Hi all
I have finally made the transition from my v1 deno local-only installation to v2 on Pikapods, great initiative BTW!
Before I do anything stupid, what is the best way to let the fresh but empty SB instance on Pikapods know of my existing notes: move them where SB now expects to find notes (which is where by default?) or change the SB directory of notes to the place in my local filesystem where the existing notes are (can this be done in retrospect)?
Thanks!
first enable SFTP Access in your Pikapods settings:
you can just connect using WinSCP through SFTP to your PikaPods instance (on the right)
and copy over all your notes from your local space(see left):
when done give your silverbullet client a refresh, reload, reindex. and you’re good to go.
all your local notes and pages (incl. all copied files) will be available on Silverbullet/PikaPods
Oh, thank you so much, I indeed missed the fact that I had to enable SFTP in Pikapods (as well as having a different username:password combo) but whatever, works now, much appreciated!
Since Silverbullet itself is not encrypted, I do have to trust the Pikapod employees who would also have access to my notes , correct? Or is there anything on the Pikapods side that would make it more secure?
They claim not to monetise your data, no tracking, etc.
According to their own marketing/interview:
“no tracking, profiling or ads. You have full control over your data.”
i was to lazy to read through their documentation but here is what ChatGPT found out:
What they do disclose
They define “Pod data” as “all data stored outside the running container and mounted into it; application data stored in a persistent database outside the app container.”
Privacy policy: “The materials you upload … are yours and yours alone. We don’t sell your materials to third parties, and we don’t use them for advertising purposes.”
They state they apply “physical, electronic, and managerial security measures … to protect the loss, misuse, and alteration of the information under our control.”
On encryption in transit via custom domains: they say that for custom domains a free SSL certificate is applied, ensuring encrypted data in transit.
Backup policies: They do daily full server backups of all databases and mounted files (i.e., your pod data). They also support incremental encrypted backups to S3 for critical data.
On jurisdiction & data location: For EU users, they store data in EU region (e.g. via partnership with Hetzner) and comply with General Data Protection Regulation (GDPR) principles.
What they don’t clearly disclose (so you should assume risk)
They do not clearly state that storage‑at‑rest encryption per‑user or per‑pod is enforced or that even the provider’s staff cannot access your data. I found the wording “we take measures …” but no guarantee that even they cannot read your data. For example: “We make our best effort … we cannot guarantee the security of any information you transmit.”
They do not publish a detailed “access control by employees” policy, i.e., whether provider staff can access mounted volumes/backups (or under what circumstances).
The backup policy warns that for apps: “we don’t stop apps during full server backups … so this type of backup is only offered on a best‑effort basis … For apps with critical data, we strongly recommend setting up your own incremental backups.”
“End‑to‑end encryption” (i.e., data encrypted client side such that the provider cannot decrypt) is not mentioned. So assume the provider can technically access unencrypted data (unless you encrypt it yourself before upload).
So: if you upload normal files (documents, cookbooks, personal archives), and you’re okay with trusting PikaPods (and its staff) then yes: your data is “reasonably secure” for many use-cases.
However, if you require strong confidentiality (e.g., legal-privileged material, trade-secrets, highly sensitive data) then maybe self hosting would be better for your use case.
