Can't connect on DuckDNS

Tags: #<Tag:0x00007fc3eec83098> #<Tag:0x00007fc3eec82fa8>

I’m running Hassio as a Docker container on my Synology NAS, and I’ve recently attempted to setup the Alexa Smart Home Skill based on the guide here

I seem to have set up the DuckDNS add-on properly, as per

My configuration within the add-on reads:

  accept_terms: true
  certfile: fullchain.pem
  keyfile: privkey.pem
token: (token retrieved from DuckDNS)
seconds: 300

However, after I get to the part of the Alexa skill guide about testing the Lambda function on AWS, I get the following error:

  "errorMessage": "2020-04-27T13:09:09.114Z 4c7606b5-6cbe-4167-8b40-f985912d9b11 Task timed out after 3.00 seconds"

with this log output:

START RequestId: 4c7606b5-6cbe-4167-8b40-f985912d9b11 Version: $LATEST
[DEBUG]	2020-04-27T13:09:06.112Z	4c7606b5-6cbe-4167-8b40-f985912d9b11	Event: {'directive': {'header': {'namespace': 'Alexa.Discovery', 'name': 'Discover', 'payloadVersion': '3', 'messageId': '1bd5d003-31b9-476f-ad03-71d471922820'}, 'payload': {'scope': {'type': 'BearerToken'}}}}

[WARNING]	2020-04-27T13:09:08.267Z	4c7606b5-6cbe-4167-8b40-f985912d9b11	Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7fe6032ea750>, 'Connection to timed out. (connect timeout=2.0)')': /api/alexa/smart_home

END RequestId: 4c7606b5-6cbe-4167-8b40-f985912d9b11
REPORT RequestId: 4c7606b5-6cbe-4167-8b40-f985912d9b11	Duration: 3003.16 ms	Billed Duration: 3000 ms	Memory Size: 128 MB	Max Memory Used: 49 MB	Init Duration: 174.82 ms	
2020-04-27T13:09:09.114Z 4c7606b5-6cbe-4167-8b40-f985912d9b11 Task timed out after 3.00 seconds

I’m not entirely sure what to make of it, but it sounds like my DuckDNS setup was not responding, so I went back and looked into it.

I don’t know if I’m supposed to be able to, but should I be able to access my HA instance by entering or, assuming DuckDNS has been set up correctly?

I also came across some articles and advice to add this to configuration.yaml, which I did:

  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

Nothing really changed with these additional config lines, except now I couldn’t access HA even entering the IP address.

Absolutely at a loss here. What did I do wrong? I’ve followed all the instructions in the guides to a T.

Does the order in which I start the Docker containers matter?
I’ve set DuckDNS add-on to auto-on, but it never seems to turn on with Hassio, so I’ve tried starting addon_core_duckdns both before and after Hassio, to no avail.

Any help would be greatly appreciated, thank you!

Your addresses don’t match.
Your cert is configured for (mine is for https//
The other one says https… :8123

You should not need a port
https defaults to port 443
If you’ve set up duckdns then the ssl cert will be be enforced
Do you use nginx ? This will allow local http connection but this conflicts with your http: entry in your config

Also, just to cover all bases. Did you forward port 443 inbound on your router to port 8123 of your HA?

Thanks for the suggestion.

I removed the port from base_url, but I’m still not able to access my frontend from

I did notice that the Docker container for addon_core_duckdns stops if I turn it on, whenever the http: lines are present in configuration.yaml.
I also get a system event notification on Synology DSM that “Docker container addon_core_duckdns stopped unexpectedly”.

I’m not sure about nginx though. Is there somewhere I could check that? This is a pretty clean Synology DSM install, the only packages I’ve got installed are

  • Docker
  • File Station
  • OAuth Service
  • USB Copy
  • Surveillance Station (not even running though, I might uninstall this soon)
  • Media Server
  • Universal Search

Ah no, I haven’t, do pardon my inexperience with this.

I went through the DuckDNS add-on guide and didn’t find any mention of having to port forward.

I’ll give that a try.

I use nginx so I forward 443 to 443

See : -

Thanks! I’ll give these a try in a bit.

Also, just wanted to add that I am already able to remotely access HA through VPN. Would this affect that existing setup or anything?

If you have vpn why are you bothering with duckdns (ah for alexa…)
Sorry I answered myself.
So separate your requirements

Thanks @Mutt, I tried the Nginx plug-in, but apparently it doesn’t play well with Synology as the Synology DNS has its own Nginx running.

But I did make the following changes as suggested throughout this thread:

Updated my configuration.yaml:

  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

I also made sure of @alekseyn’s reminder to forward port 443 to port 8123 of my HA (TCP protocol) on my router.

After these fixes, I managed to access my HA at, but not at (is this right?), and more crucially, not at its local IP.

I’m also getting this in my DuckDNS add-on log.

# INFO: Using main config file /data/workdir/config
ERROR: Lock file '/data/workdir/lock' present, aborting.

Unfortunately, it seems like an issue that others in that thread encountered as well.
Similar to this user, I can only access HA locally if I remove the above lines from configuration.yaml, but then I lose remote access through https instead.

Did you manage to find a solution to this?

Yes that’s right. Without nginx that’s what you’ve got.
You might try ( or whatever your local address is ) but be warned, many can’t access it this way, if you can there will be browser warnings as the cert won’t match the address and finally if you can’t access it locally as above then you won’t be able to access it at all if your Internet is down as your address needs resolution via a dns (usually reachable only via the Internet).
Glad you got something working at least.

Yes, if you read my reference, this was my primary aim, and was accomplished using nginx.

I keep my synology ‘just’ for NAS services

I see… So I’ve already achieved the intended behavior.

In any case, I managed to complete the rest of the Alexa skill setup. Thanks very much for your help!

have similar situation
use settings as here
Dnsmasq+Duck DNS+NGINX Home Assistant SSL proxy + 443 to 443 port forwarding to ha
now i want to add alexa with manul setup witout ha cloud and have same problem with timeout when test

advice with port forwarding 443 to 8123 i cant use because already have 443 to 443
so who can to advice something ?

Hello all

I very new to HA. After a very steep learning curve I managed to get HS supervised on debian 10 installed running and i started the configuration process
I come from a vera solution on which i would like to improve some scenes that vera does not support completely.

Therefore I’m going the HA route.

One of the functionality i would like to implement is to access HA from my phone when i’m not at home.

I read that for this i needed to configure Duckdns

I do have a token and a domain a********
I am on a asus rt ac87u router and i configured port forwarding (asus support confirmed that i have configured it correctly)
Initially I used this documentation to configure duckdns in HA to no avail

Because this new territory for me and is a steep learning curve i use baby steps to move forward.

When I open chrome and type https://a*****
I always get a timed out error.

I would like to resolve this before moving forward with the integration to HA

Thank you in advance for your time, patience and for responding .

have you tried to connect with your public IP to your home assistant?

Thank you for your prompt reply

Sorry i do not know exactly what you mean.

I thought that by using my would work I also tried to use the IP address generated by duckdns With 8123 as a port and without no joy

BTW I have deleted the duckdns configuration i had in HA

yes, what I mean is if you can use the ip that you see in duckdns to access your home assistant and if this is the correct IP

yes i did. and i even tried to update the duckdns environment again no success