Knowledgebase

Install a Firefox Sync Server on Debian or Ubuntu Print

  • 0

Overview

Firefox Sync is a feature built-in to the Firefox browser that allows syncing preferences and user data between all your devices. This includes bookmarks, passwords, history, and installed add-ons. By default, Firefox uses Mozilla's servers for the Sync feature. However, setting up a self-hosted Firefox Sync server allows you to configure Firefox to use your server instead, which gives you more control, and the sync feature no longer relies on Mozilla's servers. This is helpful to comply with strict security regulations that require on-premises services.

This article explains how to install a self-hosted Firefox Sync server. We tested this article on Ubuntu 20.04 and Debian 11.

Requirements

  • Deploy a server running Ubuntu 20.04 or Debian 11.
  • Update the Ubuntu or Debian server.
  • Create a non-root sudo user.
  • Create a Fully Qualified Domain Name (FQDN) and point that to your server's IP address. This article uses syncserver.example.com; you should replace that with your FQDN name in the instructions below. Follow the instructions at your DNS host or domain registrar, or use this guide if you use Rcs DNS.

1. Install Docker

Mozilla provides Sync Server as an official Docker image. Docker is a container management engine allowing applications for imaging and deploying applications in isolated environments across different platforms and infrastructures.

Docker on Ubuntu

Run the following commands to add the docker-ce repository and install Docker on Ubuntu.

$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
$ echo \
$   "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$   $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
$ sudo apt update
$ sudo apt install -y docker-ce docker-ce-cli containerd.io

Docker on Debian

Run the following commands to add the docker-ce repository and install Docker on Debian.

$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
$ echo \
$   "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
$   $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
$ sudo apt update
$ sudo apt install -y docker-ce docker-ce-cli containerd.io

2. Install a Web Server for Reverse Proxy

You can install either Nginx or Apache as a reverse proxy. If you aren't sure which one you want to use, choose Nginx. Do not install both.

Option 1: Install Nginx

Run the following command to install Nginx.

$ sudo apt install -y nginx

Option 2: Install Apache

Run the following command to install Apache.

$ sudo apt install -y apache2

3. Install Snap

Certbot requests an HTTPS certificate from Let's Encrypt for your web server. Certbot requires Snap. If you already have Snap, skip to the next step. Otherwise, run the following command to install Snap.

$ sudo apt install -y snapd

4. Install Certbot

Install Certbot with Snap.

$ sudo snap install core
$ sudo snap refresh core
$ sudo snap install --classic certbot
$ sudo ln -s /snap/bin/certbot /usr/bin/certbot

If you received the error too early for operation, wait 10 seconds and try the command again.

5. Install Sync Server

In the steps below, make sure to replace syncserver.example.com with your Fully Qualified Domain Name (FQDN).

Install Sync Server with Docker.

$ sudo docker run \
$   -d \
$   --name syncserver \
$   -v syncserver:/data \
$   -p 127.0.0.1:5000:5000 \
$   -e "SYNCSERVER_PUBLIC_URL=https://syncserver.example.com" \
$   -e "SYNCSERVER_SECRET=$(head -c 20 /dev/urandom | sha256sum)" \
$   -e "SYNCSERVER_SQLURI=sqlite:////data/syncserver.db" \
$   -e "SYNCSERVER_BATCH_UPLOAD_ENABLED=true" \
$   -e "SYNCSERVER_FORCE_WSGI_ENVIRON=true" \
$   --restart unless-stopped \
$   -u 0:0 \
$   mozilla/syncserver:latest

6. Configure Firewall

Run the following commands to open ports for SSH, HTTP and HTTPS.

$ sudo ufw reset
$ sudo ufw allow in to any port 22 proto tcp
$ sudo ufw allow in to any port 80 proto tcp
$ sudo ufw allow in to any port 443 proto tcp
$ sudo ufw enable

7. Configure Web Server

If You Installed Nginx

  1. Edit the Nginx configuration file.

     $ sudo nano /etc/nginx/sites-enabled/syncserver.conf
  2. Insert the following contents.

     server {
       listen 80;
       listen [::]:80;
       server_name syncserver.example.com;
    
       location / {
         proxy_pass http://127.0.0.1:5000;
         proxy_http_version 1.1;
         proxy_set_header Connection $http_connection;
         proxy_set_header Upgrade $http_upgrade;
       }
     }
  3. Save and close the file.

If You Installed Apache

  1. Enable the following modules.

     $ sudo a2enmod ssl
     $ sudo a2enmod headers
     $ sudo a2enmod proxy
     $ sudo a2enmod proxy_http
     $ sudo a2enmod deflate
  2. Edit the Apache configuration file.

     $ sudo nano /etc/apache2/sites-enabled/syncserver.conf
  3. Insert the following content:

     <VirtualHost *:80>
       ServerName syncserver.example.com
       ProxyPass / http://127.0.0.1:5000/
       ProxyPassReverse / http://127.0.0.1:5000/
     </VirtualHost>
  4. Save and exit the file.

8. Configure Certbot

For Nginx

$ sudo certbot --nginx --agree-tos --no-eff-email -d syncserver.example.com -m admin@example.com

For Apache

$ sudo certbot --apache --agree-tos --no-eff-email -d syncserver.example.com -m admin@example.com

9. Configure the Client

Replace syncserver.example.com with your domain name in the instructions below.

