PrivateBin is a minimalist online pastebin where the server has zero knowledge of pasted data. This application supports password-protection, expiration, and self-destruction after reading. It is completely open-source and hosted on github. This article will guide through the installation and configuration of PrivateBin on a CentOS 7 system.
- A CentOS 7 system.
- Root access to your server (via the root user or a user with
- A web server with PHP (Instructions below.)
- A MySQL database (Instructions below.)
If you’re not logged in as the root user, execute
sudo -i to obtain a temporary root shell.
Update your system and install required software.
yum update yum install -y git
Git will be used to download PrivateBin from its github repository.
Installing a web server stack:
We will be using Apache and PHP. Execute the following to install the required packages:
yum install -y epel-release yum install -y httpd php php-common php-xml php-mbstring php-mysql php-pdo php-mcrypt
Make sure Apache is enabled and running:
systemctl enable --now httpd.service
Using a text editor of your choice, create a new configuration file for Apache. For instance:
Populate it with the following (insert your IP address or a domain name pointing to your IP for
<VirtualHost *:80> ServerName YOUR_SERVER_IP DocumentRoot /var/www/html/PrivateBin/ ErrorLog /var/log/httpd/privatebin-error.log CustomLog /var/log/httpd/privatebin-access.log combined <Directory /var/www/html/PrivateBin> AllowOverride All </Directory> </VirtualHost>
Save and exit.
Reload the configuration:
systemctl reload httpd.service
Since PrivateBin is hosted on github, we’ll clone the repository locally:
cd /var/www/html/ && git clone https://github.com/PrivateBin/PrivateBin.git
And give the Apache user ownership of the PrivateBin directory:
chown -R apache:apache PrivateBin/
Configure firewalld to allow HTTP traffic:
firewall-cmd --add-service http --permanent firewall-cmd --reload
You should now be able to access PrivateBin on
http://YOUR_SERVER_IP. For better security/privacy, you should consider using a domain name with HTTPS, however this is beyond the scope of this guide.
If you encounter server-side errors during PrivateBin usage, SELinux is the likely culprit. To disable it, open
/etc/sysconfig/selinux with a text editor of your choice, and replace
SELINUX=disabled. You should now either reboot, or execute
setenforce 0 to disable SELinux immediately. Disabling SELinux on production systems is not recommended though, you should consider setting proper labels instead.
PrivateBin supports MySQL storage in place of the default file-based storage model. To implement MySQL storage, follow the steps below.
yum install -y mariadb-server mariadb systemctl enable --now mariadb.service
Secure your MySQL installation with this command:
Answer the questions as follows:
Enter current password for root (enter for none): Enter Set root password? [Y/n]: Y New password: <your-password> Re-enter new password: <your-password> Remove anonymous users? [Y/n]: Y Disallow root login remotely? [Y/n]: Y Remove test database and access to it? [Y/n]: Y Reload privilege tables now? [Y/n]: Y
Make sure you use a strong password.
Create a database and user for PrivateBin:
mysql -u root -p MariaDB [(none)]> CREATE DATABASE privatebin DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; MariaDB [(none)]> CREATE USER 'privatebin'@'localhost' IDENTIFIED BY 'newpassword'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON privatebin.* TO 'privatebin'@'localhost'; MariaDB [(none)]> exit;
Make sure you replace
newpassword with a secure password. It should be different from the password you chose for the MariaDB root user.
Changing Storage Mode
First, copy the default configuration file for editing:
cd /var/www/html/PrivateBin/cfg cp conf.sample.php conf.php
Using a text editor of your choice, open the file
conf.php. Find the following segment:
[model] ; name of data model class to load and directory for storage ; the default model "Filesystem" stores everything in the filesystem class = Filesystem [model_options] dir = PATH "data" ;[model] ; example of DB configuration for MySQL ;class = Database ;[model_options] ;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8" ;tbl = "privatebin_" ; table prefix ;usr = "privatebin" ;pwd = "Z3r0P4ss" ;opt = true ; PDO::ATTR_PERSISTENT
And replace it with:
; [model] ; name of data model class to load and directory for storage ; the default model "Filesystem" stores everything in the filesystem ; class = Filesystem ; [model_options] ; dir = PATH "data" [model] class = Database [model_options] dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8" tbl = "privatebin_" ; table prefix usr = "privatebin" pwd = "newpassword" opt = true ; PDO::ATTR_PERSISTENT
Again, make sure you replace
newpassword with the password chosen during user creation in the MySQL console, then save and exit.
Finally, restart apache:
systemctl restart httpd.service