Installation of Passbolt, the team password manager

Lao Su OpenAIdownloaded Prompt for developerthe course jointly launched by Wu Enda. The total length is about one and a half hours, which allows us to learn the correct ChatGPT Promptengineering

Although the course dialogue is in English, there are Chinese subtitles, course address: https://www.aliyundrive.com/s/H3CpaapD87Z

---

What is Passbolt?

Passboltis a free and open source password manager designed for collaboration. Using Passbolt, you can securely generate, store, manage and monitor your team credentials. Access all your logins and passwords from multiple browsers and even mobile phones.

Compared with other password management services, Passboltit has the following different characteristics:

• Primarily designed for teams rather than individuals
• free and open source
• respect for privacy
• Based on OpenPGP, a proven encryption standard
• Easy to use for beginners or ITpractitioners
• Based on RESTful API, has good scalability

Official demo site: https://demo.passbolt.com

command line installation

Install it in Docker mode on Synology.

docker-cli install

If you are familiar with the command line, it may be docker clifaster

When this article was written, latest-cethe version corresponds to 3.8.3-2-ce, where ceis Community Editionthe abbreviation of ;

# 新建文件夹 passbolt 和 子目录
mkdir -p /volume2/docker/passbolt/{
    
    data,gpg,jwt}

# 进入 passbolt 目录
cd /volume2/docker/passbolt

# 修改目录权限
chmod 777 {
    
    gpg,jwt}

# 运行 mariadb 容器
docker run -d \
   --restart unless-stopped \
   --name pb-mariadb \
   -v $(pwd)/data:/var/lib/mysql \
   -e MYSQL_RANDOM_ROOT_PASSWORD="true" \
   -e MYSQL_DATABASE="passbolt" \
   -e MYSQL_USER="passbolt" \
   -e MYSQL_PASSWORD="P4ssb0lt" \
   mariadb:10.6

# 运行 passbolt 容器
docker run -d \
   --restart unless-stopped \
   --name pb-passbolt \
   --link pb-mariadb:db \
    -p 7380:80 \
    -p 7343:443 \
    -e DATASOURCES_DEFAULT_HOST="db" \
    -e DATASOURCES_DEFAULT_USERNAME="passbolt" \
    -e DATASOURCES_DEFAULT_PASSWORD="P4ssb0lt" \
    -e DATASOURCES_DEFAULT_DATABASE="passbolt" \
    -e APP_FULL_BASE_URL=http://192.168.0.197:7380 \
    -e PASSBOLT_REGISTRATION_PUBLIC="true" \
    -e EMAIL_DEFAULT_FROM="[email protected]" \
    -e EMAIL_TRANSPORT_DEFAULT_HOST="smtp.88.com" \
    -e EMAIL_TRANSPORT_DEFAULT_PORT="465" \
    -e EMAIL_TRANSPORT_DEFAULT_USERNAME="[email protected]" \
    -e EMAIL_TRANSPORT_DEFAULT_PASSWORD="<第三方邮件客户端密码>" \
    passbolt/passbolt:latest-ce

environment variable

Only the environment variables used by Lao Su are listed here. If you don’t use them, you can go to the documentation on the official website: https://github.com/passbolt/passbolt_docker/blob/master/README.md#environment-variables-reference

• mariadb:10.6

variable	value
MYSQL_RANDOM_ROOT_PASSWORD	rootThe user's password, using a random password
MYSQL_DATABASE	Database library name, set topassbolt
MYSQL_USER	database user, set topassbolt
MYSQL_PASSWORD	passboltThe password corresponding to the database user needs to be changed to your own

• passbolt/passbolt:latest-ce

It needs to be consistent with the setting mariadb:10.6of ;

variable	value
DATASOURCES_DEFAULT_HOST	database host
DATASOURCES_DEFAULT_USERNAME	database user
DATASOURCES_DEFAULT_PASSWORD	passboltThe password corresponding to the database user
DATASOURCES_DEFAULT_DATABASE	database name
APP_FULL_BASE_URL	The hostname of the accessible server, including https://(or http://)
PASSBOLT_REGISTRATION_PUBLIC	Whether to allow users to register themselves
EMAIL_DEFAULT_FROM	Sender email address
EMAIL_TRANSPORT_DEFAULT_HOST	mail server host
EMAIL_TRANSPORT_DEFAULT_PORT	mail server port
EMAIL_TRANSPORT_DEFAULT_USERNAME	mail user
EMAIL_TRANSPORT_DEFAULT_PASSWORD	email password
EMAIL_TRANSPORT_DEFAULT_TLS	Whether to enableTLS

