[Solved] Help proxying Pydio Server 8.2.3 from another server?

I have an Ubuntu Server (19.10) running Pydio Community Server v 8.2.3, with an apache2 reverse proxy to provide SSL. It’s the version published in the Artful repository here: https://pydio.com/en/docs/v8/debianubuntu-systems

I have multiple sites on this older server so the pydio site is only defined with this apache pydio.conf file:

alias   /pydio  /usr/share/pydio
<Directory "/usr/share/pydio">
        Options FollowSymLinks 
        AllowOverride Limit FileInfo
        Require all granted
</Directory>

My 000-default.conf (on the older server) redirects all http requests to https (With a single exclusion for another web app) (I have temporarily disabled that):

<VirtualHost *:80>
        ServerName homedomain.bigdomain.com/
        DocumentRoot /var/www
        #RewriteEngine on
        #RewriteCond %{REQUEST_URI} !^/torque(.*)/upload_data(.*)$
        #RewriteRule  ^/(.*)  https://%{HTTP_HOST}/$1  [last,redirect=301]

        ErrorLog /var/log/apache2/error.log
        LogLevel warn
        CustomLog /var/log/apache2/access.log combined
        LimitRequestLine 20000
</VirtualHost>

My default-ssl.conf on the old server (and the new server) is the following:

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerName homedomain.bigdomain.com:443
                ServerAdmin email@bigdomain.com
                DocumentRoot /var/www
                <Directory />
                        Options FollowSymLinks
                        AllowOverride None
                </Directory>
                <Directory /var/www/>
                        Options Indexes FollowSymLinks MultiViews
                        AllowOverride None
                        Require all granted
                </Directory>

                ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
                <Directory "/usr/lib/cgi-bin">
                        AllowOverride None
                        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                        Require all granted
                </Directory>

                ErrorLog ${APACHE_LOG_DIR}/error.log
                LogLevel warn
                CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
                SSLEngine on
                SSLCertificateFile /etc/apache2/ssl/homedomain.bigdomain.com.crt
                SSLCertificateKeyFile /etc/apache2/ssl/homedomain.bigdomain.com.key
                SSLHonorCipherOrder On
                SSLProtocol all -SSLv2 -SSLv3
                SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:EC
DHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES2
56-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
                SSLInsecureRenegotiation off
                SSLCACertificateFile /etc/apache2/ssl/intermediate.crt
                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                        SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                        SSLOptions +StdEnvVars
                </Directory>
                BrowserMatch "MSIE [2-6]" \
                        nokeepalive ssl-unclean-shutdown \
                        downgrade-1.0 force-response-1.0
                # MSIE 7 and newer should be able to use keepalive
                BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

                SSLProxyEngine          On
                ProxyRequests           On
                ProxyPreserveHost       On
                RequestHeader           set             X-Forwarded-Proto "https"
        </VirtualHost>
</IfModule>

All domain names above have been changed from the real domain. This all works fine. Now, I am ready to move to new hardware for my primary apache server, (so homedomain.bigdomain.com requests on 443 and 80 direct to a new server instead of the old server) but I’m leaving pydio on the old hardware. I want to proxy to the pydio server on my LAN from the new server…on the LAN, the old server is 10.1.10.22 and the new server is 10.1.2.10. I have set up a site on the new server with its own pydio.conf file, and these are the contents:

<Location /pydio>
        Options                 FollowSymLinks 
        Require                 all granted

        ProxyPreserveHost       On
        ProxyPass               http://10.1.10.22/pydio/
        ProxyPassReverse        http://10.1.10.22/pydio/
        RequestHeader           set     X-Forwarded-Proto "https"
</Location>

Currently, I have disabled the https redirect on the old server and targeted http. When I try to go to the page, I get an error page with the header “Page not found!” and just the text on the page “Oops, cannot find this page!”

If I re-enable the https rewrite rules on the old server and configure the proxy on the new server to https (which I can navigate directly to by IP successfully), then I load the proxied URL, I get the same thing. There is nothing in the apache error log on the new server, so I believe the issue lies in the configuration of the old server. The logs in “Settings -> Logs -> Server Logs” don’t show anything, so I’m not sure where else to look.

I fixed it, I had to remove the trailing slash in the pydio proxy pass configuration on the new server. The logs on the old server (/var/log/apache2/ssl_access.log) showed an attempt to load “/pydio//” which was the canary I needed.