Docker-CE Passbolt-CE not sending registration emails but test works

Installation Issues
1

Trying to get this setup, but I’m a complete noob with docker, and 76% of one with Linux. Finally got it spun up with docker-compose on a VM Ubuntu 18.04 LTS Server - freshly created.

The test email will work using my configuration, but nothing else seems to send one out. Neither user registration or user recovery.

sudo docker-compose exec passbolt bin/cake passbolt send_test_email --recipient=xxx@xxx.com

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
---------------------------------------------------------------
 Debug email shell
---------------------------------------------------------------

Email configuration
---------------------------------------------------------------
Host: smtp.gmail.com
Port: 587
Username: xxx
Password: *********
TLS: true

Sending email from: xxx
Sending email to: xxx
---------------------------------------------------------------

Trace
[220] smtp.gmail.com ESMTP 2-v6sm11303340iom.34 - gsmtp
> EHLO localhost
[250] smtp.gmail.com at your service, [136.63.231.178]
[250] SIZE 35882577
[250] 8BITMIME
[250] STARTTLS
[250] ENHANCEDSTATUSCODES
[250] PIPELINING
[250] CHUNKING
[250] SMTPUTF8
> STARTTLS
[220] 2.0.0 Ready to start TLS
> EHLO localhost
[250] smtp.gmail.com at your service, [136.63.231.178]
[250] SIZE 35882577
[250] 8BITMIME
[250] AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
[250] ENHANCEDSTATUSCODES
[250] PIPELINING
[250] CHUNKING
[250] SMTPUTF8
> AUTH LOGIN
[334] VXNlcm5hbWU6
> *****
[334] UGFzc3dvcmQ6
> *****
[235] 2.7.0 Accepted
> MAIL FROM:<xxx>
[250] 2.1.0 OK 2-v6sm11303340iom.34 - gsmtp
> RCPT TO:<xxx>
[250] 2.1.5 OK 2-v6sm11303340iom.34 - gsmtp
> DATA
[354] Go ahead 2-v6sm11303340iom.34 - gsmtp
> From: xxx
To: xxx
Date: Wed, 23 May 2018 21:21:40 +0000
Message-ID: <4cdeb8ed3be84cfe8736807992e8c52a@e7ae73d9fee8>
Subject: Passbolt test email
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Congratulations!
If you receive this email, it means that your passbolt smtp configuration is working fine.




.
[250] 2.0.0 OK 1527110501 2-v6sm11303340iom.34 - gsmtp
> QUIT

The message has been successfully sent!

Also, I dumbed down the standard docker-compose.yml since I’ve got DB covered already:

version: '3.4'
services:
  passbolt:
    image: passbolt/passbolt:2.0.7-debian
    tty: true
    env_file:
      - env/passbolt.env
    volumes:
      - gpg_volume:/var/www/passbolt/config/gpg
      - images_volume:/var/www/passbolt/webroot/img/public
    ports:
      - ###:443

volumes:
  images_volume:
  gpg_volume:
2

sudo docker-compose exec passbolt su -s /bin/bash -c “./bin/cake passbolt healthcheck” www-data

 ____                  __          ____
/ __ \____  _____ ____/ /_  ____  / / /_

/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///./_//__/

Open source password manager for teams

Healthcheck shell

Environment

[PASS] PHP version 7.2.5.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable.
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.

Config files

[PASS] The application config file is present
[WARN] The passbolt config file is missing in /var/www/passbolt/config/
[HELP] Copy /var/www/passbolt/config/passbolt.php.default to /var/www/passbolt/config/passbolt.php
[HELP] The passbolt config file is not required if passbolt is configured with environment variables

Core config

[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://xxx.com:###
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.

SSL Certificate

[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] fopen(): Peer certificate CN=www.passbolt.local' did not match expected CN=xxx.com
fopen(): Failed to enable crypto
fopen(https://xxx.com:###/healthcheck/status.json): failed to open stream: operation failed

Database

[PASS] The application is able to connect to the database
[PASS] 18 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.

GPG Configuration

[PASS] PHP GPG Module is installed and loaded.
[PASS] The server gpg key is not the default one
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The public key can be used to sign a message.
[PASS] The public key can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.

Application configuration

[PASS] Using latest passbolt version (2.0.7).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.

2 error(s) found. Hang in there!

3

Hi @joshleonhart!

Thanks for your report! Could you check if you have any logs in /var/log/cron.log and also check if executing the email task manuall outputs any problem:

su -c "./bin/cake EmailQueue.sender" -s /bin/bash www-data

4

Well that’s odd. Lots of these:

SMTP server did not accept the password.
Email 13 was not sent

This didn’t return anything

sudo docker-compose exec passbolt su -c “./bin/cake EmailQueue.sender” -s /bin/bash www-data

So I tried from a shell in the container (I think…) and got the same result:

root@e7ae73d9fee8:/var/www/passbolt# su -c “./bin/cake EmailQueue.sender” -s /bin/bash www-data
root@e7ae73d9fee8:/var/www/passbolt#

5

Please check the env variables of the www-data user and ensure they are correct: su -c "env | grep EMAIL" -s /bin/bash www-data

6 
su -c "env | grep EMAIL" -s /bin/bash www-data
EMAIL_TRANSPORT_DEFAULT_PASSWORD=ishouldsetupapppassword
EMAIL_DEFAULT_FROM=xxx@xxx.com
EMAIL_TRANSPORT_DEFAULT_USERNAME=xxx
EMAIL_TRANSPORT_DEFAULT_TLS=true
EMAIL_TRANSPORT_DEFAULT_HOST=smtp.gmail.com
EMAIL_TRANSPORT_DEFAULT_PORT=587

Seems in order there.

7

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.