Skip to main content

Install OpenProject on Debian 12, with NGINX

OpenProject's official documentation provides many ways you can use to install OpenProject. You can choose to install via a package manager on bare metal or virtual machine, install via docker, or install with Kubernetes. 

Screenshot 2023-10-13 190224.pngIn this guide, I will go over installing OpenProject on a Debian 12 system. 

The official documentation has the installation steps for Debian 12 using the root user. 

Screenshot 2023-10-13 190245.png

However, as I prefer to run commands with a sudo user instead on a Debian system, I took a look at the Ubuntu installation steps, and used those commands instead, with modifying the package source to be the Debian one. 

Screenshot 2023-10-13 190354.png

Prerequisites for Debian 12 Minimal Installations

On a fresh, new Debian 12 Minimal Installations, you will need to install the following prerequisites packages before you can successfully install OpenProject.

sudo apt install apt-transport-https ca-certificates wget 

Screenshot 2023-10-13 190849.png


Import the OpenProject PGP key that is used to sign the OpenProject packages:

wget -qO- | sudo apt-key add -

Screenshot 2023-10-13 191004.png

Add the OpenProject package source:

sudo wget -O /etc/apt/sources.list.d/openproject.list \

Screenshot 2023-10-13 191110.png

Update the package repo, and install OpenProject

sudo apt update -y
sudo apt install openproject

Screenshot 2023-10-13 192817.png

After a while, OpenProject will be installed.

Screenshot 2023-10-13 192919.png

At this point, OpenProject is not yet ready to be used. You will need to perform some initial configurations first. 

Initial Configurations

To start configuring OpenProject, run the following:

sudo openproject reconfigure

You will be greeted with the GUI for the OpenProject initial configuration.

Select default unless you know you need the BIM version of OpenProject.


Choose Install PostgreSQL server and database locally for a simple setup.


As I prefer to use NGINX as my web server, I choose to skip the web server install step. I will cover setting up the NGINX config later on. 

You can choose to let the GUI configuration setup apache2 for you. 


Choose Install new memcached server


Give your server a FQDN.


Enable SSL. 


Set the login email address for your initial admin account.


Choose your language.


OpenProject will now go through all the configuration processes. 


After a while, OpenProject will finish configuring itself. If you have choose the apache2 setup in the GUI step, you can head over to https://your-openproject-server-FQDN and explore the web interfaces.

Otherwise, continue on to install the NGINX components.

Install and Configure NGINX

Install NGINX from the package repository.

sudo apt install nginx -y


NGINX Configs

Create a new NGINX config file at /etc/nginx/sites-available, using your preferred text editor such as nano.

I named my config file openproject to keep it simple. Modify and paste the following into the new file, and save. 

server {
    server_tokens off;
    listen 443 ssl http2;

    root /opt/openproject/public; #Your OpenProject Location. By default, OpenProject is install in /opt/openproject/public
    index index.html index.htm index.php;

    access_log /var/log/nginx/;
    error_log  /var/log/nginx/ error;

    server_name; #Change this to your OpenProject Server FQDN

    charset utf-8;

    add_header Referrer-Policy "no-referrer-when-downgrade" always;
    add_header X-Content-Type-Options nosniff always;
    add_header X-Frame-Options DENY always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Cache-Control "no-transform";

    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 24h;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES;
    ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1;

    ssl_certificate /etc/letsencrypt/live/; #Replace this with your SSL Certs
    ssl_certificate_key /etc/letsencrypt/live/; #Replace this with your SSL Key

    location / {
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_read_timeout  1200s;

        client_max_body_size 0;

    location = /favicon.ico { log_not_found off; access_log off; }
    location = /robots.txt  { log_not_found off; access_log off; }

    # block access to all hidden files except .well-known
    location ~* /\.(?!well-known\/) {
        deny all;



Test your NGINX config file

sudo nginx -t


If NGINX config test is successful, enable NGINX to auto-start on boot.

sudo systemctl enable nginx


If you have UFW enabled on your system, make sure you allow HTTPS on the UFW

sudo ufw status verbose
sudo ufw allow https


That's it! You should now be able to reach your OpenProject server at https://your-openproject-server-FQDN


Initial Sign In

The default credential for OpenProject Admin account is admin:admin. Change this upon first login!



Use a strong passphrase! 



Choose your preferred language.


You can now start looking around and explore OpenProject.