Problem with reverse proxy (Migrating PRO from source to Docker PRO rootless)

Installation Issues
1

Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

Good morning, I was trying to migrate my Passbolt pro from source instance to a rootless Docker pro instance in order to test how it works and try to understand it to help other users with their problems (because I’m new on Docker and I have limited experience).
I followed the guides on the website and some forum posts, but I can’t bring my instance to life.

I have an Apache reverse proxy to map docker rootless ports, but when I try to access both sides (just domain outside reverse proxy or domain + docker port), I receive a 500 error in the first case and a blank page on the second.

I’m using Apache v2.4.38, with PHP v8.2.7 Docker v24.0.5 and Passbolt v4.1.3
I tried troubleshooting Docker as this guide, but every checks are ok.
Then I tried to follow other guides like migrating HTTP to HTTPS or posts to check if I had an error, but I have not found anything, so I would like to ask you if you can help me.

This is the reverse proxy configuration in /etc/apache2/sites-available/passbolt.$domain.tld.conf

<VirtualHost 0.0.0.0:80>
    ServerName passbolt.domain.tld

    ErrorLog /var/log/passbolt.domain.tld_error_log
    CustomLog /var/log/passbolt.domain.tld_access_log combined

    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    RewriteCond %{SERVER_NAME} =passbolt.domain.tld
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost 0.0.0.0:443>
    ServerName passbolt.domain.tld

    ErrorLog /var/log/passbolt.domain.tld_error_log
    CustomLog /var/log/passbolt.domain.tld_access_log combined

    # Enable h2, h2c and http1.1
    Protocols h2 h2c http/1.1

    # Solves slow upload speeds caused by http2
    H2WindowSize 5242880

    ProxyPreserveHost On
    ProxyRequests On
    SSLProxyEngine on
    ProxyPass / https://localhost:4433/
    ProxyPassReverse / https://localhost:4433/
    
    RewriteEngine on
    RewriteCond %{HTTP:Authorization} ^(.*) 
    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
    RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
    RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
    RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
    RewriteRule .* ws://localhost:4433%{REQUEST_URI} [P,QSA,L]

    ProxyPassReverseCookieDomain localhost:4433 passbolt.domain.tld:4433

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/domain.tld/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.tld/privkey.pem
    SSLCACertificateFile /etc/letsencrypt/live/domain.tld/chain.pem
    SSLProtocol +TLSv1.2 +TLSv1.3
</VirtualHost>

Here is the docker-compose-rootless-pro.yaml content

version: "3.9"
name: passbolt
services:
	passbolt_db:
		container_name: passbolt_db
		image: mariadb:latest
		restart: unless-stopped
		env_file:
			- database.env
		secrets:
			- db_database
			- db_username
			- db_password
		volumes:
			- database_volume:/var/lib/mysql
			- ./passbolt.sql:/docker-entrypoint-initdb.d/dump.sql

	passbolt_server:
		container_name: passbolt_server
		image: passbolt/passbolt:latest-pro-non-root
		restart: unless-stopped
		depends_on:
			- passbolt_db
		env_file:
			- passbolt.env
		secrets:
			- db_database
			- db_username
			- db_password
			- server_key_public
			- server_key_private
			- ssl_cert
			- ssl_key
		volumes:
			- jwt_volume:/etc/passbolt/jwt
			- gpg_volume:/etc/passbolt/gpg
			- ./subscription_key.txt:/etc/passbolt/subscription_key.txt:ro
		command:
			- /bin/bash
			- -c
			- |
			  # Uncomment line below if you are using ldap sync. Change '* * * * *' to your preferred sync schedule. More info: https://en.wikipedia.org/wiki/Cron
			  # echo '* * * * * www-data exec /bin/bash -c "source /etc/environment && /usr/share/php/passbolt/bin/cake directory_sync all" >> /var/log/cron.log 2>&1' >> /etc/cron.d/passbolt-pro-server
			  /usr/bin/wait-for.sh -t 0 passbolt_db:18001 -- /docker-entrypoint.sh
		ports:
			- 8080:8080
			- 4433:4433
secrets:
	db_database:
		file: secrets/db_database.txt
	db_username:
		file: secrets/db_username.txt
	db_password:
		file: secrets/db_password.txt
	server_key_public:
		file: secrets/serverkey.asc
	server_key_private:
		file: secrets/serverkey_private.asc
	ssl_cert:
		file: secrets/fullchain.pem
	ssl_key:
		file: secrets/privkey.pem
volumes:
	jwt_volume:
	gpg_volume:
	database_volume:

And the passbolt.env content

APP_FULL_BASE_URL: https://passbolt.$domain.tld

DATASOURCES_DEFAULT_HOST: $database
DATASOURCES_DEFAULT_PORT: $port
DATASOURCES_DEFAULT_DATABASE_FILE: /run/secrets/db_database
DATASOURCES_DEFAULT_USERNAME_FILE: /run/secrets/db_username
DATASOURCES_DEFAULT_PASSWORD_FILE: /run/secrets/db_password

PASSBOLT_GPG_SERVER_KEY_PUBLIC_FILE: /run/secrets/server_key_public
PASSBOLT_GPG_SERVER_KEY_PRIVATE_FILE: /run/secrets/server_key_private

PASSBOLT_SSL_SERVER_CERT_FILE: /run/secrets/ssl_cert
PASSBOLT_SSL_SERVER_KEY_FILE: /run/secrets/ssl_key

EMAIL_TRANSPORT_DEFAULT_HOST: "$mailserver"
EMAIL_TRANSPORT_DEFAULT_PORT: $mailport
EMAIL_TRANSPORT_DEFAULT_USERNAME: "$mailusername"
EMAIL_TRANSPORT_DEFAULT_PASSWORD: "$mailpassword"
EMAIL_TRANSPORT_DEFAULT_CLIENT: "$mailclient"

EMAIL_DEFAULT_FROM: "$mailusername"
EMAIL_DEFAULT_FROM_NAME: "Passbolt"

PASSBOLT_GPG_SERVER_KEY_FINGERPRINT: "$serverkeyfingerprint"
PASSBOLT_KEY_EMAIL: "$serverkeymail"
PASSBOLT_SSL_FORCE: true
PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED: true
PASSBOLT_EMAIL_VALIDATE_MX: true
PASSBOLT_PLUGINS_TOTP_RESOURCE_TYPES_ENABLED: true

Finally, this is the Passbolt healthcheck result

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
 Healthcheck shell
-------------------------------------------------------------------------------

 Environment

 [PASS] PHP version 8.2.7.
 [PASS] PCRE compiled with unicode support.
 [PASS] The temporary directory and its content are writable and not executable.
 [PASS] The logs directory and its content are writable.
 [PASS] GD or Imagick extension is installed.
 [PASS] Intl extension is installed.
 [PASS] Mbstring extension is installed.

