DuckDNS - It's not just me - it's you!

I’ve moved on from hass.io (home assistant) to running home assistant core in docker so I can’t add anything to the above, sorry.

Thanks Steve, I’m still researching and trying to resolve. If anyone else can offer some assistance, it would be much appreciated.

I am unsure what config to share (and I am still a little unsure about what is safe to share without giving away detail that should be redacted) in a public forum.

Security :
Your duckdns address merely shows where you live on the Internet, they’d still have to break in. Still it’s best not to give them directions
The ip address is similar so substitute
Your DuckDNS token is your personal token for your instance, don’t share that

Looking at your post may I ask why you put nearly everything in a quote block ?

You want duckdns and nginx for local and remote access ?
May I ask what did not work when you followed my solution post (no 23) in this thread ?

Hi Muttley,

Thanks for your explanation around the security. I will make sure to keep these things private.
Regarding the block quotes, I’m not sure quite what your question is. I was quoting another post to outline what has worked for me and what my issue is since following this configuration.

I have enabled two factor authentication but apart from accepting my token from the authentication application, there was no further instructions to follow - the only change is that it now has an option to disable. I’m validating the rest of your other post against my config now and will report back once complete. Previous attempt following it did not work. It wouldn’t allow me to save the config you’ve shared in my NGINX setup.

:EDIT:

If I use your NGINX config (with my address) I get this error:

not a valid value for dictionary value @ data['options']. Got 
{'domain': 'xxxxxx.duckdns.org', 
'certfile': 'fullchain.pem', 
'keyfile': 'privkey.pem', 
'hsts': 'max-age=31536000; includeSubDomains', 
'customize': {
'active': False, 
'default': 'nginx_proxy_default*.conf', 
'servers': 'nginx_proxy/*.conf'}}

The only difference I can identify is the default config has a line “cloudflare”: false,
This is not in your config

The spacing, new lines, commas, bracket positions are all very sensitive in the config.
Copy mine exactly, then change the duckdns address to your own

So remove the cloud flare thing, get it going first then you know you are not contaminating, when up and running you can make small changes, to get it back in. If it stops working, you did something wrong.

When entering text there ia a Box to enter it, above that box (but below the blue bar) is a row of formatting options : quote, bold, italic … etc. The 10th one in is </>, this is the ‘preformatted text’ quote option you should be using to post configuration

The code I posted is the error, not my configuration as such.
Your duckdns config is formatted as far as I understand ‘correctly’, but the NGINX config is not.

My config is entered as follows:

{
  "domain": "xxxxxxx.duckdns.org",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "hsts": "max-age=31536000; includeSubDomains",
  "cloudflare": false,
  "customize": {
    "active": false,
    "default": "nginx_proxy_default*.conf",
    "servers": "nginx_proxy/*.conf"
  }
}

The log reads clean:
[19:44:18] INFO: Running nginx…

But i can’t access home assistant when connected to my local network. The only connection that works is remote connection.
If I change my configuration.yaml so that “http:” is commented out as per your step 12 (ie add the #) it works locally, but I can’t access remotely.

Remote access config only

http:
  base_url: xxxxxxx.duckdns.org
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

Local access config only:

#http:
  #base_url: xxxxxxx.duckdns.org
  #ssl_certificate: /ssl/fullchain.pem
  #ssl_key: /ssl/privkey.pem

Thanks for your assistance, it’s really appreciated and I know from your first few posts in this topic, you were suffering before it worked.

You don’t need remote access config, it’s handled by nginx

Hey so you’ve taken my remote access attempts further than any other forum post or guide so thank you for that (I also started on the Juan guide).

However I’m still getting https SSL connection error. I can connects through just mysite.duckdns.org or http://mysite.duckdns.org.

I can still access it locally so no issues there. I’ll post my config

{
  "domain": "mysite.duckdns.org.",
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem",
  "hsts": "max-age=31536000; includeSubDomains",
  "cloudflare": false,
  "customize": {
    "active": false,
    "default": "nginx_proxy_default*.conf",
    "servers": "nginx_proxy/*.conf"
  }
}

Last hurdle is just making sure this connection is secure.

I’m sorry, you’ve lost me.
You say you can connect locally and you can connect through duckdns.
That’s it, that’s the whole shebang, what else is there ?

Edit: looking at what you have posted you seem to have a superfluous “.” remove it.

Should be : -
“domain”: “mysite.duckdns.org

I can only connect through http, https gives me an error and when I connect without either it says that it’s not a secure connection.

Thanks I’ll try that out!

Eh ? You said you could ?

Yes, I can connect but only through a non secure connection. My browser on the remote machine says the connection is insecure.

I’m trying to make sure I’m connecting through https:// and when I do try to connect with the https it says the site can’t provide a secure connection. ERR_SSL_PROTOCOL_ERROR.

So to iterate, local access works, HTTP remote works but I want to make sure the connection it HTTPS and secure.

HTTPS doesn’t and that’s the problem.

Thanks for the patience man I’ve been pulling my hair on this all week.

Thank you so much…this has been a problem for me for many months…finally resolved!!

So, just to confirm, you followed the above instructions to the letter and you have neither an http: entry nor an https: entry in your configuration.yaml ?

Hi , I am wondering if you found any solution for this problem? I have the exact same issue. My remote duckdns connection works, but locally stopped working few weeks ago and I can not make it to work locally !

So I shall ask you the same question I asked Pavle : - Have you got an http; or https: entry in your configuration ?

Yes I do , without those my HA does not load at all.

Well, as I explained in the instructions, I don’t have either and mine works fine.

I did not have any further success trying to replicate Mutt’s configuration. Retaining the https allows me to access through my duckdns address from all locations so I gave up trying any further.

I’ve since signed up to the Nabu Casa cloud service.

hello, I am running home-assistant on docker container on raspi 3. i can access HA from outside n/w using “http” but can’t get “https” to work. it throws webhook client error. anybody successfully setup ssl on docker container on raspberry pi 3 ? would you mind sharing instructions. thanks in advance.