I’m experiencing the very same behavior on the same (and most normal configuration).
First, the URL not reachable:
If internalUrl (= --bind) is not the same as external, it seems the binary does not bind to a socket and my guess is that it fails to generate a certificate and so can not further listen on 443. But then, what would be the proper value for the --bind?
if we set --bind to the value of --external, then the web installer is usable. Still, it sounds wrong because and induce fear about installation security, especially IP address privacy (eg, if behind CloudFlare)
Then the warning:
Warning: no private IP detected for binding broker. Will bind to XXX, which may give public access to the broker.
I’m having hard time understanding the reasons under this message. It even happened when setting --bind to localhost (but see the above issue n°1).
Two notes:
- All machines possess
127.0.0.1|::1 (lo), so why not systematically--bindon this interface for the internalUrl? - Most of the confusion comes from not knowing what are we binding? Internal webservices or external webserver? And if both are configurable, why do we only have one
--bindparameter?
See also the related issues/questions:
Quoting: https://pydio.com/en/docs/cells/v2/debianubuntu-systems
Internal URL: it defines the interface where the internal webserver of the application is bound. It MUST contain a server name and a port, should be of this form :.
External URL: This is the main entry point from the outside world, the address you will communicate to your endusers. It typically differs from the internal URL when you are behind a reverse proxy or in a container.