
+            - proxy-external
+
+networks:
+    vaultlink-internal:
+        internal: true
+    proxy-external:
+        driver: bridge
+```
+
+### Read-Only Root Filesystem
+
+Run with read-only root (mount writable volumes for data):
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        read_only: true
+        volumes:
+            - ./data:/data
+            - /tmp
+```
+
+### Drop Capabilities
+
+Run with minimal privileges:
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        security_opt:
+            - no-new-privileges:true
+        cap_drop:
+            - ALL
+```
+
+## Migration
+
+### Moving to New Server
+
+1. **Backup on old server**:
+
+    ```bash
+    ./backup-vaultlink.sh
+    ```
+
+2. **Transfer backup**:
+
+    ```bash
+    scp vaultlink-backup.tar.gz new-server:/tmp/
+    ```
+
+3. **Restore on new server**:
+
+    ```bash
+    ./restore-vaultlink.sh /tmp/vaultlink-backup.tar.gz
+    ```
+
+4. **Update DNS/clients** to point to new server
+
+5. **Verify sync** on all clients
+
+### Version Upgrades
+
+```bash
+# Pull latest image
+docker pull ghcr.io/schmelczer/vault-link-server:latest
+
+# Backup first
+./backup-vaultlink.sh
+
+# Stop old container
+docker stop vaultlink-server
+docker rm vaultlink-server
+
+# Start with new image
+docker run -d \
+  --name vaultlink-server \
+  --restart unless-stopped \
+  -p 3000:3000 \
+  -v ./data:/data \
+  ghcr.io/schmelczer/vault-link-server:latest \
+  /app/sync_server /data/config.yml
+
+# Check logs
+docker logs -f vaultlink-server
+```
+
+## Next Steps
+
+- [Understand the architecture →](/architecture/)
+- [Deploy the server →](/guide/server-setup)
+- [Configure clients →](/guide/obsidian-plugin)

docs/config/authentication.md

@@ -0,0 +1,558 @@
+# Authentication Configuration
+
+VaultLink uses token-based authentication with per-user vault access control. This guide covers all authentication and authorization options.
+
+## Overview
+
+Authentication in VaultLink:
+
+- **Token-based**: Users authenticate with secure tokens
+- **Configured in YAML**: All users defined in `config.yml`
+- **Vault-level access**: Control which vaults each user can access
+- **No password hashing**: Tokens are treated as secrets
+
+## Basic Configuration
+
+```yaml
+users:
+    user_configs:
+        - name: alice
+          token: alice-secure-token-here
+          vault_access:
+              type: allow_access_to_all
+```
+
+## User Configuration Fields
+
+### `name`
+
+**Type**: String
+**Required**: Yes
+
+Human-readable identifier for the user. Used in logs and auditing.
+
+```yaml
+- name: alice
+```
+
+**Notes**:
+
+- Must be unique across all users
+- Used for identification only, not authentication
+- Appears in server logs
+- Can be any string (e.g., email, username)
+
+### `token`
+
+**Type**: String
+**Required**: Yes
+
+Authentication token for the user. Must be kept secret.
+
+```yaml
+- token: 1a2b3c4d5e6f7g8h9i0j...
+```
+
+**Best practices**:
+
+- Generate with: `openssl rand -hex 32`
+- Minimum length: 32 characters
+- Use different token per user
+- Never commit to version control
+- Rotate periodically
+
+**Example token generation**:
+
+```bash
+# Generate a secure token
+openssl rand -hex 32
+# Output: a7f3c9d1e8b2f4a6c3d9e1f7b8a4c2d6e9f1a3b7c5d8e2f4a6b9c3d1e8f7a4b2
+```
+
+### `vault_access`
+
+**Type**: Object
+**Required**: Yes
+
+Defines which vaults the user can access.
+
+**Three modes**:
+
+1. `allow_access_to_all`: Access to all vaults
+2. `allow_list`: Access to specific vaults only
+3. `deny_list`: Access to all vaults except specific ones
+
+## Access Control Modes
+
+### Allow Access to All
+
+Grant access to every vault:
+
+```yaml
+users:
+    user_configs:
+        - name: admin
+          token: admin-token
+          vault_access:
+              type: allow_access_to_all
+```
+
+**Use cases**:
+
+- Administrator accounts
+- Personal single-user deployments
+- Development/testing
+
+### Allow List
+
+Grant access only to specific vaults:
+
+```yaml
+users:
+    user_configs:
+        - name: alice
+          token: alice-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - personal
+                  - shared-team
+                  - project-alpha
+```
+
+**Use cases**:
+
+- Multi-user deployments
+- Restricted access scenarios
+- Separation of concerns
+
+**Notes**:
+
+- User can only access listed vaults
+- Attempting to access other vaults returns authentication error
+- Empty list = no access to any vault
+
+### Deny List
+
+Grant access to all vaults except specific ones:
+
+```yaml
+users:
+    user_configs:
+        - name: bob
+          token: bob-token
+          vault_access:
+              type: deny_list
+              denied:
+                  - restricted
+                  - admin-only
+```
+
+**Use cases**:
+
+- Users with broad access except sensitive vaults
+- Simplify configuration when most vaults are accessible
+
+**Notes**:
+
+- User can access any vault not in the deny list
+- Attempting to access denied vaults returns authentication error
+
+## Multi-User Scenarios
+
+### Personal Use (Single User)
+
+```yaml
+users:
+    user_configs:
+        - name: me
+          token: my-super-secret-token
+          vault_access:
+              type: allow_access_to_all
+```
+
+### Small Team (Shared Vaults)
+
+```yaml
+users:
+    user_configs:
+        - name: alice
+          token: alice-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - personal-alice
+                  - team-shared
+        - name: bob
+          token: bob-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - personal-bob
+                  - team-shared
+        - name: charlie
+          token: charlie-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - personal-charlie
+                  - team-shared
+```
+
+### Organization (Mixed Access)
+
+```yaml
+users:
+    user_configs:
+        - name: admin
+          token: admin-token
+          vault_access:
+              type: allow_access_to_all
+
+        - name: developer
+          token: dev-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - engineering-docs
+                  - api-specs
+                  - shared
+
+        - name: designer
+          token: design-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - design-docs
+                  - brand-assets
+                  - shared
+
+        - name: readonly
+          token: readonly-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - public-wiki
+```
+
+## Authentication Flow
+
+### Connection
+
+1. Client connects via WebSocket
+2. Client sends authentication message:
+    ```json
+    {
+        "type": "auth",
+        "token": "user-token",
+        "vault": "vault-name"
+    }
+    ```
+3. Server validates:
+    - Token exists in config
+    - User has access to requested vault
+4. Server responds:
+    - Success: Connection established
+    - Failure: Connection closed with error
+
+### Validation
+
+Server checks:
+
+1. **Token match**: Token exists in `user_configs`
+2. **Vault access**: User has permission for vault
+3. **Connection limits**: Not exceeding `max_clients_per_vault`
+
+### Errors
+
+**Invalid token**:
+
+```
+Authentication failed: Invalid token
+```
+
+**No vault access**:
+
+```
+Authentication failed: User does not have access to vault 'restricted'
+```
+
+**Connection limit**:
+
+```
+Connection rejected: Maximum clients reached for vault
+```
+
+## Security Best Practices
+
+### Token Generation
+
+Generate strong tokens:
+
+```bash
+# 64 character hex token (256 bits)
+openssl rand -hex 32
+
+# Base64 encoded (256 bits)
+openssl rand -base64 32
+
+# UUID v4
+uuidgen
+```
+
+### Token Storage
+
+**In config file**:
+
+```yaml
+users:
+    user_configs:
+        - name: alice
+          token: !ENV ALICE_TOKEN # Read from environment variable
+```
+
+**Load from environment**:
+
+```bash
+export ALICE_TOKEN="$(openssl rand -hex 32)"
+./sync_server config.yml
+```
+
+### Token Rotation
+
+Periodically change tokens:
+
+1. Generate new token
+2. Update `config.yml`
+3. Restart server
+4. Update clients with new token
+
+### Token Revocation
+
+To revoke access:
+
+1. Remove user from `config.yml`
+2. Restart server
+3. User's connections will be rejected
+
+For immediate revocation:
+
+- Remove user from config
+- Restart server
+- Existing connections are terminated
+
+## Access Patterns
+
+### Read-Only Users
+
+VaultLink doesn't distinguish read-only vs read-write. Implement via client:
+
+```yaml
+# Server: Grant access
+users:
+  user_configs:
+  - name: readonly
+    token: readonly-token
+    vault_access:
+      type: allow_list
+      allowed:
+        - public
+
+# Client: Use CLI in read-only mode (mount vault read-only)
+docker run -v /vault:/vault:ro ...
+```
+
+### Temporary Access
+
+Grant temporary access:
+
+1. Add user to config
+2. Set reminder to remove later
+3. Remove user when no longer needed
+4. Restart server
+
+For automation:
+
+```bash
+# Add user with expiry comment
+echo "  - name: temp-user  # EXPIRES: 2024-12-31" >> config.yml
+echo "    token: temp-token" >> config.yml
+```
+
+### Shared Tokens (Not Recommended)
+
+Multiple users sharing a token:
+
+- All appear as same user in logs
+- Can't revoke individual access
+- Security risk if one person leaves
+
+**Instead**: Create separate users with same vault access.
+
+## Monitoring
+
+### Server Logs
+
+Authentication events are logged:
+
+```
+2024-01-01 12:00:00 INFO User 'alice' authenticated for vault 'personal'
+2024-01-01 12:00:05 WARN Authentication failed: Invalid token from 192.168.1.100
+2024-01-01 12:00:10 WARN User 'bob' denied access to vault 'restricted'
+```
+
+### Audit Trail
+
+Monitor authentication:
+
+```bash
+# View authentication logs
+grep "authenticated" logs/*.log
+
+# View failed authentications
+grep "Authentication failed" logs/*.log
+
+# View access denials
+grep "denied access" logs/*.log
+```
+
+## Advanced Scenarios
+
+### Multiple Servers
+
+Same user across multiple server instances:
+
+```yaml
+# Server 1 config.yml
+users:
+  user_configs:
+  - name: alice
+    token: alice-global-token
+    vault_access:
+      type: allow_list
+      allowed:
+        - vault-1
+        - vault-2
+
+# Server 2 config.yml
+users:
+  user_configs:
+  - name: alice
+    token: alice-global-token  # Same token
+    vault_access:
+      type: allow_list
+      allowed:
+        - vault-3
+        - vault-4
+```
+
+### Service Accounts
+
+Tokens for automated systems:
+
+```yaml
+users:
+    user_configs:
+        - name: backup-service
+          token: backup-service-token
+          vault_access:
+              type: allow_access_to_all
+
+        - name: ci-pipeline
+          token: ci-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - documentation
+
+        - name: monitoring
+          token: monitoring-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - metrics
+```
+
+### Dynamic Vault Access
+
+VaultLink doesn't support runtime user management. To change access:
+
+1. Update `config.yml`
+2. Restart server
+3. Users reconnect automatically
+
+For frequent changes, consider:
+
+- Over-provision access (deny list)
+- Use external authentication proxy
+- Script config updates + reload
+
+## Troubleshooting
+
+### Can't connect
+
+**Check token**:
+
+```bash
+# Verify token in config matches client
+grep "token:" config.yml
+```
+
+**Check vault name**:
+
+```bash
+# Ensure vault is in allowed list
+grep -A 5 "name: alice" config.yml
+```
+
+**Check server logs**:
+
+```bash
+tail -f logs/*.log | grep -i auth
+```
+
+### Access denied
+
+**Verify vault access**:
+
+```yaml
+# Check user's vault_access configuration
+users:
+    user_configs:
+        - name: alice
+          vault_access:
+              type: allow_list
+              allowed:
+                  - vault-name # Must match exactly
+```
+
+**Case sensitivity**:
+
+- Vault names are case-sensitive
+- `Vault` ≠ `vault`
+- Ensure exact match in config and client
+
+### Token not working
+
+**Check for typos**:
+
+- Extra spaces
+- Hidden characters
+- Wrong quotes in YAML
+
+**Regenerate token**:
+
+```bash
+# Generate new token
+openssl rand -hex 32
+
+# Update config
+# Restart server
+# Update client
+```
+
+## Next Steps
+
+- [Server configuration reference →](/config/server)
+- [Advanced configuration →](/config/advanced)
+- [Deploy the server →](/guide/server-setup)

