Passbolt
#
Prerequisites
#
# Create directory & change permissions
mkdir -p passbolt_gpg && chown -R 33:33 passbolt_gpg
# Create environment file for passwords
vi .env
# Define passwords
MARIADB_ROOT_PASSWORD=password
MARIADB_USER_PASSWORD=passoword
Docker Compose
#
Without Mail
#
- This version defines the credentials for the mail server via the GUI
version: '3.4'
services:
mariadb:
image: mariadb:latest
environment:
- MYSQL_DATABASE=passbolt
- MYSQL_USER=passbolt
- MYSQL_PASSWORD=${MARIADB_USER_PASSWORD}
- MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
volumes:
- ./mariadb_data:/var/lib/mysql
restart: unless-stopped
passbolt:
image: passbolt/passbolt:latest-ce
tty: true
depends_on:
- mariadb
environment:
- DATASOURCES_DEFAULT_HOST=mariadb
- DATASOURCES_DEFAULT_USERNAME=passbolt
- DATASOURCES_DEFAULT_PASSWORD=${MARIADB_USER_PASSWORD}
- DATASOURCES_DEFAULT_DATABASE=passbolt
- DATASOURCES_DEFAULT_PORT=3306
- DATASOURCES_QUOTE_IDENTIFIER=true
- APP_FULL_BASE_URL=https://passbolt.yourdomain.com
volumes:
- ./passbolt_gpg:/etc/passbolt/gpg
- ./passbolt_web:/usr/share/php/passbolt/webroot/img/public
command: ["/usr/bin/wait-for.sh", "-t", "0", "mariadb:3306", "--", "/docker-entrypoint.sh"]
ports:
- 17880:80
restart: unless-stopped
With Mail
#
- This version defines the credentials for the mail server in the Docker Compose file
version: '3.4'
services:
mariadb:
image: mariadb:latest
environment:
- MYSQL_DATABASE=passbolt
- MYSQL_USER=passbolt
- MYSQL_PASSWORD=${MARIADB_USER_PASSWORD}
- MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
volumes:
- ./mariadb_data:/var/lib/mysql
restart: unless-stopped
passbolt:
image: passbolt/passbolt:latest-ce
tty: true
depends_on:
- mariadb
environment:
- DATASOURCES_DEFAULT_HOST=mariadb
- DATASOURCES_DEFAULT_USERNAME=passbolt
- DATASOURCES_DEFAULT_PASSWORD=${MARIADB_USER_PASSWORD}
- DATASOURCES_DEFAULT_DATABASE=passbolt
- DATASOURCES_DEFAULT_PORT=3306
- DATASOURCES_QUOTE_IDENTIFIER=true
- APP_FULL_BASE_URL=https://passbolt.yourdomain.com
- EMAIL_DEFAULT_FROM= # Define From Address
- EMAIL_TRANSPORT_DEFAULT_HOST= mail.yourdomain.com # Define Mailserver
- EMAIL_TRANSPORT_DEFAULT_PORT=587
- EMAIL_TRANSPORT_DEFAULT_USERNAME= # Define Mailserver Login
- EMAIL_TRANSPORT_DEFAULT_PASSWORD= # Define Mailserver Login PW
- EMAIL_TRANSPORT_DEFAULT_TLS=true
#- PASSBOLT_KEY_EMAIL=
volumes:
- ./passbolt_gpg:/etc/passbolt/gpg
- ./passbolt_web:/usr/share/php/passbolt/webroot/img/public
command: ["/usr/bin/wait-for.sh", "-t", "0", "mariadb:3306", "--", "/docker-entrypoint.sh"]
ports:
- 17880:80
restart: unless-stopped
# Test SMTP connection / send test mail
docker compose exec passbolt su -m -c "bin/cake passbolt send_test_email --recipient=juergen.klug@yourdomain.com"
Start Docker Stack
#
# Create / start container
docker compose up -d
Nginx Reverse Proxy
#
# Install Nginx
sudo apt install nginx
# Copy config file
sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/passbolt.yourdomain.com
# Open config file
sudo vi /etc/nginx/sites-available/passbolt.yourdomain.com
# Nginx config
server {
listen 443 ssl;
server_name passbolt.yourdomain.com;
ssl_certificate /etc/certs/fullchain1.pem;
ssl_certificate_key /etc/certs/privkey1.pem;
location / {
proxy_pass http://127.0.0.1:17880/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Create link to sites-enabled directory
sudo ln -s /etc/nginx/sites-available/passbolt.yourdomain.com /etc/nginx/sites-enabled/
# Remove default site from sites-enabled directory
rm /etc/nginx/sites-enabled/default
# Restart Nginx
sudo systemctl restart nginx