Le 22/10/2017 à 21:37, Gordon Messmer a écrit :
Yes, I use the following httpd configuration file:
WSGIProcessGroup sync WSGIPassAuthorization On
WSGIDaemonProcess sync user=apache group=apache processes=2 threads=25 python-path=/usr/local/lib/sync-1.5/syncserver/local/lib/python2.7/site-packages/
WSGIScriptAlias /sync1.5 /usr/local/lib/sync-1.5/syncserver/syncserver.wsgi <Directory "/usr/local/lib/sync-1.5"> Require all granted
</Directory>
And this is more or less what I have, but no luck.
Allow me to retrace my steps from the beginning. Not the whole thing, but first things first, one step at a time.
I switched SELinux to permissive mode. I figured I would deal with eventual alerts once everything is up and running.
I installed dependencies: make, gcc, gcc-c++, python-devel and python-virtualenv.
Even if this is a sandbox server where I can happily break stuff, I didn't want to build third-party stuff as root on my machine, so I created a special user.
Here's what I did, step by step. The user is called 'syncserver', its home directory is /opt/syncserver, which also happens to be the downloaded source from Github. As to the stuff from /etc/skel, that's my custom .bashrc and other things I usually add to a new user profile, with a custom PS1 and my custom command aliases.
# useradd -c "Firefox Sync" -d /opt/syncserver syncserver # passwd syncserver # cd opt # rm -rf syncserver # git clone https://github.com/mozilla-services/syncserver # cp -v /etc/skel/.bash* syncserver/ « /etc/skel/.bash_logout » -> « syncserver/.bash_logout » « /etc/skel/.bash_profile » -> « syncserver/.bash_profile » « /etc/skel/.bashrc » -> « syncserver/.bashrc » # chown -R syncserver:syncserver syncserver/ # find syncserver/ -type d -exec chmod 0775 {} ; # find syncserver/ -type f -exec chmod 0664 {} ; # chmod 0750 syncserver/
Note: I figured if a process like 'apache' has to access this stuff later, I can always add the corresponding system user to the 'syncserver' group with a 'usermod -a -G syncserver apache'. Not 100 % sure about that though.
Then I opened a new session as user 'syncserver' and built everything.
$ make build (2 minutes)
I ran the tests:
$ make test (10 minutes, everything OK)
For a first test, I edited /opt/syncserver/syncserver.ini. I wanted to keep the default configuration as much as possible, so I provided my server's IP address for 'host' and 'public_url'.
--8<----------------------------------------------------------- [server:main] use = egg:gunicorn host = 163.172.220.174 port = 5000 workers = 1 timeout = 30
[app:main] use = egg:syncserver
[syncserver] # This must be edited to point to the public URL of your server, # i.e. the URL as seen by Firefox. public_url = http://163.172.220.174:5000/ --8<-----------------------------------------------------------
I tested this on two sandbox client desktops I have in my office. I opened about:config, edited identity.sync.tokenserver.uri and provided my custom sync server:
http://163.172.220.174:5000/token/1.0/sync/1.5
I connected Firefox Sync on both clients, and bookmarks synchronized nicely, with a little lag, but everything seemed to run fine.
Any comments so far? As far as I can see, you created a /usr/local/lib/sync-1.5/ directory and built this stuff there. As root or as a different user? Any custom permissions there? Unfortunately the documentation doesn't say anything about permissions.
Cheers & more later,
Niki