SQLSTATE[HY000] [2002] Connection timed out

Hello

I use Ubuntu 22.04.1 LTS with docker

The only thing I set in the docker-compose-ce.yaml is:
DATASOURCES_DEFAULT_HOST: "172.16.0.18"
(i wanted to make sure that i change as little as possible and just get a runnable instance)

Version: '3.9'
services:
  db:
    image: mariadb:10.3
    restart: unless-stopped
    environment:
      MYSQL_RANDOM_ROOT_PASSWORD: "true"
      MYSQL_DATABASE: "passbolt"
      MYSQL_USER: "passbolt"
      MYSQL_PASSWORD: "P4ssb0lt"
    volumes:
      - database_volume:/var/lib/mysql

  passbolt:
    image: passbolt/passbolt:latest-ce
    #Alternatively you can use rootless:
    #image: passbolt/passbolt:latest-ce-non-root
    restart: unless-stopped
    depends_on:
      - db
    environment:
      APP_FULL_BASE_URL: https://passbolt.local
      DATASOURCES_DEFAULT_HOST: "172.16.0.18"
      DATASOURCES_DEFAULT_USERNAME: "passbolt"
      DATASOURCES_DEFAULT_PASSWORD: "P4ssb0lt"
      DATASOURCES_DEFAULT_DATABASE: "passbolt"
    volumes:
      - gpg_volume:/etc/passbolt/gpg
      - jwt_volume:/etc/passbolt/jwt
    command: ["/usr/bin/wait-for.sh", "-t", "0", "db:3306", "--", "/docker-entrypoint.sh"]
    ports:
      - 80:80
      - 443:443
    #Alternatively for non-root images:
    # - 8080:80
    # - 4443:433

volumes:
  database_volume:
  gpg_volume:
  jwt_volume:

docker ps:

~# docker ps
CONTAINER ID   IMAGE                         COMMAND                  CREATED         STATUS         PORTS                                                                      NAMES
85a38be9199b   passbolt/passbolt:latest-ce   "/usr/bin/wait-for.s…"   2 minutes ago   Up 2 seconds   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   root_passbolt_1
7b8efa029e21   mariadb:10.3                  "docker-entrypoint.s…"   2 minutes ago   Up 2 minutes   3306/tcp                                                                   root_db_1

~# docker logs 85a38be9199b
wait-for.sh: waiting for db:3306 without a timeout
wait-for.sh: db:3306 is available after 0 seconds
gpg: keybox '/var/lib/passbolt/.gnupg/pubring.kbx' created
gpg: /var/lib/passbolt/.gnupg/trustdb.gpg: trustdb created
gpg: key 64944D38F7B1A439: public key "Passbolt default user <passbolt@yourdomain.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: key 64944D38F7B1A439: "Passbolt default user <passbolt@yourdomain.com>" not changed
gpg: key 64944D38F7B1A439: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
Generating a RSA private key
..............................++++
.....................++++
writing new private key to '/etc/ssl/certs/certificate.key'
-----
Installing passbolt

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
Running baseline checks, please wait...
Notice Error: Undefined index: message
In [/usr/share/php/passbolt/src/Utility/Healthchecks/DatabaseHealthchecks.php, line 72]

2023-01-04 00:37:23 notice: Notice (8): Undefined index: message in [/usr/share/php/passbolt/src/Utility/Healthchecks/DatabaseHealthchecks.php, line 72]
Exception: Connection to Mysql could not be established: SQLSTATE[HY000] [2002] Connection timed out
In [/usr/share/php/passbolt/vendor/cakephp/cakephp/src/Database/Driver.php, line 133]

Running migrations

     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
 Running migration scripts.
-------------------------------------------------------------------------------
using migration paths
 - /etc/passbolt/Migrations
using seed paths
Exception: There was a problem connecting to the database: SQLSTATE[HY000] [2002] Connection timed out
In [/usr/share/php/passbolt/vendor/robmorgan/phinx/src/Phinx/Db/Adapter/PdoAdapter.php, line 96]

wait-for.sh: waiting for db:3306 without a timeout
wait-for.sh: db:3306 is available after 0 seconds
gpg: key 64944D38F7B1A439: "Passbolt default user <passbolt@yourdomain.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg: key 64944D38F7B1A439: "Passbolt default user <passbolt@yourdomain.com>" not changed
gpg: key 64944D38F7B1A439: secret key imported
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:  secret keys unchanged: 1
Installing passbolt

Thanks for your help!

Hi @divine Welcome to the forum!

How does it work with db instead of the ip address?

Thanks garret!

I made a
docker inspect
and found out, that the IP of the DB is 172.18.0.2

I’ve added this IP to: DATASOURCES_DEFAULT_HOST variable.

I’ve checked the logs and still:
Exception: Connection to Mysql could not be established: SQLSTATE[HY000] [1045] Access denied for user 'passbolt'@'172.18.0.3' (using password: YES)

I wasn’t sure, if you meant, putting the term “db” in this field, so a tried this as well. Unfortunately, it didn’t work

Why does he look for 172.18.0.3 instead of 172.18.02?
172.18.0.3 seems to be the IP of the passbolt contianer… Hmm…

Here’s a docker logs of the DB:
2023-01-04 9:00:14 205 [Warning] Access denied for user ‘passbolt’@‘172.18.0.3’ (using password: YES)

It looks for me like the connection works, just a problem with the DB?
I’ve used the standard docker-compose-ce.yaml
Any idea?

The passbolt user is coming from 172.18.0.3 so the reference is from the point of view of the db referencing the authorization identifier of user@host.

Step 5 here Passbolt Help | Docker passbolt installation

It creates an admin user. The docker compose command should not be run without the exec portion of the command shown. If you did this step already but with the wrong ip address, it might be best to start over.

Thanks a lot for your help, makes sense!

I’m sorry to ask, but:

If you did this step already but with the wrong ip address

Do I have to specify the IP also within the docker-compose command, or do you meant within the docker-compose-ce.yaml ?

image913×861 38 KB

image762×61 3.79 KB

The command in step 5 looks like this:
docker-compose -f docker-compose-ce.yaml exec passbolt su -m -c "/usr/share/php/passbolt/bin/cake passbolt register_user -u XXXXXXX@gmail.com -f predix -l predix -r admin" -s /bin/sh www-data

Is this OK?

How did I start over? → I stoped and delted the containers. Is this enough?

The yaml file should have db instead of the ip address, and it will automatically know which address the db container has.

If you run the command as you show, without the -d and with the other exec command, you will see if there are any errors.

[Edit: start containers first!]
If everything is good you will get a link. Open a second terminal if needed until you have finished setup.

I’ve stopped and removed the containers and tried again; sadly, no link, still the same error :

My yaml looks like that:

image917×799 36.7 KB

I also treid:
DATASOURCES_DEFAULT_HOST: db
instead of:
DATASOURCES_DEFAULT_HOST: "db"

@diego Do you have any insight on this error?

I had to do a:
docker system prune --volumes
This deleted everything docker related: Prune unused Docker objects | Docker Documentation
The next try worked, I got the URL.