Debian
Installing Passwork on following OS:
- Debian 11
- Debian 12
On this page you can switch between blocks of code to view the commands applicable to your version of Ubuntu
Passwork is not resource-heavy. How much disk space, RAM and CPU power you will need depends on the number of active users, the amount of stored data, and your requirements for fault-tolerance.
See the full system requirements
If your server has 2-4 GB of RAM, we recommend enabling the SWAP file for libraries to compile properly.
First, gain root access and update the local packages:
Then, install the Git version control package, Apache2 web-server and curl data transfer tool:
Install packages for HTTPS repositories:
Download and save the GPG key of the PHP repository:
Add the PHP repository to the apt sources list:
Update the local packages and repositories:
Install PHP and its extensions:
Install a PHP MongoDB driver:
Create configuration files for PHP MongoDB startup and activation:
Install the PHP Phalcon extension:
Create configuration files for PHP Phalcon startup and activation:
Download and add the MongoDB GPG key:
Add the MongoDB repository into the file:
Update the list of available packages:
Install MongoDB using the apt package manager:
Run mongod.service:
And enable autostart:
Go to /var/www/:
Add a global Git configuration pointing to the safe directory:
Initialize a Git repository at /var/www/:
Add the remote Passwork repository:
Get the remote repository for your local sever:
The system will ask for your credentials, which are listed on your customer portal page. If you can't access the customer portal, let us know.
Switch to the v6 branch with the latest Passwork version:
Give www-data owner privileges for the files and directories:
Open the virtual host configuration file for HTTP:
Edit the file so it looks as follows:
Enable the URL rewrite module and restart Apache2:
You can open http://passwork.local or http://127.0.0.1 to test your Passwork connection
When you connect to Passwork for the first time, you will need to go over the checklist that includes:
- Automatic parameter checking
- Checking connection to MongoDB database
- Generating an encryption key for MongoDB
- License verification
Leave all fields as they are if you are installing a new Passwork copy
After finishing the checklist, you will be offered to create the first Passwork user and set their login, password and email address for notifications.
Note. This user is always local and "Owner" of Passwork by default, in case of assigning — "Owner" LDAP/SSO user, it will automatically become local and you will not be able to authorise in Passwork
Create a new directory to store the private key and the certificate in:
Use OpenSSL to generate a self-signed X.509 certificate for Apache2:
- Common Name (CN) — Specify the IP of your server or host. This field is important, as the certificate should match the domain or IP of your website;
- subjectAltName (SAN) — Альтернативное имя домена или IP-адрес.
Give root access to the user to secure the private key and the certificate:
Activate the SSL module in Apache for the server to support HTTPS:
Enable the website's virtual host configuration file with the SSL settings:
Open the virtual host configuration file for HTTPS connection:
Find the section that starts with <VirtualHost _default_:443> and edit it as follows:
- Add the ServerName directive (server name or IP) and :443 port under the ServerAdmin line:
- Add the <Directory> directive after ServerName:
- Locate the following changes and update the paths of files which were generated previously, or specify the private key and certificate location:
- After editing the file, check if the virtual host configuration file matches the example:
Restart Apache2 to apply the changes:
Check the HTTPS connection to Passwork using https://passwork.local
When using a secure SSL connection (HTTPS), client browsers require certain flags to process Passwork data. These flags are called session.cookie_secure and disableSameSiteCookie. If these flags are not set, browsers will not be able to establish connections and the connection will be rejected, which can lead to authorisation errors — "The session of this browser tab is out of date".
Enable the ;session.cookie_secure parameter in /etc/php/8.2/apache2/php.ini:
Set the disableSameSiteCookie parameter in /var/www/app/config/config.ini to Off:
Do not set these parameters or reset them to their original value if you change your mind about using SSL and work over the HTTP protocol.
Background tasks are tasks that are executed by the scheduler in the background. For example, LDAP synchronisation, loading favicons, and other tasks that are time-consuming, persistent, or resource-allocating.
See a guide on setting up background tasks.
Before performing actions to modify and configure security settings, we strongly recommend that you make sure that Passwork is stable and working correctly, and that you back up the files to which you are making changes.
Server security is an important part of ensuring the protection of valuable company data and resources. It is a process that requires planning and execution to ensure maximum protection against various threats.
Look through the overview of Passwork security settings.