ERR_EMPTY_RESPONSE Wwhen going to http://192.168.1.10:8123

Klagio · September 6, 2019, 7:41am

Hi, after having many problems, had to uninstall nginx proxy manager, make various changes, now I have the following

Accessing to HASS
https:// xxx.duckdns.org works,
https:// 192.168.1.10:8123 works (after clicking proceed in browser)
http;// 192.168.1.10:8123 gives ERR_EMPTY_RESPONSE

I am currently using
duckDNS addon (letsencrypt to truie)
Caddy


http:
  api_password: !secret api_password
  cors_allowed_origins: 
    - http://192.168.1.10:7080
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
  base_url: !secret base_url

port 80 forwarded to port 8123 of 192.168.1.10
port 443 forwarded to port 8123 of 192.168.1.10

But I wish to access HASS also from http://192.168.1.10:8123

Can you guide me to have this access back?

tom_l · September 6, 2019, 8:32am

Uninstall duckdns. That will delete the SSL certificates.

Klagio · September 6, 2019, 8:38am

I wish to have both access (as was working before something happened yesterday)

http;// 192.168.1.10;8123
https;//myname.duckdns.org

uninstalling duckdns and reinstalling will do?

tom_l · September 6, 2019, 8:40am

No.

Uninstalling duckdns will return http access, reinstalling will disable it.

You can’t have both http and https access simultaneously.

DavidFW1960 · September 6, 2019, 8:44am

Https works so why not use that?

I use Caddy and get https:// to my duckdns and can use http://ip_address:8123 so if you insist on http it can be done but it’s not obvious what the ‘problem’ is?

Klagio · September 6, 2019, 9:40am

was working up to yesterday just fine. Something happened, and I do not know what

Klagio · September 6, 2019, 9:41am

How?

Below my Caddyfile


   https://myname.duckdns.org {      
    tls  /ssl/fullchain.pem /ssl/privkey.pem   {                            
        alpn http/1.1                                                    
    }                                                                    
    proxy / 192.168.1.10:8123 {                                            
        transparent                                                      
        websocket                                                        
    }                                                                    
    log stdout                                                         
    errors stderr                                                      
}


   https://myname-dash.duckdns.org {      
    tls /ssl/fullchain.pem /ssl/privkey.pem {                            
        alpn http/1.1                                                    
    }                                                                    
    proxy / 192.168.1.12:5665 {                                            
        transparent                                                      
        websocket                                                        
    }                                                                    
    log stdout                                                         
    errors stderr                                                      
}

Klagio · September 6, 2019, 9:45am

in the past had various problems either with duckdns or ssl, wish to be able to access, HASSIO HOST, from my LAN also with http, and also from outside my LAN (with a VPN) with http

DavidFW1960 · September 6, 2019, 9:52am

Here is part of mine…

domain.duckdns.org {
    tls {
	    dns duckdns
	}
	log data/requests.log {
	rotate_size 50  # Rotate after 50 MB
	rotate_age  90  # Keep rotated files for 90 days
	rotate_keep 20  # Keep at most 20 log files
	rotate_compress # Compress rotated log files in gzip format
    }
    header / {
    Strict-Transport-Security "max-age=31536000; includeSubdomains"
    X-XSS-Protection "1; mode=block"
    X-Content-Type-Options "nosniff"
    X-Frame-Options "SAMEORIGIN"
    Referrer-Policy "same-origin"
    -Server
}
    proxy / localhost:8123 {
        websocket
        transparent
        header_upstream Authorization {>Authorization}
    }
}

And it works with ip:8123 or https

I’m storing logs and using dns instead of port 80

Klagio · September 6, 2019, 10:12am

I did as per your file, but receive error

Using built-in Caddy: Caddy 0.11.1 (unofficial)
Running Caddy: /usr/sbin/caddy -conf /share/caddy/Caddyfile
2019/09/06 12:11:05 /share/caddy/Caddyfile:3 - Error during parsing: Unsupported DNS provider ‘duckdns’


myname.duckdns.org {
    tls {
	    dns duckdns
	}
	log data/requests.log {
	rotate_size 50  # Rotate after 50 MB
	rotate_age  90  # Keep rotated files for 90 days
	rotate_keep 20  # Keep at most 20 log files
	rotate_compress # Compress rotated log files in gzip format
    }
    header / {
    Strict-Transport-Security "max-age=31536000; includeSubdomains"
    X-XSS-Protection "1; mode=block"
    X-Content-Type-Options "nosniff"
    X-Frame-Options "SAMEORIGIN"
    Referrer-Policy "same-origin"
    -Server
}
    proxy / 192.168.1.10:8123 {
        websocket
        transparent
        header_upstream Authorization {>Authorization}
    }
}

   https://myname-dash.duckdns.org {      
    tls /ssl/fullchain.pem /ssl/privkey.pem {                            
        alpn http/1.1                                                    
    }                                                                    
    proxy / 192.168.1.10:5665 {                                            
        transparent                                                      
        websocket                                                        
    }                                                                    
    log stdout                                                         
    errors stderr                                                      
}

DavidFW1960 · September 6, 2019, 10:19am

You need to build a custom Caddy from their site with the duckdns plugin…

If you do that in the zip file you download, there is a file called caddy (no extension) Rename thatbto caddy.bin and put it in the same folder as the caddyfile and make it executable. Then restart the addon. It’s a later version as well.

