CentOS 7 Installation¶
Prerequisites¶
- Web server (Apache/Nginx/Lighttpd) with SSL enabled.
- MariaDB >= 10.1
- PHP >= 7.0
- PHP modules
- mysqlnd
- curl
- json
- gd
- xml
- mbstring
- intl
- readline
- ldap (optional)
- mcrypt (optional for importing older XML export files)
- Latest sysPass version https://github.com/nuxsmin/sysPass/releases
Installation¶
CentOS 7 package installation.
yum install httpd php-ldap php-mcrypt php-mbstring php-gd php-mysqlnd php-pdo php-json php-xml php-ldap php-xml mariadb-server wget
Automated start/stop Apache web server and MariaDB server.
systemctl enable httpd.service
systemctl enable mariadb.service
systemctl start httpd.service
systemctl start mariadb.service
Setting up MariaDB.
/usr/bin/mysql_secure_installation
Enabling firewall ports.
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
Optional for enabling SSL.
In order to increase your sysPass instance security, please consider to use SSL. See Security and the following resources for Debian:
- Sites only accessible from LAN: https://doc.debian.org/configuration/Self-Signed_Certificate
- Sites accessible from Internet, you could use Let’s Encrypt, see https://certbot.eff.org/
Directories and permissions¶
Create a directory for sysPass within the web server root.
mkdir /var/www/html/syspass
Unpack sysPass files.
cd /var/www/html/syspass
tar xzf syspass.tar.gz
Setup directories permissions. The owner should match the web server running user.
chown apache -R /var/www/html/syspass
chmod 750 /var/www/html/syspass/app/config /var/www/html/syspass/app/backup
SELinux¶
sysPass needs to be allowed to write its configuration and some other files (backup, cache, temp, etc). We have 2 choices:
Note
Please, run only one of the choices
- Change SELinux’s context and user:
setsebool -P httpd_can_connect_ldap 1
chcon -R -t httpd_sys_rw_content_t /var/www/html/syspass/app/{config,backup,cache,tmp}
- Disable SELinux by editing the file “/etc/sysconfig/selinux” and setting “SELINUX” variable’s value to “permissive”. You need to restart the system.
Installing dependencies¶
From sysPass root directory, download and install Composer (https://getcomposer.org/download/)
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === '93b54496392c062774670ac18b134c3b3a95e5a5e5c8f1a9f115f203b75bf9a129d5daa8ba6a13e2cc8a1da0806388a8') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
Then install sysPass dependencies
php composer.phar install --no-dev
Environment configuration¶
Please, point your web browser to the following URL and follow the installer steps
https://IP_OR_SERVER_ADDRESS/syspass/index.php
Note
Please, follow installer steps and after the successful finishing, you will be able to log into the application
To know how sysPass works, please see Application
Warning
It’s advisable to read the security recommendations on Security