 Config files

 [PASS] The application config file is present
 [WARN] The passbolt config file is missing in /etc/passbolt/
 [HELP] Copy /etc/passbolt/passbolt.default.php to /etc/passbolt/passbolt.php
 [HELP] The passbolt config file is not required if passbolt is configured with environment variables

 Core config

 [PASS] Debug mode is off.
 [PASS] Cache is working.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to https://passbolt.domain.tld
 [PASS] App.fullBaseUrl validation OK.
 [FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
 [HELP] Check that the domain name is correct in /etc/passbolt/passbolt.php
 [HELP] Check the network settings

 SSL Certificate

 [FAIL] SSL peer certificate does not validate
 [FAIL] Hostname does not match when validating certificates.
 [WARN] Using a self-signed certificate
 [HELP] Check https://help.passbolt.com/faq/hosting/troubleshoot-ssl

 Database

 [PASS] The application is able to connect to the database
 [PASS] 49 tables found
 [PASS] Some default content is present
 [PASS] The database schema up to date.

 GPG Configuration

 [PASS] PHP GPG Module is installed and loaded.
 [PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
 [PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
 [PASS] The server OpenPGP key is not the default one
 [PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
 [PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
 [PASS] The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
 [PASS] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is in the keyring.
 [PASS] There is a valid email id defined for the server key.
 [PASS] The public key can be used to encrypt a message.
 [PASS] The private key can be used to sign a message.
 [PASS] The public and private keys can be used to encrypt and sign a message.
 [PASS] The private key can be used to decrypt a message.
 [PASS] The private key can be used to decrypt and verify a message.
 [PASS] The public key can be used to verify a signature.
 [PASS] The server public key format is Gopengpg compatible.
 [PASS] The server private key format is Gopengpg compatible.

 Application configuration

 [PASS] Using latest passbolt version (4.1.3).
 [PASS] Passbolt is configured to force SSL use.
 [PASS] App.fullBaseUrl is set to HTTPS.
 [PASS] Selenium API endpoints are disabled.
 [PASS] Search engine robots are told not to index content.
 [INFO] The Self Registration plugin is enabled.
 [INFO] Registration is closed, only administrators can add users.
 [PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
 [PASS] Host availability will be checked.
 [PASS] Serving the compiled version of the javascript app.
 [WARN] Some email notifications are disabled by the administrator.

 JWT Authentication

 [PASS] The JWT Authentication plugin is enabled
 [PASS] The /etc/passbolt/jwt/ directory is not writable.
 [PASS] A valid JWT key pair was found

 SMTP Settings

 [PASS] The SMTP Settings plugin is enabled.
 [PASS] SMTP Settings coherent. You may send a test email to validate them.
 [PASS] The SMTP Settings source is: database.
 [PASS] The SMTP Settings plugin endpoints are disabled.

 [FAIL] 3 error(s) found. Hang in there!

Note that when I try to access to passbolt.domain.tld:4433/healthcheck shows a blank page with an OK and checking SSL with external sites they report that all is OK.

How can I solve my issues to bring to life my instance? If you need more information, just ask for it

2

From source, apache, and nonroot docker. Like a bingo for all the fun ones!

First thing to try since you are getting a white page would be to add the port to the full base URL.

3

Yeah! We are here to play :joy:

I tried to add the port to the APP_FULL_BASE_URL environment variable and the blank page on https://passbolt.domain.tld:4433 disappeared, so I was able to complete the recovery process until the last point, where the page keeps logging in and never ends.
I tried to open the extension or the website from the Passbolt image but they keep loading and sometimes the container doesn’t respond and have to reboot the server to be able to stop, remove and start again the container.
What could happen?

Now healthcheck work without fails, but the reverse proxy is still showing 500 error

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
 Healthcheck shell
-------------------------------------------------------------------------------

 Environment

 [PASS] PHP version 8.2.7.
 [PASS] PCRE compiled with unicode support.
 [PASS] The temporary directory and its content are writable and not executable.
 [PASS] The logs directory and its content are writable.
 [PASS] GD or Imagick extension is installed.
 [PASS] Intl extension is installed.
 [PASS] Mbstring extension is installed.

 Config files

 [PASS] The application config file is present
 [WARN] The passbolt config file is missing in /etc/passbolt/
 [HELP] Copy /etc/passbolt/passbolt.default.php to /etc/passbolt/passbolt.php
 [HELP] The passbolt config file is not required if passbolt is configured with environment variable                                                                                                               s

 Core config

 [PASS] Debug mode is off.
 [PASS] Cache is working.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to https://passbolt.$domain.tld:4433
 [PASS] App.fullBaseUrl validation OK.
 [PASS] /healthcheck/status is reachable.

 SSL Certificate

 [PASS] SSL peer certificate validates
 [PASS] Hostname is matching in SSL certificate.
 [PASS] Not using a self-signed certificate

 Database

 [PASS] The application is able to connect to the database
 [PASS] 49 tables found
 [PASS] Some default content is present
 [PASS] The database schema up to date.

 GPG Configuration

 [PASS] PHP GPG Module is installed and loaded.
 [PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
 [PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver u                                                                                                               ser.
 [PASS] The server OpenPGP key is not the default one
 [PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
 [PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
 [PASS] The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
 [PASS] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) i                                                                                                               s in the keyring.
 [PASS] There is a valid email id defined for the server key.
 [PASS] The public key can be used to encrypt a message.
 [PASS] The private key can be used to sign a message.
 [PASS] The public and private keys can be used to encrypt and sign a message.
 [PASS] The private key can be used to decrypt a message.
 [PASS] The private key can be used to decrypt and verify a message.
 [PASS] The public key can be used to verify a signature.
 [PASS] The server public key format is Gopengpg compatible.
 [PASS] The server private key format is Gopengpg compatible.

 Application configuration

 [PASS] Using latest passbolt version (4.1.3).
 [PASS] Passbolt is configured to force SSL use.
 [PASS] App.fullBaseUrl is set to HTTPS.
 [PASS] Selenium API endpoints are disabled.
 [PASS] Search engine robots are told not to index content.
 [INFO] The Self Registration plugin is enabled.
 [INFO] Registration is closed, only administrators can add users.
 [PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
 [PASS] Host availability will be checked.
 [PASS] Serving the compiled version of the javascript app.
 [WARN] Some email notifications are disabled by the administrator.

 JWT Authentication

 [PASS] The JWT Authentication plugin is enabled
 [PASS] The /etc/passbolt/jwt/ directory is not writable.
 [PASS] A valid JWT key pair was found

 SMTP Settings

 [PASS] The SMTP Settings plugin is enabled.
 [PASS] SMTP Settings coherent. You may send a test email to validate them.
 [PASS] The SMTP Settings source is: database.
 [PASS] The SMTP Settings plugin endpoints are disabled.

 [PASS] No error found. Nice one sparky!

