brave go-sync server

brave go-sync server

Brave go-sync server v2 aims to make a wire compatible server side protocol which understands components/sync/protocol/sync.proto used by the official Google sync service.

Updated the dynamoDockerfile

Now it:

Uses amazon correto

FROM arm64v8/amazoncorretto:11

Its a single stage build

Downloads and extracts the dynamodb

Downloads extracts and install the aws CLI and updates the db with it

Differences from chromium sync

Enforce client side encryption

Doesn’t require sign-in to use sync (Uses “Sync Chain” concept)

Uses a Brave-operated sync server so no data is sent to Google servers

Authentication

A “Sync Chain” is configured using a 32-byte random seed generated by the initial client. Then the seed is encoded using BIP39. If another client wants to join the sync chain, they can enter the BIP39 key phrase from the initial client by entering the words manually or scanning a QR code.


  • Server code is at Github repo
  • run git clone https://github.com/brave/go-sync
  • update the dynamoDockerfile , Dockerfile and docker-compose.yml from this post
  • Build and tag go-sync-dynamo-local:latest and go-sync-app:latest

docker build -t go-sync-dynamo-local:latest -f dynamo.Dockerfile .

And

docker build -t go-sync-app:latest -f Dockerfile .

Run docker compose up -d

dynamo.Dockerfile

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
FROM arm64v8/amazoncorretto:11

WORKDIR /app

# Install dependencies
RUN yum install -y \
    shadow-utils \
    curl \
    unzip \
    python3 \
    python3-pip \
    tar \
    gzip && \
    yum clean all

# Download and extract DynamoDB Local
RUN curl -sL https://s3.us-west-2.amazonaws.com/dynamodb-local/dynamodb_local_latest.tar.gz -o dynamodb.tar.gz && \
    mkdir /app/dynamodb && \
    tar -xzf dynamodb.tar.gz -C /app/dynamodb && \
    rm dynamodb.tar.gz

# Move DynamoDBLocal.jar and lib folder to /app
RUN mv /app/dynamodb/DynamoDBLocal.jar /app/ && \
    mv /app/dynamodb/DynamoDBLocal_lib /app/ && \
    rm -rf /app/dynamodb

# Install AWS CLI
RUN curl -sL "https://awscli.amazonaws.com/awscli-exe-linux-$(uname -m).zip" -o "awscliv2.zip" && \
    unzip -q awscliv2.zip && \
    ./aws/install && \
    rm -rf awscliv2.zip aws

# Environment
ENV AWS_ACCESS_KEY_ID=GOSYNC
ENV AWS_SECRET_ACCESS_KEY=GOSYNC
ENV AWS_ENDPOINT=http://localhost:8000
ENV AWS_REGION=us-west-2
ENV TABLE_NAME=client-entity-dev
ENV PATH="/usr/local/bin:$PATH"

# Copy schema
COPY schema/dynamodb/ /app
RUN mkdir -p /app/db

# Schema setup during build using correct java command
RUN java -Djava.library.path=./DynamoDBLocal_lib \
         -cp DynamoDBLocal.jar:./DynamoDBLocal_lib/* \
         com.amazonaws.services.dynamodbv2.local.main.ServerRunner \
         -sharedDb -inMemory & \
    DYNAMO_PID=$! && \
    echo "Waiting for DynamoDB Local to start..." && \
    sleep 10 && \
    echo "Creating table..." && \
    aws dynamodb create-table --cli-input-json file:///app/table.json \
      --endpoint-url $AWS_ENDPOINT --region $AWS_REGION && \
    echo "Enabling TTL..." && \
    aws dynamodb update-time-to-live --table-name $TABLE_NAME \
      --time-to-live-specification "Enabled=true, AttributeName=ExpirationTime" \
      --endpoint-url $AWS_ENDPOINT --region $AWS_REGION && \
    kill $DYNAMO_PID

# Optional healthcheck
HEALTHCHECK --interval=5s --timeout=3s --retries=3 \
  CMD curl -f http://localhost:8000 || exit 1

WORKDIR /app

# Final CMD — run DynamoDB Local correctly
CMD ["sh", "-c", "\
  java -Djava.library.path=./DynamoDBLocal_lib \
       -cp DynamoDBLocal.jar:./DynamoDBLocal_lib/* \
       com.amazonaws.services.dynamodbv2.local.main.ServerRunner \
       -sharedDb -dbPath /app/db"]

Dockerfile

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
FROM public.ecr.aws/docker/library/golang:1.22 as builder

ARG VERSION
ARG BUILD_TIME
ARG COMMIT

WORKDIR /src
COPY go.mod go.sum ./
RUN go mod download
COPY . .

