Guides - Deploy Passbolt through the Linode Marketplace
Quickly deploy a Compute Instance with many various software applications pre-installed and ready to use.
Passbolt Password Manager is an open-source password manager designed for teams and businesses. It allows users to securely store, share, and manage passwords.
Deploying a Marketplace App
The Linode Marketplace allows you to easily deploy software on a Compute Instance using the Cloud Manager. See Get Started with Marketplace Apps for complete steps.
Log in to the Cloud Manager and select the Marketplace link from the left navigation menu. This displays the Linode Create page with the Marketplace tab pre-selected.
Under the Select App section, select the app you would like to deploy.
Complete the form by following the steps and advice within the Creating a Compute Instance guide. Depending on the Marketplace App you selected, there may be additional configuration options available. See the Configuration Options section below for compatible distributions, recommended plans, and any additional configuration options available for this Marketplace App.
Click the Create Linode button. Once the Compute Instance has been provisioned and has fully powered on, wait for the software installation to complete. If the instance is powered off or restarted before this time, the software installation will likely fail.
To verify that the app has been fully installed, see Get Started with Marketplace Apps > Verify Installation. Once installed, follow the instructions within the Getting Started After Deployment section to access the application and start using it.
Configuration Options
- Supported distributions: Ubuntu 22.04 LTS
- Suggested plan: For best results, 4GB Dedicated CPU or Shared Compute instance for Passbolt.
Passbolt Options
Limited Sudo User
You need to fill out the following fields to automatically create a limited sudo user, with a strong generated password for your new Compute Instance. This account will be assigned to the sudo group, which provides elevated permissions when running commands with the sudo
prefix.
Limited sudo user: Enter your preferred username for the limited user. No Capital Letters, Spaces, or Special Characters.
Locating The Generated Sudo Password A password is generated for the limited user and stored in a
.credentials
file in their home directory, along with application specific passwords. This can be viewed by running:cat /home/$USERNAME/.credentials
For best results, add an account SSH key for the Cloud Manager user that is deploying the instance, and select that user as an
authorized_user
in the API or by selecting that option in the Cloud Manager. Their SSH pubkey will be assigned to both root and the limited user.Disable root access over SSH: To block the root user from logging in over SSH, select Yes. You can still switch to the root user once logged in, and you can also log in as root through Lish.
Accessing The Instance Without SSH If you disable root access for your deployment and do not provide a valid Account SSH Key assigned to theauthorized_user
, you will need to login as the root user via the Lish console and runcat /home/$USERNAME/.credentials
to view the generated password for the limited user.
Getting Started after Deployment
To start registration follow the link provided in /etc/motd
to visit the DNS you choose during deployment.
cat /etc/motd
*********************************************************
Akamai Connected Cloud passbolt Marketplace App
Registering admin user: https://$DNS_NAME/setup/start/$UUID
App URL: https://$DNS_NAME
Credentials File: /home/$SUDO_USER/.credentials
Documentation: https://www.linode.com/marketplace/apps/linode/passbolt/
*********************************************************
To delete this message of the day: rm /etc/motd
Be sure to download the passbolt-recovery-kit.txt
file and store it in a safe place. This PGP Private Key Block (and the passphrase you set here) will be required if you ever need to go through account recovery.
You will need to create a passphrase to access Passbolt.
Once the passphrase is set you will be able to view the Passbolt main screen.
For more information, visit Passbolt Installation Documentation for details on how to configure Passbolt.
Email Configuration
Postfix is installed as part of the Marketplace App, allowing you to send a test email. Unless you’ve manually configured your own SMTP provider, to send a test email through the SMTP screen (https://<example.com>/app/administration/smtp-settings), use the following (replace example.com
with your FQDN):
- Email provider: Other
- Authentication method: None
- SMTP host: localhost
- Use TLS?: No
- Port: 25
- SMTP client leave blank
- Sender name: root
- Sender email: root@<example.com>
To make the most out of Passbolt you need a working email setup for email notifications (e.g. - account registration, password recovery and other critical notifications). For more information on setting this up, see the Configure Email Providers page on Passbolt’s website.
Regardless of how you configure your mail server, we suggest that you follow the best practices to ensure mail deliverability. For more information, see the Running a Mail Server guide.
Account Recovery
If you ever need to recover your account, you will be prompted for the PGP private key block you downloaded after entering your passphrase for the first time.
This page was originally published on