I think I just got things working again, but I’m not sure exactly what the solution (or problem) was. I’m on the latest versions as of 2 days ago. Thankfully I could still access the front end, and even perform the latest Hass.io upgrade from that, but I would like to know how to use this terminal you’re referring to? (Mac OS Terminal? what commands?)
Uninstalled DuckDNS add-on
Uninstalled SSH
Uninstalled Samba
removed port forwarding
deleted the known_hosts file from my machine
rebooted Pi
started reinstalling add-ons
suddenly my Samba shares showed up and I can access them. added back other things I had removed.
I’m leaning toward problems somehow stored in my known_hosts file, as when I deleted that it seemed to resolve lot of scary SSH and browser “invalid certificate” errors I was seeing, as well as fixing SSH and Samba.
Oh, I tried to configure that when I couldn’t access my Pi, but it required a port setting I couldn’t change without access to my Pi, or something like that. It seemed like a chicken/egg problem. I may set that up as a fall-back now that I have access again.
Ill try uninstalling everything and install again, but it seems that is something wrong on my router, also i read other threads with a lot of people having problems, some solved with cocatening their certificates on lets encrypt, does anyone here tried to install lets encrypt? Ill also try to use another dns domain
I don’t see it written anywhere in the instructions I’m following to forward all those ports. In fact, it only mentions “the port you listed in your configuration (8123 in the example above)”, and doesn’t mention what other port to forward. It was only trial and error and searching that told me to try 443. Maybe we’re not using the same instructions, but I also see a lot of others struggling to understand all the steps, so I was hoping to see what you followed and understand if I’m missing anything else (its working with just the one port forwarded so far).
Here’s what I’m following:
Can you share the instructions are you following?
[EDIT: Maybe its that I’m using Hass.io and the DuckDNS add-on which includes Let’s Encrypt automatically, vs. installing DuckDNS and Let’s Encrypt on another form of HASS installation? Maybe fewer ports are required in my setup as a result, but it still is not clear because it doesn’t give much detail in the instructions]
I would follow the steps @derikj outlined above in his post. You shouldn’t have to install Let’s Encrypt at all, as it is included in the DuckDNS Add-On that was designed for Hassio, and you even configure it in the same Options screen.
I believe the issues I was having with SSH and Samba were mostly related to a messed up “known_hosts” file on my Mac. When I deleted that (backed it up), along with re-installing all the add-ons and deleting/re-adding my one port forwarding as well, it seemed to clear up all my problems.
Got it. I’ve never seen that post before. It appears those instructions have been superseded (at least for those of us using the Hass.io installation). They certainly provide better detail than the “new instructions”.
From the post you included I followed the first link under DuckDNS (Home-assistant.io guide) and ended up here:
The first thing on that page says, “these instructions are out of date”, and points to a newer blog post:
These talk about a “breakthrough” and the development of an Add-On for Hass.io. The first comment on this blog post mentions port forwarding steps left off the instructions. In the More Information section of the blog post, the third bullet is DuckDNS Add-On, which takes you back to the page I shared above.
So full circle.
Thanks for sharing that source. It cleared up some mysteries for me.
I never followed that guide that is superseeded. I followed the very first link “Guide: How to set up DuckDNS, SSL and Chrome Push Notifications”
I am running the RPi all-in-one installer and I set this up a month or so ago and it was the best instructions I found at that point. I’m not using hass.io so it wasn’t autro-installed for me. I also didn’t use the duckDNS part as that is covered already by my router so I only followed on from LetsEncrypt which took what seemed an ETERNITY to install (think hours) but I just let it run and it all worked perfectly with very little grief.
I did the same installation but still doesnt work, I mean i can sometimes access inside my network mydomain.duckdns.org, but not outside, as I said before i was able to send ifttt trigger from my hass.io but cant receive a webhook.
Inside my network I use: https://hassio.local:8123. Outside my network I use: https://my-domain.duckdns.org (though it also works from inside). I usually take my phone of wi-fi to just cellular to test “outside the home” access. If you can access https://my-domain.duckdns.org from inside, then it seems DuckDNS/Let’s Encrypt, at least as far as your configuration settings, is working, as you’re using an https address. If you still can’t from outside, then that seems to point to router configuration. I would focus attention on that.
For your Hass.io setup I would do just one router port forward: forward external port 443 to internal port 8123.
I haven’t tried ifttt or other external services yet, so it is possible those may take additional work, but maybe you can start with just getting the web front end working…
Im almost certain that something is blocking my ports from outside, i can access inside my network from my https://myip:8123 and sometimes with mydomain.duckdns.org, but mostly of the times when i use my domain it fails, and no response outside my network, i’ve already forward my ports but when i test with sinple port tester it gets no response theres any chance something in my router is blocking?
Being able to get out to IFTTT means nothing - you can do that without letsencrypt or duckdns. It’s the inwards that is the problem.
It seems to me that your port forwarding is not working correctly. You must have 8123 forwarded as a minimum and probably need to use myduck.duckdns.org:8123 to access.
if it fails to get a response ‘sometimes’ that indicates to me that duckdns is not updating your current IP and resolving that to your router. Try this command when it won’t connect:
ping mydomain.duckdns.org
That will tell you your domain ip address and if it is connecting. The IP should be the same as your router says your internet IP is
I have reinstalled my DuckDNS addon and run the script as you suggest and this works fine. However the reason I installed it was the LetsEncrypt app would not renew my certificate and would have errors in the log…I had only 17 days remaining on the certificate life…
Now I am using DuckDNS the logs have indicated the
INFO: Using main config file /data/workdir/config
Processing ******.duckdns.org
Signing domains…
Creating new directory /data/letsencrypt/******.duckdns.org …
Generating private key…
Generating signing request…
Requesting challenge for ******.duckdns.org…
OK + Responding to challenge for *****.duckdns.org…
OK + Challenge is valid!
Requesting certificate…
Checking certificate…
Done!
Creating fullchain.pem…
Done!
but when I look at the certificate expiry date using this in configuration.yaml
I´ve just found out that my problem is my let´s encrypt, I can access my hass.io outside my network vi http://mydomain.duckdns.org, but when I set let´s encrypt toghther it fails my last error was startin version 3.2.2 #info: using main config file /data/wordir/config error: lock file ´/data/workdir/lock´present, aborting, any clue?
