I am trying to get passbolt up and running in a local network. I don’t want to make my server accessible from a public IP, instead, I can access it using the local IP and connecting to a VPN that I have up and running that exposes the local network.
To get passbolt up and running I have followed the docker installation guide. The system works fine and I can add users using the docker command, also users can log in add passwords, etc, etc. So far so good!
However, we have realized that emails are not being sent. We realized when I was trying to recover an account.
Here is how I launch the docker:
docker run --name passbolt \
--net passbolt_network \
-p 443:443 -p 80:80 \
-e DATASOURCES_DEFAULT_HOST=mariadb \
-e DATASOURCES_DEFAULT_PASSWORD=mariadbpassword \
-e DATASOURCES_DEFAULT_USERNAME=mariadbusername \
-e DATASOURCES_DEFAULT_DATABASE=passbolt_db \
-e APP_FULL_BASE_URL=https://192.168.8.241 \
-e EMAIL_DEFAULT_FROM=myemail@myemailserver.com \
-e EMAIL_TRANSPORT_DEFAULT_HOST=smtp.myemailserver.es \
-e EMAIL_TRANSPORT_DEFAULT_PORT=587 \
-e EMAIL_TRANSPORT_DEFAULT_TLS=true \
-e EMAIL_TRANSPORT_DEFUALT_USERNAME=myemail@myemailserver.com \
-e EMAIL_TRANSPORT_DEFAULT_PASSWORD=mypassword \
passbolt/passbolt:latest
Here is the healthcheck su -s /bin/bash -c "./bin/cake passbolt healthcheck" www-data
Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/persistent/myapp_cake_core_translations_default_en__u_s): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]
Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/persistent/myapp_cake_core_translations_default_en__u_s): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]
Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/models/myapp_cake_model_default_organization_settings): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]
Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/models/myapp_cake_model_default_organization_settings): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]
Warning Error: _cake_model_ cache was unable to write 'default_organization_settings' to Cake\Cache\SimpleCacheEngine cache in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Cache.php, line 306]
Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/persistent/myapp_cake_core_translations_cake_console_en__u_s): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]
Warning Error: SplFileInfo::openFile(/var/www/passbolt/tmp/cache/persistent/myapp_cake_core_translations_cake_console_en__u_s): failed to open stream: Permission denied in [/var/www/passbolt/vendor/cakephp/cakephp/src/Cache/Engine/FileEngine.php, line 406]
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
---------------------------------------------------------------
Healthcheck shell
---------------------------------------------------------------
Environment
[PASS] PHP version 7.3.21.
[PASS] PCRE compiled with unicode support.
[FAIL] The temporary directory and its content are not writable.
[HELP] Ensure the temporary directory and its content are writable by the webserver user.
[HELP] you can try:
[HELP] sudo chown -R www-data:www-data /var/www/passbolt/tmp/
[HELP] sudo chmod 775 $(find /var/www/passbolt/tmp/ -type d)
[HELP] sudo chmod 664 $(find /var/www/passbolt/tmp/ -type f)
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[WARN] The passbolt config file is missing in /var/www/passbolt/config/
[HELP] Copy /var/www/passbolt/config/passbolt.php.default to /var/www/passbolt/config/passbolt.php
[HELP] The passbolt config file is not required if passbolt is configured with environment variables
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://192.168.8.241
[PASS] App.fullBaseUrl validation OK.
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in config/passbolt.php
[HELP] Check the network settings
SSL Certificate
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] cURL Error (28) Connection timed out after 30001 milliseconds
Database
[PASS] The application is able to connect to the database
[PASS] 23 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[FAIL] The server gpg key is not set
[HELP] Create a key, export it and add the fingerprint to config/passbolt.php
[HELP] See. https://www.passbolt.com/help/tech/install#toc_gpg
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[FAIL] The server key fingerprint doesn't match the one defined in config/passbolt.php.
[HELP] Double check the key fingerprint, example:
[HELP] sudo su -s /bin/bash -c "gpg --list-keys --fingerprint --home /home/www-data/.gnupg" www-data | grep -i -B 2 'SERVER_KEY_EMAIL'
[HELP] SERVER_KEY_EMAIL: The email you used when you generated the server key.
[HELP] See. https://www.passbolt.com/help/tech/install#toc_gpg
[FAIL] The server public key defined in the config/passbolt.php (or environment variables) is not in the keyring
[HELP] Import the private server key in the keyring of the webserver user.
[HELP] you can try:
[HELP] sudo su -s /bin/bash -c "gpg --home /home/www-data/.gnupg --import /var/www/passbolt/config/gpg/serverkey_private.asc" www-data
[FAIL] The server key does not have a valid email id.
[HELP] Edit or generate another key with a valid email id.
Application configuration
[PASS] Using latest passbolt version (2.13.5).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.
8 error(s) found. Hang in there!
Here is what I get when I try to send a test email ./bin/cake passbolt send_test_email
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
---------------------------------------------------------------
Debug email shell
---------------------------------------------------------------
Email configuration
---------------------------------------------------------------
Host: smtp.myemailserver.es
Port: 587
Username:
Password: *********
TLS: true
Sending email from: myemail@myemailserver.com
Sending email to: doesnotexist@passboltdummydomain.com
---------------------------------------------------------------
Trace
[220] kundenserver.de (mreue011) Nemesis ESMTP Service ready
> EHLO localhost
[250] kundenserver.de Hello localhost [PUBLIC.IP.OF.MYROUTER]
[250] 8BITMIME
[250] AUTH LOGIN PLAIN
[250] SIZE 140000000
[250] STARTTLS
> STARTTLS
[220] OK
> EHLO localhost
[250] kundenserver.de Hello localhost [PUBLIC.IP.OF.MYROUTER]
[250] 8BITMIME
[250] AUTH LOGIN PLAIN
[250] SIZE 140000000
A test email could not be sent.
Error: SMTP Error: 530 Authentication required
Any ideas/hints on how to solve this issue?
I have gone through some of the forums claiming similar issues without success. here is a list of what I have tried already:
- Docker Setup Not Sending Email
- Not able to send emails with SMTP in docker setup
- Passbolt not sending email
- https://help.passbolt.com/faq/hosting/why-email-not-sent
- Passbolt is not sending any email
Checklist
[x ] I have read intro post: About the Installation Issues category
[ x] I have read the tutorials, help and searched for similar issues
[ ] I provide relevant information about my server (component names and versions, etc.)
[x ] I provide a copy of my logs and healthcheck
[x ] I describe the steps I have taken to trouble shoot the problem
[x ] I describe the steps on how to reproduce the issue