From MozillaWiki
< Labs‎ | Weave
Jump to: navigation, search

It is strongly recommended that you use the [Weave Minimal Server] rather than a full install.

Setting up the User API

Pre-Setup Considerations

It is strongly recommended that the Weave Server be set up under https, or behind a firewall with an https proxy in front of it. It uses standard http auth, which will send the password in the clear unless done over https.

The Weave Server requires PHP with PDO and JSON support installed. This should be the case if you are running PHP 5.1+. PDO will need drivers for whatever storage and authentications engines are used.

WebDav must not be enabled for this server - it intercepts some of the http packets and syncing will fail.

Setting up the Server

1) You can get the latest server from

2) Edit your apache conf files to add the following:

Alias /1.0 <full path to weave directory>/server-sync/1.1/index.php
Alias /1.1 <full path to weave directory>/server-sync/1.1/index.php

3) Copy 1.1/default_constants.php.dist to 1.1/default_constants.php and edit it as described below. If you have mutiple hostnames, you can put override constant files into {HOST_NAME}_constants.php

Setting up Weave Authentication

In default_constants.php at the beginning (e.g. directly after the license-block)

define('WEAVE_AUTH_ENGINE', '[mysql|none]');

so for example

define('WEAVE_AUTH_ENGINE', 'mysql');

For more information on the auth store, see the user setup


define('WEAVE_MYSQL_AUTH_HOST', '<db host>');
define('WEAVE_MYSQL_AUTH_DB', '<db name>');
define('WEAVE_MYSQL_AUTH_USER', '<db username>');
define('WEAVE_MYSQL_AUTH_PASS', '<db password>');

Setting up Weave Storage

define('WEAVE_STORAGE_ENGINE', 'mysql');


Create the mysql database. Add the following tables:

CREATE TABLE `collections` (
  `userid` int(11) NOT NULL,
  `collectionid` smallint(6) NOT NULL,
  `name` varchar(32) NOT NULL,
  PRIMARY KEY  (`userid`,`collectionid`),
  KEY `nameindex` (`userid`,`name`)

  `username` int(11) NOT NULL,
  `collection` smallint(6) NOT NULL default '0',
  `id` varbinary(64) NOT NULL default '',
  `parentid` varbinary(64) default NULL,
  `predecessorid` varbinary(64) default NULL,
  `sortindex` int(11) default NULL,
  `modified` bigint(20) default NULL,
  `payload` longtext,
  `payload_size` int(11) default NULL,
  `ttl` int(11) default '2100000000',
  PRIMARY KEY  (`username`,`collection`,`id`),
  KEY `parentindex` (`username`,`collection`,`parentid`),
  KEY `modified` (`username`,`collection`,`modified`),
  KEY `weightindex` (`username`,`collection`,`sortindex`),
  KEY `predecessorindex` (`username`,`collection`,`predecessorid`),
  KEY `size_index` (`username`,`payload_size`)

Edit your constant file:

define('WEAVE_MYSQL_STORE_READ_HOST', '<db host>');
define('WEAVE_MYSQL_STORE_READ_DB', '<db name>');
define('WEAVE_MYSQL_STORE_READ_USER', '<db username>');
define('WEAVE_MYSQL_STORE_READ_PASS', '<db password>');


Other Constants

define('WEAVE_PAYLOAD_MAX_SIZE', '<bytes>');

Caps the size (in bytes - watch out for large unicode characters!) of a payload.

Sample virtual host config

Sample Virtual host config for a server having SSL. For debian placed in /etc/apache2/sites-enabled/, weave server directory located at /var/www/weaveserver-sync.


DocumentRoot /var/www/weaveserver-sync/

ErrorLog /var/log/apache2/weaveserver-error.log
CustomLog /var/log/apache2/weaveserver-access.log combined

SSLENgine on
SSLCertificateKeyFile /path/to/server.cert.key
SSLCertificateFile /path/to/server.cert.crt

<Directory "/var/www/weaveserver-sync/">

Options Indexes FollowSymLinks
AllowOverride none
Order allow,deny
Allow from all

Alias /1.0 /var/www/weaveserver-sync/1.1/index.php
Alias /1.1 /var/www/weaveserver-sync/1.1/index.php


In your weave-clients only enter as server location.

Some hints:

  • if you have a self-signed certificate for SSL (or it is not valid because of any other reason) you have to visit your server once manually and accept the certificate permanently

Editing the Client

Select "Use a custom server" from the sync menu and point it to the root of the API