Alpine Linux 3.6 doesn't include php5-memcache in their APKs, so build fails. I managed to built it with alpine:3.5 as base image but we need to decide if we'll support alpine 3.6 and newer and what changes on the packages are necessary.

I have tried for 2 hours and I still do not get the registration option.

I created a youtube video to demo the bug:

https://www.youtube.com/watch?v=VYfe3ti7lus

I pulled latest version of passbolt yesterday and create new containers (mysql and passbolt).
(p.s. how to upgrade only passbolt without lost gpgkeys/accounts?)

In new version I can't logged in!

I will describe step by step what I did:

1. /var/www/passbolt/app/Console/cake passbolt register_user -u mail-f Marek -l Pep -r admin

2. Go to registered link in firefox and see this message:

3. Going to https://addons.mozilla.org/en-US/firefox/addon/passbolt/versions/beta and install:

attempt 1 - Version 1.5.1rc2 (and continue register)
attempt 2 - Version 1.5.1rc1 (delete rc2 and register again)
attempt 3 - Version 1.6.0 (delete rc1 and register again)

4. Start register (DOWNLOAD SECRET KEY not work!)

5. In end of register i can't logged in. Only see:

"Loading, please wait"

I try 3 attepmts in different plugin version (and different account).

6. Error in log file - /var/www/passbolt/app/tmp/logs/error.log:

2017-06-22 15:25:22 Warning: Warning (512): cake_model cache was unable to write 'default_passbolt_users' to File cache in [/var/www/passbolt/lib/Cake/Cache/Cache.php, line 328]
Trace:
ErrorHandler::handleError() - CORE/Cake/Error/ErrorHandler.php, line 230
Cache::write() - CORE/Cake/Cache/Cache.php, line 328
DataSource::_cacheDescription() - CORE/Cake/Model/Datasource/DataSource.php, line 310
DataSource::describe() - CORE/Cake/Model/Datasource/DataSource.php, line 135
Mysql::describe() - CORE/Cake/Model/Datasource/Database/Mysql.php, line 333
Model::schema() - CORE/Cake/Model/Model.php, line 1397
Model::getColumnType() - CORE/Cake/Model/Model.php, line 1438
DboSource::_parseKey() - CORE/Cake/Model/Datasource/DboSource.php, line 2882
DboSource::conditionKeysToString() - CORE/Cake/Model/Datasource/DboSource.php, line 2833
DboSource::conditions() - CORE/Cake/Model/Datasource/DboSource.php, line 2714
DboSource::buildStatement() - CORE/Cake/Model/Datasource/DboSource.php, line 2007
DboSource::buildAssociationQuery() - CORE/Cake/Model/Datasource/DboSource.php, line 1738
DboSource::read() - CORE/Cake/Model/Datasource/DboSource.php, line 1182
Model::_readDataSource() - CORE/Cake/Model/Model.php, line 3038
Model::find() - CORE/Cake/Model/Model.php, line 3010
DboSource::query() - CORE/Cake/Model/Datasource/DboSource.php, line 604
Model::__call() - CORE/Cake/Model/Model.php, line 834
User::findById() - APP/Controller/AppController.php, line 246
AppController::_disconnectUserIfAccountDisabled() - APP/Controller/AppController.php, line 246
AppController::beforeFilter() - APP/Controller/AppController.php, line 108
AuthController::beforeFilter() - APP/Controller/AuthController.php, line 25
call_user_func - [internal], line ??
CakeEventManager::dispatch() - CORE/Cake/Event/CakeEventManager.php, line 243
Controller::startupProcess() - CORE/Cake/Controller/Controller.php, line 677
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 189
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
require - APP/webroot/index.php, line 111
[main] - ROOT/index.php, line 41