(NOTE: Building your own is only a few mouse clicks… really easy,)

Klagio · September 6, 2019, 10:27am

you remember how to get there (with terminal) /share/Caddy, where is this directory?

Running Caddy: /share/caddy/caddy.bin -conf /share/caddy/Caddyfile
env: ‘/share/caddy/caddy.bin’: Permission denied

DavidFW1960 · September 6, 2019, 10:36am

Go one directory up from the file with your configuration.yaml file and there will be a share directory with a caddy folder… it’s the same folder as your caddyfile.

Set the caddy.bin with the same permissions… I think mine is root and make it executable.

The addon… you have to define the env var with your duckdns token like this:

{
  "flags": [
    "-agree",
    "-email",
    "[email protected]"
  ],
  "env_vars": [
    "DUCKDNS_TOKEN=Token-here"
  ]
}

Klagio · September 6, 2019, 10:36am

Ok found


io@ubuntu:/usr/share/hassio/share$ cd caddy
io@ubuntu:/usr/share/hassio/share/caddy$ sudo chmod +x caddy.bin
[sudo] password for io:
io@ubuntu:/usr/share/hassio/share/caddy$

but now a different error
Found custom Caddy: Caddy v1.0.3 (h1:i9gRhBgvc5ifchwWtSe7pDpsdS9+Q0Rw9oYQmYUTw1w=)
Running Caddy: /share/caddy/caddy.bin -conf /share/caddy/Caddyfile
2019/09/06 12:35:19 /share/caddy/Caddyfile:3 - Error during parsing: Setting up DNS provider ‘duckdns’: duckdns: some credentials information are missing: DUCKDNS_TOKEN

where do I pouit the token?

DavidFW1960 · September 6, 2019, 10:37am

Hahahahaha!!! We cross-posted… see above.

Klagio · September 6, 2019, 10:39am

Argh … email has to be the duckdns email?

Found custom Caddy: Caddy v1.0.3 (h1:i9gRhBgvc5ifchwWtSe7pDpsdS9+Q0Rw9oYQmYUTw1w=)
Running Caddy: /share/caddy/caddy.bin -conf /share/caddy/Caddyfile
2019/09/06 12:39:05 /share/caddy/Caddyfile:27 - Error during parsing: Unknown directive ‘flags’


myuname.duckdns.org {
    tls {
	    dns duckdns
	}
	log data/requests.log {
	rotate_size 50  # Rotate after 50 MB
	rotate_age  90  # Keep rotated files for 90 days
	rotate_keep 20  # Keep at most 20 log files
	rotate_compress # Compress rotated log files in gzip format
    }
    header / {
    Strict-Transport-Security "max-age=31536000; includeSubdomains"
    X-XSS-Protection "1; mode=block"
    X-Content-Type-Options "nosniff"
    X-Frame-Options "SAMEORIGIN"
    Referrer-Policy "same-origin"
    -Server
}
    proxy / localhost:8123 {
        websocket
        transparent
        header_upstream Authorization {>Authorization}
    }
}

 {
  "flags": [
    "-agree",
    "-email",
    "[email protected]"
  ],
  "env_vars": [
    "DUCKDNS_TOKEN=xxxx89e"
  ]
}

DavidFW1960 · September 6, 2019, 10:41am

That’s the addon configuration - not in your caddyfile…

Email can be anything I believe…

Klagio · September 6, 2019, 10:43am

Ops, ok fixed, all seems ok. But still cant access http://192.168.1.10:8123


19/09/06 12:41:54 [INFO] [xxx.duckdns.org] The server validated our request
2019/09/06 12:41:54 [INFO] [xxx.duckdns.org] acme: Cleaning DNS-01 challenge
2019/09/06 12:41:55 [INFO] [xxx.duckdns.org] acme: Validations succeeded; requesting certificates
2019/09/06 12:41:56 [INFO] [xxx.duckdns.org] Server responded with a certificate.
done.

Serving HTTPS on port 443 
https://xxx.duckdns.org
https://xxx-dash.duckdns.org


Serving HTTP on port 80 
http://xx.duckdns.org

DavidFW1960 · September 6, 2019, 10:45am

You need to set the tls part for the sub domain as well.

What is your baseURL in config yaml?

Klagio · September 6, 2019, 10:47am


http:
  api_password: !secret api_password
  cors_allowed_origins: 
    - http://192.168.1.10:7080
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
  base_url: https://xxx.duckdns.org:8123