Connecting Android app to HA Installed via docker

This is my very first time using HA.

I installed it via Docker and it works ok. I’m trying to use HA Android app (1.8.0-144) but it doesn’t recognize my HA installation by itself.

I tried to install the integration “mobile app” but I’m receiving the following message " >

Aborted
Open the mobile app to set up the integration with Home Assistant. See the docs for a list of compatible apps.

I also tried to enter the address manually into the app (http://IP:8123) without succes.

I would appreciate your help in resolving this issue.

If you try the http://IP:8123/ from your browser on your phone does it work?

It doesn’t work in my phones browser. I tried using my IP and also the IP that my HA docker installation shows in Portainer.

You can’t use the docker IP address unless you’re using host mode. Docker creates it’s own internal network.

What do you mean by “my IP”? You need to use the IP address of the server running HASS. If it’s not working on your phone then there’s obviously a connection issue. Are you on the same network or are you using your cellular connection? If cellular, you need to set up some kind of dynamic dns (like DuckDNS) to connect to HASS from outside your network.

My phone is connected to the same network as my computer.

“My IP” is the one that I get when typin curl ifconfig.me in terminal + :8123. This one doesn’t work.

I also tried using the ip of the container + :8123 and also doesn’t work.

Ok so that’s your external IP address. Do you have the port forwarded on your router to allow remote connections?

If you’re on the same network, use whatever IP address you use on your computer to access HASS.

Things I’ve tried that haven’t worked:

1. Using my external IP + :8123
2. Use the IP of the container where my HA is + :8123
3. I also tried http://0.0.0.0:8123 which is the address that appears in my browser where I see the HA dashboard

None of the above methods have worked.

As for the port forwarding option, I have some doubts. Which IP should I use, the public IP or the one of the container where HASS runs? The options I can modify in the router are:
IP address:
source port:
dest port:
Protocol:

AEDBEFDA-46BA-4BF5-8C6F-51729812482F959×39 27.9 KB

I’m not surprised none of those options are working as that’s not what you need to be doing. Again, what IP address are you using to access HASS on your desktop/computer? If you don’t know that we have other problems we need to resolve before we can get to setting up the app. Might help if you post your docker command/docker-compose snippet for HASS.

Just so you understand:

1. won’t work because you don’t have a port forward rule set up so your router firewall is preventing the connection.
2. won’t work because that IP address is for the docker network and can’t be reached from outside (ie from your normal network)
3. won’t work because 0.0.0.0 means that the container is listening on ALL ip addresses/ports. It’s not a valid address in and of itself.

Again, the IP address you need to use is the IP address of the SERVER (ie the machine running the docker container). Type ipconfig and post the results here if you don’t know what the server IP address is. Internal addresses are 100% fine to post publicly FYI.

The output of ifconfig (mac version of ipconfig) is 127.0.0.1.
I tried to configure port forwarding with these settings:
IP address: 127.0.0.1
source port: 8123
dest port: 8123
Protocol: TCP

Still unable to open HASS in my phones browser.

Please post the whole output of ifconfig. 127.0.0.1 is the same thing as “localhost” and is not what you need. The IP you need will start with either 10.x.x.x, 172.x.x.x or 192.x.x.x.

Heres the output:

