i can try this and it works, but i need to plug this url in Amazon endpoint for Alexa…not sure why else to do
did you ever figure out why it was redirecting to /? This is driving me nuts. I know clearing cache fixes it but I don’t want to have to do that…
Unfortunately I did not. I changed my setup to use home.domain.com and deluge.domian.com ect and created my cert to support those as well. Letsencrypt supports this. If you’re interested I can post my current config probably tomorrow.
Yeah I’d like to see it. Does that get around this issue?
Yes each service I use has its own domain so the issue goes away. I’ll post what I have as soon as I can.
ssl_certificate /etc/letsencrypt/live/home.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/home.domain.com/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
proxy_buffering off;
server {
listen 80;
server_name *.domain.com;
rewrite ^ https://$host$request_uri? permanent;
client_max_body_size 25M;
}
server {
listen 443 ssl;
server_name del.domain.com;
ssl on;
location / {
proxy_pass http://localhost:8112/;
proxy_set_header X-Deluge-Base "/";
}
}
server {
listen 443 ssl;
server_name home.domain.com;
ssl on;
location / {
proxy_pass http://192.168.5.5:8123;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
server {
listen 443 ssl;
server_name hass.domain.com;
ssl on;
location / {
proxy_pass http://192.168.5.4:8123;
}
}
server {
listen 443 ssl;
server_name octoprint.domain.com;
ssl on;
location / {
proxy_pass http://192.168.5.4/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Script-Name /;
}
}
Thanks, that seemed to resolve the cache issue for me as well.
Thank you for putting this guide together. It looks like there may be some issues with either this NGINX Proxy configuration or with the WebSockets API introduced in Home Assistant 0.38
.
Has anyone been able to load their Home Assistant after upgrading?
Also, on 0.37.1 I’m seeing connection lost...reconnecting
errors every so often inside of the HomeAssistant frontend. Any ideas?
Thanks!
I am not seeing this issue. I am running dev (updated yesterday) when I get a chance I’ll test out a production install and see what happens.
Just tested a fresh install of 0.38.1 and I am not seeing this problem. Maybe there was a fix for it in .1?
I am having the same issue. Upgrading to .38.1 didn’t make a difference. I enter my API key, it says connecting for a few seconds and then kicks me back to the login screen.
What are you seeing in Chrome’s console.log? I even tried removing my api_password from my configuration.yaml and still no go.
Also on 0.38.1…
@w1ll1am23 – According to @balloob the only way to use NGINX is to follow this guide which I can never get working properly.
See his comment here.
Any ideas?
Thanks!
He is correct, you need to have most of those settings or websockets won’t work.
I am using the /etc/nginx/sites-enabled/default from above and I am using the following /etc/nginx/nginx.conf
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
client_max_body_size 100m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/null; # /var/log/nginx/access.log;
error_log /dev/null; # /var/log/nginx/error.log debug;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Updating my configuration to the linked configurations fixed it for me.
Thanks!
I can access the Home Assistant page, however, upon entering my password I’m still getting WebSockets errors in Chrome’s console log.
/etc/nginx/nginx.conf
/etc/nginx/sites-enabled/default
configuration.yaml
Router
Home Assistant Accessible via VNC to the Raspberry Pi Running HASS
Any ideas? Thanks!
did I miss it? I don’t see:
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
Should go in the default - see below:
server {
listen 443 ssl;
server_name home.domain.com;
ssl on;
location / {
proxy_pass http://192.168.5.5:8123;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
I have NGINX SSL working for external access to HASS, however when I try to access the URL from within my network I am getting the following errors in Chrome console:
WebSocket connection to 'wss://mysubdomain.duckdns.org/api/websocket' failed: Error in connection establishment: net::ERR_INSECURE_RESPONSE
Any ideas how to fix this? It would be nice to use the same URL as a bookmark without having to switch to the internal IP when on the network.
Thanks!