Home Assistant Community Add-on: Nginx Proxy Manager

poudenes · November 18, 2020, 4:48pm

Hi All,

Does someone have Nextcloud also running behind Proxy? Everything i tried doesn’t work.

RPi 1 (192.168.100.24) HA and Proxy Manager
RPi 2 (192.168.100.25) Nextcloud running on Apache2

When i change everything HA is working behind proxy

https://hassio.my-domain.com
https://nextcloud.my-domain.com

When i try to connect to nextcloud from outside sometimes i can connect but can’t login.
The app can access but can’t login.

Tried many different things in the

/var/www/html/config/config.php

and many things in the proxy manager as well.
But every time it failed…

So does someone have good documented tutor how to do this?

Petrica · November 18, 2020, 4:52pm

Check my post no. 248 above (I had to make changes only in config.php)

poudenes · November 18, 2020, 5:09pm

You mean this part?

https://docs.nextcloud.com/server/13/admin_manual/configuration_server/reverse_proxy_configuration.html#overwrite-parameters

  'trusted_proxies'   => ['10.0.0.1'],
  'overwritehost'     => 'ssl-proxy.tld',
  'overwriteprotocol' => 'https',
  'overwritewebroot'  => '/domain.tld/nextcloud',
  'overwritecondaddr' => '^10\.0\.0\.1$',

Petrica · November 18, 2020, 5:13pm

WIth NPM you would not need all of them (on most Nextcloud installs they are not even enabled).

These are the only changes I made:

  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => '192.168.0.100',
    2 => 'nextcloud.xxx.duckdns.org',
  ),
...
  'overwrite.cli.url' => 'https://nextcloud.xxx.duckdns.org',
  'overwriteprotocol' => 'https',

Jelte · December 7, 2020, 2:08pm

I’m trying to get local access to a device, which doesn’t have authorization via Home Assistant.

It’s accessible via a local ip and portnumber. But not from the outside.

What I would like to have:

Add an iframe to Home Assistant to the local device (has to be https)
Show the iframe when accessing Home Assistant from an external IP
Do not allow access when accessing the iframe url directly

What I did:

Made a dns entry for this device
Added a nginx proxy entry for this devices with a certificate (so now the device is accessible over https from the outside)
Add an access list to nginx, with local IP ranges (match any)

But I;m struggling to put in the right ranges in the access list. What are the IP ranges I should put in to have the device accessible via Home Assistant (Supervised via docker)?

Is it even possible?

Lucan · December 9, 2020, 11:21pm

Local access only is sadly not possible

RichardU · December 10, 2020, 2:19am

NPM is fantastic, and now I want to use it to host an html file on the web. Is that possible? Where would I put the file, and how would I point to it?

Cheers, Richard

Jeroen_Traa · December 10, 2020, 12:55pm

How can i get telegram to work. I found this, but how do i use this in Ngix proxy manager.

I tried to add a location but after saving it went “offline”

For your nginx configuration, add this:

Copy to clipboard

location /api/telegram_webhooks {
	proxy_pass http://YOUR_LOCAL_HA_IP_ADDRESS:8123/api/telegram_webhooks;
	proxy_http_version 1.1;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection $connection_upgrade;
	allow 149.154.167.197/32;
	allow 149.154.167.198/31;
	allow 149.154.167.200/29;
	allow 149.154.167.208/28;
	allow 149.154.167.224/29;
	allow 149.154.167.232/31;
	deny all; 
}

But where should i past this?

Petrica · December 10, 2020, 1:13pm

Adjust as needed and past it in Advanced.

Jeroen_Traa · December 10, 2020, 1:17pm

i did that to but proxy still went offline

Command failed: /usr/sbin/nginx -t -g “error_log off;”
nginx: [emerg] unknown “connection_upgrade” variable
nginx: configuration file /etc/nginx/nginx.conf test failed

Petrica · December 10, 2020, 1:25pm

try proxy_set_header Connection "upgrade"; instead

hulkhaugen · December 13, 2020, 3:47pm

Can this add-on be used to host a static website just containing a few HTML/CSS/JS files? Or would i need to install the Apache2 add-on or similar?

Jeroen_Traa · December 14, 2020, 10:16am

Thx That worked

jvbragt · December 14, 2020, 10:44am

Hi,

I am using the official .VMDK and installed HA. Using duckdns and other addons. But now I have installed the NGINX addon and it seems to run fine, I only can’t see the open WEB UI button anyware. Also tried to open http://192.168.1.xxx:81 but nothing happens. Any idea??

Thanks

Petrica · December 14, 2020, 11:29am

What addon have you installed? NGINX Home Assistant SSL proxy or Nginx Proxy Manager?

NGINX Home Assistant SSL proxy is set to reverse proxy only with Home Assistant. There is no Open WEB UI button in the addon.

With Nginx Proxy Manager (to which this topic relates to) you can reverse proxy (probably) any other services.

Petrica · December 14, 2020, 11:29am

You’re welcome

jvbragt · December 14, 2020, 11:54am

Yes, thanks!

depasseg · December 29, 2020, 6:58pm

And for those searching for how to disable Lets Encrypt in the DuckDNS add-on, just set the accept TOS flag to false in your configuration and restart the add-on

bengt · December 29, 2020, 10:42pm

I get error messages when I try to create a certificate in NPM. I wonder if it may be forwarding of the ports on the router that is the problem? Is this correct?

EDIT:
After posting this, I changed ports 80 - 80. This allowed me to generate SSL certificate.
But there is still something wrong. Any suggestions???

Burningstone · December 30, 2020, 12:15pm

You should forward port 443 to port 443, not to 8123. NGINX routes the traffic to 8123 afterwards.