Ech0 - 23 / 10 / 2020

PrivateBin (pastebin)

Before we start, you will need a Debian 10+ VPS (you can get one on digitalocean for example), if you prefer to use your own self hosted server, make sure that port 80 and 443 are correctly port forwarded so that the public ip points to the server and not the router. Once that's done, go and ssh into your debian 10 server.

You can use DuckDNS to get a free domain name:


[ 192.168.100.1/24 ] [ /dev/pts/13 ] [~/Documents/Github/blog/Conf]
→ ssh root@ech4.duckdns.org
The authenticity of host 'ech4.duckdns.org (178.128.46.38)' can't be established.
ECDSA key fingerprint is SHA256:z2HAncB99pfbAUfj9tJY7vlo8EGUzCIUxWBAnjAflcA.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'ech4.duckdns.org,178.128.46.38' (ECDSA) to the list of known hosts.
Linux debian-s-1vcpu-1gb-lon1-01 4.19.0-10-cloud-amd64 #1 SMP Debian 4.19.132-1 (2020-07-24) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
root@debian-s-1vcpu-1gb-lon1-01:~#

Initial Setup:

First install the dependencies:


apt update -y && apt upgrade -y
apt install curl socat git php7.3 php7.3-fpm php7.3-xml php7.3-gd php7.3-mbstring php7.3-mysql php7.3-json php7.3-pdo mariadb-server nginx  -y

Enable nginx:


apt remove apache2 -y
apt purge apache2 -y

systemctl enable --now nginx mysql
wget https://ech1.github.io/blog/servers/privatebin/privatebin.conf -O /etc/nginx/sites-available/privatebin.conf
ln -s /etc/nginx/sites-available/privatebin.conf /etc/nginx/sites-enabled/privatebin.conf
rm /etc/nginx/sites-available/default
rm /etc/nginx/sites-enabled/default

Install acme.sh and get your free letsencrypt certificate:


wget -O -  https://get.acme.sh | sh
source ~/.bashrc
systemctl stop nginx 
acme.sh --issue --standalone -d ech4.duckdns.org -k 4096
nginx -t

Then edit the nginx config:


/etc/nginx/conf.d/privatebin.conf

Then install Privatebin:


cd /var/www/html/ && git clone https://github.com/PrivateBin/PrivateBin.git
chown -R www-data:www-data PrivateBin/
mysql_secure_installation

Enter current password for root (enter for none): Enter
Set root password? [Y/n]: Y
New password: P@SSW0RD
Re-enter new password: P@SSW0RD
Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]: Y
Reload privilege tables now? [Y/n]: Y


mysql -u root -p
CREATE DATABASE privatebin DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'privatebin'@'localhost' IDENTIFIED BY 'P@SSW0RD';
GRANT ALL PRIVILEGES ON privatebin.* TO 'privatebin'@'localhost';
exit;


cd /var/www/html/PrivateBin/cfg
cp conf.sample.php conf.php
wget https://ech1.github.io/blog/servers/privatebin/conf.php -O conf.php
nano conf.php

You can edit the config if you want, the important part being the following:


; [model]
; name of data model class to load and directory for storage
; the default model "Filesystem" stores everything in the filesystem
; class = Filesystem
; [model_options]
; dir = PATH "data"

[model]
class = Database
[model_options]
dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
tbl = "privatebin_" ; table prefix
usr = "privatebin"
pwd = "P@SSW0RD"
opt[12] = true ; PDO::ATTR_PERSISTENT

add timezones to both php.inis


cd /etc/php/7.3/

echo 'date.timezone = Europe/Paris' >> fpm/php.ini
echo 'date.timezone = Europe/Paris' >> cli/php.ini

Restart services


systemctl restart php7.3-fpm nginx

PrivateBin (pastebin)

Initial Setup:

Testing

3

My Bunker

My Links

About Ech0