This is the container log when the logging-in page at the last step on recovery process keeps loading

wait-for.sh: waiting for db:$port without a timeout
wait-for.sh: db:$port is available after 12 seconds
gpg: keybox '/var/lib/passbolt/.gnupg/pubring.kbx' created
gpg: /var/lib/passbolt/.gnupg/trustdb.gpg: trustdb created
gpg: key $key: public key "$name <$email>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: key $key: "$name <$email>" not changed
gpg: key $key: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
Subscription file found: /etc/passbolt/subscription_key.txt

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
The subscription key /etc/passbolt/subscription_key.txt has been successfully imported in the database.
Installing passbolt

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
Thanks for choosing Passbolt Pro
Below are your subscription key details
Customer id:    $name
Users limit:    5 (currently: 3)
Valid from:     Aug 24, 2022
Expires on:     Aug 23, 2023 (in 7 days)
For any question / feedback / subscription renewal,
kindly contact us at sales@passbolt.com
Running baseline checks, please wait...
Some tables are already present in the database. A new installation would override existing data.
Please use --force to proceed anyway.
Running migrations

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Thanks for choosing Passbolt Pro
Below are your subscription key details
Customer id:    $name
Users limit:    5 (currently: 3)
Valid from:     Aug 24, 2022
Expires on:     Aug 23, 2023 (in 7 days)
For any question / feedback / subscription renewal,
kindly contact us at sales@passbolt.com
 Running migration scripts.
-------------------------------------------------------------------------------
using migration paths
 - /etc/passbolt/Migrations
using seed paths
using environment default
using adapter mysql
using database dockerbolt
ordering by creation time

All Done. Took 0.0931s
Clearing cake caches
Clearing _cake_model_
Cleared _cake_model_ cache
Clearing _cake_core_
Cleared _cake_core_ cache
Enjoy! ☮

