Author: Matthew Griffin
Last Updated: Fri, Apr 1, 2022Padloc is a self-hosted password manager with support for both individuals and teams. This tutorial explains how to install Padloc on Ubuntu 20.04. This tutorial will use Docker, docker-compose, and Nginx to secure the configuration.
Before you begin these steps, you should:
You should also create a DNS A record that points a host name to the IP address of your server. The DNS name is required for Certbot to install a TLS/SSL certificate.
Install Git using apt
.
$ sudo apt install git
Remove any apt-installed versions of Certbot. It is okay if apt
reports that none are installed.
$ sudo apt remove certbot
Ensure that your version of snapd is up to date.
$ sudo snap install core; sudo snap refresh core
Install Certbot using snap
.
$ sudo snap install --classic certbot
Run Certbot and follow the prompts to enter your domain name and redirect all traffic to HTTPS.
$ sudo certbot certonly --standalone
Take note of your certificate and private key paths when provided. It may be different depending on the domain used.
Certificate Path: /etc/letsencrypt/live/example.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/example.com/privkey.pem
If you used a different SSL provider, please ensure they are on your server and know their full path. You may put them in the /etc/nginx/
directory if you wish.
Remove any older versions of Docker and the Docker engine.
$ sudo apt remove docker docker-engine docker.io containerd runc
Install Docker using snap
.
$ sudo snap install docker
Create a directory called padloc
in your home directory and enter it.
$ mkdir ~/padloc
$ cd ~/padloc
Create and open a new docker-compose.yml
file.
$ nano docker-compose.yml
Add the following lines to the file. Change example.com
to your domain name.
version: "3"
services:
server:
image: padloc/server
container_name: padloc_server
expose:
- 3000
volumes:
- ${PL_DB_DIR:-./db}:/data
- ${PL_ATTACHMENTS_DIR:-./attachments}:/docs
environment:
- PL_PWA_URL
- PL_EMAIL_SERVER
- PL_EMAIL_PORT
- PL_EMAIL_USER
- PL_EMAIL_PASSWORD
- PL_EMAIL_FROM
pwa:
image: padloc/pwa
container_name: padloc_pwa
expose:
- 8080
volumes:
- ${PL_PWA_DIR:-./pwa}:/pwa
environment:
- PL_SERVER_URL
nginx:
image: nginx
container_name: nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ${PL_SSL_CERT:-./ssl/cert.pem}:/ssl/cert
- ${PL_SSL_KEY:-./ssl/key.pem}:/ssl/key
ports:
- 80:80
- 443:443
Exit the file using CTRL + X, then press Y, followed by ENTER.
Create and open a new nginx.conf
file.
$ nano nginx.conf
Add the following lines to the file.
http {
client_max_body_size 10m;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
server_name example.com;
listen 443 ssl http2;
location /server/ {
proxy_pass http://padloc_server:3000;
rewrite ^/padloc_server(.*)$ $1 break;
}
location / {
proxy_pass http://padloc_pwa:8080;
rewrite ^/padloc_pwa(.*)$ $1 break;
}
ssl_certificate /ssl/cert;
ssl_certificate_key /ssl/key;
}
}
events {}
Exit the file using CTRL + X, then press Y, followed by ENTER.
Create a new file called .env
in your text editor.
$ nano .env
Copy and paste the values below into your text editor and change them accordingly for your configuration.
# URL that points to the web application
PL_PWA_URL=https://example.com/
# URL that points to the server instance
PL_SERVER_URL=https://example.com/server/
# The port the server instance will listen on
PL_SERVER_PORT=3000
# The directory where database files will be stored
PL_DB_DIR=./db
# The directory where attachment files will be stored
PL_ATTACHMENTS_DIR=./attachments
# The port the web application will be served from
PL_PWA_PORT=8080
# The directory where the static code for the web application will be stored
PL_PWA_DIR=./pwa
# SMTP host
PL_EMAIL_SERVER=smtp.example.com
# SMTP username
PL_EMAIL_USER=example@example.com
# SMTP port
PL_EMAIL_PORT=443
# SMTP password
PL_EMAIL_PASSWORD=CHANGE_ME
# Use TLS when sending emails
PL_EMAIL_SECURE=false
# The path to your SSL certificate (change example.com)
PL_SSL_CERT=/etc/letsencrypt/live/example.com/fullchain.pem
# The path to your SSL private key (change example.com)
PL_SSL_KEY=/etc/letsencrypt/live/example.com/privkey.pem
Save and exit the text editor by using CTRL + X, then Y, followed by ENTER.
Run Padloc by using docker-compose
in detached mode. This may take a few seconds.
$ sudo docker-compose up -d
Check that Padloc is running by using docker
. The status should be Up
.
$ sudo docker ps
STATUS
Up x seconds/minutes
You have now successfully installed and configured Padloc.
You should now navigate to your Padloc installation and create an account.
https://example.com
This completes the steps to install Padloc and secure it using an SSL certificate and an Nginx reverse proxy.