I had a working v1 docker with app.php, core.php, database.php, email.php serverkey_private.asc and serverkey.asc all pointing to config files outside of the docker.
After the upgrade of the docker image today things have gone a little pear shaped (broken)
It seems a lot of docker variables have changed names, so I have updated my details with the new docker variables and added new ones incorporating as much data as I can from the php files above.
The docker starts but fails to find the serverkey_private.asc file and aborts.
The strange thing is I have checked and double checked the location the docker variable is pointing to and it is correct. The file is there and it does contain my server key.
Not sure what I am missing and if I should be running a migration script etc for the docker upgrade?
Edit: Ok changed the server and private keys from env variables to -v x:y commands I got it to find both of the files correctly and its now doing some migration scripts by the look of it …
Edit2: Ok migration seems to have finished and I now have a GPGAuth not supported error when going to the login page on firefox… some more searching I think.
Passbolt v2 doesn’t use core.php, database.php and email.php anymore. Passbolt config is all bundled in the passbolt.php file or you can use env variables since Passbolt v2 has better support for them.
Plus if you were using the alpine based docker image the user which runs passbolt now is www-data
We have noticed there is a bug on passbolt-2.0.0 we are about to release 2.0.1 in a couple of hours and yeah we are also working on help.passbolt.com documentation is about to be released also!
I still have some issues with pb picking up my previous gpg certs, as its complaining they cannot be used to sign anything, as well as the fingerprint being differant than the one in my passbolt.php.
The fact that they are copied from previously working php config files seems odd and I am not sure if they are picking up my passbolt.php correctly.
One thing I wasn’t clear on is; if I only use docker variables to setup passbolt, will the passbolt.php get created with the env variables of the docker or will I still need a valid passbolt.php as well?
Regarding the gpg sign problems check the keys imported on the www-data user gpg keyring. I say this because if the paths are not correct the docker-entrypoint script will detect that no gpg keys are in place and it will create a gpg key and import it on the www-data keyring leading to passbolt using a wrong gpg key.
If you rely on env variables there is no need to create a passbolt.php. The container is designed to work without any passbolt.php and fully rely on env variables.
It works like this:
1 passbolt checks if passbolt.php exists and loads config
2 if passbolt.php does not exist or some section is missing on the file it will go to default.php where passbolt will look for the config section corresponding env variable if that variable doesnt exist it falls back to a default value defined also in default.php
Do not hesitate on asking for any other doubt or issue and thanks for your feedback!
You mean the gpg serverkeys that the container creates automatically on startup? You can control the generation of those keys with the following env vars:
Yeah that is correct since these env vars are proper to the container and not passbolt_api. Even if you add them to passbolt.php it won’t work as passbolt_api doesn’t support them.
Long story short gpg key generation customizations are only suppported as env variables.