Can't access frontend from local via duckdns and nginx

Hello

I’m running hassbian on an rpi 3.

I’ve been using duckdns and letsencrypt for a while now. Recently I changed from letting HA handle SSL to using NGINX, to make local access smoother. I’ve successfully set it up so that NGINX serves both the HA frontend on port 8123 and the HADashboard on port 5050. Both remote and local access to both ports works fine.

The only problem is that I’m no longer able to access the HA frontend via ducdns when I’m connected to my home network (connection just times out, no error code). I can reach HAdashboard via [myhass].duckdns.org:5060 no matter which network my computer or phone is on, but to reach the frontend via duckdns I need connect via some other network than my home wifi. Weird thing is that it was working for a while, but after some unrelated changes to my haconfig, it was suddenly not…

See NGNIX config below.

Anyone got an idea?

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    # Update this line to be your domain
    server_name [myhass].duckdns.org;

    # These shouldn't need to be changed
    listen [::]:80 default_server ipv6only=off;
    return 301 https://$host$request_uri;
}

server {
    # Update this line to be your domain
    server_name [myhass].duckdns.org;

    # Ensure these lines point to your SSL certificate and key
    ssl_certificate [certdir]/fullchain.pem;
    ssl_certificate_key [certdir]/privkey.pem;
    # Use these lines instead if you created a self-signed certificate
    # ssl_certificate /etc/nginx/ssl/cert.pem;
    # ssl_certificate_key /etc/nginx/ssl/key.pem;

    # Ensure this line points to your dhparams file
    ssl_dhparam /etc/nginx/ssl/dhparams.pem;


    # These shouldn't need to be changed
    listen [::]:443 default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
    ssl on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;

    proxy_buffering off;

    location / {
        proxy_pass http://localhost:8123;
        proxy_set_header Host $host;
        proxy_redirect http:// https://;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
    }
}

# below lines added for HAdashboard

server {
    # Update this line to be your domain
    server_name [myhass].duckdns.org;

    # Ensure these lines point to your SSL certificate and key
    ssl_certificate [certdir]/fullchain.pem;
    ssl_certificate_key [certdir]/privkey.pem;
    # Use these lines instead if you created a self-signed certificate
    # ssl_certificate /etc/nginx/ssl/cert.pem;
    # ssl_certificate_key /etc/nginx/ssl/key.pem;

    # Ensure this line points to your dhparams file
    ssl_dhparam /etc/nginx/ssl/dhparams.pem;


    # These shouldn't need to be changed
    listen [::]:5060 default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
    ssl on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;

    proxy_buffering off;

    location / {
        proxy_pass http://localhost:5050;
        proxy_set_header Host $host;
        proxy_redirect http:// https://;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
    }
}

Pinkywafer video solved it for me:

Home Assistant, DuckDNS and Google TTS: Working