(base) Stevens-MacBook-Pro:~ setegonz$ ipconfig
usage: ipconfig <command> <args>
where <command> is one of waitall, getifaddr, ifcount, getoption, getpacket, getv6packet, set, setverbose
(base) Stevens-MacBook-Pro:~ setegonz$ ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
	inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 
	nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
EHC26: flags=0<> mtu 0
XHC20: flags=0<> mtu 0
EHC29: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=50b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV,CHANNEL_IO>
	ether 10:dd:b1:e9:60:95 
	nd6 options=201<PERFORMNUD,DAD>
	media: autoselect (none)
	status: inactive
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=400<CHANNEL_IO>
	ether a8:bb:cf:04:5e:a0 
	inet 192.168.108.249 netmask 0xffffff00 broadcast 192.168.108.255
	media: autoselect
	status: active
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
	options=460<TSO4,TSO6,CHANNEL_IO>
	ether 82:0a:61:4d:67:00 
	media: autoselect <full-duplex>
	status: inactive
fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 4078
	lladdr 44:fb:42:ff:fe:85:35:9c 
	nd6 options=201<PERFORMNUD,DAD>
	media: autoselect <full-duplex>
	status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=63<RXCSUM,TXCSUM,TSO4,TSO6>
	ether 82:0a:61:4d:67:00 
	Configuration:
		id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
		maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
		root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
		ipfilter disabled flags 0x0
	member: en2 flags=3<LEARNING,DISCOVER>
	        ifmaxaddr 0 port 9 priority 0 path cost 0
	nd6 options=201<PERFORMNUD,DAD>
	media: <unknown type>
	status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
	options=400<CHANNEL_IO>
	ether 0a:bb:cf:04:5e:a0 
	media: autoselect
	status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
	options=400<CHANNEL_IO>
	ether ae:b0:df:36:72:e7 
	inet6 fe80::acb0:dfff:fe36:72e7%awdl0 prefixlen 64 scopeid 0xd 
	nd6 options=201<PERFORMNUD,DAD>
	media: autoselect
	status: active
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
	inet6 fe80::c93b:2c93:9318:1f4d%utun0 prefixlen 64 scopeid 0xf 
	nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
	inet6 fe80::9cdd:380c:f6dc:5dc1%utun1 prefixlen 64 scopeid 0x10 
	nd6 options=201<PERFORMNUD,DAD>
pktap0: flags=1<UP> mtu 0

Try that IP, so 192.168.108.249:8123

If that works, that’s the ip you need to port forward on your router.

Sorry, but don’t port forward anything.

Yeah that is probably the IP adres where you can reach HA. But is it the final destination of HA? Is your MacBook pro going to be connected and running 24/7? I highly doubt it. As long as you are testing HA, don’t open ports to the whole world. Especially not the ones to your non-server workstations. Use HA local for a while, get nabu casa if you want to use it from abroad or get a VPN.

Sorry, I had to say this. I see too many people telling other people just to open up ports everywhere. It makes it all too easy to become a victim of cybercrime. Please stop advising that. Thank you.

I mean…what’s the alternative? A VPN? Reverse proxy? Those are definitely better but based on the posts so far I think that’s way way way beyond OP’s skills at the moment. I guess he could look into NabuCasa as an option but that’s $$ and not everybody has that to spare atm.

Opening a single port absolutely increases the risks of being attacked, sure. But is it likely? IMO not really. Obviously don’t open EVERY port but opening a few select ports isn’t the end of the world.

Ok, I see two assumptions: 1. The skill level, might be true. I don’t know and don’t care. But non the less I would never advise opening a port because that’s just easy. 2. Money, we also don’t know how much he/she is willing to spend on security or ease of use. So let’s not assume that in spite of security either.
If you think opening a port (without knowing the whole setup and take the right security measures) is not such a risk I think you might be surprised what could happen. For one, the IP of the laptop could be dynamic and change. So next time this port might be open on a different device and that might just be his/her washing machine with a webserver running default user/pass. Port scanners on the internet are constantly looking for things like that and right away brute Force their way in there to upload some package that can be used for a botnet attack later on. It’s this ignorence that causes these large botnets to grow so exponentially. Sorry to be harsh about it. It’s nothing personal though. Just trying to make the world less evil.

@frits1980 @fuzzymistborn
First of all, thanks for the help. I got to use the android app that was my initial goal. However, the most important thing is that through your answers I have formulated several questions related to the functioning I want to obtain with HASS and the security I need in the whole system.

You are right my technical level is low. In fact this is my first experience using Docker and also with HASS. But I wanted to do it this way to test the power of HASS without spending money buying another device. I’m not afraid of facing new things. So if you know of any post in this forum or any other link that you recommend me to work using a VPN or “Reverse proxy” it would be very welcome.

True…but the odds of said washing machine using port 8123 are fairly low. Again, not impossible and you’re right that there are security risks but it’s not like we’re opening up 80/443 here.

You’re absolutely right that port forwarding is a risk and that it shouldn’t be done willy nilly. Honestly once I helped @sete get things working I was going to point him towards security practices/further instructions. Was really just trying to get things working.

Just look around the forum here and on Reddit. There’s a LOT of great info out there. Don’t be afraid to test things out but before you start going crazy I would definitely try to get a better understanding of Docker, network/security settings and reverse proxies/vpns.