2017-06-22 15:25:22 Warning: Warning (512): SplFileInfo::openFile(/var/www/passbolt/app/tmp/cache/models/passbolt_cake_model_default_passbolt_users) [splfileinfo.openfile]: failed to open stream: Permission denied in [/var/www/passbolt/lib/Cake/Cache/Engine/FileEngine.php, line 356]
Trace:
ErrorHandler::handleError() - CORE/Cake/Error/ErrorHandler.php, line 230
FileEngine::_setKey() - CORE/Cake/Cache/Engine/FileEngine.php, line 356
FileEngine::read() - CORE/Cake/Cache/Engine/FileEngine.php, line 158
Cache::read() - CORE/Cake/Cache/Cache.php, line 363
DataSource::_cacheDescription() - CORE/Cake/Model/Datasource/DataSource.php, line 306
Mysql::describe() - CORE/Cake/Model/Datasource/Database/Mysql.php, line 373
Model::schema() - CORE/Cake/Model/Model.php, line 1397
Model::getColumnType() - CORE/Cake/Model/Model.php, line 1438
DboSource::_parseKey() - CORE/Cake/Model/Datasource/DboSource.php, line 2882
DboSource::conditionKeysToString() - CORE/Cake/Model/Datasource/DboSource.php, line 2833
DboSource::conditions() - CORE/Cake/Model/Datasource/DboSource.php, line 2714
DboSource::buildStatement() - CORE/Cake/Model/Datasource/DboSource.php, line 2007
DboSource::buildAssociationQuery() - CORE/Cake/Model/Datasource/DboSource.php, line 1738
DboSource::read() - CORE/Cake/Model/Datasource/DboSource.php, line 1182
Model::_readDataSource() - CORE/Cake/Model/Model.php, line 3038
Model::find() - CORE/Cake/Model/Model.php, line 3010
DboSource::query() - CORE/Cake/Model/Datasource/DboSource.php, line 604
Model::__call() - CORE/Cake/Model/Model.php, line 834
User::findById() - APP/Controller/AppController.php, line 246
AppController::_disconnectUserIfAccountDisabled() - APP/Controller/AppController.php, line 246
AppController::beforeFilter() - APP/Controller/AppController.php, line 108
AuthController::beforeFilter() - APP/Controller/AuthController.php, line 25
call_user_func - [internal], line ??
CakeEventManager::dispatch() - CORE/Cake/Event/CakeEventManager.php, line 243
Controller::startupProcess() - CORE/Cake/Controller/Controller.php, line 677
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 189
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
require - APP/webroot/index.php, line 111
[main] - ROOT/index.php, line 41

2017-06-22 15:25:22 Warning: Warning (512): cake_model cache was unable to write 'default_passbolt_users' to File cache in [/var/www/passbolt/lib/Cake/Cache/Cache.php, line 328]
Trace:
ErrorHandler::handleError() - CORE/Cake/Error/ErrorHandler.php, line 230
Cache::write() - CORE/Cake/Cache/Cache.php, line 328
DataSource::_cacheDescription() - CORE/Cake/Model/Datasource/DataSource.php, line 310
Mysql::describe() - CORE/Cake/Model/Datasource/Database/Mysql.php, line 373
Model::schema() - CORE/Cake/Model/Model.php, line 1397
Model::getColumnType() - CORE/Cake/Model/Model.php, line 1438
DboSource::_parseKey() - CORE/Cake/Model/Datasource/DboSource.php, line 2882
DboSource::conditionKeysToString() - CORE/Cake/Model/Datasource/DboSource.php, line 2833
DboSource::conditions() - CORE/Cake/Model/Datasource/DboSource.php, line 2714
DboSource::buildStatement() - CORE/Cake/Model/Datasource/DboSource.php, line 2007
DboSource::buildAssociationQuery() - CORE/Cake/Model/Datasource/DboSource.php, line 1738
DboSource::read() - CORE/Cake/Model/Datasource/DboSource.php, line 1182
Model::_readDataSource() - CORE/Cake/Model/Model.php, line 3038
Model::find() - CORE/Cake/Model/Model.php, line 3010
DboSource::query() - CORE/Cake/Model/Datasource/DboSource.php, line 604
Model::__call() - CORE/Cake/Model/Model.php, line 834
User::findById() - APP/Controller/AppController.php, line 246
AppController::_disconnectUserIfAccountDisabled() - APP/Controller/AppController.php, line 246
AppController::beforeFilter() - APP/Controller/AppController.php, line 108
AuthController::beforeFilter() - APP/Controller/AuthController.php, line 25
call_user_func - [internal], line ??
CakeEventManager::dispatch() - CORE/Cake/Event/CakeEventManager.php, line 243
Controller::startupProcess() - CORE/Cake/Controller/Controller.php, line 677
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 189
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
require - APP/webroot/index.php, line 111
[main] - ROOT/index.php, line 41

extra in attempt 1:

2017-06-22 14:39:10 Error: [ForbiddenException] You need to login to access this location
Request URL: /auth/checkSession.json
Stack Trace:
#0 /var/www/passbolt/lib/Cake/Controller/Component/AuthComponent.php(349): GpgAuthenticate->unauthenticated(Object(CakeRequest), Object(CakeResponse))
#1 /var/www/passbolt/lib/Cake/Controller/Component/AuthComponent.php(305): AuthComponent->_unauthenticated(Object(AuthController))
#2 [internal function]: AuthComponent->startup(Object(AuthController))
#3 /var/www/passbolt/lib/Cake/Utility/ObjectCollection.php(128): call_user_func_array(Array, Array)
#4 [internal function]: ObjectCollection->trigger(Object(CakeEvent))
#5 /var/www/passbolt/lib/Cake/Event/CakeEventManager.php(243): call_user_func(Array, Object(CakeEvent))
#6 /var/www/passbolt/lib/Cake/Controller/Controller.php(678): CakeEventManager->dispatch(Object(CakeEvent))
#7 /var/www/passbolt/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()
#8 /var/www/passbolt/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(AuthController), Object(CakeRequest))
#9 /var/www/passbolt/app/webroot/index.php(111): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))
#10 /var/www/passbolt/index.php(41): require('/var/www/passbo...')
#11 {main}

7. chmod -R 777 /var/www/passbolt - but did't help :(

Hi

I created a container with passbolt docker file as given, but i did not install properly and not able to open passbolt on browser.

1. created an ubuntu VM 16.04

2. installed mysql from docker file
   (I think it worked)

3. installed docker file for passbolt the process started

4. when tried to open passbolt on browser got this message
   Secure connection failed.

5 tried to run it through curl and got this message
gnutls_handshake() failed

I think the problem is with SSL encryption are there any other steps to be performed as against what is mentioned on read.me file?

I've setup the docker container. I run my docker containers behind an apache reverse proxy so that I can access them from the outside. When I try to access it as https://myserver.mydomain.com/passbolt/auth/login, the CSS and JS return errors. The issue appears to be that the path to the css and js files are an absolute path and not relative.

<link rel="stylesheet" type="text/css" href="/css/login.min.css"/>
<script type="text/javascript" src="/js/lib/modernizr/modernizr-custom.min.js"></script>
<script type="text/javascript" src="/js/lib/jquery/dist/jquery.js"></script>

I've tried messing with the App.fullBaseUrl and App.baseUrl entries in core.php and it doesn't seem to affect it. Is it possible to prepend those path with some value?

I setup the passbolt, but the browser is giving me: ERR_SSL_PROTOCOL_ERROR.
Any ideias?

I want to persist the GPG keys. I created the container mounting the private and public key using -v as per the README. For example:

docker run -e db_host=172.17.0.1 -e db_database=passbolt -e db_pass=XXXXXX \
    -v /pub/passbolt/private.asc:/var/www/passbolt/app/Config/gpg/serverkey.private.asc \
    -v /pub/passbolt/public.asc:/var/www/passbolt/app/Config/gpg/serverkey.asc \
    --name passbolt -p 8082:80 passbolt/passbolt

If the file /pub/passbolt/public.asc (or private) don't exist in /pub on the host, docker creates a directory (eg /pub/passbolt/public.asc/) and not a blank file and the container obviously fails to start.

If I generate a key on the host, export it and put it in /pub/passbolt, the container starts up the first time. The second time it doesn't start because docker-entrypoint.sh attempts to re-import the private key. This causes an error and causes the container to stop. I fixed this by changing the entrypoint to check to see if a key exists in the keystore:

numkeys=`su -m -c "$gpg --list-keys | egrep '^pub'" -ls /bin/bash nginx | wc -l`
if [ ${numkeys} = "0" ]; then
  su -m -c "$gpg --batch --import $gpg_private_key" -ls /bin/bash nginx
fi

This isn't the best way to detect whether the key already exists, but it worked to determine this was the problem. GPG doesn't seem to cause a fatal error if you attempt to re-import the public key.

When I build the image..

