Install Passbolt on Helm Chart
Installing Passbolt on Kubernetes with our Helm chart is considered to be a very advanced installation method. If you are not very comfortable and familiar with Kubernetes we strongly recommend that you install via one of our other methods.
System requirements
- Kubernetes cluster (>1.19): https://kubernetes.io/docs/setup/
- kubectl: https://kubernetes.io/docs/tasks/tools/#kubectl
- Helm (3.X): https://helm.sh/docs/intro/install/
- a working SMTP server for email notifications
FAQ pages:
Helm install
The easiest and recommended way to deploy your Passbolt Helm chart is to use helm install.
Step 1. Set up our Helm repo
helm repo add passbolt-repo https://download.passbolt.com/charts/passbolt
Step 2. Get a copy of the values file
curl -LO https://raw.githubusercontent.com/passbolt/charts-passbolt/main/values.yaml
Step 3. Configure values file to customize your instance
The APP_FULL_BASE_URL environment variable is set by default to https://passbolt.local, using a self-signed certificate.
Update this variable with the server name you plan to use. You will find at the bottom of this documentation links about how to set your own SSL certificate.
If you are creating your own gpg keys the following commands can help convert them into a base64 encoded single line string which is what the values.yaml file expects.
gpg --armor --export-secret-keys <email you created keys with> | base64 -w 0
gpg --armor --export <email you created keys with> | base64 -w 0
You must configure also SMTP settings to be able to receive notifications and recovery emails.
For more information on which environment variables are available on passbolt, please check the passbolt environment variable reference
By default we have the ingress set to false, you'll need to decide how you want to handle this to access the web page.
Additionally the following charts are used by Passbolt and you can adjust the values under their respective headings in values.yaml
| Repository | Name | Version |
|---|---|---|
| https://charts.bitnami.com/bitnami | mariadb | 11.3.5 |
| https://charts.bitnami.com/bitnami | redis | 17.3.8 |
| https://passbolt.gitlab.io/passbolt-ops/passbolt-helm-library | passbolt-library | 0.2.1 |
Step 4. Run helm install
helm install -f values.yaml my-passbolt passbolt-repo/passbolt
At this point, you should have a working Passbolt setup via Helm running on the most up to date CE version of Passbolt.
Manually creating first admin user
Once the Helm chart is deployed, you can create your first user by running the following command:
kubectl exec -it <passbolt-pod-name> -- /bin/bash -c "su -s /bin/bash -c \"bin/cake passbolt register_user -u <email> -f <firstname> -l <lastname> -r admin\" www-data"
It will output a link similar to the below one that can be pasted on the browser to finalize user registration:
https://mydomain.com/setup/install/1eafab88-a17d-4ad8-97af-77a97f5ff552/f097be64-3703-41e2-8ea2-d59cbe1c15bc
Going further
Passbolt docker repository: