[Solved] Unable to sync with Pydio Cells 2.0.4 with Traefik

Hello,

I have just deployed Pydio in docker with docker compose. All works fine. I tried wevdav and works good, except of file locking (may be it does not work in free version).

Now I am trying to sync data with cell-sync on windows 10 machine and this errors appear:
the gRPC port may not be correctly opened in the server.

I have tried latest stable version of cell-sync and as well 0.9.2-dev.20191219 and same error appears.

I have used this setup:
https://pydio.com/en/docs/kb/deployment/running-cells-container-behind-traefik-reverse-proxy

Could anyone please tell me, what I am doing wrong?

Here is my docker-compose.yml:

version: "3"

services:
  cells:
    image: pydio/cells:2.0.4
    restart: always
    ports: 
      - "8000:80"
    environment:
      - CELLS_BIND=${DOMAIN_NAME}:80
      - CELLS_EXTERNAL=https://${DOMAIN_NAME}
      - CELLS_NO_TLS=1
    volumes:
      - "cellsdir:/var/cells"
      - "data:/var/cells/data"
    networks:
      - default
      - traefik-public
    depends_on:
      - mysql
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.cells.rule=Host(`${DOMAIN_NAME}`)"
      - "traefik.http.routers.cells.entrypoints=websecure"
      - "traefik.http.routers.cells.tls.certresolver=letsencryptresolver"
      #These entries might be useful for gRPC in cells  2
      #- "traefik.tcp.routers.cells.rule=HostSNI(`${DOMAIN_NAME}`)"
      #- "traefik.tcp.routers.cells.entrypoints=websecure"
      #- "traefik.tcp.routers.cells.tls.certresolver=letsencryptresolver"
      #- "traefik.tcp.routers.cells.tls.passthrough=true"
  #command: ["cells", "start", "--log=production"]

  mysql:
    image: mysql:5.7
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: *********
      MYSQL_DATABASE: cells
      MYSQL_USER: pydio
      MYSQL_PASSWORD: *************
    volumes:
      - "mysqldir:/var/lib/mysql"
    command:
      [
        mysqld,
        --character-set-server=utf8mb4,
        --collation-server=utf8mb4_unicode_ci,
      ]

volumes:
  data: {}
  cellsdir: {}
  mysqldir: {}

networks:  
  traefik-public:
    external: true

Hello @pvalenta,

In your setup once you have set the GRPC port on Cells, (via env variable) with docker it would be passed in your docker compose file, such as PYDIO_GRPC_EXTERNAL=<a port>, also GRPC requires TLS so you should have at least a self-signed certificate on your Cells instance (The integrated tool within Cells allows you to do that easily).

Then you either have to configure Traefik to proxy the grpc or add another reverse proxy with its purpose to only proxy the grpc, see the example with nginx, (scroll to the Cells Sync part)
https://pydio.com/en/docs/kb/deployment/running-cells-behind-nginx-reverse-proxy

Also see this article to get a picture of the entire setup.
https://pydio.com/en/docs/kb/client-applications/setup-cells-server-cellssync

If you need more help on how to set things up do not hesitate to ask.

Hello @zyan,

thank you for quick response. I have made it working and without self signed certificate. Traefik is able to proxy grpc without TLS. Here is my dynamic file conf for that:

http:
  routers:
    cellsgRPC:
      entryPoints:
        - "cellsgrpc"
      service: cells-grpc
      rule: Host(`my.domain.com`)
      tls: {}

  services:
    cells-grpc:
      loadBalancer:
        servers:
        - url: h2c://cells:33060

docker-compose.yml file is almost same as above. I have added this one line to service cell:

command: ["cells", "start", "--grpc_external=33060"]

May be it helps someone.

Thank you.