RUN CGO_ENABLED=0 GOOS=linux go build \
    -ldflags "-X github.com/brave/go-sync/server.version=${VERSION} -X github.com/brave/go-sync/server.buildTime=${BUILD_TIME} -X github.com/brave/go-sync/server.commit=${COMMIT}" \
    -o main .

FROM alpine:3.19 as artifact
RUN apk add --update ca-certificates # Certificates for SSL
COPY --from=builder /src/main main

EXPOSE 8295

CMD ["./main"]

docker-compose.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
---
version: '3.4'

networks:
  sync:
    driver: bridge

volumes:
  dynamo_data:

services:
  dev:
    image: go-sync-app:latest  # Use prebuilt app image instead of building
    depends_on:
      - dynamo-local
      - redis
    networks:
      - sync
    environment:
      - PPROF_ENABLED=true
      - SENTRY_DSN
      - ENV=local
      - DEBUG=1
      - AWS_ACCESS_KEY_ID=GOSYNC
      - AWS_SECRET_ACCESS_KEY=GOSYNC
      - AWS_REGION=us-west-2
      - AWS_ENDPOINT=http://dynamo-local:8000
      - REDIS_URL=redis:6379

  web:
    image: go-sync-app:latest  # Use prebuilt app image instead of building
    ports:
      - "8295:8295"
    depends_on:
      - dynamo-local
      - redis
    networks:
      - sync
    environment:
      - PPROF_ENABLED=true
      - SENTRY_DSN
      - ENV=local
      - DEBUG=1
      - AWS_ACCESS_KEY_ID=GOSYNC
      - AWS_SECRET_ACCESS_KEY=GOSYNC
      - AWS_REGION=us-west-2
      - AWS_ENDPOINT=http://dynamo-local:8000
      - TABLE_NAME=client-entity-dev
      - REDIS_URL=redis:6379

  dynamo-local:
    image: go-sync-dynamo-local:latest # Use prebuilt app image instead of building
    ports:
      - "8000:8000"
    networks:
      - sync
    environment:
      - PPROF_ENABLED=true
      - SENTRY_DSN
      - ENV=local
      - DEBUG=1
      - AWS_ACCESS_KEY_ID=GOSYNC
      - AWS_SECRET_ACCESS_KEY=GOSYNC
      - AWS_REGION=us-west-2
      
    volumes:
      - dynamo_data:/app/db
  #    - ./schema/dynamodb:/app

  redis:
    image: public.ecr.aws/docker/library/redis:6.2
    ports:
      - "6379:6379"
    environment:
      - ALLOW_EMPTY_PASSWORD=yes
    networks:
      - sync

Tips & Tricks

Dynamodb image for ARM

dynamo.Dockerfile now uses FROM arm64v8/amazoncorretto:11

How to select the selfhosted sync server

Follow the “Run Chromium with command-line switches” how to in the chromium wiki guide

For android Enable “command line on non-rooted devices” in brave://flags, then create the file /data/local/tmp/chrome-command-line over adb.

adb shell

Then

echo -e "_\n--sync-url=http://192.168.1.24:8295/v2" > /data/local/tmp/chrome-command-line

When doing that, mind that the first command-line item should be a “_” (underscore) followed by the ones you actually need.The “/v2” should follow your URL path. Finally, manually restart Brave

Verify sync status

Visit brave://sync-internals

Warning message

Brave displays a warning message on every mew tab for some seconds agter enabling the command line feature flag saying it is unsupported. You can ignore it . Havent find a way to disable it

comments powered by Disqus