blob: 33052c6c9cadd620dd54981ee76de7c31c879331 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
# minor skulk, an alternative firefox accounts server
this tool only exists because [fxa](https://github.com/mozilla/fxa/) is nearly
impossible to self-host with adequate amounts of effort. while it is possible to
do and a couple of instructional repositories exist (mostly using a lot of
docker containers), even small installs of fxa use a lot of system resources.
additionally fxa is simply not made with self-hosting in mind and requires both
google *and* amazon cloud services to function properly outside of development
or test installations (which use emulators for those cloud services instead).
as such the scope of minor skulk is extremely limited: it exists to make sync
work. all other features of fxa are out of scope, including (but not limited
to):
- payment processing
- support for third-party applications
- advanced user management
- support tools
- and others.
# requirements
- postgresql 14 or newer
- a local smtp server
- a tls reverse proxy (for productive deployments)
- a [syncstorage-rs](https://github.com/mozilla-services/syncstorage-rs) instance
# installation
minor skulk is built using cargo. rust version 1.61 and newer should work, older
versions have not been tested.
* compile minor-skulk with `cargo build`.
* edit `Rocket.toml`, settings values for all the mandatory parameters
* for test deployments it's sufficient to use the http server provided by
minor-skulk. live deployments **must** use a reverse proxy to add TLS!
* install [syncstorage-rs](https://github.com/mozilla-services/syncstorage-rs)
* configure syncstorage-rs for a single-node setup as exemplified in
[this nixos module](https://github.com/NixOS/nixpkgs/pull/176835).
you will also have to set `tokenserver.fxa_oauth_server_url` as
noted in `Rocket.toml`, otherwise actual sync will not work.
# configuring firefox desktop
go to `about:config` and set `identity.fxaccounts.autoconfig.uri` to
the address of your server, e.g. `http://localhost:8000` if you're just
starting minor-skulk locally for testing. if you are not using https you
must also create a `identity.fxaccounts.allowHttp` settings with value `true`,
otherwise firefox will not accept the config. restart firefox for the
changes to take effect, then create an account or log in as usual.
# configuring firefox android
this is a sufficiently involved process that the web interface has a
dedicated guide. just open the url of your server in firefox on android
and follow the guide. ("just". we're so sorry.)
# license
this project is licensed under the terms of the GNU General Public License
version 3.0 only. portions of this project (the fxa javascript client,
`web/js/browser`) is a fork of mozilla's
[fxa-auth-client](https://github.com/mozilla/fxa/blob/main/packages/fxa-auth-client)
and is licensed under the terms of the Mozilla Public License, v. 2.0.
|