Mozilla Weave – Firefox Sync Server

Firefox Sync, originally “Mozilla Weave”, is a built-in synch feature that allows users to partially synchronize bookmarks, browsing history, preferences, passwords, filled forms, add-ons and opened tabs across multiple Firefox installs.  It keeps it’s data (encrypted) on Mozilla servers.  In the spirit of taking ownership of my data, I will install my own Weave server.

For this test install, I have kept it simple, using the default sql-lite database and the built-in pastor server.  Later, I will add a MySQL backend and use gunicorn+Nginx for a more robust solution.  So far, testing this default has been promising, it’s fast, fairly trouble free, and works well with my mobile devices.  One small caveat is that on iphone/pad I have only found iCab to sync well, and it’s only one way.  For now, that acceptable as I only want access to my bookmarks and do not use these devices for serious work.  Later, I would like to find a more elegant solution.

First a few necessaries – you may already have some of them.

sudo aptitude install python-dev mercurial sqlite3 python-virtualenv

To install the server:

hg clone https://hg.mozilla.org/services/server-full
cd server-full
make build

To configure the server, first navigate to the Recapcha site to get an API key if you wish to use this security feature.  Next, open the conf file. Change fallback_node to the publicly available IP of the server, change the Db path as you wish and enable/configure the Captcha if you wish.

/server-full/etc/sync.conf

[nodes] 
fallback_node = http://www.openserverproject.com:5000/ 

[storage] 
sqluri = sqlite:////path/to/database/file.db 

[auth] 
sqluri = sqlite:////path/to/database/file.db 

[captcha] 
use = true 
public_key = xxxxxxxxxxxxx 
private_key = xxxxxxxxxxxx 
use_ssl = true

After you have tested the server and setup your user accounts remember to disable new users, otherwise anyone will be able to use your server.

[auth]
allow_new_users = false

To update the server you can use:

cd /path/to/server-full
hg pull
hg update
make build

You will likely want to create a user for the server and update the file permissions of the sql-lite DB accordingly.  The file and its containing directory should be writable by the user under which the server is running, and inaccessible to other users on the system.  You may like to set the umask of the server process to ensure that any files it creates are readable only by the appropriate user.  For example:

umask 007
bin/paster serve development.ini

Here is an example startup script for /etc/init.d, change directories/user names and make sure the PID_FILE directory is granted permissions as appropriate.

#!/bin/bash

### BEGIN INIT INFO
# Provides:          paster
# Required-Start:    $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: starts the paster server
# Description:       starts paster
### END INIT INFO

PROJECT=/path/to/server-full
#VIRTUALENV=/home/mozilla-sync/src
#PID_DIR=/var/run/
PID_FILE=/var/run/mozilla-sync/firefox-sync.pid
LOG_FILE=/var/log/firefox-sync.log
USER=ffsyncuser
GROUP=ffsyncgrp
PROD_FILE=/path/to/server-full/development.ini
RET_VAL=0

#source $VIRTUALENV/bin/activate

cd $PROJECT

case "$1" in
start)
bin/paster serve \
--daemon \
--pid-file=$PID_FILE \
--log-file=$LOG_FILE \
--user=$USER \
--group=$GROUP \
$PROD_FILE \
start

;;
stop)
bin/paster serve \
--daemon \
--pid-file=$PID_FILE \
--log-file=$LOG_FILE \
--user=$USER \
--group=$GROUP \
$PROD_FILE \
rm -f $PID_FILE
stop

;;
restart)
bin/paster serve \
--daemon \
--pid-file=$PID_FILE \
--log-file=$LOG_FILE \
--user=$USER \
--group=$GROUP \
$PROD_FILE \
restart

;;
status)
bin/paster serve \
--daemon \
--pid-file=$PID_FILE \
--log-file=$LOG_FILE \
--user=$USER \
--group=$GROUP \
status

;;
*)
echo $"Usage: $0 {start|stop|restart|status}"
exit 1
esac

exit $RET_VAL

Leave a Response

unilinear