pyrox.dev
1# Firefox Sync server {#module-services-firefox-syncserver}
2
3A storage server for Firefox Sync that you can easily host yourself.
4
5## Quickstart {#module-services-firefox-syncserver-quickstart}
6
7The absolute minimal configuration for the sync server looks like this:
8
9```nix
10{
11 services.mysql.package = pkgs.mariadb;
12
13 services.firefox-syncserver = {
14 enable = true;
15 secrets = builtins.toFile "sync-secrets" ''
16 SYNC_MASTER_SECRET=this-secret-is-actually-leaked-to-/nix/store
17 '';
18 singleNode = {
19 enable = true;
20 hostname = "localhost";
21 url = "http://localhost:5000";
22 };
23 };
24}
25```
26
27This will start a sync server that is only accessible locally on the following url: `http://localhost:5000/1.0/sync/1.5`.
28See [the dedicated section](#module-services-firefox-syncserver-clients) to configure your browser to use this sync server.
29
30::: {.warning}
31This configuration should never be used in production. It is not encrypted and
32stores its secrets in a world-readable location.
33:::
34
35## More detailed setup {#module-services-firefox-syncserver-configuration}
36
37The `firefox-syncserver` service provides a number of options to make setting up
38small deployment easier. These are grouped under the `singleNode` element of the
39option tree and allow simple configuration of the most important parameters.
40
41Single node setup is split into two kinds of options: those that affect the sync
42server itself, and those that affect its surroundings. Options that affect the
43sync server are `capacity`, which configures how many accounts may be active on
44this instance, and `url`, which holds the URL under which the sync server can be
45accessed. The `url` can be configured automatically when using nginx.
46
47Options that affect the surroundings of the sync server are `enableNginx`,
48`enableTLS` and `hostname`. If `enableNginx` is set the sync server module will
49automatically add an nginx virtual host to the system using `hostname` as the
50domain and set `url` accordingly. If `enableTLS` is set the module will also
51enable ACME certificates on the new virtual host and force all connections to
52be made via TLS.
53
54For actual deployment it is also recommended to store the `secrets` file in a
55secure location.
56
57## Configuring clients to use this server {#module-services-firefox-syncserver-clients}
58
59### Firefox desktop {#module-services-firefox-syncserver-clients-desktop}
60To configure a desktop version of Firefox to use your server, navigate to
61`about:config` in your Firefox profile and set
62`identity.sync.tokenserver.uri` to `https://myhostname:5000/1.0/sync/1.5`.
63
64### Firefox Android {#module-services-firefox-syncserver-clients-android}
65To configure an Android version of Firefox to use your server:
66* First ensure that you are disconnected from you Mozilla account.
67* Go to App Menu > Settings > About Firefox and click the logo 5 times. You
68 should see a “debug menu enabled” notification.
69* Back to the main menu, a new menu "sync debug" should have appeared.
70* In this menu, set "custom sync server" to `https://myhostname:5000/1.0/sync/1.5`.
71
72::: {.warning}
73Changes to this configuration value are ignored if you are currently connected to your account.
74:::
75
76* Restart the application.
77* Log in to your account.