2023-08-16 10:10:36,427 INFO Included extra file "/etc/supervisor/conf.d/cron.conf" during parsing
2023-08-16 10:10:36,427 INFO Included extra file "/etc/supervisor/conf.d/nginx.conf" during parsing
2023-08-16 10:10:36,427 INFO Included extra file "/etc/supervisor/conf.d/php.conf" during parsing
2023-08-16 10:10:36,434 INFO RPC interface 'supervisor' initialized
2023-08-16 10:10:36,435 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2023-08-16 10:10:36,436 CRIT could not write pidfile /var/run/supervisord.pid
2023-08-16 10:10:37,438 INFO spawned: 'php-fpm' with pid 262
2023-08-16 10:10:37,440 INFO spawned: 'nginx' with pid 263
2023-08-16 10:10:37,442 INFO spawned: 'cron' with pid 264
time="2023-08-16T10:10:37Z" level=info msg="read crontab: /etc/cron.d/passbolt-pro-server"
[16-Aug-2023 10:10:38] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[16-Aug-2023 10:10:38] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[16-Aug-2023 10:10:38] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[16-Aug-2023 10:10:38] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[16-Aug-2023 10:10:38] NOTICE: fpm is running, pid 262
[16-Aug-2023 10:10:38] NOTICE: ready to handle connections
[16-Aug-2023 10:10:38] NOTICE: systemd monitor interval set to 10000ms
2023-08-16 10:10:39,097 INFO success: php-fpm entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2023-08-16 10:10:39,097 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2023-08-16 10:10:39,098 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2023/08/16 10:10:44 [info] 269#269: *1 client closed connection while SSL handshaking, client: 172.18.0.1, server: 0.0.0.0:4433
172.18.0.1 - - [16/Aug/2023:10:10:47 +0000] "GET /auth/login?redirect=%2F HTTP/2.0" 200 1112 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:10:47,870 INFO reaped unknown pid 278 (exit status 0)
2023-08-16 10:10:47,871 INFO reaped unknown pid 280 (exit status 0)
2023-08-16 10:10:47,871 INFO reaped unknown pid 282 (exit status 0)
2023-08-16 10:10:47,871 INFO reaped unknown pid 284 (exit status 0)
2023-08-16 10:10:47,872 INFO reaped unknown pid 286 (exit status 0)
2023-08-16 10:10:47,872 INFO reaped unknown pid 288 (exit status 0)
2023-08-16 10:10:47,872 INFO reaped unknown pid 290 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:10:48 +0000] "GET /js/app/stylesheet.js?v=4.1.3 HTTP/2.0" 200 1323 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:48 +0000] "GET /js/app/api-vendors.js?v=4.1.3 HTTP/2.0" 200 604890 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:48 +0000] "GET /js/app/api-triage.js?v=4.1.3 HTTP/2.0" 200 173229 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:48 +0000] "GET /css/themes/midgar/api_authentication.min.css?v=4.1.3 HTTP/2.0" 200 76169 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:48 +0000] "GET /favicon.ico HTTP/2.0" 200 318 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:48 +0000] "GET /favicon_32.png HTTP/2.0" 200 1302 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:48 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:10:48,840 INFO reaped unknown pid 293 (exit status 0)
2023-08-16 10:10:48,840 INFO reaped unknown pid 295 (exit status 0)
2023-08-16 10:10:48,841 INFO reaped unknown pid 297 (exit status 0)
2023-08-16 10:10:48,841 INFO reaped unknown pid 299 (exit status 0)
2023-08-16 10:10:48,841 INFO reaped unknown pid 301 (exit status 0)
2023-08-16 10:10:48,841 INFO reaped unknown pid 303 (exit status 0)
2023-08-16 10:10:48,841 INFO reaped unknown pid 305 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:10:48 +0000] "GET /locales/es-ES/common.json HTTP/2.0" 200 106262 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F&locale=es-ES" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:59 +0000] "GET / HTTP/2.0" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:10:59,251 INFO reaped unknown pid 308 (exit status 0)
2023-08-16 10:10:59,251 INFO reaped unknown pid 310 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:10:59 +0000] "GET /auth/login?redirect=%2F HTTP/2.0" 200 1112 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:10:59,348 INFO reaped unknown pid 313 (exit status 0)
2023-08-16 10:10:59,349 INFO reaped unknown pid 315 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:10:59 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:10:59,536 INFO reaped unknown pid 318 (exit status 0)
2023-08-16 10:10:59,536 INFO reaped unknown pid 320 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:10:59 +0000] "GET /img/logo/logo_white.svg HTTP/2.0" 200 4627 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:59 +0000] "GET /fonts/opensans-regular.woff HTTP/2.0" 200 20544 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:10:59 +0000] "GET /fonts/opensans-bold.woff HTTP/2.0" 200 21272 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
time="2023-08-16T10:11:00Z" level=info msg=starting iteration=0 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
172.18.0.1 - - [16/Aug/2023:10:11:00 +0000] "GET /sso/settings/current.json?api-version=v2 HTTP/2.0" 200 283 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F&locale=es-ES" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:11:00,740 INFO reaped unknown pid 340 (exit status 0)
2023-08-16 10:11:00,740 INFO reaped unknown pid 342 (exit status 0)
time="2023-08-16T10:11:00Z" level=info msg="job succeeded" iteration=0 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
172.18.0.1 - - [16/Aug/2023:10:11:06 +0000] "GET /img/controls/check_white.svg HTTP/2.0" 200 229 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:11:07 +0000] "POST /users/recover.json?api-version=v2 HTTP/2.0" 200 308 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F&locale=es-ES" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:11:07,556 INFO reaped unknown pid 345 (exit status 0)
2023-08-16 10:11:07,557 INFO reaped unknown pid 347 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:11:07 +0000] "GET /img/illustrations/email.png HTTP/2.0" 200 11521 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
time="2023-08-16T10:12:00Z" level=info msg=starting iteration=1 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T10:12:00Z" level=info msg="job succeeded" iteration=1 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
2023-08-16 10:12:00,970 INFO reaped unknown pid 366 (exit status 0)
2023-08-16 10:12:00,971 INFO reaped unknown pid 368 (exit status 0)
2023-08-16 10:12:00,971 INFO reaped unknown pid 370 (exit status 0)
2023-08-16 10:12:00,971 INFO reaped unknown pid 372 (exit status 0)
2023-08-16 10:12:00,972 INFO reaped unknown pid 374 (exit status 0)
2023-08-16 10:12:00,972 INFO reaped unknown pid 376 (exit status 0)
2023-08-16 10:12:00,972 INFO reaped unknown pid 378 (exit status 0)
2023-08-16 10:12:00,972 INFO reaped unknown pid 381 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:32 +0000] "GET /img/logo/logo.png HTTP/2.0" 200 2274 "https://$mailserver/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023/08/16 10:12:32 [info] 269#269: *14 peer closed connection in SSL handshake while SSL handshaking, client: 172.18.0.1, server: 0.0.0.0:4433
172.18.0.1 - - [16/Aug/2023:10:12:32 +0000] "GET /avatars/view/f879450d-27ce-4470-b7fd-4b1c2a73de0a/small.jpg HTTP/2.0" 200 4176 "https://$mailserver/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:32,355 INFO reaped unknown pid 384 (exit status 0)
2023-08-16 10:12:32,356 INFO reaped unknown pid 386 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:37 +0000] "GET /setup/recover/start/$userid/$tokenid?case=default HTTP/2.0" 200 1112 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:37,626 INFO reaped unknown pid 389 (exit status 0)
2023-08-16 10:12:37,626 INFO reaped unknown pid 391 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:37 +0000] "GET /js/app/api-recover.js?v=4.1.3 HTTP/2.0" 200 159115 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:12:37 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:37,992 INFO reaped unknown pid 394 (exit status 0)
2023-08-16 10:12:37,992 INFO reaped unknown pid 396 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:39 +0000] "GET /setup/recover/$userid/$tokenid.json?api-version=v2 HTTP/2.0" 200 5625 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:39,222 INFO reaped unknown pid 399 (exit status 0)
2023-08-16 10:12:39,222 INFO reaped unknown pid 401 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:39 +0000] "GET /img/third_party/ChromeWebStore_white.svg HTTP/2.0" 200 11286 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:10:12:50 +0000] "GET /setup/recover/start/$userid/$tokenid?case=default&first-install=1 HTTP/2.0" 200 1112 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:50,123 INFO reaped unknown pid 404 (exit status 0)
2023-08-16 10:12:50,123 INFO reaped unknown pid 406 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:50 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default&first-install=1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:50,266 INFO reaped unknown pid 409 (exit status 0)
2023-08-16 10:12:50,267 INFO reaped unknown pid 411 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:50 +0000] "GET /users/csrf-token.json?api-version=v2 HTTP/2.0" 200 387 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:50,472 INFO reaped unknown pid 414 (exit status 0)
2023-08-16 10:12:50,472 INFO reaped unknown pid 416 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:50 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:50,581 INFO reaped unknown pid 419 (exit status 0)
2023-08-16 10:12:50,581 INFO reaped unknown pid 421 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:50 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:50,710 INFO reaped unknown pid 424 (exit status 0)
2023-08-16 10:12:50,711 INFO reaped unknown pid 426 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:50 +0000] "GET /auth/verify.json?api-version=v2 HTTP/2.0" 200 3735 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:50,850 INFO reaped unknown pid 429 (exit status 0)
2023-08-16 10:12:50,851 INFO reaped unknown pid 431 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:50 +0000] "GET /setup/recover/start/$userid/$tokenid.json?api-version=v2 HTTP/2.0" 200 5632 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:50,972 INFO reaped unknown pid 434 (exit status 0)
2023-08-16 10:12:50,972 INFO reaped unknown pid 436 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:51 +0000] "GET /setup/recover/$userid/$tokenid.json?api-version=v2 HTTP/2.0" 200 5625 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default&first-install=1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:51,441 INFO reaped unknown pid 439 (exit status 0)
2023-08-16 10:12:51,441 INFO reaped unknown pid 441 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:12:56 +0000] "POST /auth/verify.json?api-version=v2 HTTP/2.0" 200 250 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:12:56,591 INFO reaped unknown pid 444 (exit status 0)
2023-08-16 10:12:56,591 INFO reaped unknown pid 446 (exit status 0)
2023-08-16 10:12:56,592 INFO reaped unknown pid 449 (exit status 0)
time="2023-08-16T10:13:00Z" level=info msg=starting iteration=2 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T10:13:00Z" level=info msg="job succeeded" iteration=2 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
172.18.0.1 - - [16/Aug/2023:10:13:08 +0000] "POST /setup/recover/complete/$userid HTTP/2.0" 200 309 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:13:08,675 INFO reaped unknown pid 468 (exit status 0)
2023-08-16 10:13:08,675 INFO reaped unknown pid 470 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:13:08 +0000] "GET /sso/settings/current.json?api-version=v2 HTTP/2.0" 200 283 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:13:08,934 INFO reaped unknown pid 473 (exit status 0)
2023-08-16 10:13:08,934 INFO reaped unknown pid 475 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:13:09 +0000] "GET /users/csrf-token.json?api-version=v2 HTTP/2.0" 200 387 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:13:09,085 INFO reaped unknown pid 478 (exit status 0)
2023-08-16 10:13:09,085 INFO reaped unknown pid 480 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:13:09 +0000] "POST /auth/login.json?api-version=v2 HTTP/2.0" 200 249 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:13:09,435 INFO reaped unknown pid 483 (exit status 0)
2023-08-16 10:13:09,438 INFO reaped unknown pid 485 (exit status 0)
2023-08-16 10:13:09,438 INFO reaped unknown pid 488 (exit status 2)
2023-08-16 10:13:09,439 INFO reaped unknown pid 490 (exit status 0)
2023-08-16 10:13:09,439 INFO reaped unknown pid 493 (exit status 0)
2023-08-16 10:13:09,439 INFO reaped unknown pid 495 (exit status 0)
2023-08-16 10:13:09,439 INFO reaped unknown pid 497 (exit status 0)
2023-08-16 10:13:09,440 INFO reaped unknown pid 499 (exit status 0)
2023-08-16 10:13:09,440 INFO reaped unknown pid 501 (exit status 0)
2023-08-16 10:13:09,440 INFO reaped unknown pid 504 (exit status 0)
172.18.0.1 - - [16/Aug/2023:10:13:09 +0000] "POST /auth/login.json?api-version=v2 HTTP/2.0" 200 3925 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 10:13:09,599 INFO reaped unknown pid 507 (exit status 0)
2023-08-16 10:13:09,599 INFO reaped unknown pid 509 (exit status 0)
time="2023-08-16T10:14:00Z" level=info msg=starting iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
4

For the log in hanging could you grab the browser extension logs?

