I know the are already many many threads about this topic. But I read a lot of them and still can´t get my HA working as expected.
My Setup is pretty simple: HA OS is running on a odroid-n2 behind a Fritz!Box.
Portforwarding in the router is set up for port 443.
I´ve installed DuckDNS with this config:
domains:
- xxxxxx.duckdns.org
token: xxxxxxxx
aliases: []
lets_encrypt:
accept_terms: true
algo: secp384r1
certfile: fullchain.pem
keyfile: privkey.pem
seconds: 300
Nginx is also set up:
domain: xxxxxxxxxx.duckdns.org
hsts: max-age=31536000; includeSubDomains
certfile: fullchain.pem
keyfile: privkey.pem
cloudflare: false
customize:
active: false
default: nginx_proxy_default*.conf
servers: nginx_proxy/*.conf
Now to the issue I have: I didn´t find a config.yaml that allows me to access HA from the local network and from outside via SSL. I only get one of the two working at the same time.
With this config.yaml acess only SSL access via https://xxxxxxxx.duckdns.org works:
http:
use_x_forwarded_for: true
trusted_proxies:
- 127.0.0.1
- ::1
- 192.168.0.0/24
- 2001:DB8:ABCD::/48
# Paths to your Cert Files
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
# IP Ban
ip_ban_enabled: true
login_attempts_threshold: 5 # the number of failed logins before banning an ip address
with the SSL part commented out only local access via http://homeassistant.local:8123/ works:
http:
use_x_forwarded_for: true
trusted_proxies:
- 127.0.0.1
- ::1
- 192.168.0.0/24
- 2001:DB8:ABCD::/48
# Paths to your Cert Files
#ssl_certificate: /ssl/fullchain.pem
#ssl_key: /ssl/privkey.pem
# IP Ban
ip_ban_enabled: true
login_attempts_threshold: 5 # the number of failed logins before banning an ip address
Anybody got an idea what I am doing wrong?