Checklist
I have read intro post:
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue
I’m running an arm machine on OCI free tier, ubuntu 22.04. I have no domain with this site, and before the restart the webserver was working fine with just the ip. Attempting to run healthcheck with the command sudo -H -u nginx bash -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck" gives me the error
sudo: unknown user nginx
sudo: error initializing audit plugin sudoers_audit
Running sudo su -s /bin/bash -c "./bin/cake passbolt healthcheck" www-data gives me: bash: line 1: ./bin/cake: Permission denied and finally, running sudo /usr/share/php/passbolt/bin/status-report gives me
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Passbolt CE 4.1.0
Cakephp 4.4.14
Linux virtual-machine2 5.15.0-1038-oracle #44-Ubuntu SMP Thu Jun 22 03:34:10 UTC 2023 aarch64 aarch64 aarch64 GNU/Linux
PHP 8.1.2-1ubuntu2.13 (cli) (built: Jun 28 2023 14:01:49) (NTS)
mysql Ver 8.0.33-0ubuntu0.22.04.2 for Linux on aarch64 ((Ubuntu))
gpg (GnuPG) 2.2.27
libgcrypt 1.9.4
ERROR: /usr/share/php/passbolt/bin/utils.sh: line 64: composer: command not found
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Healthcheck shell
-------------------------------------------------------------------------------
Environment
[PASS] PHP version 8.1.2-1ubuntu2.13.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to
[FAIL] App.fullBaseUrl does not validate. .
[HELP] Edit App.fullBaseUrl in /etc/passbolt/passbolt.php
[HELP] Select a valid domain name as defined by section 2.3.1 of <ietf domain rules link>
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in /etc/passbolt/passbolt.php
[HELP] Check the network settings
SSL Certificate
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] Check <troubleshoot ssl link here - I can only have 2 links>
[HELP] The source URI string appears to be malformed
Database
[PASS] The application is able to connect to the database
[PASS] 32 tables found
[FAIL] No default content found
[HELP] Run the install script to set the default content such as roles and permission types
[HELP] sudo su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt install" www-data
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one
[PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
[PASS] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
[PASS] The server public key format is Gopengpg compatible.
[PASS] The server private key format is Gopengpg compatible.
Application configuration
[PASS] Using latest passbolt version (4.1.0).
[FAIL] Passbolt is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in /etc/passbolt/passbolt.php.
[FAIL] App.fullBaseUrl is not set to HTTPS.
[HELP] Check App.fullBaseUrl url scheme in /etc/passbolt/passbolt.php.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[INFO] The Self Registration plugin is enabled.
[INFO] Registration is closed, only administrators can add users.
[PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
[WARN] Host availability checking is disabled.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
[HELP] Or set passbolt.email.validate.mx to true in /etc/passbolt/passbolt.php.
[PASS] Serving the compiled version of the javascript app.
[WARN] Some email notifications are disabled by the administrator.
JWT Authentication
[PASS] The JWT Authentication plugin is enabled
[PASS] The /etc/passbolt/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found
SMTP Settings
[PASS] The SMTP Settings plugin is enabled.
[PASS] SMTP Settings coherent. You may send a test email to validate them.
[PASS] The SMTP Settings source is: database.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /etc/passbolt/passbolt.php.
[FAIL] 7 error(s) found. Hang in there!
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Cleanup shell (dry-run)
-------------------------------------------------------------------------------
No issue found, data looks squeaky clean!
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Data check shell
[PASS] Data integrity for AuthenticationTokens.
[PASS] Can validate: 7/7
[PASS] Data integrity for Comments.
[PASS] Can validate: 0/0
[PASS] Data integrity for Favorites.
[PASS] Can validate: 0/0
[PASS] Data integrity for Gpgkeys.
[PASS] Can encrypt: 1/1
[PASS] Pass validation service checks: 1/1
[PASS] Entity data and armored key data matches: 1/1
[PASS] Is not expired: 1/1
[PASS] Is armored key format valid: 1/1
[PASS] Data integrity for Groups.
[PASS] Can validate: 0/0
[PASS] Data integrity for Profiles.
[PASS] Can validate: 1/1
[PASS] Data integrity for Resources.
[PASS] Can validate: 123/123
[PASS] Data integrity for Secrets.
[PASS] Can validate: 119/119
[PASS] Data integrity for Users.
[PASS] Can validate: 1/1
2023-07-07 00:18:57 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/goform/formJsonAjaxReq" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /goform/formJsonAjaxReq
Referer URL: http://141.147.104.169:80/login.asp
Client IP: 45.88.90.145
2023-07-07 01:06:33 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/Autodiscover/Autodiscover.xml" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /Autodiscover/Autodiscover.xml
Client IP: 213.109.202.66
2023-07-07 02:35:39 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/solr/admin/info/system" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /solr/admin/info/system?wt=json
Client IP: 213.109.202.66
2023-07-07 03:00:33 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/.git/config" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /.git/config
Client IP: 194.9.172.238
2023-07-07 03:13:22 error: [Cake\Routing\Exception\MissingRouteException] A route matching "s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: s=/Index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP21?s=/Index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=md5&vars%5B1%5D%5B%5D=HelloThinkPHP21
Client IP: 213.109.202.66
2023-07-07 03:19:47 error: [Authentication\Authenticator\UnauthenticatedException] Authentication is required to continue in /usr/share/php/passbolt/vendor/cakephp/authentication/src/Controller/Component/AuthenticationComponent.php on line 177
Request URL: /auth/is-authenticated.json
Client IP: 86.15.85.158
2023-07-07 04:47:50 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/geoserver/web/" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /geoserver/web/
Client IP: 216.218.206.66
2023-07-07 05:32:02 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/.env" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /.env
Client IP: 146.70.15.20
2023-07-07 05:32:03 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /
Client IP: 146.70.15.20
2023-07-07 05:41:26 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/console/" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /console/
Client IP: 213.109.202.66
2023-07-07 05:57:55 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/.env" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /.env
Client IP: 109.237.98.226
2023-07-07 06:32:48 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/_ignition/execute-solution" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /_ignition/execute-solution
Client IP: 213.109.202.66
2023-07-07 06:39:33 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/files/" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /files/
Client IP: 159.65.54.222
2023-07-07 09:01:50 error: [Cake\Routing\Exception\MissingRouteException] A route matching "lang=en" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: lang=en?lang=en
Client IP: 8.210.238.183
2023-07-07 12:23:56 error: [Authentication\Authenticator\UnauthenticatedException] Authentication is required to continue in /usr/share/php/passbolt/vendor/cakephp/authentication/src/Controller/Component/AuthenticationComponent.php on line 177
Request URL: /auth/is-authenticated.json
Client IP: 86.15.85.158
2023-07-07 12:24:49 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/client/get_targets" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /client/get_targets
Client IP: 68.183.67.172
2023-07-07 12:24:50 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/geoip/" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /geoip/
Client IP: 68.183.67.172
2023-07-07 12:24:50 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/bundle.js" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /bundle.js
Client IP: 68.183.67.172
2023-07-07 12:24:50 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/files/" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /files/
Client IP: 68.183.67.172
Running nmap localhost shows that there are ports open
Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-07 15:00 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000097s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
3306/tcp open mysql
Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds
