docker.recipes

PrivateBin Pastebin

beginner

Minimalist, open-source pastebin with zero-knowledge encryption.

Overview

PrivateBin is a minimalist, open-source online pastebin service that implements zero-knowledge encryption, meaning all data is encrypted and decrypted in the user's browser before being sent to the server. Originally inspired by ZeroBin and developed as a more actively maintained alternative, PrivateBin ensures that server administrators cannot read the content of pastes, making it ideal for sharing sensitive information, code snippets, or confidential text. The application uses client-side AES-256 encryption with a key that never leaves the user's browser, providing genuine end-to-end encryption for paste sharing. This Docker stack combines PrivateBin with an nginx-fpm-alpine container that provides a lightweight, production-ready web server configuration optimized for PHP applications. The setup uses PHP-FPM for efficient request processing while maintaining the security benefits of a read-only container filesystem, preventing any modifications to the application code during runtime. The configuration supports file-based data storage for pastes and includes built-in support for syntax highlighting, markdown rendering, and QR code generation for easy mobile sharing. This configuration is perfect for privacy-conscious organizations, development teams handling sensitive code, security researchers sharing findings, or anyone requiring a self-hosted alternative to public pastebin services. Unlike commercial pastebin services that can read your content, PrivateBin's zero-knowledge architecture ensures true privacy, making it valuable for compliance-sensitive environments, open-source projects, educational institutions, and personal use where data sovereignty is important.

Key Features

  • Client-side AES-256 encryption with keys generated in browser and never transmitted to server
  • Burn-after-reading functionality that automatically deletes pastes after first view
  • Configurable expiration times from 5 minutes to never, with automatic cleanup
  • Syntax highlighting support for over 60 programming languages using highlight.js
  • QR code generation for paste URLs enabling easy mobile device sharing
  • Markdown rendering support with live preview for formatted text content
  • File upload capabilities for images and documents up to configurable size limits
  • Discussion threads on pastes with encrypted comments using same zero-knowledge approach

Common Use Cases

  • 1Development teams sharing sensitive API keys, database credentials, or configuration files
  • 2Security researchers distributing vulnerability reports or proof-of-concept code privately
  • 3System administrators sharing temporary access credentials or deployment scripts
  • 4Educational institutions providing students with assignment materials or code examples
  • 5Open-source projects offering contributors a private channel for sensitive communications
  • 6Healthcare or legal organizations sharing confidential documents with encryption compliance
  • 7Personal use for storing encrypted notes, passwords, or private information with self-destruction

Prerequisites

  • Docker Engine 20.10+ and Docker Compose V2 for container orchestration support
  • Minimum 512MB RAM available for nginx and PHP-FPM processes
  • Port 8080 available on host system or alternative port configured in compose file
  • Basic understanding of PrivateBin configuration options for customizing paste limits and features
  • SSL/TLS reverse proxy recommended for production deployments handling sensitive data
  • File system permissions allowing Docker to create and manage the data volume mount point

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  privatebin: 
3    image: privatebin/nginx-fpm-alpine:latest
4    container_name: privatebin
5    environment: 
6      - TZ=UTC
7    volumes: 
8      - privatebin-data:/srv/data
9      - ./conf.php:/srv/cfg/conf.php:ro
10    ports: 
11      - "8080:8080"
12    read_only: true
13    networks: 
14      - privatebin-network
15    restart: unless-stopped
16
17volumes: 
18  privatebin-data: 
19
20networks: 
21  privatebin-network: 
22    driver: bridge

.env Template

.env
1# PrivateBin
2# Configure via conf.php file
3# See: https://github.com/PrivateBin/PrivateBin/wiki/Configuration

Usage Notes

  1. 1Web UI at http://localhost:8080
  2. 2Zero-knowledge encryption
  3. 3Server never sees content
  4. 4Burn after reading support
  5. 5QR codes for sharing

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  privatebin:
5    image: privatebin/nginx-fpm-alpine:latest
6    container_name: privatebin
7    environment:
8      - TZ=UTC
9    volumes:
10      - privatebin-data:/srv/data
11      - ./conf.php:/srv/cfg/conf.php:ro
12    ports:
13      - "8080:8080"
14    read_only: true
15    networks:
16      - privatebin-network
17    restart: unless-stopped
18
19volumes:
20  privatebin-data:
21
22networks:
23  privatebin-network:
24    driver: bridge
25EOF
26
27# 2. Create the .env file
28cat > .env << 'EOF'
29# PrivateBin
30# Configure via conf.php file
31# See: https://github.com/PrivateBin/PrivateBin/wiki/Configuration
32EOF
33
34# 3. Start the services
35docker compose up -d
36
37# 4. View logs
38docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/privatebin-pastebin/run | bash

Troubleshooting

  • Browser shows 'Failed to decrypt paste' error: Ensure the complete URL with fragment identifier (#) was copied, as the encryption key is stored after the hash
  • Container exits with permission errors: Verify the data volume has correct ownership (uid/gid 65534) or adjust container user settings in compose file
  • Paste creation fails with 'Data too large' error: Check the configured maximum paste size in conf.php and ensure it matches nginx client_max_body_size
  • Syntax highlighting not working: Confirm highlight.js resources are loading properly and check browser console for JavaScript errors blocking client-side processing
  • QR codes not generating: Verify the base URL is correctly configured in conf.php and that the QR code library dependencies are included in the container image
  • File uploads rejected: Ensure upload functionality is enabled in configuration and file size limits are properly set for both PrivateBin and nginx

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

privatebin

Tags

#pastebin#privatebin#encryption#privacy#sharing

Category

Productivity & Collaboration

Related Recipes

Ad Space