Qxlkdr
December 14, 2021, 9:13pm
1
I have my own domain so I can access HA via https://hassio.mydomain.com but I can’t access HA via http://homeassistant.local:8123 (via HTTPS) nor local http://192.168.1.183:8123 . However, https://homeassistant.local:8123 works fine, but this will result in a certificate error so this local address will not work in the Home Assistant Companion app for Android. This is because my certificate is generated for mydomain.com . So if I understand this correctly I want to use my local address over HTTP?
This is my config:
http:
server_port: 8123
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
This is my config in HA
What do I need to do to be able to access HA both via:
I have port forwarding enabled (443 → 8123) in my router. This is irrelevant for local accessing.
Any idea?
Thanks in advance.
Qxlkdr
December 14, 2021, 9:36pm
2
Aha, seems that my instance is forcing HTTPS so I would need to use NGINX as a reverse proxy:
In this post, I will explain some of the hidden benefits of using a reverse proxy to keep local connections to Home Assistant unencrypted. Importantly, I will explain in simple terms what a reverse proxy is, and what it is doing under the hood....
Will try it and get back with the result.
XLR-24
December 14, 2021, 10:01pm
3
Use NGINX and this should be the configuration:
http:
# ssl_certificate: /ssl/fullchain.pem
# ssl_key: /ssl/privkey.pem
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
Qxlkdr
December 14, 2021, 10:18pm
4
This is my current setup:
http:
#server_port: 8123
#ssl_certificate: /ssl/fullchain.pem
#ssl_key: /ssl/privkey.pem
use_x_forwarded_for: true
trusted_proxies:
- 127.0.0.1
As I’m running NGINX via HA addon I used 127.0.0.1 as the trusted_proxies .
I can now access HA via http://192.168.1.183:8123 but https://hassio.mydomain.com is now not working. Which port should I open 443 against in the router? I have tried 443 → 8123, 443 → 80 and 443 → 443 but nothing is working.
This is my NGINX config:
What am I missing?
Qxlkdr
December 14, 2021, 10:29pm
5
Ahaaaa, I think I solved it!
Had to listen more closely on you there
This is my config now:
http:
#server_port: 8123
#ssl_certificate: /ssl/fullchain.pem
#ssl_key: /ssl/privkey.pem
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
- 127.0.0.1
I have to use 172.30.33.0/24 as trusted_proxies because:“Note the “-172…” address needs to remain because this is used internally between the OS and the container”
Source: [solved] "Unable to connect to Home Assistant" from WAN (Duck DNS + NGINX) - #35 by dankrill
Then I had to open the port 443 → 443 in my router.
Thanks for all help!
1 Like
