Checklist
[X] I have read intro post: About the Installation Issues category
[X] I have read the tutorials, help and searched for similar issues
[X] I provide relevant information about my server (component names and versions, etc.)
[X] I provide a copy of my logs and healthcheck
[X] I describe the steps I have taken to trouble shoot the problem
[X] I describe the steps on how to reproduce the issue
Hello, I have the same issue. It was working fine till last week, and suddenly from yesterday, I see nginx welcome screen. However, it works with SSL https://passbolt.domain.com. Hope that helps.
As per the guide provided by Passbolt, I upgraded my OS version first THEN migrated Passbolt over.
I can’t provide that as of now cause it’s during office hours and I can’t have Passbolt un-usable during that time. I’m sure it was the latest version available as an Ubuntu package.
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
I’d like to also point out that, when you go through the guide for migrating CE script to package and you reconfigure Passbolt, set Nginx config cert to Auto, it throws an error:
This can easily be fixed by running:
sudo apt-get install python3-certbot-nginx
I recommend you guys add this part to the guide, though, because most users probably don’t have that installed (or rather it got removed during the Ubuntu upgrade).
There must be something wrong with my installation beforehand, then, if you aren’t getting this issue. However, earlier in this post, somebody else said they ran into the same issue.
Yes, the nginx-passbolt.conf file is in sites-enabled. That means it’s enabled, right? Here’s that conf file:
The only obvious error I noticed is that the SSL conf file in conf.d is using a wrong syntax, but that must’ve been before I upgraded Ubuntu and migrated Passbolt, because that conf file isn’t there anymore.
Manually edited /etc/nginx/sites-enabled/nginx-passbolt.conf and specified my passbolt domain name in the “server_name” part at the top.
Deleted the “default” site in sites-enabled.
Edited the /etc/nginx/nginx.conf file, removed the default site from the Virtual Host Configs section at the bottom, and added Passbolt by inserting the following:
include /etc/nginx/sites-enabled/*.conf;
Re-ran the server configuration command, set nginx to auto and followed the steps to reconfigure nginx - it configured it correctly and this time it actually inserted the SSL config part into the nginx-passbolt.conf file.
sudo dpkg-reconfigure passbolt-ce-server
And that’s it!
Gerold, I think the migration documentation needs updated to address this issue that may be happening to people (the nginx-passbolt.conf not having a server_name and the nginx.conf file not specifying the passbolt conf in sites-enabled).
It seems like your conf is enabled yes, but as I can see in the error.log.1 file, you have some warning from May 27 2021 about the “ssl” directive that is deprecated so I think that you still have the /etc/nginx/conf.d/passbolt_ssl.conf file that would probably take over the new config.
Maybe it would be worth to try to save that file somewhere else, delete it from /etc/nginx/conf.d and to restart NGINX to see if its related to your issue or not.
