'PassGram', 'version' => '3.0', 'base_url' => '', // e.g. https://your-domain.com (no trailing slash) 'debug' => false, // Session settings 'session' => [ 'timeout' => 3600, // seconds (60 minutes) 'name' => 'passgram_session', 'cookie_secure' => false, // set true when serving over HTTPS 'cookie_httponly' => true, 'cookie_samesite' => 'Strict', ], // Input validation / security rules 'security' => [ 'password_min_length' => 12, 'username_min_length' => 3, 'username_max_length' => 32, 'max_login_attempts' => 5, 'lockout_duration' => 900, // seconds (15 minutes) 'invite_expiry_days' => 7, ], // Filesystem paths used at runtime 'paths' => [ 'pgp' => dirname(__DIR__) . '/data/pgp', ], ]; CFGPHP); } if (!file_exists($configDir . '/security.php')) { file_put_contents($configDir . '/security.php', <<<'SECPHP' 'REPLACE_WITH_GENERATED_KEY_DURING_INSTALLATION', // AES-256-GCM settings used by the Encryption class 'encryption' => [ 'algorithm' => 'aes-256-gcm', 'key_length' => 32, // bytes 'iv_length' => 12, // bytes (96-bit nonce, recommended for GCM) 'tag_length' => 16, // bytes (128-bit authentication tag) ], // Argon2id parameters for key derivation (PGP private-key passphrase) 'argon2' => [ 'memory_cost' => 65536, // KB (64 MB) 'time_cost' => 4, // iterations 'threads' => 2, ], // bcrypt cost factor for password hashing 'bcrypt_cost' => 12, ]; SECPHP); } // Check if already installed $config = Config::getInstance(); if ($config->isInstalled()) { die("PassGram is already installed. Delete config/security.php to reinstall."); } // Handle POST submission if ($_SERVER['REQUEST_METHOD'] === 'POST') { try { // Get form data $adminUsername = trim($_POST['admin_username'] ?? ''); $adminEmail = trim($_POST['admin_email'] ?? ''); $adminPassword = $_POST['admin_password'] ?? ''; $confirmPassword = $_POST['confirm_password'] ?? ''; // Validate inputs $validator = new Validator($config); if (!$validator->username($adminUsername)) { throw new Exception($validator->getFirstError()); } if (!$validator->email($adminEmail)) { throw new Exception($validator->getFirstError()); } if (!$validator->password($adminPassword)) { throw new Exception($validator->getFirstError()); } if ($adminPassword !== $confirmPassword) { throw new Exception('Passwords do not match'); } // Generate Master Application Key $masterKey = Encryption::generateKey(); $masterKeyHex = bin2hex($masterKey); // Write security.php with the generated MAK $generatedDate = date('Y-m-d H:i:s'); file_put_contents($configDir . '/security.php', << '{$masterKeyHex}', // AES-256-GCM settings used by the Encryption class 'encryption' => [ 'algorithm' => 'aes-256-gcm', 'key_length' => 32, // bytes 'iv_length' => 12, // bytes (96-bit nonce, recommended for GCM) 'tag_length' => 16, // bytes (128-bit authentication tag) ], // Argon2id parameters for key derivation (PGP private-key passphrase) 'argon2' => [ 'memory_cost' => 65536, // KB (64 MB) 'time_cost' => 4, // iterations 'threads' => 2, ], // bcrypt cost factor for password hashing 'bcrypt_cost' => 12, ]; SECPHP); // Initialize database $encryption = new Encryption($masterKey, $config->get('security.encryption')); $db = new Database($encryption, $config->database()); $db->initialize(); // Create models $userModel = new User($db, $config, $validator); $groupModel = new Group($db, $validator); $inviteModel = new Invite($db, $config, $validator); // Create admin user $admin = $userModel->create([ 'username' => $adminUsername, 'email' => $adminEmail, 'password' => $adminPassword, ]); // Create default group $group = $groupModel->create([ 'name' => 'Default Group', 'description' => 'Initial group for PassGram users', 'created_by' => $admin['id'], ]); // Add admin to group $userModel->addToGroup($admin['id'], $group['id']); // Generate invite code for additional users $invite = $inviteModel->generate($group['id'], $admin['id']); // Success! $success = true; $inviteCode = $invite['code']; } catch (Exception $e) { $error = $e->getMessage(); } } ?> PassGram v3.0 - Installation
PassGram v3.0 - Installation

Installation Successful!

PassGram has been installed successfully.

Admin username:

Admin email:

Invite Code for Additional Users:

IMPORTANT SECURITY NOTES:
  • Delete this install.php file immediately
  • Backup config/security.php in a secure location
  • Save the invite code - you'll need it to register more users
  • Configure HTTPS on your server
  • Update config/config.php with your domain

Go to Login Page

PassGram Installation

Server Requirements:

  • PHP =') ? '✓' : '✗ (7.4+ required)'; ?>
  • OpenSSL Extension
  • JSON Extension
  • Writable data/ directory
  • Writable config/ directory
Error:
Note: This will create the first admin user and generate a secure Master Application Key. Keep this key secure - if lost, all data will be unrecoverable!
3-32 characters, letters, numbers, underscore only
Minimum 12 characters, must include uppercase, lowercase, numbers, and special characters