5

I think I never used that logs. Where can I see them?

6

For Chrome:

  • Go to: chrome://extensions
    • Activate the Developer mode in the top right corner
    • Look for the Passbolt card and click details button
    • Look for the Inspect views and the index.html link
    • A new window will appear this is the debugger of the browser extension
    • Go to network tab
    • Try to reproduce the error
    • Export logs by clicking the down arrow

Just beware that these will have your URL and other information in them, so either censor that or just look for the relevant bits to post

7

I tried that and wait for a while to see what happens. Here are the container log and the extension log when the last step keeps loading
image

wait-for.sh: waiting for db:3306 without a timeout
wait-for.sh: db:3306 is available after 13 seconds
gpg: keybox '/var/lib/passbolt/.gnupg/pubring.kbx' created
gpg: /var/lib/passbolt/.gnupg/trustdb.gpg: trustdb created
gpg: key $keyid: public key "$name <$email>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: key $keyid: "$name <$email>" not changed
gpg: key $keyid: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
Subscription file found: /etc/passbolt/subscription_key.txt

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
The subscription key /etc/passbolt/subscription_key.txt has been successfully imported in the database.
Installing passbolt

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
Thanks for choosing Passbolt Pro
Below are your subscription key details
Customer id:    $name
Users limit:    5 (currently: 3)
Valid from:     Aug 24, 2022
Expires on:     Aug 23, 2023 (in 7 days)
For any question / feedback / subscription renewal,
kindly contact us at sales@passbolt.com
Running baseline checks, please wait...
Some tables are already present in the database. A new installation would override existing data.
Please use --force to proceed anyway.
Running migrations

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Thanks for choosing Passbolt Pro
Below are your subscription key details
Customer id:    $name
Users limit:    5 (currently: 3)
Valid from:     Aug 24, 2022
Expires on:     Aug 23, 2023 (in 7 days)
For any question / feedback / subscription renewal,
kindly contact us at sales@passbolt.com
 Running migration scripts.
-------------------------------------------------------------------------------
using migration paths
 - /etc/passbolt/Migrations
using seed paths
using environment default
using adapter mysql
using database dockerbolt
ordering by creation time

All Done. Took 0.0359s
Clearing cake caches
Clearing _cake_model_
Cleared _cake_model_ cache
Clearing _cake_core_
Cleared _cake_core_ cache
Enjoy! ☮

