How to Install Padloc on Ubuntu 20.04

Introduction

Padloc is a self-hosted password manager with support for both individuals and teams. This tutorial explains how to install Padloc on Ubuntu 20.04. This tutorial will use Docker, docker-compose, and Nginx to secure the configuration.

Prerequisites

Before you begin these steps, you should:

Deploy an Ubuntu 20.04 server.
Update the server.
Create a non-root user with sudo privileges.
Log in to your server as a non-root user.
Create an SMTP server.
Open port 433 on your Vultr firewall or your ufw.

You should also create a DNS A record that points a host name to the IP address of your server. The DNS name is required for Certbot to install a TLS/SSL certificate.

Installation

Certbot and Git

Install Git using apt.
```
$ sudo apt install git
```
Remove any apt-installed versions of Certbot. It is okay if apt reports that none are installed.
```
$ sudo apt remove certbot
```

Ensure that your version of snapd is up to date.

$ sudo snap install core; sudo snap refresh core

Install Certbot using snap.
```
$ sudo snap install --classic certbot
```
Run Certbot and follow the prompts to enter your domain name and redirect all traffic to HTTPS.
```
$ sudo certbot certonly --standalone
```

Take note of your certificate and private key paths when provided. It may be different depending on the domain used.

Certificate Path: /etc/letsencrypt/live/example.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/example.com/privkey.pem

If you used a different SSL provider, please ensure they are on your server and know their full path. You may put them in the /etc/nginx/ directory if you wish.

Docker

Remove any older versions of Docker and the Docker engine.

$ sudo apt remove docker docker-engine docker.io containerd runc

Install Docker using snap.
```
$ sudo snap install docker
```

Configuration

Docker Container

Create a directory called padloc in your home directory and enter it.
```
$ mkdir ~/padloc
$ cd ~/padloc
```
Create and open a new docker-compose.yml file.
```
$ nano docker-compose.yml
```

Add the following lines to the file. Change example.com to your domain name.

version: "3"
services:
    server:
        image: padloc/server
        container_name: padloc_server
        expose:
            - 3000
        volumes:
            - ${PL_DB_DIR:-./db}:/data
            - ${PL_ATTACHMENTS_DIR:-./attachments}:/docs
        environment:
            - PL_PWA_URL
            - PL_EMAIL_SERVER
            - PL_EMAIL_PORT
            - PL_EMAIL_USER
            - PL_EMAIL_PASSWORD
            - PL_EMAIL_FROM
    pwa:
        image: padloc/pwa
        container_name: padloc_pwa
        expose:
            - 8080
        volumes:
            - ${PL_PWA_DIR:-./pwa}:/pwa
        environment:
            - PL_SERVER_URL
    nginx:
        image: nginx
        container_name: nginx
        volumes:
            - ./nginx.conf:/etc/nginx/nginx.conf
            - ${PL_SSL_CERT:-./ssl/cert.pem}:/ssl/cert
            - ${PL_SSL_KEY:-./ssl/key.pem}:/ssl/key
        ports:
            - 80:80
            - 443:443

Exit the file using CTRL + X, then press Y, followed by ENTER.

Nginx Configuration File

Create and open a new nginx.conf file.
```
$ nano nginx.conf
```

Add the following lines to the file.

http {
    client_max_body_size 10m;
    server {
        listen 80 default_server;
        listen [::]:80 default_server;
        server_name _;
        return 301 https://$host$request_uri;
    }

    server {
        server_name example.com;
        listen 443 ssl http2;

        location /server/ {
            proxy_pass http://padloc_server:3000;
            rewrite ^/padloc_server(.*)$ $1 break;
        }

        location / {
            proxy_pass http://padloc_pwa:8080;
            rewrite ^/padloc_pwa(.*)$ $1 break;
        }

        ssl_certificate /ssl/cert;
        ssl_certificate_key /ssl/key;
    }
}

events {}

Exit the file using CTRL + X, then press Y, followed by ENTER.

Create the .env File

Create a new file called .env in your text editor.
```
$ nano .env
```

Copy and paste the values below into your text editor and change them accordingly for your configuration.

# URL that points to the web application
PL_PWA_URL=https://example.com/
# URL that points to the server instance
PL_SERVER_URL=https://example.com/server/

# The port the server instance will listen on
PL_SERVER_PORT=3000
# The directory where database files will be stored
PL_DB_DIR=./db
# The directory where attachment files will be stored
PL_ATTACHMENTS_DIR=./attachments

# The port the web application will be served from
PL_PWA_PORT=8080
# The directory where the static code for the web application will be stored
PL_PWA_DIR=./pwa

# SMTP host
PL_EMAIL_SERVER=smtp.example.com
# SMTP username
PL_EMAIL_USER=example@example.com
# SMTP port
PL_EMAIL_PORT=443
# SMTP password
PL_EMAIL_PASSWORD=CHANGE_ME
# Use TLS when sending emails
PL_EMAIL_SECURE=false

# The path to your SSL certificate (change example.com)
PL_SSL_CERT=/etc/letsencrypt/live/example.com/fullchain.pem
# The path to your SSL private key (change example.com)
PL_SSL_KEY=/etc/letsencrypt/live/example.com/privkey.pem

Save and exit the text editor by using CTRL + X, then Y, followed by ENTER.
Run Padloc by using docker-compose in detached mode. This may take a few seconds.
```
$ sudo docker-compose up -d
```
Check that Padloc is running by using docker. The status should be Up.
```
$ sudo docker ps
STATUS
Up x seconds/minutes
```

You have now successfully installed and configured Padloc.

Finishing Steps

You should now navigate to your Padloc installation and create an account.

https://example.com

This completes the steps to install Padloc and secure it using an SSL certificate and an Nginx reverse proxy.

Documentation

Want to contribute?

You could earn up to $600 by adding new articles.

Submit your article Request an article

Article