Mozilla Sync Server - SynoCommunity/spksrc GitHub Wiki

Introduction

Mozilla Sync Server allows you to sync bookmarks, passwords, settings, history, add-ons, and tabs across multiple Firefox devices. It supports:

Desktop: Firefox 42+
Mobile: Firefox 44+ (Android) and Firefox 18+ (iOS)
Forks: Compatible with Iceweasel and similar alternatives

Installing the Synology Package

During installation, you’ll be prompted to enter the MariaDB root password to create a database for storing synced data.

Choosing Your Public URL

You must choose either an internal IP or an external domain name.

Use Case	URL Format	Works with Desktop?	Works with Mobile?	Recommended?
Internal-only (Local Sync, No Mobile)	`http://192.168.1.100:8132`	✅ Yes	❌ No	🚫 Not for mobile users
External + Mobile Access (Full Sync)	`https://example.com:8133`	✅ Yes	✅ Yes	✅ Recommended

For internal/local use only (not mobile-compatible):
```
http://192.168.1.100:8132
```
For external and mobile access (recommended):
```
https://example.com:8133
```
Note: Mobile clients require HTTPS, so if you plan to sync Firefox on mobile devices, you must use an external domain with SSL (HTTPS).

After Installation

Once installed, the Sync Server will be available at:

Internal setup: http://192.168.1.100:8132/1.0/sync/1.5
External setup: https://example.com:8133/1.0/sync/1.5

To use HTTPS, see Enabling SSL (HTTPS).

Testing Installation

Entering the Sync URL in a browser will return an "Unauthorized" error. To verify the server is running, visit:

http://192.168.1.100:8132/__heartbeat__

Configuring Firefox

Desktop Clients

Open Firefox and go to about:config.
Search for identity.sync.tokenserver.uri and update it to:
```
http://192.168.1.100:8132/1.0/sync/1.5
```
If using Firefox 42 or earlier, use services.sync.tokenServerURI instead.
Open the menu in Firefox and click Sign in to Sync. Follow the prompts to create an account and select sync options.
Repeat step 2 on additional devices before signing in with the same account.

Android Clients

Enable the debug menu before signing in:
- Go to Settings > About Firefox and tap the Firefox logo five times until you see "Debug menu enabled".
Open Settings > Sync Debug, then set:
- Custom Sync Server: https://example.com:8133/1.0/sync/1.5
Tap ✕ Stop Firefox in the menu, then reopen the app.
Sign in via Settings > Synchronize and Save Data.

To change Sync Debug settings later, re-enable the debug menu (Settings > About Firefox, tap the logo five times), modify settings, then restart Firefox.

iOS Clients

Enable debug settings before signing in:
- Go to Settings > About and tap the version number five times until a Debug section appears.
In Account > Advanced Sync Settings, set:
- Custom FxA Content Server: https://accounts.firefox.com
- Custom Sync Token Server: https://example.com:8133/1.0/sync/1.5
Go to Settings > Account > Synchronize and Save Data, then sign in.

Once signed in, Advanced Sync Settings will no longer be visible. To update settings later:

Go to Settings > Account and tap Disconnect Sync.
Repeat the setup process with updated URLs, then sign in again.

Enabling SSL (HTTPS)

Mozilla Sync Server does not natively support SSL. Instead, use Synology DSM's built-in reverse proxy.

Prerequisites

Before setting up SSL, ensure:

You plan to use HTTPS (https://example.com:8133), as mobile clients require it.
You have a domain name (e.g., example.com) resolving to your Synology’s public IP.
A valid SSL certificate is installed on your Synology DSM.

DSM Reverse Proxy Setup

Open DSM Reverse Proxy Settings:
- DSM 6: Control Panel > Application Portal > Reverse Proxy
- DSM 7: Control Panel > Login Portal > Advanced > Reverse Proxy
Create a new reverse proxy rule:
- Description: Mozilla Sync Server
- Source:
  - Protocol: HTTPS
  - Hostname: example.com
  - Port: 8133 (or 443 if available)
  - Enable HSTS
- Destination:
  - Protocol: HTTP
  - Hostname: localhost
  - Port: 8132
Save and apply the changes.

Sync Server URL

After setting up the reverse proxy, all clients (desktop & mobile) must use the following URL:
```
https://example.com:8133/1.0/sync/1.5
```

Router & Firewall Configuration

To allow external access:

Open port 8133 in Synology's firewall (Control Panel > Security > Firewall).
Forward port 8133 on your router/firewall to your Synology NAS.
Ensure your domain (example.com) resolves to your public IP.
For internal access, configure an internal DNS record mapping example.com to your Synology’s local IP.

Troubleshooting

Checking Logs

Firefox logs sync errors at:

about:sync-log

To enable success logs, go to about:config and set:

services.sync.log.appender.file.logOnSuccess = true

Common Errors

Unauthorized Error

{"status": "error", "errors": [{"location": "body", "name": "", "description": "Unauthorized"}]}

Cause: Attempting to access http://192.168.1.100:8132/1.0/sync/1.5 directly.

✅ Fix: Use http://192.168.1.100:8132/__heartbeat__ instead.

Mobile Clients Can’t Connect

Firefox mobile requires HTTPS. Ensure SSL is set up properly.
iOS login fails with a blank page:
- Ensure Custom FxA Content Server is set to:
```
https://accounts.firefox.com
```
- Do not add a trailing slash.
TLS validation error:
```
Validation error: URL does not use TLS protocol
```
Cause: The public URL set during installation does not match the Sync server hostname.

✅ Fix: Reinstall or update the database manually (advanced users):
```
UPDATE nodes SET node = 'https://example.com:8133' WHERE id = 1;
```
Error when switching from internal IP to a domain name:
If you originally installed the Sync server using an internal IP (http://192.168.1.100:8132) but later switched to an external domain (https://example.com:8133), some clients may still try to sync using the old address.

✅ Fix:
- Remove and re-add the Sync account on affected clients.
- Ensure all clients are using the correct identity.sync.tokenserver.uri.