2023-08-16 12:16:56,884 INFO Included extra file "/etc/supervisor/conf.d/cron.conf" during parsing
2023-08-16 12:16:56,884 INFO Included extra file "/etc/supervisor/conf.d/nginx.conf" during parsing
2023-08-16 12:16:56,884 INFO Included extra file "/etc/supervisor/conf.d/php.conf" during parsing
2023-08-16 12:16:56,906 INFO RPC interface 'supervisor' initialized
2023-08-16 12:16:56,906 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2023-08-16 12:16:56,906 CRIT could not write pidfile /var/run/supervisord.pid
2023-08-16 12:16:57,910 INFO spawned: 'php-fpm' with pid 264
2023-08-16 12:16:57,912 INFO spawned: 'nginx' with pid 265
2023-08-16 12:16:57,921 INFO spawned: 'cron' with pid 266
time="2023-08-16T12:16:58Z" level=info msg="read crontab: /etc/cron.d/passbolt-pro-server"
[16-Aug-2023 12:16:58] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[16-Aug-2023 12:16:58] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[16-Aug-2023 12:16:58] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[16-Aug-2023 12:16:58] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[16-Aug-2023 12:16:58] NOTICE: fpm is running, pid 264
[16-Aug-2023 12:16:58] NOTICE: ready to handle connections
[16-Aug-2023 12:16:58] NOTICE: systemd monitor interval set to 10000ms
2023-08-16 12:16:59,456 INFO success: php-fpm entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2023-08-16 12:16:59,456 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2023-08-16 12:16:59,456 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
time="2023-08-16T12:17:00Z" level=info msg=starting iteration=0 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:17:00Z" level=info msg="job succeeded" iteration=0 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
172.18.0.1 - - [16/Aug/2023:12:17:03 +0000] "GET / HTTP/2.0" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:17:03,865 INFO reaped unknown pid 297 (exit status 0)
2023-08-16 12:17:03,865 INFO reaped unknown pid 299 (exit status 0)
2023-08-16 12:17:03,865 INFO reaped unknown pid 301 (exit status 0)
2023-08-16 12:17:03,866 INFO reaped unknown pid 303 (exit status 0)
2023-08-16 12:17:03,866 INFO reaped unknown pid 305 (exit status 0)
2023-08-16 12:17:03,866 INFO reaped unknown pid 307 (exit status 0)
2023-08-16 12:17:03,866 INFO reaped unknown pid 309 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /auth/login?redirect=%2F HTTP/2.0" 200 1112 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:17:04,031 INFO reaped unknown pid 312 (exit status 0)
2023-08-16 12:17:04,031 INFO reaped unknown pid 314 (exit status 0)
2023-08-16 12:17:04,031 INFO reaped unknown pid 316 (exit status 0)
2023-08-16 12:17:04,031 INFO reaped unknown pid 318 (exit status 0)
2023-08-16 12:17:04,031 INFO reaped unknown pid 320 (exit status 0)
2023-08-16 12:17:04,032 INFO reaped unknown pid 322 (exit status 0)
2023-08-16 12:17:04,032 INFO reaped unknown pid 324 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /js/app/stylesheet.js?v=4.1.3 HTTP/2.0" 200 1323 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /js/app/api-vendors.js?v=4.1.3 HTTP/2.0" 200 604890 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /js/app/api-triage.js?v=4.1.3 HTTP/2.0" 200 173229 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /css/themes/midgar/api_authentication.min.css?v=4.1.3 HTTP/2.0" 200 76169 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /favicon.ico HTTP/2.0" 200 318 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /favicon_32.png HTTP/2.0" 200 1302 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:17:04,466 INFO reaped unknown pid 327 (exit status 0)
2023-08-16 12:17:04,466 INFO reaped unknown pid 329 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /locales/es-ES/common.json HTTP/2.0" 200 106262 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F&locale=es-ES" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /img/logo/logo_white.svg HTTP/2.0" 200 4627 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /fonts/opensans-regular.woff HTTP/2.0" 200 20544 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:04 +0000] "GET /fonts/opensans-bold.woff HTTP/2.0" 200 21272 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:05 +0000] "GET /sso/settings/current.json?api-version=v2 HTTP/2.0" 200 283 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F&locale=es-ES" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:17:05,766 INFO reaped unknown pid 332 (exit status 0)
2023-08-16 12:17:05,766 INFO reaped unknown pid 334 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:17:13 +0000] "GET /img/controls/check_white.svg HTTP/2.0" 200 229 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:17:14,606 INFO reaped unknown pid 337 (exit status 0)
2023-08-16 12:17:14,608 INFO reaped unknown pid 339 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:17:14 +0000] "POST /users/recover.json?api-version=v2 HTTP/2.0" 200 308 "https://passbolt.$domain.tld:4433/auth/login?redirect=%2F&locale=es-ES" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:17:14 +0000] "GET /img/illustrations/email.png HTTP/2.0" 200 11521 "https://passbolt.$domain.tld:4433/css/themes/midgar/api_authentication.min.css?v=4.1.3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
time="2023-08-16T12:18:00Z" level=info msg=starting iteration=1 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:18:00Z" level=info msg="job succeeded" iteration=1 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
2023-08-16 12:18:00,965 INFO reaped unknown pid 358 (exit status 0)
2023-08-16 12:18:00,965 INFO reaped unknown pid 360 (exit status 0)
2023-08-16 12:18:00,966 INFO reaped unknown pid 362 (exit status 0)
2023-08-16 12:18:00,966 INFO reaped unknown pid 364 (exit status 0)
2023-08-16 12:18:00,966 INFO reaped unknown pid 366 (exit status 0)
2023-08-16 12:18:00,966 INFO reaped unknown pid 368 (exit status 0)
2023-08-16 12:18:00,966 INFO reaped unknown pid 370 (exit status 0)
2023-08-16 12:18:00,966 INFO reaped unknown pid 373 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:18:35 +0000] "GET /avatars/view/f879450d-27ce-4470-b7fd-4b1c2a73de0a/small.jpg HTTP/2.0" 200 4176 "https://$mailserver/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:18:35,545 INFO reaped unknown pid 376 (exit status 0)
2023-08-16 12:18:35,546 INFO reaped unknown pid 378 (exit status 0)
time="2023-08-16T12:19:00Z" level=info msg=starting iteration=2 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:19:00Z" level=info msg="job succeeded" iteration=2 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
172.18.0.1 - - [16/Aug/2023:12:19:07 +0000] "GET /setup/recover/start/$userid/$tokenid?case=default HTTP/2.0" 200 1112 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:07,355 INFO reaped unknown pid 397 (exit status 0)
2023-08-16 12:19:07,356 INFO reaped unknown pid 399 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:07 +0000] "GET /js/app/api-recover.js?v=4.1.3 HTTP/2.0" 200 159115 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
172.18.0.1 - - [16/Aug/2023:12:19:07 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:07,664 INFO reaped unknown pid 402 (exit status 0)
2023-08-16 12:19:07,665 INFO reaped unknown pid 404 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:07 +0000] "GET /users/csrf-token.json?api-version=v2 HTTP/2.0" 200 387 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:07,870 INFO reaped unknown pid 407 (exit status 0)
2023-08-16 12:19:07,870 INFO reaped unknown pid 409 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:07 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:07,985 INFO reaped unknown pid 412 (exit status 0)
2023-08-16 12:19:07,985 INFO reaped unknown pid 414 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:08 +0000] "GET /settings.json?api-version=v2 HTTP/2.0" 200 1446 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:08,110 INFO reaped unknown pid 417 (exit status 0)
2023-08-16 12:19:08,110 INFO reaped unknown pid 419 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:08 +0000] "GET /auth/verify.json?api-version=v2 HTTP/2.0" 200 3735 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:08,256 INFO reaped unknown pid 422 (exit status 0)
2023-08-16 12:19:08,256 INFO reaped unknown pid 424 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:08 +0000] "GET /setup/recover/start/$userid/$tokenid.json?api-version=v2 HTTP/2.0" 200 5632 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:08,438 INFO reaped unknown pid 427 (exit status 0)
2023-08-16 12:19:08,438 INFO reaped unknown pid 429 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:08 +0000] "GET /setup/recover/$userid/$tokenid.json?api-version=v2 HTTP/2.0" 200 5625 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:08,877 INFO reaped unknown pid 432 (exit status 0)
2023-08-16 12:19:08,877 INFO reaped unknown pid 434 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:08 +0000] "GET /img/third_party/ChromeWebStore_white.svg HTTP/2.0" 200 11286 "https://passbolt.$domain.tld:4433/setup/recover/start/$userid/$tokenid?case=default" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:22,950 INFO reaped unknown pid 437 (exit status 0)
2023-08-16 12:19:22,950 INFO reaped unknown pid 439 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:23 +0000] "POST /auth/verify.json?api-version=v2 HTTP/2.0" 200 250 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:23,009 INFO reaped unknown pid 442 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:37 +0000] "POST /setup/recover/complete/$userid HTTP/2.0" 200 309 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:37,025 INFO reaped unknown pid 445 (exit status 0)
2023-08-16 12:19:37,026 INFO reaped unknown pid 447 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:37 +0000] "GET /sso/settings/current.json?api-version=v2 HTTP/2.0" 200 283 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:37,244 INFO reaped unknown pid 450 (exit status 0)
2023-08-16 12:19:37,244 INFO reaped unknown pid 452 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:37 +0000] "GET /users/csrf-token.json?api-version=v2 HTTP/2.0" 200 387 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:37,413 INFO reaped unknown pid 455 (exit status 0)
2023-08-16 12:19:37,413 INFO reaped unknown pid 457 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:37 +0000] "POST /auth/login.json?api-version=v2 HTTP/2.0" 200 249 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:37,703 INFO reaped unknown pid 460 (exit status 0)
2023-08-16 12:19:37,703 INFO reaped unknown pid 462 (exit status 0)
2023-08-16 12:19:37,704 INFO reaped unknown pid 465 (exit status 2)
2023-08-16 12:19:37,704 INFO reaped unknown pid 467 (exit status 0)
2023-08-16 12:19:37,704 INFO reaped unknown pid 470 (exit status 0)
2023-08-16 12:19:37,704 INFO reaped unknown pid 472 (exit status 0)
2023-08-16 12:19:37,704 INFO reaped unknown pid 474 (exit status 0)
2023-08-16 12:19:37,704 INFO reaped unknown pid 476 (exit status 0)
2023-08-16 12:19:37,705 INFO reaped unknown pid 478 (exit status 0)
2023-08-16 12:19:37,705 INFO reaped unknown pid 481 (exit status 0)
172.18.0.1 - - [16/Aug/2023:12:19:37 +0000] "POST /auth/login.json?api-version=v2 HTTP/2.0" 200 3925 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
2023-08-16 12:19:37,856 INFO reaped unknown pid 484 (exit status 0)
2023-08-16 12:19:37,856 INFO reaped unknown pid 486 (exit status 0)
time="2023-08-16T12:20:00Z" level=info msg=starting iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:21:00Z" level=warning msg="not starting: job is still running since 2023-08-16 12:20:00 +0000 UTC (1m0s elapsed)" iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:22:00Z" level=warning msg="not starting: job is still running since 2023-08-16 12:20:00 +0000 UTC (2m0s elapsed)" iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:23:00Z" level=warning msg="not starting: job is still running since 2023-08-16 12:20:00 +0000 UTC (3m0s elapsed)" iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:24:00Z" level=warning msg="not starting: job is still running since 2023-08-16 12:20:00 +0000 UTC (4m0s elapsed)" iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:25:00Z" level=warning msg="not starting: job is still running since 2023-08-16 12:20:00 +0000 UTC (5m0s elapsed)" iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:26:00Z" level=warning msg="not starting: job is still running since 2023-08-16 12:20:00 +0000 UTC (6m0s elapsed)" iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"
time="2023-08-16T12:27:00Z" level=warning msg="not starting: job is still running since 2023-08-16 12:20:00 +0000 UTC (7m0s elapsed)" iteration=3 job.command="$PASSBOLT_BASE_DIR/bin/cron > $PASSBOLT_LOG_DIR/cron.log 2> $PASSBOLT_LOG_DIR/cron-error.log" job.position=0 job.schedule="* * * * *"

