Passbolt
Compare VPS plans to self-host Passbolt. providers advertising 2GB+ RAM from $4/mo. Passbolt server hosting comparison.
Find the best and cheapest VPS plans to self-host Passbolt.
Minimum Requirements
These VPS plans meet the minimum requirements to run Passbolt. Suitable for testing or light usage.
Recommended Requirements
For optimal performance, we recommend these VPS plans that exceed the minimum requirements.
Source: self-hosted-tools.json
Passbolt VPS Sizing: Storage, Sync, and Scale
Passbolt turns a VPS into a team password-sharing platform with OpenPGP-based end-to-end encryption, auditability, and role-based access. The hosting choice affects whether user enrollment, key management, password sharing, and background email tasks stay responsive under real team activity.
Resource Profile Classification
The primary resource profile is Mixed. self-hosted-tools.json starts Passbolt at 2 GB RAM and 20 GB storage, then doubles RAM and storage for the recommended tier while CPU stays at 2 cores. That pattern fits a PHP plus MySQL/MariaDB application where OpenPGP key handling, team concurrency, database growth, and background jobs all matter. TLS is mandatory and backups are mandatory because shared credentials, metadata, and key material become a business-critical system.
Passbolt is team-focused and heavier than Vaultwarden because PHP, MySQL/MariaDB, background mail, and OpenPGP key operations create both memory pressure and operational complexity once more users share secrets.
Storage and Network Interpretation
Passbolt needs more disciplined storage than its web UI suggests. Keep PHP application state, MySQL/MariaDB, and mail queue data on reliable SSD or NVMe storage, and size the database for organization growth, audit history, and attachments if used. Network behavior matters for browser access, mail delivery, and remote teams, but the bigger production requirement is secure HTTPS with valid certificates and a backup plan that includes the database plus OpenPGP-related secrets. If provider uplink guarantees are not documented locally, We recommend verifying the latest uplink specs directly on the provider's SLA due to regional variation.
Minimum vs Production vs Scale
| Stage | Source | CPU | RAM | Storage | Interpretation |
|---|---|---|---|---|---|
| Minimum | requirements.minimum |
2 Cores | 2 GB | 20 GB | The 2-core, 2 GB, and 20 GB floor is enough for evaluation or a very small team. It is not the right signal for a business-critical password-sharing platform. |
| Production | requirements.recommended |
2 Cores | 4 GB | 40 GB | The 2-core, 4 GB, and 40 GB production tier is the baseline for a small live Passbolt deployment where PHP workers, MySQL/MariaDB cache, OpenPGP operations, and background mail need room. |
| Scale | editorial interpretation |
Use steadier CPU when user enrollment, key rotation, reporting, and concurrent OpenPGP-heavy operations make 2 shared vCPUs feel slow. | Add RAM first for PHP workers, MySQL/MariaDB cache, mail queue handling, and larger team concurrency before the stack starts swapping. | Keep database growth, audit history, backups, and any attachment or mail-related state off the cramped root disk as the organization expands. | At scale, Passbolt becomes a database and operations problem before it becomes a pure web-app problem. The next step is usually more RAM, cleaner MySQL/MariaDB isolation, and stronger backup and TLS operations rather than just buying the cheapest plan with more disk. |
Anti-Patterns
- Do not compare Passbolt directly with lightweight personal vaults; it is team-focused and carries PHP, MySQL/MariaDB, mail, and OpenPGP operational overhead.
- Do not treat the 2 GB minimum as a production promise for active teams with many users, audits, and concurrent browser sessions.
- Do not expose Passbolt without HTTPS and certificate hygiene; TLS is mandatory for a password-sharing platform.
- Do not back up only the database while forgetting application secrets, mail configuration, and OpenPGP-related material; backups are mandatory.
Who It Fits
For: Good fit for teams that need self-hosted password sharing with OpenPGP, role-based access, and audit visibility, and can run a proper PHP plus MySQL/MariaDB stack with mandatory TLS and backups.
Not for: Avoid an entry-level VPS if you expect many users, strict availability needs, large organization trees, or no operational budget for database care, certificate management, and tested restores.
FAQ
Why is Passbolt heavier than Vaultwarden?
Passbolt is team-focused and runs a fuller PHP plus MySQL/MariaDB stack with mail handling, OpenPGP key operations, and more shared-access overhead than lightweight Rust-based Vaultwarden.
What stack does Passbolt need?
Passbolt runs on PHP with MySQL/MariaDB and OpenPGP-based encryption for team password sharing.
What is mandatory before putting Passbolt in production?
TLS is mandatory, backups are mandatory, and the backup plan must cover the database plus the key and application secrets needed for restore.
Quality Checks
- Engineering-Check: Yes, the page names the first bottleneck and its failure mode.
- Trade-off-Check: Yes, it states who should avoid an entry-level VPS.
- Renewal-Price-Check: Yes, buyers are warned that low first-term prices can distort VPS selection.
- Keyword-Anchor-Check: Yes, internal anchors on the page use VPS and self-hosting terms instead of generic labels.
- Data-Link-Check: Yes, Minimum and Production values map to
self-hosted-tools.json. - Uniqueness-Check: Yes, the analysis is tied to Passbolt bottlenecks rather than a name-swap template.
What is Passbolt?
Passbolt is an open-source password manager designed for teams and enterprises with strong security requirements. It uses GPG-based end-to-end encryption, ensuring only authorized users can access shared passwords. Features include secure password sharing, role-based access control, LDAP/AD integration, audit logs, and browser extensions. Passbolt is audited for security and complies with regulations like GDPR. It's ideal for organizations that need enterprise-grade password management with complete control.
Why Server Specs Matter
Passbolt runs on PHP with a MySQL/MariaDB database and requires a GPG keyserver component. The application handles user authentication, key management, encrypted password storage, and permission enforcement. Resource usage scales with the number of users, passwords, and concurrent access. Background tasks handle email notifications and health checks. The GPG operations are CPU-intensive during user registration and key operations.
Problems with Undersized Servers
Insufficient resources cause slow page loads and delayed password sharing operations. User registration and key generation may timeout. Large organization trees take long to load. Search becomes sluggish with many passwords. Email notifications are delayed. The web interface becomes unresponsive during peak usage. Background health checks may not complete properly.
Our Recommendation
For small teams up to 20 users, 2GB RAM and 2 CPU cores work well. Larger organizations should use 4GB RAM. MySQL/MariaDB benefits from additional memory for caching. Plan 20-40GB storage for the database and email queue. SSD storage improves overall performance. Consider separate servers for the database and application in enterprise deployments. Regular backups are critical - include the GPG keyring.
Minimum Requirements - VPS Plans
These VPS plans meet the minimum requirements to run Passbolt. Suitable for testing or light usage.
| Provider | Plan | CPU | RAM | Storage | Features | Price/mo | Actions |
|---|
Recommended Requirements - VPS Plans
For optimal performance, we recommend these VPS plans that exceed the minimum requirements.
| Provider | Plan | CPU | RAM | Storage | Features | Price/mo | Actions |
|---|
Some links on this page are affiliate links. If you make a purchase through these links, we may earn a small commission at no extra cost to you. This helps us keep the site running and provide free comparison tools.