docker-compose install

You can also use docker-composethe installation , save the following content as docker-compose.ymla file

version: '3'

services:
  db:
    image: mariadb:10.6
    container_name: pb-mariadb
    restart: unless-stopped
    environment:
      MYSQL_RANDOM_ROOT_PASSWORD: "true"
      MYSQL_DATABASE: "passbolt"
      MYSQL_USER: "passbolt"
      MYSQL_PASSWORD: "P4ssb0lt"
    volumes:
      - ./data:/var/lib/mysql

  passbolt:
    image: passbolt/passbolt:latest-ce
    container_name: pb-passbolt
    restart: unless-stopped
    depends_on:
      - db
    environment:
      APP_FULL_BASE_URL: http://192.168.0.197:7380
      DATASOURCES_DEFAULT_HOST: "db"
      DATASOURCES_DEFAULT_USERNAME: "passbolt"
      DATASOURCES_DEFAULT_PASSWORD: "P4ssb0lt"
      DATASOURCES_DEFAULT_DATABASE: "passbolt"
      PASSBOLT_REGISTRATION_PUBLIC: "true"
      EMAIL_DEFAULT_FROM: "[email protected]"
      EMAIL_TRANSPORT_DEFAULT_HOST: "smtp.88.com"
      EMAIL_TRANSPORT_DEFAULT_PORT: "25"
      EMAIL_TRANSPORT_DEFAULT_USERNAME: "[email protected]"
      EMAIL_TRANSPORT_DEFAULT_PASSWORD: "<第三方邮件客户端密码>"
      #EMAIL_TRANSPORT_DEFAULT_TLS: "true"
    volumes:
      - ./gpg:/etc/passbolt/gpg
      - ./jwt:/etc/passbolt/jwt
    command: ["/usr/bin/wait-for.sh", "-t", "0", "db:3306", "--", "/docker-entrypoint.sh"]
    ports:
      - 7380:80
      - 7343:443

Then execute the following command

# 新建文件夹 passbolt 和 子目录
mkdir -p /volume2/docker/passbolt/{
    
    data,gpg,jwt}

# 进入 passbolt 目录
cd /volume2/docker/passbolt

# 修改目录权限
chmod 777 {
    
    gpg,jwt}

# 将 docker-compose.yml 放入当前目录

# 一键启动
docker-compose up -d

run

It will take a while, it may take a long time, Passbolt installation success! Enjoy! ☮and that the installation is successful. It took 36seconds on Lao Su’s small machine

Enter in the browser http://群晖IP:7380to see the main interface

Although it supports multi-language switching, it is a pity that there is no Chinese

Before running, you also need to create an administrator account

# 创建您的第一个管理员用户
docker exec passbolt su -m -c "bin/cake passbolt register_user -u [email protected] -f yourname -l surname -r admin" -s /bin/sh www-data

# 示例
docker exec pb-passbolt su -m -c "bin/cake passbolt register_user -u [email protected] -f lao -l su -r admin" -s /bin/sh www-data

[email protected]Log in with the created administrator email and check theI accept the terms

Need to check email to get verification link

If there is no problem with the email settings, you will receive the email in a while, click in the middle get startedto verify

See this interface to OKverify

Click Download extensionto download the plug-in

After the installation is successful, the main interface also has a prompt

Now you need to set the master password, and you only need to remember the master password in the future

• must be at least 8characters
• Contains lowercase and uppercase characters
• Contains letters and numbers
• Contains special characters (such as /or *or %)

Finally, a recovery toolkit containing the key will be generated, which is actually a txtfile . The content of the file is PGP PRIVATE KEY, it will be downloaded automatically, and it must be saved in a safe place

Pick a color and 3enter characters

The main interface after the setup is complete

sign outAfter that, you will return to the login interface, just enter the master password

Next, you can create a new password and start using it. According to the official instructions, browser extensions and mobile applications are currently supported, and desktop applications will be launched soon.

reference documents

Passbolt | The open source password manager for teams
地址：https://www.passbolt.com/

passbolt/passbolt_api: Passbolt CE Backend, a JSON API written with Cakephp
地址：https://github.com/passbolt/passbolt_api

passbolt/passbolt_docker: Get started with Passbolt CE using docker!
地址：https://github.com/passbolt/passbolt_docker

Install passbolt Free Community Edition (CE) on Docker
地址：https://www.passbolt.com/ce/docker