https://pastebin.com/G8axJ5cQ

8

It looks like that pastebin link with the browser extension logs isn’t valid anymore, was there anything in there that stood out to you?

9

This is again the paste of the extension log. I upload it to different webpages to try to avoid deletion

10

So from there it looks like the relevant error is:

        "response": {
          "status": 0,
          "statusText": "",
          "httpVersion": "",
          "headers": [],
          "cookies": [],
          "content": {
            "size": 0,
            "mimeType": "x-unknown"
          },
          "redirectURL": "",
          "headersSize": -1,
          "bodySize": -1,
          "_transferSize": 0,
          "_error": "net::ERR_HTTP2_PING_FAILED"
        },
        "serverIPAddress": "",
        "startedDateTime": "2023-08-16T12:19:45.143Z",
        "time": 212847.712,
        "timings": {
          "blocked": 212847.712,
          "dns": -1,
          "ssl": -1,
          "connect": -1,
          "send": 0,
          "wait": 0,
          "receive": 0,
          "_blocked_queueing": 1.7030000000204382
        }
      },

and you are getting this on the https://passbolt.$domain.tld:4433/resources.json?api-version=v2 endpoint. Above that it is showing that there is a successful log in

11

Hello, I’m working again on it to try to solve the problems and maybe use this as a kind of guide to users who want to do the same as me.
I checked and added some lines to my Apache config to see what was going on with the reverse proxy and found that SSL ProxyEngine was missing, so I enabled it with the next line:

    SSLProxyEngine on

I updated the config file on the first post with the changes.
Also, I have deleted the volumes and created them again to update to v4.2 and now I have an error with the SSL key file.
It is copied to the container by Docker secrets, but the web user has no access to the file for some reason. Here are the errors in the container log and the permissions of the files:

image
image1892×229 22.8 KB

image

Do you know why the ssl_key has been created with different permissions from the others causing the permission denied error?

1 Like
12

Hello, do you know why I have this permission error?

13

Apologies for not getting back to you here. It seems like a way to adjust this would be with something like:

    secrets:
      - source: my_secret
        target: redis_secret
        uid: '103'
        gid: '103'
        mode: 0440
secrets:
  my_secret:
    file: ./my_secret.txt
  my_other_secret:
    external: true

This example is from the long-syntax section on the secrets section for the docker compose documentation. It doesn’t really answer the why the permissions are that but it does explain how to set them to what you want.

Since you are setting them with the file option it might be worth checking the permissions on the files that are used for these to see what they are set to as well.

1 Like
14

Thank you for your answer that helped to solve the problem.
I checked the permissions and they were all 644 so, I tried to remove and copy again, delete all volumes/images and create new ones and now it works again as before (maybe there was something wrong during configuration).

Now I still getting problems with the reverse proxy. Without it, Passbolt works as expected but with the Apache reverse proxy, the /resources.json?api-version=v2 throws a 401 or 502 error.

Here is the Apache error log of the reverse proxy since the last container launch:

