Run a private Sync Server for Firefox on Kubernetes
If you don’t want to store all your data in the Firefox Cloud you can run your own self-hosted Firefox Sync Server.
Firefox is a great web browser that is free and open source. It offers a ton of features and focuses on protecting the user's privacy. A key feature is the ability to sync bookmarks, tabs, cronics and more to the Firefox Cloud and from there to all your Firefox installations.
If you don’t want to store all your data in the Firefox Cloud you can run your own self-hosted Firefox Sync Server. This guide shows you how to run such a Sync Server on Kubernetes and how to configure Firefox to use it for synchronisation.
Installation of the Sync Server
I'm assuming you have a Kubernetes cluster up and running, and that it's publicly acessible. From there we will use Helm to install the Sync Server. I have created a Helm Chart for this purpose, which can be found here: https://artifacthub.io/packages/helm/christianhuth/syncserver
Add the Helm Chart repository and update the local index:
helm repo add christianhuth https://charts.christianhuth.de
helm repo update
Next, create the values.yaml
configuration file, which defines how we want to configure the Helm Chart:
ingress:
enabled: true
hosts:
- host: firefox-syncserver.example.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: firefox-syncserver.example.com-tls
hosts:
- firefox-syncserver.example.com
syncserver:
config:
allowNewUser: true
existingSecret: syncserver
publicUrl: https://firefox-syncserver.example.com
persistence:
enabled: true
resources:
requests:
storage: 1Gi
In this example configuration I am using firefox-syncserver.example.com
as the public URL for the Sync Server. This will be used later to configure the instances of the Firefox browser.
Otherwise, I'm enabling and configuring persistent storage (you don't want to lose all your data if the Pod crashes, do you?) with the syncserver.persistence
options and referencing a Kubernetes secret (syncserver.config.existingSecret
) that contains a secret key to identify the Sync Server after the first login.
Finally, I allow new users to log in to the Sync Server (syncserver.config.allowNewUser
). Make sure you disable this (or remove the field as the default value is false
) once you are logged in to the Sync Server. It's sufficient to login from one browser instance.
Now we can start the installation of the Sync Server:
helm install firefox-syncserver christianhuth/syncserver -f values.yaml --namespace firefox --create-namespace
Configuration of Firefox
As a preparation, make sure you are logged out of your browser. The easiest way to check this is to go to about:preferences#sync
, which should not show your identity and instead provide a button to sign in.
Desktop
Open the about:config
page and search for the identity.sync.tokenserver.uri
setting. By default, it is set to the Mozilla Sync Server, which can be found athttps://token.services.mozilla.com/1.0/sync/1.5
.
Edit this field to point to your syncserver.config.publicUrl
plus /token/1.0/sync/1.5
. So in our example above, I’d set it to https://firefox-syncserver.example.com/token/1.0/sync/1.5
.
Now go back to about:preferences#sync
and log in with your Mozilla account. That's it! All your data will now be synchronised with your own Sync Server.
Android
On Android-based smartphones, there is no about:config
page. Instead, we need to enable the debug menu to point the Firefox browser to our own Sync Server.
- Go to the Settings menu
- About Firefox
- Click on to the Firefox logo 5 times until
Debug menu is enabled
appears - Go back to Settings
- Under the Account options, a new field
Userdefined syncserver
appears. Enter the public URL of your Sync Server. - Now log in to your account
Ta da! All the data from your Android phone now goes to your own Sync Server.
Conclusion
With this guide you will be able to run your own Firefox Sync Server and use it to synchronise bookmarks, tabs, settings and more in less than 10 minutes.
I am already working on a Helm Chart for the successor of the Sync Server, which is currently under development here https://github.com/mozilla-services/syncstorage-rs. It's a Rust rewrite of the Sync Server used in this article.