  1. In a new Firefox window, open about:config
  2. Search for the following key: identity.sync.tokenserver.uri
  3. Set the value to: https://syncserver.example.com/token/1.0/sync/1.5

10. Test the Client

In a new Firefox window:

  1. Open the top-right menu.
  2. Sign in to your Firefox account.
  3. Click your Firefox account's email address.
  4. Click the Sync now button.
  5. Open the URL: about:sync-log
  6. Verify that a file exists in the format: success-sync-XXXX.txt

More Information

To find out more about Firefox Sync, visit the following links:

Overview Firefox Sync is a feature built-in to the Firefox browser that allows syncing preferences and user data between all your devices. This includes bookmarks, passwords, history, and installed add-ons. By default, Firefox uses Mozilla's servers for the Sync feature. However, setting up a self-hosted Firefox Sync server allows you to configure Firefox to use your server instead, which gives you more control, and the sync feature no longer relies on Mozilla's servers. This is helpful to comply with strict security regulations that require on-premises services. This article explains how to install a self-hosted Firefox Sync server. We tested this article on Ubuntu 20.04 and Debian 11. Requirements Deploy a server running Ubuntu 20.04 or Debian 11. Update the Ubuntu or Debian server. Create a non-root sudo user. Create a Fully Qualified Domain Name (FQDN) and point that to your server's IP address. This article uses syncserver.example.com; you should replace that with your FQDN name in the instructions below. Follow the instructions at your DNS host or domain registrar, or use this guide if you use Rcs DNS. 1. Install Docker Mozilla provides Sync Server as an official Docker image. Docker is a container management engine allowing applications for imaging and deploying applications in isolated environments across different platforms and infrastructures. Docker on Ubuntu Run the following commands to add the docker-ce repository and install Docker on Ubuntu. $ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg $ echo \ $ "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \ $ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null $ sudo apt update $ sudo apt install -y docker-ce docker-ce-cli containerd.io Docker on Debian Run the following commands to add the docker-ce repository and install Docker on Debian. $ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg $ echo \ $ "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \ $ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null $ sudo apt update $ sudo apt install -y docker-ce docker-ce-cli containerd.io 2. Install a Web Server for Reverse Proxy You can install either Nginx or Apache as a reverse proxy. If you aren't sure which one you want to use, choose Nginx. Do not install both. Option 1: Install Nginx Run the following command to install Nginx. $ sudo apt install -y nginx Option 2: Install Apache Run the following command to install Apache. $ sudo apt install -y apache2 3. Install Snap Certbot requests an HTTPS certificate from Let's Encrypt for your web server. Certbot requires Snap. If you already have Snap, skip to the next step. Otherwise, run the following command to install Snap. $ sudo apt install -y snapd 4. Install Certbot Install Certbot with Snap. $ sudo snap install core $ sudo snap refresh core $ sudo snap install --classic certbot $ sudo ln -s /snap/bin/certbot /usr/bin/certbot If you received the error too early for operation, wait 10 seconds and try the command again. 5. Install Sync Server In the steps below, make sure to replace syncserver.example.com with your Fully Qualified Domain Name (FQDN). Install Sync Server with Docker. $ sudo docker run \ $ -d \ $ --name syncserver \ $ -v syncserver:/data \ $ -p 127.0.0.1:5000:5000 \ $ -e "SYNCSERVER_PUBLIC_URL=https://syncserver.example.com" \ $ -e "SYNCSERVER_SECRET=$(head -c 20 /dev/urandom | sha256sum)" \ $ -e "SYNCSERVER_SQLURI=sqlite:////data/syncserver.db" \ $ -e "SYNCSERVER_BATCH_UPLOAD_ENABLED=true" \ $ -e "SYNCSERVER_FORCE_WSGI_ENVIRON=true" \ $ --restart unless-stopped \ $ -u 0:0 \ $ mozilla/syncserver:latest 6. Configure Firewall Run the following commands to open ports for SSH, HTTP and HTTPS. $ sudo ufw reset $ sudo ufw allow in to any port 22 proto tcp $ sudo ufw allow in to any port 80 proto tcp $ sudo ufw allow in to any port 443 proto tcp $ sudo ufw enable 7. Configure Web Server If You Installed Nginx Edit the Nginx configuration file. $ sudo nano /etc/nginx/sites-enabled/syncserver.conf Insert the following contents. server { listen 80; listen [::]:80; server_name syncserver.example.com; location / { proxy_pass http://127.0.0.1:5000; proxy_http_version 1.1; proxy_set_header Connection $http_connection; proxy_set_header Upgrade $http_upgrade; } } Save and close the file. If You Installed Apache Enable the following modules. $ sudo a2enmod ssl $ sudo a2enmod headers $ sudo a2enmod proxy $ sudo a2enmod proxy_http $ sudo a2enmod deflate Edit the Apache configuration file. $ sudo nano /etc/apache2/sites-enabled/syncserver.conf Insert the following content: ServerName syncserver.example.com ProxyPass / http://127.0.0.1:5000/ ProxyPassReverse / http://127.0.0.1:5000/ Save and exit the file. 8. Configure Certbot For Nginx $ sudo certbot --nginx --agree-tos --no-eff-email -d syncserver.example.com -m admin@example.com For Apache $ sudo certbot --apache --agree-tos --no-eff-email -d syncserver.example.com -m admin@example.com 9. Configure the Client Replace syncserver.example.com with your domain name in the instructions below. In a new Firefox window, open about:config Search for the following key: identity.sync.tokenserver.uri Set the value to: https://syncserver.example.com/token/1.0/sync/1.5 10. Test the Client In a new Firefox window: Open the top-right menu. Sign in to your Firefox account. Click your Firefox account's email address. Click the Sync now button. Open the URL: about:sync-log Verify that a file exists in the format: success-sync-XXXX.txt More Information To find out more about Firefox Sync, visit the following links: Mozilla Firefox Sync Server Docker image Mozilla Services - Run your own Sync-1.5 Server

Was this answer helpful?
Back

Powered by WHMCompleteSolution