Firefox Sync Server 1.5 On CentOS 7

Home » CentOS » Firefox Sync Server 1.5 On CentOS 7
CentOS 3 Comments

Hi,

I’m currently experimenting with setting up my own Firefox Sync Server on a public server running CentOS 7, following this document:

https://mozilla-services.readthedocs.io/en/latest/howtos/run-sync-1.5.html

So far I have a partial success. Bookmarks are syncing via the basic internal server running on port 5000, and I can also configure a MySQL
database for bookmark storage. What I can’t seem to do is configure everything to run behind Apache and WSGI.

Before I go into further details, has anybody here managed to get this thing to run on CentOS ?

Cheers from the sunny South of France,

Niki

Microlinux – Solutions informatiques durables
7, place de l’église – 30730 Montpezat Web : http://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32

3 thoughts on - Firefox Sync Server 1.5 On CentOS 7

  • Yes, I use the following httpd configuration file:

    WSGIProcessGroup sync WSGIPassAuthorization On

    WSGIDaemonProcess sync user=apache group=apache processes=2 threads=25
    python-path=/usr/local/lib/sync-1.5/syncserver/local/lib/python2.7/site-packages/
    WSGIScriptAlias /sync1.5 /usr/local/lib/sync-1.5/syncserver/syncserver.wsgi

      Require all granted

  • Le 22/10/2017 à 21:37, Gordon Messmer a écrit :

    And this is more or less what I have, but no luck.

    Allow me to retrace my steps from the beginning. Not the whole thing, but first things first, one step at a time.

    I switched SELinux to permissive mode. I figured I would deal with eventual alerts once everything is up and running.

    I installed dependencies: make, gcc, gcc-c++, python-devel and python-virtualenv.

    Even if this is a sandbox server where I can happily break stuff, I
    didn’t want to build third-party stuff as root on my machine, so I
    created a special user.

    Here’s what I did, step by step. The user is called ‘syncserver’, its home directory is /opt/syncserver, which also happens to be the downloaded source from Github. As to the stuff from /etc/skel, that’s my custom .bashrc and other things I usually add to a new user profile, with a custom PS1 and my custom command aliases.

    # useradd -c “Firefox Sync” -d /opt/syncserver syncserver
    # passwd syncserver
    # cd opt
    # rm -rf syncserver
    # git clone https://github.com/mozilla-services/syncserver
    # cp -v /etc/skel/.bash* syncserver/
    « /etc/skel/.bash_logout » -> « syncserver/.bash_logout »
    « /etc/skel/.bash_profile » -> « syncserver/.bash_profile »
    « /etc/skel/.bashrc » -> « syncserver/.bashrc »
    # chown -R syncserver:syncserver syncserver/
    # find syncserver/ -type d -exec chmod 0775 {} \;
    # find syncserver/ -type f -exec chmod 0664 {} \;
    # chmod 0750 syncserver/

    Note: I figured if a process like ‘apache’ has to access this stuff later, I can always add the corresponding system user to the
    ‘syncserver’ group with a ‘usermod -a -G syncserver apache’. Not 100 %
    sure about that though.

    Then I opened a new session as user ‘syncserver’ and built everything.

    $ make build (2 minutes)

    I ran the tests:

    $ make test (10 minutes, everything OK)

    For a first test, I edited /opt/syncserver/syncserver.ini. I wanted to keep the default configuration as much as possible, so I provided my server’s IP address for ‘host’ and ‘public_url’.

    –8<----------------------------------------------------------- [server:main] use = egg:gunicorn host = 163.172.220.174 port = 5000 workers = 1 timeout = 30 [app:main] use = egg:syncserver [syncserver] # This must be edited to point to the public URL of your server, # i.e. the URL as seen by Firefox. public_url = http://163.172.220.174:5000/
    –8<----------------------------------------------------------- I tested this on two sandbox client desktops I have in my office. I opened about:config, edited identity.sync.tokenserver.uri and provided my custom sync server: http://163.172.220.174:5000/token/1.0/sync/1.5

    I connected Firefox Sync on both clients, and bookmarks synchronized nicely, with a little lag, but everything seemed to run fine.

    Any comments so far? As far as I can see, you created a
    /usr/local/lib/sync-1.5/ directory and built this stuff there. As root or as a different user? Any custom permissions there? Unfortunately the documentation doesn’t say anything about permissions.

    Cheers & more later,

    Niki


    Microlinux – Solutions informatiques durables
    7, place de l’église – 30730 Montpezat Web : http://www.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32

  • The installation can be performed as a non-apache user, providing that apache can read the directory tree.  Apache should not have write access to any files created during the build process.

    However, the software is run by the apache user, so apache needs to own the database.  Assuming a sqlite3 build, syncserver.ini will refer to a file as “sqluri”.  The file identified by that setting should be owned and writable by the apache user.

    Is the problem that this application works when it’s run standalone, but not through apache?  I’m a little unclear since you said that you had two clients working.