Hello,
for external access to my HAOS machine, I use this add on: home-assistant-addons/traefik at master · boomam/home-assistant-addons · GitHub
(I am open to suggestion for using another software stack for that, as long as it included automatic let’s encrypt certificates)
Unfortunately, I am not able to get past a error 400.
What I get
400: Bad Requeston the browser calling the external URL.Service selected by WRR: http://home.local:8123when calling the external URL on either http or https (log level = debug).
What I did
- In my router, forwarded ports 80 and 443 to my home assistant machine (
home.local:8123) - Use that
fileConfig.yaml
http:
routers:
httpsredirect:
entryPoints:
- "web"
middlewares:
- "httpsRedirect"
rule: "HostRegexp(`{host:.+}`)"
service: httpsredirect
homeassistant:
rule: "Host(`my.home.domain`)"
entryPoints:
- "websecure"
tls:
certResolver: le
service: homeassistant
middlewares:
httpsRedirect:
redirectScheme:
scheme: https
services:
httpsredirect:
loadBalancer:
servers:
- url: "http://home.local"
homeassistant:
loadBalancer:
servers:
- url: "http://home.local:8123"
passHostHeader: true
inside the container, the traefik.yaml looks like:
global:
checkNewVersion: false
sendAnonymousUsage: false
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ":443"
forwardedHeaders:
insecure: false
api:
dashboard: true
insecure: true
serversTransport:
insecureSkipVerify: false
certificatesResolvers:
le:
acme:
email: "[email protected]"
storage: "/ssl/traefik/acme.json"
tlsChallenge: {}
providers:
file:
directory: "/config/traefik/"
log:
level: DEBUG
/ssl/traefik/acme.json looks just fine with a certificate and a key for my.home.domain.
with access logs enabled I get the additional line in the logs:
aaa.bbb.ccc.ddd - - [14/Jan/2026:18:52:12 +0000] "GET / HTTP/2.0" 400 16 "-" "-" 9 "homeassistant@file" "http://home.local:8123" 4ms
- Set the Home Assistant URL to
https://my.home.domain
Thanks for any ideas and help!