whazaza
December 12, 2022, 5:56pm
1
Modify and comment out the “nginx-passbolt.conf” file:
Modified lines:
#listen [::]:80;
fastcgi_pass 10.250.2.89:3000;
modify these lines since I do not have ipv6 on the server
and I can’t enable ipv6 either since the administration is limited
but when I want to enter the front of the application, nginx marks a 502
docker compose:
version: '3.3'
services:
db:
image: mariadb:10.3
restart: unless-stopped
environment:
MYSQL_RANDOM_ROOT_PASSWORD: "true"
MYSQL_DATABASE: "passbolt"
MYSQL_USER: "passbolt"
MYSQL_PASSWORD: "P4ssb0lt"
volumes:
- ./pass/database_volume:/var/lib/mysql
passbolt:
image: passbolt/passbolt:latest-ce
#Alternatively you can use rootless:
#image: passbolt/passbolt:latest-ce-non-root
restart: unless-stopped
depends_on:
- db
environment:
APP_FULL_BASE_URL: http://10.250.2.89/
DATASOURCES_DEFAULT_HOST: "db"
DATASOURCES_DEFAULT_USERNAME: "passbolt"
DATASOURCES_DEFAULT_PASSWORD: "P4ssb0lt"
DATASOURCES_DEFAULT_DATABASE: "passbolt"
volumes:
- ./pass/gpg_volume:/etc/passbolt/gpg
- ./pass/jwt_volume:/etc/passbolt/jwt
- ./nginx:/etc/nginx/sites-enabled/
command: ["/usr/bin/wait-for.sh", "-t", "0", "db:3306", "--", "/docker-entrypoint.sh"]
ports:
- 3000:80
- 443:443
#Alternatively for non-root images:
# - 8080:80
# - 4443:433
volumes:
database_volume:
gpg_volume:
jwt_volume:
Logs error:
passbolt_1 | 10.72.2.181 - - [12/Dec/2022:17:44:50 +0000] "GET / HTTP/1.1" 502 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"
passbolt_1 | 192.168.160.1 - - [12/Dec/2022:17:44:50 +0000] "\x01\x01\x00\x01\x00\x08\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x01\x04\x00\x01\x03\xEC\x04\x00\x0C\x00QUERY_STRING\x0E\x03REQUEST_METHODGET\x0C\x00CONTENT_TYPE\x0E\x00CONTENT_LENGTH\x0B" 400 150 "-" "-"
passbolt_1 | 2022/12/12 17:44:50 [error] 159#159: *1 upstream sent unsupported FastCGI protocol version: 72 while reading response header from upstream, client: 10.72.2.181, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://10.250.2.89:3000", host: "10.250.2.89:3000"
antony
December 13, 2022, 7:57am
2
Hello @whazaza welcome to the forum
We need a bit more context on this one, which OS are you on but also since you are writing version 3.3, are you using Docker 17.06.0 or less?
Can you fill this checklist to provide more context?
About the Installation Issues category
Thanks in advance
whazaza
December 13, 2022, 1:08pm
3
OS: Debian 9Attaching to passbolt_passbolt_1, passbolt_db_1passbolt_1 | wait-for.sh: wa - Pastebin.com Passbolt Help | Docker passbolt installation
When installing for the first time I ran into the following error:
nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol)
To solve the error according to what you investigate, you must comment the line:
#listen [::]:80;
after that i can access the nginx through the web browser but with a 502 error
garrett
December 13, 2022, 2:08pm
4
Try replacing with listen 80; and see if that helps.
whazaza
December 13, 2022, 3:02pm
5
this is my current setup and i have 502 error
file:nginx-passbolt.conf (site-enabled)
# Passbolt.conf - Nginx configuration file to run the Passbolt software.
#
server {
listen 80;
#listen [::]:80;
# Managed by Passbolt
# server_name
client_body_buffer_size 100K;
client_header_buffer_size 1K;
client_max_body_size 5M;
client_body_timeout 10;
client_header_timeout 10;
keepalive_timeout 5 5;
send_timeout 10;
root /usr/share/php/passbolt/webroot;
index index.php;
error_log /var/log/nginx/passbolt-error.log info;
access_log /var/log/nginx/passbolt-access.log;
# Managed by Passbolt
# include __PASSBOLT_SSL__
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass 10.250.2.89:3000;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SERVER_NAME $http_host;
fastcgi_param PHP_VALUE "upload_max_filesize=5M \n post_max_size=5M";
}
location ~* \.(jpe?g|woff|woff2|ttf|gif|png|bmp|ico|css|js|ejs|json|pdf|zip|htm|html|docx?|xlsx?|pptx?|txt|wav|swf|svg|woff2|avi|mp\d)$ {
log_not_found on;
rewrite ^/([^/]+)/([img|css|js|fonts|locales]+)/(.*)$ /$2/$3 break;
rewrite ^/([^/]+)/favicon.ico$ /favicon.ico break;
try_files $uri $uri/ /index.php?$args;
}
}
garrett
December 13, 2022, 7:49pm
6
Can you explain more why the change here? It should not need to be changed. Also if you are not wanting ssl, port 443 does not need to be routed to the container.
whazaza
December 14, 2022, 1:34pm
7
after trying to solve the IPV6 problem by commenting out the following line:
#listen [::]:80;
Try to solve the 502 and try what you mention in this post
Thanks for your feedback about your installation issue. I think it can help other users.
By the way, the default with Ubuntu 20.04 is now to use a socket (/run/php/php7.4-fpm.sock) instead of a TCP connection (127.0.0.1:9000).
Another solution is to edit your nginx configuration file and use this socket:
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
Instead of the TCP connection:
fastcgi_pass 127.0.0.1:9000;
whazaza
December 16, 2022, 2:53pm
8
Could someone help me in our organization? We are looking forward to testing this tool.
max
December 16, 2022, 7:19pm
9
I have difficulty to understand why you made all of those changes?
I have read intro post: About the Installation Issues category