OK: 364 MiB in 98 packages
No releases for package "pecl/gnupg" exist
install failed
The command '/bin/sh -c apk add $PHP_GNUPG_DEPS &&     sed -i "s/ -n / /" $(which pecl) &&     pecl install gnupg &&     echo "extension=gnupg.so" > /etc/php5/conf.d/gnupg.ini &&     apk del $PHP_GNUPG_DEPS' returned a non-zero code: 1

Hi @dlen my other dockers have ways for me to update them via git, replacing the www file structures or auto updater.

Having the ability to update the passbolt part of the image with the rest of the docker updating with improvements to the base (ubuntu/alpine) build automatically (this part may already happen).

Thanks for your consideration.

Environment variable email_tansport should be email_transport

There's an error when passbolt initializes that I've been able to avoid just one time, but I'm not able to avoid it again, thus, I've no idea what's causing this.

I'm starting the db container before the passbolt one, to ensure the container initializes (and creates the empty database) before running the passbolt container. Doing this at least I avoid the unknown host error that I've described here.

The problem now resides in the passbolt initialization. After the private key is written, it tries to do something with the database which fails:

ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '/passbolt_passbolt_1/db' at line 1

Note: the passbolt_passbolt_1 refers to the passbolt container name (default naming for docker-compose containers). I guess that the issue comes from here: https://github.com/passbolt/passbolt_docker/blob/master/bin/docker-entrypoint.sh#L145 but sincerely, I've no idea.

Hi,

I followed the instructions from the ticket "After installation default page is Example Domain #36" where we need to do a:
docker run -e db_host=your_mysql_container_host -e url=passbolt.dev passbolt/passbolt:latest

After doing this, the page sends me an error:

This site can’t be reached

This site on the company, organization or school intranet has the same URL as an external website.

Try contacting your system administrator.
ERR_ICANN_NAME_COLLISION

I am not sure what do I need to do

I found that after running the following I was not able to access the container via it's ip (in my case 172.17.0.3):

docker run -e db_host=<mysql_container_ip> passbolt:1.4.0-alpine

This was due to the fact that my local computer is not able to access that network. When I forwarded port 443 to a unused port on my machine it started to work. This command ended up working for me (ex for unused_port, 9999):

docker run -e db_host=<mysql_container_ip> -p <unused_port>:443 passbolt:1.4.0-alpine

Hi,

The setup seems to fail with :
sed: -e expression #1, char 20: unknown option to s'`

I've no particular context to help track down the error, but I can spend some time on it if needed !

Thanks.

Hello,

whenever trying to send an email, passbolt shows the error "Address not available". I already verified that my external smtp server is working.

By running
app/Console/cake EmailQueue.sender
it shows
Address not available Email 59875196-8a7c-4cf7-a746-00b6ac130008 was not sent

My environment config:
app_email_transport=Smtp app_email_from_address=***** app_email_from_name="*****" app_email_host=smtp.world4you.com app_email_port=25 app_email_timeout=30 app_email_username=***** app_email_password=*****

What could be the cause for this error? I also tried to look for this error in the source code but without success.

Thanks!

Using the latest Docker image I'm getting this error:
ERROR 2005 (HY000): Unknown MySQL server host '...' (-3)

If I revert to the previous version (1.5.1) everything is ok. So all db environment variables are set correctly.

Every time I upgrade the docker image, all profile images get deleted.
The docker image needs a volume mount for persistence of pictures. Maybe it's a good idea to describe this in the README.

docker run -e DB_HOST=172.17.0.2 passbolt:local
Unable to find image 'passbolt:local' locally
docker: Error response from daemon: repository passbolt not found: does not exist or no pull access.
See 'docker run --help'.

Automated setup

In the following example passbolt is launched with the defaults enabled usind mysql official docker container to store passbolt data:

$ docker run -e MYSQL_ROOT_PASSWORD=c0mplexp4ss
-e MYSQL_DATABASE=passbolt
-e MYSQL_USER=passbolt
-e MYSQL_PASSWORD=P4ssb0lt
mysql
Once mysql container is running we should extract its ip address. Let's assume 172.17.0.2 for this example

$ docker run -e DB_HOST=172.17.0.2 passbolt:local

Point your browser to the passbolt container ip or localhost:exposed_port

Getting this error when trying to startup the container.

