To be able to access HQ from the Internet using the Mobile App, I forwarded port 8123 to port 8123 on my DMZ reverse proxy, which is now reachable as https://somedomain:8123. The reverse proxy is allowed to open an http connection to my ha_server (not HTTPS!).
In my HA config is just:
http:
with no further options.
When connecting locally to http://ha_server:8123 the login works with TOPT.
When connecting from the Internet to https://somedomain:8123 after succesful authentication (otherwise i keeps asking for the right answer!) I get “Unable to connect to Home Assistant. Retry” in the browser.
In the Logfile [homeassistant.components.http.ban] Login attempt or request with invalid authentication from <ip_of_dmz_proxy>
I already tried:
-
base_url https://somedomain:8123-> no effect -
trusted_proxies:-> config check fails
- ip_of_dmz_proxy -
use_x_forwarded_for: true-> config check fails
It would be great if someone has an idea how to solve this with a reverse proxy in the middle (I want the traffic to be encrypted on the Internet!).