Issue when installing passbolt without a TLD

Hi,

I’m trying to set up a Passbolt server using the provided docker container and docker-compose files.

I’m using the default docker-compose.yml, plus a bind volume to use my own self-signed certificate. When I try to setup the first user, I get a generic “Damn… An error occurred” page. The following is provided as debug information, however I suspect it’s not particularly useful.

https://pastebin.com/AMLuZVtX

This has been tested on a default Docker install (volumes have been pruned before docker-compose up.

The following is the healthcheck output: https://pastebin.com/7HRYxUZD

It seems to report some errors about the GPG setup. However, the Docker install tutorial doesn’t mention the need to set up anything. (In general, I expect a Docker setup to be transparent, i.e. I don’t expect to need to copy/change configuration files.)

I think I’m missing something!

Update: I checked the service logs and it seems like the GPG keyring is initialized ok. In particular, during initialization the following is outputted:

passbolt_1  | gpg: key 31B04AAEDFF503DF: "Passbolt default user <passbolt@yourdomain.com>" not changed
passbolt_1  | gpg: Total number processed: 1
passbolt_1  | gpg:              unchanged: 1
passbolt_1  | gpg: key 31B04AAEDFF503DF: "Passbolt default user <passbolt@yourdomain.com>" not changed
passbolt_1  | gpg: key 31B04AAEDFF503DF: secret key imported
passbolt_1  | gpg: Total number processed: 1
passbolt_1  | gpg:              unchanged: 1
passbolt_1  | gpg:       secret keys read: 1
passbolt_1  | gpg:  secret keys unchanged: 1

hi @vmsh0,

The following is provided as debug information, however I suspect it’s not particularly useful.

https://pastebin.com/AMLuZVtX

Yes you are right we would need logs from the logs/error.log or nginx logs to determine the cause. Also check on your browser console if you find any error.

It seems to report some errors about the GPG setup. However, the Docker install tutorial doesn’t mention the need to set up anything. (In general, I expect a Docker setup to be transparent, i.e. I don’t expect to need to copy/change configuration files.)

Yes, you don’t have to copy files unless you want to customize the environment for some reason. Even in that scenario you could rely on env variables most of the time.

The errors you see on the GPG are known problems of the healthcheck on the docker image when running it as root.

You could try the following:

su -s /bin/bash -c "source /etc/environment; ./bin/cake passbolt healthcheck" www-data

Hello Diego,
Thank you for your quick response.

Unfortunately it seems that logs don’t contain anything useful either.

ele-docker@VSRV-DOCKER:~/passbolt$ docker exec passbolt_passbolt_1 su -m -c "cat /var/log/nginx/error.log"
ele-docker@VSRV-DOCKER:~/passbolt$ docker exec passbolt_passbolt_1 su -m -c "cat /var/www/passbolt/logs/error.log"
2020-06-07 23:15:31 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/img/controls/colorpicker/wheel.png" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /img/controls/colorpicker/wheel.png


2020-06-07 23:15:31 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/img/controls/colorpicker/mask.png" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /img/controls/colorpicker/mask.png


2020-06-07 23:15:31 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/img/controls/colorpicker/marker.png" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /img/controls/colorpicker/marker.png

Now,

docker exec passbolt_passbolt_1 su -s /bin/bash -c "source /etc/environment; ./bin/cake passbolt healthcheck" www-data

results in the GPG checks not failing anymore.

I just have a couple fails related to the base url, which are caused by the fact that I’m mapping port 443 of the container to port 5600 on the host (which is what is in the base URL), so Passbolt doesn’t know how to reach itself. I also have two SSL errors, which I think are because I’m using a self-signed certificate from an authority which I have not loaded into the container. (I think this bug report is relevant.)

Could any of these two missing checks affect user setup? What steps can I take to further investigate?

Hello,

Can you check if there are errors in the browser console.
How to see browser console (that is different from regular console):

I suspect there might be an issue with validating your domain:

https://passbolt:5600

Hello Remy,

No output in the console. The domain is validated through a company CA.

I mean not the SSL validation, but the domain validation in the passbolt extension.
Can you try using another domain, like an IP address see if it solves your issue?
To my knowledge we still don’t support domains without TLD.

See. https://github.com/passbolt/passbolt_api/issues/238

Hello Remy,

That was it. Sorry about the duplicate report, however I suspected it wasn’t really an install issue. (I still think it isn’t - but there’s a bug report already so that’s sorted).

Thank you for your help!

No problem, I didn’t meant to sound rude either, it’s just easier to keep track when everything is in the “right” place. I’m currently looking into shipping this in the next extension release, should be out this week.

That’s great news! I’m going to wait a few more days to deploy then :slight_smile:

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.