docs/config/server.md

@@ -0,0 +1,489 @@
+# Server Configuration
+
+Complete reference for configuring the VaultLink sync server via `config.yml`.
+
+## Configuration File Format
+
+The server is configured using a YAML file passed as a command-line argument:
+
+```bash
+/app/sync_server /path/to/config.yml
+```
+
+## Complete Example
+
+```yaml
+database:
+    databases_directory_path: databases
+    max_connections_per_vault: 12
+    cursor_timeout_seconds: 60
+
+server:
+    host: 0.0.0.0
+    port: 3000
+    max_body_size_mb: 512
+    max_clients_per_vault: 256
+    response_timeout_seconds: 60
+
+users:
+    user_configs:
+        - name: admin
+          token: your-secure-random-token
+          vault_access:
+              type: allow_access_to_all
+        - name: alice
+          token: alice-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - personal
+                  - shared
+        - name: bob
+          token: bob-token
+          vault_access:
+              type: deny_list
+              denied:
+                  - restricted
+
+logging:
+    log_directory: logs
+    log_rotation: 7days
+```
+
+## Database Section
+
+### `databases_directory_path`
+
+**Type**: String
+**Required**: Yes
+**Default**: None
+
+Directory where SQLite database files are stored. One database file per vault.
+
+```yaml
+database:
+    databases_directory_path: /data/databases
+```
+
+The directory structure:
+
+```
+databases/
+├── vault-1.db
+├── vault-2.db
+└── personal.db
+```
+
+**Notes**:
+
+- Path is relative to working directory or absolute
+- Directory must be writable by the server process
+- Ensure adequate disk space for vault data
+- Back up this directory regularly
+
+### `max_connections_per_vault`
+
+**Type**: Integer
+**Required**: Yes
+**Default**: None
+**Recommended**: 12
+
+Maximum concurrent database connections per vault.
+
+```yaml
+database:
+    max_connections_per_vault: 12
+```
+
+**Tuning**:
+
+- Higher values: Better performance under load
+- Lower values: Less memory usage
+- Typical range: 8-20
+- Consider: Number of concurrent users × average operations per user
+
+### `cursor_timeout_seconds`
+
+**Type**: Integer
+**Required**: Yes
+**Default**: None
+**Recommended**: 60
+
+How long to keep database cursors alive for inactive clients.
+
+```yaml
+database:
+    cursor_timeout_seconds: 60
+```
+
+**Notes**:
+
+- Cursors track client sync state
+- Timeout too short: Clients may need to re-sync frequently
+- Timeout too long: More memory usage
+- Typical range: 30-300 seconds
+
+## Server Section
+
+### `host`
+
+**Type**: String
+**Required**: Yes
+**Default**: None
+
+Network interface to bind the server to.
+
+```yaml
+server:
+  host: 0.0.0.0  # All interfaces
+  # OR
+  host: 127.0.0.1  # Localhost only
+  # OR
+  host: 192.168.1.100  # Specific interface
+```
+
+**Common values**:
+
+- `0.0.0.0`: Listen on all network interfaces (production)
+- `127.0.0.1`: Listen on localhost only (development/testing)
+- Specific IP: Listen on specific interface
+
+### `port`
+
+**Type**: Integer
+**Required**: Yes
+**Default**: None
+**Recommended**: 3000
+
+TCP port to listen on.
+
+```yaml
+server:
+    port: 3000
+```
+
+**Notes**:
+
+- Must be available (not in use)
+- Privileged ports (< 1024) require root
+- Common ports: 3000, 8080, 8888
+- Configure firewall to allow this port
+
+### `max_body_size_mb`
+
+**Type**: Integer
+**Required**: Yes
+**Default**: None
+**Recommended**: 512
+
+Maximum size of HTTP request body in megabytes.
+
+```yaml
+server:
+    max_body_size_mb: 512
+```
+
+**Usage**:
+
+- Limits file upload size
+- Prevents memory exhaustion attacks
+- Must be larger than largest expected file
+- Consider client `max_file_size_mb` settings
+
+**Tuning**:
+
+- Small vaults (mostly text): 100 MB
+- Medium vaults (some images): 512 MB
+- Large vaults (many images/PDFs): 1024+ MB
+
+### `max_clients_per_vault`
+
+**Type**: Integer
+**Required**: Yes
+**Default**: None
+**Recommended**: 256
+
+Maximum concurrent clients per vault.
+
+```yaml
+server:
+    max_clients_per_vault: 256
+```
+
+**Notes**:
+
+- Limits concurrent WebSocket connections
+- Prevents resource exhaustion
+- Consider expected number of users
+- Each client uses memory and file descriptors
+
+**Scaling**:
+
+- Personal use: 10-50
+- Small team: 50-100
+- Large team: 100-500
+
+### `response_timeout_seconds`
+
+**Type**: Integer
+**Required**: Yes
+**Default**: None
+**Recommended**: 60
+
+Maximum time to wait for client responses.
+
+```yaml
+server:
+    response_timeout_seconds: 60
+```
+
+**Usage**:
+
+- Timeout for HTTP requests
+- Timeout for WebSocket operations
+- Clients disconnected if unresponsive
+
+**Tuning**:
+
+- Fast networks: 30 seconds
+- Slow networks: 90-120 seconds
+- Large file uploads: Increase proportionally
+
+## Users Section
+
+See [Authentication Configuration →](/config/authentication) for detailed user configuration.
+
+## Logging Section
+
+### `log_directory`
+
+**Type**: String
+**Required**: Yes
+**Default**: None
+
+Directory where log files are written.
+
+```yaml
+logging:
+  log_directory: /data/logs
+  # OR
+  log_directory: logs  # Relative to working directory
+```
+
+**Notes**:
+
+- Path is relative to working directory or absolute
+- Directory must be writable
+- Logs are rotated based on `log_rotation`
+- Monitor disk usage
+
+### `log_rotation`
+
+**Type**: String
+**Required**: Yes
+**Default**: None
+
+How often to rotate log files.
+
+```yaml
+logging:
+  log_rotation: 7days
+  # OR
+  log_rotation: 24hours
+  # OR
+  log_rotation: 30days
+```
+
+**Format**: `<number><unit>`
+
+**Units**:
+
+- `hours`: Hours (e.g., `12hours`, `24hours`)
+- `days`: Days (e.g., `7days`, `30days`)
+
+**Recommendations**:
+
+- Development: `24hours` or `7days`
+- Production: `7days` or `30days`
+- High traffic: `24hours` (logs can be large)
+
+## Environment-Specific Configurations
+
+### Development
+
+```yaml
+database:
+    databases_directory_path: ./databases
+    max_connections_per_vault: 8
+    cursor_timeout_seconds: 30
+
+server:
+    host: 127.0.0.1
+    port: 3000
+    max_body_size_mb: 100
+    max_clients_per_vault: 10
+    response_timeout_seconds: 30
+
+users:
+    user_configs:
+        - name: dev
+          token: dev-token
+          vault_access:
+              type: allow_access_to_all
+
+logging:
+    log_directory: logs
+    log_rotation: 24hours
+```
+
+### Production
+
+```yaml
+database:
+    databases_directory_path: /data/databases
+    max_connections_per_vault: 16
+    cursor_timeout_seconds: 120
+
+server:
+    host: 0.0.0.0
+    port: 3000
+    max_body_size_mb: 512
+    max_clients_per_vault: 256
+    response_timeout_seconds: 90
+
+users:
+    user_configs:
+        - name: admin
+          token: <strong-random-token>
+          vault_access:
+              type: allow_access_to_all
+    # Additional users...
+
+logging:
+    log_directory: /data/logs
+    log_rotation: 7days
+```
+
+## Validation
+
+The server validates configuration on startup:
+
+```bash
+# Start server
+./sync_server config.yml
+
+# Check for errors in logs
+tail -f logs/latest.log
+```
+
+**Common errors**:
+
+- Missing required fields
+- Invalid YAML syntax
+- Invalid values (negative numbers, etc.)
+- Directory not writable
+
+## Performance Tuning
+
+### High Concurrency
+
+For many concurrent users:
+
+```yaml
+database:
+    max_connections_per_vault: 20 # Increase
+
+server:
+    max_clients_per_vault: 500 # Increase
+    response_timeout_seconds: 120 # Increase for slow clients
+```
+
+### Large Files
+
+For vaults with large files:
+
+```yaml
+server:
+    max_body_size_mb: 1024 # Allow larger uploads
+    response_timeout_seconds: 180 # More time for uploads
+```
+
+### Resource-Constrained Systems
+
+For limited CPU/memory:
+
+```yaml
+database:
+    max_connections_per_vault: 6 # Reduce
+
+server:
+    max_clients_per_vault: 50 # Reduce
+    max_body_size_mb: 256 # Reduce
+```
+
+## Security Considerations
+
+### Token Security
+
+- Use strong random tokens: `openssl rand -hex 32`
+- Never commit tokens to version control
+- Rotate tokens periodically
+- Use different tokens per user
+
+### Network Security
+
+- Bind to `127.0.0.1` if using reverse proxy on same host
+- Use firewall to restrict access
+- Enable SSL/TLS via reverse proxy
+
+### Resource Limits
+
+- Set `max_clients_per_vault` to prevent DoS
+- Set `max_body_size_mb` to prevent memory exhaustion
+- Configure `response_timeout_seconds` to prevent hanging connections
+
+## Troubleshooting
+
+### Server won't start
+
+**Check YAML syntax**:
+
+```bash
+# Use a YAML validator
+python -c 'import yaml, sys; yaml.safe_load(open("config.yml"))'
+```
+
+**Check file paths**:
+
+```bash
+# Ensure directories exist and are writable
+mkdir -p databases logs
+chmod 755 databases logs
+```
+
+**Check port availability**:
+
+```bash
+# Verify port is not in use
+lsof -i :3000
+```
+
+### High memory usage
+
+- Reduce `max_connections_per_vault`
+- Reduce `max_clients_per_vault`
+- Reduce `max_body_size_mb`
+- Check for large vaults or many concurrent users
+
+### Slow performance
+
+- Increase `max_connections_per_vault`
+- Increase database connection pool
+- Use SSD for database storage
+- Monitor database size (vacuum if needed)
+
+## Next Steps
+
+- [Configure authentication →](/config/authentication)
+- [Advanced configuration options →](/config/advanced)
+- [Deploy the server →](/guide/server-setup)

docs/guide/alternatives.md

@@ -0,0 +1,324 @@
+# Comparison with Alternatives
+
+VaultLink is one of several solutions for synchronising Obsidian vaults. This page compares VaultLink with popular alternatives to help you choose the right tool.
+
+## Key Differentiator: Editor Agnostic
+
+**VaultLink is not tied to Obsidian.** While it includes an Obsidian plugin for convenience, VaultLink synchronises plain text files and works with any editor:
+
+- Edit with **Obsidian desktop** on your laptop
+- Edit with **Vim** on your server
+- Edit with **VS Code** on your workstation
+- Edit with **Obsidian mobile** on your phone
+- Use the **CLI client** for automated workflows
+
+All changes merge automatically without conflict markers, regardless of which editor you use. This is possible because VaultLink uses [reconcile-text](/architecture/sync-algorithm#why-reconcile-text-over-crdts) for differential synchronisation rather than requiring operation-level tracking.
+
+## VaultLink's Core Strengths
+
+Before diving into comparisons:
+
+1. **Fully self-hosted**: Server and all components are open source
+2. **Collaborative editing**: Real-time sync with operational transformation
+3. **Automatic conflict resolution**: No manual intervention or paid features required
+4. **Cursor tracking**: See where other users are editing
+5. **Extensively tested**: Comprehensive test suite for server and client
+6. **Editor freedom**: Use any text editor, not just Obsidian
+7. **Production-ready**: Docker images, health checks, monitoring
+
+## Obsidian Sync Alternatives
+
+### Self-hosted LiveSync
+
+**Downloads**: ~300,000
+**Repository**: https://github.com/vrtmrz/obsidian-livesync
+
+**Overview**: CouchDB/IBM Cloudant-based sync with end-to-end encryption.
+
+| Aspect                    | Self-hosted LiveSync        | VaultLink                              |
+| ------------------------- | --------------------------- | -------------------------------------- |
+| **Self-hosted**           | Yes (CouchDB required)      | Yes (single binary or Docker)          |
+| **Conflict resolution**   | Manual or automatic (basic) | Automatic (operational transformation) |
+| **Collaborative editing** | No                          | Yes (real-time with cursors)           |
+| **Editor support**        | Obsidian only               | Any text editor                        |
+| **Infrastructure**        | CouchDB database            | SQLite (bundled)                       |
+| **Deployment complexity** | Medium (external DB)        | Low (single container)                 |
+| **End-to-end encryption** | Yes                         | No (transport encryption only)         |
+| **Out-of-band edits**     | Limited support             | Full support (edit with any tool)      |
+
+**When to use LiveSync**:
+
+- Need end-to-end encryption
+- Already running CouchDB
+- Only use Obsidian (no external editors)
+
+**When to use VaultLink**:
+
+- Want collaborative editing with multiple users
+- Edit files with various tools (Vim, VS Code, etc.)
+- Need simpler deployment (no external database)
+- Want operational transformation for better merges
+
+---
+
+### Remotely Save
+
+**Downloads**: ~1.1M
+**Repository**: https://github.com/remotely-save/remotely-save
+
+**Overview**: Sync to cloud storage providers (S3, Dropbox, OneDrive, WebDAV).
+
+| Aspect                    | Remotely Save                | VaultLink                |
+| ------------------------- | ---------------------------- | ------------------------ |
+| **Self-hosted**           | Partial (uses cloud storage) | Fully self-hosted        |
+| **Conflict resolution**   | Paid Pro feature             | Free and automatic       |
+| **Collaborative editing** | No                           | Yes                      |
+| **Editor support**        | Obsidian only                | Any text editor          |
+| **Storage backend**       | Cloud providers              | Self-hosted SQLite       |
+| **Cost**                  | Free (basic) / Paid (Pro)    | Free (open source)       |
+| **Code quality**          | No tests, complex codebase   | Comprehensive test suite |
+| **Real-time sync**        | No (periodic polling)        | Yes (WebSocket)          |
+
+**When to use Remotely Save**:
+
+- Already use cloud storage (S3, Dropbox)
+- Don't need real-time sync
+- Single-user scenario
+
+**When to use VaultLink**:
+
+- Want full control over data
+- Need automatic conflict resolution without paying
+- Want real-time collaborative editing
+- Value code quality and testing
+
+**Note**: Remotely Save's conflict resolution is a paid feature. VaultLink provides superior automatic merging for free.
+
+---
+
+### Relay
+
+**Downloads**: ~24,000
+**Repository**: https://github.com/No-Instructions/Relay
+
+**Overview**: CRDT-based sync with proprietary server component.
+
+| Aspect                     | Relay                        | VaultLink               |
+| -------------------------- | ---------------------------- | ----------------------- |
+| **Self-hosted**            | No (proprietary server)      | Yes (fully open source) |
+| **Conflict resolution**    | CRDT (automatic)             | OT (automatic)          |
+| **Collaborative editing**  | Yes                          | Yes                     |
+| **Editor support**         | Obsidian only                | Any text editor         |
+| **Out-of-band edits**      | No (breaks CRDT consistency) | Yes (differential sync) |
+| **Server open source**     | No                           | Yes                     |
+| **Infrastructure control** | Limited                      | Full                    |
+| **Per-file overhead**      | High (CRDT metadata)         | Low (version history)   |
+
+**When to use Relay**:
+
+- Want hosted solution (don't self-host)
+- Only edit within Obsidian
+- Don't need out-of-band editing
+
+**When to use VaultLink**:
+
+- Need fully open source solution
+- Want to self-host completely
+- Edit files outside Obsidian (Vim, VS Code)
+- Value infrastructure control
+
+**Critical limitation**: Relay's CRDT approach requires tracking every operation within Obsidian. Editing files outside Obsidian breaks the CRDT state. VaultLink's differential sync works regardless of how files are edited.
+
+---
+
+### Obsidian Git
+
+**Downloads**: ~1.4M
+**Repository**: https://github.com/denolehov/obsidian-git
+
+**Overview**: Uses Git for version control and synchronisation.
+
+| Aspect                    | Obsidian Git                  | VaultLink               |
+| ------------------------- | ----------------------------- | ----------------------- |
+| **Self-hosted**           | Yes (Git server)              | Yes (sync server)       |
+| **Conflict resolution**   | Manual (conflict markers)     | Automatic (no markers)  |
+| **Collaborative editing** | No                            | Yes (real-time)         |
+| **Editor support**        | Any (it's Git)                | Any (differential sync) |
+| **Version history**       | Full Git history              | Document versions       |
+| **Real-time sync**        | No (commit-based)             | Yes (instant)           |
+| **Merge conflicts**       | Manual resolution             | Automatic               |
+| **Learning curve**        | High (Git knowledge required) | Low                     |
+| **Workflow interruption** | Yes (resolve conflicts)       | No                      |
+
+**When to use Obsidian Git**:
+
+- Need full version control (branches, tags, etc.)
+- Already familiar with Git workflows
+- Want integration with existing Git repos
+- Don't mind manual conflict resolution
+
+**When to use VaultLink**:
+
+- Want automatic conflict-free merging
+- Need real-time collaborative editing
+- Don't want workflow interruptions from merge conflicts
+- Prefer simpler mental model (sync, not commits)
+
+**Key difference**: Git requires manual conflict resolution with `<<<<<<<` markers. VaultLink automatically merges all changes using operational transformation, never interrupting your workflow.
+
+---
+
+### Syncthing Integration
+
+**Downloads**: ~22,600
+**Repository**: https://github.com/LBF38/obsidian-syncthing-integration
+
+**Overview**: Wrapper around Syncthing for file synchronisation.
+
+| Aspect                    | Syncthing Integration          | VaultLink         |
+| ------------------------- | ------------------------------ | ----------------- |
+| **Self-hosted**           | Yes (Syncthing)                | Yes (sync server) |
+| **Conflict resolution**   | Manual                         | Automatic         |
+| **Collaborative editing** | No                             | Yes               |
+| **Editor support**        | Any                            | Any               |
+| **Status**                | Unfinished                     | Production-ready  |
+| **Conflict files**        | Creates `.sync-conflict` files | No conflict files |
+| **Real-time sync**        | Yes                            | Yes               |
+| **Automatic merging**     | No                             | Yes               |
+
+**When to use Syncthing Integration**:
+
+- Already use Syncthing for other files
+- Don't need automatic conflict resolution
+- Single-user with multiple devices
+
+**When to use VaultLink**:
+
+- Want automatic conflict resolution
+- Need collaborative editing
+- Want production-ready solution
+- Don't want to manage conflict files
+
+**Status note**: Syncthing Integration is marked as unfinished. VaultLink is production-ready with comprehensive testing.
+
+---
+
+### Remotely Sync
+
+**Downloads**: ~38,000
+**Repository**: https://github.com/sboesen/remotely-sync
+
+**Overview**: Similar to Remotely Save, syncs to cloud storage.
+
+| Aspect                  | Remotely Sync           | VaultLink           |
+| ----------------------- | ----------------------- | ------------------- |
+| **Self-hosted**         | Partial (cloud storage) | Fully self-hosted   |
+| **Conflict resolution** | Limited/Paid            | Free and automatic  |
+| **Code quality**        | No tests                | Comprehensive tests |
+| **Maintenance**         | Low activity            | Active development  |
+
+**Same concerns as Remotely Save**: No test suite, conflict resolution limitations, cloud storage dependency.
+
+**When to use VaultLink**: See Remotely Save comparison above.
+
+---
+
+### SyncFTP
+
+**Downloads**: ~5,000
+**Repository**: https://github.com/alex-donnan/SyncFTP
+
+**Overview**: Simple FTP-based file synchronisation.
+
+| Aspect                    | SyncFTP                | VaultLink        |
+| ------------------------- | ---------------------- | ---------------- |
+| **Conflict resolution**   | None (last write wins) | Automatic (OT)   |
+| **Data loss risk**        | High (overwrites)      | None (merges)    |
+| **Collaborative editing** | No                     | Yes              |
+| **Sophistication**        | Minimal                | Production-grade |
+
+**When to use SyncFTP**: Don't use SyncFTP for any scenario where data integrity matters.
+
+**When to use VaultLink**: Any scenario requiring reliable synchronisation.
+
+---
+
+## Feature Comparison Matrix
+
+| Feature                           | VaultLink | LiveSync | Relay | Git | Remotely Save | Syncthing |
+| --------------------------------- | --------- | -------- | ----- | --- | ------------- | --------- |
+| **Fully open source**             | ✅        | ✅       | ❌    | ✅  | ✅            | ✅        |
+| **Self-hosted**                   | ✅        | ✅       | ❌    | ✅  | Partial       | ✅        |
+| **Automatic conflict resolution** | ✅        | Basic    | ✅    | ❌  | Paid          | ❌        |
+| **Real-time sync**                | ✅        | ✅       | ✅    | ❌  | ❌            | ✅        |
+| **Collaborative editing**         | ✅        | ❌       | ✅    | ❌  | ❌            | ❌        |
+| **Cursor tracking**               | ✅        | ❌       | ❌    | ❌  | ❌            | ❌        |
+| **Editor agnostic**               | ✅        | ❌       | ❌    | ✅  | ❌            | ✅        |
+| **Out-of-band edits**             | ✅        | Limited  | ❌    | ✅  | ❌            | ✅        |
+| **No conflict markers**           | ✅        | ✅       | ✅    | ❌  | ❌            | ❌        |
+| **Comprehensive tests**           | ✅        | ❌       | ❌    | N/A | ❌            | N/A       |
+| **Simple deployment**             | ✅        | ❌       | N/A   | ❌  | ✅            | ❌        |
+| **Low infrastructure**            | ✅        | ❌       | N/A   | ✅  | ✅            | ✅        |
+
+---
+
+## VaultLink's Unique Position
+
+VaultLink is the **only** solution that combines:
+
+1. **Fully open source** self-hosted server
+2. **Editor agnostic** operation (not locked to Obsidian)
+3. **Automatic conflict-free merging** using operational transformation
+4. **Real-time collaborative editing** with cursor tracking
+5. **Differential synchronisation** supporting out-of-band edits
+6. **Comprehensive test coverage** ensuring reliability
+7. **Simple deployment** via Docker or single binary
+
+## Use Case Recommendations
+
+### Choose VaultLink when you:
+
+- Edit vaults with multiple editors (Obsidian + Vim + VS Code)
+- Need real-time collaboration with teammates
+- Want automatic conflict resolution without manual intervention
+- Value full control over infrastructure
+- Need production-ready reliability with comprehensive testing
+- Want to edit files while offline and sync later seamlessly
+
+### Consider alternatives when you:
+
+- **LiveSync**: Need end-to-end encryption and only use Obsidian
+- **Git**: Need full version control with branches and advanced Git features
+- **Remotely Save**: Already committed to cloud storage providers
+- **Syncthing**: Already use Syncthing and don't need automatic merging
+
+## Migration from Other Solutions
+
+VaultLink works with plain Markdown files, making migration simple:
+
+1. **From Git**: Clone your repo, point VaultLink to the directory
+2. **From cloud sync**: Download files, configure VaultLink client
+3. **From LiveSync**: Export vault, import to VaultLink
+4. **From Syncthing**: Point VaultLink to synced directory
+
+All solutions work with the same Markdown files—VaultLink just syncs them better.
+
+## Beyond Obsidian
+
+Because VaultLink is editor-agnostic, you can use it for:
+
+- **Documentation teams**: Sync technical docs edited in VS Code
+- **Academic writing**: Collaborate on papers with various Markdown editors
+- **Personal knowledge bases**: Use Obsidian on mobile, Vim on servers
+- **Automated workflows**: CLI client for backup systems and CI/CD
+- **Multi-tool workflows**: Different team members use different editors
+
+VaultLink doesn't lock you into Obsidian—it's a general-purpose differential sync system that happens to work excellently with Obsidian vaults.
+
+## Next Steps
+
+Ready to try VaultLink?
+
+- [Get started →](/guide/getting-started)
+- [Understand the architecture →](/architecture/)
+- [See how sync works →](/architecture/sync-algorithm)

