Hello,
I am using HA OS on Raspberry 4. I can log in from my local network, both with a browser and an app.
I have set up an external domain, which I can access over internet.
With my URL http://mydomainname:8123
I am able to display HA login page. However when trying to log in, I am getting error: incorrect username or password.
I have created new user, just to make sure all fits. Still the same. User has login enabled in HA.
Any ideas?
Thanks in advance for any hints.
Regards,
Maciek
did you use proxy server? or pure from HA?
No proxy server. I have enabled port 8123 forwarding on my router. And login page is being displayed
correctly. Somehow HA is not accepting provided credentials.
And I have no clue whyā¦
This is the link I have after trying to log in:
http://domainname:8123/auth/authorize?response_type=code&redirect_uri=http%3A%2F%2Fdomainname%3A8123%2F%3Fauth_callback%3D1&client_id=http%3A%2F%2Fdomainname%3A8123%2F&state=ey
There is some reference to auth_callback, not sure what it isā¦
In settings > General there is also a parameter to specify the external URL. Did you notice this setting? BTW if this works you can add the NGINX Proxy manager add-on to secure you URL.
Did not work.
Adder external_url like
external_url: āhttp://domainname:8123ā
into configuration.yaml, restarted server, still the same. Like HA was trying to get some feedback from meā¦?
Iād suggest using the Caddy 2 add-on in combination with the official Duckdns add-on. Very easy to set up, I can share my Caddyfile when needed.
Is there any way I can check logs for failed login attempts?
Log in locally and select your profile, scroll down and look if tokens are created for your domain.
Thanks, seems the problem was related to my routers set up. Changed port forwarding settings and now I can open HA from internet.
Iām struggling to get this going because of port 80 being used, Iād like to have it us the duckdns addon because itās already using the dns challenge option, which would get around the port issue. Iād be interested in a working caddyfile for an example. Thanks in advance
My Caddyfile looks like this:
{
email [email protected]
}
(common) {
header {
Strict-Transport-Security "max-age=31536000; includeSubdomains"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
Referrer-Policy "same-origin"
-Server
Content-Security-Policy "frame-ancestors your_domain.duckdns.org:12345 *.your_domain.duckdns.org:12345"
Permissions-Policy "geolocation=(self)"
}
}
your_domain.duckdns.org {
import common
reverse_proxy localhost:8123 {
}
Replace the email-address for your own, change your_domain for what you use, donāt change any of the numbers under header, the parts under header will give you better security.
Thanks for the quick reply. Do you have any custom settings in the addon configuration? For some reason Iām getting the following error, ārun: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in useā. Everything is default here, Trying to get this to pull in from the duckdns addon, since itās already successfully doing DNS challenge, if thatās possible. Donāt want to open any ports.
Iām having these settings under Network:
And in my router I have forwarded these two port to the IP of the HA Core server.
Thanks for the answers. I was tying to do the dns challenge and not port forward, if Iām not mistaken and thatās possible. If it isnāt then Iāll definitely set it up via port forwading.
Try asking for help in the Caddy2 topic thatās in an earlier post, the guy that created the add-on, or others in that topic, should be able to help you.
Just wanted to let you know that thanks to your help, itās finally working. I just had to forward 443 to my home assistant server. Thanks again.
Great! Iām glad that I was able to help you 
Can you indicate which of the above posts provided the solution? So that others with a similar problem can find the solution more quickly? As starter of the topic you should be able to tick a solution-box.