I have successfully used DuckDNS for a few months. Recently I couldn’t get to the UI at https://xxxx.duckdns.org:8123. I tried the IP address and it worked (although the browser complained).
The log file stated there was an issue on base_url
2021-04-13 08:53:28 WARNING (MainThread) [homeassistant.components.http] The 'base_url' option near /config/configuration.yaml:85 is deprecated, please remove it from your configuration
so I disabled that. However I still can’t logon via the domain; gives me the message Unable to connect to Home Assistant followed by Retry gives the error 403: Forbidden. It works via the IP Address. The log file looks like this. The message on certificate renewal seems confusing given it’s valid until 6 Jun. Also I understand that certificate renewal happens automatically, right:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[services.d] done.
# INFO: Using main config file /data/workdir/config
+ Account already registered!
[08:41:17] INFO: OK
xx.xx.xx.xx
NOCHANGE
[08:41:18] INFO: Renew certificate for domains: xxxxx.duckdns.org and aliases:
# INFO: Using main config file /data/workdir/config
Processing xxxxx.duckdns.org
+ Checking domain name(s) of existing cert... unchanged.
+ Checking expire date of existing cert...
+ Valid till Jun 6 14:22:30 2021 GMT Certificate will not expire
(Longer than 30 days). Skipping renew!
[08:46:17] INFO: OK
xx.xx.xx.xx
NOCHANGE
Looked at the config and the token matches the one on duckdns.org. Any ideas?
I just realised that I can’t connect to https://xxxx.duckdns.org:8123 when I’m on the local LAN but it’s ok when connecting from outside the LAN, say from a mobile. Again nothing has changed on my router config other than having upgraded HA as new releases are available.
Came back to this as I’m puzzled as to why this stopped working. In summary: https://xxxx.duckdns.org:8123 work from outside the LAN but not on the LAN http://192.168.2.xx:8123 works on the LAN but the browser complains that it’s not a secure connection
DuckDNS config is ok and there are no issues in the log file
Port forwarding setup and not changed since the first [successful] setup.
When accessing the DuckDNS URL I get the error above and when clicking ‘Retry’ the URL https://xxxxxxx.duckdns.org:8123/lovelace comes up with a Error ‘403: Forbidden’
The fact tmrha.duckdns.org isn’t resolved is because you router doesn’t support it.
if you try to ping tmrha.duckdns.org from local network you will notice it will use your external IP.
What you need is a hairpin DNS…f.e. NGIX, that would solve it
Not many routers support hairpin dns. Also it needs to be specifically configured for your needs, so if you haven’t made any changes in your router recently, I don’t think this has ever been working.
I myself don’t use DuckDNS, but I manage both my global DNS server, as well as my local DNS server.
If you just want to access xxxx.duckdns.org:8123 from one or more Windows computers, you can modify the Windows host file to point xxxx.duckdns.org to your internal ip-address.
If you want phones to access xxxx.duckdns.org too, you could install something like pihole to redirect it to your internal ip-address, as it it impossible to access/modify the android or ios host file.
Ok, so I spent some time with the support folks at Ubiquiti (I have a Dream Machine). In their words hairpin DNS is not supported on the UDM so I’m stuck.
The idea of updating hosts files etc. doesn’t work for me as we have Android and iOS devices on the network as well as Windows machines.
Are you saying I could use NGINX? There’s an add-on on Home Assistant but all the notes/instructions seem to point to using this add-on to gain access to Home Assistant from outside the network which is something I can do already.
Could I use NGINX to resolve https://tmrha.duckdns.org on the local network to the IP address it runs on? How would I configure this? Is this a proxy host or a redirection host?
When I ping xxxxx.duckdns.org from a command line of a PC on the LAN I still get the WAN address of xxxxx.duckdns.org. I would expect this to point to the local IP 192.168.2.99
I read in another post that I have to make the home assistant (i.e. 192.168.2.99) one of the DNS servers which I have done
