«

»

paź 14

How to install and configure own Firefox Sync Server - Weave - Debian.

Important!

Tested:

Debian 6.0.x, (64bit),
Debian 7.x.x, (64bit),
Server WWW - Apache 2 (2.2.1) (2.2.22) ,
Server MySQL (5.1.6x) (5.5.31),

Server DNS -Bind 9 (9.7.x) (9.8.4),
MTA e.g.: Sendmail, Postfix, Qmail...
Python (2.6) (2.7.3 ).

Windows 7 (64bit).

Firefox 17 - 24.

1. Install some needed dependencies..

sudo apt-get install python-dev mercurial python-virtualenv libapache2-mod-wsgi 
sudo apt-get install libmysqlclient-dev php5-sqlite python make mercurial sqlite3

2. Create User and Group for fsync - Firefox Sync - Weave.

Create user fsync:

  • home - /opt/fsync,
  • no password,
  • no login.


sudo adduser --disabled-password --shell /usr/sbin/nologin --home /opt/fsync fsync
sudo adduser www-data fsync

 

3. Install own Firefox Sync Server - Weave.

Download and install newer version of Firefox Sync server to /opt folder.

cd /opt
sudo hg clone https://hg.mozilla.org/services/server-full fsync
cd fsync
sudo make build
sudo bin/easy_install Mysql-Python

 

4. Configure Firefox Sync Server - Weave.

Backup configfiles.

sudo cp -p etc/sync.conf etc/sync.conf-orig
sudo cp -p development.ini development.ini-orig
sudo cp -p sync.wsgi sync.wsgi-orig

 

4.1. Edit configfile sync.conf.
sudo nano etc/sync.conf

 

[captcha]
...
use_ssl = true
...
[storage]
...
sqluri = mysql://fsync:PASSWORD@localhost:3306/fsync
quota_size = 10240 #(10MB)
...
[auth]
...
sqluri = mysql://fsync:PASSWORD@localhost:3306/fsync
...
[nodes]
...
fallback_node = https://fsync.YourServerName/
...
[smtp]
...
sender = fsync@YourServerName
...
[reset_codes]
...
backend = services.resetcodes.rc_sql.ResetCodeSQL
sqluri = mysql://fsync:PASSWORD@localhost:3306/fsync
create_tables = true

 

4.2. Edit configfile development.ini.
sudo nano development.ini

If you will need more info in logs, change option debug to True

[DEFAULT]
debug = False
...
[handler_syncserver_errors]
...
args = ('/opt/fsync/tmp/sync-error.log',)
...

 

4.3. Edit configfile sync.wsgi.
sudo nano sync.wsgi
...
os.environ['PYTHON_EGG_CACHE'] = '/opt/fsync/tmp/python-eggs'
...

 

5. Change permission for files and folders of Firefox Sync Server - Weave.

Create tmp folder.

sudo mkdir tmp
sudo chown fsync:fsync /opt/fsync -R
sudo chmod 640 fsync/etc/sync.conf
sudo chmod 770 fsync/tmp

 

6. Create database MySQL.

Create database and user: fsync.

sudo mysql -u root -p
create database fsync;
GRANT ALL PRIVILEGES ON fsync.* TO fsync@localhost IDENTIFIED BY 'PASSWORD';
flush privileges;
quit

 

7. Configure DNS Server - Bind9.

Tutorial - http://man.sethuper.com/1-ip-bind-dns-buddysns-hosting-delegacja-debian-ubuntu

Add to YourServerName zone:

fsync              CNAME        fsync.YourServerName
fsync   	IN       A      <IP address>
sudo /etc/init.d/bind9 restart

 

8. Configure Apache2 Server.

Create certificate SSL
Tutorial - http://man.sethuper.com/instalacja-i-konfiguracja-apache-php5-ruby-python-webdav.

Edit configfile: /etc/apache2/httpd.conf, configure server and add permanent redirection to port 443 (SSL).

sudo nano /etc/apache2/httpd.conf

Virtualhost:80

# http://fsync.YourServerName/
#=================================================================================
<VirtualHost *:80>
ServerName fsync.YourServerName
ServerAdmin webmaster@YourServerName
Redirect permanent / https://fsync.YourServerName/
ErrorLog /var/log/apache2/fsync/error.log
CustomLog /var/log/apache2/fsync/access.log combined
</VirtualHost>

#=================================================================================

Virtualhost:443 (SSL)

# https://fsync.YourServerName/
#=================================================================================

<VirtualHost *:443>
Servername fsync.YourServerName
ServerAdmin webmaster@YourServerName
DocumentRoot /opt/fsync
WSGIProcessGroup fsync
WSGIDaemonProcess fsync user=fsync group=fsync processes=2 threads=25 python-path=/opt/fsync/local/lib/python2.7/site-packages
WSGIPassAuthorization On
WSGIScriptAlias / /opt/fsync/sync.wsgi

