Nginx Reverse Proxy Conflict with Cells on Port 443

lubovic · September 2, 2024, 2:10pm

Hello everyone,

I am using cells installed with systemctl on a debian server.
I also have nginx, also installed with systemctl, for reverse proxying.

I’m sorry to post this here, as it might not be due to cells, but I’m really stuck.

I am encountering an issue. I have several reverse proxies configured, and usually, it works well because I add a different port. But this time, for an application I need to configure, I am forced to use port 443, just like cells.
However, I am indeed on a different subdomain from cells.

Like cells is : cloud.ndd.fr
And my app is : app.ndd.fr

Here is an Nginx config file:

server {
    listen 80;
    listen 443 ssl;
    server_name app.ndd.fr;
    ssl_certificate /etc/letsencrypt/live/app.ndd.fr/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/app.ndd.fr/privkey.pem;
    location / {
        proxy_pass http://localhost:1234;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

It is functional, I can access this server, but the problem is that I have to stop cells:

sudo systemctl stop cells

If I do not stop cells, then my Nginx will not start: bind() to 0.0.0.0:443 failed (98: Address already in use)

Because cells is already listening on port 443.

Is there a way to access my two different subdomains without having to specify a port?
I can’t find a solution.

Thank you!

bsinou · September 2, 2024, 3:44pm

Yes, you can only bind one app to a given port.

In such case, I usually also use the nginx as the reverse proxy for cells.

You could then use cells configure sites to define another unused port and add a stanza in nginx to forward the traffic to the correct port depending on the subdomain.

Would this work for you ?

lubovic · September 2, 2024, 3:50pm

Ah ok, I understand better. Actually, I can only bind one port either to nginx or to the integrated server of cells.
But if I route everything through nginx, then it’s no longer a problem and I can associate the same port multiple times but with different subdomain names, right?
If the result is that:
cloud.ndd.fr and app.ndd.fr point transparently without adding a port in the URL, then yes, that works for me.

So I need to disable the integrated reverse proxy in cells and use nginx for cells?

Thanks a lot!

lubovic · September 10, 2024, 9:08am

Hello,

I do not understand what is wrong with my cells configure sites.

This is what I have:

The following sites are currently defined:
±–±-------------------------±-------±---------------------+
| # | BIND(S) | TLS | EXTERNAL URL |
±–±-------------------------±-------±---------------------+
| 0 | http://cloud.ndd.fr:8080 | No Tls | https://cloud.ndd.fr |
±–±-------------------------±-------±---------------------+

"sites": [
  {
    "Binds": [
      "cloud.ndd.fr:8080"
    ],
    "ReverseProxyURL": "https://cloud.ndd.fr",
    "TLSConfig": null
  }
],

But cells is still occupying port 443, and I cannot start Nginx.
However I can access cells like before!

Here is what I see in my admin interface; it looks like cells is not taking the config file into account?

bsinou · September 13, 2024, 1:44pm

Hmm sorry for the late reply.

Maybe dumb question, but are you sure you restarted the server after doing the change via cells configure site ???

Otherwise there must be another issue somewhere: the 2 values (in the web and in the console) should be the same…

lubovic · September 13, 2024, 2:01pm

No problem for the time

I’m restarting cells with : sudo systemctl restart cells
I guess its restarting the cells server as well ?

bsinou · September 16, 2024, 8:06am

Hmm. Very strange.

I guess its restarting the cells server as well ?

Yep.

I could see 2 others things that might lead to this situation:

Do you have the CELLS_BIND and/or CELLS_EXTERNAL env variable defined ?
Are you sure you are using the correct user and working dir (the ones defined in your systemd config file) ?

Otherwise, you might find some clue at the start of the log, when you restart the server.

lubovic · September 18, 2024, 7:25am

Hello,

Thank you, that was exactly it! I was actually using the root user.
When I was using root user, it was launching another configuration of: cells configure site
Similarly, when I manually edited the config file, it was the one associated with root…

Switching to my cells user gave me access to the correct configuration.

Thank you very much.

bsinou · September 18, 2024, 9:54am

I won’t say it never happened to me

system · September 29, 2024, 3:54pm

This topic was automatically closed 11 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Nginx proxy reverse (Pydio Cells 1.0) Pydio Cells nginx , ubuntu	5	3823	July 11, 2018
Running Cells in addition to Apache on Debian Buster Pydio Cells install	11	1023	August 24, 2021
Reverse proxy with url rewrites Pydio Cells	3	322	March 5, 2024
Setting Up Cells on Subdomain with Apache on Ubuntu 22.04 Pydio Cells install	11	114	August 21, 2024
Impossible to access Cells from two different addresses (e.g. local and external) Pydio Cells	13	1759	December 28, 2018

Nginx Reverse Proxy Conflict with Cells on Port 443

Related Topics