New docker installation issue

Hello all,

Just finished a default installation on docker but am running into issues. Ran the health check and stuff seems broken…

[FAIL] The server OpenPGP key is not set
[FAIL] The server key fingerprint doesn’t match the one defined in /etc/passbolt/passbolt.php.
[FAIL] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is not in the keyring
[FAIL] The server key does not have a valid email id.
[FAIL] Passbolt is not configured to force SSL use.

Seems something isn’t working out of the gate. Are the installation steps missing a piece or did I miss something? How do I go about cleaning this up?

Hello @Panth, welcome to our community

That is expected as mentionned in our troubleshoot guide, source /etc/environment should fix the issues.

Maybe I’m missing something, but no luck. Still having the same set of errors on the healthcheck.

I have tried to reproduce the issues:

1. Passbolt CE installation
2. Ran the healthcheck in order to get the same errors
3. Ran source /etc/environment
4. Ran the healthcheck again and the issues are fixed

Is that the steps you followed? If not could you describe what you’ve done? Also, could you share the content of the docker compose after you removed any sensitive infos?

Yep, did all that. source command didn’t seem to do much.

version: “3.9”
services:
db:
image: mariadb:10.11
restart: unless-stopped
environment:
MYSQL_RANDOM_ROOT_PASSWORD: “true”
MYSQL_DATABASE: “passbolt”
MYSQL_USER: “dbuser”
MYSQL_PASSWORD: “dbpass”
volumes:
- database_volume:/var/lib/mysql

passbolt:
image: passbolt/passbolt:latest-ce
#Alternatively you can use rootless:
#image: passbolt/passbolt:latest-ce-non-root
restart: unless-stopped
depends_on:
- db
environment:
APP_FULL_BASE_URL: someurl
EMAIL_DEFAULT_FROM_NAME: “somename”
EMAIL_DEFAULT_FROM: “email@email.com”
EMAIL_TRANSPORT_DEFAULT_HOST: “smtp”
EMAIL_TRANSPORT_DEFAULT_PORT: 587
EMAIL_TRANSPORT_DEFAULT_USERNAME: “email@email.com”
EMAIL_TRANSPORT_DEFAULT_PASSWORD: “email pass”
EMAIL_TRANSPORT_DEFAULT_TLS: “true”
DATASOURCES_DEFAULT_HOST: “db”
DATASOURCES_DEFAULT_USERNAME: “dbusername”
DATASOURCES_DEFAULT_PASSWORD: “dbpass”
DATASOURCES_DEFAULT_DATABASE: “passbolt”
volumes:
- gpg_volume:/etc/passbolt/gpg
- jwt_volume:/etc/passbolt/jwt
command:
[
“/usr/bin/wait-for.sh”,
“-t”,
“0”,
“db:3306”,
“–”,
“/docker-entrypoint.sh”,
]
ports:
- 80:80
- 443:443
#Alternatively for non-root images:
# - 80:8080
# - 443:4433

volumes:
database_volume:
gpg_volume:
jwt_volume:

Thanks for sharing your docker compose, it looks clean.

Just to confirm, in order to run the healthcheck did you ran:

source /etc/environment
docker-compose -f docker-compose-ce.yaml exec passbolt su -m -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck" -s /bin/sh www-data

Or, directly from the container:

source /etc/environment
su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck" www-data 

I’ve done both actually, just to make sure it wasn’t something strange going on with docker. same result. I’d share the shole thing, but it won’t let me post it because I’m a “new user”

Anyone else have an idea?

Could you share a screenshot of both attempts to see what user it is and so on.

Both are the same, so not bothering to post both outputs.

I understand that the output is the same but I would like to see how you are running those commands

exactly as you posted. A literal copy/paste on the second one and the only thing I changed on the first one was the name of the docker compose file.

so what you did for the second command is:

docker exec -ti <PASSBOLT_CONTAINER> bash
source /etc/environment
su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck" www-data

correct?

Yes, as I’ve stated a few times. Thankfully I hadn’t gotten super far in the configuration and just ended up blowing the whole thing away and resetting it. Wish I knew what the problem was, but at this point it’s running correctly.