Hi,I have successfully installed Pydio Cells on my server, and I have local access to the public IP, but I can not connect to my nginx proxy reverse server to put in my subdomain.
“404 Site subdomain is not served on this interface”
Can anybody help me?
I have searched for configurations but none of them are useful for the Pydio Cells. It’s the new one.
Thanks in advance.
+1 looking for a solution.
I installed Cells into Centos7, using the default settings and with the IP:443 for the URL.
I wanted to then setup the server on it’s own domain and found the ‘url’ parameter in pydio.json
Changed that, and it allowed access using the URL (page loaded) but did not login due a 404… on the IP which the URL setting was changed from. There is probably a setting I am missing, but hopefully someone will answer or more in-depth docs will come.
Server: MacOS Apache Reverse Proxy
My first attempt was to set Cells up on port 8180 with ssl and a custom domain name using reverse proxy. I received the same error in the Cells log.
My second attempt was to let the proxy server handle the ssl and domain name. Internal and external for Cells was set to localhost:8180. The interface loads and login works, but I kept getting a time out error showing in the front end and loading errors for mixed ssl content.
My third attempt was to turn on self assign certificates so the proxy connection would be ssl, still using localhost:8180. This also loads the front end but still has errors. It has Websocket closed errors and access control check errors.
I think there still needs to be directives for the websocket connection and maybe modifying the headers? This is not my area whatsoever, so I’ll be watching this thread.
My current apache reverse proxy config is below, which may help even though you are using Nginx
<VirtualHost *:8443>
ServerAdmin admin@example.com
ServerName files.example.com
ProxyRequests off
SSLProxyEngine on
ProxyPass / https://localhost:8180/
ProxyPassReverse / https://localhost:8180/
ErrorLog "/logs/sites-files.com-error-ssl.log"
CustomLog "/logs/sites-files.com-access-ssl.log" common
SSLCertificateFile "/etc/letsencrypt/live/example.com/cert.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/example.com/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/example.com/chain.pem"
</VirtualHost>I found a configuration for Apache that works and resolves the following
I run home automation with Home Assistant which also uses websockets and I managed to cobble together the proxy settings from that. They also have instructions for Ngix, maybe it will help find the correct directives. Hopefully someone may be able to confirm these are the only and correct directives needed.
Cells Install Config
I use 8180 because I run Apache on 8080 on a non-provilidged user
Binding Host (Internal, Other): files.example.com:8180
External Host: files.example.com
I also supplied the correct location for the files.examples.com
cert and key files, not self signed
Apache Reverse Proxy
<VirtualHost *:8080>
ServerAdmin admin@files.example.com
ServerName files.example.com
ServerSignature Off
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>
ErrorLog "/logs/sites-files.example.com-error.log"
CustomLog "/logs/sites-files.example.com-access.log" common
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:8443>
ServerAdmin admin@files.example.com
ServerName files.example.com
ProxyPreserveHost On
ProxyRequests off
SSLProxyEngine on
RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) wss://files.example.com:8180/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) https://files.example.com:8180/$1 [P,L]
ProxyPass / https://files.example.com:8180/
ProxyPassReverse / https://files.example.com:8180/
ProxyPass /ws/ ws://files.example.com:8180/ws/
ProxyPassReverse /ws/ ws://files.example.com:8180/ws/
ErrorLog "/logs/sites-files.example.com-error-ssl.log"
CustomLog "/logs/sites-files.example.com-access-ssl.log" common
SSLCertificateFile "/etc/letsencrypt/live/files.example.com/cert.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/files.example.com/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/files.example.com/chain.pem"
</VirtualHost>
</IfModule>Hi,
Thanks for replying and helping out ! We must start a dedicated knowledge base for Pydio Cells, it’s in the pipe.
As a hint, I’ll add a working config that we use also for a similar setup (Cells listening on an internal port and Apache reverse-proxying the domain name) :
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName domain.pydio.com
# May be necessary for API direct accesses
AllowEncodedSlashes On
RewriteEngine On
# Make sure to proxy SSL
SSLProxyEngine On
# Disable SSLProxyCheck : maybe necessary if Cells is configured with self_signed
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
SSLProxyVerify none
# Proxy WebSocket
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) wss://domain.pydio.com:8080/$1 [P,L]
# Finally simple proxy instruction
ProxyPass "/" "https://domain.pydio.com:8080/"
ProxyPassReverse "/" "https://domain.pydio.com:8080/"
</VirtualHost>
</IfModule>
Please note:
AllowEncodedSlashes On that may be necessary if not activated globally in apache (to call APIs like /a/meta/bulk/path%2F%to%2Ffolder
Anybody willing to translate this into NGINX is welcome!
I’m testing different configurations of the NGINX with Pydio Cells, but the following error comes up, can someone tell me where the error is, thanks in advance.
I’m using NGINX proxy reverse with Apache Pydio Cells.
My NGINX is
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name _;
root /home/josep/.config/pydio/cells/static/pydio;
index index.php;
add_header X-Frame-Options “SAMEORIGIN”;
ssl_certificate /etc/letsencrypt/live/pydio.example.com/fullchain.pem
; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/pydio.example.com/privkey.pem; # managed by Certbot
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/pydio_access.log;
error_log /var/log/nginx/pydio_error.log;
# All non existing files are redirected to index.php
if (!-e $request_filename){
# For old links generated from Pydio 6
rewrite ^/data/public/([a-zA-Z0-9_-]+)$ /public/$1? permanent;
rewrite ^(.*)$ /index.php last;
}
# Manually deny some paths to ensure Pydio security
location ~* ^/(?:\.|conf|data/(?:files|personal|logs|plugins|tmp|cache)|plugins/editor.zoho/agent/files) {
deny all;
}
location /cells {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass "http://192.168.1.26$request_uri";
proxy_redirect off;
}
}
I have in error nginx from server this:
[error] 12130#12130: *2 open() “/home/josep/.config/pydio/cells/static/pydio/index.php” failed (2: No such file or directory), client: 83.40.40.190, server: pydio.example.com, request: “GET / HTTP/1.1”, host: “pydio.example.com”