I have installed the new duckdns add on and made an account on duckdns website. Must I also install from this website?
No, there’s nothing else to install.
You will need to forward your chosen TCP port (for example 8123) on your router to your HA server, you can find guides on this at PortForward.
I stil get errors when checking config.
I have forwarded 443 > 8123 to 192.168.1.120
Duckdns options are:
{
“lets_encrypt”: {
“accept_terms”: true,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”
},
“token”: “c6d8d8d2-d2f8-4e1b-9ff1-4db5777xxxx”,
“domains”: [
“https://xxxx.duckdns.org”
],
“seconds”: 300
}
Logs
starting version 3.2.2
INFO: Using main config file /data/workdir/config
- Account already registered!
Fri Oct 27 19:31:02 CEST 2017: KO
INFO: Using main config file /data/workdir/config
Processing https://xxxx.duckdns.org
- Signing domains…
- Generating private key…
Config:
http:
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
base_url: xxxx.duckdns.org
api_password: !secret api_passwordPlease format your post correctly, as explained in the big blue box at the top of every page (use the </> button once you’ve selected the configuration or log lines.
What are those errors?
try to put :8123 after your base_url
Now config OK - no errors. - But I can only go to HA via my local network.
Log from duckdns addon says:
Logs
starting version 3.2.2
# INFO: Using main config file /data/workdir/config
+ Account already registered!
Fri Oct 27 19:31:02 CEST 2017: KO
# INFO: Using main config file /data/workdir/config
Processing https://xxxxx.duckdns.org
+ Signing domains...
+ Generating private key...
+ Generating signing request...
end of string encountered while processing type of subject name element #1
problems making Certificate Request
Fri Oct 27 19:36:23 CEST 2017: KO
Fri Oct 27 19:41:24 CEST 2017: KO
Fri Oct 27 19:46:25 CEST 2017: KO
Fri Oct 27 19:51:26 CEST 2017: KO
Fri Oct 27 19:56:27 CEST 2017: KO
Fri Oct 27 20:01:29 CEST 2017: KO
Fri Oct 27 20:06:30 CEST 2017: KO
Fri Oct 27 20:11:31 CEST 2017: KO
Fri Oct 27 20:16:32 CEST 2017: KOI´m with the same problem, I was able to set a trigger on ifttt but I´m not being able to access outside my network
Now there are again errors in config:
Failed config
http:
api_password: xxxxxx
base_url: xxxxxx.duckdns.org
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
General Errors:
- Setup failed for http: Invalid config.
- Unable to setup dependencies of api. Setup failed for dependencies: http
- Setup failed for api: Could not setup all dependencies.
- Unable to setup dependencies of websocket_api. Setup failed for dependenci es: http
- Setup failed for websocket_api: Could not setup all dependencies.
- Unable to setup dependencies of history. Setup failed for dependencies: ht tp
- Setup failed for history: Could not setup all dependencies.
- Unable to setup dependencies of frontend. Setup failed for dependencies: a pi, websocket_api
- Setup failed for frontend: Could not setup all dependencies.
- Unable to setup dependencies of config. Setup failed for dependencies: htt p
- Setup failed for config: Could not setup all dependencies.
- Unable to setup dependencies of tts. Setup failed for dependencies: http
- Setup failed for tts: Could not setup all dependencies.
- Unable to setup dependencies of logbook. Setup failed for dependencies: fr ontend
- Setup failed for logbook: Could not setup all dependencies.
- Unable to setup dependencies of conversation. Setup failed for dependencie s: http
- Setup failed for conversation: Could not setup all dependencies.
Successful config (partial)
http:
Now I can only go to HA with this:
http:
#ssl_certificate: /ssl/fullchain.pem
#ssl_key: /ssl/privkey.pem
base_url: xxxxxx.duckdns.org
api_password: !secret api_passwordI have testet it - no result
Before that, the actual error message should be displayed.
These are errors in your DuckDNS log file. It should be “OK” not “KO”
Thank you - After removing “https://” it is now OK in Duckdns options and no errors in configuration.yaml.
But still I can only go to HA via my local network
boej,
I think all you have to do is to login to your router -> Firewall --> Port Forwarding and forward WAN port 443 to LAN 8123 for the IP address of your Raspberry PI (or what ever HA is running ON).
I don’t know why this is not mentioned in the add-on documentation. It claims port forwarding is not necessary.
I think 443 is the default incoming port used for https.
(Maybe there is a way to switch to port 8123 by adding 8123 to various files and forward 8123 to 8123. I have not been able to get this working.)
I had more problems to access HA internally.
I use:
https://xxxx.duckdns.org:8123
To access HA using Safari on my iPhone. I had to install the Dnsmaq Add-on with forwarding xxxx.duckdns.org to the IP address of my Raspberry PI.
here is a configuration.yaml segment. Note that I don’t use the base_url token.
http:
api_password: !secret api_password
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
Still only local access to HA
Div Port Check programs (windows programs) tells that port 8123 is closed. But I do not know if they are reliable.
Take a look at this article:
It does not totally apply to hass.io but it shows some debug steps.
I suggest to comment out the ssl* lines in configuration.yaml, port forward 8123 to 8123
and try external access without SSL ie use http.
This is step 2 in the reference.
If this does not work get someone else’s help for your router, firewall or security software.
Edit:
I did discover that if you put
base_url: xxxx.duckdns.org:8123
in configuration.yaml
You must forward 8123 to 8123 on your router (NOT 443) and
use
https://xxxx.duckdns.org:8123
to access externally.
Graham S
Many thanks for your help. The problem is now resolved. It turned out that my ISP, STOFA.DK does not allow port forwarding when you have dynamic IP. So now I have got static IP address, - so now it’s running!