Google Home / Nest Hub + DNSmasq, DuckDNS & LetsEncrypt

Hi all,

I am new here and I am looking for some support regarding my network configuration.

I have configured HA to be accessible externally via DuckDNS + LetsEncrypt. I also had to configure Dnsmasq to have the same internal and external URL. After that, I configured my router to use my raspberry PI where HA is running to be the primary DNS for all DHCP clients.

So far so good, all is working fine.

But I have the following issue now: It seems that my Google Home / Nest Hub devices have troubles accessing e.g. TTS results or the lovelace dashboards.

Example:

I am trying to get a Google Home Mini to say something via TTS. I call the service, send the message and hear the “bling” on my Google Home Mini but I don’t hear the actual message.

When I check the states in the dev tools, I see the following media_content_id on my Google Home Mini: https://[myhostname].duckdns.org:[myport]/api/tts_proxy/a715f46d41e2149a4ec4f2c0772ef5254222dd83_en_-_google_translate.mp3

So I guess what happens is the following:

  1. The Google Home Hub Mini tries to access the MP3 file

  2. Since it is going to [myhostname].duckdns.org via DNSmasq it points to https://[mylocalip]:[myport]

  3. Google Home Hub Mini then refuses to access the MP3 file, because it is a local IP with a self signed certificate.

Do you agree that this could be the case?

If yes, any ideas on how it could be resolved?

Thanks all!

I internally point the external domain (e.g. blah.dunckdns.org) to the proxy, so the letsencrypt certificate is presented, and it works for me.

Thanks for the response Chris.
Do you have DNSmasq in place as well or does your router handle the NAT loopback without the need to configure your HA as DNS server?

Yes, I have DNSmasq on my openwrt router. I added the external domain mapping to its /etc/hosts, but I guess there are other ways.

OK, thanks for confirming. Maybe the root cause is really a different one then.
If I access https://[myhostname].duckdns.org:[myport] from my smartphone using WIFI all is working well (certificate is also fine). I really have no idea why it is not working from my Google Home devices.