Git sync setup

Sync LockMemo with a private GitHub or GitLab repository

LockMemo uses HTTPS plus an access token for Git sync. You need one empty private repository and one dedicated token for LockMemo. The repository stores encrypted vault files, not plaintext passwords.

Recommended setup: one private repository and one dedicated token for LockMemo only. Do not paste a broad, everyday developer token into any mobile app.
GitHub Fine-grained PAT Limit access to one private repo GitLab Project access token Prefer a project-scoped token LockMemo Use the HTTPS remote URL + username + token
Option 1

GitHub: create a private repo and fine-grained PAT

GitHub recommends fine-grained personal access tokens whenever possible. They can be limited to a single repository instead of every repository your account can access.

1. Sign up or sign in to GitHub

  1. Open github.com/signup.
  2. Enter your email, password, and username, then complete email verification.
  3. After signing in, make sure your profile avatar appears in the top-right corner.

2. Create an empty private repository

  1. Open github.com/new.
  2. Use a clear repository name, such as lockmemo-vault.
  3. Set Visibility to Private.
  4. Do not add a README, .gitignore, or license. Keep the repository empty.
  5. Select Create repository.
GitHub official repository name screenshot
Official screenshot source: GitHub Docs. For LockMemo, also choose Private and keep the repository empty.

3. Generate a dedicated fine-grained PAT

  1. Open GitHub Settings.
  2. Go to Developer settings > Personal access tokens > Fine-grained tokens.
  3. Select Generate new token.
  4. Set Token name to LockMemo sync. Choose an expiration date you can rotate later.
  5. For Repository access, choose Only select repositories, then select only lockmemo-vault.
  6. Under Repository permissions, set Contents to Read and write.
  7. Generate the token and copy it immediately. GitHub shows it only once.

Avoid classic tokens if possible. A classic token usually needs the broad repo scope, which can access much more than this one LockMemo repository.

GitHub official personal access token copy screenshot
Official screenshot source: GitHub Docs. Copy the token right away; GitHub shows it only once.
Option 2

GitLab: create a private project and project access token

GitLab calls repositories "projects." Prefer a project access token because it is scoped to one project, which fits LockMemo's one-vault, one-repository sync model.

1. Sign up or sign in to GitLab

  1. Open gitlab.com/users/sign_up.
  2. Create your account and verify your email address.
  3. After signing in, go to the GitLab.com home page.

2. Create an empty private project

  1. Select Create new > New project/repository.
  2. Select Create blank project.
  3. Use a clear project name, such as lockmemo-vault.
  4. Set Visibility Level to Private.
  5. Do not initialize the repository with a README. Keep the project empty.
  6. Select Create project.
GitLab create private project example
Illustrative screenshot: GitLab's official docs currently provide text steps for this flow, but no matching form screenshot. Choose Private and keep the project empty.

3. Generate a project access token

  1. Open the project you just created.
  2. Go to Settings > Access tokens.
  3. Set Token name to lockmemo-sync.
  4. Choose a role that can push to the default branch, such as Maintainer.
  5. Select the read_repository and write_repository scopes.
  6. Set an expiration date, then select Create project access token.
  7. Copy the token immediately. GitLab shows it only once.

If your GitLab plan or instance does not show Project access tokens, use a Personal access token instead: avatar > Edit profile > Access > Personal access tokens. Use the same read_repository and write_repository scopes. A personal token may cover more projects, so it is best paired with a dedicated account or a repository used only for LockMemo.

GitLab project access token scopes example
Illustrative screenshot: GitLab's official docs currently provide text steps for this flow, but no matching form screenshot. Keep the token limited to repository read and write access.
Connect LockMemo

What to enter in LockMemo

Open LockMemo's Git sync settings and choose an HTTPS remote repository. Do not use an SSH URL.

GitHub remote URL https://github.com/YOUR_USERNAME/lockmemo-vault.git
GitLab remote URL https://gitlab.com/YOUR_USERNAME/lockmemo-vault.git
Username Your GitHub or GitLab username
Password / PAT The access token you just copied
Before your first sync, test the connection with an empty repository. If the remote already contains files, LockMemo may ask whether to merge, keep local data, or restore from remote. Do not share the same repository with another app or project.
Security checklist

Security checklist

  • Set the repository or project to Private.
  • Use one dedicated repository for one LockMemo vault.
  • Use one dedicated token for that repository.
  • On GitHub, use a fine-grained token and select only the LockMemo repository.
  • On GitLab, prefer a project access token.
  • Grant repository read and write access, because LockMemo must pull and push encrypted vault files.
  • Rotate tokens regularly. If a device is lost, revoke the old token immediately.

Official references

These steps are based on GitHub and GitLab's official documentation. Platform interfaces change over time, so the official docs are the final source of truth.