Cells sync/grpc behind traefik

Pydio Cells
1

I configured cells like this:

version: "3.8"
services:

    cells:
        image: pydio/cells
        restart: unless-stopped
        networks:
            - traefik
            - default
        volumes:
            - cellsdir:/var/cells
            - data:/var/cells/data
        environment:
            - CELLS_SITE_BIND=:443
            - CELLS_SITE_EXTERNAL=https://pydio.${DOMAIN}
        labels:
            - "traefik.enable=true"
            - "traefik.docker.network=traefik"
            - "traefik.http.routers.pydio.rule=Host(`pydio.${DOMAIN}`)"
            - "traefik.http.routers.pydio.tls=true"
            - "traefik.http.routers.pydio.service=pydio"
            - "traefik.http.services.pydio.loadbalancer.server.scheme=https"
            - "traefik.http.services.pydio.loadbalancer.server.port=443"
        depends_on:
            - mysql

    mysql:
        image: mysql:8
        restart: unless-stopped
        environment:
            MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
            MYSQL_DATABASE: cells
            MYSQL_USER: pydio
            MYSQL_PASSWORD: ${MYSQL_PASSWORD}
        command: [mysqld, --character-set-server=utf8mb4, --collation-server=utf8mb4_unicode_ci]
        volumes:
            - mysqldir:/var/lib/mysql

volumes:
    data:
        driver: local
    cellsdir:
        driver: local
    mysqldir:
        driver: local

networks:
    traefik:
        external: true

traefik.toml

defaultEntryPoints = ["websecure"]

[serversTransport]
  insecureSkipVerify = true

[entryPoints]
  [entryPoints.web]
    address = ":80"
  [entryPoints.web.http]
    [entryPoints.web.http.redirections]
      [entryPoints.web.http.redirections.entryPoint]
        to = "websecure"
        scheme = "https"
        permanent = true

  [entryPoints.websecure]
    address = ":443"

[certificatesResolvers.letsencrypt.acme]
  email = "admin@example.com"
  storage = "acme.json"
  [certificatesResolvers.letsencrypt.acme.dnsChallenge]
    provider = "cloudflare"
    delayBeforeCheck = "30"

[retry]

[api]
  dashboard = true

[providers.docker]
  exposedbydefault = false

[providers]
  [providers.file]
    filename = "/dynamic_conf.toml"
    watch = true

Cells Sync fails to select a sync folder:

cannot connect (authorization error 403) : unexpected HTTP status code received from server: 403 (Forbidden); malformed header: missing HTTP content-type

According to everything I read and tried this configuration should work. What I am missing here?

If I bypass cloudflare and connect to traefik directly I get this error instead:

unexpected HTTP status code received from server: 404 (Not Found); transport: received unexpected content-type “text/plain; charset=utf-8”

2

Is Cloudflare gRPC enabled? Default setting is disabled.
Follow the instructions below to enable gRPC:

  • Log in to your Cloudflare account
  • Select the appropriate domain
  • Click the Network app
  • Toggle the gRPC
1 Like
3

Thanks for your response, the option was indeed missing from my setup.
Now after adding it though, I get the same error as If I bypass cloudflare:

unexpected HTTP status code received from server: 404 (Not Found); transport: received unexpected content-type “text/plain; charset=utf-8”

Is this page still up to date? From my understanding I choose the left path with SSL enabled (using a self signed cert) on Cells by setting

CELLS_SITE_BIND=:443
CELLS_SITE_NO_TLS=0
CELLS_SITE_EXTERNAL=https://pydio.${DOMAIN}

or am I still missing something?

According to this page Traefik Proxy gRPC Examples - Traefik grpc shoud just work if accessing the service through https. The cells website is working.

4

Unfortunately I can’t be of more help to you in this regard, as I don’t use Traefik.

5

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.