Command:

docker run -it --rm -p 80:80 \
  --network $network_name \
  -e db_host=mysql \
  passbolt/passbolt

Output:

gpg: directory `/var/lib/nginx/.gnupg' created
gpg: new configuration file `/var/lib/nginx/.gnupg/gpg.conf' created
gpg: WARNING: options in `/var/lib/nginx/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/var/lib/nginx/.gnupg/secring.gpg' created
gpg: keyring `/var/lib/nginx/.gnupg/pubring.gpg' created

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 191 more bytes)

Hi, I'm sorry but I don't find in the doc of this repo how to get connected to the interface as admin.
So, I followed the install doc and

I tried to create a user

/var/www/passbolt/app/Console/cake register_user -u [email protected] -f john -l doe-r admin

This is the output I have

Error: Plugin RegisterUser could not be found.
#0 /var/www/passbolt/lib/Cake/Core/App.php(227): CakePlugin::path('RegisterUser')
#1 /var/www/passbolt/lib/Cake/Core/App.php(549): App::path('Console/Command', 'RegisterUser')
#2 [internal function]: App::load('RegisterUserShe...')
#3 [internal function]: spl_autoload_call('RegisterUserShe...')
#4 /var/www/passbolt/lib/Cake/Console/ShellDispatcher.php(264): class_exists('RegisterUserShe...')
#5 /var/www/passbolt/lib/Cake/Console/ShellDispatcher.php(210): ShellDispatcher->_getShell('register_user')
#6 /var/www/passbolt/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
#7 /var/www/passbolt/app/Console/cake.php(47): ShellDispatcher::run(Array)
#8 {main}

Hi!

When I am trying to run Docker with passbolt i am getting next:

~/passbolt_docker-master$ docker run   -e db_host=172.17.0.2 passbolt:1.4.0-alpine
container_linux.go:247: starting container process caused "exec: \"/docker-entrypoint.sh\": permission denied"
docker: Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "exec: \"/docker-entrypoint.sh\": permission denied".

It appears that the setup gets stuck at: End of list of non-natively partitioned tables
Ubuntu 16.0/Docker

I checked the Dockerfile and the entry point script but I don't see where a crontab is setup to call the EmailQueue.sender script.

Hello I try to use the let's encrypt SSL certificate attached to my load-balancer haproxy with Rancher (so my https 443 port is connected to the 80 of the dock passbolt).

Unfortunately when I do that I got a 301 redirect loop and Firefox say :
The page isn’t redirecting properly

I use the dock passbolt/passbolt:1.6.1-1-alpine

Hi @dlen I wondered if I am actually on 1.6.2 and the heart is reporting wrongly of I am on 1.6.1 still?

Thanks for any insight.

As a result the emails sent out from the Docker container continue to have http://localhost

Here is the line from the API code email.php.default:
https://github.com/passbolt/passbolt_api/blob/master/app/Config/core.php.default#L126

To be clear, this is the update line that doesn't quite get the job done:
https://github.com/passbolt/passbolt_docker/blob/master/bin/docker-entrypoint.sh#L53

After passing my env value I got the following conf file /var/www/passbolt/app/Config/email.php

public $default = array(
                'transport' => 'Smtp',
                'from' => array('[email protected]' => 'Passbolt'),
                'host' => 'mail',
                'port' => 587,
                'timeout' => 30,
                'username' => '[email protected]',
                'password' => 'XXXXXXXXX',
                'tls' => 'true',
        );

But I still had issue when passbolt try to send e-mail.

10/08/2017 16:21:02Warning Error: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
10/08/2017 16:21:02error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in [/var/www/passbolt/lib/Cake/Network/CakeSocket.php, line 451]
10/08/2017 16:21:02
10/08/2017 16:21:02SMTP server did not accept the connection or trying to connect to non TLS SMTP server using TLS.

So I try to send e-mail with another tools (mailx) with the same configuration (ssl-verify=ignore => accept selfsigned certificate)

echo "This is the message body and contains the message" | mailx -v \
 -r "[email protected]" \
 -s "This is the subject" \
 -S smtp="mail:587" \
 -S smtp-use-starttls \
 -S smtp-auth=login \
 -S smtp-auth-user="[email protected]" \
 -S smtp-auth-password="XXXXXXXXX" \
 -S ssl-verify=ignore \
 [email protected]

And I can send e-mail with that config. I know that my SMTP server has a self signed certificate so I suppose that the problem come from here.

git doesn't appear to be installed on the docker for us to update, so should it update automatically, or we wait for a new build from yourselves?

