Hi,
I got Blank page but I can see the ‘Passbolt | ~~’ text on header
Can I know what information should I provide to get help? Where I can get the log?
hey @Yohan welcome to the forum!
To better help we’ll need some more information the two main ones are:
- The installation method you used(or at least the OS you are on)
- Output from the status-report, example for Debian:
su -s /bin/bash -c "/usr/share/php/passbolt/bin/status-report" www-data
Additionally it’ll help to know where you are in the installation process if you are still working through it
I used Docker, Portainer on Synology Nas DSM as installation method
I followed this guide
until step 27
Can I know how to get output from the status-report on my environment?
For reference, here is the official guide from passbolt: Passbolt Help | Docker passbolt installation
I have checked the guide but I don’t know what should I do 
Hi @Yohan ,
At step 24, can you check the value of APP_FULL_BASE_URL environment variable in your docker-compose file ?
It must match your domain name and start with the https:// part.
Cheers,
If I set
APP_FULL_BASE_URL: http://passbolt.myid.synology.me:9475
then visit http://passbolt.myid.synology.me:9475, I got a blank page
If I set
APP_FULL_BASE_URL: https://passbolt.myid.synology.me
then visit https://passbolt.myid.synology.me, It redirects to my Synology DSM page.
From which machine are you attempting access?
From the internet it should be https://passbolt.myid.synology.me The internal port of 9475 is where the reverse proxy sends the incoming connection. Unless you are attempying to access from the server itself, you should not be able to access port 9475.
Double check the hostname in step 6.
After I reset port-forwarding setting, I can connect passbolt with https://passbolt.myid.synology.me without port number.
When I visit the url I still get blank page 
https://passbolt.myid.synology.me/auth/login?redirect=%2F
This is my step 6 setting
My docker-compose file
version: “3.9”
services:
db:
image: mariadb:jammy
container_name: Passbolt-DB
hostname: passbolt-db
mem_limit: 512m
mem_reservation: 128m
cpu_shares: 768
security_opt:
- no-new-privileges:true
healthcheck:
test: [“CMD-SHELL”, “mysqladmin ping -P 3306 -prootpass | grep ‘mysqld is alive’ || exit 1”]
volumes:
- /volume1/docker/passbolt/db:/var/lib/mysql:rw
environment:
TZ: Europe/Bucharest
MYSQL_ROOT_PASSWORD: mariadbbpassword
MYSQL_DATABASE: passbolt
MYSQL_USER: passboltuser
MYSQL_PASSWORD: passboltpass
restart: on-failure:5
passbolt:
image: passbolt/passbolt:latest-ce-non-root
command:
- /bin/bash
- -c
- /usr/bin/wait-for.sh -t 0 db:3306 – /docker-entrypoint.sh
container_name: Passbolt
hostname: passbolt
mem_limit: 1g
cpu_shares: 512
security_opt:
- no-new-privileges:true
healthcheck:
test: curl -f http://localhost:8080/ || exit 1
ports:
- 9475:8080
volumes:
- /volume1/docker/passbolt/gpg:/etc/passbolt/gpg:rw
- /volume1/docker/passbolt/jwt:/etc/passbolt/jwt:rw
environment:
DEBUG: false
APP_FULL_BASE_URL: https://passbolt.myid.synology.me
DATASOURCES_DEFAULT_HOST: passbolt-db
DATASOURCES_DEFAULT_USERNAME: passboltuser
DATASOURCES_DEFAULT_PASSWORD: passboltpass
DATASOURCES_DEFAULT_DATABASE: passbolt
PASSBOLT_REGISTRATION_PUBLIC: true
EMAIL_DEFAULT_FROM: address@mail.com
EMAIL_TRANSPORT_DEFAULT_HOST: smpt.mail.com
EMAIL_TRANSPORT_DEFAULT_PORT: 465
EMAIL_TRANSPORT_DEFAULT_USERNAME: address@mail.com
EMAIL_TRANSPORT_DEFAULT_PASSWORD: samplepassword
EMAIL_TRANSPORT_DEFAULT_TLS: true
restart: on-failure:5
depends_on:
db:
condition: service_started
If MYSQL_ROOT_PASSWORD or EMAIL TRANSPORT Setting is wrong, do I get blank page?
@Yohan It’s good that it does not need the port anymore. 
When I navigate to your site, the page source looks ok to me, but can you see any errors when you inspect the browser page in DevTools?
Do you have command line access to look for any errors in the container? Can you list the healhcheck?
