Lnxgeek.org Wiki - Freedom of choice, I choose Freedom

User Tools

Site Tools

You are here: start » howtos » setup_a_private_firefox_sync_server
howtos:setup_a_private_firefox_sync_server
no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


howtos:setup_a_private_firefox_sync_server [02/12/2018 21:34] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== Pre-req software ======
 +For the Firefox sync server to work we need the following software in place:
  
 +<code>
 +apt-get install python-dev mercurial  python-virtualenv libmysqlclient-dev python-mysqldb sqlite3 python-pastedeploy libapache2-mod-wsgi 
 +</code>
 +
 +Note that I've planed to use a Apache web server and not the standalone application.
 +
 +====== MySQL ======
 +As the backend I want to use a MySQL database. Default the application uses sqlite but that doesn't fit my needs.
 +
 +The application will create the needed tables at runtime, so you only need to prepare the database:
 +
 +<code>
 +mysql -u root -p
 +create database mozilla;
 +GRANT ALL PRIVILEGES ON mozilla.* TO mozilla@localhost IDENTIFIED BY '<password>';
 +flush privileges;
 +exit
 +</code>
 +
 +With these commands run you will now have a database called "mozilla" and a privileged user also called "mozilla". You can of course modify this to your needs.
 +
 +====== Application files ======
 +
 +Next up is getting hold of the source files. For unknown reasons directory paths are being written to some of the files, so you can't easily download the files in one place and move them into an other. So create the Apache document root and retrieve the files from there:
 +
 +<code>
 +mkdir /var/www/mozilla
 +cd /var/www/mozilla
 +hg clone https://hg.mozilla.org/services/server-full
 +cd server-full/
 +make build
 +</code>
 +
 +Now change the permissions to let the Apache user read the application files and add a tmp directory for logging:
 +
 +<code>
 +chown -R www-data.www-data mozilla/
 +find . -name ".hg*" -type d | xargs chown root.root
 +cd mozilla/server-full/
 +mkdir tmp
 +</code>
 +
 +The ".hg" files needs to be owned by root otherwize Mercurial wouldn't update the files, as it needs to be owned by the user who is running the update itself (which will be root).
 +
 +I need the application to run under a different user than the default Apache user thus I create an application user "mozilla" and assign the proper rights to the directories:
 +
 +<code>
 +useradd mozilla
 +chown mozilla.mozilla mozilla/server-full/tmp
 +chgrp mozilla deps/server-reg/syncreg/templates
 +chmod 775 deps/server-reg/syncreg/templates
 +chgrp mozilla syncserver/templates
 +chmod 775 syncserver/templates
 +</code>
 +
 +====== sync.conf ======
 +
 +<file>
 +[captcha]
 +use = true
 +public_key = xxx
 +private_key = xxx
 +use_ssl = False
 +
 +[storage]
 +backend = syncstorage.storage.sql.SQLStorage
 +sqluri = mysql://mozilla:password@localhost:3306/mozilla
 +standard_collections = False
 +use_quota = true
 +quota_size = 102400
 +pool_size = 100
 +pool_recycle = 3600
 +create_tables = true
 +
 +[auth]
 +backend = services.user.sql.SQLUser
 +sqluri = mysql://mozilla:password@localhost:3306/mozilla
 +pool_size = 100
 +pool_recycle = 3600
 +create_tables = true
 +
 +[nodes]
 +# You must set this to your client-visible server URL.
 +fallback_node = https://example.com/mozilla/
 +
 +[smtp]
 +host = localhost
 +port = 25
 +sender = weave@example.com
 +
 +[cef]
 +use = true
 +file = syslog
 +vendor = mozilla
 +version = 0
 +device_version = 1.3
 +product = weave
 +</file>
 +
 +There are a couple of configuration files inside etc. As I want to use MySQL I use the mysql.conf as a template and copy it into sync.conf. As this contains passwords for the MySQL user and captcha keys it needs to be protected by permissions.
 +
 +<code>
 +cd mozilla/server-full/etc
 +chmod 640 sync.conf 
 +</code>
 +
 +====== development.ini ======
 +Inside this file I've change this section to put the logfile into my tmp folder:
 +
 +<file>
 +.
 +.
 +.
 +
 +[handler_syncserver_errors]
 +class = handlers.RotatingFileHandler
 +args = ('/var/www/mozilla/server-full/tmp/sync-error.log',)
 +level = ERROR
 +formatter = generic
 +.
 +.
 +.
 +</file>
 +
 +====== sync.wsgi ======
 +
 +Inside this file I've also change the default cache directory to match my tmp folder:
 +
 +<file>
 +.
 +.
 +.
 +
 +# setting up the egg cache to a place where apache can write
 +os.environ['PYTHON_EGG_CACHE'] = '/var/www/mozilla/tmp/python-eggs'
 +.
 +.
 +.
 +</file>
 +
 +====== Apache vhost ======
 +
 +As we use Apache as frontend that of course needs to be configured. I would like to use a SSL enabled vhost to protect username and password. Unfortunatly I only have one IP address so I must share that with other services. To get around that I use a subfolder "/mozilla". This limitation has an other issue and that is the application has some enduser servicelinks for reset password and such, that doesn't work with subfolders.
 +
 +
 +<file>
 +    WSGIProcessGroup mozilla
 +    WSGIDaemonProcess mozilla user=mozilla group=mozilla processes=2 threads=25
 +    WSGIPassAuthorization On
 +    WSGIScriptAlias /mozilla /var/www/mozilla/server-full/sync.wsgi
 +<Directory "/var/www/mozilla/server-full">
 +    AllowOverride All
 +    Order allow,deny
 +    Allow from all
 +</Directory>
 +</file>
 +
 +====== Enduser service links ======
 +
 +https://mozilla-sync.example.com/ 
 +This should give you the message 404 Not Found - The resource could not be found.
 +
 +https://mozilla-sync.example.com/__heartbeat__ 
 +This will show an empty page, even if you look at the source code, it is empty. This is a special URL which could be used in monitoring to check if the sync server is properly working. It returns code 200 when running and error code 503 when something failed
 +
 +https://mozilla-sync.example.com/weave-password-reset 
 +This is the URL which is used to reset the password and should display a nice web page where you can enter your username (e-mail address) and then request a reset key. I do not know if this web page already will be displayed at this point, as the database is still empty.
 +
 +https://mozilla-sync.example.com/weave-delete-account 
 +This is the URL which is used to permanently delete an account and should display a nice web page where you can enter your username (e-mail address) and password to delete an existing account. I do not know if this web page already will be displayed at this point, as the database is still empty.
 +
 +====== Backup and Update ======
 +As we're updating inside the productionfolder a backup is vital. Put the following inside a little script:
 +
 +<file>
 +cd /var/www/mozilla
 +cp -pr server-full server-full-`date +%Y.%m.%d-%H%M` # backup the folder
 +cd /var/www/mozilla/server-full
 +hg pull -uv
 +</file>
 +
 +====== Client log ======
 +
 +about:sync-log
 +
 +
 +====== Not sure .... ======
 +
 +bin/easy_install paste 
 +bin/easy_install SQLAlchemy
 +bin/easy_install Pylons
howtos/setup_a_private_firefox_sync_server.txt · Last modified: 02/12/2018 21:34 by 127.0.0.1