Thanks.

When trying to mount the whole config directory of the docker externally (for debugging and easier backup) the docker complains of files not being found instead of creating them itself.

-v "/mnt/user/data/docker/":"/var/www/":rw

It seems that the config file create logic is missing in that if there is a user config use it, if not create a new one?

/var/www/passbolt/app/Config/gpg/serverkey.private.asc: No such file or directory

Everything is up and running using your docker container and mariadb container but how to create the first admin account?

tried to launch container but didnt work ... any idea ?

root@ip-10-210-93-91:~/passbolt# ./launch-container.sh
./launch-container.sh: 4: ./launch-container.sh: source: not found
docker: Error response from daemon: invalid volume spec ":/var/www/passbolt": invalid volume specification: ':/var/www/passbolt'.
See 'docker run --help'.

The entrypoint should check for a probably existing email cron before setting it up.

It could be probably done with a grep:

if ! grep run-parts /etc/crontabs/root > /dev/null; then

The email TLS config option is incorrectly formatted when transformed with sed. It should not have quotes surrounding the boolean. (See https://github.com/passbolt/passbolt_docker/blob/master/bin/docker-entrypoint.sh#L128)

I'd be happy to make a pull request to fix this.

I'm deploying bolt using a docker-compose.yml file, and in that file I've named the database container as db.

After that I linked passbolt using links option, and setting DB_HOST as db:

db:
  image: mysql:latest
  environment:
    MYSQL_ROOT_PASSWORD: whatever
    MYSQL_DATABASE: passbolt
    MYSQL_USER: passbolt
    MYSQL_PASSWORD: P4ssb0lt

passbolt:
  image: passbolt/passbolt:latest 
  links:
  - db
  environment:
    DB_HOST: db
    EMAIL_FROM: [email protected]
    EMAIL_HOST: smtp.gmail.com
    EMAIL_USERNAME: [email protected]
    EMAIL_PASSWORD: ourmailpassword
    EMAIL_TLS: 'true'
    KEY_LENGTH: 4096
    SUBKEY_LENGTH: 2048
    KEY_NAME: Cirici New Media
    # [...] Other vars which are not important for the issue

Using this configuration crashes with the following error:

Unless I specify DB_PORT: 3306 (which is, following the docs, the default value..):

passbolt_1  | Unknown suffix 't' used for variable 'port' (value 'tcp://172.17.0.22:3306')
passbolt_1  | mysql: Error while setting value 'tcp://172.17.0.22:3306' to 'port'****

Setting DB_PORT to 3306 fixes this issue (but a new one rises, I'm creating an issue for it..).

Hi there

I have multiple db's on the same server so I need to specify a none standard port for mariadb.

How is it best to do that as I cannot start the container due to the connection to the db failing.

Thanks

Edit: Here is the error, but the IP is not correct and does not correspond to the address set with DB_HOST parameter.

ERROR 1045 (28000): Access denied for user 'pb'@'172.17.0.1' (using password: YES)

docker run -d --name="passbolt" --net="bridge" -e TZ="Europe/" -e HOST_OS="Linux" -e "MYSQL_ROOT_PASSWORD"="redacted" -e "MYSQL_DATABASE"="redacted" -e "MYSQL_USER"="redacted" -e "MYSQL_PASSWORD"="redacted" -e "DB_HOST"="Local IP Address" -e "DB_PORT"="3308" -e "URL"="passbolt.local" -p 447:443/tcp passbolt/passbolt

I have installed a MySQL docker container (official), set the appropriate environment variables (MYSQL_ROOT_PASSWORD, MYSQL_DATABASE, MYSQL_USER, MYSQL_PASSWORD) from the documentation and fired it up.

Next I grabbed the passbolt docker container (official), set env variable of db_host to the IP address of the MySQL container and fired it up...it declares "Passbolt installation succssess! Enjoy!" but when I go to https://localhost:<port of 443 on container> all I get is an Example Domain placeholder:

Going to https://[IP of the container], I get a connection error.

Either I'm tripping over something simple or something more serious is afoot.

Any help, hints, gentle nudges or brutal shoves in the right direction would be appreciated.

When I try to access passbolt without ssl (http only) I get a 400 Bad Request; Request Header Or Cookie Too Large error.

I have launch the official mysql container with : docker run -e MYSQL_ROOT_PASSWORD=passbolt -e MYSQL_DATABASE=passbolt -e MYSQL_USER=passbolt -e MYSQL_PASSWORD=P4ssb0lt --name mysql mysql.
I have then launched passbolt with : docker run -p 80:80 -p 443:443 -e SSL=False -e DB_HOST="172.18.0.3" -v /tmp/passbolt/gpg/serverkey.private.asc:/var/www/passbolt/app/Config/gpg/serverkey.private.asc -v /tmp/passbolt/gpg/serverkey.asc:/var/www/passbolt/app/Config/gpg/serverkey.asc passbolt/passbolt

https seems to work since I got the login page.

If i remove the line large_client_header_buffers 2 1k; from the conf/passbolt.conf file, I can load the login page with http.

Currently there is only a 'latest' tag for the docker image.
It would be nice to have image tags for each version of passbolt docker, in order to prevent an automatic upgrade of the container that might break some functionality.

For example, last version there was a breaking change when the environment variable email_tansport was changed to email_transport.

STEPS:

1. Go to -> https://IP_PASBOLT/healthcheck

2. Display:

An Internal Error Has Occurred.
Error: An Internal Error Has Occurred.

3. Log file:

2017-06-27 16:07:10 Error: [InternalErrorException] Internal Server Error
Request URL: /healthcheck
Stack Trace:
#0 /var/www/passbolt/lib/Cake/Error/ErrorHandler.php(212): ErrorHandler::handleFatalError(1, 'Call to undefin...', '/var/www/passbo...', 491)
#1 [internal function]: ErrorHandler::handleError(1, 'Call to undefin...', '/var/www/passbo...', 491, Array)
#2 /var/www/passbolt/lib/Cake/Core/App.php(970): call_user_func('ErrorHandler::h...', 1, 'Call to undefin...', '/var/www/passbo...', 491, Array)
#3 /var/www/passbolt/lib/Cake/Core/App.php(943): App::_checkFatalError()
#4 [internal function]: App::shutdown()
#5 {main}

Eventually (after the GPG delay waiting for Entropy), get this:

     ____                  __          ____  
    / __ \____  _____ ____/ /_  ____  / / /_ 
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/ 
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /    
 /_/    \__,_/____/____/_.___/\____/_/\__/   

 Open source password manager for teams
---------------------------------------------------------------
 Datasource : default
 File :/var/www/passbolt/app/tmp/schema/default_default.sql
 Success: the database was saved on file!
---------------------------------------------------------------

 Passbolt installation success! Enjoy! ☮


[etucker: passbolt]$ 

Hitting the browser at localhost, nothing happens. The chrome debug tools show "cancelled" hitting http://localhost

Colleague receives the same behaviour. Curl on CLI outputs nothing:

[etucker: ~]$ curl localhost
[etucker: ~]$ 

Despite port 80 actually listening:

[etucker: ~]$ nc -z localhost 80
[etucker: ~]$ echo $?
0

Hi,
i have pulled the latest official passbolt image from docker hub and a mariadb image.
After several attempts I the container is not able to connect to the database as the access is denied for user.
However, I can connect to the database from another container ("Adminer") and from shell, using the standard user credentials.
I user Docker on a Synology with configurations as follows:
mariadb-container:

• IP 172.17.0.2
• database name: passbolt
• database password: P4ssb0lt
• user: passbolt (for testing on different servers: local, localhost, 172.17.0.4, 172.17.0.3) with all privileges

passbolt-container:

• IP 172.17.0.4

• environment parameters:

  -DB_USER: passbolt
  -DB_PASS: P4ssb0lt (->default)
  -DB_Name: passbolt

  • DB_HOST: 172.17.0.2 passbolt:local

As said, I can connect to the database via "Adminer"-Container with IP 172.17.0.3. I guess something is wrong with the DB_HOST parameter which I have changed already several times with no success (xxx passbolt:172.17.0.4, passbolt:localhost, ...)

I would appreciate if you can help me out to get passbolt running.

Thx!

It would be great if this could be scaled to be an actual method to deploy passbolt. I know for a fact that for my team, this would be allowed to be run as a docker container due to the siloing benefit of docker but not in its current recommended installation form - which is to run node.js on a webserver with other applications.

What are the drawbacks of using this in docker for production if an external database container is provided?

