Checklist
[X ] I have read intro post: About the Installation Issues category
[X ] I have read the tutorials, help and searched for similar issues
[ X] I provide relevant information about my server (component names and versions, etc.)
[ X] I provide a copy of my logs and healthcheck
[ X] I describe the steps I have taken to trouble shoot the problem
[ X] I describe the steps on how to reproduce the issue
Hello community,
recently i’ve tried to update our Docker-Installtion (Version 3.2.1-CE running on RHEL8 via docker-compose) to 4.4.1-CE via docker-compose, by updating the docker-compose.yml file, where i just have exchanged the image-tag. Downloading and starting up the container works, but then the passbolt-container fails with some error messages regarding PHP and GPG.
it throws:
passbolt_1 | gpg: can't connect to the agent: End of file
passbolt_1 | gpg: error getting the KEK: No agent running
passbolt_1 | gpg: error reading '/etc/passbolt/gpg/serverkey_private.asc': No agent running
passbolt_1 | gpg: import from '/etc/passbolt/gpg/serverkey_private.asc' failed: No agent running
passbolt_1 | gpg: Total number processed: 0
passbolt_1 | gpg: unchanged: 1
passbolt_1 | gpg: secret keys read: 1
But when i try to update to a older 3.x version for example 3.3.1-CE this is working with no errors.
When i try to update to 3.4.0-CE it throws this error:
passbolt_1 | PHP Warning: Use of undefined constant context - assumed 'context' (this will throw an Error in a future version of PHP) in /etc/passbolt/app.php on line 246
passbolt_1 | Exception: Undefined class constant 'FORMAT_MEDIUM'
passbolt_1 | In [/etc/passbolt/file_storage.php, line 18]
but no complaints about the key.
I haven’t found any helpful article on the net except this one:
https://community.passbolt.com/t/docker-not-start-after-upgrade-to-v4-problem-with-key-import/7825
so my questions are:
- Why do the PHP-related errors appear when updating 3.3.1 to 3.3.1- is there something missing in my config? (altaugh it’s working when updating from 3.2.1 to 3.3.1 but not when updating to 3.4.0)?
- Why is GPG not able to read/imort the serverkey when trying to startup version 4.4.1?
thanks a lot in advance!
I am starting up the containers with
docker-compose up
Output:
Starting passbolt_docker_db_1 ... done
Recreating passbolt_docker_passbolt_1 ... done
Attaching to passbolt_docker_db_1, passbolt_docker_passbolt_1
db_1 | 2023-07-20 11:07:26+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.3.29+maria~focal started.
passbolt_1 | wait-for.sh: waiting for db:3306 without a timeout
passbolt_1 | wait-for.sh: db:3306 is available after 0 seconds
db_1 | 2023-07-20 11:07:27+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
db_1 | 2023-07-20 11:07:27+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.3.29+maria~focal started.
db_1 | 2023-07-20 11:07:27 0 [Note] mysqld (mysqld 10.3.29-MariaDB-1:10.3.29+maria~focal) starting as process 1 ...
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Using Linux native AIO
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Uses event mutexes
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Number of pools: 1
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Using SSE2 crc32 instructions
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Initializing buffer pool, total size = 256M, instances = 1, chunk size = 128M
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Completed initialization of buffer pool
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Creating shared tablespace for temporary tables
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: 10.3.29 started; log sequence number 719122280; transaction id 915013
db_1 | 2023-07-20 11:07:27 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
db_1 | 2023-07-20 11:07:27 0 [Note] Plugin 'FEEDBACK' is disabled.
db_1 | 2023-07-20 11:07:27 0 [Note] Server socket created on IP: '::'.
db_1 | 2023-07-20 11:07:27 0 [Warning] 'proxies_priv' entry '@% root@c84244d66dc7' ignored in --skip-name-resolve mode.
db_1 | 2023-07-20 11:07:27 0 [Note] Reading of all Master_info entries succeeded
db_1 | 2023-07-20 11:07:27 0 [Note] Added new Master_info '' to hash table
db_1 | 2023-07-20 11:07:27 0 [Note] mysqld: ready for connections.
db_1 | Version: '10.3.29-MariaDB-1:10.3.29+maria~focal' socket: '/var/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
db_1 | 2023-07-20 11:07:28 0 [Note] InnoDB: Buffer pool(s) load completed at 230720 11:07:28
passbolt_1 | gpg: keybox '/var/lib/passbolt/.gnupg/pubring.kbx' created
passbolt_1 | gpg: /var/lib/passbolt/.gnupg/trustdb.gpg: trustdb created
passbolt_1 | gpg: key 0B778AC7518CB0F4: public key "Passbolt default user <passbolt@yourdomain.com>" imported
passbolt_1 | gpg: can't connect to the agent: End of file
passbolt_1 | gpg: Total number processed: 1
passbolt_1 | gpg: imported: 1
passbolt_docker_passbolt_1 exited with code 2
My docker-compose.yml files looks like this:
version: '3.2'
services:
db:
image: mariadb:10.3
env_file:
- env/mysql.env
volumes:
- database_volume:/var/lib/mysql
ports:
- "127.0.0.1:3306:3306"
passbolt:
image: passbolt/passbolt:4.1.1-1-ce
environment:
- http_proxy=http://proxy01.company.at:8080
- https_proxy=http://proxy01.company.at:8080
tty: true
depends_on:
- db
env_file:
- env/passbolt.env
volumes:
- gpg_volume:/etc/passbolt/gpg
- images_volume:/usr/share/php/passbolt/webroot/img/public
- config_volume:/etc/passbolt
command: ["/usr/bin/wait-for.sh", "-t", "0", "db:3306", "--", "/docker-entrypoint.sh"]
ports:
- 80:80
- 443:443
volumes:
database_volume:
gpg_volume:
images_volume:
config_volume:
Healthcheck - GPG-part (from productive working 3.2.1-CE):
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
[FAIL] The server OpenPGP key is not set
[HELP] Create a key, export it and add the fingerprint to config/passbolt.php
[HELP] See. https://www.passbolt.com/help/tech/install#toc_gpg
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[FAIL] The server key fingerprint doesn't match the one defined in config/passbolt.php.
[HELP] Double check the key fingerprint, example:
[HELP] sudo su -s /bin/bash -c "gpg --list-keys --fingerprint --home /var/lib/passbolt/.gnupg" www-data | grep -i -B 2 'SERVER_KEY_EMAIL'
[HELP] SERVER_KEY_EMAIL: The email you used when you generated the server key.
[HELP] See. https://www.passbolt.com/help/tech/install#toc_gpg
[FAIL] The server public key defined in the config/passbolt.php (or environment variables) is not in the keyring
[HELP] Import the private server key in the keyring of the webserver user.
[HELP] you can try:
[HELP] sudo su -s /bin/bash -c "gpg --home /var/lib/passbolt/.gnupg --import /etc/passbolt/gpg/serverkey_private.asc" www-data
[FAIL] The server key does not have a valid email id.
[HELP] Edit or generate another key with a valid email id.
can someone help us out? - thanks a lot in advance!