Help Search

Installation with install scripts

The install scripts are shell scripts that are designed to do the heavy lifting for you. They will configure your operating system to be passbolt ready and will take care of the web server (Nginx), database (MariaDb), PHP, SSL and GPG keyring configuration.

System requirements

The install scripts will work on any of these servers:

  • Debian 9 (Etch)
  • CentOS 7

Please note: It is important that you use a bare server with no other services or tools already installed on it. The install scripts could potentially damage any existing data on your server.

Server configuration steps

1. Create a web server matching the requirements.

Spin up a new fresh server with one of the supported linux distributions (Debian 9 or CentOS 7). You can do this on a bare-metal server, on a virtual machine or a container (docker). In this tutorial, we are using a the official Debian 9 image on Vagrant.

2. Download the installation script

You can download the installation scripts from these respective urls:

$ wget -O ./passbolt-pro-installer-debian-9.tar.gz
download the install script fig. download the install script

3. Execute the installation script

First, unpack it:

tar zxvf ./passbolt-pro-installer-debian-9.tar.gz

Then, execute it:

sudo ./
execute the install script fig. execute the install script

4. Answer the questions

The install script will ask you a few questions to adapt the environment to your needs.

Do you want to install a local mariadb server on this machine?

  • Yes: if you are not planning on using an external mysql / mariadb server.
  • No: if you have a mysql / mariadb server installed somewhere else and want to use it for passbolt.

The script will then ask you for the database details: root password, database name, and password.


To configure your webserver, the script needs to know under which hostname or ip it is going to run. Enter here the address (domain, hostname or ip) at which you are planning to access your passbolt after installation

SSL Setup

  • manual: (recommended) choose manual if you have your own ssl certificates.
  • auto: this option will issue a SSL certificate automatically through Let’s Encrypt. Use this option only if you have a domain name that is reachable by the outside world, or it will not work.
  • none: choose this option if you don’t want your webserver to run https. This is not recommended.

GnuPG entropy On virtualized environments GnuPG happen to find not enough entropy to generate a key. Therefore, Passbolt cannot not run properly. The script needs to know if you want to fix this by installing Haveged in order to speed up the entropy generation on your system. Haveged is a useful too to fix entropy issues, however it can have security implications. Make sure you understand the risks before answering yes to this question.

For each question, depending on your answer, some more precisions can be asked. Just answer the questions and go with the flow.

At the end, the install script will confirm you that the environment has been configured and will ask you to point your browser to the hostname or ip address previously entered.

completion of the install script fig. completion of the install script

Your server is now ready to run passbolt

The next step is to configure passbolt. You can do this quite easily with the configuration wizard.

Configure passbolt with the wizard

Last updated

This article was last updated on April 9th, 2018.

Are you experiencing issues with Passbolt Pro?

Contact Pro support

or ask the community