Passbolt¶
The password manager your team was waiting for. Free, open source, self-hosted, extensible, OpenPGP based.
License¶
Passbolt is released under the AGPL-3.0 license.
Prerequisites¶
We’re using PHP in the stable version 7.2. Since new Uberspaces are currently setup with PHP 7.1 by default you need to set this version manually:
[isabell@stardust ~]$ uberspace tools version use php 7.2
Selected PHP version 7.2
The new configuration is adapted immediately. Patch updates will be applied automatically.
[isabell@stardust ~]$
You’ll need your MySQL credentials. Get them with my_print_defaults
:
[isabell@stardust ~]$ my_print_defaults client
--default-character-set=utf8mb4
--user=isabell
--password=MySuperSecretPassword
[isabell@stardust ~]$
Your website domain needs to be set up:
[isabell@stardust ~]$ uberspace web domain list
isabell.uber.space
[isabell@stardust ~]$
Create the database:
[isabell@stardust ~]$ mysql -e "CREATE DATABASE ${USER}_passbolt CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
[isabell@stardust ~]$
Create an email user:
[isabell@stardust ~]$ uberspace mail user add passbolt
Enter a password for the mailbox: (...)
Please confirm your password: (...)
New mailbox created for user: 'passbolt', it will be live in a few minutes...
[isabell@stardust ~]$
Installation¶
To install Passbolt we clone the current version using Git. cd
to your DocumentRoot so the cloned folder will be under your html
.
[isabell@stardust ~]$ cd ~/html/
[isabell@stardust html]$ git clone https://github.com/passbolt/passbolt_api.git .
Cloning into '.'...
(...)
[isabell@stardust ~]$
Configuration¶
Generate an OpenPGP key:
Warning
Do not set a passphrase or an expiration date.
Save your fingerprint and replace SERVER_KEY@EMAIL.TEST
with your email.
[isabell@stardust ~]$ mkdir -p ~/passbolt/config
[isabell@stardust ~]$ gpg --gen-key
[isabell@stardust ~]$ gpg --list-keys --fingerprint
[isabell@stardust ~]$ gpg --armor --export-secret-keys SERVER_KEY@EMAIL.TEST > ~/passbolt/config/serverkey_private.asc
[isabell@stardust ~]$ gpg --armor --export SERVER_KEY@EMAIL.TEST > ~/passbolt/config/serverkey.asc
[isabell@stardust ~]$
Install the dependencies:
[isabell@stardust ~]$ cd ~/html/
[isabell@stardust html]$ wget --output-document=composer.phar https://getcomposer.org/composer-1.phar
[isabell@stardust html]$ php composer.phar install --no-dev
[isabell@stardust html]$ rm composer.phar
[isabell@stardust html]$ cp config/passbolt.default.php config/passbolt.php
[isabell@stardust html]$
- Edit following settings in
config/passbolt.php
: fullBaseUrl
inApp
:https://isabell.uber.space
username
,password
anddatabase
inDatasources
: credentialsport
inEmailTransport
:587
username
andpassword
inEmailTransport
:passbolt@isabell.uber.space
and the passwordfingerprint
inpassbolt - gpg - serverKey
: Insert your gpg fingerprint without spaces (!)public
andprivate
under fingerprint:/home/isabell/passbolt/config/
Finish the installation and fill in your email and name when asked for:
[isabell@stardust html]$ ./bin/cake passbolt install
[isabell@stardust html]$ ./bin/cake passbolt healthcheck
(...)
No error found. Nice one sparky!
[isabell@stardust html]$
Finally, configure a cronjob so mails get sent automatically: Add the following
line to your crontab using the crontab -e
command:
* * * * * /home/$USER/html/bin/cake EmailQueue.sender >> ~/logs/passbolt_mails.log
Updates¶
Note
Check the update feed regularly to stay informed about the newest version.
Check Passbolt’s stable releases for the latest versions. If a newer version is available, you should manually update your installation. The update process varies between patch, minor or major update. You can easily follow the instructions in the Passbolt`s update documentation.
Tested with Passbolt 2.12.0 and Uberspace 7.4
Written by: Thomas Kammerer <https://kammerer.tk/>