I don’t see any errors when I inspect
I found this log when I visit the url
2023-02-12 06:12:03,141 INFO reaped unknown pid 4220 (exit status 0)
2023-02-12 06:12:03,141 INFO reaped unknown pid 4222 (exit status 0)
2023/02/12 06:12:28 [info] 182#182: *440 client 127.0.0.1 closed keepalive connection
Healthcheck
www-data@passbolt:/usr/share/php/passbolt$ bin/cake passbolt healthcheck
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///./_//__/
Open source password manager for teams
———————————————————————————————————————
Healthcheck shell
———————————————————————————————————————
Environment
[PASS] PHP version 7.4.33.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[WARN] The passbolt config file is missing in /etc/passbolt/
[HELP] Copy /etc/passbolt/passbolt.default.php to /etc/passbolt/passbolt.php
[HELP] The passbolt config file is not required if passbolt is configured with environment variables
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://passbolt.myid.synology.me
[PASS] App.fullBaseUrl validation OK.
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in /etc/passbolt/passbolt.php
[HELP] Check the network settings
SSL Certificate
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] Check Passbolt Help | Troubleshoot SSL
Database
[FAIL] The application is not able to connect to the database.
[HELP] Double check the host, database name, username and password in /etc/passbolt/passbolt.php.
[HELP] Make sure the database exists and is accessible for the given database user.
[FAIL] No table found
[HELP] Run the install script to install the database tables
[HELP] sudo su -s /bin/bash -c “/usr/share/php/passbolt/bin/cake passbolt install” www-data
[FAIL] No default content found
[HELP] Run the install script to set the default content such as roles and permission types
[HELP] sudo su -s /bin/bash -c “/usr/share/php/passbolt/bin/cake passbolt install” www-data
[FAIL] The database schema is not up to date.
[HELP] Run the migration scripts:
[HELP] sudo su -s /bin/bash -c “/usr/share/php/passbolt/bin/cake migrations migrate --no-lock” www-data
[HELP] See. Passbolt Help | Update
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
[FAIL] The server OpenPGP key is not set
[HELP] Create a key, export it and add the fingerprint to /etc/passbolt/passbolt.php
[HELP] See. Passbolt Help | Installation
[PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
[FAIL] The server key fingerprint doesn’t match the one defined in /etc/passbolt/passbolt.php.
[HELP] Double check the key fingerprint, example:
[HELP] sudo su -s /bin/bash -c “gpg --list-keys --fingerprint --home /var/lib/passbolt/.gnupg” www-data | grep -i -B 2 ‘SERVER_KEY_EMAIL’
[HELP] SERVER_KEY_EMAIL: The email you used when you generated the server key.
[HELP] See. Passbolt Help | Installation
[FAIL] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is not in the keyring
[HELP] Import the private server key in the keyring of the webserver user.
[HELP] you can try:
[HELP] sudo su -s /bin/bash -c “gpg --home /var/lib/passbolt/.gnupg --import /etc/passbolt/gpg/serverkey_private.asc” www-data
[FAIL] The server key does not have a valid email id.
[HELP] Edit or generate another key with a valid email id.
Application configuration
[PASS] Using latest passbolt version (3.10.0).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] The Self Registration plugin is enabled.
[PASS] Registration is closed, only administrators can add users.
[PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
[WARN] Host availability checking is disabled.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
[HELP] Or set passbolt.email.validate.mx to true in /etc/passbolt/passbolt.php.
[PASS] Serving the compiled version of the javascript app.
[PASS] All email notifications will be sent.
JWT Authentication
[PASS] The JWT Authentication plugin is enabled
[PASS] The /etc/passbolt/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found
SMTP Settings
[PASS] The SMTP Settings plugin is enabled.
[PASS] SMTP Settings coherent. You may send a test email to validate them.
[WARN] The SMTP Settings source is: env variables.
[HELP] It is recommended to set the SMTP Settings in the database through the administration section.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /etc/passbolt/passbolt.php.
[FAIL] 11 error(s) found. Hang in there!
www-data@passbolt:/usr/share/php/passbolt$
Thanks for your help! 
You set this as base url:
But according to the screenshot you shared for step 6, it is not the correct url.
You must replace myid with your real synology id.
Best,
For security, I type myid on address.(It’s sample address) I type all same address on step 6 and APP_FULL_BASE_URL. (Updated the step 6 image)
When comparing to the default passbolt_docker/docker-compose-ce.yaml at master · passbolt/passbolt_docker · GitHub
It’s routing to 8080 instead of 80, which I would change.
It seems to be at step 5 in the official guide, otherwise.
Ok so it must be creating a reverse proxy container. Someone else is probably more familiar with these 3rd party systems. Hopefully they will have some insight.
Instead of 9475 can you choose 8080 and then make the compose file 8080:80?
[edit: this was a bad suggestion… non-root is being used]
Not work. If I change the port on docker-compose, I can see other error page.
(I can’t see Passbolt header text and blank page if I change the port)
What if you remove the db hostname line and do:
DATASOURCES_DEFAULT_HOST: "db"
My general recommendation is to make the compose file as close to the official one as possible.
Hello, Marius here. Looks like you have forgotten to activate websocket at STEP 7. Also on your compose you write http:// it should be https:// as per instructions in the article you don’t have to put any port after the https link.
3 Likes