Can't access Cells behind a Caddy reverse proxy

vustom · May 24, 2019, 6:30am

I’m trying to use Caddy to reverse proxy Pydio Cells (separate from the one build into Cells). I have Cells set to localhost:8080 with SSL Disabled, so port 80 and 443 are free for Caddy to use.

This Pydio Cells document suggests what I’m trying to do is possible, but I haven’t gotten anywhere using the provided Caddyfile, as pydio.example.com returns with error 404. I’ve also tried 0.0.0.0:8080 but I end up with an endless loading screen.

I’ve been trying to figure this out for ages, if someone could help that’d be great!

Caddyfile:

https://pydio.example.com:443 {

    log stdout

    timeouts 0

    proxy / http://localhost:8080 {
        insecure_skip_verify
        transparent
        websocket
    }

    tls {
        dns cloudflare
    }

}

zayn · May 24, 2019, 9:48am

Hello @vustom,

With the same Caddyfile as you showed me in your post,
Could you please modify your urlInternal setting in the pydio.json to one of those 2 values:

defaults.urlInternal => http://0.0.0.0:8080
defaults.urlInternal => http://pydio.example.com:8080

and restart your Cells.

vustom · May 25, 2019, 1:59am

Hey @zayn, thanks for the quick reply!

Edit 2: After some more trial and error, I got it working using this setup:

Configure Cells install with:

Internal Url: pydio.example.com:8080
Self-signed: Y
Bind to port 80: N
External Url: https://pydio.example.com (Remove :8080 if present)

Then change http://localhost:8080 to https://localhost:8080 in Caddyfile.

This was clearer in this Pydio document outlining an example Apache reverse proxy, I just didn’t put the two together till reading that wiki post.

vustom · June 3, 2019, 1:27pm

I managed to get Cells working using localhost:8080 as the Internal Url.

On install, choose the following:

Internal Url: localhost:8080
External Url: https://pydio.example.com (Remove :8080 if present)

Then set header_upstream Host to localhost in Caddyfile (If preferred, {>host} works instead of localhost). I’m pretty sure leaving transparent in continues to pass the other headers. End result should be:

proxy / https://localhost:8080 {
    insecure_skip_verify
    transparent
    header_upstream Host localhost
    websocket
}

@zayn

Do you think this config is preferable over having the FQDN as Internal Url?

bsinou · June 4, 2019, 5:53pm

Hello,

in such a vanillasetup with a Cells instance behnd a Caddy reverse proxy on a single machine, we usually recommand to use
Internal URL: pydio.example.com:8080
ExternalURL: https://pydio.example.com

And for the caddy file:

proxy / http://localhost:8080 {
    transparent
    websocket
}

=> using a TLS connection locally between your reverse proxy and Cells has a cost and I don’t really see the point if your server is secured
=> having the normal transparent directive is required for the integration with other services like webdav to work smoothly

Topic		Replies	Views
[SOLVED] Pydio Cells doesn't work behind Haproxy with HTTPS offloading Pydio Cells	9	1932	March 28, 2019
ERR_CONNECTION_CLOSED after Cells installed with Docker and Caddy reversed proxy Pydio Cells	7	3917	October 18, 2018
[Solved] Can't acces pydio cell behind apache reverse proxy Pydio Cells	8	2153	March 20, 2019
Setup pydio with caddy and localhost ssl Pydio Cells install	5	2109	April 17, 2024
Nginx proxy reverse (Pydio Cells 1.0) Pydio Cells nginx , ubuntu	5	3841	July 11, 2018

Can't access Cells behind a Caddy reverse proxy

Related topics