Help with: HTTPS:// (SSL) with HA, DuckDNS, Let's Encrypt in Docker

GreenBear33 · June 12, 2020, 7:07pm

Hi, I am trying to get setup with SSL on HA.

I have setup Duck DNS and can access my HA through my duckdns subdomain. (mydomain.ducks.org).

The issue is, that I am not sure where to go from here with getting set up with the SSL and let’s encrypt or certbot. I am running HA in a docker container on a RPI 3 with Raspbian 32 bit.

Could anyone give me an easy guide to get this setup in my configuration and what my next steps should be? I am happy to help with more info.

Many Thanks.

UPDATE: I still have no solution for this. Can anyone help at all?

acaral · June 13, 2020, 5:21pm

Hello GreeBear33,
you need to check the documentation of duckdns. It is all explained it there. Basically, you need to accept the terms of the Let’s encrypt.
accept_terms: true
and put your duckdns token
token:
and put a portforward on your internet router to your home assistant

GreenBear33 · June 15, 2020, 1:33am

Hi Alejandro.

Thank you for the advice.

I have already downloaded certbot and have retrived my certificate. The files are saved on my Rpi at the following locations: for privacy i have changed my domain to xxxxxx

/etc/letsencrypt/live/xxxxxx.duckdns.org/fullchain.pem
/etc/letsencrypt/live/xxxxxx.duckdns.org/privkey.pem

I tried to follow a tutorial and it said to add the following to my configuration.yaml file:

ssl_certificate: /etc/letsencrypt/live/xxxxxx.duckdns.org/fullchain.pem
ssl_key: /etc/letsencrypt/live/xxxxxx.duckdns.org/privkey.pem
base_url: xxxxxx.duckdns.org:8123

But it doesn’t work and tells me the config is not valid.

I currently have my duckdns working with http:// with this in my configuration.yaml file:

duckdns:                                                                    
  domain: xxxxxxxx                                               
  access_token: xxxxxxx-xxxx-xxxxx-xxxx-xxxxxxxxxx

Since that works, I am happy but I would like to secure the connection. Anyone can help me with some guidance?

acaral · June 15, 2020, 5:18am

GreenBear33, duckdns does all the configuration for let’s encrypt and everything you don’t need to install certbot.
for the secure connection you need to install MariaDB addon. once you have it running, install Nginx Proxy Manager addon to send the http protocol to https. Follow the documentation on Nginx Proxy Manager addon
if you want you can use ngrok addon but you won’t have a custom domain unless you paid for it.

GreenBear33 · June 15, 2020, 9:07pm

Hi Alejandro.

I am using HA in Docker so there are no add-ons.

painkiller · August 31, 2020, 4:35am

Any luck with this? I’m stuck on this issue as well – HA on docker + duckDNS and LetsEncrypt.

Dexter1759 · March 24, 2021, 4:06pm

I’m also trying to get HA in docker accessible externally via HTTPS only. I’ve managed to configure duckdns and can access via an external HTTP connection, but I only want HTTPS access externally.

Accordingly to this post it’s “effortless” but it seems to be hass.io and not cover HA in docker.

My ultimate goal is to get Nest devices set up (which require an external URL), at this point I’m tempted to just pay for Nabu Casa, but paying $5 per month primarily to integrate Nest for minor/simple automation, seems excessive.

Phlipinator · August 12, 2023, 7:00pm

I know it has been some time, but did you guys find a way to make it work?

I just recently moved my HA installation from my PI to a ubuntu server with docker and got to the point where i can acess everything using http. Same as you I would prefer https tho.

ddaniel · August 12, 2023, 7:04pm

Https on local network or for remote access ?

Phlipinator · August 14, 2023, 6:44pm

remote. but i decided to just access my HA using a VPN for security reasons, so it doesn’t really matter anymore