Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ----
- Healthcheck shell
- ----
- Environment
- \[PASS] PHP version 7.4.33.
- \[PASS] PCRE compiled with unicode support.
- \[FAIL] The temporary directory and its content are not writable, or are executa ble.
- \[HELP] Ensure the temporary directory and its content are writable by the webse rver user.
- \[HELP] you can try:
- \[HELP] sudo chown -R www-data:www-data /var/lib/passbolt/tmp/
- \[HELP] sudo chmod -R 775 $(find /var/lib/passbolt/tmp/ -type d)
- \[HELP] sudo chmod -R 664 $(find /var/lib/passbolt/tmp/ -type f)
- \[PASS] The logs directory and its content are writable.
- \[PASS] GD or Imagick extension is installed.
- \[PASS] Intl extension is installed.
- \[PASS] Mbstring extension is installed.
- Config files
- \[PASS] The application config file is present
- \[WARN] The passbolt config file is missing in /etc/passbolt/
- \[HELP] Copy /etc/passbolt/passbolt.default.php to /etc/passbolt/passbolt.php
- \[HELP] The passbolt config file is not required if passbolt is configured with environment variables
- Core config
- \[PASS] Debug mode is off.
- \[PASS] Cache is working.
- \[PASS] Unique value set for security.salt
- \[PASS] Full base url is set to https://pb.blainej.net
- \[PASS] App.fullBaseUrl validation OK.
- \[PASS] /healthcheck/status is reachable.
- SSL Certificate
- \[PASS] SSL peer certificate validates
- \[PASS] Hostname is matching in SSL certificate.
- \[PASS] Not using a self-signed certificate
- Database
- \[PASS] The application is able to connect to the database
- \[PASS] 30 tables found
- \[PASS] Some default content is present
- \[PASS] The database schema up to date.
- GPG Configuration
- \[PASS] PHP GPG Module is installed and loaded.
- \[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
- \[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writabl e by the webserver user.
- \[FAIL] The server OpenPGP key is not set
- \[HELP] Create a key, export it and add the fingerprint to /etc/passbolt/passbol t.php
- \[HELP] See. https://www.passbolt.com/help/tech/install#toc\_gpg
- \[PASS] The public key file is defined in /etc/passbolt/passbolt.php and readabl e.
- \[PASS] The private key file is defined in /etc/passbolt/passbolt.php and readab le.
- \[FAIL] The server key fingerprint doesn't match the one defined in /etc/passbol t/passbolt.php.
- \[HELP] Double check the key fingerprint, example:
- \[HELP] sudo su -s /bin/bash -c "gpg --list-keys --fingerprint --home /var/lib/p assbolt/.gnupg" www-data | grep -i -B 2 'SERVER\_KEY\_EMAIL'
- \[HELP] SERVER\_KEY\_EMAIL: The email you used when you generated the server key.
- \[HELP] See. https://www.passbolt.com/help/tech/install#toc\_gpg
- \[FAIL] The server public key defined in the /etc/passbolt/passbolt.php (or envi ronment variables) is not in the keyring
- \[HELP] Import the private server key in the keyring of the webserver user.
- \[HELP] you can try:
- \[HELP] sudo su -s /bin/bash -c "gpg --home /var/lib/passbolt/.gnupg --import /e tc/passbolt/gpg/serverkey\_private.asc" www-data
- \[FAIL] The server key does not have a valid email id.
- \[HELP] Edit or generate another key with a valid email id.
- Application configuration
- \[PASS] Using latest passbolt version (3.12.0).
- \[PASS] Passbolt is configured to force SSL use.
- \[PASS] App.fullBaseUrl is set to HTTPS.
- \[PASS] Selenium API endpoints are disabled.
- \[PASS] Search engine robots are told not to index content.
- \[INFO] The Self Registration plugin is enabled.
- \[INFO] Registration is closed, only administrators can add users.
- \[PASS] The deprecated self registration public setting was not found in /etc/pa ssbolt/passbolt.php.
- \[WARN] Host availability checking is disabled.
- \[HELP] Make sure this instance is not publicly available on the internet.
- \[HELP] Or set the PASSBOLT\_EMAIL\_VALIDATE\_MX environment variable to true.
- \[HELP] Or set passbolt.email.validate.mx to true in /etc/passbolt/passbolt.php.
- \[PASS] Serving the compiled version of the javascript app.
- \[WARN] Some email notifications are disabled by the administrator.
- JWT Authentication
- \[PASS] The JWT Authentication plugin is enabled
- \[PASS] The /etc/passbolt/jwt/ directory is not writable.
- \[PASS] A valid JWT key pair was found
- SMTP Settings
- \[PASS] The SMTP Settings plugin is enabled.
- \[PASS] SMTP Settings coherent. You may send a test email to validate them.
- \[WARN] The SMTP Settings source is: env variables.
- \[HELP] It is recommended to set the SMTP Settings in the database through the a dministration section.
- \[WARN] The SMTP Settings plugin endpoints are enabled.
- \[HELP] It is recommended to disable the plugin endpoints.
- \[HELP] Set the PASSBOLT\_SECURITY\_SMTP\_SETTINGS\_ENDPOINTS\_DISABLED environment v ariable to true.
- \[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /etc/ passbolt/passbolt.php.
- \[FAIL] 5 error(s) found. Hang in there!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement