Install Snipe-IT Asset Management on Ubuntu 24.04

Snipe-IT is a free, open-source IT asset management tool built on Laravel. It tracks laptops, servers, software licenses, accessories, and consumables through a clean web interface with full audit trails, check-in/check-out workflows, and detailed reporting.

Original content from computingforgeeks.com - post 43082

This guide walks through installing Snipe-IT v8.4.0 on Ubuntu 24.04 with Nginx, MariaDB, and PHP 8.3. The same steps work on Rocky Linux 10 with minor package manager differences noted throughout. By the end, you will have a production-ready asset management system secured with Let’s Encrypt SSL.

Prerequisites

Before starting the installation, make sure you have the following ready:

• A server running Ubuntu 24.04 LTS or Rocky Linux 10 with at least 2GB RAM and 2 CPU cores
• Root or sudo access to the server
• A domain name (e.g. assets.example.com) pointed to your server’s public IP
• Ports 80 (HTTP) and 443 (HTTPS) open in your firewall
• An SMTP mail server or relay for email notifications (optional but recommended)

Step 1: Install Nginx, PHP, and MariaDB

Snipe-IT requires PHP 8.2 or later, a MySQL/MariaDB database, and a web server. We will install Nginx along with all required PHP extensions and MariaDB.

On Ubuntu 24.04

Start by updating the package index and installing the required packages:

sudo apt update
sudo apt install -y nginx mariadb-server php8.3 php8.3-fpm php8.3-mysql php8.3-gd php8.3-curl php8.3-mbstring php8.3-xml php8.3-zip php8.3-bcmath php8.3-tokenizer php8.3-ldap php8.3-intl php8.3-sodium php8.3-fileinfo php8.3-cli unzip git curl

Ubuntu 24.04 ships PHP 8.3 in its default repositories, which meets Snipe-IT’s requirement of PHP 8.2 or higher.

On Rocky Linux 10

Enable the EPEL and Remi repositories to get the latest PHP packages, then install everything:

sudo dnf install -y epel-release
sudo dnf install -y https://rpms.remirepo.net/enterprise/remi-release-10.rpm
sudo dnf module reset php
sudo dnf module enable php:remi-8.3
sudo dnf install -y nginx mariadb-server php php-fpm php-mysqlnd php-gd php-curl php-mbstring php-xml php-zip php-bcmath php-tokenizer php-ldap php-intl php-sodium php-fileinfo php-cli unzip git curl

Enable and start both Nginx and MariaDB so they run on boot:

sudo systemctl enable --now nginx mariadb php8.3-fpm

On Rocky Linux, the PHP-FPM service is named php-fpm instead of php8.3-fpm:

sudo systemctl enable --now nginx mariadb php-fpm

Confirm all services are running:

systemctl status nginx mariadb php8.3-fpm

Each service should show active (running) in the output.

Step 2: Create a MariaDB Database for Snipe-IT

Snipe-IT stores all asset data in a MySQL or MariaDB database. First, run the security hardening script to set a root password and remove test databases:

sudo mariadb-secure-installation

Follow the prompts to set a root password, remove anonymous users, disable remote root login, and drop the test database. Then log in and create the Snipe-IT database and user:

sudo mariadb -u root -p

Run these SQL statements to create the database, user, and grant privileges:

CREATE DATABASE snipeit CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'snipeit'@'localhost' IDENTIFIED BY 'StrongPassword123!';
GRANT ALL PRIVILEGES ON snipeit.* TO 'snipeit'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Replace StrongPassword123! with a strong, unique password. Save this password – you will need it for the Snipe-IT configuration file.

Step 3: Install Composer

Snipe-IT uses Composer to manage its PHP dependencies. Download and install Composer globally:

curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer

Verify the installation by checking the version:

composer --version

You should see Composer version 2.x in the output, confirming it is installed correctly.

Step 4: Download Snipe-IT

Clone the Snipe-IT repository from GitHub into your web server directory. We will place it under /var/www/snipeit:

sudo git clone https://github.com/snipe/snipe-it.git /var/www/snipeit
cd /var/www/snipeit
sudo git checkout v8.4.0

This checks out the latest stable release (v8.4.0 at the time of writing). Set the correct ownership so the web server can read and write the necessary files:

sudo chown -R www-data:www-data /var/www/snipeit

On Rocky Linux, the Nginx user is nginx instead of www-data:

sudo chown -R nginx:nginx /var/www/snipeit

Step 5: Configure the .env File

Snipe-IT stores all its configuration in a .env file. Copy the example configuration and edit it:

sudo cp /var/www/snipeit/.env.example /var/www/snipeit/.env
sudo vi /var/www/snipeit/.env

Update these key settings in the file:

# Application settings
APP_URL=https://assets.example.com
APP_TIMEZONE='UTC'
APP_LOCALE='en-US'

# Database settings
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=snipeit
DB_USERNAME=snipeit
DB_PASSWORD=StrongPassword123!

# Mail settings (adjust for your SMTP server)
MAIL_DRIVER=smtp
MAIL_HOST=smtp.example.com
MAIL_PORT=587
[email protected]
MAIL_PASSWORD=your-email-password
MAIL_ENCRYPTION=tls
[email protected]
MAIL_FROM_NAME='Snipe-IT'

Set APP_URL to the actual domain you will use for Snipe-IT. The database credentials must match what you created in Step 2. Mail settings are optional during installation but needed for sending notifications, password resets, and check-out alerts.

