docs: content from archived repos (#2075)

docs: content from archived repos

Author: taddes

docs/src/SUMMARY.md

@@ -6,8 +6,12 @@
 # Summary
 
 - [Introduction](introduction.md)
-- [Application Configuration](config.md)
 - [Application Architecture](architecture.md)
+- [Application Configuration](config.md)
+- [Testing](testing.md)
+- [Release Process](release-process.md)
+- [Frequently Asked Questions](faq.md)
+- [Data Types](data-types.md)
 - [OpenAPI Documentation](open-api-docs.md)
 - [Syncstorage API](syncstorage/api.md)
     - [API v1.5](syncstorage/api-1.5.md)

docs/src/config.md

@@ -47,6 +47,7 @@ The following configuration options are available.
 | <span id="SYNC_CORS_ALLOWED_ORIGIN"></span>SYNC_CORS_ALLOWED_ORIGIN | * | Allowed origins for CORS requests |
 | <span id="SYNC_CORS_MAX_AGE"></span>SYNC_CORS_MAX_AGE | 1728000 | CORS preflight cache seconds (20 days) |
 | <span id="SYNC_CORS_ALLOWED_METHODS"></span>SYNC_CORS_ALLOWED_METHODS | ["DELETE", "GET", "POST", "PUT"] | Allowed methods |
+| <span id="SYNC_CORS_ALLOWED_HEADERS"></span>SYNC_CORS_ALLOWED_HEADERS | See source | Allowed headers for CORS requests |
 
 ### Syncstorage Database
 
@@ -81,6 +82,8 @@ The following configuration options are available.
 | <span id="SYNC_SYNCSTORAGE__ENABLE_QUOTA"></span>SYNC_SYNCSTORAGE__ENABLE_QUOTA | false | Enable quota tracking (Spanner only) |
 | <span id="SYNC_SYNCSTORAGE__ENFORCE_QUOTA"></span>SYNC_SYNCSTORAGE__ENFORCE_QUOTA | false | Enforce quota limits (Spanner only) |
 | <span id="SYNC_SYNCSTORAGE__GLEAN_ENABLED"></span>SYNC_SYNCSTORAGE__GLEAN_ENABLED | true | Enable Glean telemetry |
+| <span id="SYNC_SYNCSTORAGE__LBHEARTBEAT_TTL"></span>SYNC_SYNCSTORAGE__LBHEARTBEAT_TTL | None | Load balancer heartbeat period in seconds |
+| <span id="SYNC_SYNCSTORAGE__LBHEARTBEAT_TTL_JITTER"></span>SYNC_SYNCSTORAGE__LBHEARTBEAT_TTL_JITTER | 25 | Jitter percentage for the load balancer heartbeat period |
 | <span id="SYNC_SYNCSTORAGE__STATSD_LABEL"></span>SYNC_SYNCSTORAGE__STATSD_LABEL | syncstorage | StatsD metrics label prefix |
 
 ### Tokenserver Database
@@ -100,6 +103,7 @@ The following configuration options are available.
 | <span id="SYNC_TOKENSERVER__ENABLED"></span>SYNC_TOKENSERVER__ENABLED | false | Enable tokenserver service |
 | <span id="SYNC_TOKENSERVER__RUN_MIGRATIONS"></span>SYNC_TOKENSERVER__RUN_MIGRATIONS | false | Run DB migrations on startup |
 | <span id="SYNC_TOKENSERVER__NODE_TYPE"></span>SYNC_TOKENSERVER__NODE_TYPE | spanner | Storage backend type reported in token response for telemetry. Valid values: "mysql", "postgres", "spanner" |
+| <span id="SYNC_TOKENSERVER__STATSD_LABEL"></span>SYNC_TOKENSERVER__STATSD_LABEL | syncstorage.tokenserver | StatsD metrics label prefix |
 | <span id="SYNC_TOKENSERVER__TOKEN_DURATION"></span>SYNC_TOKENSERVER__TOKEN_DURATION | 3600 | Token TTL (1 hour) |
 
 ### Tokenserver+FxA Integration
@@ -110,6 +114,7 @@ The following configuration options are available.
 | <span id="SYNC_TOKENSERVER__FXA_OAUTH_SERVER_URL"></span>SYNC_TOKENSERVER__FXA_OAUTH_SERVER_URL | https://oauth.stage.mozaws.net | FxA OAuth server URL |
 | <span id="SYNC_TOKENSERVER__FXA_OAUTH_REQUEST_TIMEOUT"></span>SYNC_TOKENSERVER__FXA_OAUTH_REQUEST_TIMEOUT | 10 | OAuth request timeout in seconds |
 | <span id="SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET"></span>SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET | secret | Secret for hashing metrics to maintain anonymity |
+| <span id="SYNC_TOKENSERVER__ADDITIONAL_BLOCKING_THREADS_FOR_FXA_REQUESTS"></span>SYNC_TOKENSERVER__ADDITIONAL_BLOCKING_THREADS_FOR_FXA_REQUESTS | 1 | Number of additional blocking threads to add to the threadpool for OAuth verification requests to FxA |
 | <span id="SYNC_TOKENSERVER__FXA_OAUTH_PRIMARY_JWK__KTY"></span>SYNC_TOKENSERVER__FXA_OAUTH_PRIMARY_JWK__KTY | None | Primary JWK key type (e.g., "RSA") |
 | <span id="SYNC_TOKENSERVER__FXA_OAUTH_PRIMARY_JWK__ALG"></span>SYNC_TOKENSERVER__FXA_OAUTH_PRIMARY_JWK__ALG | None | Primary JWK algorithm (e.g., "RS256") |
 | <span id="SYNC_TOKENSERVER__FXA_OAUTH_PRIMARY_JWK__KID"></span>SYNC_TOKENSERVER__FXA_OAUTH_PRIMARY_JWK__KID | None | Primary JWK key ID |

