CellsSync - transport: received the unexpected content-type "text/html"

Sync Client
,
1

CellsSync: 0.92
OS: macOS Catalina 10.15.4

I’m running latest Pydio Cells in docker. It’s hidden behind Nginx. I can login in web browser, mobile and also desktop client. However, there is a problem in desktop client when I try to create new task and select a directory. I get error

transport: received the unexpected content-type “text/html”

When I check Nginx log this is what I find:

2020/05/03 20:19:20 [error] 6#6: *83 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to upstream, client: 188.167.251.183, server: xxxxxx.io, request: "POST /tree.NodeProvider/ReadNode HTTP/2.0", upstream: "grpcs://10.0.0.2:33060", host: "xxxxxx.io:33060"
188.167.251.183 - - [03/May/2020:20:19:20 +0000] "POST /tree.NodeProvider/ReadNode HTTP/2.0" 502 157 "-" "grpc-go/1.12.0-dev" "-"

My Nginx config:

server {
    client_max_body_size 200M;
    server_name xxxxxx.io;

    location / {
        proxy_buffering off;
        proxy_pass http://10.0.0.2:8000$request_uri;
        proxy_pass_request_headers on;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }

    location /ws {
        proxy_buffering off;
        proxy_pass http://10.0.0.2:8000;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 86400;
    }

    listen [::]:8443 ssl;
    listen 8443 ssl;
    ssl_certificate 	/etc/letsencrypt/live/xxxxxx.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/xxxxxx.io/privkey.pem;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;
}

server {
    listen 33060 ssl http2;
    listen [::]:33060 ssl http2;
    server_name xxxxxx.io;
    proxy_ssl_server_name on;
    ssl_certificate 	/etc/letsencrypt/live/xxxxxx.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/xxxxxx.io/privkey.pem;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    keepalive_timeout 600s;

    location / {
        grpc_pass grpcs://10.0.0.2:33060;
    }
}

Any idea what is the problem?

2

Hello @jozo,

When does the handshake error appear?
can you authenticate or list the datasource with Cells Sync, before seeing the error ?

3

Hello @jozo,

I got that error too - what a hassle to find out the reason. It is caused by the GRPC backend not speaking ssl - so you have to use a plaintext connection. Just replace grpc_pass grpcs://10.0.0.2:33060; with grpc_pass grpc://10.0.0.2:33060; in your nginx config.

@zayn you might want to replace that line in your documentation?
https://pydio.com/en/docs/kb/deployment/running-cells-behind-nginx-reverse-proxy

Kind regards
Franz

4

Hello, @zalintyre

thank you for the indication, I will update the documentation with your hint.