So I was able to narrow down the problem by looking at the error messages in the HA log. A search afterwards took me to this post
Following the instructions I was able to reach and get the TTS MP3 file generated, which was step one of my problem. Next up was the ability to throw/play the local media MP3 file from HA TTS folder on my google home mini.
To simplify the troubleshooting I am not using SSL or HTTPS, to trying to be as basic as possible. After some probing here and there I was able to play the sound on Google home with my following configruation setup. Hope it may come in handy for anyone else.
http:
base_url: 192.168.10.24:8123 (my local IP, yours could be different)
# Text to speech
tts:
- platform: google
cache: true
cache_dir: /config/www/tts
time_memory: 120
I also found some “Morgan Freeman-ish (credits to the original producer)” notification sounds which could be a fun way to generate announce events either using google TTS on the fly MP3 generation or using prerecorded notifications, take a look here
Shout out if the above was helpful for your to solve your TTS riddles.
Finding some troubles now in customizing automation for home sensor events, lets see if could make any headway over there.
The key to TTS on a google device is to get it to use an internal IP address, with no encryption. Google Home devices ALWAYS use google DNS servers, so if your router doesn’t support loopback, any internal DNS will be ignored. Additionally, any SSL certificate generated by letsencrypt will only be valid on your external IP address, so the google device won’t be able to verify the security certificate. Additionally, I believe they do not support self signed certificates.
My work around is:
I run duckdns, which handles my letsencrypt certificate, but in my configuration.yaml, I only have:
- http: mydomain.duckdns.org
note that I DO NOT have https:// nor any of the security certificates listed.
I can now access home assistant from inside my own network via: http://INTERNAL_IP_ADDRESS:8123
I then have NGINX add on installed. This provides me with SSL access to my home assistant from outside my network (Only port 443 needs to be forwarded)
then to get Google tts to work, you need:
tts:
- platform: google
base_url: http://INTERNAL_IP_ADDRESS:8123
I follow your configuration (but without NGINX), and TTS worked with http://INTERNAL_IP_ADDRESS:8123 ofc.
After the test i revert my config to use ssl again. I was reading NGINX info to try to configure it, but looks a bit hard for me (and maybe using NGINX give other problems, i’m not sure).
But, there is another way to use google tts with my current config?:
I’m afraid it won’t work if you have ssl turned on because the Google devices won’t be able to verify the certificate.
You have to have SSL off in order to have google devices use tts.
NGINX is actually really easy to set up. Install the addon. Then in the addon configuration, you only need to put your domain in. It will initially show:
"domain": null
Change this to :
"domain": "domainname.duckdns.org"
Then simply remove the ssl_certificate and ssl_key lines from your http: section in configuration.yaml
It’s unlikely. Google home will not accept self signed certs and always uses google’s DNS servers, so the only possibility is to use your external network address in the tts config, so you’re using your letsencrypt certificate which google will accept. but in order for that to work, your router has to support nat loopback
This might be an overkill solution to this problem, but my router does NOT allow NAT loopback, so I had to find alternatives.
I already had NGINX reverse proxy set up, and all my HTTPS stuff is set up there. So facing the internet, I just have my NGINX proxy listening on port 443, and forwarding traffic to my internal HA instance, unencrypted on port 8123. My Home Assistant itself knows nothing about HTTPS, but it is not directly exposed to the internet.
Then, I have my http: section’s base_url as my public duckdns domain name, so that webhooks from the internet can work.
http:
base_url: yourmom.duckdns.org
Finally, in the TTS section of my config I have my internal, HTTP (not HTTPS) address for HA in the base_url property:
# Text to speech
tts:
- platform: google
base_url: http://192.168.x.x:8123
This means that my Google Homes, or whatever is trying to play the TTS URLs will go to the internal HTTP site instead of not being able to hit my public duckdns URL.
No. Leave the duckDNS + let’s encrypt as it is… that will sort out the SSL certificate for you, and update the duckDNS ip address,
BUT
Install NGINX as well and remove ssl and certificate from the http: section of your config
You might not need to if you’re using the custom component… I haven’t tried it, so can’t say, but you definitely do have to be either over an unencrypted local ip address or have a router that supports loopback.
Using NGINX allows unencrypted internal connections to hassio via ip address, while keeping ssl for external traffic
This is the correct way to fix the issue. Nothing else needs to be done. Insert the base_url with the LAN IP (change to https if you’re using SSL internally) of HomeAssistant.
Correct. If my router supported loopback, I probably wouldn’t need NGINX.
However, I like that NGINX keeps the SSL business separate from Home Assistant.
If you have https://.... and ssl certificates in your http: section of config, all access to home Assistant is forced to use ssl.
If you’re using https and your router does not support NAT loopback, Google will Not be able to access the address if you use the duckDNS address OR not be able to validate the certificate if using the IP address.
You only need to go the NGINX route if your router does not support NAT loopback… AND you want external ssl
So, since I access HA from outside only via VPN (I don’t like ports to be opened to the outside!), NGINX is not needed, right?
My other question is, when I connect thru VPN and HA does not have SSL active, the traffic to the internet is encrypted because of the VPN or is clear?
You can leave ssl off completely (no https:// or ssl certificates in the http: section), leaving home assistant unencrypted. as your VPN secures the connection. Then just use http://IP_ADDRESS:8123 in the tts config
