Private Relay provides generated email addresses to use in place of personal email addresses.
Recipients will still receive emails, but Private Relay keeps their personal email address from being harvested, and then bought, sold, traded, or combined with other data to personally identify, track, and/or target them.
- python 3.7 (suggest using virtualenv)
- SES if you want to send real emails
-
Clone and change to the directory:
git clone https://github.com/mozilla/fx-private-relay.git cd fx-private-relay
-
Create and activate a virtual environment:
virtualenv env source env/bin/activate
-
Install requirements:
pip install -r requirements.txt
-
Copy
.env
file fordecouple
config:cp .env-dist .env
-
Add a
SECRET_KEY
value to.env
:SECRET_KEY=secret-key-should-be-different-for-every-install
-
Migrate DB:
python manage.py migrate
-
Create superuser:
python manage.py createsuperuser
-
Run it:
python manage.py runserver
Next you'll need to enable Firefox Accounts auth ...
To enable Firefox Accounts authentication on your local server, you can use the "private-relay (local)" OAuth app on oauth-stable.dev.lcip.org.
To do so:
-
Set
ADMIN_ENABLED=True
in your.env
file -
Change
example.com
to127.0.0.1:8000
and click Save. -
Go to the django-allauth social app admin page, sign in with the superuser account you created above, and add a social app for Firefox Accounts:
- Provider: Firefox Accounts
- Name: oauth-stable.dev.lcip.org
- Client id: 7477974d5019bdaf
- Secret key: ping groovecoder for this
- Sites: 127.0.0.1:8000 -> Chosen sites
Now you can sign into http://127.0.0.1:8000/ with an FxA. Remember: you'll need to use an account on oauth-stable.dev.lcip.org, not the production accounts.firefox.com.
TODO
The add-on adds Firefox UI to generate and auto-fill email addresses. You may
want to build the add-on so that it communicates with your 127.0.0.1:8000
server instead of the production relay.firefox.com
server:
-
In the
extension/
directory, runnpm install
and thennpm run build
-
Use
about:debugging
to install the resultingstatic/downloads/addon/latest/private_relay.zip
file.- Note: A link to the
.zip
is also available at http://127.0.0.1:8000/accounts/profile/
- Note: A link to the
In addition to the requirements for dev, production environments should use:
- PostgreSQL-compatible DB
Production environments should also set some additional environment variables:
DATABASE_URL=postgresql://<username>:<password>@<host>:<port>/<database>
DJANGO_SECURE_HSTS_SECONDS=15768000
DJANGO_SECURE_SSL_REDIRECT=True