docs/src/data-types.md

@@ -0,0 +1,77 @@
+# Firefox Sync data types
+
+The following are important details around each syncing data type.
+
+Users can configure which Firefox data types are synced across all connected Firefoxes. On desktop, this is found on `about:preferences#sync`; on mobile this is found in `Sync Settings` under the application menu. Mobile Firefox currently only shows data types that are supported on that platform. Any changes to selected data types on any platform are applied at the account level: they will take effect on all clients connected by that account.
+
+## Bookmarks
+
+- All bookmarks are synced; users cannot specify bookmarks to include or exclude.
+- Bookmarks are merged when synced, so that the result is all bookmarks from all connected devices.
+- We do not identify the device that a bookmark came from. However, on mobile you will see a "Desktop Bookmarks" folder, and on desktop you will see a "Mobile bookmarks" folder that the respective platforms use by default.
+- There is a record per bookmark in sync storage.
+
+## History
+
+- We sync the most recent 5,000 history entries.
+- History is merged when synced, so that the result is the most recent history from all connected devices.
+- There is a record per history entry in sync storage.
+
+## Open tabs
+
+- The ability to use the Send Tab feature does not require the user to be syncing tabs.
+- The ability to remotely close tabs does require the user to be syncing tabs.
+- Unlike other synced data, tabs are synced with an associated client/device identifier; they are not merged.
+- Tabs were changed with MR 2022 to sync every 5s after a tab change.
+- Synced tab data is a subset of the local tab data. We do not sync:
+  - Tabs with any URLs matching these schemes. This includes reader view tabs.
+  - Any tabs in private windows (which is an intentional decision).
+  - The back/forward stack (i.e. the "back" and "forward" buttons are disabled when opening a remote tab).
+  - Window groupings. If you have multiple windows open, each with its own tabs, all your tabs will be flattened into a single list in the Synced Tabs views.
+  - Whether the tab is pinned or not. We sync pinned tabs, but other devices see them as regular tabs, and they aren't sorted in any particular order.
+  - Top sites from the New Tab page. Pinned top sites are synced completely separately, as part of preferences sync. Frequently visited top sites that aren't pinned rely on the frecency from history, which sometimes will mean they become top sites after history syncs. Manual pinning of top sites are not synced.
+  - Additional page state. Cookies, local storage, scroll position, and any text entered in form fields on the page are never synced.
+- There is a record per device with tabs in sync storage.
+
+## Logins & passwords (AKA. Logins)
+
+- Logins & passwords are merged when synced, so that the result is all logins & passwords from all connected devices.
+- There is a record per login & password entry in sync storage.
+
+## Addresses
+
+- Addresses are only enabled for specific countries/geos.
+- Addresses are behind a feature flag on Android.
+- There is a record per address entry in sync storage.
+
+## Payment methods (Credit Cards)
+
+- Payment methods are merged when synced, so that the result is all payment methods from all connected devices.
+- There is a record per payment method (credit card) in sync storage.
+
+## Add-ons
+
+- Add-ons automatically (for now) sync between desktop clients only.
+- Add-ons categorically include web extensions, themes, and language packs, but language packs do not sync.
+- Themes do sync, but can be adversely affected by Settings sync (see below).
+- Web extensions syncing automatically means that installation/removal or enabling/disabling of an extension from one connected device will result in that same action occurring on the other connected device.
+- Web extensions syncing does not imply that the extensions share data; extension's ability to share data is based on the extension developer using the web extensions `storage.sync` API.
+- Extensions on any platform cannot use synced storage (i.e. the `storage.sync` API) unless the user has checked the "Add-ons" option in Sync settings/Choose What To Sync.
+- There is a record per add-on in sync storage.
+
+## Settings (Prefs)
+
+- Prefs are not merged when synced. They synced as an entire set, and the latest write wins.
+- Settings sync between desktop clients only; there is no mobile analogue for desktop preferences, so no mapping exists.
+- By "settings" we mean: a grab-bag of things from `about:config` (specifically, anything of the form `services.sync.prefs.sync.*`).
+- All of the syncable prefs are synced: users cannot currently choose to sync only a subset of these prefs.
+  - Advanced/Adventuresome users can include/exclude certain preferences (see documentation for details).
+
+## Other data
+
+There are four other collections of data that sync. These are special, and they continue syncing even if you uncheck all displayed data types in the Choose What To Sync dialog.
+
+- **clients**: A list of clients, used in reconciling the list of clients received from Accounts.
+- **meta**: A list of data that allows the client to coordinate syncing (engines declined, syncID, storageVersion, etc).
+- **crypto**: Cryptographic keys and data for encryption/decryption.
+- **keys**: Key management data for sync encryption.

