This is how I run my local passbolt instance.
First, create the directory. I use /opt/passbolt. Run all the following commands and place all the following files in that directory!
First, initialize the folders with the correct permissions:
mkdir -p passbolt_gpg chown -R 33:33 passbolt_gpg
Now create a .env file with random passwords (I recommend using pwgen 30):
MARIADB_ROOT_PASSWORD=meiJieseingi4dutiareimoh2Aiv5j MARIADB_USER_PASSWORD=ohre3ye1oNexeShiuChaengahzuemo
Now place your docker-compose.yml:
version: '3.4'
services:
mariadb:
image: mariadb:latest
environment:
- MYSQL_DATABASE=passbolt
- MYSQL_USER=passbolt
- MYSQL_PASSWORD=${MARIADB_USER_PASSWORD}
- MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
volumes:
- ./mariadb_data:/var/lib/mysql
passbolt:
image: passbolt/passbolt:latest-ce
tty: true
depends_on:
- mariadb
environment:
- DATASOURCES_DEFAULT_HOST=mariadb
- DATASOURCES_DEFAULT_USERNAME=passbolt
- DATASOURCES_DEFAULT_PASSWORD=${MARIADB_USER_PASSWORD}
- DATASOURCES_DEFAULT_DATABASE=passbolt
- DATASOURCES_DEFAULT_PORT=3306
- DATASOURCES_QUOTE_IDENTIFIER=true
- APP_FULL_BASE_URL=https://passbolt.mydomain.com
- [email protected]
- EMAIL_TRANSPORT_DEFAULT_HOST=smtp.mydomain.com
- EMAIL_TRANSPORT_DEFAULT_PORT=587
- [email protected]
- EMAIL_TRANSPORT_DEFAULT_PASSWORD=yei5QueiNa5ahF0Aice8Na0aphoyoh
- EMAIL_TRANSPORT_DEFAULT_TLS=true
- [email protected]
volumes:
- ./passbolt_gpg:/etc/passbolt/gpg
- ./passbolt_web:/usr/share/php/passbolt/webroot/img/public
command: ["/usr/bin/wait-for.sh", "-t", "0", "mariadb:3306", "--", "/docker-entrypoint.sh"]
ports:
- 17880:80
Be sure to replace all the email addresses, domain names and SMTP credentials by the values appropriate for your setup.
Now startup passbolt for the first time, it will initialize the database:
docker-compose up
You need to keep passbolt running during the following steps.
First, we’ll send a test email:
docker-compose exec passbolt su -m -c "bin/cake passbolt send_test_email"
If you see
The message has been successfully sent!
then your SMTP config is correct. Otherwise, debug the error message, and, if neccessary, modify the EMAIL_… environment variables in docker-compose.yml and restart passbolt afterwards.
Now we’ll create an admin user:
docker-compose exec passbolt su -m -c "bin/cake passbolt register_user -u [email protected] -f John -l Doe -r admin" -s /bin/sh www-data
If you want to create a normal (non-admin) user, use user instead of admin:
docker-compose exec passbolt su -m -c "bin/cake passbolt register_user -u [email protected] -f Jane -l Doe -r user" -s /bin/sh www-data
After that, the only thing left to do is to create a systemd service to autostart your passbolt service:
curl -fsSL https://techoverflow.net/scripts/create-docker-compose-service.sh | sudo bash /dev/stdin
Passbolt is now running on port 17880 (you can configure this using docker-compose.yml). Just configure your reverse proxy appropriately to point to this port.