Problem installing Passbolt docker via rancher

Installation Issues
1

Checklist
[x] I have read intro post
[x] I have read the tutorials, help and searched for similar issues
[x] I provide relevant information about my server (component names and versions, etc.)
[x] I provide a copy of my logs and healthcheck
[ ] I describe the steps I have taken to trouble shoot the problem
[x] I describe the steps on how to reproduce the issue

Hey all!

I have a server, CentOS 7.5 on Azure VM with Rancher 1.6.25 installed. (More info on Rancher here) with Docker 18.09-ce
I’m trying to install Passbolt via the Rancher UI and I get one issue.

First some server details.
As said, CentOS 7.5 with Rancher 1.6.25 and Docker 18.09-ce, trying to install image 2.5.0-debian, the db is another docker container, MariaDB 10.3.12, the volumes mounted with the host can be found in the image below
image

Environment variables set are: db required ones, server key paths, app full base url and gnupghome. As for the values, if you need any specific, let me know.

Now, for the issue…
When I click to install it, the container goes to an infinite restart loop (–restart=always). Accessing the logs of the container via docker logs [id] I get this output

gpg: key {key}: "esnpassbolt <{email}>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: key {key}: "esnpassbolt <{email}>" not changed
gpg: key {key}: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:  secret keys unchanged: 1
Exception: Shell class for "Passbolt" could not be found. in [/var/www/passbolt/vendor/cakephp/cakephp/src/Console/ShellDispatcher.php, line 327]

So, the error seems to be that
Exception: Shell class for "Passbolt" could not be found. in [/var/www/passbolt/vendor/cakephp/cakephp/src/Console/ShellDispatcher.php, line 327]

Isolating the error to just cakephp, it says that the command to start the shell, is not run into the correct path >> check one report of this issue on stackoverflow here

Does anyone have any thought of this? If you need any more info, please let me know!

2

Any thoughs on that?

3

Hi!

I haven’t tried rancher myself but seems like your container is failing to run passbolt install shell task.

Assuming you are running the official docker image for passbolt I can think of:

  • the mountpoints are overriding the wrong directory on passbolt container. You can check the directories on runtime of the container overriding the entrypoint and executing ls to check the directory state of the container.
  • rancher overrides the entrypoint at runtime that should be mentioned on the rancher docs somewhere

If you could reproduce your issue with docker-composer it would be easier for us to help you.

4

OK, so I tried few stuff… i created the container via docker command, meaning the normal instructions and it worked. But then rancher has the option to manage this container via its UI, even if I didn’t created from the UI, so I copy-pasted the most important variables, meaning the entrypoint, the start command and some more but that also failed…

Now, for docker-compose, I took the one from the repo and replaced the env file with the env variables inside the yaml
Here’s the file

docker-compose.yml 
version: '3.4'
services:
  db:
    image: mariadb:10.3
    environment:
       - MYSQL_ROOT_PASSWORD: rootpassword123
       - MYSQL_DATABASE: passbolt_db
       - MYSQL_USER: passbolt_user
       - MYSQL_PASSWORD: passbolt_password
    volumes:
      - /volumes/passbolt/mariadb: /var/lib/mysql
    ports:
      - "127.0.0.1:3306:3306"

  passbolt:
    image: passbolt/passbolt:2.5.0-debian
    tty: true
    depends_on:
      - db
    environment:
      - DATASOURCES_DEFAULT_HOST: db
      - DATASOURCES_DEFAULT_USERNAME: passbolt_user
      - DATASOURCES_DEFAULT_PASSWORD: passbolt_password
      - DATASOURCES_DEFAULT_DATABASE: passbolt_db
      - DATASOURCES_DEFAULT_PORT: 3306
      - APP_FULL_BASE_URL: https://pass.esn.org
    volumes:
       - /volumes/passbolt/gpg: /var/www/passbolt/config/gpg
       - /volumes/passbolt/img: /var/www/passbolt/webroot/img
       - /volumes/passbolt/ssl: /etc/ssl/certs
       - ./scripts/wait-for.sh: /usr/bin/wait-for.sh
    tmpfs:
      - /run
    command: ["/usr/bin/wait-for.sh", "db:3306", "--", "/docker-entrypoint.sh"]
    ports:
      - 3080:80
      - 3443:443

But there’s one thing
It’s that Rancher doesn’t support version 3 of composer file and I have to downgrade it to version 2 in order for this to work…

I also ran docker-compose -f docker-compose.yml config and dropped these errors

ERROR: The Compose file './docker-compose.yml' is invalid because:
services.passbolt.environment contains {"DATASOURCES_DEFAULT_HOST": "db"}, which is an invalid type, it should be a string
services.db.environment contains {"MYSQL_ROOT_PASSWORD": "rootpassword123"}, which is an invalid type, it should be a string
services.passbolt.volumes 'type' is a required property
services.passbolt.volumes 'type' is a required property
services.passbolt.volumes 'type' is a required property
services.db.volumes 'type' is a required property
services.passbolt.volumes 'type' is a required property
5

Hey there!

Seems like your composer file is incorrect you should use the following syntax if you want to use an array:

environment:
  - DATASOURCES_DEFAULT_HOST=db

Or this one if you want to use a dictionary:

environment:
  DATASOURCES_DEFAULT_HOST: db

As per the docs: https://docs.docker.com/compose/compose-file/compose-file-v2/

6

Thanks for that notice it really helped me… I was a bit confused on the compose syntax, to be honest…

So after a few tries I finally got it working but I dropped the docker-compose way since I figured out what I should do…
With the usual way as described on the first post, the tricky part is to only enter this
/usr/bin/wait-for.sh db:3306 -- /docker-entrypoint.sh
to the command field when creating the service, which will indeed run the entrypoint file and bootstrap the service and finally have it working!
Thanks @diego for your time!

I also removed the docker volumes for the gpg keys, as the installation couldn’t configure the gpg keys… (I had already generated them from the host)

1 Like
7

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.