I am trying to set up Cells to work on a subdomain (cells.example.com). I am used to setting up a vhost file that redirects requests for the subdomain to the port on which an app operates, but have not found success trying this with Cells.
I would appreciate any guidance on this front.
What version of Cells are you using?
Pydio Cells Home Edition Version: 4.4.2 Built: 04 Jun 24 11:49 +0000 Git commit: 370fe5acdad840eaad6f327d2fde210525c14735 OS/Arch: linux/amd64 Go version: go1.21.10
What is the server OS? Database name/version? Browser name or mobile device description (if issue appears client-side)?
I somehow missed that page in my searches, but after following it (using the recommended settings regarding localhost, &c.), visiting the subdomain yields a blank page with the singular message:
Client sent an HTTP request to an HTTPS server.
This happens even when I explicitly type https:// into the URL field.
The relevant error from /var/log/apache2/error.log is:
[Mon Jun 17 02:08:22.418560 2024] [proxy_http:error] [pid 167196:tid 140379143738944] (104)Connection reset by peer: [client REDACTED] AH01110: error reading response
Actually, with the localhost config, Cells froze on startup. I had to kill the process.
************************************************************
✗ Error while starting discovery server:
✗ server.Start grpc: listen tcp 127.0.0.1:8030: bind: address already in use
✗ FATAL : shutting down now!
************************************************************
Error: no discovery server
I have no idea where 8030 is coming from.
Changing the relevant fields to 127.0.0.1 in vhost and config allows Cells to start, but does not change the error in the browser.
Could you please provides the results of the cells configure sites command and your Apache configuration file ?
From what you describe, it seems that you are missing something.
The following sites are currently defined:
+---+------------------------+-------------+----------------------------------+
| # | BIND(S) | TLS | EXTERNAL URL |
+---+------------------------+-------------+----------------------------------+
| 0 | https://127.0.0.1:8080 | Self-signed | https://cells.my.site |
+---+------------------------+-------------+----------------------------------+
/etc/apache2/sites-enabled/cells.my.site.conf:
<VirtualHost *:80>
ServerName cells.my.site
ServerAlias www.cells.my.site
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{SERVER_NAME} =cells.my.site
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerName cells.my.site
AllowEncodedSlashes On
RewriteEngine On
SSLProxyEngine On
## The order of the directives matters.
# If Cells is not running with https, consider using ws instead of wss
ProxyPassMatch "/ws/(.*)" wss://127.0.0.1:8080/ws/$1 nocanon
## This rewrite condition is required if using Cells-Sync
# RewriteCond %{HTTP:Content-Type} =application/grpc [NC]
# RewriteRule /(.*) h2://127.0.0.1:8080/$1 [P,L]
ProxyPass "/" "https://127.0.0.1:8080/"
ProxyPassReverse "/" "https://127.0.0.1:8080/"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/cells.my.site/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cells.my.site/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
I pulled that conf file’s contents straight from the documentation, only changing the relevant info. What would be different for me that I have to add extra things?
Using cells configure sites to change to using a custom certificate (using a certificate generated by certbot) yields a 503 page with the following content:
Service Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
Apache/2.4.52 (Ubuntu) Server at cells.my.site Port 443