[Wed Sep 13 10:37:43.079781 2023] [proxy:error] [pid 1082:tid 140152500385536] (20014)Internal error (specific information not available): [client IPSERVERADDRESS:41722] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:37:43.079856 2023] [proxy:error] [pid 1082:tid 140152500385536] [client IPSERVERADDRESS:41722] AH00898: Error during SSL Handshake with remote server returned by /healthcheck/status.json
[Wed Sep 13 10:37:43.079862 2023] [proxy_http:error] [pid 1082:tid 140152500385536] [client IPSERVERADDRESS:41722] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from IPSERVERADDRESS ()
[Wed Sep 13 10:44:25.546626 2023] [proxy_http:error] [pid 1082:tid 140152588769024] (70007)The timeout specified has expired: [client MYIPADDRESS:55311] AH01102: error reading status line from remote server localhost:4433, referer: https://passbolt.domain.tld/auth/login?redirect=%2F
[Wed Sep 13 10:44:25.554727 2023] [proxy:error] [pid 1082:tid 140152588769024] [client MYIPADDRESS:55311] AH00898: Error reading from remote server returned by /settings.json, referer: https://passbolt.domain.tld/auth/login?redirect=%2F
[Wed Sep 13 10:44:25.546763 2023] [proxy_http:error] [pid 1082:tid 140152613955328] (70007)The timeout specified has expired: [client MYIPADDRESS:55312] AH01102: error reading status line from remote server localhost:4433
[Wed Sep 13 10:44:25.555094 2023] [proxy:error] [pid 1082:tid 140152613955328] [client MYIPADDRESS:55312] AH00898: Error reading from remote server returned by /resources.json
[Wed Sep 13 10:44:25.771445 2023] [proxy_http:error] [pid 1082:tid 140152647526144] (70007)The timeout specified has expired: [client MYIPADDRESS:55312] AH01102: error reading status line from remote server localhost:4433
[Wed Sep 13 10:44:25.771492 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:55312] AH00898: Error reading from remote server returned by /users/csrf-token.json
[Wed Sep 13 10:46:35.311473 2023] [proxy_http:error] [pid 1082:tid 140152723060480] (70007)The timeout specified has expired: [client MYIPADDRESS:55312] AH01102: error reading status line from remote server localhost:4433
[Wed Sep 13 10:46:35.311515 2023] [proxy:error] [pid 1082:tid 140152723060480] [client MYIPADDRESS:55312] AH00898: Error reading from remote server returned by /users/me.json
[Wed Sep 13 10:55:12.970153 2023] [proxy:error] [pid 1080:tid 140152613955328] (20014)Internal error (specific information not available): [client MYIPADDRESS:56019] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:12.970229 2023] [proxy:error] [pid 1080:tid 140152613955328] [client MYIPADDRESS:56019] AH00898: Error during SSL Handshake with remote server returned by /
[Wed Sep 13 10:55:12.970234 2023] [proxy_http:error] [pid 1080:tid 140152613955328] [client MYIPADDRESS:56019] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:12.970718 2023] [proxy:error] [pid 1082:tid 140152723060480] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:12.970750 2023] [proxy:error] [pid 1082:tid 140152723060480] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /resources.json
[Wed Sep 13 10:55:12.970756 2023] [proxy_http:error] [pid 1082:tid 140152723060480] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:12.974138 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:12.974162 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /resources.json
[Wed Sep 13 10:55:12.974165 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:13.016321 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:13.016351 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /resources.json
[Wed Sep 13 10:55:13.016354 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:13.060116 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:13.060147 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /resources.json
[Wed Sep 13 10:55:13.060152 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:13.068440 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:13.068470 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /auth/is-authenticated.json
[Wed Sep 13 10:55:13.068473 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:13.104443 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:13.104473 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /resources.json
[Wed Sep 13 10:55:13.104476 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:13.148058 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:13.148088 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /resources.json
[Wed Sep 13 10:55:13.148091 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:13.192264 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:13.192294 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /resources.json
[Wed Sep 13 10:55:13.192314 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:55:13.236329 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56011] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:55:13.236365 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH00898: Error during SSL Handshake with remote server returned by /resources.json
[Wed Sep 13 10:55:13.236368 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56011] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()
[Wed Sep 13 10:56:35.256578 2023] [proxy:error] [pid 1082:tid 140152647526144] (20014)Internal error (specific information not available): [client MYIPADDRESS:56152] AH01084: pass request body failed to 127.0.0.1:4433 (localhost)
[Wed Sep 13 10:56:35.256612 2023] [proxy:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56152] AH00898: Error during SSL Handshake with remote server returned by /users/me.json
[Wed Sep 13 10:56:35.256615 2023] [proxy_http:error] [pid 1082:tid 140152647526144] [client MYIPADDRESS:56152] AH01097: pass request body failed to 127.0.0.1:4433 (localhost) from MYIPADDRESS ()

Here is the Apache access log of the reverse proxy since last container launch:

IPSERVERADDRESS - - [13/Sep/2023:10:37:43 +0200] "GET /healthcheck/status.json HTTP/1.1" 500 5141 "-" "-"
MYIPADDRESS - - [13/Sep/2023:10:38:46 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 401 585 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:38:50 +0200] "GET /healthcheck HTTP/2.0" 403 1845 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:38:51 +0200] "GET /css/themes/default/api_main.min.css?v=4.2.0 HTTP/2.0" 200 16849 "https://passbolt.domain.tld/healthcheck" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:38:51 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 401 283 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:38:56 +0200] "GET /healthcheck.json HTTP/2.0" 403 480 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:38:57 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 401 521 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:10 +0200] "GET /healthcheck/status HTTP/2.0" 200 873 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:12 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 401 521 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:14 +0200] "GET /healthcheck/status.json HTTP/2.0" 200 306 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:14 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 401 306 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:24 +0200] "GET / HTTP/2.0" 302 324 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:25 +0200] "GET /auth/login?redirect=%2F HTTP/2.0" 200 1686 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:25 +0200] "GET /settings.json?api-version=v2 HTTP/2.0" 502 400 "https://passbolt.domain/auth/login?redirect=%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:25 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 502 426 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:39:25 +0200] "GET /users/csrf-token.json?api-version=v2 HTTP/2.0" 502 369 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:41:35 +0200] "GET /users/me.json?api-version=v2 HTTP/2.0" 502 392 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:54:38 +0200] "GET / HTTP/2.0" 500 355 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:54:35 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 500 355 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:54:58 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 500 324 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:55:13 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 500 324 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:55:13 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 500 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:55:13 +0200] "GET /auth/is-authenticated.json HTTP/2.0" 500 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:55:13 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 500 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:55:13 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 500 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:55:13 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 500 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:55:13 +0200] "GET /resources.json?api-version=v2 HTTP/2.0" 500 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"
MYIPADDRESS - - [13/Sep/2023:10:56:35 +0200] "GET /users/me.json?api-version=v2 HTTP/2.0" 500 355 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"

And here is the Apache config as I have it for now:

<VirtualHost IPSERVERADDRESS:80>
    ServerName passbolt.domain.tld

    ErrorLog /var/log/virtualmin/passbolt.domain.tld_error_log
    CustomLog /var/log/virtualmin/passbolt.domain.tld_access_log combined

    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    RewriteCond %{SERVER_NAME} =passbolt.domain.tld
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost IPSERVERADDRESS:443>
    ServerName passbolt.domain.tld

    ErrorLog /var/log/virtualmin/passbolt.domain.tld_error_log
    CustomLog /var/log/virtualmin/passbolt.domain.tld_access_log combined

    # Enable h2, h2c and http1.1
    Protocols h2 h2c http/1.1

    # Solves slow upload speeds caused by http2
    H2WindowSize 5242880

    RewriteEngine on
    ProxyPreserveHost On
    AllowEncodedSlashes NoDecode
    ProxyRequests On
    
    ProxyPass / https://localhost:4433/ nocanon
    ProxyPassReverse / https://localhost:4433/
    
    RewriteCond %{HTTP:Authorization} ^(.*) 
    RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
    RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
    RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
    RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
    RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
    RewriteRule .* ws://localhost:4433%{REQUEST_URI} [P,QSA,L]

    ProxyPassReverseCookieDomain localhost passbolt.domain.tld

    SSLEngine on
    SSLProxyEngine on
    SSLProtocol +TLSv1.2 +TLSv1.3
    SSLCertificateFile /etc/letsencrypt/live/domain.tld/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.tld/privkey.pem
    SSLCACertificateFile /etc/letsencrypt/live/domain.tld/chain.pem
</VirtualHost>

Any ideas to try to solve it? Normally, after trying to access the website, the container keeps running but I can’t see the logs or attach to it and I have to reboot the server because it seems locked and I can’t delete it and create it again.

image
image1595×86 6.58 KB

Maybe something on the config is causing this lock and also the response errors?

15

Seems that I’m the only one who makes a reverse proxy with Apache :rofl:
I tried locally on my laptop and the Passbolt config works as expected, so it has to be something from Apache or the config.
If you can help me with any ideas you are welcome!
I will keep trying

16

Just a little up, maybe someone can help me with the reverse proxy?