Firefox Sync Server
Contents
About
mozilla-services.readthedocs.io - Run your own Sync-1.5 Server
mozilla-services.readthedocs.io - Run your own Firefox Accounts Server
Some notes:
You still need a Mozilla Firefox account! You can circumvent this by hosting your own firefox account- and content-servers, too.
It's a terrible software.
- Dependency hell.
- Builds fail.
- Database model needs to be adjusted …
Installation
Prepare build environment
Download, build and test it
Workarounds
Current requirement.txt
Maybe it helps somebody. 
/opt/syncserver/requirements.txt
1 gevent==1.4.0
2 greenlet==0.4.14
3 #greenlet>=0.4.13
4 cornice==0.16.2
5 #cornice==3.5.1
6 gunicorn==19.10.0
7 pyramid==1.10.4
8 WebOb==1.8.5
9 requests==2.22.0
10 SQLAlchemy==1.3.3
11 unittest2==1.1
12 zope.component==4.2.1
13 configparser==3.7.4
14 mozsvc==0.10
15 futures==3.2
16 soupsieve==1.9.5
17 umemcache==1.6.3
18 google-cloud-spanner==1.18.0
19 #https://github.com/mozilla-services/tokenserver/archive/bf5f232ed78fb4eb89909ec5be40f135945aa514.zip
20 #https://github.com/mozilla-services/tokenserver/archive/39239dd7a8d6b8270e22c9b6fef3f6be147e0df4.zip
21 /opt/tokenserver-39239dd7a8d6b8270e22c9b6fef3f6be147e0df4
22 https://github.com/mozilla-services/server-syncstorage/archive/d370a488155adeb80ee6f1bc016a4aa9d009f181.zip
/opt/tokenserver-39239dd7a8d6b8270e22c9b6fef3f6be147e0df4/requirements.txt
1 alembic==1.0.9
2 asn1crypto==0.24.0
3 boto==2.49.0
4 certifi==2019.3.9
5 # Handle older cffi versions in circleci
6 cffi==1.14.0; platform_python_implementation == "CPython"
7 chardet==3.0.4
8 configparser==3.7.4
9 #cornice==3.5.1
10 cornice==0.16.2
11 cryptography==2.6.1
12 enum34==1.1.6
13 gevent==1.4.0
14 greenlet==0.4.14
15 gunicorn==19.10.0
16 hawkauthlib==2.0.0
17 hupper==1.6.1
18 idna==2.8
19 ipaddress==1.0.22
20 konfig==1.1
21 Mako==1.0.9
22 MarkupSafe==1.1.1
23 mozsvc==0.10
24 mysqlclient==1.4.6
25 Paste==3.0.8
26 PasteDeploy==2.0.1
27 plaster==1.0
28 plaster-pastedeploy==0.7
29 PyBrowserID==0.14.0
30 pycparser==2.19
31 PyFxA==0.7.7
32 PyJWT==1.7.1
33 PyMySQL==0.9.3
34 pymysql-sa==1.0
35 pyramid==1.10.4
36 python-dateutil==2.8.0
37 python-editor==1.0.4
38 repoze.lru==0.7
39 requests==2.22.0
40 simplejson==3.16.0
41 six==1.14.0
42 SQLAlchemy==1.3.3
43 testfixtures==6.7.0
44 tokenlib==2.0.0
45 translationstring==1.3
46 urllib3==1.25.2
47 venusian==1.2.0
48 WebOb==1.8.5
49 zope.deprecation==4.4.0
50 zope.interface==4.6.0
ConverterMapping
The import of function ConverterMapping fails as stated in this issue on github
I had to adjust requirements.txt
-configparser==3.5 +configparser==3.5.0b2
I guess you have to make also sure the right python-interpreter (from the venv) is used.
Database needs migration after upgrade
OperationalError: (sqlite3.OperationalError) no such column: keys_changed_at
Configure
Syncserver
Configuration will reside in /opt/syncserver/syncserver.ini
Create a server secret and write it into the configuration
/opt/syncserver/syncserver.ini
Create a user to run this service as, which has a home directory, a path for persistent variable data (e.g. a sqlite-database).
Create directory for the sqlite database within the new home-directory.
Apache2 as reverse proxy
Create configuration for apache2 and enable it /etc/apache2/sites-available/wiki.rockstable.it_8443.conf
1 <IfModule mod_ssl.c>
2 <VirtualHost _default_:8443>
3 Define SERVER_NAME wiki.rockstable.it
4 ServerName ${SERVER_NAME}
5 ServerAlias wiki1.rockstable.it
6 ServerAdmin webmaster@rockstable.it
7
8 DocumentRoot /opt/syncserver
9
10 # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
11 # error, crit, alert, emerg.
12 # It is also possible to configure the loglevel for particular
13 # modules, e.g.
14 #LogLevel info ssl:warn
15
16 ErrorLog ${APACHE_LOG_DIR}/syncserver_error.log
17 CustomLog ${APACHE_LOG_DIR}/syncserver_access.log combined
18
19 # SSL Engine Switch:
20 # Enable/Disable SSL for this virtual host.
21 SSLEngine on
22
23 # A self-signed (snakeoil) certificate can be created by installing
24 # the ssl-cert package. See
25 # /usr/share/doc/apache2/README.Debian.gz for more info.
26 # If both key and certificate are stored in the same file, only the
27 # SSLCertificateFile directive is needed.
28 #SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
29 #SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
30 SSLCertificateFile /etc/letsencrypt/live/wiki.rockstable.it/fullchain.pem
31 SSLCertificateKeyFile /etc/letsencrypt/live/wiki.rockstable.it/privkey.pem
32
33 <Directory /opt/syncserver>
34 Require all granted
35 </Directory>
36
37 WSGIProcessGroup syncserver
38 WSGIDaemonProcess syncserver user=syncserver group=syncserver \
39 processes=2 threads=25 maximum-requests=1000 umask=0007 \
40 python-path=/opt/syncserver/local/lib/python2.7/site-packages/ \
41 python-home=/opt/syncserver/local/
42 WSGIPassAuthorization On
43 WSGIScriptAlias / /opt/syncserver/syncserver.wsgi
44
45 # Always ensure Cookies have "Secure" set (JAH 2012/1)
46 #Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4"
47 </VirtualHost>
48 </IfModule>
Configure apache2 to listen on this "alternative" https-port 8443, too.
/etc/apache2/ports.conf
1 # If you just change the port or add more ports here, you will likely also
2 # have to change the VirtualHost statement
3
4 Listen 80
5
6 <IfModule ssl_module>
7 Listen 443
8 Listen 8443
9 </IfModule>
10
11 <IfModule mod_gnutls.c>
12 Listen 443
13 Listen 8443
14 </IfModule>
15
16 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Enable and test the new site in front of reloading the webserver
Test the connection
Change syncserver
Now proceed by changing the syncserver