Cannot access Pi-Hole UI through Duckdns

Just installed the Pi Hole add on on my Pi running Hassio.

It installed fine, I did not amend any settings in the config and started PiHole. When I tried to access the web ui I got an error message. Looking on here it looks like because I need to access my HA through Duckdns I need to add my address to virtual host so I amended my config to:

{
“update_lists_on_start”: false,
“ssl”: true,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”,
“interface”: “”,
“ipv6”: true,
“ipv4_address”: “”,
“ipv6_address”: “”,
“virtual_host”: “https://myduckdnsaddress.duckdns.org”,
“hosts”: []
}

restarted PiHole and I get this error when trying to go to the UI:

Failed Host Check: myduckdnsaddress.duckdns.org vs 192.168.1.117, , a0d7b954-pi-hole.local.hass.io, pi.hole, localhost, hassio, hassio.local, https://myduckdnsaddress.duckdns.org

I am sure its something I have not done / am doing wrong but not sure what.

Pi Hole log:

Log
[s6-init] making user provided files available at /var/run/s6/etc…exited 0.
[s6-init] ensuring user provided files have correct perms…exited 0.
[fix-attrs.d] applying ownership & permissions fixes…
[fix-attrs.d] permissions: applying…
[fix-attrs.d] permissions: exited 0.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts…
[cont-init.d] 00-banner.sh: executing…

Hass.io Add-on: Pi-hole
Network-wide ad blocking using your Hass.io instance

Add-on version: 4.0.0
You are running the latest version of this add-on.
System: HassOS 2.12 (armv7 / raspberrypi3)
Home Assistant version: 0.101.2
Supervisor version: 195

Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.

[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing…
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] nginx.sh: executing…
[cont-init.d] nginx.sh: exited 0.
[cont-init.d] patches.sh: executing…
[cont-init.d] patches.sh: exited 0.
[cont-init.d] pihole.sh: executing…
[✓] Password Removed
[cont-init.d] pihole.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[12:23:23] INFO: Starting PHP-FPM…
[12:23:23] INFO: Starting Pi-Hole FTL…
[2020-01-16 12:23:23.713 728] Using log file /var/log/pihole-FTL.log
[2020-01-16 12:23:23.713 728] ########## FTL started! ##########
[2020-01-16 12:23:23.713 728] FTL branch: master
[2020-01-16 12:23:23.713 728] FTL version: v4.3.1
[2020-01-16 12:23:23.713 728] FTL commit: b60d63f-dirty
[2020-01-16 12:23:23.713 728] FTL date: 2019-05-25 21:37:26 +0200
[2020-01-16 12:23:23.713 728] FTL user: pihole
[2020-01-16 12:23:23.714 728] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2020-01-16 12:23:23.714 728] SOCKET_LISTENING: only local
[2020-01-16 12:23:23.714 728] AAAA_QUERY_ANALYSIS: Show AAAA queries
[2020-01-16 12:23:23.714 728] MAXDBDAYS: max age for stored queries is 365 days
[2020-01-16 12:23:23.714 728] RESOLVE_IPV6: Resolve IPv6 addresses
[2020-01-16 12:23:23.714 728] RESOLVE_IPV4: Resolve IPv4 addresses
[2020-01-16 12:23:23.714 728] DBINTERVAL: saving to DB file every minute
[2020-01-16 12:23:23.714 728] DBFILE: Using /etc/pihole/pihole-FTL.db
[2020-01-16 12:23:23.714 728] MAXLOGAGE: Importing up to 24.0 hours of log data
[2020-01-16 12:23:23.714 728] PRIVACYLEVEL: Set to 0
[2020-01-16 12:23:23.715 728] IGNORE_LOCALHOST: Show queries from localhost
[2020-01-16 12:23:23.716 728] BLOCKINGMODE: Null IPs for blocked domains
[2020-01-16 12:23:23.716 728] ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2020-01-16 12:23:23.716 728] DBIMPORT: Importing history from database
[2020-01-16 12:23:23.716 728] PIDFILE: Using /var/run/pihole-FTL.pid
[2020-01-16 12:23:23.716 728] PORTFILE: Using /var/run/pihole-FTL.port
[2020-01-16 12:23:23.716 728] SOCKETFILE: Using /var/run/pihole/FTL.sock
[2020-01-16 12:23:23.716 728] WHITELISTFILE: Using /etc/pihole/whitelist.txt
[2020-01-16 12:23:23.716 728] BLACKLISTFILE: Using /etc/pihole/black.list
[2020-01-16 12:23:23.716 728] GRAVITYFILE: Using /etc/pihole/gravity.list
[2020-01-16 12:23:23.716 728] REGEXLISTFILE: Using /etc/pihole/regex.list
[2020-01-16 12:23:23.717 728] SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[12:23:24] INFO: Starting NGinx…
nginx: [alert] detected a LuaJIT version which is not OpenResty’s; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty’s LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
[2020-01-16 12:23:23.717 728] AUDITLISTFILE: Using /etc/pihole/auditlog.list
[2020-01-16 12:23:23.717 728] MACVENDORDB: Using /etc/pihole/macvendor.db
[2020-01-16 12:23:23.717 728] PARSE_ARP_CACHE: Active
[2020-01-16 12:23:23.718 728] Finished config file parsing
[2020-01-16 12:23:23.720 728] Database version is 3
[2020-01-16 12:23:23.720 728] Database successfully initialized
[2020-01-16 12:23:23.721 728] Imported 0 queries from the long-term database
[2020-01-16 12:23:23.722 728] -> Total DNS queries: 0
[2020-01-16 12:23:23.722 728] -> Cached DNS queries: 0
[2020-01-16 12:23:23.722 728] -> Forwarded DNS queries: 0
[2020-01-16 12:23:23.722 728] -> Exactly blocked DNS queries: 0
[2020-01-16 12:23:23.722 728] -> Unknown DNS queries: 0
[2020-01-16 12:23:23.722 728] -> Unique domains: 0
[2020-01-16 12:23:23.722 728] -> Unique clients: 0
[2020-01-16 12:23:23.722 728] -> Known forward destinations: 0
[2020-01-16 12:23:23.722 728] Successfully accessed setupVars.conf
[2020-01-16 12:23:24.323 728] WARNING: Unable to write PID to file.
[2020-01-16 12:23:24.323 728] Continuing anyway…2020/01/16 12:23:37 [error] 774#774: *1 FastCGI sent in stderr: “PHP message: PHP Warning: error_log(/var/log/lighttpd/error.log): failed to open stream: No such file or directory in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 17” while reading response header from upstream, client: 172.30.32.2, server: a0d7b954-pi-hole.local.hass.io, request: “GET / HTTP/1.1”, upstream: “fastcgi://127.0.0.1:17276”, host: “myduckdnsaddress.duckdns.org”, referrer: “https://myduckdnsaddress.duckdns.org/hassio/ingress/a0d7b954_pi-hole
[16/Jan/2020:12:23:37 +0000] 200 91.208.239.126, 172.30.32.1(172.30.32.2) GET / HTTP/1.1 (Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36)
2020/01/16 12:26:25 [error] 774#774: *3 FastCGI sent in stderr: “PHP message: PHP Warning: error_log(/var/log/lighttpd/error.log): failed to open stream: No such file or directory in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 17” while reading response header from upstream, client: 172.30.32.2, server: a0d7b954-pi-hole.local.hass.io, request: “GET / HTTP/1.1”, upstream: “fastcgi://127.0.0.1:17276”, host: “myduckdnsaddress.duckdns.org”, referrer: “https://myduckdnsaddress.duckdns.org/hassio/ingress/a0d7b954_pi-hole
[16/Jan/2020:12:26:25 +0000] 200 91.208.239.126, 172.30.32.1(172.30.32.2) GET / HTTP/1.1 (Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36)

