This article is outdated and may not work correctly for current operating systems or software.
Firefox Sync is a browser synchronization feature that lets you share your data and preferences (such as your bookmarks, history, passwords, open tabs and installed add-ons) across all of your devices. Mozilla also offers a "synchronization server" application for use with Firefox Sync for users and businesses that prefer to host their own synchronization data. This article shows you how to set up Mozilla Sync Server.
A newly deployed Vultr CentOS 6
A sudo user.
Update the system:
sudo yum check-update
To build and run Sync Server, you will need to install these packages:
Mecurial
sqlite3
git
Python 2.6.6
Python 2.6.6 virtualenv
Python 2.6.6 SetupTools
Python 2.6.6 Developer Tools
Install the latest version of Mercurial:
sudo yum install mercurial
Install the required development tools and libraries:
yum groupinstall 'Development Tools' 'Development Libraries'
yum install tk-devel libjpeg-devel mysql-devel python-devel httpd-devel zlib-devel bzip2-devel
Install SQLite3:
sudo yum install sqlite
Install and build Python 2.6.6:
cd $home
sudo wget http://python.org/ftp/python/2.6.6/Python-2.6.6.tgz
sudo tar xzvf Python-2.6.6.tgz
cd $home/Python-2.6.6
sudo ./configure --prefix=/opt/python2.6 --enable-thread --enable-shared --enable-unicode=ucs4
sudo make
sudo make install
We will clone the Git repository of the synchronization server and then enter the folder:
git clone https://github.com/mozilla-services/syncserver
cd syncserver
Run the build command, which will download the dependencies and compile the code:
make build
Start the Sync Server and verify that it works properly:
bin/paster serve development.ini
You will see something like this:
Starting server in PID 5952.
serving on 0.0.0.0:5000 view at http://127.0.0.1:5000
The configuration of the synchronization server is very simple, there are just a few parameters to change in the configuration file (./syncserver.ini).
Open the configuration file with your favorite text editor (for example nano ./syncserver.ini).
[server:main]
use = egg:gunicorn
host = 0.0.0.0
port = 5000
workers = 1
timeout = 30
[app:main]
use = egg:syncserver
[syncserver]
# This must be edited to point to the public URL of your server,
# i.e. the URL as seen by Firefox.
public_url = http://localhost:5000/
# This defines the database in which to store all server data.
#sqluri = sqlite:////tmp/syncserver.db
# This is a secret key used for signing authentication tokens.
# It should be long and randomly-generated.
# The following command will give a suitable value on *nix systems:
#
# head -c 20 /dev/urandom | sha1sum
#
# If not specified then the server will generate a temporary one at startup.
#secret = INSERT_SECRET_KEY_HERE
# Set this to "false" to disable new-user signups on the server.
# Only request by existing accounts will be honoured.
# allow_new_users = false
# Set this to "true" to work around a mismatch between public_url and
# the application URL as seen by python, which can happen in certain reverse-
# proxy hosting setups. It will overwrite the WSGI environ dict with the
# details from public_url. This could have security implications if e.g.
# you tell the app that it's on HTTPS but it's really on HTTP, so it should
# only be used as a last resort and after careful checking of server config.
force_wsgi_environ = false
[browserid]
# Uncomment and edit the following to use a local BrowserID verifier
# rather than posting assertions to the mozilla-hosted verifier.
# Audiences should be set to your public_url without a trailing slash.
#backend = tokenserver.verifiers.LocalVerifier
#audiences = https://localhost:5000
# By default, syncserver will accept identity assertions issues by
# any server. You can restrict this by setting the below to a list
# of allowed issuer domains.
#allowed_issuers = www.mysite.com myfriendsdomain.org
The address of your server must be specified via the parameter public_url:
public_url = http://fsync.example.com
Note: the default value of public_url, http://localhost:5000/, will work for testing purposes on your local machine.
We will uncomment the sqluri option and put the location, or URI, that will allow the server to connect the database and store its information:
sqluri = sqlite:////path/to/database/file.db
If you want to use another type of DB:
sqluri = pymysql://username:password@db.example.com/sync
For the secret parameter, we will have to generate a secret key for authentication tokens:
head -c 20 /dev/urandom | sha1sum
Uncomment the line of the secret parameter and then copy/paste the returned string into the secret parameter:
secret = db8a203aed5fe3e4594d4b75990acb76242efd35
Note: If you do not put anything in this parameter, the server will generate one but it will be different each time the server is restarted.
Uncomment the allow\_new\_users parameter and set it as true to allow our account to connect to our server for the first time:
allow_new_users = true
We will then uncomment the audiences parameter and put the same thing as the public_uri parameter:
audiences = http://fsync.example.com
Finally, just add the following line to the end of your file:
forwarded_allow_ips = *
This line will help you avoid error messages and authorization issues.
To start the synchronization server, you can use either of the following commands:
./path/to/syncserver/local/bin/gunicorn --threads 4 --paste /path/to/syncserver/syncserver.ini &
This allows you to choose the location of the configuration file; as well as put the argument --threads 4, which allows assigning more power to the synchronization server.
To start the server each time your instance boots, you can add the following line to your crontab by typing the crontab -e command:
@reboot ./path/to/syncserver/local/bin/gunicorn --paste /path/to/syncserver/syncserver.ini &
You can use different web servers that are compatible with the WSGI protocol. For example:
Nginx with uWSGI.
Apache combined with mod_wsgi.
For Nginx, you have to use Nginx's built-in proxy as shown below:
server {
listen 80;
server_name fsync.example.com;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
proxy_read_timeout 120;
proxy_connect_timeout 10;
proxy_pass http://127.0.0.1:5000/;
}
}
It is possible for Nginx users to use the WSGI socket only.
Install uWSGI via Pip:
pip install uwsgi
Install uWSGI via downloading a source tarball:
wget https://projects.unbit.it/downloads/uwsgi-latest.tar.gz
tar zxvf uwsgi-latest.tar.gz
cd <dir>
make
Note: After the build, you will have a uwsgi binary in the current directory.
Once installed, start it with the following options:
uwsgi --plugins python27 --manage-script-name \
--mount /<location>=/path/to/syncserver/syncserver.wsgi \
--socket /path/to/uwsgi.sock
Then use the following Nginx configuration:
location /<location>/ {
include uwsgi_params;
uwsgi_pass unix:/path/to/uwsgi.sock;
}
Install mod_wsgi:
apt-get install libapache2-mod-wsgi
Then use the following vhost:
<VirtualHost *:80>
ServerName sync.example.com
DocumentRoot /path/to/syncserver
WSGIProcessGroup sync
WSGIDaemonProcess sync user=sync group=sync processes=2 threads=25 python-path=/path/to/syncserver/local/lib/python2.7/site-packages/
WSGIPassAuthorization On
WSGIScriptAlias / /path/to/syncserver/syncserver.wsgi
CustomLog /var/log/apache2/sync.example.com-access.log combined
ErrorLog /var/log/apache2/sync.example.com-error.log
</VirtualHost>
Once the server has been installed and configured, you can configure the desktop Firefox client to talk to your new Sync Server. Before you begin, if you are already connected to Firefox Sync Servers, you must log out. Otherwise, the connection to the new server may not work.
First, open a new tab and enter the following address:
about:config
In the search bar, enter identity.sync.tokenserver.uri and change its value to the URL of your server with a path of token/1.0/sync/1.5:
http://sync.example.com/token/1.0/sync/1.5