docs/guide/cli-client.md

@@ -0,0 +1,532 @@
+# CLI Client
+
+Sync vaults without Obsidian. Works on servers, automation, backups, headless systems.
+
+## Installation
+
+### Docker (Recommended)
+
+Pull the latest image:
+
+```bash
+docker pull ghcr.io/schmelczer/vault-link-cli:latest
+```
+
+### npm
+
+Install globally:
+
+```bash
+npm install -g @schmelczer/local-client-cli
+```
+
+Verify installation:
+
+```bash
+vaultlink --version
+```
+
+### From Source
+
+Build from the repository:
+
+```bash
+git clone https://github.com/schmelczer/vault-link.git
+cd vault-link/frontend/local-client-cli
+npm install
+npm run build
+node dist/cli.js --help
+```
+
+## Usage
+
+### Basic Usage
+
+```bash
+vaultlink \
+  --local-path /path/to/vault \
+  --remote-uri wss://sync.example.com \
+  --token your-auth-token \
+  --vault-name default
+```
+
+### Docker Usage
+
+```bash
+docker run -v /path/to/vault:/vault \
+  ghcr.io/schmelczer/vault-link-cli:latest \
+  -l /vault \
+  -r wss://sync.example.com \
+  -t your-auth-token \
+  -v default
+```
+
+### Docker Compose
+
+Create `docker-compose.yml`:
+
+```yaml
+services:
+    vaultlink-cli:
+        image: ghcr.io/schmelczer/vault-link-cli:latest
+        restart: unless-stopped
+        volumes:
+            - ./vault:/vault
+        command:
+            - "-l"
+            - "/vault"
+            - "-r"
+            - "wss://sync.example.com"
+            - "-t"
+            - "your-token"
+            - "-v"
+            - "default"
+```
+
+Start the client:
+
+```bash
+docker compose up -d
+```
+
+## Configuration Options
+
+### Required Arguments
+
+| Argument       | Short | Description             | Example                  |
+| -------------- | ----- | ----------------------- | ------------------------ |
+| `--local-path` | `-l`  | Local directory to sync | `/vault`                 |
+| `--remote-uri` | `-r`  | Server WebSocket URI    | `wss://sync.example.com` |
+| `--token`      | `-t`  | Authentication token    | `abc123...`              |
+| `--vault-name` | `-v`  | Vault name on server    | `default`                |
+
+### Optional Arguments
+
+| Argument                        | Default | Description                            |
+| ------------------------------- | ------- | -------------------------------------- |
+| `--sync-concurrency`            | `1`     | Concurrent file operations             |
+| `--max-file-size-mb`            | `10`    | Max file size in MB                    |
+| `--ignore-pattern`              | -       | Glob pattern to ignore (repeatable)    |
+| `--websocket-retry-interval-ms` | `3500`  | Reconnection interval                  |
+| `--log-level`                   | `INFO`  | Log level: DEBUG, INFO, WARNING, ERROR |
+
+### Environment Variables
+
+Alternative to command-line arguments:
+
+```bash
+export VAULTLINK_LOCAL_PATH="/vault"
+export VAULTLINK_REMOTE_URI="wss://sync.example.com"
+export VAULTLINK_TOKEN="your-token"
+export VAULTLINK_VAULT_NAME="default"
+
+vaultlink
+```
+
+## Examples
+
+### Basic Sync
+
+Sync a local directory to the server:
+
+```bash
+vaultlink \
+  -l ./my-notes \
+  -r wss://sync.example.com \
+  -t my-secure-token \
+  -v personal
+```
+
+### With Ignore Patterns
+
+Exclude specific files or directories:
+
+```bash
+vaultlink \
+  -l ./vault \
+  -r wss://sync.example.com \
+  -t token123 \
+  -v default \
+  --ignore-pattern "*.tmp" \
+  --ignore-pattern ".DS_Store" \
+  --ignore-pattern "node_modules/**"
+```
+
+### Debug Logging
+
+Enable verbose logging:
+
+```bash
+vaultlink \
+  -l ./vault \
+  -r wss://sync.example.com \
+  -t token123 \
+  -v default \
+  --log-level DEBUG
+```
+
+### High Concurrency
+
+Faster initial sync:
+
+```bash
+vaultlink \
+  -l ./vault \
+  -r wss://sync.example.com \
+  -t token123 \
+  -v default \
+  --sync-concurrency 5
+```
+
+### Large Files
+
+Allow larger file uploads:
+
+```bash
+vaultlink \
+  -l ./vault \
+  -r wss://sync.example.com \
+  -t token123 \
+  -v default \
+  --max-file-size-mb 50
+```
+
+## Docker Deployment
+
+### Long-Running Sync
+
+Run as a daemon for continuous synchronisation:
+
+```bash
+docker run -d \
+  --name vaultlink-sync \
+  --restart unless-stopped \
+  -v $(pwd)/vault:/vault \
+  ghcr.io/schmelczer/vault-link-cli:latest \
+  -l /vault \
+  -r wss://sync.example.com \
+  -t your-token \
+  -v default
+```
+
+Monitor logs:
+
+```bash
+docker logs -f vaultlink-sync
+```
+
+### Health Monitoring
+
+The Docker image includes built-in health checks:
+
+```bash
+# Check health status
+docker ps
+
+# View detailed health info
+docker inspect --format='{{json .State.Health}}' vaultlink-sync | jq
+```
+
+Health check verifies:
+
+- Health file exists
+- Status updated within last 30 seconds
+- WebSocket connection is active
+
+Configure custom health check:
+
+```yaml
+services:
+    vaultlink-cli:
+        image: ghcr.io/schmelczer/vault-link-cli:latest
+        healthcheck:
+            test: ["CMD", "node", "/app/healthcheck.js"]
+            interval: 15s
+            timeout: 5s
+            retries: 5
+            start_period: 20s
+```
+
+### Read-Only Vault
+
+Mount vault as read-only to prevent local changes:
+
+```bash
+docker run -d \
+  -v $(pwd)/vault:/vault:ro \
+  ghcr.io/schmelczer/vault-link-cli:latest \
+  -l /vault \
+  -r wss://sync.example.com \
+  -t token \
+  -v default
+```
+
+::: warning
+The CLI needs write access to create `.vaultlink` metadata directory. Mount as read-write or provide a separate writeable directory.
+:::
+
+## How It Works
+
+### Initial Sync
+
+On startup:
+
+1. Creates `.vaultlink/` directory for metadata
+2. Scans local filesystem
+3. Uploads all local files to server
+4. Downloads files from server not present locally
+5. Resolves conflicts using operational transformation
+
+### Real-Time Synchronization
+
+After initial sync:
+
+1. Watches filesystem for changes using `fs.watch`
+2. Uploads changed files immediately
+3. Receives real-time updates from server via WebSocket
+4. Handles bidirectional sync automatically
+
+### Graceful Shutdown
+
+On SIGINT (Ctrl+C) or SIGTERM:
+
+1. Completes pending uploads
+2. Closes WebSocket connection cleanly
+3. Flushes metadata to disk
+4. Exits gracefully
+
+## Use Cases
+
+### Automated Backups
+
+Continuously backup vaults to a remote server:
+
+```bash
+docker run -d \
+  --name vault-backup \
+  -v /important/notes:/vault:ro \
+  ghcr.io/schmelczer/vault-link-cli:latest \
+  -l /vault -r wss://backup.example.com -t backup-token -v backups
+```
+
+### CI/CD Documentation
+
+Sync documentation in automated pipelines:
+
+```bash
+# In your CI pipeline
+docker run \
+  -v $(pwd)/docs:/vault \
+  ghcr.io/schmelczer/vault-link-cli:latest \
+  -l /vault -r wss://docs.example.com -t ci-token -v prod-docs
+```
+
+### Multi-Location Sync
+
+Sync between different geographic locations:
+
+```bash
+# Location A
+vaultlink -l /data/vault -r wss://hub.example.com -t token -v shared
+
+# Location B
+vaultlink -l /backup/vault -r wss://hub.example.com -t token -v shared
+```
+
+### Development Environment
+
+Keep documentation in sync across dev environments:
+
+```bash
+# In docker-compose.yml for your dev stack
+services:
+  docs-sync:
+    image: ghcr.io/schmelczer/vault-link-cli:latest
+    volumes:
+      - ./docs:/vault
+    command: ["-l", "/vault", "-r", "wss://docs-server", "-t", "dev-token", "-v", "dev"]
+```
+
+## Troubleshooting
+
+### Client won't connect
+
+**Check server accessibility**:
+
+```bash
+curl https://sync.example.com/vaults/test/ping
+```
+
+**Verify WebSocket protocol**:
+
+- Use `ws://` for HTTP servers
+- Use `wss://` for HTTPS servers
+
+**Check authentication**:
+
+- Token must match server config
+- User must have access to the vault
+
+### Permission errors
+
+**Docker volume permissions**:
+
+```bash
+# Ensure directory is writable
+chmod 755 /path/to/vault
+
+# Check Docker user ID
+docker run --rm ghcr.io/schmelczer/vault-link-cli:latest id
+```
+
+**SELinux issues**:
+
+```bash
+# Add :z flag to volume mount
+docker run -v /path/to/vault:/vault:z ...
+```
+
+### Files not syncing
+
+**Check ignore patterns**:
+
+- View logs to see which files are skipped
+- Ensure patterns don't match unintentionally
+
+**File size limits**:
+
+- Check `--max-file-size-mb` setting
+- Large files are skipped with a warning
+
+**Check metadata**:
+
+```bash
+# View sync metadata
+cat /path/to/vault/.vaultlink/metadata.json
+```
+
+### High memory usage
+
+**Reduce concurrency**:
+
+```bash
+--sync-concurrency 1
+```
+
+**Limit file sizes**:
+
+```bash
+--max-file-size-mb 5
+```
+
+**Check vault size**:
+
+- Very large vaults may need more resources
+- Consider splitting into multiple vaults
+
+### Connection keeps dropping
+
+**Increase retry interval**:
+
+```bash
+--websocket-retry-interval-ms 5000
+```
+
+**Check network stability**:
+
+```bash
+# Monitor connection
+docker logs -f vaultlink-sync | grep -i websocket
+```
+
+**Server timeout settings**:
+
+- Verify reverse proxy WebSocket timeout
+- Check server `response_timeout_seconds`
+
+## Advanced Usage
+
+### Custom Healthcheck Script
+
+Create your own health monitoring:
+
+```bash
+#!/bin/bash
+HEALTH_FILE="/tmp/vaultlink-health.json"
+
+if [ ! -f "$HEALTH_FILE" ]; then
+    exit 1
+fi
+
+# Check file is recent (within 60 seconds)
+if [ $(( $(date +%s) - $(stat -c %Y "$HEALTH_FILE") )) -gt 60 ]; then
+    exit 1
+fi
+
+# Check WebSocket is connected
+if ! jq -e '.connected == true' "$HEALTH_FILE" > /dev/null; then
+    exit 1
+fi
+
+exit 0
+```
+
+### Automated Recovery
+
+Restart on failure with exponential backoff:
+
+```bash
+#!/bin/bash
+RETRY_DELAY=5
+
+while true; do
+    vaultlink -l /vault -r wss://server -t token -v default
+
+    echo "Client exited, restarting in ${RETRY_DELAY}s..."
+    sleep $RETRY_DELAY
+
+    # Exponential backoff up to 5 minutes
+    RETRY_DELAY=$((RETRY_DELAY * 2))
+    if [ $RETRY_DELAY -gt 300 ]; then
+        RETRY_DELAY=300
+    fi
+done
+```
+
+### Integration with systemd
+
+Create `/etc/systemd/system/vaultlink-cli.service`:
+
+```ini
+[Unit]
+Description=VaultLink CLI Sync
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+Restart=always
+RestartSec=10
+Environment="VAULTLINK_LOCAL_PATH=/data/vault"
+Environment="VAULTLINK_REMOTE_URI=wss://sync.example.com"
+Environment="VAULTLINK_TOKEN=your-token"
+Environment="VAULTLINK_VAULT_NAME=default"
+ExecStart=/usr/local/bin/vaultlink
+
+[Install]
+WantedBy=multi-user.target
+```
+
+Enable and start:
+
+```bash
+sudo systemctl daemon-reload
+sudo systemctl enable vaultlink-cli
+sudo systemctl start vaultlink-cli
+```
+
+## Next Steps
+
+- [Configure server authentication →](/config/authentication)
+- [Learn about the sync algorithm →](/architecture/sync-algorithm)
+- [Set up Obsidian plugin →](/guide/obsidian-plugin)

