Running Cells in addition to Apache on Debian Buster

Hi guys!

I’ve been running pydio for a number of years without issues. When cells was released I tried to upgrade several times with to no avail…
Today, I’ve got a new server, so instead of rsyncing everything from old to new, I’ve decided to start with a fresh install. I’m hosting a website with Apache and would like to serve/transfer files with cells. Install went fine but I’m struggling with running both Apache and cells on the same machine. I always end up with “bind address already in use”. My guess is I need to use a reverse proxy, but I have no idea how…

Help would be greatly appreciated!


Hello @matthewoliver ,

Cells has an embedded webserver, by default it will bind on if you wish to use this port with apache, I would advise you to run the command ./cells configure sites and change the bind port to for instance 8080 then in your Apache reverse proxy config you can proxy the requests to localhost:8080.

If was not clear do not hesitate to ping me for me details.

1 Like

Hi @zayn, thanks for the reply. Following the reverse-proxy docs, I added a new virtualhost. Can’t paste it here as I can’t post more than 2 links (because I’m a noob apparently)

But now I’m getting this error: Your browser sent a request that this server could not understand.
Reason: You’re speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
And in pydio output I get this: INFO pydio.gateway.proxy Service failed to start - restarting in 10s {“error”: “ErrServiceStartNeedsRetry - listen tcp :8080: bind: address already in use”}

Hello @matthewoliver ,

it is indicating that the port 8080 is already used, make sure that the port is free and not bound to any software otherwise you can set another port with the command: ./cells configure sites.

Here are 2 samples to illustrate a simple apache2 + cells setup.

Assuming that I have the following configuration on Cells
(you can swap the port 8080 by any port of your choice)

pydio@cells-test:~$ ./cells configure sites
The following sites are currently defined:
| # |        BIND(S)        |  TLS   |                  EXTERNAL URL                  |
| 0 | http://localhost:8080 | No Tls |  |

and apache2 conf

<VirtualHost *:80>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

RewriteCond %{SERVER_NAME}
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

<VirtualHost *:443>
    AllowEncodedSlashes On
    RewriteEngine On

    ProxyPass / http://localhost:8080/ nocanon
    ProxyPassReverse / http://localhost:8080/ nocanon

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLCertificateFile /etc/letsencrypt/live/
    SSLCertificateKeyFile /etc/letsencrypt/live/
Include /etc/letsencrypt/options-ssl-apache.conf

The certificate directives are created by certbot, but it will give you a global view of the setup.

Also make sure to add the websocket reverse proxy directives, see our documentation:

Hi @zayn, thanks for your help!
Still getting errors… but I’ll keep trying!

Hello @matthewoliver ,

Did you manage to have your install running or are you still having issues, if that is the case would like more help ?

1 Like

Hi @zayn,

Thanks for your reply! I’m actually still struggling… Is there a way I can send you my httpd.conf? So you can help me add the necessary directives to allow cells in a reverse apache2 proxy?

Hello @matthewoliver

we try to avoid private communication for problem solving, so that the errors of some can benefit others.
(it is another story if you subscribe to our support service :wink: )

Anyway, do you have any errors in your apache logs when you try to reach the server ?
Could you first try to manage exposing a simple webpage with SSL behind your apache reverse proxy ?

Hi @bsinou,

As a “newbie”, I can’t post more than 2 links (either logs or httpd.conf contain more than 2 links…) hence wanting to send either to @zayn via pm to avoid forum restrictions. That doesn’t prevent me from publicly posting the solution when it is found!

Here’s my default.conf:

# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request’s Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.


#AllowEncodedSlashes On
#RewriteEngine On
#ProxyPass / http://localhost:9000/ nocanon
#ProxyPassReverse / http://localhost:9000/ nocanon
#Redirect /

#Available loglevels: trace8, …, trace1, debug, info, notice, warn,
#error, crit, alert, emerg.
#It is also possible to configure the loglevel for particular
#modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
    DocumentRoot /var/www
    SSLEngine on
    SSLProtocol +TLSv1.2 +TLSv1.3
    SSLCertificateFile /etc/webmin/letsencrypt-cert.pem
    SSLCertificateKeyFile /etc/webmin/letsencrypt-key.pem
    SSLCACertificateFile /etc/webmin/letsencrypt-ca.pem

#For most configuration files from conf-available/, which are
#enabled or disabled at a global level, it is possible to
#include a line for only one particular virtual host. For example the
#following line enables the CGI configuration for this host only
#after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf

#Proxy WebSocket
#RewriteCond %{HTTP:Upgrade} =websocket [NC]
#RewriteRule /(.) wss://$1 [P,L]
#ProxyPassMatch "/ws/(.
)" ws://$1 nocanon
#for ssl
#ProxyPassMatch “/ws/(.*)” wss://$1 nocanon

Hello @matthewoliver

Could you please edit your post so that it is correctly displayed ? Right now it’s (too) cumbersome to read.


This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.