Step 6: Install Dependencies and Generate App Key

Install all PHP dependencies using Composer. Run this from the Snipe-IT directory:

cd /var/www/snipeit
sudo -u www-data composer install --no-dev --prefer-dist

On Rocky Linux, use nginx as the user:

cd /var/www/snipeit
sudo -u nginx composer install --no-dev --prefer-dist

This downloads and installs all required Laravel packages. It takes a few minutes depending on your server’s internet speed. After dependencies are installed, generate the application encryption key:

sudo php artisan key:generate --force

The key is automatically written to the APP_KEY field in your .env file. This key encrypts session data and other sensitive values – never share it or change it after deployment.

Step 7: Configure Nginx Virtual Host

Create an Nginx virtual host configuration for Snipe-IT. The web root must point to the public directory inside the Snipe-IT installation.

On Ubuntu 24.04

Create the Nginx configuration file:

sudo vi /etc/nginx/sites-available/snipeit.conf

Add the following server block configuration:

server {
    listen 80;
    server_name assets.example.com;
    root /var/www/snipeit/public;
    index index.php index.html;

    client_max_body_size 50M;

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-params.conf;
        fastcgi_pass unix:/run/php/php8.3-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }

    location ~ /\.ht {
        deny all;
    }
}

Replace assets.example.com with your actual domain name. Enable the site and remove the default configuration:

sudo ln -s /etc/nginx/sites-available/snipeit.conf /etc/nginx/sites-enabled/
sudo rm -f /etc/nginx/sites-enabled/default

On Rocky Linux 10

Create the configuration file in the conf.d directory:

sudo vi /etc/nginx/conf.d/snipeit.conf

Add this server block:

server {
    listen 80;
    server_name assets.example.com;
    root /var/www/snipeit/public;
    index index.php index.html;

    client_max_body_size 50M;

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        fastcgi_pass unix:/run/php-fpm/www.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

Test the Nginx configuration and reload:

sudo nginx -t
sudo systemctl reload nginx

The nginx -t command should return “syntax is ok” and “test is successful”. If you see any errors, check the configuration file for typos.

Step 8: Run the Snipe-IT Web Installer

With Nginx configured and running, open your browser and navigate to your domain:

http://assets.example.com

Snipe-IT’s pre-flight check page loads first. It validates your PHP version, required extensions, directory permissions, and database connectivity. Fix any red items before proceeding.

The installer walks through these steps:

• Pre-flight check – verifies all system requirements are met
• Database setup – runs migrations to create all database tables
• Admin user creation – set up the first admin account with email and password
• Company settings – configure your organization name, logo, and default preferences

After completing the installer, you land on the Snipe-IT dashboard where you can start adding assets, users, locations, and categories.

Step 9: Configure Firewall Rules

Your server firewall needs to allow HTTP and HTTPS traffic so users can reach the Snipe-IT web interface.

On Ubuntu 24.04 (UFW)

Allow Nginx through UFW firewall:

sudo ufw allow 'Nginx Full'
sudo ufw enable
sudo ufw status

The status output should show Nginx Full allowed from anywhere on both IPv4 and IPv6.

On Rocky Linux 10 (firewalld)

Open HTTP and HTTPS ports with firewalld:

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload
sudo firewall-cmd --list-all

Confirm that both http and https appear under the services list in the output.

Step 10: Secure Snipe-IT with Let’s Encrypt SSL

Running Snipe-IT over HTTPS is essential for production use. Asset data, user credentials, and API keys are transmitted through the web interface, so encryption is not optional. We will use Let’s Encrypt with Certbot to get a free SSL certificate.

On Ubuntu 24.04

Install Certbot and the Nginx plugin:

sudo apt install -y certbot python3-certbot-nginx

On Rocky Linux 10

Install Certbot from EPEL:

sudo dnf install -y certbot python3-certbot-nginx

Request and install the SSL certificate for your domain:

sudo certbot --nginx -d assets.example.com

Certbot automatically modifies your Nginx configuration to serve traffic over HTTPS and redirects HTTP to HTTPS. Follow the prompts to enter your email and agree to the terms of service.

After the certificate is installed, verify the auto-renewal timer is active:

sudo certbot renew --dry-run

A successful dry run confirms that automatic certificate renewal will work when the certificate approaches expiration (every 90 days).

Update the APP_URL in your .env file to use HTTPS if you have not already:

sudo sed -i 's|APP_URL=http://|APP_URL=https://|' /var/www/snipeit/.env

Clear the application cache to pick up the URL change:

cd /var/www/snipeit
sudo php artisan config:clear
sudo php artisan cache:clear

Conclusion

You now have Snipe-IT v8.4.0 running on Ubuntu 24.04 (or Rocky Linux 10) with Nginx, MariaDB, PHP 8.3, and Let’s Encrypt SSL. The web interface is accessible at your configured domain where you can start tracking hardware assets, software licenses, and consumables across your organization.

For a production deployment, set up regular database backups with mariadb-dump, configure SMTP for email notifications, and consider placing Snipe-IT behind a reverse proxy with rate limiting. Keep the application updated by pulling new releases from the Snipe-IT GitHub repository and running composer install after each update.