From a shell on your instance, run the following:


curl -sSL | sudo bash

📘 Air-Gapped Deployment

Please note that Opal also offers an air-gapped deployment model. Please speak with your support representative to use this option.

The installation will take 5-10 minutes and you'll be presented with a message on how to access the rest of the setup via the web. This will be usually be located at https://<HOSTNAME>:8800. During this time we recommend creating your own TLS certificate for your intended domain.

🚧 Store your admin password somewhere safe

The password given to you is how you gain access to manage your installation of Opal! Don't lose it, otherwise you'll have trouble accessing your deployment. If you do, contact us at [email protected] and we'll help you recover it.

You'll see an SSL warning when you first connect to the admin web page. This is expected and you'll need to proceed with the connection anyway.

Continue installation in browser

  • If using a DNS record, you'll need to upload a valid TLS certificate for that domain.

For testing purposes you may skip the TLS configuration and a self signed certificate will be used. In this case the default hostname of the instance will be used.

Example with AWS:

  • Upload the provided license file.


  • Enter the hostname that will be used for reaching the Opal application. This should match the DNS record set up earlier, or the default hostname of the instance if running in testing mode.

  • Enter email settings. G Suite SMTP relay is currently the only supported option. You may enter the following values for G Suite:

SMTP server: 
SMTP port: 587
  • Select whether to use an embedded PostgreSQL database or external, such as RDS. You may select embedded for testing purposes.

    • Note: AWS Aurora is not supported.

    • If using AWS RDS, select PostgreSQL version 12, with a minimum of 50GB of storage.

A set of pre-flight checks will now run on the instance and indicate any failures. You can either fix the issues and re-run the checks, or ignore the warnings and proceed.

The next screen shows the admin dashboard where we can monitor the health of the instance, as well as managing updates.

We recommend setting up an ALB in front of the instance to access Opal if running on AWS. This also simplifies the TLS configuration. Follow instructions in this article.

You may now start using Opal. Open https://<HOSTNAME>.

Setting up SMTP

  • Click here to set up Opal with G Suite SMTP relay.

Scroll down to SMTP relay service and click Edit:

  • Set Allowed senders to Only addresses in my domain.

  • Check the box Only accept mail from the specified IP addresses, and enter the public IP address of the instance where Opal is installed.

  • Leave Require SMTP Authentication and Require TLS encryption unchecked. Note that Opal emails are being sent over TLS.

  • Click Save. Then click Save again at the bottom.


Learn how to update Opal with ease.

Did this answer your question?