Timeout Exceeded During Login

#1

Hi,

I have set up Pydio Cells instance as a system service in Ubuntu 18 and running it behind Apache reverse proxy.

I am not able to login and at the login page a message stating “Timeout of 60000ms exceeded” is being displayed.

I could not find any particular error in the log file.

A previous thread " Cells - Timeout of 60000ms exceeded during login" also did not provide any solutions.

Anyone here has experiencing this same problem before?

#2

Hi,
could you give me details on your setup,
bind url, external (if it’s a public replace it by a random string)
also may i take a look your reverse-proxy config file?

#3

Hi,

For internal URL I set to localhost:8080

For external URL I set to site1.example.com with HTTP

Below is the reverse proxy config file

<VirtualHost *:80>
        ServerName site1.example.com
        ServerAdmin webmaster@example.com
        AllowEncodedSlashes On
        RewriteEngine On
        #SSLProxyEngine On
        #SSLProxyVerify None
        #SSLProxyCheckPeerCN Off
        #SSLProxyCheckPeerName Off

        #Proxy WebSocket
        #RewriteCond %{HTTP:Upgrade} =websocket [NC]
        #RewriteRule /(.*) wss://localhost:8080/$1 [P,L]
        ProxyPassMatch "/ws/(.*)" ws://localhost:8080/ws/$1 nocanon
        # for ssl
        # ProxyPassMatch "/ws/(.*)" wss://ip.or.domain.server/ws/$1 nocanon

        # Onlyoffice
        ProxyPassMatch "/onlyoffice/(.*)/websocket$" ws://localhost:8080/onlyoffice/$1/websocket nocanon

        #Finally simple proxy instruction
        ProxyPass "/" "http://localhost:8080/"
        ProxyPassReverse "/" "http://localhost:8080/"

        #Uncomment if you are going to use SSL
        #SSLEngine on
        #SSLCertificateFile /etc/ssl/localcerts/server.crt
        #SSLCertificateKeyFile /etc/ssl/localcerts/server.key
        #SSLCertificateChainFile /etc/ssl/localcerts/bundled.crt

        ErrorLog ${APACHE_LOG_DIR}/pydiocells-error-ssl.log
        CustomLog ${APACHE_LOG_DIR}/pydiocells-access-ssl.log combined

</VirtualHost>
#4

do you have a firewall? also is the domain name that you are using available outside of your network?

otherwise here is a proxy config that i just tested and it worked.

(i removed a lot of commented lines to make it clear)

Listen 80
<VirtualHost *:80>

  ServerName 192.168.0.111
  AllowEncodedSlashes On
  RewriteEngine On


  #Proxy WebSocket
  #RewriteCond %{HTTP:Upgrade} =websocket [NC]
  #RewriteRule /(.*) wss://127.0.0.1:8080/$1 [P,L]
  ProxyPassMatch "/ws/(.*)" ws://localhost:8080/ws/$1 nocanon
  
  #Finally simple proxy instruction
  ProxyPass "/" "http://localhost:8080/"
  ProxyPassReverse "/" "http://localhost:8080/"

  ErrorLog ${APACHE_LOG_DIR}/error-ssl.log
  CustomLog ${APACHE_LOG_DIR}/access-ssl.log combined
</VirtualHost>
#5

Yes. There is a firewall but already configured to allow external access.

No problem to access the domain name from outside of the network as well.

The only problem now is I can see the login page but unable to login.

#6

what does the proxy logs says ?
are there any error showing on cells logs and could you also take a look at the caddy log, config/pydio/cells/logs/caddy_errors.log.

#7

@nikmohdaiman Are all your tables being created upon install? I’m receiving the same error because only some of the tables are created during install. See also: Cells - Timeout of 60000ms exceeded during login

#8

no error shown on apache log, cells log or caddy log

#9

I checked the database, 48 tables were created.

How many tables it should be?

I am currently using Pydio Cells 1.5.0

#10

Hi,
there should be 50 tables, you can see the total below,
also could you show me your output i want to see which tables are not created,

+-----------------------------------+
| Tables_in_cells                   |
+-----------------------------------+
| data_index_cellsdata_idx_commits  |
| data_index_cellsdata_idx_tree     |
| data_index_ds1storage_idx_commits |
| data_index_ds1storage_idx_tree    |
| data_index_personal_idx_commits   |
| data_index_personal_idx_tree      |
| data_index_pydiods1_idx_commits   |
| data_index_pydiods1_idx_tree      |
| data_meta                         |
| dex_auth_code                     |
| dex_auth_request                  |
| dex_client                        |
| dex_connector                     |
| dex_keys                          |
| dex_migrations                    |
| dex_offline_session               |
| dex_password                      |
| dex_refresh_token                 |
| enc_node_keys                     |
| enc_nodes                         |
| gorp_migrations                   |
| idm_acl_nodes                     |
| idm_acl_roles                     |
| idm_acl_workspaces                |
| idm_acls                          |
| idm_policy_group                  |
| idm_policy_rel                    |
| idm_role_policies                 |
| idm_roles                         |
| idm_user_attributes               |
| idm_user_idx_commits              |
| idm_user_idx_tree                 |
| idm_user_keys                     |
| idm_user_policies                 |
| idm_user_roles                    |
| idm_usr_meta                      |
| idm_usr_meta_ns                   |
| idm_usr_meta_policies             |
| idm_workspace_policies            |
| idm_workspaces                    |
| ladon_action                      |
| ladon_policy                      |
| ladon_policy_action_rel           |
| ladon_policy_permission           |
| ladon_policy_resource             |
| ladon_policy_resource_rel         |
| ladon_policy_subject              |
| ladon_policy_subject_rel          |
| ladon_resource                    |
| ladon_subject                     |
+-----------------------------------+
50 rows in set (0.003 sec)

Could you tell me your database version?

