eusonlito/Password-Manager
Stars: 182
Forks: 39
Pull Requests: 16
Issues: 41
Watchers: 10
Last Updated: 2023-09-13 08:19:11
Self-hosted Password Manager based on Laravel 10 + PHP 8 + MySQL 8. Gestor de Contraseñas basado en Laravel 10 + PHP 8 + MySQL 8.
License: MIT License
Languages: Shell, PHP, HTML, Blade, Dockerfile
Password Manager
This application allows complete password management for multiple types of services (web, ssh, phones, wifi, etc ...).
The data of each application is stored encrypted in the database.
The encryption of this data is done using the value of
APP_KEYas salt, so it is very important not to regenerate this key or you will lose access to all registered applications.
Don't even think about installing this project in an environment without HTTPS protection
The main features are:
- User Management.
- Team management.
- Access to applications limited by teams.
- Multiple types of data records.
- Encryption in database.
- Authentication by certificate and double factor with Google Authenticator.
- Using certificate, you can to disable password auth.
- Logged every time a user accesses, consults or updates an application.
- Allows private or shared applications.
- Limited access by country.
- It has a chrome extension that connects via API and directly accesses the credentials of the web you are visiting.
- API Password control on every different IP.
This project has an extension for Google Chrome that you can download at https://github.com/eusonlito/Password-Manager-Chrome
Requirements
- Apache2 (nginx does not support authentication with certificate limited to certain routes)
- PHP 8.1 or higher (php-curl php-imagick php-mbstring php-mysql php-zip)
- MySQL 8.0
- ImageMagick
If PHP 8.1 is not the default PHP version on your system you must use the binary prefix to execute composer and artisan, for example:
php8.1 /usr/local/bin/composer install --no-dev --optimize-autoloader --classmap-authoritative --ansiphp8.1 artisan key:generateLocal Installation
-
Create the database in MySQL.
-
Clone the repository.
git clone https://github.com/eusonlito/Password-Manager.git- Copy the
.env.examplefile as.envand fill in the necessary variables.
cp .env.example .env- Install composer dependencies (remember that we always use the PHP 8.1 binary).
composer install --no-dev --optimize-autoloader --classmap-authoritative --ansi- Generate the application key. Remember to backup this key in a secure location (
.env>APP_KEY).
php artisan key:generate- Regenerate the caches.
composer artisan-cache- Launch the initial migration.
php artisan migrate- Launch the seeder.
php artisan db:seed --class=Database\\Seeders\\Database- Configure the cron task for the user related to the project:
* * * * * cd /var/www/password.domain.com && php artisan schedule:run >> storage/logs/artisan-schedule-run.log 2>&1
- Create the main user.
php artisan user:create [email protected] --name=Admin --password=StrongPassword2 --admin-
Configure the server for web access with
DOCUMENT_ROOTinpublic. -
Profit!
Upgrade
The platform update can be done easily with the composer deploy command executed by the user who manages that project (usually www-data).
Docker Installation
Currently only for testing (no certificate support).
- Clone the repository
git clone https://github.com/eusonlito/Password-Manager.git- [OPTIONAL] Copy file
docker/.env.exampleto.envand configure your own settings
cp docker/.env.example .env- [OPTIONAL] Copy file
docker/docker-compose.yml.exampletodocker/docker-compose.ymland configure your own settings
cp docker/docker-compose.yml.example docker/docker-compose.yml- Build docker images (will ask for the sudo password)
./docker/build.sh- Start containers (will ask for the sudo password)
./docker/run.sh- Create the admin user (will ask for the sudo password)
./docker/user.sh-
Open your web browser and goto http://localhost:8080
-
Remember to add a web server (apache2, nginx, etc...) as a proxy to add features as SSL.
Upgrade
- Update the project source
git pull- Build docker images (will ask for the sudo password)
./docker/build.sh- Start containers (will ask for the sudo password)
./docker/run.sh- Open your web browser and goto http://localhost:8080
Certificate Authentication
In order to authenticate with a certificate, we must add the following configuration in Apache's VirtualHost:
<Location /user/profile/certificate>
SSLVerifyClient require
SSLVerifyDepth 2
SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate
</Location>
<Location /user/auth/certificate>
SSLVerifyClient require
SSLVerifyDepth 2
SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate
</Location>
SSLCACertificateFile /var/www/password.domain.com/resources/certificates/certificates.pem
The /user/profile/certificate location allows obtaining the certificate identifier automatically from the user profile itself, and /user/auth/certificate is the authentication path by certificate.
The OptRenegotiate option allows Apache to independently renegotiate the connection per path, something that nginx does not support.
Commands
Create User:
php artisan user:create {--email=} {--name=} {--password=} {--admin} {--readonly} {--teams=}User update:
php artisan user:update {--id=} {--email=} {--name=} {--password=} {--certificate=} {--tfa_enabled=} {--admin=} {- readonly=} {--enabled=} {--teams=}Help!
I need help to improve english translations on this project.
Default locale files are located in resources/lang/es and should be translated into resources/lang/en.
Also, I need to translate the English Readme.
Thanks!
Screenshots
