I’ve setup an account with them, pasted the token into the config file and followed all the steps on many different sites (Juan m tech, bruh, etc) but due to my router (ZTE MF920V) I can’t set a static IP for my raspi. Is this the problem?
I can log into hassio internally with https://(ipaddressfrompi):8123 but not externally with duckdns.
On my duckdns account I’ve put the IP address of my router (the external 1, not 192…)
Really running out of ideas here, any pointers would be really appreciated!
You need to forward your internal ip address & port 8123 to the Internet at port 8123 I do not recall needing to enter an ip address when configuring duckdns.
The fact you can use https internally indicates your Home Assistant is likely set up correctly. You need to forward port 8123 to the Internet on your router.
Forward port 80 to port 80 and forward port 443 external to 8123 internal. Then you won’t need to specify the port :8123 to connect externally. You can also forward 8123 to 8123 but that’s not normally necessary.
Either forward port 443 external to 8123 internal or just forward 8123 external.
There is NO need & can be security issues caused by forwarding the unencrypted port 80.
Depending on the LetsEncrypt used, you need port 80-80 for certificates to be issued. The DuckDNS addon for hassio uses DNS validation but every other method uses http and requires port 80.
Well as I said if you use the DuckDNS addon, it does not use http validation but all other methods do and http validation requires port 80-80 unless that requirement has changed in the individual configurations for venv or hassbian (although I have not heard of that and don’t use either) Even Caddy which I use requires port 80 to be forwarded as does the LetsEncrypt addon for Hass.io. The only addon that doesn’t is DuckDNS that I am aware of.
(Just checked the docs for the LetsEncrypt addon and it requires port 80)
Wow, thanks guys. Off to work now but will try all suggestions the next chance I get.
I know for a fact that I’ve got 8123 ext-int forwarded, 80-8123 ext-int and 443-3218 ext-int setup.
According to both methods this is wrong so back to the drawing board!
The other gem is that it is a mobile router with a sim card so gets a new IP from the ISP more often than most! As I’m sure you’re aware this wreaks havoc with duckdns as I have to enter the new IP each time it changes (fine on the internal side but impossible from afar)
Bruh has a comprehensive video on this https://youtu.be/BIvQ8x_iTNE
but it is based on running home assistant on raspian as opposed to a hass.io OS.
Do you think there is a possibility to perform this with the hass.io setup? (That it reports the new IP back to duckdns as it changes)
Well, after almost giving up a friend who is on the same mobile network as me (3) said that in the online account settings there is a toggle for the number to be accessed externally. I enabled it and voila! It all works.
I’ve currently got ports 8123ext-8123int. 443ext-8123int. and 80ext-80int. I will try it without 80-80 and see if it still works.
Just got rid of 80ext-80int and it seems to have had no effect, still working fine.
just going to try getting rid of 443ext-8123int and see if it still works externally with duck dns address.
Fingers crossed!
Thanks
IF you get rid of that you will need to specify :8123 when accessing externally. Keeping 443 allows you to use just https:// You do not need both entries, IMO
Just tried adding “me.duckdns.org” in the configurators allowed addresses in network settings and the ip address, no joy. I’ll have to dig a little deeper with this methinks!
I think you need to allow all addresses, or at least your network gateway. In hy Hassbian install, thet field is empty.
# Limit access to the configurator by adding allowed IP addresses / networks to
# the list, e.g ALLOWED_NETWORKS = ["192.168.0.0/24", "172.16.47.23"]
ALLOWED_NETWORKS = []
# Allow access to the configurator to client IP addesses which match the result
# of DNS lookups for the specified domains.
ALLOWED_DOMAINS = []
# List of statically banned IP addresses, e.g. ["1.1.1.1", "2.2.2.2"]
BANNED_IPS = []
# Ban IPs after n failed login attempts. Restart service to reset banning.
# The default of `0` disables this feature.
BANLIMIT = 0