I have tried forwarding 80 to and 443 to 443 like this
But when I do that and then go to http://myha.duckdns.org OR https://myha.duckdns.org I just get this screen with no login. I get to the same screen if I go to http://mycams.duckdns.org or https://mycams.duckdns.org
I’m testing all this using incognito browser, so I don’t think my cache or cookies is an issue.
Do you have the trusted proxies set in configuration.yaml?
http:
....some other stuff...
trusted_proxies:
- 192.168.1.100
- 172.30.33.0/24
I did not have the trusted proxies input. I added it:
http:
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
trusted_proxies:
- 192.168.1.100
- 172.30.33.0/24
But when I check my config I get the error:
Invalid config for [http]: some but not all values in the same group of inclusion 'proxy' @ data['http'][<proxy>]. Got None. (See /config/configuration.yaml, line 19).
First two lines after http: mean that HA is in charge of ensuring secure communication and thus not compatible with the proxying (basically, now you have HA and NPM fighting over the use of port 443). Comment those two lines and retry.
Thanks for all the help! That seemed to do the trick!
I ended up with this as my http config.
http:
use_x_forwarded_for: true
trusted_proxies:
- 192.168.1.100
- 172.30.33.0/24
Does anyone know if there is a way to view the current reverse proxy connections I have setup in MariaDB that are setup?
Long story short I login today and don’t see any of my connection in the GUI, but everything is working fine. I’d like to reset the database, but I’d prefer to have all my connection on hand so I can quickly recover. Not to mention I have a constant issue where it doesn’t remember my username/password so I have to login to MariaDB every time and reset it so a fresh install seems like a good idea.
@Petrica Hopefully its okay I tag you directly. You seem to be quite the guru.
You can find the proxy list in NPM addon at /data/nginx/proxy_host or in MariaDB addon (I think the easiest way to poke into MariaDB without SQL knowledge is via phpMyAdmin community addon and you’ll find the list under proxy_host).
@Petrica Oh wow that is really good to know. Is there a particular column under proxy_host that should have the details. I feel like I sift through each but the data doesn’t appear to help, but more than likely I just don’t understand what I’m looking at haha.
In Browse tab the main info you’re interested in are located on columns domain_names, forward_host and forward_port.
@Petrica aha, I guess I may be having more issues than I thought. There are no entries at all for me, which I guess would correlate as to why my GUI is all blank. However, doesn’t speak toward how all my connections are still working. I validated by stopping NGINX and everything breaks, start it up and it works, yet I can’t see anything in the database… Very strange.
What platform and HA version are you running?
Have you only tried NPM until now or also the NGINX Home Assistant SSL proxy addon (that is different from NPM and there might be some remnants; this could explain why you don’t have anything in MariaDB although the reverse proxy works)?
Easiest way would be to reinstall both NPM and MariaDB addons after you get a hold of the current list of hosts and you make snapshots in both HA and Proxmox case something goes wrong. However, removing MariaDB would also kill your history in HA (which might be a big deal). Also, there’s the possibility you will not be able to renew the current used Let’s encrypt certificates on a new instance of NPM and you would need to migrate those too.
How can I get NginX Proxy Manager to work with Haaska / Alexa integration? I’m able to access my server from outside my home network fine, but I can’t get past the test configuration for Haaska.
The test on AWS returns:
"type": "INVALID_AUTHORIZATION_CREDENTIAL",
"message": "401: Unauthorized"
The NginX log reports:
[15/Jan/2022:18:24:15 -0500] - 401 401 - POST https myhomeassistant.duckdns.org "/api/alexa/smart_home" [Client 54.174.230.79] [Length 17] [Gzip -] [Sent-to 192.168.1.4] "python-urllib3/1.26.6" "-"
Do I need to add any settings in NginX so that it can pass the authentication token to Home Assistant?
Yes, see 11 posts above
I already have the following in my configuration yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- my server ip
- 172.30.33.0/24
I’m able to make secure connects from outside of my network already. But I think NginX Proxy Manager is not passing Bearer tokens to Home Assistant with the proper header information.
This documentation alludes to it:
“If you use NGINX as a proxy with authentication in front of your Home Assistant instance, you may have trouble with receiving events back to Home Assistant. It’s because of an authentication token that cannot be passed through the proxy.”
If says I need to put the following into my location:
proxy_set_header Authorization
$http_authorization;
proxy_pass_header Authorization;
But this documentation is for NginX Proxy, and I’m not sure how to do the same with NginX Proxy Manager?
@Petrica are you using the Haaska Alexa integration with NginX Proxy Manager currently? This requires being able to pass a long-lived HA bearer token from AWS through NginX to HA.
The entire location block is included in the advanced tab (see below an example for Booksonic)
No, I don’t use Alexa
Thank you, I have been trying to insert different lines under advanced, but I’m not sure what the proper formatting is.
How would I format this exactly?
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
In your example you have “/booksonic” following location. For Home Assistant, how do I determine what I place after “location”?
If there isn’t any special requirement for api then “/”
location / {
proxy_pass http://192.168.0.x:8123;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
}
That’s it, thank you!! I’ve been trying to figure this out the whole last day.
Placing that code in the advanced box got AWS communicating with HA, I can now see and control my entities from Alexa.