Accessing Home Assistant through Reverse Proxy with custom path

I have a Raspbery Pi running Home Assistant on my local network. I have another configured to run nginx as a reverse proxy for several services–currently webdav and calibre on the same box, and I’m trying to point it at Home Assistant on another. I’m using the DDNS built in to my router so I can’t use additional subdomains.

I think I have everything configured correctly, but all I can get is either a 400 error or 404. Is it because I’m trying to use a path to differentiate between services?

Here’s the location directive I’m using. (The two commented out lines are from various posts here I’ve tried to solve the problem with.) With this configuration I get a 404 error.

    # home assistant proxy
    location /ha/ {
        proxy_set_header X-Forwared-For $remote_addr;
        proxy_buffering off;
        proxy_pass http://192.168.1.14:8123;
        proxy_set_header Host $host;
        # proxy_redirect http:// https://;
        proxy_http_version 1.1;
        # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
    }

I don’t think this is possible.

the /ha dont exist on HA, so i guess a rewrite /ha to / is required. (dont have the syntax at hand, but should be easy retreivable)
or just a / at the end of proxy_pass might do the trick…

should be doable in one way or another

As Francis said, not possible.

So it only works if the Home Assistant instance is accessed at the server root, even though it’s being proxied to another machine?

Yes  

Adding

        rewrite ^/ha/$ / break;

at least got me a Home Assistant blue bar at the top of the page instead of a 404 message, so you might be on to something. If I can figure out the regex enough to pass through the rest of the URL, it might get me somewhere.

Or maybe not; looking in Dev Tools I am getting the main page but everything else it loads is still 404ing and the URLs are not in a common format that lends themselves to rewriting.

So, the ability to add a prefix to the HA path so that it could co-exist on a box with other services would be nice.

Do you absolutely have to do that?

I’m currently shopping for a house, so I’m both avoiding unneeded purchases and not entirely sure of what I’m going to need. I know a domain name isn’t exactly going to break the bank, but right now I’m just experimenting, and waiting until I know exactly what I need before adding complexity. Until now, all I’ve needed is the webdav server.

It’s what I’m currently doing as well. It’s accessible, but I run into limitations as well. This is probably mostly caused by me not understanding how DDNS works exactly.

I’ve also bought a domain name (just that, nothing else behind it, no webhosting package, limited settings I can change).

I wish to be able to use subdomains on my domainname. For instance, I’m running both AdGuard DNS and Vaultwarden in HA containers and would like to access them through dns.mydomain.net and vault.mydomain.net. I have no idea how to do this though. The settings I can change at my host only confuse me.

I’m using an ASUS WRT router (AiMesh) which uses let’s encrypt certs.

I also still don’t understand how to get HTTPS working on my local IP address. Same problem with my QNAP router - I actually locked myself out of it by accidentally enabling ssl without understanding what was required for it to be accessible.

Trust me when I say: All this stuff is not easy when you’re not a (web)dev. :slight_smile:

Who is hosting the domain for you? It’s pretty simple setting a CNAME and an A or AAAA record. I use namecheap to host my domain and they have an API that interacts with Caddy (Reverse Proxy) to get certificates for HA etc. You can also do this with DuckDNS.
It’s pretty trivial to make all this work and I use Caddy instead of NGINX as I find Caddy easy to use and I understand how it works without pages of configuration I don’t understand.

I’ve found the easiest free option is multiple duckdns domains (up to 5 for free) in conjunction with the NGINX supervisor add-on, as it has a fairly simple UI for configuration. On duckdns I have mydomain1.duckdns.org and mydomain2.duckdns.org, and then in the NGINX add-on config I have two proxy hosts, one pointing to HA and the other passing to another server. Certificates are handled by LetsEnrypt and it all works like magic.

you don’t need multiple domains to do that. This is just your inability to configure NGINX correctly.

Sub-sub-domains on duckdns then. My preference is separate domains, not my inability.

then try tthe other option
remove the rewrite and make your config
proxy_pass http://192.168.1.14:8123;
to
proxy_pass http://192.168.1.14:8123/;

Here is a project I’ve done to circumvent the problem. Not the beautiful jowel, but it starts working (the lovelace dashboard shows pretty nicely).

Cheers,

2 Likes