Firefox Syncserver

a firefox sync server (API 1.1) written in perl

firefox screenshot  

Download

Feedback

Documentation

NAME

SyncServer - a firefox sync server written in perl

VERSION

1.1

DESCRIPTION

Mozilla's firefox sync server which is written in python has quite a lot of dependencies and is quite tricky to install on enterprise distros that don't ship with all those requirements.

This syncserver implements the syncserver user api 1.0 and the storage api 1.1 as a fcgi application. It is entirely written in perl, the requirements are as written below.

INSTALLATION

Run the following commands to install (see perldoc ExtUtils::MakeMaker for more options):

perl Makefile.PL
make
make install
install -D -m 644 examples/syncserver.cfg \
       /etc/syncserver/syncserver.cfg
install -m 755 examples/wbo-expire.cron /etc/cron.d

DEPENDENCIES

  • perl(FCGI)
  • perl(JSON)
  • perl(IO::Handle)
  • perl(MIME::Base64)
  • perl(Time::HiRes)
  • perl(Mail::Sendmail)
  • perl(Digest::SHA)
  • perl(DBI)
  • perl(DBD::MySQL) required for MySQL
  • perl(DBD::SQLite) required for SQLite3
  • perl(Net::LDAP) required for LDAP
  • perl(Cache::Memcached) required for LDAP, optional for DB
  • perl(Captcha::reCAPTCHA) (optional)
  • apache/httpd
  • mod_ssl
  • mod_fcgid
  • memcached
  • MySQL or SQLite

CONFIGURATION

httpd

SyncServer requires an ssl aware vhost with fcgi

AddHandler fcgid-script fpl
FcgidPassHeader AUTHORIZATION
FcgidPassHeader HTTP_AUTHORIZATION

set Aliases to the scripts as proposed in examples/httpd.conf

SyncServer

edit /etc/syncserver/syncserver.cfg to fit your needs:

  • register = 1|0

    enable / disable user registration.

  • recaptcha = 1|0

    use Google reCAPTCHA, please note this requires Captcha::reCAPTCHA.

  • recaptcha_privkey = 'xxx', recaptcha_pubkey = 'xxx'

    enter your Google reCAPTCHA key sets here.

  • secret = 'xxx'

    to override reCAPTCHA with an X-Weave-Secret header specify the secret here.

  • mailfrom = 'xxx'

    when sending password reset mails use this sender address.

  • memcached = 'server1:11211'

    memcached is required for ldap authentification and optional for database authentification (but it's recommended). specify the memcached servers here. Use multiple memcached lines for multiple servers.

  • dbi = driver

    specify your backend here (mysql and sqlite supported atm):

    dbi = 'dbi:SQLite:dbname=/tmp/foo.sqlite' # for sqlite
    dbi = 'dbi:mysql:database=dbname;host=localhost' # for mysql
  • dbuser = 'user', dbpass = 'pass'

    The database credentials. These directives must be set but are only evaluated by mysql.

  • ldap = 1|0

    Use LDAP for authentication

  • ldapuri = 'ldap://server:port'

    Bind against this LDAP server.

  • ldapbinddn = 'cn=...', ldapbindpw = 'xxx'

    the ldap readonly user's credentials.

  • ldapbasedn = 'dc=...'

    The LDAP search base.

  • ldapfilter = '(&(uid=*)(mail=*))'

    The LDAP search filter. 'mail' is required, but apart from that you're free to use any filter you like.

NOTES for LDAP authentication

to authenticate against an ldap server you'll need the following:

  • perl(Net::LDAP)
  • perl(Cache::Memcached)
  • memcached
  • an ldap server
  • a readonly ldap user
  • ldap users need their email address in the mail attribute

LDAP-Users still need to 'register' in order to initialize the database but they cannot change their password nor their email address. The password is not saved in the database.

UPGRADING

Please take a look at the provided sql files.