I have NGINX access to Home Assistant Container working fine with Home Assistant running in Host Network mode. I’m using the SWAG docker container and there is more about it on this thread with sample composes, configs, and instructions - Nginx Reverse Proxy Set Up Guide – Docker . The important key here is that as @koying pointed out above you need to reference the whole IP of the host machine and then add :8123 in you NGINX config. For example in the nginx config pasted below you reference home assistant by http://192.168.0.184:8123. Because of host networking mode you cannot reference it by docker container name, and since Home Assistant is not a part of the docker network you cannot reference it by the docker IP either. When you use Host network mode, it’s as if the container is running on the “bare metal” of the host machine from a networking perspective. You have to spell out the whole IP of the machine it is running on in your nginx config. Additional configuration is necessary in nginx to allow websocket connections that Home Assistant relies on as well, which is in the example below too. The example has Home Assistant running on a subdomain from duckdns using SSL and a letsencrypt cert, accessible by https://hass.yourduckdnsname.duckdns.org
## Version 2020/05/23 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/default
# redirect all traffic to https
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name mydomain.duckdns.org;
return 301 https://$host$request_uri;
}
# main server block
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
root /config/www;
index index.html index.htm index.php;
server_name mydomain.duckdns.org;
# enable subfolder method reverse proxy confs
include /config/nginx/proxy-confs/*.subfolder.conf;
# all ssl related config moved to ssl.conf
include /config/nginx/ssl.conf;
# enable for ldap auth
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
# enable for geo blocking
# See /config/nginx/geoip2.conf for more information.
#if ($allowed_country = no) {
#return 444;
#}
client_max_body_size 0;
location / {
try_files $uri $uri/ /index.html /index.php?$args =404;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
### HOMEASSISTANT ##############################################################
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name hass.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app homeassistant;
set $upstream_port 8123;
set $upstream_proto http;
proxy_pass http://192.168.0.184:8123;
}
location /api/websocket {
resolver 127.0.0.11 valid=30s;
set $upstream_app homeassistant;
set $upstream_port 8123;
set $upstream_proto http;
proxy_pass http://192.168.0.184:8123;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
# enable subdomain method reverse proxy confs
include /config/nginx/proxy-confs/*.subdomain.conf;
# enable proxy cache for auth
proxy_cache_path cache/ keys_zone=auth_cache:10m;