Developer Tools Azure

MantisBT 2.28 on Ubuntu 24.04 on Azure User Guide

| Product: MantisBT 2.28 on Ubuntu 24.04 LTS on Azure

Overview

MantisBT is the long established open source web based issue and bug tracker. It captures bugs and feature requests with custom fields, severities and priorities, routes them through configurable workflows and projects, notifies stakeholders by email, and lets your team filter and save custom views from a clean web dashboard. The cloudimg image installs MantisBT 2.28 from the official release, fronted by nginx with PHP 8.3 and backed by a local MariaDB, all from the Ubuntu 24.04 noble archive with no third party APT repositories. The web installer has already been run and removed, and MantisBT's well known default administrator login has been rotated away, so you land directly on the sign in page.

What is included:

  • MantisBT 2.28.4 from the official release, served from /var/www/mantisbt
  • nginx with the MantisBT vhost at /etc/nginx/sites-available/cloudimg-mantisbt
  • PHP 8.3 with the mysqli, mbstring, gd, curl, intl, xml, soap, zip, bcmath, apcu and opcache extensions
  • MariaDB with the bugtracker database and mantisbt app user on loopback only
  • mantisbt-firstboot.service rotating the MariaDB password, the configuration secret ($g_crypto_master_salt) and the administrator password per instance
  • The MariaDB database on a dedicated Azure data disk mounted at /var/lib/mysql
  • nginx, php8.3-fpm and mariadb enabled and auto starting on boot
  • 24/7 cloudimg support

Prerequisites

An active Azure subscription, an SSH key, and a VNet with a subnet. Standard_B2s (2 vCPU, 4 GB RAM) suits a small team; move up to a larger burstable or a D series size for busier projects. Open ports 80 and 443 on the network security group, plus 22 for SSH from your management address.

Step 1 to 3: Deploy and connect

Deploy the image from the Azure Marketplace, then connect over SSH:

ssh azureuser@<vm-ip>

Step 4: Verify the services

MantisBT is served by nginx on port 80, which passes PHP to php8.3-fpm, which talks to MariaDB on the loopback interface. Confirm all three are running:

sudo systemctl is-active nginx php8.3-fpm mariadb
sudo ss -tlnp | grep ':80 '

nginx, php8.3-fpm and mariadb all active, the nginx, PHP 8.3.x, MariaDB and MantisBT 2.28.x versions, and nginx listening on port 80

Step 5: Read the first boot credentials

On the first boot of your instance, mantisbt-firstboot.service generated a fresh MariaDB password, a fresh $g_crypto_master_salt and a fresh administrator password, all unique to this VM, and wrote them to a root only file:

sudo systemctl is-active mantisbt-firstboot.service
sudo cat /root/mantisbt-credentials.txt

The mantisbt-firstboot service reporting active and the root only credentials file listing the sign in URL, the administrator user and the per instance passwords, masked in this capture

Step 6: The installed tracker database

The web installer imported the full MantisBT schema and created the administrator account before the image was captured. Its default administrator / root login has been rotated to a random per VM password, so no shared credential ships in the image:

sudo mariadb -N -B bugtracker -e "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema='bugtracker' AND table_name LIKE 'mantis\_%';"
sudo mariadb -N -B bugtracker -e "SELECT username, access_level, enabled FROM mantis_user_table WHERE access_level=90;"

The MantisBT database showing 32 mantis tables, the config table populated, the administrator account at access level 90 enabled, and the default password check reporting rotated per VM

Step 7: Endpoints and the data disk

The health endpoint, the sign in page and the index all answer on nginx, and the MariaDB datadir lives on the dedicated Azure data disk, kept off the OS disk:

curl -s -o /dev/null -w '/healthz -> %{http_code}\n' http://127.0.0.1/healthz
curl -s -o /dev/null -w '/login_page.php -> %{http_code}\n' http://127.0.0.1/login_page.php
findmnt -no SOURCE,TARGET,FSTYPE,SIZE /var/lib/mysql

The health endpoint and the sign in page returning HTTP 200, the index redirecting to login, the MariaDB datadir mounted on the dedicated ext4 data disk, and MariaDB bound to loopback only

Step 8: Sign in

Browse to http://<vm-ip>/ and sign in as administrator with the password from /root/mantisbt-credentials.txt. MantisBT asks for the username first, then the password.

The MantisBT sign in page served on first boot, branded with the MantisBT logo

Step 9: The My View dashboard

After signing in you land on My View, which groups the issues assigned to you, unassigned issues and issues you reported, with a timeline of recent activity.

The MantisBT My View dashboard showing issues grouped by Assigned to Me, Unassigned and Reported by Me, with severity and priority indicators

Step 10: Report an issue

Use Report Issue to file a bug or feature request. Pick a category, set the reproducibility, severity and priority, and describe the issue. Create a project first from Manage if you have not already.

The MantisBT Report Issue form with fields for category, reproducibility, severity, priority, assignee, summary, description and steps to reproduce

Step 11: View and filter issues

View Issues lists every issue in the current project with its priority, severity, status and assignee, and lets you filter, search, sort and export to CSV or Excel.

The MantisBT View Issues list showing several issues with their category, severity, status and summary, plus filter, search and export controls

Step 12: The base URL

MantisBT builds absolute links (redirects, e-mail notifications, RSS feeds) from $g_path. First boot sets it to http://<your-vm-ip>/. If you front MantisBT with a domain name or a reverse proxy, or you enable HTTPS, update $g_path in /var/www/mantisbt/config/config_inc.php to match, then reload nginx:

sudo sed -i "s#\$g_path = 'http://[^']*';#\$g_path = 'https://tracker.example.com/';#" /var/www/mantisbt/config/config_inc.php
sudo systemctl reload php8.3-fpm

Step 13: Components

Component Detail
MantisBT 2.28.4 from the official release, at /var/www/mantisbt
Web server nginx serving PHP via php8.3-fpm over a unix socket
PHP 8.3 with mysqli, mbstring, gd, curl, intl, xml, soap, zip, bcmath, apcu, opcache
Database MariaDB, bugtracker database, mantisbt app user, loopback only
Data disk dedicated Azure data disk mounted at /var/lib/mysql
First boot mantisbt-firstboot.service rotates the DB, configuration secret and admin passwords
Health check GET /healthz returns HTTP 200 for Azure Load Balancer probes

Step 14: Security

  • The default administrator / root login is rotated to a random per instance password on first boot; the shipped image carries a discarded random value, so no known credential ships.
  • The MariaDB password, the $g_crypto_master_salt and the administrator password are all unique to each VM.
  • MariaDB binds to 127.0.0.1 only. Keep port 3306 closed on the network security group; nothing outside the VM needs it.
  • Issues, notes and attachments are stored in the database ($g_file_upload_method = DATABASE) on the dedicated data disk.
  • Public self registration is disabled by default ($g_allow_signup = OFF). Create users from Manage, Manage Users.
  • To enable HTTPS, place a TLS certificate on the instance (or front it with an Azure Application Gateway / Load Balancer) and update $g_path as in Step 12. cloudimg support can help.

Licensing

MantisBT is distributed under the GNU General Public License version 2 or later (GPL-2.0-or-later). This image bundles MantisBT unmodified from its official release. MantisBT is a trademark of its respective owners. This image is not affiliated with, endorsed by, or sponsored by the MantisBT project. cloudimg packages, configures and supports the image; the MantisBT software remains under its own license.