Are you attempting to access via your local IP? 192.168.1.117

Try again by log in to HA via your duckdns address.

I can only log in to HA through Duckdns so am currently connected to HA through Duckdns. Installed the addon while logged in through duckdns and have set my config for the addon to be as below. I click on web ui and get the error message. Do I need something different in my virtual_host address?

{
  "update_lists_on_start": false,
  "ssl": true,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "interface": "",
  "ipv6": true,
  "ipv4_address": "",
  "ipv6_address": "",
  "virtual_host": "https://myduckdnsaddress.duckdns.org",
  "hosts": []
}

use a proxy so you can access everything via your ip. nginx w/ hassio. Super easy to setup.

Sorry Petro. I do not understand how to do this.

I have never been able to access HA from within my home network by using my IP address, or rather never could after adding Duckdns as then you need to use https not http but it never let me get in, so use Duckdns for HA from home and work.

Are you saying PiHole does not work with Duckdns or just that nginx would make life easier?

nginx would make life easier because you can use your internal IP for everything inside your network. And only use your ddns url for connecting external items.

For example, I use nginx and …

  • pihole is using internal ip
  • appdaemon is using internal ip
  • zoneminder is using internal ip
  • ios is using external url unless on wifi, which then uses internal ip
  • alexa uses external url
  • browser uses external url

Ah I see. Just had a quick look at Nginx and it looks way beyond me at the moment, but might add it to the list for another day.

In the mean time anyone know why I cannot access the Pi Hole WebGUI through Duckdns?

dude, takes 2 seconds. You’re over thinking it.

Install nginx addon from the addon store.

use the following config for the addon

{
  "domain": "your.duckdns.org",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "hsts": "max-age=31536000; includeSubDomains",
  "cloudflare": false,
  "customize": {
    "active": false,
    "default": "nginx_proxy_default*.conf",
    "servers": "nginx_proxy/*.conf"
  }
}

leave 80/tcp: disabled
set 443/tcp: 443

Change your port forward from 443 -> 8123 to 443 -> 443

You’ll have to change some parts of your config to your internal IP instead of DDNS url.

I have not changed any of these, is it right that the top one says disabled? Assuming so as it says its not required for Hassio

image

Ah ok. I will do that when I get home. At work so cannot add the port forwarding rules.

Once thats done then I can access HA at home using Https://my ip:443?

internal

http://ip:8123

external

https://your.duckdns.org

1 Like

I remember seeing similar error when I was configuring my HassIO. IIRC that was due to me accessing HA via internal IP address at home, whereas virtual_host setting had my duckdns address.

But looking at documentation, virtual_host is no longer required…

This is the change:

Hmm, odd that it was taken out but is still there in the config page

image

leaving it blank makes no difference, I still get the error:

Failed Host Check: XXX.duckdns.org vs 192.168.1.117, , a0d7b954-pi-hole.local.hass.io, pi.hole, localhost, hassio, hassio.local

this link is loads when I click on WebUI is:

https://XXX.duckdns.org/hassio/ingress/a0d7b954_pi-hole

Turns out I need XXX.duckdns.org not https://xxx

Thank you so much @frenck

1 Like

Thank you, I had same problem and fixed by doing this