I am experiencing an unfortunate issue regarding session time outs. No matter what i set the timeout to within pydio cells console it still seemingly randomly times-out, even during the middle of uploads and changes.
[Using Pydio Cells Home (4.0.2)(self-signed cert) within docker behind a Nginx reverse proxy (lets-encrypt SSL) with external URL set correctly]
Have you tried changing the Web Interface auto logout in the Client Plugin to a higher value? Also try checking your set ulimit.
No matter what i set the auto logout to it still expires at some randomly short time. Where does one set the ulimit? I’m reading the documentation that it is a file open limit. but I fail to see its relevancy.
Hi, random time-out may come from a Cookie issue, or a server time mismatch. If you have a reverse proxy, I would first check the first. Looking at your developer console (in the browser), can you check if cookies are properly set, with correct domain name, once you are logged in ?
yeah curious issue then, no cookies appear to be set when i log in. what would prevent that? I followed the setup instructions for nginx reverse proxy
That’s what I suspected… now finding the cause is another thing 
Can you double check the domain used by LetsEncrypt on Nginx and the external URL in the cells site (cells config sites) ? Probably a domain discrepancy…
lets encrypt certificate domain and the external url are both correct. I even made sure cloudflare was using DNS only for the subdomain and only using the server side ssl certificate instead of its own.
Hi @Ryan,
Could you please post your nginx config?
server {
server_name cloud.mydomain;
# Allow any size file to be uploaded.
client_max_body_size 0;
# To disable buffering
proxy_buffering off;
location / {
# Uncomment this to enable gRPC and thus be able to use cells-sync
if ($http_content_type = "application/grpc") {
grpc_pass grpcs://localhost:8021;
}
proxy_pass https://localhost:8021;
}
location /ws/ {
proxy_pass https://localhost:8021;
proxy_ssl_verify off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
server_tokens off;
error_log /var/log/nginx/cells-proxy-error.log;
access_log /var/log/nginx/cells-proxy-access.log;
listen [::]:443 ssl;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/cloud.mydomain/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cloud.mydomain/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = cloud.mydomain) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name cloud.mydomain;
listen [::]:80;
listen 80;
return 404; # managed by Certbot
}
Any chance someone can assist with this issue regarding cookies not applying for the login session? It’s literally the only application i run that has an issue like this.
Run
./cells configure sites
and at some point, you will be asked
If this site is accessed through a reverse proxy, provide full external URL (https://mydomain.com):
Provide your external URL from Nginx.
I had the same problem - no cookies were set except for ai_user. With the correct external URL, it seems working fine.
i have already done this as stated earlier in the thread. The external url is set as https://sudomain.domain.extension as instructed
Hi,
Try to add $request_uri; at the end of proxy path
my config looks like:
location / {
proxy_buffering off;
proxy_ssl_verify off;
proxy_pass https://localhost:8021$request_uri;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
That unfortunately did not work.
Hi @Ryan
Is it possible if you send me the url & an account for testing via private message?
NEVERMIND.
I figured it out. Pydio cells documentation is wrong.
The location for the root needs to be set differently than the documentation says.
Here is how my locations are set for this subdomain in nginx
location / {
# Uncomment this to enable gRPC and thus be able to use cells-sync
if ($http_content_type = "application/grpc") {
grpc_pass grpcs://localhost:8008;
}
proxy_pass https://localhost:8008; #$request_uri;
proxy_ssl_verify off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /ws {
proxy_pass https://localhost:8008; #$request_uri;
proxy_ssl_verify off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
@Ryan can you kindly point to the wrong documentation page?
https://pydio.com/en/docs/kb/deployment/running-cells-behind-nginx-reverse-proxy
according to suggestions regarding passing cookie information through nginx as a reverse proxy, proxy_set_header Host $host; was the necessary fix.
This topic was automatically closed 11 days after the last reply. New replies are no longer allowed.