Good morning,
At my company, we’re currently running a trial to assess the feasibility of using Passbolt; we currently use KeePass.
We’re currently noticing some slowness when performing certain operations; this may be down to a design flaw in our infrastructure. I need to test a couple of things, but I wanted to ask…
Which database is more recommended for Passbolt: MariaDB or PostgreSQL?
We’re particularly interested in this information to ensure the application runs as smoothly as possible.
It is currently set up on PostgreSQL. If you really recommend MariaDB, is there any way to migrate what we’ve already tested from PostgreSQL to MariaDB, or do we need to start the database from scratch?
Many thanks for your help,
Best regards
G’day Lou.
I would recommend that you start from a clean install using MariaDB.
While PostgreSQL is run by passbolt staff on their personal instances and customers do run it, MariaDB is currently better supported.
Technical example: uuid type is CHAR(36) on MariaDB but PostgreSQL has a native uuid type. So there are some issues with JOINS if the migration doesn’t convert those tables correctly.
So yes, you can absolutely migrate from postgres to mariadb, it’s open source, go wild!
However the best analogy I can give you is that you can also dist-upgrade your Linux server to the next major release.
But should you? (also ‘No’)
The risk of introducing potential bugs that could be avoided by taking off and nuking the entire site from orbit is worth the effort now rather than potential troubleshooting later.
It’s the only way to be sure.
Please take my suggestions in the spirit of helpfulness with which they are intended 
Cheers
Gareth
Good morning,
First of all, thank you for your response.
I still have doubts about whether there’s a real improvement in terms of access speeds due to the type of database in Passbolt.
Better support or testing doesn’t necessarily mean significantly better performance, and that’s what I want to know—whether it’s worth the effort or not—because we’ve already spent quite a bit of time loading real data to run real tests, and we don’t want to waste time if this isn’t a significant improvement.
We currently have Passbolt running on AWS EC2 (eu-south-2) (Ubuntu 24.04), and the database is on an RDS (eu-west-1) (PostgreSQL). We know that the difference in regions could be one of the causes of the slowness we’ve observed, so we’re going to run a quick test by simply moving the database to eu-south-2, which is our closest region.
Still, I’d like to know if switching to MariaDB would be a significant enough improvement as the next step toward greater optimization and speed. We don’t want to do this unless it’s a significant improvement, since starting the database from scratch will create a lot of work for us—we’re a small team of two people, and we have many other items on our roadmap.
Sorry for going back and forth on the same topic; we want to be sure of everything before taking action.
Thank you very much,
Best regards
G’day Lou,
Your plan of moving the database into eu-south-2 to be in the same region as the EC2 instance is the right next step, and it will have a far larger impact than any engine change.
eu-south-2 (Madrid) to eu-west-1 (Dublin) is around 170 ms RTT. A single passbolt page load fires multiple serialised database queries, so at 170 ms each that adds up to seconds of pure network wait per page. Co-locating the database and the web server will solve your timing issues IMHO.
Switching from PostgreSQL to MariaDB is highly unlikely to give you a meaningful performance improvement.
A bit of context on why the engine itself does not move the needle for passbolt:
Most of the heavy work is in the browser extension, not the server. Passbolt is zero-knowledge, so all encryption, decryption, and signature verification happens in the browser via OpenPGP.js. The server stores ciphertext and shuffles it around. The database never sees plaintext and does no crypto work. Since the v5 resource format introduced encrypted metadata, even loading the resource list has a per-row decryption cost on the client. None of that is affected by whether you use MariaDB or PostgreSQL.
The server-side database workload is light and well within both engines’ capabilities. What people perceive as “passbolt is slow” is almost always one of three things: network round trip time to the database (your case), browser CPU and extension version handling client-side decryption, or PHP-FPM tuning on the app server. The performance tweaks page covers some PHP-FPM and Nginx settings: https://www.passbolt.com/docs/hosting/troubleshooting/performance-tweaks/
That said, MariaDB is the better operational choice if you do decide to start fresh:
Let us know how your testing goes.
Chat soon.
Gareth
