Setup pydio with caddy and localhost ssl

Pydio Cells
1

For first post, please answer the questions below!

Describe your issue in detail

Hello friends I have installed Pydio Cells on Fedora 39, and everything worked for me after configuring cells. But since I want to run it locally on LAN network, I want to access it using domain name but in which it only exists on local Active Directory DNS.

I wanted to make localhost (domain) to be SSL and I used caddy for that. But I couldn’t achieve that. I SSL related error when I try to access Cells using the domain name I specified inside CaddyFile

What version of Cells are you using?

4.3.6

What is the server OS? Database name/version? Browser name or mobile device description (if issue appears client-side)?

  • I am using Fedora 39 KDE,
  • MariaDB

What steps have you taken to resolve this issue already?

I installed Caddy and added the following config to the default CaddyFile

file.mydomain.com {
    reverse_proxy localhost:8080
}
2

If I understand your problem correctly and if you:

  • are in a trusted private LAN between the Caddy reverse proxy and Cells
  • use a self signed for Cells

you should skip SSL verification at the Caddy Level, e.g:

file.mydomain.com {
    reverse_proxy localhost:8080  {
    transport http {
      tls
      tls_insecure_skip_verify
    } 
  }
}

Note that in such case, it is recommended to explicitly declare your public DNS in Cells via cells configure sites

3

Thank you for replying, I configured as you suggested but I am getting error from Caddy suggesting the domain couldn’t be found…

Apr 04 16:21:30 fedora caddy[7372]: {"level":"info","ts":1712236890.8838837,"logger":"tls.obtain","msg":"lock acquired","identifier":"file.liyumfi.com"}
Apr 04 16:21:30 fedora caddy[7372]: {"level":"info","ts":1712236890.8839447,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"file.liyumfi.com"}
Apr 04 16:21:30 fedora caddy[7372]: {"level":"info","ts":1712236890.884328,"logger":"http","msg":"waiting on internal rate limiter","identifiers":["file.liyumfi.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":""}
Apr 04 16:21:30 fedora caddy[7372]: {"level":"info","ts":1712236890.884347,"logger":"http","msg":"done waiting on internal rate limiter","identifiers":["file.liyumfi.com"],"ca":"https://acme-v02.api.letsencrypt.org/directory","account":""}
Apr 04 16:21:33 fedora caddy[7372]: {"level":"info","ts":1712236893.0357635,"logger":"http.acme_client","msg":"trying to solve challenge","identifier":"file.liyumfi.com","challenge_type":"tls-alpn-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
Apr 04 16:21:33 fedora caddy[7372]: {"level":"error","ts":1712236893.8953402,"logger":"http.acme_client","msg":"challenge failed","identifier":"file.liyumfi.com","challenge_type":"tls-alpn-01","problem":{"type":"urn:ietf:params:acme:error:dns","title":"","detail":"D>
Apr 04 16:21:33 fedora caddy[7372]: {"level":"error","ts":1712236893.8954608,"logger":"http.acme_client","msg":"validating authorization","identifier":"file.liyumfi.com","problem":{"type":"urn:ietf:params:acme:error:dns","title":"","detail":"DNS problem: NXDOMAIN lo>

Since the domain I am using is not publicly accessible that might be the reason, I am just picking up some domain and used /hosts to map the domain to localhost. I also tried cells configure sites by adding the domain I used above as site I chose local ip address as binding host.

4

@bsinou any ideas? I have tried multiple ways but still no luck

5

Hello @bsinou
It is solved now, I added tls internal and it worked

file.mydomain.com {
    reverse_proxy localhost:8080  {
    transport http {
      tls internal
      tls_insecure_skip_verify
    } 
  }
}
6

This topic was automatically closed 11 days after the last reply. New replies are no longer allowed.