Home Assistant Community Add-on: Nginx Proxy Manager

I’m trying to use Nginx Proxy Manager to create a connection to my Blue Iris server. I have followed this tutorial to a “T” but am still having issues that I think are caused by Nginx Proxy Manager.

I have NGINX Proxy Manager installed and have both certificates in there and proxys

When creating the certificates, the guide told me to create a custom certificate and use my certificate key files from HA. I got those from the folder MyHA internal IP Address\ssl

If I go to https://myha.duckdns.org everything works and I see the login page for Home Assistant as I would expect. But, if I go to https://mycams.duckdns.org I’m also redirected to the Home Assistant login page and not the Blue Iris login. That seems to tell me that the Nginx proxy manager isn’t doing it’s job. Is that correct? I can get to my Blue Iris server using http://myha.duckdns.org:8081

I have these ports forwarded ( is my HA, is Blue Iris)

Any ideas how to fix this?

Ports 443 and 80 should be forwarded to 443 and 80 of the host (the one that runs NPM; it also runs HA, but that’s beside the point). Port 81 does not need to be forwarded.

I have tried forwarding 80 to and 443 to 443 like this

But when I do that and then go to http://myha.duckdns.org OR https://myha.duckdns.org I just get this screen with no login. I get to the same screen if I go to http://mycams.duckdns.org or https://mycams.duckdns.org


I’m testing all this using incognito browser, so I don’t think my cache or cookies is an issue.

Do you have the trusted proxies set in configuration.yaml?

....some other stuff...

I did not have the trusted proxies input. I added it:

  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

But when I check my config I get the error:

Invalid config for [http]: some but not all values in the same group of inclusion 'proxy' @ data['http'][<proxy>]. Got None. (See /config/configuration.yaml, line 19).

First two lines after http: mean that HA is in charge of ensuring secure communication and thus not compatible with the proxying (basically, now you have HA and NPM fighting over the use of port 443). Comment those two lines and retry.

Thanks for all the help! That seemed to do the trick!

I ended up with this as my http config.

  use_x_forwarded_for: true

Does anyone know if there is a way to view the current reverse proxy connections I have setup in MariaDB that are setup?

Long story short I login today and don’t see any of my connection in the GUI, but everything is working fine. I’d like to reset the database, but I’d prefer to have all my connection on hand so I can quickly recover. Not to mention I have a constant issue where it doesn’t remember my username/password so I have to login to MariaDB every time and reset it so a fresh install seems like a good idea.

@Petrica Hopefully its okay I tag you directly. You seem to be quite the guru.

You can find the proxy list in NPM addon at /data/nginx/proxy_host or in MariaDB addon (I think the easiest way to poke into MariaDB without SQL knowledge is via phpMyAdmin community addon and you’ll find the list under proxy_host).


@Petrica Oh wow that is really good to know. Is there a particular column under proxy_host that should have the details. I feel like I sift through each but the data doesn’t appear to help, but more than likely I just don’t understand what I’m looking at haha.

In Browse tab the main info you’re interested in are located on columns domain_names, forward_host and forward_port.

1 Like

@Petrica aha, I guess I may be having more issues than I thought. There are no entries at all for me, which I guess would correlate as to why my GUI is all blank. However, doesn’t speak toward how all my connections are still working. I validated by stopping NGINX and everything breaks, start it up and it works, yet I can’t see anything in the database… Very strange.

What platform and HA version are you running?

@Petrica Its running as a Proxmox VM.
HA Core: 2021.11.5
OS: 6.6

Have you only tried NPM until now or also the NGINX Home Assistant SSL proxy addon (that is different from NPM and there might be some remnants; this could explain why you don’t have anything in MariaDB although the reverse proxy works)?

Easiest way would be to reinstall both NPM and MariaDB addons after you get a hold of the current list of hosts and you make snapshots in both HA and Proxmox case something goes wrong. However, removing MariaDB would also kill your history in HA (which might be a big deal). Also, there’s the possibility you will not be able to renew the current used Let’s encrypt certificates on a new instance of NPM and you would need to migrate those too.

How can I get NginX Proxy Manager to work with Haaska / Alexa integration? I’m able to access my server from outside my home network fine, but I can’t get past the test configuration for Haaska.

The test on AWS returns:

      "message": "401: Unauthorized"

The NginX log reports:

[15/Jan/2022:18:24:15 -0500] - 401 401 - POST https myhomeassistant.duckdns.org "/api/alexa/smart_home" [Client] [Length 17] [Gzip -] [Sent-to] "python-urllib3/1.26.6" "-"

Do I need to add any settings in NginX so that it can pass the authentication token to Home Assistant?

Yes, see 11 posts above

I already have the following in my configuration yaml

use_x_forwarded_for: true
- my server ip

I’m able to make secure connects from outside of my network already. But I think NginX Proxy Manager is not passing Bearer tokens to Home Assistant with the proper header information.

This documentation alludes to it:
“If you use NGINX as a proxy with authentication in front of your Home Assistant instance, you may have trouble with receiving events back to Home Assistant. It’s because of an authentication token that cannot be passed through the proxy.”

If says I need to put the following into my location:

proxy_set_header Authorization 
proxy_pass_header Authorization;

But this documentation is for NginX Proxy, and I’m not sure how to do the same with NginX Proxy Manager?

@Petrica are you using the Haaska Alexa integration with NginX Proxy Manager currently? This requires being able to pass a long-lived HA bearer token from AWS through NginX to HA.

The entire location block is included in the advanced tab (see below an example for Booksonic)

No, I don’t use Alexa

Thank you, I have been trying to insert different lines under advanced, but I’m not sure what the proper formatting is.

How would I format this exactly?

proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;

In your example you have “/booksonic” following location. For Home Assistant, how do I determine what I place after “location”?