docs/guide/getting-started.md

@@ -0,0 +1,125 @@
+# Getting Started
+
+Set up VaultLink in 5 minutes. Deploy server, connect clients, done.
+
+## Prerequisites
+
+- Docker (or Rust toolchain if building from source)
+- A server (VPS, home server, or localhost for testing)
+
+## Step 1: Deploy Server
+
+Create `config.yml`:
+
+```yaml
+database:
+    databases_directory_path: databases
+    max_connections_per_vault: 12
+    cursor_timeout_seconds: 60
+server:
+    host: 0.0.0.0
+    port: 3000
+    max_body_size_mb: 512
+    max_clients_per_vault: 256
+    response_timeout_seconds: 60
+users:
+    user_configs:
+        - name: admin
+          token: change-this-to-secure-random-token
+          vault_access:
+              type: allow_access_to_all
+logging:
+    log_directory: logs
+    log_rotation: 7days
+```
+
+::: tip
+Generate secure token: `openssl rand -hex 32`
+:::
+
+Run server:
+
+```bash
+docker run -d \
+  --name vaultlink-server \
+  --restart unless-stopped \
+  -p 3000:3000 \
+  -v $(pwd):/data \
+  ghcr.io/schmelczer/vault-link-server:latest \
+  /app/sync_server /data/config.yml
+```
+
+Verify: `curl http://localhost:3000/vaults/test/ping` should return server version and auth status
+
+## Step 2: Connect Client
+
+### Obsidian Plugin
+
+1. Settings → Community Plugins → Browse
+2. Search "VaultLink", install, enable
+3. Configure:
+    - Server URL: `ws://localhost:3000` (or `wss://your-server.com` for SSL)
+    - Token: Your token from config.yml
+    - Vault Name: `default`
+
+[Full plugin guide →](/guide/obsidian-plugin)
+
+### CLI Client
+
+```bash
+docker run -d \
+  --name vaultlink-cli \
+  --restart unless-stopped \
+  -v /path/to/vault:/vault \
+  ghcr.io/schmelczer/vault-link-cli:latest \
+  -l /vault -r ws://localhost:3000 -t your-token -v default
+```
+
+[Full CLI guide →](/guide/cli-client)
+
+## Production Setup
+
+For production:
+
+1. **SSL/TLS**: Use Nginx/Caddy reverse proxy for `wss://` ([setup guide](/guide/server-setup#ssl-tls-with-reverse-proxy))
+2. **Secure tokens**: Generate with `openssl rand -hex 32`, don't reuse the example
+3. **Firewall**: Only expose port 3000 to reverse proxy
+4. **Backups**: SQLite databases are in `databases/` directory
+
+## Multiple Users
+
+```yaml
+users:
+    user_configs:
+        - name: alice
+          token: alice-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - personal
+                  - shared
+        - name: bob
+          token: bob-token
+          vault_access:
+              type: allow_list
+              allowed:
+                  - shared
+```
+
+[Auth docs →](/config/authentication)
+
+## Troubleshooting
+
+**Server won't start**: `docker logs vaultlink-server`
+
+**Client can't connect**:
+
+1. Verify server: `curl http://your-server:3000/vaults/test/ping`
+2. Check URL: `ws://` for HTTP, `wss://` for HTTPS
+3. Verify token matches config.yml
+
+**Understanding limitations**: [See what VaultLink can and can't do →](/guide/limitations)
+
+**Files not syncing**: Check client logs, verify vault name matches
+
+[Server setup →](/guide/server-setup) | [Architecture →](/architecture/)

docs/guide/limitations.md

@@ -0,0 +1,192 @@
+# Limitations
+
+VaultLink works well for most Obsidian vaults, but has some constraints you should know about.
+
+## File Type Limitations
+
+### Mergeable Files
+
+Only **`.md`** and **`.txt`** files get automatic conflict-free merging.
+
+Other file types (images, PDFs, etc.) use last-write-wins:
+
+```
+User A updates diagram.png → Server stores version 1
+User B updates diagram.png → Server stores version 2 (overwrites A's changes)
+```
+
+**Workaround**: Avoid editing the same non-text file simultaneously.
+
+### Binary Detection
+
+Files are treated as binary if they:
+
+- Contain NUL bytes (`0x00`)
+- Fail UTF-8 validation
+
+Binary files within `.md` or `.txt` extensions still get last-write-wins (no merge).
+
+## Performance Constraints
+
+### Server Limits (Configurable)
+
+| Resource                 | Default | Maximum Tested |
+| ------------------------ | ------- | -------------- |
+| Clients per vault        | 256     | ~256           |
+| Database connections     | 12      | 20             |
+| Max file size            | 512 MB  | 4096 MB        |
+| Request timeout          | 60s     | 180s           |
+| WebSocket cursor timeout | 60s     | 300s           |
+| Database busy timeout    | 3600s   | -              |
+
+### Vault Size
+
+- **Small vaults** (< 1000 files): Excellent performance
+- **Medium vaults** (1000-10000 files): Good performance
+- **Large vaults** (> 10000 files): Works, but initial sync slower
+
+No hard file count limit—constrained by disk space and sync time.
+
+### Resource Usage
+
+Rough estimates (varies by vault size and activity):
+
+- **RAM**: ~50-200 MB base + ~1-5 MB per active client
+- **CPU**: Low (< 5%) for typical usage, spikes during merges
+- **Disk**: Vault size + version history (grows over time)
+
+## Version History
+
+### Storage
+
+- All versions stored indefinitely (no automatic cleanup)
+- Each vault is a separate SQLite database
+- Deleted files marked as deleted (not purged)
+
+**Growth**: Version history grows with every change. A 10 MB vault with frequent edits might grow to 100+ MB over months.
+
+**Cleanup**: Manual only (see [Advanced Configuration](/config/advanced#version-history-cleanup)).
+
+### Implications
+
+- Disk usage grows over time
+- Database size affects backup time
+- No built-in retention policy
+
+## Merge Quality
+
+### Text Merging
+
+VaultLink uses word-level tokenisation for merging:
+
+```markdown
+Parent: "The quick brown fox"
+User A: "The quick red fox"
+User B: "The very quick brown fox"
+Result: "The very quick red fox" ← Both changes preserved
+```
+
+**Imperfect scenarios**:
+
+- Complex nested Markdown (tables, code blocks)
+- Simultaneous edits to the same sentence
+- Large structural changes (moving sections around)
+
+**Result**: Merged file might need manual cleanup in ~1-5% of concurrent edits.
+
+## Scalability
+
+### SQLite Limitations
+
+- One SQLite database per vault
+- Single-server architecture (no built-in clustering)
+- Write serialisation through database
+
+**For high concurrency**: Consider multiple vaults instead of one massive shared vault.
+
+### Horizontal Scaling
+
+Not currently supported. Running multiple servers requires manual vault partitioning.
+
+## Network Requirements
+
+### Latency
+
+- Real-time sync typically < 500ms on good connections
+- Mobile/slow networks: 1-5s latency possible
+- Timeout failures on very slow connections (> 60s)
+
+### Offline Behaviour
+
+- Clients queue changes locally
+- On reconnect, sync all changes since last connection
+- Conflicts resolved automatically (for mergeable files)
+
+**Limitation**: No offline conflict preview—merged result appears after reconnect.
+
+## Security
+
+### No End-to-End Encryption
+
+- Server sees all file contents
+- Transport encryption only (WSS/TLS)
+- Trust your server
+
+**Workaround**: Self-host on infrastructure you control.
+
+### Authentication
+
+- Token-based only (no OAuth, SAML, etc.)
+- Tokens configured in server config file
+- No runtime user management
+
+## Known Edge Cases
+
+### Simultaneous Deletes and Edits
+
+```
+User A deletes note.md
+User B edits note.md
+Result: Edit wins (file recreated with B's content)
+```
+
+Operational transformation prioritises content preservation.
+
+### Large File Uploads
+
+Files > 100 MB may time out on slow connections. Increase `response_timeout_seconds` or split large files.
+
+### Mobile Sync
+
+- Mobile networks may drop WebSocket connections frequently
+- Client auto-reconnects, but causes sync delays
+- Battery impact from constant reconnections
+
+## What VaultLink is NOT
+
+- **Not a backup solution**: Version history helps but isn't a backup (make backups!)
+- **Not Git**: No branching, no commit messages, no diffs to review before merge
+- **Not encrypted storage**: Server sees everything
+- **Not multi-master**: One server, multiple clients (not peer-to-peer)
+
+## Recommendations
+
+### Good Use Cases
+
+- Personal multi-device sync (< 10 devices)
+- Small team collaboration (< 20 people)
+- Primarily text/Markdown content
+- Trusted server environment
+
+### Poor Use Cases
+
+- Large teams (> 50 concurrent users per vault)
+- Primarily binary files (images, videos, large PDFs)
+- Untrusted server (need E2E encryption)
+- Highly regulated environments (HIPAA, etc.)
+
+## Next Steps
+
+- [Server configuration limits →](/config/server)
+- [Advanced tuning →](/config/advanced)
+- [Architecture details →](/architecture/)

docs/guide/obsidian-plugin.md

@@ -0,0 +1,276 @@
+# Obsidian Plugin
+
+Real-time sync for Obsidian vaults.
+
+## Installation
+
+### From Obsidian Community Plugins
+
+1. Open Obsidian Settings
+2. Navigate to **Community Plugins**
+3. Click **Browse** and search for "VaultLink"
+4. Click **Install**
+5. Enable the plugin
+
+### Manual Installation
+
+1. Download the latest release from [GitHub Releases](https://github.com/schmelczer/vault-link/releases)
+2. Extract `main.js`, `manifest.json`, and `styles.css`
+3. Copy to `.obsidian/plugins/vault-link/` in your vault
+4. Reload Obsidian
+5. Enable VaultLink in Community Plugins settings
+
+## Configuration
+
+After installation, configure the plugin in **Settings → VaultLink**.
+
+### Required Settings
+
+#### Server URL
+
+The WebSocket URL of your sync server.
+
+- **Development/Local**: `ws://localhost:3000`
+- **Production (SSL)**: `wss://sync.example.com`
+
+::: tip
+Use `ws://` for unencrypted connections and `wss://` for SSL connections (production).
+:::
+
+#### Authentication Token
+
+Your authentication token from the server's `config.yml`.
+
+Generate a secure token:
+
+```bash
+openssl rand -hex 32
+```
+
+#### Vault Name
+
+The name of the vault on the server. Can be any string.
+
+Multiple Obsidian vaults can sync to the same server vault name (for shared vaults), or use unique names for separate vaults.
+
+### Optional Settings
+
+#### Sync Concurrency
+
+Number of files to sync simultaneously.
+
+- **Default**: 1
+- **Range**: 1-10
+- Higher values = faster initial sync, more resource usage
+
+#### Max File Size
+
+Maximum file size to sync (in MB).
+
+- **Default**: 10
+- Files larger than this are skipped
+
+#### Ignore Patterns
+
+Glob patterns for files to exclude from sync.
+
+Examples:
+
+- `*.tmp` - Ignore temporary files
+- `.trash/**` - Ignore trash folder
+- `private/**` - Ignore private directory
+
+#### WebSocket Retry Interval
+
+Milliseconds between reconnection attempts when disconnected.
+
+- **Default**: 3500ms
+- Increase for flaky networks to avoid connection spam
+
+## Usage
+
+### Initial Sync
+
+When first connecting:
+
+1. The plugin uploads all local files to the server
+2. Downloads any missing files from the server
+3. Resolves any conflicts using operational transformation
+4. Begins real-time synchronisation
+
+Initial sync time depends on vault size and `sync_concurrency` setting.
+
+### Real-Time Sync
+
+Once connected:
+
+- **File changes**: Automatically synced when saved
+- **File creation**: New files immediately uploaded
+- **File deletion**: Deletions propagated to other clients
+- **File renames**: Tracked and synchronised
+
+The plugin watches your vault filesystem and syncs changes in real-time via WebSocket.
+
+### Status Indicators
+
+The plugin provides visual feedback:
+
+- **Connected**: Green status in settings
+- **Syncing**: Progress indicator during uploads
+- **Disconnected**: Red status, automatic reconnection attempts
+- **Error**: Error message in settings and console
+
+Check the Obsidian console (Ctrl+Shift+I / Cmd+Option+I) for detailed logs.
+
+## Features
+
+### Automatic Conflict Resolution
+
+When multiple users edit the same file simultaneously, operational transformation merges changes automatically:
+
+- All edits are preserved
+- No manual conflict resolution required
+- Changes appear in real-time as others type
+
+### Mobile Support
+
+VaultLink works on Obsidian mobile (iOS and Android):
+
+- Same configuration as desktop
+- Real-time sync across all devices
+- Handle network changes gracefully
+
+::: warning
+Ensure your sync server is accessible from mobile networks (use WSS with a public domain or VPN).
+:::
+
+### Offline Support
+
+The plugin handles offline scenarios:
+
+- Continue working when disconnected
+- Changes queue locally
+- Automatic sync when connection restored
+- Conflict resolution if others edited the same files
+
+## Collaboration Workflows
+
+### Personal Multi-Device Sync
+
+Sync the same vault across devices:
+
+1. Configure each Obsidian instance with the same vault name
+2. Use the same authentication token
+3. All devices stay in sync automatically
+
+### Team Shared Vault
+
+Multiple users collaborating:
+
+1. Each user has their own token (configured in server `config.yml`)
+2. All users connect to the same vault name
+3. Real-time collaborative editing with automatic conflict resolution
+
+### Selective Sharing
+
+Share specific folders while keeping others private:
+
+1. Use different vault names for shared vs. private content
+2. Configure access control on the server per vault
+3. Use ignore patterns to exclude sensitive directories
+
+## Troubleshooting
+
+### Plugin won't connect
+
+1. **Verify server is running**:
+
+    ```bash
+    curl http://your-server:3000/vaults/test/ping
+    ```
+
+    Should return `pong`
+
+2. **Check URL format**:
+    - Local: `ws://localhost:3000`
+    - Remote (SSL): `wss://sync.example.com`
+    - Don't include `/vault/name` in the URL
+
+3. **Verify token**:
+    - Must match server config exactly
+    - No extra spaces or quotes
+    - Check server logs for authentication errors
+
+4. **Check firewall**:
+    - Ensure port is accessible from your network
+    - For mobile, server must be publicly accessible or use VPN
+
+### Files not syncing
+
+1. **Check ignore patterns**: File may match an exclusion pattern
+2. **File size**: Check if file exceeds `max_file_size_mb`
+3. **Permissions**: Ensure vault directory is readable/writable
+4. **Console errors**: Open dev tools (Ctrl+Shift+I) and check console
+
+### Slow initial sync
+
+1. **Increase concurrency**: Set `sync_concurrency` higher (e.g., 5)
+2. **Network speed**: Check internet connection
+3. **Server resources**: Ensure server isn't overloaded
+4. **Large files**: Consider increasing timeout settings
+
+### Conflicts not resolving
+
+Operational transformation should handle conflicts automatically. If issues persist:
+
+1. Check console for sync errors
+2. Verify both clients are connected
+3. Check server logs for processing errors
+4. Ensure files are text-based (binary files may not merge well)
+
+### High CPU/Memory usage
+
+1. **Reduce concurrency**: Lower `sync_concurrency`
+2. **Add ignore patterns**: Exclude unnecessary files
+3. **File watchers**: Large vaults may trigger many filesystem events
+4. **Check for sync loops**: Ensure no circular dependencies
+
+## Advanced Configuration
+
+### Multiple Vaults
+
+To sync multiple Obsidian vaults to different server vaults:
+
+1. Each Obsidian vault has its own VaultLink plugin configuration
+2. Use different vault names for each
+3. Can use the same or different tokens (depending on access control)
+
+### Custom Sync Patterns
+
+Combine ignore patterns for fine-grained control:
+
+```
+# Ignore patterns
+*.tmp
+*.bak
+.DS_Store
+.trash/**
+private/**
+drafts/**/*.draft.md
+```
+
+### Development/Testing
+
+For plugin development:
+
+1. Clone the repository
+2. `cd frontend && npm install`
+3. `npm run dev` to build in watch mode
+4. Plugin rebuilds automatically on changes
+5. Reload Obsidian to test changes
+
+## Next Steps
+
+- [Learn about the sync algorithm →](/architecture/sync-algorithm)
+- [Configure the server →](/config/server)
+- [Set up the CLI client →](/guide/cli-client)

