Im running Home Assistant on Raspberry Pi using Caddy as reverse proxy (along with a couple of other services)
In Caddy I also configured Caddy with a couple of plugins following this guide: https://kamal.io/blog/securing-internal-services-behind-oauth2-with-caddy
Most of it is working except for some API calls (which for I created a bug report) and google assistant integration is also not working using oauth2 authentication with google in Caddy.
See below for my Caddyfile. If I remove/diable the JWT lines everything works ok, and I can control my HA from my Google Home app. If I enable those lines I cannot connect.
Caddyfile:
auth.xxxxxxx.duckdns.org {
tls [email protected]
redir 302 {
if {path} is /
/ /login
}
login {
google client_id=xxxxxxx.apps.googleusercontent.com,client_secret=xxxxxxx
redirect_check_referer false
redirect_host_file ./redirect_hosts.txt
cookie_domain xxxxxxx.duckdns.org
}
}
hass.xxxxxxx.duckdns.org {
jwt {
path /
redirect https://auth.xxxxxxx.duckdns.org/login?backTo=https%3A%2F%2F{host}{rewrite_uri_escaped}
allow sub [email protected]
allow sub [email protected]
allow sub [email protected]
}
proxy / localhost:8123 {
websocket
transparent
}
}
config.xxxxxxx.duckdns.org {
jwt {
path /
redirect https://auth.xxxxxxx.duckdns.org/login?backTo=https%3A%2F%2F{host}{rewrite_uri_escaped}
allow sub [email protected]
allow sub [email protected]
allow sub [email protected]
}
proxy / localhost:3218 {
websocket
transparent
}
}
nodered.xxxxxxx.duckdns.org {
jwt {
path /
redirect https://auth.xxxxxxx.duckdns.org/login?backTo=https%3A%2F%2F{host}{rewrite_uri_escaped}
allow sub [email protected]
allow sub [email protected]
allow sub [email protected]
}
proxy / localhost:1880 {
websocket
transparent
}
}
Any help would be appreciated!