# Summary
If you are a no admin and are just looking for some user documentation, then please follow this link here or use the "Documentation Type" link at the top to switch.
# Overview
The Psono password manager consists of / requires multiple components:
Postgres Database
Our main datastore that holds all data. Postgres in version 13 is supported, but the latest version is recommended.
Psono server
The "core" of the system, doing all the logic. Exposing a REST interface for all clients to access. Can be installed bare metal or with a docker image.
Psono Webclient (optional)
The webclient allows clients to access their passwords without any installation. The webclient consists of no backend logic and runs completely in your browser with html and JavaScript.
Reverse Proxy
The reverse Proxy glues the server and client together and is responsible for the SSL offloading. Currently supported is nginx.
Psono browser extensions (optional)
Browser extensions are basically bundled versions of our webclient which extend the functionality with useful features, like password capture, form fill, quick search and so on.
Cache (optional)
Different caches are supported, e.g. Redis, memcache, local memory More infos can be found here: https://docs.djangoproject.com/en/2.2/topics/cache/ (opens new window)
Psono admin Webclient (optional)
Similar to the normal webclient a pure html / js client, that runs in your browser without backend logic. This client accesses a different set of APIs that are part of the Psono server and allow "promoted users" (e.g. your admins) to fulfil some tasks (e.g. reset a second factors of other users)
Psono Fileserver (optional)
A "on-premise" fileserver in your network, that can be added to your installation as storage provider for encrypted files.
# External components
Psono requires some
# Typical Setup
A typical Psono Setup looks like this:
# Advanced Setup
A more "advanced" Psono Setup with HA, a scaled Postgres Database with failover, a shared cache and an admin panel behind a VPN tunnel and a dedicated management instance, could look like this: