In this tutorial, we will show you how to install Teampass Password Manager on Ubuntu 20.04 LTS. For those of you who didn’t know, TeamPass is an open-source password manager that helps you to store and manage all your passwords from the central location. It is a collaborative password manager that allows you to share all stored passwords with team members. TeamPass uses MySQL/MariaDB to store passwords and provides a powerful tool for customizing passwords access Teampass is highly customizable and provides a lot of options to customize it to your needs. It uses Defuse PHP Encryption library to secure your data and your users.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Teampass Password Manager on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Prerequisites
- A server running one of the following operating systems: Ubuntu 20.04, 18.04, and any other Debian-based distribution like Linux Mint or elementary OS.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install Teampass Password Manager on Ubuntu 20.04 LTS Focal Fossa
Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.
sudo apt update sudo apt upgrade
Step 2. Installing the LAMP stack.
A Ubuntu 20.04 LAMP server is required. If you do not have LAMP installed, you can follow our guide here.
Step 3. Installing Teampass Password Manager on Ubuntu 20.04.
Now we run the following commands below to download the latest version of Teampass from the Git repository.:
cd /var/www/html/ git clone https://github.com/nilsteampassnet/TeamPass.git
We will need to change some folders permissions:
chown -R www-data:www-data TeamPass chmod -R 775 /var/www/html/TeamPass
Step 4. Configuring MariaDB.
By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. you should read and below each step carefully which will set a root password, remove anonymous users, disallow remote root login, and remove the test database and access to secure MariaDB:
mysql_secure_installation
Configure it like this:
- Set root password? [Y/n] y - Remove anonymous users? [Y/n] y - Disallow root login remotely? [Y/n] y - Remove test database and access to it? [Y/n] y - Reload privilege tables now? [Y/n] y
Next, we will need to log in to the MariaDB console and create a database for the Teampass. Run the following command:
mysql -u root -p
This will prompt you for a password, so enter your MariaDB root password and hit Enter. Once you are logged in to your database server you need to create a database for Teampass installation:
MariaDB [(none)]> create database teampass_db; MariaDB [(none)]> grant all privileges on teampass_db.* to teampass@localhost identified by "your-strong-password"; MariaDB [(none)]> flush privileges; MariaDB [(none)]> exit;
Step 5. Configure Apache Virtual Host.
Now we create an Apache virtual host configuration file to host Teampass:
nano /etc/apache2/sites-available/teampass.conf
Add the following lines:
<VirtualHost *:80>
ServerAdmin admin@your-domain.com
DocumentRoot /var/www/html/TeamPass
ServerName teampass.example.com
<Directory /var/www/html/TeamPass>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/teampass_error.log
CustomLog ${APACHE_LOG_DIR}/teampass_access.log combined
</VirtualHost>
Save and close the file then enable the Apache virtual host and restart the Apache service to apply the changes:
sudo a2ensite teampass sudo a2enmod rewrite sudo systemctl restart apache2
Step 6. Secure TeamPass with Let’s Encrypt.
First, you will need to install the Certbot client on your server to download and install the Let’s Encrypt SSL for your domain:
sudo apt install python3-certbot-apache
Then, run the following command to download and install the Let’s Encrypt SSL for your website:
certbot --apache -d teampass.your-domain.com
You will then be prompted to enter an email address for the certificate. After you have entered that you must agree to the T&C’s and decide if you want to share your email address with the Electronic Frontier Foundation.
Output:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://teampass.your-domain.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=teampass.your-domain.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/teampass.your-domain.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/teampass.your-domain.com/privkey.pem Your cert will expire on 2021-01-25. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Next, we set up a cron job to auto-renew the SSL certificate:
certbot renew --dry-run
You can set up a cron job to auto-renew SSL certificate every day at 12:00 AM by editing the following file:
crontab -e
Add the following line:
00 12 * * * root /usr/bin/certbot renew >/dev/null 2>&1
Step 7. Accessing Teampass Web Interface.
Once successfully installed, open your web browser and access the Teampass web interface using the URL https://teampass.your-domain.com. You should see the following page:
Congratulations! You have successfully installed Teampass. Thanks for using this tutorial for installing Teampass Password Manager on Ubuntu 20.04 LTS Focal Fossa system. For additional help or useful information, we recommend you check the official Teampass website.