docs/guide/server-setup.md

@@ -0,0 +1,379 @@
+# Server Setup
+
+Deploy VaultLink server via Docker, binary, or build from source.
+
+## Deployment Options
+
+### Docker (Recommended)
+
+Easiest deployment path, includes health checks.
+
+#### Basic Docker Deployment
+
+```bash
+# Pull the latest image
+docker pull ghcr.io/schmelczer/vault-link-server:latest
+
+# Create data directory
+mkdir -p ~/vaultlink-data
+
+# Create config.yml (see Configuration section below)
+
+# Run the container
+docker run -d \
+  --name vaultlink-server \
+  --restart unless-stopped \
+  -p 3000:3000 \
+  -v ~/vaultlink-data:/data \
+  ghcr.io/schmelczer/vault-link-server:latest \
+  /app/sync_server /data/config.yml
+```
+
+#### Docker Compose
+
+Create `docker-compose.yml`:
+
+```yaml
+services:
+    vaultlink-server:
+        image: ghcr.io/schmelczer/vault-link-server:latest
+        container_name: vaultlink-server
+        restart: unless-stopped
+        ports:
+            - "3000:3000"
+        volumes:
+            - ./data:/data
+        command: ["/app/sync_server", "/data/config.yml"]
+        healthcheck:
+            test: ["CMD", "curl", "-f", "http://localhost:3000/vaults/fake/ping"]
+            interval: 30s
+            timeout: 5s
+            retries: 3
+            start_period: 10s
+```
+
+Start the server:
+
+```bash
+docker compose up -d
+```
+
+### Binary Installation
+
+Download pre-built binaries from [GitHub Releases](https://github.com/schmelczer/vault-link/releases):
+
+```bash
+# Download the binary for your platform
+wget https://github.com/schmelczer/vault-link/releases/latest/download/sync_server-linux-x86_64
+
+# Make executable
+chmod +x sync_server-linux-x86_64
+
+# Run the server
+./sync_server-linux-x86_64 config.yml
+```
+
+### Build from Source
+
+Requirements: Rust 1.92.0+, SQLite development headers, SQLx CLI
+
+```bash
+# Clone the repository
+git clone https://github.com/schmelczer/vault-link.git
+cd vault-link/sync-server
+
+# Install SQLx CLI
+cargo install sqlx-cli
+
+# Set up the database
+sqlx database create --database-url sqlite://db.sqlite3
+sqlx migrate run --source src/app_state/database/migrations --database-url sqlite://db.sqlite3
+cargo sqlx prepare --workspace
+
+# Build in release mode
+cargo build --release
+
+# Run the server
+./target/release/sync_server config.yml
+```
+
+## Configuration
+
+Create a `config.yml` file with your server configuration:
+
+```yaml
+database:
+    databases_directory_path: databases
+    max_connections_per_vault: 12
+    cursor_timeout_seconds: 60
+
+server:
+    host: 0.0.0.0
+    port: 3000
+    max_body_size_mb: 512
+    max_clients_per_vault: 256
+    response_timeout_seconds: 60
+
+users:
+    user_configs:
+        - name: admin
+          token: your-secure-random-token-here
+          vault_access:
+              type: allow_access_to_all
+
+logging:
+    log_directory: logs
+    log_rotation: 7days
+```
+
+### Configuration Fields
+
+#### Database
+
+- `databases_directory_path`: Directory for SQLite databases (one per vault)
+- `max_connections_per_vault`: Maximum concurrent database connections
+- `cursor_timeout_seconds`: How long to keep database cursors alive
+
+#### Server
+
+- `host`: Bind address (use `0.0.0.0` for all interfaces)
+- `port`: Port to listen on (default: 3000)
+- `max_body_size_mb`: Maximum upload size
+- `max_clients_per_vault`: Concurrent client limit per vault
+- `response_timeout_seconds`: Request timeout
+
+#### Users
+
+See [Authentication Configuration →](/config/authentication) for detailed user setup.
+
+#### Logging
+
+- `log_directory`: Where to store log files
+- `log_rotation`: How often to rotate logs (e.g., `7days`, `24hours`)
+
+## Production Deployment
+
+### SSL/TLS with Reverse Proxy
+
+VaultLink doesn't handle SSL directly. Use a reverse proxy like Nginx or Caddy.
+
+#### Nginx Configuration
+
+```nginx
+upstream vaultlink {
+    server localhost:3000;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name sync.example.com;
+
+    ssl_certificate /path/to/cert.pem;
+    ssl_certificate_key /path/to/key.pem;
+
+    location / {
+        proxy_pass http://vaultlink;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # WebSocket specific
+        proxy_read_timeout 3600s;
+        proxy_send_timeout 3600s;
+    }
+}
+```
+
+Reload Nginx:
+
+```bash
+sudo nginx -t
+sudo systemctl reload nginx
+```
+
+#### Caddy Configuration
+
+Caddy handles SSL automatically:
+
+```caddy
+sync.example.com {
+    reverse_proxy localhost:3000
+}
+```
+
+Start Caddy:
+
+```bash
+caddy run --config Caddyfile
+```
+
+### Systemd Service
+
+Create `/etc/systemd/system/vaultlink.service`:
+
+```ini
+[Unit]
+Description=VaultLink Sync Server
+After=network.target
+
+[Service]
+Type=simple
+User=vaultlink
+WorkingDirectory=/opt/vaultlink
+ExecStart=/opt/vaultlink/sync_server /opt/vaultlink/config.yml
+Restart=always
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
+```
+
+Enable and start:
+
+```bash
+sudo systemctl daemon-reload
+sudo systemctl enable vaultlink
+sudo systemctl start vaultlink
+sudo systemctl status vaultlink
+```
+
+### Security Best Practices
+
+1. **Use strong tokens**: Generate with `openssl rand -hex 32`
+2. **Enable firewall**: Only expose port 3000 to reverse proxy
+3. **Regular updates**: Keep Docker images and binaries updated
+4. **Backup databases**: SQLite files in `databases_directory_path`
+5. **Monitor logs**: Check log directory for errors and anomalies
+6. **Limit access**: Use vault-specific access controls per user
+
+### Backup Strategy
+
+The SQLite databases contain all vault data and history:
+
+```bash
+# Backup script
+#!/bin/bash
+BACKUP_DIR="/backup/vaultlink/$(date +%Y%m%d)"
+DATA_DIR="/data/databases"
+
+mkdir -p "$BACKUP_DIR"
+cp -r "$DATA_DIR" "$BACKUP_DIR/"
+
+# Keep 30 days of backups
+find /backup/vaultlink -type d -mtime +30 -exec rm -rf {} +
+```
+
+Run daily via cron:
+
+```cron
+0 2 * * * /opt/vaultlink/backup.sh
+```
+
+### Monitoring
+
+#### Health Checks
+
+The server exposes a ping endpoint:
+
+```bash
+curl http://localhost:3000/vaults/test/ping
+# Returns: {"server_version":"0.10.1","is_authenticated":false}
+```
+
+Replace `test` with any vault name. The endpoint returns:
+
+- `server_version`: Current server version
+- `is_authenticated`: Whether the request included a valid token
+
+Docker health check is built-in and checks this endpoint every 30 seconds.
+
+#### Prometheus Metrics
+
+For advanced monitoring, collect Docker stats or implement custom metrics.
+
+#### Log Monitoring
+
+Logs are written to the configured `log_directory`. Monitor for:
+
+- Connection failures
+- Authentication errors
+- Database errors
+- WebSocket disconnections
+
+Example log watching:
+
+```bash
+tail -f /data/logs/*.log | grep -i error
+```
+
+## Scaling
+
+### Horizontal Scaling
+
+VaultLink currently uses SQLite, which limits horizontal scaling. For multiple servers:
+
+1. Run separate instances for different vaults
+2. Use load balancer with sticky sessions (same vault → same server)
+3. Consider database architecture for your scale needs
+
+### Vertical Scaling
+
+Increase resources for the server:
+
+- More CPU for handling concurrent connections
+- More RAM for database caching
+- Faster storage (SSD) for database operations
+
+Tune configuration:
+
+- Increase `max_clients_per_vault` for more concurrent users
+- Increase `max_connections_per_vault` for database performance
+- Adjust `max_body_size_mb` based on typical file sizes
+
+## Troubleshooting
+
+### Server won't start
+
+```bash
+# Check Docker logs
+docker logs vaultlink-server
+
+# Common issues:
+# - Port already in use: Change port mapping
+# - Config syntax error: Validate YAML
+# - Permission error: Check volume permissions
+```
+
+### High memory usage
+
+- Reduce `max_connections_per_vault`
+- Reduce `max_clients_per_vault`
+- Check for large vaults (may need database optimisation)
+
+### Database corruption
+
+```bash
+# Verify database integrity
+sqlite3 databases/your-vault.db "PRAGMA integrity_check;"
+
+# If corrupted, restore from backup
+cp /backup/databases/your-vault.db /data/databases/
+```
+
+### WebSocket connection drops
+
+- Check reverse proxy timeout settings
+- Verify firewall isn't closing connections
+- Review client retry intervals
+- Check server logs for errors
+
+## Next Steps
+
+- [Configure authentication and access control →](/config/authentication)
+- [Set up Obsidian plugin →](/guide/obsidian-plugin)
+- [Deploy CLI client →](/guide/cli-client)
+- [Understand the architecture →](/architecture/)

docs/guide/what-is-vaultlink.md

@@ -0,0 +1,71 @@
+# What is VaultLink?
+
+Self-hosted sync for Obsidian vaults with automatic conflict-free merging. Edit with any tool, collaborate in real-time, no conflict markers.
+
+## The Problem
+
+Syncing Obsidian vaults across devices or sharing with teammates sucks:
+
+- **Commercial services**: Lock-in, subscriptions, third-party access to your data
+- **Git**: Manual conflict resolution with `<<<<<<<` markers interrupting your workflow
+- **Cloud storage**: Last-write-wins data loss or manual conflict resolution
+- **CRDT solutions**: Only work if you edit inside Obsidian (break if you use Vim, VS Code, etc.)
+
+## VaultLink's Solution
+
+Differential synchronisation with operational transformation for Markdown and text files.
+
+Edit `.md` and `.txt` files with Obsidian, Vim, VS Code, or any editor. VaultLink compares versions and automatically merges all changes. No operation tracking required, no conflict markers.
+
+**Note**: Binary files (images, PDFs, etc.) use last-write-wins. [See limitations →](/guide/limitations)
+
+## How It Works
+
+1. **Server**: Rust WebSocket server with SQLite stores document versions
+2. **Clients**: Obsidian plugin or CLI client watches filesystem changes
+3. **Sync**: Changes upload to server, server broadcasts to other clients
+4. **Merge**: [reconcile-text](https://schmelczer.dev/reconcile) automatically merges concurrent edits
+
+No CRDT infrastructure. No operation logs. Just file comparison and smart merging.
+
+## Key Advantages
+
+**Editor agnostic**: Edit files with any tool. Other solutions break when you edit outside their ecosystem.
+
+**Self-hosted**: Your data, your server. No third parties, no subscriptions, no surprises.
+
+**Automatic merging**: Operational transformation handles conflicts without interrupting your workflow.
+
+**Production-ready**: Comprehensive tests, E2E tests, battle-tested. Many alternatives have zero tests.
+
+**Collaborative**: Real-time sync with cursor tracking. See where teammates are editing.
+
+## Not Tied to Obsidian
+
+VaultLink syncs Markdown files. Use it for:
+
+- Obsidian vaults (Obsidian desktop + mobile + CLI)
+- Technical documentation (VS Code, your-editor, CLI)
+- Academic writing (multiple Markdown editors)
+- Automated workflows (CLI client for backups/CI/CD)
+
+The Obsidian plugin is just a convenience wrapper around the sync client.
+
+## Quick Comparison
+
+| Feature             | VaultLink | Git | Cloud Sync | CRDT Solutions |
+| ------------------- | --------- | --- | ---------- | -------------- |
+| Self-hosted         | ✅        | ✅  | ❌         | Varies         |
+| Any editor          | ✅        | ✅  | ✅         | ❌             |
+| No conflict markers | ✅        | ❌  | ❌         | ✅             |
+| Real-time           | ✅        | ❌  | ❌         | ✅             |
+| No subscriptions    | ✅        | ✅  | ❌         | Varies         |
+| Comprehensive tests | ✅        | N/A | N/A        | ❌             |
+
+[Detailed comparison with alternatives →](/guide/alternatives)
+
+## Next Steps
+
+- [Get started →](/guide/getting-started) (5 minute setup)
+- [See the architecture →](/architecture/) (understand how it works)
+- [Compare alternatives →](/guide/alternatives) (why VaultLink vs others)

docs/index.md

@@ -0,0 +1,55 @@
+---
+layout: home
+
+hero:
+    name: VaultLink
+    text: Self-Hosted Obsidian Sync
+    tagline: Edit with any tool. Automatic conflict-free merging. Your infrastructure.
+    image:
+        src: /logo.svg
+        alt: VaultLink
+    actions:
+        - theme: brand
+          text: Get Started
+          link: /guide/getting-started
+        - theme: alt
+          text: Why VaultLink?
+          link: /guide/what-is-vaultlink
+
+features:
+    - title: Edit Anywhere
+      details: Use Obsidian, Vim, VS Code, or any editor. VaultLink syncs files, not keystrokes—edit however you want
+    - title: Your Data, Your Server
+      details: Fully self-hosted. No third parties, no subscriptions, no data mining. Single Docker container or binary
+    - title: No Conflict Markers
+      details: Automatic merge using operational transformation. Never see conflict markers in your notes again
+    - title: Real-Time Collaboration
+      details: See teammate cursors, merge edits instantly. Rust-powered WebSocket server with SQLite
+    - title: Open Source Everything
+      details: MIT licensed. Server, clients, and sync algorithm are all open source. No proprietary components
+    - title: Battle-Tested
+      details: Comprehensive test suite. E2E tests. Used in production. Unlike alternatives with zero tests
+---
+
+## Why Self-Host?
+
+**You own your knowledge base.** Commercial sync services can disappear, change pricing, or lock you out. VaultLink runs on your infrastructure—VPS, home server, or localhost.
+
+**Edit with any tool.** Other solutions require CRDT-aware editors or break when you edit outside Obsidian. VaultLink uses differential sync: edit files however you want, sync handles the rest.
+
+**No conflict markers.** Git forces manual merging. Other tools use last-write-wins. VaultLink's operational transformation automatically merges Markdown and text files without conflict markers or workflow interruption. [See what's supported →](/guide/limitations)
+
+[See how VaultLink compares to alternatives →](/guide/alternatives)
+
+## Quick Start
+
+Deploy server (single command):
+
+```bash
+docker run -d -p 3000:3000 -v $(pwd)/data:/data \
+  ghcr.io/schmelczer/vault-link-server:latest
+```
+
+Then install the [Obsidian plugin](/guide/obsidian-plugin) or [CLI client](/guide/cli-client).
+
+[Full setup guide →](/guide/getting-started)

docs/package.json

@@ -0,0 +1,25 @@
+{
+    "name": "docs",
+    "version": "1.0.0",
+    "description": "",
+    "main": "index.js",
+    "scripts": {
+        "dev": "vitepress dev --host",
+        "build": "vitepress build",
+        "preview": "vitepress preview",
+        "format": "prettier --write \"**/*.md\" \"**/*.mts\"",
+        "format:check": "prettier --check \"**/*.md\" \"**/*.mts\"",
+        "spell": "cspell \"**/*.md\" \"**/*.mts\"",
+        "spell:check": "cspell \"**/*.md\" \"**/*.mts\""
+    },
+    "keywords": [],
+    "author": "",
+    "license": "ISC",
+    "devDependencies": {
+        "@cspell/dict-en-gb": "^5.0.19",
+        "cspell": "^9.3.2",
+        "prettier": "^3.6.2",
+        "vitepress": "^1.6.4",
+        "vue": "^3.5.24"
+    }
+}

docs/public/logo.svg

@@ -0,0 +1,47 @@
+<svg width="200" height="200" viewBox="0 0 200 200" xmlns="http://www.w3.org/2000/svg">
+  <defs>
+    <linearGradient id="grad1" x1="0%" y1="0%" x2="100%" y2="100%">
+    <stop offset="0%" style="stop-color:#4A90E2;stop-opacity:1" />
+    <stop offset="100%" style="stop-color:#357ABD;stop-opacity:1" />
+    </linearGradient>
+  </defs>
+
+  <!-- Background circle -->
+  <circle cx="100" cy="100" r="90" fill="url(#grad1)" opacity="0.15"/>
+
+  <!-- Main vault icon -->
+  <g transform="translate(100, 100)">
+    <!-- Vault body -->
+    <rect x="-45" y="-50" width="90" height="80" rx="8" fill="none" stroke="url(#grad1)" stroke-width="6"/>
+
+    <!-- Vault door circle -->
+    <circle cx="0" cy="-10" r="22" fill="none" stroke="url(#grad1)" stroke-width="5"/>
+    <circle cx="0" cy="-10" r="14" fill="none" stroke="url(#grad1)" stroke-width="3"/>
+    <circle cx="0" cy="-10" r="6" fill="url(#grad1)"/>
+
+    <!-- Vault handle -->
+    <line x1="0" y1="-4" x2="18" y2="-4" stroke="url(#grad1)" stroke-width="3" stroke-linecap="round"/>
+    <circle cx="18" cy="-4" r="4" fill="url(#grad1)"/>
+
+    <!-- Link chain -->
+    <g opacity="0.9">
+    <!-- Left link -->
+    <ellipse cx="-30" cy="40" rx="12" ry="8" fill="none" stroke="url(#grad1)" stroke-width="4"/>
+    <!-- Right link -->
+    <ellipse cx="30" cy="40" rx="12" ry="8" fill="none" stroke="url(#grad1)" stroke-width="4"/>
+    <!-- Center link connecting them -->
+    <ellipse cx="0" cy="40" rx="12" ry="8" fill="none" stroke="url(#grad1)" stroke-width="4"/>
+    </g>
+
+    <!-- Sync arrows (subtle) -->
+    <g opacity="0.5">
+    <!-- Clockwise arrow top-right -->
+    <path d="M 35 -35 Q 50 -35 50 -20 L 50 -15" fill="none" stroke="url(#grad1)" stroke-width="2.5" stroke-linecap="round"/>
+    <polygon points="50,-15 47,-22 53,-22" fill="url(#grad1)"/>
+
+    <!-- Counter-clockwise arrow bottom-left -->
+    <path d="M -35 25 Q -50 25 -50 10 L -50 5" fill="none" stroke="url(#grad1)" stroke-width="2.5" stroke-linecap="round"/>
+    <polygon points="-50,5 -47,12 -53,12" fill="url(#grad1)"/>
+    </g>
+  </g>
+</svg>

frontend/deterministic-tests/README.md

@@ -0,0 +1,118 @@
+# Deterministic Tests
+
+Scripted multi-client (with an in-memory filesystem) sync tests that run against a real server. Each test defines a sequence of file operations, sync/server controls, and assertions to exercise a specific conflict or edge case.
+
+Complements the fuzz-based E2E tests (`test-client`): fuzz tests discover bugs through random operations; deterministic tests pin down exact reproduction sequences for known scenarios.
+
+## How it works
+
+Each test is a `TestDefinition`: a client count and an ordered list of steps. The test name is derived from the registry key (which matches the file name). The `TestRunner` spins up N `DeterministicAgent` instances (each wrapping a real `SyncClient` with an `InMemoryFileSystem`) pointed at a shared vault on the server, then executes steps one by one.
+
+Tests that don't pause the server share a single server process (vault-name isolation). Tests that use `pause-server`/`resume-server` (SIGSTOP/SIGCONT) each get a dedicated server, since SIGSTOP freezes the entire process.
+
+The runner executes two sequential phases: regular tests on the shared server, then pause-server tests on dedicated servers. Within each phase tests run in parallel up to a concurrency limit.
+
+## Step types
+
+Clients always start with syncing disabled.
+
+**File operations** (per-client, fire-and-forget — sync is enqueued but not awaited):
+
+- `create`, `update`, `rename`, `delete`
+- `rename-next-write` — arm a deferred rename that fires the next time the given path is written. Lets a test race a user-rename against an in-flight remote create that's about to land at the same path.
+
+**Sync control:**
+
+- `sync` — wait for a specific client or all clients to finish pending operations
+- `barrier` — retry until all clients converge to identical file state (60s timeout)
+- `enable-sync` / `disable-sync` — simulate going online/offline
+- `reset` — reset a client's tracked sync state (keeps disk files); equivalent to a forced re-handshake on next enable
+- `sleep` — wall-clock pause; use sparingly, prefer `barrier` / `sync`
+
+**WebSocket control** (per-client):
+
+- `pause-websocket` / `resume-websocket` — buffer/release WebSocket messages for a specific client
+
+**Server control:**
+
+- `pause-server` / `resume-server` — SIGSTOP/SIGCONT the server process
+- `resume-server-until-history-then-pause` — resume the server, wait until a specific client observes a matching history entry (`CREATE`/`UPDATE`/`DELETE` for a path), then re-pause. Used to land exactly one operation across the wire.
+
+**Fault injection** (per-client):
+
+- `drop-next-create-response` — arm a one-shot interceptor that lets the next `POST /documents` reach the server (commit happens) but throws `SyncResetError` before the client sees the response, simulating connection loss after server commit.
+- `wait-for-dropped-create-response` — wait until the armed drop has fired.
+
+**Assertions:**
+
+- `assert-consistent` — all clients have identical files; optionally takes a custom `verify(state: AssertableState)` callback
+
+## Running
+
+```sh
+# Build server first
+cd sync-server && cargo build --release && cd -
+
+# Run all tests
+cd frontend && npm run build -w sync-client && npm run test -w deterministic-tests
+
+# Filter by name
+npm run test -w deterministic-tests -- --filter=rename
+
+# Control parallelism (default: number of CPU cores)
+npm run test -w deterministic-tests -- -j 4
+```
+
+## Adding a test
+
+1. Create `src/tests/my-scenario.test.ts`:
+
+```typescript
+import type { TestDefinition } from "../test-definition";
+
+export const myScenarioTest: TestDefinition = {
+  description:
+    "Client 0 creates A.md offline. After syncing, both clients should have the file.",
+  clients: 2,
+  steps: [
+    { type: "create", client: 0, path: "A.md", content: "hello" },
+    { type: "enable-sync", client: 0 },
+    { type: "enable-sync", client: 1 },
+    { type: "barrier" },
+    {
+      type: "assert-consistent",
+      verify: (s) => {
+        s.assertFileCount(1).assertContent("A.md", "hello");
+      }
+    }
+  ]
+};
+```
+
+The `verify` callback receives an `AssertableState` object with chainable assertion methods:
+
+```typescript
+s.assertFileCount(n);                       // exact file count
+s.assertFileExists("path");                 // file must exist
+s.assertFileNotExists("path");              // file must not exist
+s.assertContent("path", "expected");        // exact content match
+s.assertContains("path", "a", "b");         // all substrings present in file
+s.assertContainsAny("path", "a", "b");      // at least one substring present
+s.assertAnyFileContains("text");            // substring present in some file
+s.assertNoFileContains("text");             // substring absent from every file
+s.assertSubstringCount("path", "x", 3);     // substring appears exactly N times
+s.assertContentInAtMostOneFile("text");     // no duplicate content
+s.ifFileExists("path", (s) => { /* … */ }); // conditional block
+s.getContent("path");                       // raw content (or "" if missing)
+```
+
+2. Register it in `src/test-registry.ts`:
+
+```typescript
+import { myScenarioTest } from "./tests/my-scenario.test";
+
+const TESTS = {
+  // ...
+  "my-scenario": myScenarioTest
+};
+```

frontend/deterministic-tests/package.json

@@ -0,0 +1,23 @@
+{
+    "name": "deterministic-tests",
+    "version": "0.14.0",
+    "private": true,
+    "bin": {
+        "deterministic-tests": "./dist/cli.js"
+    },
+    "scripts": {
+        "dev": "webpack watch --mode development",
+        "build": "webpack --mode production",
+        "test": "npm run build && node dist/cli.js"
+    },
+    "devDependencies": {
+        "commander": "^14.0.2",
+        "@types/node": "^25.0.2",
+        "sync-client": "file:../sync-client",
+        "ts-loader": "^9.5.4",
+        "tslib": "2.8.1",
+        "typescript": "5.9.3",
+        "webpack": "^5.103.0",
+        "webpack-cli": "^6.0.1"
+    }
+}

frontend/deterministic-tests/src/cli.ts

@@ -0,0 +1,243 @@
+import { TestRunner } from "./test-runner";
+import { ServerControl } from "./server-control";
+import { ServerManager } from "./server-manager";
+import { PrefixedLogger } from "./prefixed-logger";
+import { TESTS } from "./test-registry";
+import type { TestDefinition, TestResult } from "./test-definition";
+import { parseArgs } from "./parse-args";
+import { runWithConcurrency } from "./run-with-concurrency";
+import { TOKEN, SERVER_BINARY_PATH, CONFIG_PATH } from "./consts";
+import * as path from "node:path";
+import * as fs from "node:fs";
+import { debugging, Logger } from "sync-client";
+
+const logger = new Logger();
+debugging.logToConsole(logger, { useColors: true });
+
+process.on("unhandledRejection", (reason) => {
+    logger.error(`Unhandled Rejection: ${reason}`);
+    process.exit(1);
+});
+
+process.on("uncaughtException", (error) => {
+    logger.error(`Uncaught Exception: ${error}`);
+    process.exit(1);
+});
+
+const serverManager = new ServerManager(logger);
+serverManager.installSignalHandlers();
+
+function testUsesPauseServer(test: TestDefinition): boolean {
+    return test.steps.some(
+        (step) =>
+            step.type === "pause-server" ||
+            step.type === "resume-server" ||
+            step.type === "resume-server-until-history-then-pause"
+    );
+}
+
+/**
+ * Walk up from the CLI binary's location until we find a directory
+ * containing `sync-server/` and `frontend/`.
+ */
+function findProjectRoot(): string {
+    let dir = path.dirname(__filename);
+    const root = path.parse(dir).root;
+    while (dir !== root) {
+        if (
+            fs.existsSync(path.join(dir, "sync-server")) &&
+            fs.existsSync(path.join(dir, "frontend"))
+        ) {
+            return dir;
+        }
+        dir = path.dirname(dir);
+    }
+    throw new Error(
+        `Could not locate project root (no ancestor of ${__filename} contains both 'sync-server' and 'frontend')`
+    );
+}
+
+interface NamedTestResult {
+    name: string;
+    result: TestResult;
+}
+
+async function runSharedServerTest(
+    name: string,
+    test: TestDefinition,
+    sharedServer: ServerControl
+): Promise<NamedTestResult> {
+    const testLogger = new PrefixedLogger(logger, name);
+    const runner = new TestRunner(
+        sharedServer,
+        testLogger,
+        TOKEN,
+        sharedServer.remoteUri
+    );
+    const result = await runner.runTest(name, test);
+    if (result.success) {
+        logger.info(`PASSED: ${name} (${result.duration}ms)`);
+    } else {
+        logger.error(`FAILED: ${name} - ${result.error}`);
+    }
+    return { name, result };
+}
+
+/**
+ * Run a test with its own dedicated server (for tests that use pause-server).
+ * SIGSTOP/SIGCONT affects the entire server process, so these tests need
+ * isolated servers to avoid interfering with other tests.
+ */
+async function runDedicatedServerTest(
+    name: string,
+    test: TestDefinition,
+    serverPath: string,
+    configPath: string
+): Promise<NamedTestResult> {
+    const testLogger = new PrefixedLogger(logger, name);
+    const server = new ServerControl(serverPath, configPath, testLogger);
+    serverManager.track(server);
+
+    try {
+        await server.start();
+        const runner = new TestRunner(
+            server,
+            testLogger,
+            TOKEN,
+            server.remoteUri
+        );
+        const result = await runner.runTest(name, test);
+        if (result.success) {
+            logger.info(`PASSED: ${name} (${result.duration}ms)`);
+        } else {
+            logger.error(`FAILED: ${name} - ${result.error}`);
+        }
+        return { name, result };
+    } finally {
+        try {
+            await server.stop();
+        } catch {
+            // best-effort cleanup
+        }
+        serverManager.untrack(server);
+    }
+}
+
+async function main(): Promise<void> {
+    const projectRoot = findProjectRoot();
+    const serverPath = path.join(projectRoot, SERVER_BINARY_PATH);
+    if (!fs.existsSync(serverPath)) {
+        logger.error(`Server binary not found at: ${serverPath}`);
+        process.exit(1);
+    }
+
+    const configPath = path.join(projectRoot, CONFIG_PATH);
+    if (!fs.existsSync(configPath)) {
+        logger.error(`Config file not found at: ${configPath}`);
+        process.exit(1);
+    }
+
+    const { filter, concurrency } = parseArgs(process.argv);
+
+    const testsToRun: [string, TestDefinition][] = [];
+    for (const [key, test] of Object.entries(TESTS)) {
+        if (test) {
+            if (
+                filter !== undefined &&
+                filter.length > 0 &&
+                !key.includes(filter)
+            ) {
+                continue;
+            }
+            testsToRun.push([key, test]);
+        }
+    }
+
+    if (testsToRun.length === 0) {
+        logger.error(
+            filter !== undefined && filter.length > 0
+                ? `No tests matched filter "${filter}"`
+                : "No tests found"
+        );
+        process.exit(1);
+    }
+
+    const regularTests = testsToRun.filter(([, t]) => !testUsesPauseServer(t));
+    const pauseTests = testsToRun.filter(([, t]) => testUsesPauseServer(t));
+
+    logger.info(`Server: ${serverPath}`);
+    logger.info(`Config: ${configPath}`);
+    logger.info(
+        `Tests: ${testsToRun.length} total (${regularTests.length} regular, ${pauseTests.length} server-pause)`
+    );
+    logger.info(`Concurrency: ${concurrency}`);
+
+    const allResults: NamedTestResult[] = [];
+
+    if (regularTests.length > 0) {
+        logger.info(
+            `\n--- Running ${regularTests.length} regular tests (shared server, concurrency ${concurrency}) ---`
+        );
+        const sharedServer = new ServerControl(serverPath, configPath, logger);
+        serverManager.track(sharedServer);
+
+        try {
+            await sharedServer.start();
+
+            const results = await runWithConcurrency(
+                regularTests,
+                concurrency,
+                async ([name, test]) =>
+                    runSharedServerTest(name, test, sharedServer)
+            );
+
+            allResults.push(...results);
+        } finally {
+            try {
+                await sharedServer.stop();
+            } catch (error) {
+                logger.warn(
+                    `Error stopping shared server: ${error instanceof Error ? error.message : String(error)}`
+                );
+            }
+            serverManager.untrack(sharedServer);
+        }
+    }
+
+    if (pauseTests.length > 0) {
+        logger.info(
+            `\n--- Running ${pauseTests.length} server-pause tests (dedicated servers, concurrency ${concurrency}) ---`
+        );
+
+        const results = await runWithConcurrency(
+            pauseTests,
+            concurrency,
+            async ([name, test]) =>
+                runDedicatedServerTest(name, test, serverPath, configPath)
+        );
+
+        allResults.push(...results);
+    }
+
+    const passed = allResults.filter((r) => r.result.success);
+    const failed = allResults.filter((r) => !r.result.success);
+
+    logger.info(
+        `\n--- Results: ${passed.length}/${allResults.length} passed ---`
+    );
+
+    if (failed.length > 0) {
+        for (const { name, result } of failed) {
+            logger.error(`  FAILED: ${name}: ${result.error}`);
+        }
+        process.exit(1);
+    } else {
+        logger.info("All tests passed!");
+        process.exit(0);
+    }
+}
+
+main().catch((err: unknown) => {
+    logger.error(`Unexpected error: ${err}`);
+    process.exit(1);
+});

frontend/deterministic-tests/src/consts.ts

@@ -0,0 +1,17 @@
+export const TOKEN = "test-token-change-me";
+export const SERVER_BINARY_PATH = "sync-server/target/release/sync_server";
+export const CONFIG_PATH = "sync-server/config-e2e.yml";
+
+export const STOP_TIMEOUT_MS = 5_000;
+export const CONVERGENCE_TIMEOUT_MS = 60_000;
+export const CONVERGENCE_RETRY_DELAY_MS = 500;
+export const AGENT_INIT_TIMEOUT_MS = 30_000;
+export const IS_SYNC_ENABLED_BY_DEFAULT = false;
+
+export const WAIT_TIMEOUT_MS = 60_000;
+export const WEBSOCKET_CONNECT_TIMEOUT_MS = 10_000;
+export const WEBSOCKET_POLL_INTERVAL_MS = 50;
+
+export const SERVER_READY_POLL_INTERVAL_MS = 100;
+export const SERVER_READY_MAX_ATTEMPTS = 50;
+export const SERVER_START_MAX_ATTEMPTS = 5;

frontend/deterministic-tests/src/deterministic-agent.ts

@@ -0,0 +1,483 @@
+import type {
+    HistoryEntry,
+    StoredDatabase,
+    SyncSettings,
+    RelativePath,
+    TextWithCursors
+} from "sync-client";
+import {
+    SyncClient,
+    SyncResetError,
+    debugging,
+    LogLevel,
+    utils
+} from "sync-client";
+import { assert } from "./utils/assert";
+import { sleep } from "./utils/sleep";
+import { withTimeout } from "./utils/with-timeout";
+import {
+    IS_SYNC_ENABLED_BY_DEFAULT,
+    WAIT_TIMEOUT_MS,
+    WEBSOCKET_CONNECT_TIMEOUT_MS,
+    WEBSOCKET_POLL_INTERVAL_MS
+} from "./consts";
+import { ManagedWebSocketFactory } from "./managed-websocket";
+
+export class DeterministicAgent extends debugging.InMemoryFileSystem {
+    public readonly clientId: number;
+    private readonly logger: (msg: string) => void;
+    private client!: SyncClient;
+    private data: Partial<{
+        settings: Partial<SyncSettings>;
+        database: Partial<StoredDatabase>;
+    }> = {};
+    private isSyncEnabled = IS_SYNC_ENABLED_BY_DEFAULT;
+    private readonly syncErrors: Error[] = [];
+    private readonly pendingSyncOperations = new Set<Promise<void>>();
+    private readonly wsFactory = new ManagedWebSocketFactory();
+    private nextWriteRename:
+        | {
+            oldPath: RelativePath;
+            newPath: RelativePath;
+        }
+        | undefined;
+    private nextCreateResponseDrop:
+        | {
+            dropped: Promise<void>;
+            resolveDropped: () => void;
+        }
+        | undefined;
+
+    public constructor(
+        clientId: number,
+        initialSettings: Partial<SyncSettings>,
+        logger: (msg: string) => void
+    ) {
+        super();
+        this.clientId = clientId;
+        this.logger = logger;
+        this.data.settings = { ...initialSettings };
+    }
+
+    public async init(
+        fetchImplementation: typeof globalThis.fetch
+    ): Promise<void> {
+        this.client = await SyncClient.create({
+            fs: this,
+            persistence: {
+                load: async () => this.data,
+                save: async (data) => void (this.data = data)
+            },
+            fetch: this.wrapFetch(fetchImplementation),
+            webSocket: this.wsFactory.constructorFn
+        });
+
+        this.client.logger.onLogEmitted.add((line) => {
+            const prefix = `[Client ${this.clientId}]`;
+            switch (line.level) {
+                case LogLevel.ERROR:
+                    this.logger(`${prefix} ERROR: ${line.message}`);
+                    break;
+                case LogLevel.WARNING:
+                    this.logger(`${prefix} WARN: ${line.message}`);
+                    break;
+                case LogLevel.INFO:
+                    this.logger(`${prefix} INFO: ${line.message}`);
+                    break;
+                case LogLevel.DEBUG:
+                    this.logger(`${prefix} DEBUG: ${line.message}`);
+                    break;
+            }
+        });
+
+        await this.client.start();
+
+        const connectionCheck = await this.client.checkConnection();
+        assert(
+            connectionCheck.isSuccessful,
+            `Client ${this.clientId} connection check failed`
+        );
+
+        if (this.isSyncEnabled) {
+            await this.waitForWebSocket();
+        }
+    }
+
+    public pauseWebSocket(): void {
+        this.log("Pausing WebSocket message delivery");
+        this.wsFactory.pause();
+    }
+
+    public resumeWebSocket(): void {
+        this.log("Resuming WebSocket message delivery");
+        this.wsFactory.resume();
+    }
+
+    public dropNextCreateResponse(): void {
+        assert(
+            this.nextCreateResponseDrop === undefined,
+            `Client ${this.clientId} already has a create response drop armed`
+        );
+        let resolveDropped!: () => void;
+        const dropped = new Promise<void>((resolve) => {
+            resolveDropped = resolve;
+        });
+        this.nextCreateResponseDrop = {
+            dropped,
+            resolveDropped
+        };
+        this.log("Armed next create response drop");
+    }
+
+    public async waitForDroppedCreateResponse(): Promise<void> {
+        assert(
+            this.nextCreateResponseDrop !== undefined,
+            `Client ${this.clientId} has no create response drop armed`
+        );
+        await withTimeout(
+            this.nextCreateResponseDrop.dropped,
+            WAIT_TIMEOUT_MS,
+            `Client ${this.clientId} timed out waiting for create response drop`
+        );
+        this.log("Create response was dropped after server commit");
+    }
+
+    public async waitForHistoryEntry(
+        matches: (entry: HistoryEntry) => boolean,
+        onMatch?: (entry: HistoryEntry) => void
+    ): Promise<void> {
+        const existing = this.client.getHistoryEntries().find(matches);
+        if (existing !== undefined) {
+            onMatch?.(existing);
+            return;
+        }
+
+        await withTimeout(
+            new Promise<void>((resolve) => {
+                const unsubscribe = this.client.onSyncHistoryUpdated.add(() => {
+                    const entry = this.client
+                        .getHistoryEntries()
+                        .find(matches);
+                    if (entry === undefined) {
+                        return;
+                    }
+
+                    unsubscribe();
+                    onMatch?.(entry);
+                    resolve();
+                });
+            }),
+            WAIT_TIMEOUT_MS,
+            `Client ${this.clientId} timed out waiting for history entry`
+        );
+    }
+
+    public async waitForSync(): Promise<void> {
+        this.log("Waiting for sync to complete...");
+        // Drain agent-level sync operations first. These are the fire-and-forget
+        // promises from enqueueSync() that call into the SyncClient's methods.
+        // Without this, waitUntilFinished() might return before the SyncClient
+        // has even been told about the operation.
+        await this.drainPendingSyncOperations();
+        await withTimeout(
+            this.client.waitUntilFinished(),
+            WAIT_TIMEOUT_MS,
+            `Client ${this.clientId} waitForSync timed out after ${WAIT_TIMEOUT_MS}ms`
+        );
+        if (this.syncErrors.length > 0) {
+            const errors = this.syncErrors.splice(0);
+            throw new Error(
+                `Client ${this.clientId} had ${errors.length} sync error(s):\n${errors.map((e) => e.message).join("\n")}`
+            );
+        }
+        this.log("Sync complete");
+    }
+
+    public async reset(): Promise<void> {
+        this.log("Resetting client (clears tracked state, keeps disk files)");
+        await this.drainPendingSyncOperations();
+        await this.client.reset();
+        if (this.isSyncEnabled) {
+            await this.waitForWebSocket();
+        }
+    }
+
+    public async disableSync(): Promise<void> {
+        this.log("Disabling sync");
+        // Drain pending enqueued operations before disabling so the SyncClient
+        // knows about all operations that were enqueued while sync was enabled.
+        await this.drainPendingSyncOperations();
+        await this.client.setSetting("isSyncEnabled", false);
+        this.isSyncEnabled = false;
+        // Wait for in-flight operations to drain. Disabling sync triggers
+        // a reset, which aborts in-flight fetches with SyncResetError.
+        try {
+            await withTimeout(
+                this.client.waitUntilFinished(),
+                WAIT_TIMEOUT_MS,
+                `Client ${this.clientId} disableSync drain timed out`
+            );
+        } catch (error) {
+            if (error instanceof Error && error.name === "SyncResetError") {
+                this.log("Disable sync drain interrupted by reset (expected)");
+            } else {
+                throw error;
+            }
+        }
+    }
+
+    public async enableSync(): Promise<void> {
+        this.log("Enabling sync");
+        await this.client.setSetting("isSyncEnabled", true);
+        this.isSyncEnabled = true;
+        await this.waitForWebSocket();
+    }
+
+    public async getFileContent(path: string): Promise<string> {
+        const bytes = await this.read(path);
+        return new TextDecoder().decode(bytes);
+    }
+
+    public renameNextWrite(oldPath: RelativePath, newPath: RelativePath): void {
+        assert(
+            this.nextWriteRename === undefined,
+            `Client ${this.clientId} already has a next-write rename armed`
+        );
+        this.nextWriteRename = { oldPath, newPath };
+        this.log(`Armed next write rename: ${oldPath} -> ${newPath}`);
+    }
+
+    public async cleanup(): Promise<void> {
+        this.log("Cleaning up...");
+        // Guard against uninitialized client (init() failed partway).
+        // The class field uses `!:` so TS thinks this is always defined,
+        // but at runtime it can be undefined when init() throws partway.
+        const maybeClient = this.client as SyncClient | undefined;
+        if (maybeClient === undefined) {
+            this.log("Client not initialized, nothing to clean up");
+            return;
+        }
+        try {
+            await this.drainPendingSyncOperations();
+            await withTimeout(
+                this.client.waitUntilFinished(),
+                WAIT_TIMEOUT_MS,
+                `Client ${this.clientId} cleanup waitUntilFinished timed out`
+            );
+        } catch (error) {
+            if (error instanceof Error && error.name === "SyncResetError") {
+                this.log(`Cleanup interrupted by reset (expected): ${error}`);
+            } else {
+                this.log(`Cleanup waitUntilFinished failed: ${error}`);
+            }
+        }
+        // Surface any background sync errors that arrived after the last
+        // waitForSync (e.g. between the final assert-consistent and here).
+        // Without this, regressions that fault the engine during the very
+        // last step of a test would be silently swallowed.
+        const pendingErrors = this.syncErrors.splice(0);
+        await this.client.destroy();
+        this.log("Cleanup complete");
+        if (pendingErrors.length > 0) {
+            throw new Error(
+                `Client ${this.clientId} had ${pendingErrors.length} background sync error(s) during cleanup:\n${pendingErrors.map((e) => e.message).join("\n")}`
+            );
+        }
+    }
+
+    public override async read(path: RelativePath): Promise<Uint8Array> {
+        await Promise.resolve();
+        return super.read(path);
+    }
+
+    public override async write(
+        path: RelativePath,
+        content: Uint8Array
+    ): Promise<void> {
+        await Promise.resolve();
+        const isNew = !this.files.has(path);
+        await super.write(path, content);
+
+        if (this.isSyncEnabled && isNew) {
+            this.enqueueSync(async () => {
+                this.client.syncLocallyCreatedFile(path);
+            });
+        }
+
+        const nextWriteRename = this.nextWriteRename;
+        if (
+            nextWriteRename !== undefined &&
+            nextWriteRename.oldPath === path
+        ) {
+            this.nextWriteRename = undefined;
+            await super.rename(
+                nextWriteRename.oldPath,
+                nextWriteRename.newPath
+            );
+            if (this.isSyncEnabled) {
+                this.enqueueSync(async () => {
+                    this.client.syncLocallyUpdatedFile({
+                        oldPath: nextWriteRename.oldPath,
+                        relativePath: nextWriteRename.newPath
+                    });
+                });
+            }
+            // The rename consumed `path`. Skip the post-update enqueue below
+            // — it would send a syncLocallyUpdatedFile for a path that no
+            // longer exists.
+            return;
+        }
+
+        if (!this.isSyncEnabled) {
+            return;
+        }
+
+        if (!isNew) {
+            this.enqueueSync(async () => {
+                this.client.syncLocallyUpdatedFile({ relativePath: path });
+            });
+        }
+    }
+
+    public override async atomicUpdateText(
+        path: RelativePath,
+        updater: (current: TextWithCursors) => TextWithCursors
+    ): Promise<string> {
+        const result = await super.atomicUpdateText(path, updater);
+        if (this.isSyncEnabled) {
+            this.enqueueSync(async () => {
+                this.client.syncLocallyUpdatedFile({ relativePath: path });
+            });
+        }
+        return result;
+    }
+
+    public override async delete(path: RelativePath): Promise<void> {
+        await super.delete(path);
+        if (this.isSyncEnabled) {
+            this.enqueueSync(async () => {
+                this.client.syncLocallyDeletedFile(path);
+            });
+        }
+    }
+
+    public override async rename(
+        oldPath: RelativePath,
+        newPath: RelativePath
+    ): Promise<void> {
+        await super.rename(oldPath, newPath);
+        if (this.isSyncEnabled) {
+            this.enqueueSync(async () => {
+                this.client.syncLocallyUpdatedFile({
+                    oldPath,
+                    relativePath: newPath
+                });
+            });
+        }
+    }
+
+    private async waitForWebSocket(): Promise<void> {
+        const deadline = Date.now() + WEBSOCKET_CONNECT_TIMEOUT_MS;
+        while (!this.client.isWebSocketConnected && Date.now() < deadline) {
+            await sleep(WEBSOCKET_POLL_INTERVAL_MS);
+        }
+        assert(
+            this.client.isWebSocketConnected,
+            `Client ${this.clientId} WebSocket failed to connect within ${WEBSOCKET_CONNECT_TIMEOUT_MS}ms`
+        );
+    }
+
+    /**
+     * Wait until all agent-level enqueued sync operations have completed.
+     * Uses a loop because completing one operation can trigger new enqueues.
+     */
+    private async drainPendingSyncOperations(): Promise<void> {
+        while (this.pendingSyncOperations.size > 0) {
+            await utils.awaitAll([...this.pendingSyncOperations]);
+        }
+    }
+
+    private enqueueSync(operation: () => Promise<void>): void {
+        const promise = this.executeSyncOperation(operation).catch(
+            (error: unknown) => {
+                const err =
+                    error instanceof Error ? error : new Error(String(error));
+                this.log(`Background sync failed: ${err.message}`);
+                this.syncErrors.push(err);
+            }
+        );
+        this.pendingSyncOperations.add(promise);
+        void promise.finally(() => {
+            this.pendingSyncOperations.delete(promise);
+        });
+    }
+
+    private async executeSyncOperation(
+        operation: () => Promise<void>
+    ): Promise<void> {
+        try {
+            await operation();
+        } catch (error) {
+            if (error instanceof Error && error.name === "SyncResetError") {
+                this.log(`Sync operation interrupted by reset: ${error}`);
+                return;
+            }
+            if (
+                error instanceof Error &&
+                error.message.includes("has been destroyed")
+            ) {
+                this.log(`Sync operation interrupted by destroy: ${error}`);
+                return;
+            }
+
+            throw error;
+        }
+    }
+
+    private log(message: string): void {
+        this.logger(`[Client ${this.clientId}] ${message}`);
+    }
+
+    private wrapFetch(
+        fetchImplementation: typeof globalThis.fetch
+    ): typeof globalThis.fetch {
+        return async (input, init) => {
+            const response = await fetchImplementation(input, init);
+            const drop = this.nextCreateResponseDrop;
+            if (
+                drop !== undefined &&
+                DeterministicAgent.isCreateDocumentRequest(input, init)
+            ) {
+                this.nextCreateResponseDrop = undefined;
+                try {
+                    await response.body?.cancel();
+                } catch {
+                    // Best-effort — body may already be consumed/closed.
+                }
+                drop.resolveDropped();
+                throw new SyncResetError();
+            }
+            return response;
+        };
+    }
+
+    private static isCreateDocumentRequest(
+        input: RequestInfo | URL,
+        init: RequestInit | undefined
+    ): boolean {
+        const method =
+            init?.method ??
+            (typeof Request !== "undefined" && input instanceof Request
+                ? input.method
+                : "GET");
+        if (method.toUpperCase() !== "POST") {
+            return false;
+        }
+
+        const url =
+            input instanceof URL
+                ? input
+                : new URL(typeof input === "string" ? input : input.url);
+        return /\/documents\/?$/.test(url.pathname);
+    }
+}