The 'App.fullBaseUrl' in the 'core.php.default' in passbolt_api is still http://example.com, so the default url isn't being replaced.

One option is to update https://github.com/passbolt/passbolt_docker/blob/master/bin/docker-entrypoint.sh#L54 to sed -i s:example.com:${URL:-$default_url}:g, which replaces example.com with the default url, or to change the 'App.fullBaseUrl' to 'passbolt.local' at https://github.com/passbolt/passbolt_api/blob/master/app/Config/core.php.default#L126

The docker image with version 1.6.1 was created 21 days ago, passbolt version 1.6.1 was released only 2 days ago. So these versions do not match.

Hello,

First of all, thank you for developing this tool.

I was trying to build the container from scratch but I have some errors.
My environment:

• System:
  Debian Jessie 8.7 Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07) x86_64 GNU/Linux
• Docker Version:

Client:
 Version:      17.04.0-ce
 API version:  1.28
 Go version:   go1.7.5
 Git commit:   4845c56
 Built:        Mon Apr  3 17:45:49 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.04.0-ce
 API version:  1.28 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   4845c56
 Built:        Mon Apr  3 17:45:49 2017
 OS/Arch:      linux/amd64
 Experimental: false

When trying to execute the following command in the cloned repository of Passbolt:
docker build -t mypassbolt .

I get the following error:

Step 1/14 : FROM alpine:latest
 ---> a41a7446062d
Step 2/14 : MAINTAINER [email protected]
 ---> Using cache
 ---> c84f68e95f39
Step 3/14 : ENV PASSBOLT_VERSION 1.5.1
 ---> Using cache
 ---> 51f2099c2f78
Step 4/14 : ENV PASSBOLT_URL https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz
 ---> Using cache
 ---> 4e9d2d584205
Step 5/14 : ARG BASE_PHP_DEPS="php5-curl       php5-common       php5-gd       php5-intl       php5-json       php5-mcrypt       php5-memcache       php5-mysql       php5-xsl       php5-fpm       php5-phar       php5-xml       php5-openssl       php5-zlib       php5-ctype       php5-pdo       php5-pdo_mysql       php5-pear"
 ---> Using cache
 ---> a0aec1dc0030
Step 6/14 : ARG PHP_GNUPG_DEPS="php5-dev       make       gcc       g++       libc-dev       pkgconfig       re2c       gpgme-dev       autoconf       file"
 ---> Using cache
 ---> db35c0eec70c
Step 7/14 : RUN apk update &&    apk add $BASE_PHP_DEPS       bash       ca-certificates       curl       tar       libpcre32       recode       libxml2       gpgme       gnupg1       mysql-client       openssl       nginx
 ---> Running in 0abc751ac5d6
fetch http://dl-cdn.alpinelinux.org/alpine/v3.6/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.6/community/x86_64/APKINDEX.tar.gz
v3.6.0-5-gd879d402a7 [http://dl-cdn.alpinelinux.org/alpine/v3.6/main]
v3.6.0_rc3-20-g62a475001d [http://dl-cdn.alpinelinux.org/alpine/v3.6/community]
OK: 8429 distinct packages available
  php5-memcache (missing):
ERROR: unsatisfiable constraints:
    required by: world[php5-memcache]
The command '/bin/sh -c apk update &&    apk add $BASE_PHP_DEPS       bash       ca-certificates       curl       tar       libpcre32       recode       libxml2       gpgme       gnupg1       mysql-client       openssl       nginx' returned a non-zero code: 1

Thanks a lot.

According to https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html, the following change has been made in newer GnuPG versions:

For GnuPG versions prior to 2.1, both control statements must be given. For GnuPG 2.1 and later ‘%secring’ is a no-op.

That means that in setups using these versions gpg_server_key_private.key is no longer present and hence the server key generation script fails.

STEPS:

1. Go to: my profile -> menage your keys
2. try download: private/public key
3. BUG: No information about downloading files
   INFO: files save correctly

When I mark multiple password and try to share it all -> share only one (first) password

SMTP Error: 530 5.7.0 Must issue a STARTTLS command first. m129sm2162575qkc.2 - gsmtp

Similiar issue: passbolt/passbolt_api#51

Thanks in advance!

After upgrading the docker image to version 1.6.1.1, all links in the emails do redirect to localhost instead of the domain specified in the URL environment variable.