How To Install Firefox Sync Server on Ubuntu

Please note that since this guide was written, Mozilla has made some changes to Firefox that impacts syncing. If you are using Firefox 29 or later, version 1.1 of the Sync Server - which this guide covers - will not work. Sync Server 1.5 or later is required. I’ve written another guide you can follow to install the correct version of Firefox Sync Server for Firefox version 29 or later, you can find it here.

As a sort of intermission for my PRISM Break series of entries, I’ve written this step-by-step guide to how you can install your own, private Firefox Sync Server on Ubuntu. I’ve tested it on Ubuntu 12.04 LTS and Ubuntu 13.04 and it works fine there, and there’s a good chance you can follow this guide and successfully install the Sync Server on other versions of Ubuntu and other Debian based Linux distributions as well.

What is the Firefox Sync Server anyway? Well, if you are using the Firefox browser, you can use a feature called Sync to synchronize add-ons, bookmarks, settings and other browser data across multiple browsers. The easiest way to achieve this is to use the Sync Servers the Mozilla foundation provides, but to get even better privacy, you can install your very own Firefox Sync Server.

This guide assumes that yo have root privileges and a basic understanding of how to edit text files in Ubuntu (for instance with vim). It’s also convenient that you can access your server from the internet - or you’ll only be able to synchronize across all the browsers you are using on your local network, and that’s kind of lame, don’t you think?

Anyway. Here’s how you install the Firefox Sync Server on a freshly installed copy of Ubuntu.

First, we need to install a few packaged required to build and run the server.

sudo su
apt-get install python-dev mercurial sqlite3 python-virtualenv libssl-dev

Answer “yes” to any questions you might be asked and the packages and everything they depend on should download from the central Ubuntu repositories and install automatically. Depending on how much you already have installed and your internet connection, this might take a while.

Next we create a directory where we can install the server, clone the latest version from the Mozilla source code repository and build the server from the cloned source code. The make build command below might take a while; it most likely have to download a few dependencies from the internet and the time it takes to compile the code will vary depending on your hardware.

mkdir /opt/syncserver
cd /opt/syncserver
hg clone
cd server-full
make build
mkdir db
mkdir logs

The server is now built and ready to be used, but before we start it, some of the default configuration should be changed. Open the main configuration file, etc/sync.conf. Note that sync.conf is not located in /etc/, but in an etc subdirectory of the server-full directory you’re currently in. Uncomment the line below. If your server has its own domain name, replace localhost with the domain name. If you don’t have a domain name, enter the public IP address of the server. If you don’t have a public IP address, use the server’s local IP address instead. For an extra layer of security, you can also change the default port number to something else.

fallback_node = http://localhost:9937/

By default the server is configured to use a SQLite database for the storage and the user APIs, with the database file stored at /tmp/test.db. You will almost certainly want to change this to a more permanent location. We’ll be using the db directory we made after building the server.

sqluri = sqlite:////opt/syncserver/server-full/db/file.db

sqluri = sqlite:////opt/syncserver/server-full/db/file.db</pre>

We need to change the location where the server is writing its error logs. In the file development.ini (located in the server-full directory), locate the following line

args = ('/tmp/sync-error.log',)

and change it to

args = ('/opt/syncserver/server-full/logs/sync-error.log',)

If you changed the default port when you edited the fallback_node setting in etc/sync.conf, you also have to change the port number in the development.ini file. Locate the the line

port = 5000

and change it to

port = 9937

or whatever port number you used earlier. You now have the basic server configuration in order, and the server can be started. Before we start the server, however, we’ll create a new system user account that will used to run the server. This is safer than running it as the root user or the user account that you usually log in with. We also set the owner of the /opt/syncserver/ directory to the new user.

useradd -d /opt/syncserver/ -l -r -U ffsync
chown -R ffsync:ffsync /opt/syncserver/

It’s now time - finally - to start the server! Make sure you are in the /opt/syncserver/server-full/ directory when you run this command.

sudo -u ffsync bin/paster serve development.ini &

The ampersand at the end of the line makes sure the server starts up in the background. You can skip the ampersand, but then the server will be terminated when you log out. Once the server is launched, you can run the Firefox Sync Wizard and choose http://localhost:9937 as your Firefox Custom Sync Server.

The default configuration of the server allows new users to create an account through Firefox’s built in setup screen. This is useful during initial setup, but it means that anybody could sync against your server if they know its URL. You can disable creation of new accounts by setting auth.allow_new_users to false in the sync.conf config file:

allow_new_users = false

Even though the Firefox Sync Server is now up and running and perfectly usable, you still have one problem: It will not start automatically when your server is rebooted. Whenever that happens, you have to manually log in again and run the bin/paster command above. To get the sync server to start automatically, we have to create a startup script. This is somewhat advanced, so if 24/7 availability on the sync server is not that important, you can safely stop here.

Copy and paste the following code into a new file, /etc/init.d/syncserver:


# Provides:          paster
# Required-Start:    $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: starts the paster server
# Description:       starts paster


source $VIRTUALENV/bin/activate


case "$1" in
paster serve --daemon --pid-file=$PID_FILE --log-file=$LOG_FILE \
--user=$USER --group=$GROUP $PROD_FILE start

paster serve --daemon --pid-file=$PID_FILE --log-file=$LOG_FILE \
--user=$USER --group=$GROUP $PROD_FILE stop

paster serve --daemon --pid-file=$PID_FILE --log-file=$LOG_FILE \
--user=$USER --group=$GROUP $PROD_FILE restart

paster serve --daemon --pid-file=$PID_FILE --log-file=$LOG_FILE \
--user=$USER --group=$GROUP status

echo $"Usage: $0 {start|stop|restart|status}"
exit 1

exit $RET_VAL

Next, make sure the file is executable and configure Ubuntu so that the script will run when the operating system boots.

chmod +x /etc/init.d/syncserver
update-rc.d syncserver defaults

There you have it. The Firefox Sync Server should now automatically start on system boot. It can also be controller manually with the syncserver script in init.d, with start, stop, restart and status as possible commands.

You can now enjoy private synchronization across all your Firefox browsers both on desktop and mobile!

The next natural step now would be to secure your Firefox Sync Server with HTTPS. This is not in the scope of this article, and it’s pretty advanced stuff, but the topic is covered on other sites on the internet. Both the official documentation and this article will help you setting up the sync server with HTTPS.



Do you have any thoughts you want to share? A question, maybe? Or is something in this post just plainly wrong? Then please send an e-mail to vegard at vegard dot net with your input. You can also use any of the other points of contact listed on the About page.


It looks like you're using Google's Chrome browser, which records everything you do on the internet. Personally identifiable and sensitive information about you is then sold to the highest bidder, making you a part of surveillance capitalism.

The Contra Chrome comic explains why this is bad, and why you should use another browser.