Hello. Im trying to set up passbolt using this docker setup. Everything works except for email sending via SMTP, thus users cannot register to my passbolt instance. Since I made some changes in the docker-compose file to fit my infrastructure details, I’ll post it here. The idea is to run passbolt with a google cloud database, besides nginx and certbot.
System Information
OS
Distro: Ubuntu 20.04 LTS x86_64
Host: Google Compute Engine
Kernel: 5.4.0-1019-gcp
Shell: bash 5.0.16
CPU: Intel Xeon (1) @ 2.300GHz
Memory: 392MiB / 3683MiB
Database
MYSQL 5.7 on Gcloud
Web server
Its a docker image of nginx: nginx:1.19.1-alpine
Logs
Healthcheck
Healthcheck shell…
Environment
[PASS] PHP version 7.3.19.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable.
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[WARN] The passbolt config file is missing in /var/www/passbolt/config/
[HELP] Copy /var/www/passbolt/config/passbolt.php.default to /var/www/passbolt/config/passbolt.php
[HELP] The passbolt config file is not required if passbolt is configured with environment variables
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://passbolt-stg.taqtile.dev
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.
SSL Certificate
[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate
Database
[PASS] The application is able to connect to the database
[PASS] 23 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server gpg key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
Application configuration
[PASS] Using latest passbolt version (2.13.1).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[WARN] Registration is open to everyone.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set passbolt.registration.public to false in config/passbolt.php.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.
No error found. Nice one sparky!
cli-debug.log
2020-07-14 19:22:17 Debug: command 'preview' in plugin 'EmailQueue' was not aliased, conflicts with 'Passbolt/EmailDigest'
2020-07-14 19:22:17 Debug: command 'sender' in plugin 'EmailQueue' was not aliased, conflicts with 'Passbolt/EmailDigest'
error.log
2020-07-14 22:06:03 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/owa/auth/logon.aspx" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f
2020-07-14 22:39:01 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/webfig/" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /webfig/
2020-07-15 00:37:41 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/webfig/" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /webfig/
Referer URL: http://35.192.84.251/webfig/
2020-07-15 01:04:47 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/Telerik.Web.UI.WebResource.axd" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /Telerik.Web.UI.WebResource.axd?type=rau
2020-07-15 01:12:02 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/Telerik.Web.UI.WebResource.axd" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /Telerik.Web.UI.WebResource.axd?type=rau
Referer URL: http://35.192.84.251/Telerik.Web.UI.WebResource.axd?type=rau
2020-07-15 13:02:43 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/solr/admin/info/system" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /solr/admin/info/system?wt=json
Referer URL: http://35.192.84.251:80/solr/admin/info/system?wt=json
2020-07-15 13:03:28 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: s=/Index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP?s=/Index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP
Referer URL: http://35.192.84.251:80/index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP
2020-07-15 13:09:32 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/api/jsonws/invoke" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /api/jsonws/invoke
Referer URL: http://35.192.84.251:80/api/jsonws/invoke
Env variables
APP_FULL_BASE_URL=https://passbolt.domain.com
# Database settings
DATASOURCES_DEFAULT_HOST=10.10.10.10
DATASOURCES_DEFAULT_USERNAME=company
DATASOURCES_DEFAULT_PASSWORD=fakepassword123
DATASOURCES_DEFAULT_DATABASE=passbolt
DATASOURCES_QUOTE_IDENTIFIER=true
# Email
EMAIL_DEFAULT_FROM=no-reply@domain.com
EMAIL_TRANSPORT_DEFAULT_URL=https://passbolt.domain.com
EMAIL_TRANSPORT_DEFAULT_CLASS_NAME=Smtp
EMAIL_DEFAULT_TRANSPORT=default
EMAIL_TRANSPORT_DEFAULT_TLS=true
EMAIL_TRANSPORT_DEFAULT_HOST=smtp-relay.gmail.com
EMAIL_TRANSPORT_DEFAULT_PORT=587
EMAIL_TRANSPORT_DEFAULT_USERNAME=no-reply@domain.com
EMAIL_TRANSPORT_DEFAULT_PASSWORD=fakepassword
# Registration
PASSBOLT_REGISTRATION_PUBLIC=true
docker-compose.yml
version: '3.4'
services:
passbolt:
image: passbolt/passbolt:2.13.1-debian
container_name: passbolt
tty: true
env_file:
- env/passbolt.env
volumes:
- gpg_volume:/var/www/passbolt/config/gpg
- images_volume:/var/www/passbolt/webroot/img/public
tmpfs:
- /run
command: ["/docker-entrypoint.sh"]
nginx:
image: nginx:1.19.1-alpine
restart: unless-stopped
volumes:
- ./data/nginx:/etc/nginx/conf.d
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
ports:
- 80:80
- 443:443
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot:
image: certbot/certbot
restart: unless-stopped
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
volumes:
gpg_volume:
images_volume:
send_test_mail
./bin/cake passbolt send_test_email --recipient=youremail@domain.com
---------------------------------------------------------------
Debug email shell
---------------------------------------------------------------
Your email transport configuration is not set to use "Smtp". (https is set instead)
This email debug task is only for SMTP configurations.
To fix this, edit EmailTransport.default.className property in /config/passbolt.php, and set className to "Smtp"
I didnt do much besides trying to test different env variable values and do some research on this forum for similar problems. The send_test_mail
output suggest that className
its not getting set it right, but I don’t know if this is relevant for a docker setup.
Inside the passbolt container, I also tried to create a config/passbolt.php
file based on config/passbolt.default.php
with the right values for EmailTransport.default.className
, but the same result was shown on send_test_mail
tool.