PrivateBin is a minimalist online pastebin where the server has zero knowledge of pasted data. This application supports password-protection, expiration, and self-destruction after reading. It is completely open-source and hosted on github. This article will guide through the installation and configuration of PrivateBin on a Debian 9 system.

Prerequisites

A Debian 9 server.

Root access to your server (via the root user or a user with sudo privileges.)

privileges.) A web server with PHP (Instructions below.)

A MySQL database (Instructions below.)

Preparations

If you’re not logged in as the root user, execute sudo -i to obtain a temporary root shell.

apt update apt upgrade -y apt install -y git

Git will be used to download PrivateBin from its github repository.

Installing a web server stack:

We will be using Apache and PHP. Execute the following to install the required packages:

apt update apt install -y apache2 php php-xml php-mbstring php-mysql php-json php-pdo

Make sure Apache is enabled and running:

systemctl enable --now apache2.service

Configuring Apache

Using a text editor of your choice, create a new configuration file for Apache. For instance:

vim /etc/apache2/sites-available/privatebin.conf

Populate it with the following (insert your IP address or a domain name pointing to your IP for ServerName ):

<VirtualHost *:80> ServerName YOUR_SERVER_IP DocumentRoot /var/www/html/PrivateBin/ ErrorLog ${APACHE_LOG_DIR}/privatebin-error.log CustomLog ${APACHE_LOG_DIR}/privatebin-access.log combined <Directory /var/www/html/PrivateBin> AllowOverride All </Directory> </VirtualHost>

Save, exit, and enable this virtual host:

a2ensite privatebin.conf

Reload the configuration:

systemctl reload apache2.service

Installing PrivateBin

Since PrivateBin is hosted on github, we’ll clone the repository locally:

cd /var/www/html/ && git clone https://github.com/PrivateBin/PrivateBin.git

And give the Apache user ownership of the PrivateBin directory:

chown -R www-data:www-data PrivateBin/

You should now be able to access PrivateBin on http://YOUR_SERVER_IP . For better security/privacy, you should consider using a domain name with HTTPS, however this is beyond the scope of this guide.

Optional

PrivateBin supports MySQL storage in place of the default file-based storage model. To implement MySQL storage, follow the steps below.

Installing MariaDB

apt install -y mariadb-server mariadb-client systemctl enable --now mariadb.service

Secure your MySQL installation with this command:

mysql_secure_installation

Answer the questions as follows:

Enter current password for root (enter for none): Enter Set root password? [Y/n]: Y New password: <your-password> Re-enter new password: <your-password> Remove anonymous users? [Y/n]: Y Disallow root login remotely? [Y/n]: Y Remove test database and access to it? [Y/n]: Y Reload privilege tables now? [Y/n]: Y

Make sure you use a strong password.

Configuring MariaDB

Create a database and user for PrivateBin:

mysql -u root -p MariaDB [(none)]> CREATE DATABASE privatebin DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; MariaDB [(none)]> CREATE USER 'privatebin'@'localhost' IDENTIFIED BY 'newpassword'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON privatebin.* TO 'privatebin'@'localhost'; MariaDB [(none)]> exit;

Make sure you replace newpassword with a secure password. It should be different from the password you chose for the MariaDB root user.

Changing Storage Mode

First, copy the default configuration file for editing:

cd /var/www/html/PrivateBin/cfg cp conf.sample.php conf.php

Using a text editor of your choice, open the file conf.php . Find the following segment:

[model] ; name of data model class to load and directory for storage ; the default model "Filesystem" stores everything in the filesystem class = Filesystem [model_options] dir = PATH "data" ;[model] ; example of DB configuration for MySQL ;class = Database ;[model_options] ;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8" ;tbl = "privatebin_" ; table prefix ;usr = "privatebin" ;pwd = "Z3r0P4ss" ;opt[12] = true ; PDO::ATTR_PERSISTENT

And replace it with:

; [model] ; name of data model class to load and directory for storage ; the default model "Filesystem" stores everything in the filesystem ; class = Filesystem ; [model_options] ; dir = PATH "data" [model] class = Database [model_options] dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8" tbl = "privatebin_" ; table prefix usr = "privatebin" pwd = "newpassword" opt[12] = true ; PDO::ATTR_PERSISTENT

Again, make sure you replace newpassword with the password chosen during user creation in the MySQL console, then save and exit.

Restart apache:

systemctl restart apache2.service

And done.

Implementing HTTPS is recommended but beyond the scope of this article. You can obtain and install a certificate, for free, using certbot.