e1mo.privatebin
ansible-role-privatebin
Ansible role for setting up PrivateBin, which is based on PHP.
Requirements
Here are the basic requirements for PrivateBin (as of Version 1.3.4):
PHP version 5.5 or later
One of the following sources for secure random numbers:
- PHP 7 or higher
- Libsodium with its PHP extension
- Access to
/dev/urandomusing open_basedir - mcrypt extension
- com_dotnet extension
Note: Mcrypt must access
/dev/urandom, so ensureopen_basedirallows this file.GD extension
Enough disk space or optionally, a database supported by PDO
Permission to create files and folders in the installation directory and in the PATH defined in index.php
A web browser that supports JavaScript
This information is sourced from the PrivateBin wiki, primarily written by elrido.
You also need to have git installed to clone the role.
Role Variables
| Variable | Description | Default |
|---|---|---|
pbin_path |
Path for PrivateBin source files | "/var/www/privatebin" |
pbin_user |
User who will own the PrivateBin files | "{{ ansible_facts['user_id'] }}" |
pbin_group |
Group that will own the PrivateBin files | "{{ pbin_user }}" |
pbin_git_repo |
Git repository to clone | "https://github.com/PrivateBin/PrivateBin.git" |
pbin_git_version |
Git version to clone (e.g., branch name or tag) | "1.3.4" |
pbin_model_class |
Storage method: Filesystem or Database |
"Filesystem" |
pbin_datadir |
Directory for storing pastes (if using Filesystem) |
"data" |
pbin_pdo_dsn |
Database connection string (see https://www.php.net/manual/en/pdo.drivers.php) | "" (empty) |
pbin_pdo_table |
Table prefix for MySQL / PostgreSQL / SQLite3 | "privatebin_" |
pbin_pdo_user |
Username for database authentication | "" (empty) |
pbin_name |
Name for PrivateBin installation | "PrivateBin" |
pbin_discussion_enabled |
Enable discussions | true |
pbin_password_enabled |
Allow custom passwords for pastes | true |
pbin_fileupload_enabled |
Allow file uploads | true |
pbin_burn_after_reading_default |
Default to delete pastes after reading | false |
pbin_formatter_default |
Default formatting (plaintext, markdown, syntaxhighlighting) |
"plaintext" |
pbin_syntax_theme |
Syntax highlighting theme, set to false for no theme |
false |
pbin_template |
Frontend template to use | "bootstrap" |
pbin_language_selection |
Show language selection dropdown | false |
pbin_sizelimit |
Max size for each paste in bytes | 10485760 (10 MB) |
pbin_notice |
Frontend notice, set to false to disable | false |
pbin_formatter_options |
List of available formatters, their order and labels | [plaintext: "Plain Text", syntaxhighlighting: "Source Code", markdown: "Markdown"] |
pbin_compression |
Compression method to use: zlib or none |
"zlib" |
pbin_expire_default |
Default expiry time for pastes (must be present in pbin_expire_options) |
"1week" |
pbin_expire_options |
Available expiration times in seconds | [5min: 300, 10min: 600, 1hour: 3600, 1day: 86400, 1week: 604800, 1month: 2592000, 1year: 31536000, never: 0] |
pbin_ratelimit |
Time in seconds between pastes from the same IP | 10 |
pbin_forwarded_header |
If behind a reverse proxy, set to header name for IP (like X_FORWARDED_FOR), otherwise false |
false |
pbin_traffic_dir |
Directory for traffic limits storage | "{{ pbin_datadir }}" |
pbin_purge_limit |
Minimum time between purge attempts in seconds | 300 |
pbin_purge_batchsize |
Max number of pastes to delete at once | 10 |
pbin_purge_dir |
Directory for storing purge limit | "{{ pbin_datadir }}" |
Example Playbook
- name: Install PrivateBin
hosts: privatebin
roles:
- e1mo.privatebin
tags:
- privatebin
vars:
pbin_path: "/var/www/bin.e1mo.de"
pbin_user: "www-data"
pbin_model_class: "Filesystem"
pbin_pdo_dsn: "mysql:host=localhost;dbname=privatebin"
pbin_pdo_user: "privatebin"
pbin_pdo_pass: "privatebin"
License
BSD-3-Clause
Related Projects
Here are some related projects that contributed to this role:
- PrivateBin: The PrivateBin project itself.
- ansible-role-php: A role from Jeff Geerling aka. geerlingguy for installing PHP, MySQL, and PostgreSQL. He also has a fun and educational YouTube channel.
- ansible: The Ansible project, which is vital for this role.
Author Information
Written by Moritz 'e1mo' Fromm.
The role is developed on sourcehut at https://git.sr.ht/~e1mo/ansible-role-privatebin. To contribute, send your patches to ~e1mo/ansible-role-privatebin [at] lists.sr.ht using git send-email (Mailing list etiquette). The issue tracker can be found at https://todo.sr.ht/~e1mo/ansible-role-privatebin, no account needed.
Install and configure Privatebin
ansible-galaxy install e1mo.privatebin