Google TTS has stopped working (Hassio)

So I was able to narrow down the problem by looking at the error messages in the HA log. A search afterwards took me to this post

Following the instructions I was able to reach and get the TTS MP3 file generated, which was step one of my problem. Next up was the ability to throw/play the local media MP3 file from HA TTS folder on my google home mini.

To simplify the troubleshooting I am not using SSL or HTTPS, to trying to be as basic as possible. After some probing here and there I was able to play the sound on Google home with my following configruation setup. Hope it may come in handy for anyone else.

http:
    base_url: 192.168.10.24:8123 (my local IP, yours could be different)


# Text to speech
tts:
  - platform: google
    cache: true
    cache_dir: /config/www/tts
    time_memory: 120

I also found some “Morgan Freeman-ish (credits to the original producer)” notification sounds which could be a fun way to generate announce events either using google TTS on the fly MP3 generation or using prerecorded notifications, take a look here :slight_smile:

Shout out if the above was helpful for your to solve your TTS riddles.

Finding some troubles now in customizing automation for home sensor events, lets see if could make any headway over there.

Thanks.

Is this workaround with placing that token still needed in the latest Hass version?

Apparently no, i had to reinstall my whole setup with 0.85.0 and I didnt use the token, now Google TTS works without token as normally as it should.

Thanks.

The key to TTS on a google device is to get it to use an internal IP address, with no encryption. Google Home devices ALWAYS use google DNS servers, so if your router doesn’t support loopback, any internal DNS will be ignored. Additionally, any SSL certificate generated by letsencrypt will only be valid on your external IP address, so the google device won’t be able to verify the security certificate. Additionally, I believe they do not support self signed certificates.

My work around is:
I run duckdns, which handles my letsencrypt certificate, but in my configuration.yaml, I only have:
- http: mydomain.duckdns.org
note that I DO NOT have https:// nor any of the security certificates listed.
I can now access home assistant from inside my own network via: http://INTERNAL_IP_ADDRESS:8123

I then have NGINX add on installed. This provides me with SSL access to my home assistant from outside my network (Only port 443 needs to be forwarded)

then to get Google tts to work, you need:
tts:
- platform: google
base_url: http://INTERNAL_IP_ADDRESS:8123

1 Like

Thats it!

I follow your configuration (but without NGINX), and TTS worked with http://INTERNAL_IP_ADDRESS:8123 ofc.

After the test i revert my config to use ssl again. I was reading NGINX info to try to configure it, but looks a bit hard for me (and maybe using NGINX give other problems, i’m not sure).

But, there is another way to use google tts with my current config?:

http:
  base_url: https://domainname.duckdns.org
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

I tried this with:

tts:
  - platform: google
  http://INTERNAL_IP_ADDRESS:8123

But don’t work.

Is there a way to get google tts work without leaving my current config?

Thanks

I’m afraid it won’t work if you have ssl turned on because the Google devices won’t be able to verify the certificate.
You have to have SSL off in order to have google devices use tts.
NGINX is actually really easy to set up. Install the addon. Then in the addon configuration, you only need to put your domain in. It will initially show:

"domain": null

Change this to :

"domain": "domainname.duckdns.org"

Then simply remove the ssl_certificate and ssl_key lines from your http: section in configuration.yaml

That’s it!

If you have any issues, I’m happy to help!

@pinkywafer so there i no possibilities to have tts.google_say work if have enabled SSL, even if I’m in local network?

Thanks

It’s unlikely. Google home will not accept self signed certs and always uses google’s DNS servers, so the only possibility is to use your external network address in the tts config, so you’re using your letsencrypt certificate which google will accept. but in order for that to work, your router has to support nat loopback

1 Like

I use the custom component and https and all works fine.
This is my config:

http:
  ip_ban_enabled: True
  login_attempts_threshold: 10
  base_url: https://xxx.duckdns.org
  api_password: !secret http_password
  ssl_certificate: '/etc/letsencrypt/live/xxx.duckdns.org/fullchain.pem'
  ssl_key: '/etc/letsencrypt/live/xxx.duckdns.org/privkey.pem'

tts:
  - platform: google
    cache: true
    cache_dir: /tmp/tts
    time_memory: 300

So I have duckdns certificate and use https and google assistant tts works fine.

This might be an overkill solution to this problem, but my router does NOT allow NAT loopback, so I had to find alternatives.

I already had NGINX reverse proxy set up, and all my HTTPS stuff is set up there. So facing the internet, I just have my NGINX proxy listening on port 443, and forwarding traffic to my internal HA instance, unencrypted on port 8123. My Home Assistant itself knows nothing about HTTPS, but it is not directly exposed to the internet.

Then, I have my http: section’s base_url as my public duckdns domain name, so that webhooks from the internet can work.

http:
  base_url: yourmom.duckdns.org

Finally, in the TTS section of my config I have my internal, HTTP (not HTTPS) address for HA in the base_url property:

# Text to speech
tts:
  - platform: google
    base_url: http://192.168.x.x:8123

This means that my Google Homes, or whatever is trying to play the TTS URLs will go to the internal HTTP site instead of not being able to hit my public duckdns URL.

@PuckStar so on Hassio I have to remove the addon DuckDSN+LetsEncrypt and install it manually both?
Where I can find more info?

Thanks

No. Leave the duckDNS + let’s encrypt as it is… that will sort out the SSL certificate for you, and update the duckDNS ip address,
BUT
Install NGINX as well and remove ssl and certificate from the http: section of your config

Out of curiosity, why should he install NGINX?

You might not need to if you’re using the custom component… I haven’t tried it, so can’t say, but you definitely do have to be either over an unencrypted local ip address or have a router that supports loopback.
Using NGINX allows unencrypted internal connections to hassio via ip address, while keeping ssl for external traffic

1 Like

This is the correct way to fix the issue. Nothing else needs to be done. Insert the base_url with the LAN IP (change to https if you’re using SSL internally) of HomeAssistant.

1 Like

Correct. If my router supported loopback, I probably wouldn’t need NGINX.
However, I like that NGINX keeps the SSL business separate from Home Assistant.

If you have https://.... and ssl certificates in your http: section of config, all access to home Assistant is forced to use ssl.

If you’re using https and your router does not support NAT loopback, Google will Not be able to access the address if you use the duckDNS address OR not be able to validate the certificate if using the IP address.

You only need to go the NGINX route if your router does not support NAT loopback… AND you want external ssl

1 Like

So, since I access HA from outside only via VPN (I don’t like ports to be opened to the outside!), NGINX is not needed, right?

My other question is, when I connect thru VPN and HA does not have SSL active, the traffic to the internet is encrypted because of the VPN or is clear?

Sorry for little OT…

Thanks

You can leave ssl off completely (no https:// or ssl certificates in the http: section), leaving home assistant unencrypted. as your VPN secures the connection. Then just use http://IP_ADDRESS:8123 in the tts config

Ok, thanks

even without the base_url in the tts config, it works, if no SSL is active