/fx-private-relay

Keep your email safe from hackers and trackers. Make an email alias with 1 click, and keep your address to yourself.

Primary LanguagePython

Private Relay

Private Relay provides generated email addresses to use in place of personal email addresses.

Recipients will still receive emails, but Private Relay keeps their personal email address from being harvested, and then bought, sold, traded, or combined with other data to personally identify, track, and/or target them.

Development

Requirements

  • python 3.7 (suggest using virtualenv)
  • Postgres - even if you are using sqlite for development, requirements.txt installs psycopg2 which requires libpq. The following should work:
    • On Ubuntu: sudo apt install postgresql libpq-dev
    • On OSX: brew install postgresql libpq
  • SES if you want to send real emails

Install and Run the Site Locally

  1. Clone and change to the directory:

    git clone https://github.com/mozilla/fx-private-relay.git
    cd fx-private-relay
  2. Create and activate a virtual environment:

    virtualenv env
    source env/bin/activate
  3. Install requirements:

    pip install -r requirements.txt
  4. Copy .env file for decouple config:

    cp .env-dist .env
  5. Add a SECRET_KEY value to .env:

    SECRET_KEY=secret-key-should-be-different-for-every-install
  6. Migrate DB:

    python manage.py migrate
  7. Create superuser:

    python manage.py createsuperuser
  8. Run it:

    python manage.py runserver

Next you'll need to enable Firefox Accounts auth ...

Enable Firefox Accounts Auth

To enable Firefox Accounts authentication on your local server, you can use the "private-relay (local)" OAuth app on oauth-stable.dev.lcip.org.

To do so:

  1. Set ADMIN_ENABLED=True in your .env file

  2. Go to the django admin page to change the default site.

  3. Change example.com to 127.0.0.1:8000 and click Save.

  4. Go to the django-allauth social app admin page, sign in with the superuser account you created above, and add a social app for Firefox Accounts:

    • Provider: Firefox Accounts
    • Name: oauth-stable.dev.lcip.org
    • Client id: 7477974d5019bdaf
    • Secret key: ping groovecoder for this
    • Sites: 127.0.0.1:8000 -> Chosen sites

Now you can sign into http://127.0.0.1:8000/ with an FxA. Remember: you'll need to use an account on oauth-stable.dev.lcip.org, not the production accounts.firefox.com.

Enable SES

TODO

Install and run the add-on locally

The add-on adds Firefox UI to generate and auto-fill email addresses. You may want to build the add-on so that it communicates with your 127.0.0.1:8000 server instead of the production relay.firefox.com server:

  1. In the extension/ directory, run npm install and then npm run build

  2. Use about:debugging to install the resulting static/downloads/addon/latest/private_relay.zip file.

Production Environments

Requirements

In addition to the requirements for dev, production environments should use:

Environment Variables

Production environments should also set some additional environment variables:

DATABASE_URL=postgresql://<username>:<password>@<host>:<port>/<database>
DJANGO_SECURE_HSTS_SECONDS=15768000
DJANGO_SECURE_SSL_REDIRECT=True