frontend/deterministic-tests/src/managed-websocket.ts

@@ -0,0 +1,245 @@
+/**
+ * A WebSocket wrapper that can pause and resume message delivery.
+ * When paused, incoming messages are buffered. When resumed, buffered
+ * messages are delivered in order via the onmessage handler.
+ *
+ * Member layout follows typescript-eslint default member-ordering: all
+ * accessor properties are declared with `declare` and wired through the
+ * constructor using Object.defineProperty so we don't need conflicting
+ * get/set accessor pairs.
+ */
+class ManagedWebSocket implements WebSocket {
+    public static readonly CONNECTING = WebSocket.CONNECTING;
+    public static readonly OPEN = WebSocket.OPEN;
+    public static readonly CLOSING = WebSocket.CLOSING;
+    public static readonly CLOSED = WebSocket.CLOSED;
+
+    public readonly CONNECTING = WebSocket.CONNECTING;
+    public readonly OPEN = WebSocket.OPEN;
+    public readonly CLOSING = WebSocket.CLOSING;
+    public readonly CLOSED = WebSocket.CLOSED;
+
+    declare public readonly readyState: number;
+    declare public readonly url: string;
+    declare public readonly protocol: string;
+    declare public readonly extensions: string;
+    declare public readonly bufferedAmount: number;
+    declare public binaryType: BinaryType;
+    declare public onopen: ((this: WebSocket, ev: Event) => unknown) | null;
+    declare public onclose:
+        | ((this: WebSocket, ev: CloseEvent) => unknown)
+        | null;
+    declare public onerror: ((this: WebSocket, ev: Event) => unknown) | null;
+    declare public onmessage:
+        | ((this: WebSocket, ev: MessageEvent) => unknown)
+        | null;
+
+    private readonly ws: WebSocket;
+    private readonly bufferedMessages: MessageEvent[] = [];
+    private paused = false;
+    private externalOnMessage: ((event: MessageEvent) => unknown) | null = null;
+
+    public constructor(url: string | URL, protocols?: string | string[]) {
+        this.ws = new WebSocket(url, protocols);
+
+        const { ws } = this;
+        Object.defineProperties(this, {
+            readyState: {
+                get: (): number => ws.readyState,
+                enumerable: true,
+                configurable: true
+            },
+            url: {
+                get: (): string => ws.url,
+                enumerable: true,
+                configurable: true
+            },
+            protocol: {
+                get: (): string => ws.protocol,
+                enumerable: true,
+                configurable: true
+            },
+            extensions: {
+                get: (): string => ws.extensions,
+                enumerable: true,
+                configurable: true
+            },
+            bufferedAmount: {
+                get: (): number => ws.bufferedAmount,
+                enumerable: true,
+                configurable: true
+            },
+            binaryType: {
+                get: (): BinaryType => ws.binaryType,
+                set: (v: BinaryType): void => {
+                    ws.binaryType = v;
+                },
+                enumerable: true,
+                configurable: true
+            },
+            onopen: {
+                get: (): ((this: WebSocket, ev: Event) => unknown) | null =>
+                    ws.onopen,
+                set: (
+                    h: ((this: WebSocket, ev: Event) => unknown) | null
+                ): void => {
+                    ws.onopen = h;
+                },
+                enumerable: true,
+                configurable: true
+            },
+            onclose: {
+                get: ():
+                    | ((this: WebSocket, ev: CloseEvent) => unknown)
+                    | null => ws.onclose,
+                set: (
+                    h: ((this: WebSocket, ev: CloseEvent) => unknown) | null
+                ): void => {
+                    ws.onclose = h;
+                },
+                enumerable: true,
+                configurable: true
+            },
+            onerror: {
+                get: (): ((this: WebSocket, ev: Event) => unknown) | null =>
+                    ws.onerror,
+                set: (
+                    h: ((this: WebSocket, ev: Event) => unknown) | null
+                ): void => {
+                    ws.onerror = h;
+                },
+                enumerable: true,
+                configurable: true
+            },
+            onmessage: {
+                get: ():
+                    | ((this: WebSocket, ev: MessageEvent) => unknown)
+                    | null => this.externalOnMessage,
+                set: (
+                    h: ((this: WebSocket, ev: MessageEvent) => unknown) | null
+                ): void => {
+                    this.externalOnMessage = h;
+                },
+                enumerable: true,
+                configurable: true
+            }
+        });
+
+        this.ws.onmessage = (event: MessageEvent): void => {
+            if (this.paused) {
+                this.bufferedMessages.push(event);
+            } else {
+                this.externalOnMessage?.(event);
+            }
+        };
+    }
+
+    public pause(): void {
+        this.paused = true;
+    }
+
+    public resume(): void {
+        // Drain buffered messages BEFORE flipping `paused` to false.
+        // If `externalOnMessage` is async (its return type is `unknown`),
+        // dispatch yields control between buffered messages, and a fresh
+        // live `ws.onmessage` event firing during that yield would jump
+        // ahead of unprocessed buffered messages — silently reordering
+        // events relative to the wire. Keeping `paused = true` during the
+        // drain forces the live handler to keep buffering, so we splice
+        // those late arrivals onto the tail and dispatch them in order.
+        while (this.bufferedMessages.length > 0) {
+            const messages = this.bufferedMessages.splice(0);
+            for (const msg of messages) {
+                this.externalOnMessage?.(msg);
+            }
+        }
+        this.paused = false;
+    }
+
+    public send(data: string | ArrayBufferLike | Blob | ArrayBufferView): void {
+        this.ws.send(data);
+    }
+
+    public close(code?: number, reason?: string): void {
+        this.ws.close(code, reason);
+    }
+
+    public addEventListener(
+        ...args: Parameters<WebSocket["addEventListener"]>
+    ): void {
+        // Only the `.onmessage` setter routes through the pause buffer.
+        // If sync-client ever attaches "message" listeners via
+        // addEventListener instead, those messages would bypass pause/resume
+        // and deterministic tests would silently lose their fault injection.
+        if (args[0] === "message") {
+            throw new Error(
+                "ManagedWebSocket: addEventListener('message') bypasses the " +
+                    "pause buffer. Use the .onmessage setter instead, or " +
+                    "extend ManagedWebSocket to route message listeners."
+            );
+        }
+        this.ws.addEventListener(...args);
+    }
+
+    public removeEventListener(
+        ...args: Parameters<WebSocket["removeEventListener"]>
+    ): void {
+        this.ws.removeEventListener(...args);
+    }
+
+    public dispatchEvent(event: Event): boolean {
+        return this.ws.dispatchEvent(event);
+    }
+}
+
+/**
+ * Factory that creates ManagedWebSocket instances and tracks them
+ * for pause/resume control from the test harness
+ */
+export class ManagedWebSocketFactory {
+    // Append-only: closed sockets stay tracked. Bounded per test (one
+    // factory per agent, each test discards its agents on cleanup), so
+    // not a real leak — but iterating over closed instances on
+    // pause/resume is a deliberate no-op since their `.onmessage` is
+    // already detached.
+    private readonly instances: ManagedWebSocket[] = [];
+    // Sticky pause state: applied to current instances on `pause()` AND
+    // to any new instance created later (e.g. WS reconnect after a
+    // `disable-sync` / `reset` cycle). Without this, a test pausing the
+    // WS before the agent reconnects would silently see the new socket
+    // start un-paused and miss the messages it meant to buffer.
+    private currentlyPaused = false;
+
+    public get constructorFn(): typeof globalThis.WebSocket {
+        const trackInstance = (instance: ManagedWebSocket): void => {
+            this.instances.push(instance);
+            if (this.currentlyPaused) {
+                instance.pause();
+            }
+        };
+        class TrackedManagedWebSocket extends ManagedWebSocket {
+            public constructor(
+                url: string | URL,
+                protocols?: string | string[]
+            ) {
+                super(url, protocols);
+                trackInstance(this);
+            }
+        }
+        return TrackedManagedWebSocket;
+    }
+
+    public pause(): void {
+        this.currentlyPaused = true;
+        for (const ws of this.instances) {
+            ws.pause();
+        }
+    }
+
+    public resume(): void {
+        this.currentlyPaused = false;
+        for (const ws of this.instances) {
+            ws.resume();
+        }
+    }
+}

frontend/deterministic-tests/src/parse-args.ts

@@ -0,0 +1,43 @@
+import * as os from "node:os";
+import { Command, InvalidArgumentError } from "commander";
+
+export interface CliArgs {
+    filter: string | undefined;
+    concurrency: number;
+}
+
+function parsePositiveInt(value: string): number {
+    const n = parseInt(value, 10);
+    if (isNaN(n) || n <= 0) {
+        throw new InvalidArgumentError("must be a positive integer");
+    }
+    return n;
+}
+
+export function parseArgs(argv: string[]): CliArgs {
+    const program = new Command();
+
+    program
+        .name("deterministic-tests")
+        .description("Scripted multi-client sync tests against a real server")
+        .option(
+            "-f, --filter <substring>",
+            "Run only tests whose name contains this substring"
+        )
+        .option(
+            "-j, --concurrency <number>",
+            "Number of tests to run in parallel",
+            parsePositiveInt,
+            os.cpus().length
+        );
+
+    program.parse(argv);
+
+    /* eslint-disable @typescript-eslint/no-unsafe-type-assertion */
+    const opts = program.opts();
+    const filter = opts.filter as string | undefined;
+    const concurrency = opts.concurrency as number;
+    /* eslint-enable @typescript-eslint/no-unsafe-type-assertion */
+
+    return { filter, concurrency };
+}