Duckdns Config Issue - Newbie Help Please

Installation
22

Hello, thank you for the reply, yes

23

Try to type ā€œha net infoā€ on the other screen and press enter and look at the output.

24

Ok done that, seems to be ok enable where it should be I think

25

I dont want to waste anymore time of those good enough to respond so as this is a new system with not much else installed Iā€™m going to start from scratch and see if I can nail down what I have done wrong
Thanks for all the replies
no doubt Iā€™ll be back soon begging for help :wink:

26

You learn a lot from debugging.
Try to do a ā€œtail -f /config/home-assistant.log -n 50ā€ on the ha console.
It will print out the log entries until you press CTRL+C.
The 50 is the number of last lines in the log to show also.

1 Like
27

Ok so I am back to square 1

  1. Reinstalled HA
  2. Added duckdns add-in configured the add-in as per the instructions
  3. Ha restarts all ok - duckdns running
  4. install file editor add line 16 17 18 to YAML Config and save
    config1

5.go to restart and I get this

image

Am I editing the right config file

I have checked the logs for Duckdns and lets encrypt and they look ok without any problems

I must be doing something wrong in the configuration YAML but I can see what I thought I had followed the instructions

28

:man_facepalming:t4:

:grinning_face_with_smiling_eyes:

Letā€™s go back thenā€¦
The error message says the ssl files arenĀ“t there.

  1. Are you sure you have followed all the steps to create the files as per Letā€™s Encrypt instructions?
  2. Do you have all the add-ons running? Can you see any error on their logs?
    2.1. DuckDNS add-on
    2.2. Letā€™s Encrypt add-on
    2.3. NGINX Home Assistant SSL proxy add-on
29

1 yes
2 running, no errors

2.3 NGINX I dont have that installed is that the issue?

Thanks

30

I believe NGINX would help with the problem you had before when you can access externally but not internally, but NGINX will also require the ssl certificate files, so letā€™s focus on that first.
But later I would suggest you installing the NGINX to make your life a bit easier.

Please try this and let me know if you still having the same error message:

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
  • note that in your example you are missing the ā€œ/ā€ between ssl and fullchain.pem.
31

ok will try, thank you

32

rebuilt again :wink:
I found this in the log for lets encrypt
Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound

So I turned off my firewall and got the same message

in duckdns log I get this though
Processing xxxxx.duckdns.org

  • Creating new directory /data/letsencrypt/xxxx.duckdns.org ā€¦
  • Signing domainsā€¦
  • Generating private keyā€¦
  • Generating signing requestā€¦
  • Requesting new certificate order from CAā€¦
  • Received 1 authorizations URLs from the CA
  • Handling authorization for xxxx.duckdns.org
  • 1 pending challenge(s)
  • Deploying challenge tokensā€¦
    OK + Responding to challenge for xxxx.duckdns.org authorizationā€¦
  • Challenge is valid!
  • Cleaning challenge tokensā€¦
    OK + Requesting certificateā€¦
  • Checking certificateā€¦
  • Done!
  • Creating fullchain.pemā€¦
  • Done!

Oh man, almost ready to give on on this way

33

The http: section is fine with the settings you have AS LONG AS the program that creates the certificates actually saves the files there.
Check you guide again for where the certificates are stored.

EDIT: I can see in your picture of your DuckDNS settings that the settings are not the same.

1 Like
34

So, is everything working fine now?

35

Nope afraid not
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound
I get this error in the log of lets encrypt

arrrghhhh :wink:

36

On your router/firewall, make sure the port 80 is mapping to your Home Assistant.

37

If you use DNS challenge, then you need to make a port forward to port 80 on your HA server and that means nothing else can run on port 80 then.
If you can then try to use a DNS challenge instead.

38

thanks both, iā€™ll re check again one last time then Iā€™m moving on to the rest of the setup and Iā€™ll come back to this or another way some other day :wink: