We had post a guide to install PASSBOLT on CentOS 7 last time, since Passbolt has release a newer version, and everytime we login to lower version passbolt, it will shows a notification to upgrade Passbolt. IT WAS ANNOYING ! So, we decide to make another guide for upgrading PASSBOLT v1.6.0 to V2.0.7 .
First, we need to know what version we at running. Find passbolt version by this command:
# cat /var/www/passbolt/app/version.php
Output should be like this:
[
‘number’ => ‘1.6.10‘,
‘name’ => ‘Get Up’
],
];
Update to lastest & enable EPEL repositories to install all the required passbolt components:
# yum update -y # yum -y install yum-utils epel-release # yum -y install 'http://rpms.remirepo.net/enterprise/remi-release-7.rpm'
Install remi’s repositories for PHP 7.2
# yum-config-manager --enable 'remi-php72'
Install some basic utilities:
# yum -y install unzip wget composer policycoreutils-python git gcc
PHP Installation
# yum -y install php-intl php-gd php-mysql php-mcrypt php-pear php-devel php-mbstring php-fpm gpgme-devel # yum install -y php-fpm
///// NOTE: If you getting gnupg.so error, run 'pecl uninstall gnupg' to uninstall it, and reinstall with 'pecl install gnupg'. After that run 'echo "extension=gnupg.so" > /etc/php.d/gnupg.ini' to make gnupg working. /////
Run php-fpm with unix socket, and user as nginx
# vim /etc/php-fpm.d/www.conf
Edit listen, user, group:
listen = /var/run/php-fpm/php-fpm.sock user = nginx group = nginx listen.owner = nginx listen.group = nginx listen.mode = 0666
Restart php-fpm to take effect
# service php-fpm restart
Change the default group owner of the default php session
# chgrp nginx /var/lib/php/session
Cd to passbolt installation path and rename it to older version.
# cd /var/www/ # mv passbolt passbolt_old
Download latest passbolt from GIT.
# git clone https://github.com/passbolt/passbolt_api.git ./passbolt
Install the dependencies
# cd passbolt # composer install
Copy the avatar folder
# cp -R ../passbolt_old/app/webroot/img/public/* ./webroot/img/public/. # mv ./webroot/img/public/images/ProfileAvatar ./webroot/img/public/images/Avatar
Copy the server gpg key
# cp ../passbolt_old/app/Config/gpg/* config/gpg/.
Create a passbolt configuration file
///// Do not copy your v1 configuration files,name and values in the main configuration is now located in one file called config/passbolt.php. /////
# cp config/passbolt.default.php config/passbolt.php # vim config/passbolt.php
You will need to set at least the following:
> Application full base url (/app/Config/core.php) > Database configuration (/app/Config/database.php) > Email settings (/app/Config/email.php) > Server OpenPGP key fingerprint.(/app/Config/app.php)
Change passbolt folder ownership to your web application user and permission to 755.
# chown -R nginx.nginx /var/www/passbolt # chmod -R 755 /var/www/passbolt
Run the migration script with your web application user.
# su -s /bin/bash -c "/var/www/passbolt/bin/cake passbolt migrate" nginx
Run healthcheck to see is everything ready to work.
# su -s /bin/bash -c "./bin/cake passbolt healthcheck" nginx
Change crontab send notification command
# crontab -e * * * * * /usr/bin/su -c "/var/www/passbolt/bin/cake EmailQueue.sender > /var/www/passbolt/tmp/email.log" -s /bin/bash nginx
///// We are not done yet. /////
Check your nginx root path, rewrite rules. Here is an example for nginx:
server {
listen 80;
listen [::]:80;
server_name www.example.com;
return 301 http://example.com$request_uri;
}
server {
listen 80;
server_name example.com;
root /var/www/example.com/webroot;
index index.php;
access_log /var/www/example.com/log/access.log;
error_log /var/www/example.com/log/error.log;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ .php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Restart services & TEST !
ENJOY ~
Leave a Reply
Want to join the discussion?Feel free to contribute!