How to Install TeamPass Password Manager on Ubuntu 20.04

TeamPass is a Collaborative Passwords Manager used for managing passwords and sharing them among team members. It uses MySQL/MariaDB database to store passwords securely. It provides a powerful tool to customize passwords access depending on the users roles. It is free and open-source software and allows you to manage your passwords and related data in an organized way in respect to the access rights defined for each user. It comes with a rich set of features including, Data encryption, Personal folder, Tree structure, User privileges, Roles definition and many more.

In this tutorial, we will be going to show you how to install the TeamPass Password Manager software on Ubuntu 20.04 with Let's Encrypt SSL.

Prerequisites

  • A server running Ubuntu 20.04.
  • A valid domain name is pointed with your server IP.
  • A root password is configured on the server.

Install LAMP Server

Before starting, make sure LAMP server must be installed in your server. If not installed, you can install it with other package by running the following command:

apt-get install apache2 mariadb-server php7.4 php7.4-cli libapache2-mod-php7.4 php7.4-mysql php7.4-curl php7.4-mbstring php7.4-bcmath php7.4-common php7.4-gd php7.4-xml git wget -y

Once the LAMP server is installed, edit the php.ini file and change some settings:

nano /etc/php/7.4/apache2/php.ini

Modify the following lines:

memory_limit = 256M
upload_max_filesize = 100M
max_execution_time = 360
date.timezone = Asia/Kolkata

Once you are finished, you can proceed to the next step.

Create TeamPass Database

Next, you will need to create a database and user for TeamPass. First, log in to MariaDB shell with the following command:

mysql -u root

Once login, create a database and user for TeamPass with the following command:

MariaDB [(none)]> create database teampass;
MariaDB [(none)]> grant all privileges on teampass.* to [email protected] identified by "password";

Next, flush the privileges and exit from the MariaDB with the following command:

MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit;

Once your database is created, you can proceed to the next step.

Download TeamPass

First, you will need to download the latest version of TeamPass from the Git repository. You can download it to the Apache web root directory with the following command:

cd /var/www/html
git clone https://github.com/nilsteampassnet/TeamPass.git

Once the download is completed, change the ownership to the www-data user and set proper permission with the following command:

chown -R www-data.www-data /var/www/html/TeamPass/
chmod -R 775 /var/www/html/TeamPass/

Once you are finished, you can proceed to the next step.

Configure Apache Web Server

First, create an Apache virtual host configuration file for TeamPass with the following command:

nano /etc/apache2/sites-available/teampass.conf

Add the following lines:

<VirtualHost *:80>   
     ServerAdmin [email protected]
     DocumentRoot /var/www/html/TeamPass   
     ServerName teampass.linuxbuz.com

     <Directory /var/www/html/TeamPass>      
          Options FollowSymlinks
          AllowOverride All
          Require all granted
     </Directory>   

     ErrorLog ${APACHE_LOG_DIR}/teampass_error.log
     CustomLog ${APACHE_LOG_DIR}/teampass_access.log combined

</VirtualHost>  

Save the file when you are finished. Then, enable the apache virtual host file and restart apache service to apply the changes:

a2ensite teampass
systemctl restart apache2

Once your Apache web server is configured, you can proceed to the next step.

Secure TeamPass with Let's Encrypt SSL

.First, you will need to install the Certbot Let's Encrypt client in your server. It is used to install and manage the Let's Encrypt SSL certificate for your domain. Run the following command to install the Certbot

apt-get install python3-certbot-apache -y

Once the Certbot is installed, run the following command to download and install the Let's Encrypt SSL for your website:

certbot --apache -d teampass.linuxbuz.com

You will need to provide your valid email address and accept the term of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for teampass.linuxbuz.com
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/teampass-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/teampass-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/teampass-le-ssl.conf

Next, you will need to select whether or not to redirect HTTP traffic to HTTPS as shown below:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 to make all requests redirect to secure HTTPS access and hit Enter to install the Let's Encrypt SSL. Once the installation has been finished successfully, you should see the following output:

Enabled Apache rewrite module
Redirecting vhost in /etc/apache2/sites-enabled/teampass.conf to ssl vhost in /etc/apache2/sites-available/teampass-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://teampass.linuxbuz.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=teampass.linuxbuz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/teampass.linuxbuz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/teampass.linuxbuz.com/privkey.pem
   Your cert will expire on 2020-10-17. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

At this point, your website is secured with Let's Encrypt SSL. You can now access it securely with HTTPS protocol.

Access TeamPass Web UI

Now, access your TeamPass web interface by visiting the URL https://teampass.linuxbuz.com. You should see the TeamPass welcome screen:

TeamPass Installer

Click on the NEXT button. You should see the Server checks screen:

Server Check

Click on the LAUNCH and NEXT button. You should see the Database connection screen:

Database settings

Provide your Database details and click on the LAUNCH and NEXT button. You should see the preparation screen:

Create administrator account

Click on the LAUNCH and NEXT button. You should see the Table creation screen:

Create tables

Click on the LAUNCH and NEXT button. You should see the Finalization screen:

Finalize setup

Click on the LAUNCH and NEXT button. Once the installation has been finished successfully, You should see the following screen:

Installation finished

Now, click on the Move to home page button. You will be redirected to the TeamPass login screen as shown below:

Log-in to TeamPass

Provide your username as admin and the password which you have written during the installation process, and click on the Log In button. You should see the TeamPass dashboard in the following screen:

TeamPass dashboard

Conclusion

In this guide, you learned how to install the TeamPass password manager on Ubuntu 20.04 and secure it with Let's Encrypt SSL. You can now explore the TeamPass and deploy it in the production environment. For more information, visit the TeamPass official documentation

Share this page:

Suggested articles

1 Comment(s)

Add comment

Comments

By: Fq at: 2020-08-13 21:49:50

Be careful with this project, there has been no activity since 2019.