HASSIO, HASSBIAN & NGINX for dummy. Please help!

Hi all

I’m just exploring Home Assistant (HASSIO) on RPi 3 and was trying to configure NGINX as a reverse proxy.

I have a dynamic IP and a DDNS account (NoIP).

I don’t have my own domain, except the DDNS one if this is considered a domain.

I read a lot of posts here and googling, but I didn’t understood how to configure it.

Is there someone that can help me? I’m a real dummy on NGINX, never used.

Thanks in advance.


There isn’t much to configure. Are you using SSL?

This is my config using DuckDNS:

“domain”: “REDACTED.duckdns.org”,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”

and i have:

80/tcp set to 80
443/tcp set to 443

Thanks @petro

Do I need to create those files .pem from Let’s Encrypt or certbot?
I haven’t found the way, since from hassio distribution the ssh shell is very limited (no sudo commands and very limited set of commands) and I read that are needed some commands to get the certifications.

Now, I’ve decided to try Hassbian and I followed the very well written article from Andreas Gohr to let NGINX and duckdns works.

And it works from the internal with local ip and from external with duckdns domain.
What I’ve done is to open a port in the router mapping the 8123 one in HomeAssistant.

Is it correct, do I need a port open in my router?

While testing this configuration, I was not able to reach the HADashboard page set at port 5050.

My appdaemon.yaml is

  logfile: STDOUT
  errorfile: STDERR
  log_generations: 3
  threads: 10
  disable_apps: 1
  app_dir: /home/homeassistant/appdaemon/apps
  ha_key: *************
  dash_dir: /home/homeassistant/appdaemon/dashboards

Is this correct?
Do I need to do something more in the NGINX or do I need to open another port in my router?
I am not going to use HADashboard from outside my local network, though.

I will still try to configure NGINX with an HASSIO installation, since from Hassbian was very easy. It should be easy as well from HASSIO, but probably I’m missing something.


When you refer to DDNS, are you refering to DuckDNS? If yes, it will create your cert files, you don’t need lets encrypt.

I didn’t need to do anything for app daemon. NGINX allows you to connect to hass over your network without going to the internet and back if you have SSL. I use exactly what you have configured to access appdeamon. Appdaemon in hassio has a smaller config, i only have to specify the hadashboard port, everything else is automatic.

That’s really strange.
What config should I check?
As I wrote, I have followed the article in my first post.


Yes, when I refer to DDNS I mean DuckDNS
Correct, I’ve got cert files created by that procedure without using Let’s Encrypt

I’ve got sill Appdaemon (HADashboard) not working from the internet using mydomain.duckdns.org:5050
What I’ve not understood is if I have to open ports in my router like 8123 and 5050.
At the moment, if I don’t open the 8123 port in my router I cannot reach Hassbian from the internet.
Is it correct the appdaemon.yaml configuration in my 4th post?
Even if I have opened the port in my router is not reachable.

HADashboard is not reachable even from internal network and that’s strange, too.


PS: BTW, do I need to install NGINX manually or is included in the installation of duckdns from hassbian-config command?

I’m sorry. I don’t think i can help. You referenced Hass.io a few times, which is not the same as hassbian. I have not set this up in hassbian, i have set this up in Hass.io. There is little that needs to be done via cli in hass.io. It’s a much easier setup, but you have less control. As for port forwarding, I port forward 443 to 443 because I set NGINX to pass the info from 443 to 8123. I believe you’d need another proxy setup for 5050 in order to access hassdashboard.

I’m trying both, since at the beginning i haven’t understood the duckdns/nginx configuration in Hassio.
After doing it in Hassbian, yesterday (and today) I’ve tried also on Hass.io and followed the Duckdns guide and Nginx guide.

If I set the port forward in my router I can access, via duckdns, the Hassio page, but I think I can do also without the Nginx installation.

I thought that was not necessary to forward port on the router…
Is it correct?



No, all instances require a port forward. Your router needs to know where to send information, without the port forward, it may not work.