Menu Close

How to Install PrivateBin on Debian 9.

PrivateBin is a minimalist online pastebin where the server has zero knowledge of pasted data. This application supports password-protection, expiration, and self-destruction after reading. It is completely open-source and hosted on github. This article will guide through the installation and configuration of PrivateBin on a Debian 9 system.

Prerequisites

  • A Debian 9 server.
  • Root access to your server (via the root user or a user with sudo privileges.)
  • A web server with PHP (Instructions below.)
  • A MySQL database (Instructions below.)

Preparations

If you’re not logged in as the root user, execute sudo -i to obtain a temporary root shell.

Update your system and install required software.

apt update
apt upgrade -y
apt install -y git 

Git will be used to download PrivateBin from its github repository.

Installing a web server stack:

We will be using Apache and PHP. Execute the following to install the required packages:

apt update
apt install -y apache2 php php-xml php-mbstring php-mysql php-json php-pdo 

Make sure Apache is enabled and running:

systemctl enable --now apache2.service 

Configuring Apache

Using a text editor of your choice, create a new configuration file for Apache. For instance:

vim /etc/apache2/sites-available/privatebin.conf

Populate it with the following (insert your IP address or a domain name pointing to your IP for ServerName):

<VirtualHost *:80>
ServerName YOUR_SERVER_IP
DocumentRoot /var/www/html/PrivateBin/
ErrorLog ${APACHE_LOG_DIR}/privatebin-error.log
CustomLog ${APACHE_LOG_DIR}/privatebin-access.log combined
<Directory /var/www/html/PrivateBin>
AllowOverride All
</Directory>
</VirtualHost>

Save, exit, and enable this virtual host:

a2ensite privatebin.conf

Reload the configuration:

systemctl reload apache2.service

Installing PrivateBin

Since PrivateBin is hosted on github, we’ll clone the repository locally:

cd /var/www/html/ && git clone https://github.com/PrivateBin/PrivateBin.git

And give the Apache user ownership of the PrivateBin directory:

chown -R www-data:www-data PrivateBin/

You should now be able to access PrivateBin on http://YOUR_SERVER_IP. For better security/privacy, you should consider using a domain name with HTTPS, however this is beyond the scope of this guide.

Optional

PrivateBin supports MySQL storage in place of the default file-based storage model. To implement MySQL storage, follow the steps below.

Installing MariaDB

apt install -y mariadb-server mariadb-client

systemctl enable --now mariadb.service

Secure your MySQL installation with this command:

mysql_secure_installation

Answer the questions as follows:

Enter current password for root (enter for none): Enter
Set root password? [Y/n]: Y
New password: <your-password>
Re-enter new password: <your-password>
Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]: Y
Reload privilege tables now? [Y/n]: Y

Make sure you use a strong password.

Configuring MariaDB

Create a database and user for PrivateBin:

mysql -u root -p

MariaDB [(none)]> CREATE DATABASE privatebin DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
MariaDB [(none)]> CREATE USER 'privatebin'@'localhost' IDENTIFIED BY 'newpassword';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON privatebin.* TO 'privatebin'@'localhost';
MariaDB [(none)]> exit;

Make sure you replace newpassword with a secure password. It should be different from the password you chose for the MariaDB root user.

Changing Storage Mode

First, copy the default configuration file for editing:

cd /var/www/html/PrivateBin/cfg
cp conf.sample.php conf.php

Using a text editor of your choice, open the file conf.php. Find the following segment:

[model]
; name of data model class to load and directory for storage
; the default model "Filesystem" stores everything in the filesystem
class = Filesystem
[model_options]
dir = PATH "data"

;[model]
; example of DB configuration for MySQL
;class = Database
;[model_options]
;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
;tbl = "privatebin_" ; table prefix
;usr = "privatebin"
;pwd = "Z3r0P4ss"
;opt[12] = true ; PDO::ATTR_PERSISTENT

And replace it with:

; [model]
; name of data model class to load and directory for storage
; the default model "Filesystem" stores everything in the filesystem
; class = Filesystem
; [model_options]
; dir = PATH "data"

[model]
class = Database
[model_options]
dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
tbl = "privatebin_" ; table prefix
usr = "privatebin"
pwd = "newpassword"
opt[12] = true ; PDO::ATTR_PERSISTENT

Again, make sure you replace newpassword with the password chosen during user creation in the MySQL console, then save and exit.

Restart apache:

systemctl restart apache2.service

And done.

Implementing HTTPS is recommended but beyond the scope of this article. You can obtain and install a certificate, for free, using certbot.

2 Comments

  1. nxnjz

    Thanks for your feedback. This article only covers the installation of PrivateBin and not HTTPS config. I’ve edited my post to reflect that.

Leave a Reply

Your email address will not be published. Required fields are marked *