#11

These are the table list from the database

±---------------------------------+
| Tables_in_pydiocells |
±---------------------------------+
| data_index_cellsdata_idx_commits |
| data_index_cellsdata_idx_tree |
| data_index_personal_idx_commits |
| data_index_personal_idx_tree |
| data_index_pydiods1_idx_commits |
| data_index_pydiods1_idx_tree |
| data_meta |
| dex_auth_code |
| dex_auth_request |
| dex_client |
| dex_connector |
| dex_keys |
| dex_migrations |
| dex_offline_session |
| dex_password |
| dex_refresh_token |
| enc_node_keys |
| enc_nodes |
| gorp_migrations |
| idm_acl_nodes |
| idm_acl_roles |
| idm_acl_workspaces |
| idm_acls |
| idm_policy_group |
| idm_policy_rel |
| idm_role_policies |
| idm_roles |
| idm_user_attributes |
| idm_user_idx_commits |
| idm_user_idx_tree |
| idm_user_keys |
| idm_user_policies |
| idm_user_roles |
| idm_usr_meta |
| idm_usr_meta_ns |
| idm_usr_meta_policies |
| idm_workspace_policies |
| idm_workspaces |
| ladon_action |
| ladon_policy |
| ladon_policy_action_rel |
| ladon_policy_permission |
| ladon_policy_resource |
| ladon_policy_resource_rel |
| ladon_policy_subject |
| ladon_policy_subject_rel |
| ladon_resource |
| ladon_subject |
±---------------------------------+
48 rows in set (0.01 sec)

I am using MySQL 8.0.15

#12

yeah you are not missing a single table,
I have 2 more because of a new datasource that i added manually,

| data_index_ds1storage_idx_commits |
| data_index_ds1storage_idx_tree |
#13

Could you please try to stop apache and see if you can access and log in cells directly.
Because you have the proxy and cells running on the same machine it could be the cause.

Edit: The thing is it should be working, as I tested the same but I just want to be sure how your network behaves.

Edit2: I edited my message to be clearer.

#14

@zayn, The following applies to Cells - Timeout of 60000ms exceeded during login, which appears related. The logs are showing the following below. Please advise on why this may be occurring.

pydio | 2019-04-27T04:55:53.475Z ERROR pydio.rest.frontend Rest Error 401 {“error”: “Post http://192.168.1.132:8080/auth/dex/token: read tcp 172.28.0.2:43321->192.168.x.x:8080: read: connection reset by peer”}
pydio | 2019-04-27T04:55:58.840Z ERROR Could not find DataSource pydiods1 {“currentSources”: []}
pydio | 2019-04-27T04:55:58.841Z ERROR pydio.grpc.tasks cannot run action actions.versioning.prune: Could not find DataSource pydiods1 {“OperationUuid”: “prune-versions-job-74d6e0f6”}
pydio | 2019-04-27T04:56:17.795Z ERROR pydio.rest.frontend Rest Error 401 {“error”: “Post http://192.168.1.132:8080/auth/dex/token: read tcp 172.28.0.2:43351->192.168.x.x:8080: read: connection reset by peer”}

#15

Hi,
@nikmohdaiman

Can you please check that you can access your machine from your machine (from itself) using its FQDN.

For instance, from the machine running cells run this:
curl http://site1.example.com/login

#16

I tried without the reverse proxy also giving me the same result which is timeout exceeded.

curl http://site1.example.com/login - site move permanently because I did a redirect during
LetsEncrypt installation
curl https://site1.example.com/login - nothing happened, no output given

I did found ‘Rest Error 401’ in the log as well

#17

Hello,

A)

When you talk about the Let’s encrypt installation, do you mean the installation of Cells or something else?

B)
If this call: curl https://<YOUR_PUBLIC_URL>/login (with https):

  • does not return anything when executed from the machine that runs Cells,
  • returns the expected content when executed from any machine outside your private LAN,

it usually means that you have a network configuration error: when everything is correctly set, this call returns quite a large page with javascript.
Yet, serving this page does not requires anything else than the Caddy server that is embedded in Cells to be up. ==> it is a public page that does not require authentication.

For the record, the Cells server must be able to reach itself (via the reverse proxy) using the public address for the authentication to work. It is a requirement that is induced by the Dex Server, a third Party library we use to provide the JWT mechanism.

From what I’ve read, I suspect your cells server is on VM in a NATed private VLAN, correct?

C)

Would you please be so kind as to give some more context and details here ?

Regards

#18

It is indeed a networking problem, I didn’t know previously that the cell server must be able to reach itself using the public address for the authentication to work.

Once I settled this networking configuration, everything seems ok now and I am able to login without problems.

Thanks for the help @zayn @bsinou

1 Like