Hi there
I´m stuck at running passbolt.
When I call the URL only a white page appears.
The browser debug says
in Opera
Refused to load the image '<URL>' because it violates the following Content Security Policy directive: "img-src 'self'".
login:1 Refused to load the script 'https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/stylesheet.js?v=3.10.0' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
login:1 Refused to load the script 'https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/api-vendors.js?v=3.10.0' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
login:1 Refused to load the script 'https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/api-triage.js?v=3.10.0' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
DevTools failed to load source map: Could not load content for chrome-extension://gbekmpnpfkkijbodegokaigmhedbbkmg/scripts/contentscript_chrome.js.map: System error: net::ERR_BLOCKED_BY_CLIENT
in Firefox
Loading failed for the <script> with source “https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/stylesheet.js?v=3.10.0”. login:46:1
Loading failed for the <script> with source “https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/api-vendors.js?v=3.10.0”. login:51:1
Loading failed for the <script> with source “https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/api-triage.js?v=3.10.0”. login:51:1
Content Security Policy: The page's settings blocked the loading of a resource at https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/stylesheet.js?v=3.10.0 ("script-src"). login
Content Security Policy: The page's settings blocked the loading of a resource at https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/api-vendors.js?v=3.10.0 ("script-src"). login
Content Security Policy: The page's settings blocked the loading of a resource at https://www.XXXXXXXXXXXX.com/passbolt/passbolt/js/app/api-triage.js?v=3.10.0 ("script-src"). login
Content Security Policy: The page's settings blocked the loading of a resource at https://www.XXXXXXXXXXXX.com/passbolt/passbolt/favicon_228.png ("img-src"). FaviconLoader.jsm:180:19
Content Security Policy: The page's settings blocked the loading of a resource at https://www.XXXXXXXXXXXX.com/passbolt/passbolt/favicon.ico ("img-src"). FaviconLoader.jsm:180:19
Content Security Policy: The page's settings blocked the loading of a resource at eval ("script-src").
Source: window.__cmp && typeof __cmp("getCMPData… login
Content Security Policy: The page's settings blocked the loading of a resource at eval ("script-src").
Source: typeof window.utag !== 'undefined' && ty… login
Content Security Policy: The page's settings blocked the loading of a resource at eval ("script-src").
Source: window.__cmp && typeof __cmp("getCMPData… login
Content Security Policy: The page's settings blocked the loading of a resource at eval ("script-src").
Source: typeof window.utag !== 'undefined' && ty… login
Content Security Policy: The page's settings blocked the loading of a resource at eval ("script-src").
Source: window.__cmp && typeof __cmp("getCMPData… login
Content Security Policy: The page's settings blocked the loading of a resource at eval ("script-src").
Source: typeof window.utag !== 'undefined' && ty… login
Content Security Policy: The page's settings blocked the loading of a resource at eval ("script-src").
Source: window.__cmp && typeof __cmp("getCMPData…
healthcheck says
sudo -H -u www-data bash -c "/var/www/html/passbolt/bin/cake passbolt healthcheck --verbose"
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Healthcheck shell
-------------------------------------------------------------------------------
Environment
[PASS] PHP version 8.0.28.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://www.XXXXXXXXXXXX.com/passbolt
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.
SSL Certificate
[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate
Database
[PASS] The application is able to connect to the database
[PASS] 26 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/www/.gnupg.
[PASS] The directory /var/www/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one
[PASS] The public key file is defined in /var/www/html/passbolt/config/passbolt.php and readable.
[PASS] The private key file is defined in /var/www/html/passbolt/config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in /var/www/html/passbolt/config/passbolt.php.
[PASS] The server public key defined in the /var/www/html/passbolt/config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
[PASS] The server public key format is Gopengpg compatible.
[PASS] The server private key format is Gopengpg compatible.
Application configuration
[PASS] Using latest passbolt version (3.10.0).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] The Self Registration plugin is enabled.
[PASS] Registration is closed, only administrators can add users.
[PASS] The deprecated self registration public setting was not found in /var/www/html/passbolt/config/passbolt.php.
[WARN] Host availability checking is disabled.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
[HELP] Or set passbolt.email.validate.mx to true in /var/www/html/passbolt/config/passbolt.php.
[PASS] Serving the compiled version of the javascript app.
[PASS] All email notifications will be sent.
JWT Authentication
[PASS] The JWT Authentication plugin is enabled
[PASS] The /var/www/html/passbolt/config/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found
SMTP Settings
[PASS] The SMTP Settings plugin is enabled.
[PASS] SMTP Settings coherent. You may send a test email to validate them.
[PASS] The SMTP Settings source is: database.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /var/www/html/passbolt/config/passbolt.php.
[PASS] No error found. Nice one sparky!
What to do?
BTW: I also have a little bug-report:
If the logs-directory is missing the healthcheck returns
…
[FAIL] The logs directory and its content are not writable.
[HELP] Ensure the logs directory and its content are writable by the user the webserver user.
[HELP] you can try:
[HELP] sudo chown -R www-data:www-data /var/www/html/passboltlogs
[HELP] sudo chmod 775 $(find /var/www/html/passboltlogs -type d)
[HELP] sudo chmod 664 $(find /var/www/html/passboltlogs -type f)
…
There are some missing / in passboltlogs. This should say it should be passbolt/logs
At least confusing