docs/src/faq.md

@@ -0,0 +1,84 @@
+# Frequently Asked Questions
+
+## What is Sync?
+
+Sync is a system of both a backend and client engines that are responsible for the syncing of client data to the storage server.
+
+## When do things sync?
+
+Engines do a full sync on a regular period (except for Tabs, see below):
+
+- **iOS**: Every 15 minutes
+- **Fenix**: Every 4 hours (after an initial delay)
+- **Desktop**:
+  - Initial delay:
+    - Wake from sleep: 2s after wake
+    - After startup: 5 minutes
+  - The period varies depending on state:
+    - Idle: 1 hour
+    - Active: 10 minutes
+    - After recently syncing something: 1.5 minutes (if we've synced something new, we temporarily change the sync delay from 10min → 1.5min until we don't have anything left to sync)
+
+**Tabs** were changed with MR 2022 to sync every 5s after a tab change. This is sometimes called "quick writing."
+
+## In what order do things sync?
+
+The order of the engines is determined per-platform.
+
+- **Desktop**: engines, prefs, passwords, tabs, bookmarks, addons, form autofill, forms, history, extension storage
+- **Mobile**: Matches desktop, ignoring engines and prefs as they aren't analogous
+
+However, clients can override this.
+
+## What happens when I click on "Sync Now" in Firefox?
+
+A "Sync Now" button or link in the UI on device A only initiates syncing for that same device A – it does not force all of your connected devices to sync. This is still true when "Sync now" is a contextual option (such as the Firefox sidebar) – clicking on what appears to be "Sync now" for a connected mobile device from desktop actually only initiates syncing of that desktop.
+
+## Does every platform have its own engines?
+
+We use shared components as much as possible to avoid every platform having its own engines.
+
+## Can Mozilla read/inspect/decrypt a user's synced data?
+
+No. Client data is encrypted before it leaves the client; we cannot decrypt this outside of the client, by design. Therefore, the server is extremely limited (e.g. no searching, filtering, fancy queries, etc). If you want to do operations on the data, they have to be done on the client.
+
+## What is the structure of synced data on the storage server?
+
+The structure of the synced data is not the same as the structure of the data in the client. You don't sync entire databases. Synced data is a set of JSON key-value stores with no relationships between them.
+
+- In these key-value stores, the key is a GUID and the value is an encrypted blob of JSON. Each of these stores represents a "collection" (bookmarks, tabs, logins, etc).
+- The JSON blobs are associated with hashed user and key IDs derived from the user's FxA. There are no identifiable relationships of this data apart from the `collection_id` foreign key that identifies what type of data it is.
+- In most cases, each item in a store is its own record (e.g. each bookmark is one record). Tabs is different, as each device's tabs is in a single record.
+- Because the JSON blob is encrypted, the server cannot see the content of any synced data. This means:
+  - No relationships are enforced between collections
+  - No atomic updates are possible across collections, only within a collection
+  - Modeling a relational DB in synced data isn't viable
+
+## Where are the user's Sync settings stored?
+
+The storage server does not store the user's Sync settings, and neither does FxA. When a user sets which types of data to sync, those are sent to the storage server as collections that the indicated user will sync. Subsequent syncs will request to this data as part of the sync process.
+
+## Syncing, step by step
+
+From the client/user perspective:
+
+1. Fetch kSync encryption key and kXCS node assignment token from FxA
+2. Obtain token and storage node endpoint from token server
+3. Fetch (unencrypted) associated collections (`info/collections`) and their last-modified time
+4. Fetch (unencrypted) global metadata (`meta/global`) about syncing – IDs, version numbers, etc
+5. Compare global sync IDs and storage versions to determine if we can sync – or if we need to start over
+6. Fetch encryption and signing keys (`crypto/keys`) for future syncing
+7. Sync the clients engine to download new client records and commands
+8. Process incoming client commands
+9. Determine and update enabled engines
+10. For each enabled engine:
+    - Fetch new records from the server
+    - Decrypt each record and handle decryption errors
+    - Resolve merge conflicts between incoming and changed records from step 10
+    - Insert and update new records into the local store
+    - Ask the tracker for a list of IDs changed since the last sync, and upload these records to the server
+    - If an engine tracks a "backlog", make some progress on that backlog. This is only true for the history engine on desktop
+11. Sync the clients engine to upload outgoing commands
+12. Update `meta/global` on the server
+13. Run validation for synced engines
+14. Schedule next sync