ErrorLog /var/log/apache2/fsync/error-ssl.log
CustomLog /var/log/apache2/fsync/access-ssl.log combined

SSLEngine on
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
SSLCertificateFile /etc/apache2/ssl/YourServerName.crt
SSLCertificateKeyFile /etc/apache2/ssl/YourServerName.key
# SSLCertificateChainFile /etc/apache2/ssl/root_CA.crt
<Directory /opt/fsync>
  Order deny,allow
  Allow from all
</Directory>
</VirtualHost>

#=================================================================================

 

8.1. Secure Firefox Sync Server against bots.

Create file .htaccess.

sudo nano /opt/fsync/.htaccess
# Secure .htaccess
<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>

RewriteEngine On 
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] 
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] 
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] 
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] 
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] 
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] 
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Zeus 
RewriteRule ^.* - [F,L]
sudo chmod 644 /opt/fsync/.htaccess
sudo mkdir /var/log/apache2/fsync/
sudo chmod 750 -R /var/log/apache2/fsync/

 

Apache2 Configtest:

sudo apache2ctl configtest
Syntax OK
sudo /etc/init.d/apache2 restart

 

Test listening Firefox Sync - Weave.

 sudo ps auxwww | grep fsync
root 3389 0.0 0.0 112300 860 pts/3 S+ 22:33 0:00 grep fsync
fsync 5930 0.0 1.1 665004 22728 ? Sl 18:01 0:02 /usr/sbin/apache2 -k start
fsync 5931 0.0 1.1 731160 23108 ? Sl 18:01 0:03 /usr/sbin/apache2 -k start

 

Acces to WWW:

  • https://fsync.YourServerName/
    You should see an error- 404 Not Found - The resource could not be found.
  • https://fsync.YourServerName/__heartbeat__
    You should see blank page (source code should be blanked as well).
  • https://fsync.YourServerName/weave-password-reset
    You should see page - Password Reset:
  • https://fsync.YourServerName/weave-delete-account
    You should see page - Delete Account:

 

9. Konfiguracja przegladarki Firefox.

Go to:

  • Menu Firefox -> Option -> Option -> Synch tab.

Click on Set Up Firefox Sync, Create new account:.

  • E-mail - fill your real e-mail address,
  • Password,
  • Repeat Passeord,
  • Server - select Use a custom server
    and enter the URL: fsync.YourServerName - the URL will change automatically to: https://fsync.YourServerName.
  • Click Next.

 

 

10. Updating Firefox Sync Server - Weave.

Add user fsync to /etc/mercurial/hgrc as trusted  user.

sudo nano /etc/mercurial/hgrc

# system-wide mercurial configuration file
# See hgrc(5) for more information

[trusted]
 users = fsync
 groups = fsync

 

Backup Firefox Sync Server - Weave.
The Backup folder will be named: fsync with date and time:
e.g.: fsync-08.12.2021-18:43

cd /opt
cp -pr fsync fsync-`date +%d.%m.%Y-%H:%M`
cd /opt/fsync
sudo hg pull -uv

 

If you would like to just update the dependant repositories, without rebuilding any of the third-party dependencies from PyPI, then you should run this commands:

sudo virtualenv --no-site-packages --distribute
sudo make update
sudo /etc/init.d/apache2 restart

 

If for any reason the update fails, you should back up the defective update and restore previous backup.

cd /opt
sudo cp -pr fsync fsync-`date +%d.%m.%Y-%H:%M`-uszkodzony
sudo cp -pr fsync-`date +%d.%m.%Y-%H:%M`fsync
sudo /etc/init.d/apache2 restart

 

Example:

sudo cp -pr fsync fsync-08.12.2012-18:43-uszkodzony
sudo cp -pr fsync-22.10.2012-16:18 fsync
sudo /etc/init.d/apache2 restart

 

3 Komentarze

  1. supagusti

    Have you already tried with SQLlite? I’d like to know how the speed/response time compares to MySQL?
    I’m experiencing some performance issues within Firefox (had this also with the official sync server from Mozilla) - shows slowdowns when moving a tab into the sidebar.

    1. sethuper

      I prefer MySQL than SQLite.
      First sync takes couple minutes sometimes, but there is no any issue with speed/response..

  2. supagusti

    OK - I’ll give a try ...Thanks for your input!

Dodaj komentarz

Twój adres e-mail nie zostanie opublikowany. Pola, których wypełnienie jest wymagane, są oznaczone symbolem *