After nginx/duckdns configuration not accessible on internal IP anymore

undee123 · July 22, 2025, 9:00am

Hello everybody,

I have configured HA so that it is accessible from the outside by using duckdns service.
My configuration.yaml looks like this:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24

Nginx configuration was left as it is, and in system->network I set the duckdns address https://myinstallation.duckdns.org:8123, while for internal access I did not change anything (in my case http://2.0.0.10:8123).
External access works perfectly, but when I try to access the internal address http://2.0.0.10:8123 I get this error:

# 400 Bad Request

The plain HTTP request was sent to HTTPS port
---
nginx

When I try to access https://2.0.0.10:8123 I get:
ERR_SSL_UNRECOGNIZED_NAME_ALERT
Well; I thought nginx would forward only the external address, but obviously it looks for the internal requests also. How can I configure it to get internal access from internal IP working?

Thank you very much!!!

WallyR · July 22, 2025, 9:06am

Sounds like your NGinX setup is faulty.

Besides that a 2.x.x.x address is not in a private address range, so you might have issues with some sites in the internet.

undee123 · July 22, 2025, 9:11am

You’re right, 2.x.x.x is not private, but it’s not my real IP, it’s just a dummy address.

This is my nginx configuration:

domain: myinstallation.duckdns.org
hsts: max-age=31536000; includeSubDomains
certfile: fullchain.pem
keyfile: privkey.pem
cloudflare: false
customize:
  active: false
  default: nginx_proxy_default*.conf
  servers: nginx_proxy/*.conf
real_ip_from: []

WallyR · July 22, 2025, 10:52am

We need all the conf files.

undee123 · July 22, 2025, 12:26pm

well, I already posted the extract from the configuration.yaml and the nginx configuration yaml, what else should I post?

WallyR · July 22, 2025, 12:29pm

The servers configs are important.

undee123 · July 22, 2025, 12:48pm

Please excuse my ignorance, but what exactly do you mean by that? I have given the IP of the server, the excerpt from the YAML as well, can you please make your question a little more precise?

What else is important for network accessibility?

WallyR · July 22, 2025, 1:53pm

The NGinX config you posted have a key called servers with a value to a path with extra configs.

undee123 · July 22, 2025, 4:13pm

i think that’s a default option, I do not have any directory called nginx_proxy.

SJ20035 · July 22, 2025, 5:27pm

Are you sure that is how you are getting to the HA server via your external domain name. If so, you are port forwarding 8123 on your router to your Nginx server. Chances are your router is taking all requests for port 8123 and forwarding them to the Nginx server which is why when you use your internal IP it is also getting to the Nginx Server.

Please also note these two lines in your nginx configuration:

  default: nginx_proxy_default*.conf
  servers: nginx_proxy/*.conf

Those are include lines with the first pulling in any config files that start with nginx_proxy_default and the second pulls in all config files in the nginx_proxy sub folder.

Start by looking at these included files for lines that have ‘listen 8123’, which should be ‘listen 443;’. You would then need to check the port forwarding on your router so that port 443 is sent to your nginx server.