Skip to main content

Install Passbolt on Helm Chart

caution

Installing Passbolt on Kubernetes with our Helm chart is considered to be a very advanced installation method. If you are not very comfortable and familiar with Kubernetes we strongly recommend that you install via one of our other methods.

System requirements

FAQ pages:

Helm install

The easiest and recommended way to deploy your Passbolt Helm chart is to use helm install.

Step 1. Set up our Helm repo

helm repo add passbolt-repo https://download.passbolt.com/charts/passbolt

Step 2. Get a copy of the values file

curl -LO https://raw.githubusercontent.com/passbolt/charts-passbolt/main/values.yaml

Step 3. Configure values file to customize your instance

The APP_FULL_BASE_URL environment variable is set by default to https://passbolt.local, using a self-signed certificate.

Update this variable with the server name you plan to use. You will find at the bottom of this documentation links about how to set your own SSL certificate.

If you are creating your own gpg keys the following commands can help convert them into a base64 encoded single line string which is what the values.yaml file expects.

gpg --armor --export-secret-keys <email you created keys with>  | base64 -w 0
gpg --armor --export <email you created keys with> | base64 -w 0

You must configure also SMTP settings to be able to receive notifications and recovery emails.

For more information on which environment variables are available on passbolt, please check the passbolt environment variable reference

Important

By default we have the ingress set to false, you'll need to decide how you want to handle this to access the web page.

Additionally the following charts are used by Passbolt and you can adjust the values under their respective headings in values.yaml

RepositoryNameVersion
https://charts.bitnami.com/bitnamimariadb11.3.5
https://charts.bitnami.com/bitnamiredis17.3.8
https://passbolt.gitlab.io/passbolt-ops/passbolt-helm-librarypassbolt-library0.2.1

Step 4. Run helm install

helm install -f values.yaml my-passbolt passbolt-repo/passbolt

At this point, you should have a working Passbolt setup via Helm running on the most up to date CE version of Passbolt.

Manually creating first admin user

Once the Helm chart is deployed, you can create your first user by running the following command:

kubectl exec -it  <passbolt-pod-name> -- /bin/bash -c "su -s /bin/bash -c \"bin/cake passbolt register_user -u <email> -f <firstname> -l <lastname> -r admin\" www-data"

It will output a link similar to the below one that can be pasted on the browser to finalize user registration:

https://mydomain.com/setup/install/1eafab88-a17d-4ad8-97af-77a97f5ff552/f097be64-3703-41e2-8ea2-d59cbe1c15bc

Going further

Passbolt docker repository: