How to connect Google Assistant using the Cloudflare tunnel

j2g2com · March 13, 2024, 6:20pm

I totally agree with you. If I activate IP’s or geolocation in the Cloudflare tunnel, Google Home services do not work. If you can explain a little more or make a project of how you have set up Nginx ssl Proxy for 443, I would appreciate it. Thank you

Jokerigno · April 7, 2024, 9:29pm

this doesn’t seems to work for me.

I see first message that link is established but then after a while i see another message (error. please try again later).

Any hint?

paulka007 · April 9, 2024, 10:11pm

This is working well for Google Assistant:

Expression Preview
(http.request.uri.path contains "/api/google_assistant" and ip.geoip.asnum eq 15169) or (http.request.uri.path eq "/auth/token" and ip.geoip.asnum eq 15169) or (cf.tls_client_auth.cert_verified)

By using URI filtering you get only legitimate GA requests not google search bots etc.

The rule order looks like:

Jokerigno · April 11, 2024, 9:04pm

it worked!

What the second rule does?

Oromiss · April 12, 2024, 10:09pm

in my case, the issue about error 404 it was related to the authorization URL. Was missing /authorize at the end.

akshtsha · April 13, 2024, 8:36pm

I have followed all the steps in the integration guide and the post above, but I am always getting a “Cannot reach [test] myapp” error when trying to link google home.
I have the WAF rules from here https://community.home-assistant.io/t/how-to-connect-google-assistant-using-the-cloudflare-tunnel/545574/23 and I am able to access my external url from the HA app and outside network.
I tried disabling the WAF rules altogether, but it still doesn’t work. I do have access rules setup for some emails and the one here https://community.home-assistant.io/t/howto-secure-cloudflare-tunnels-remote-access/570837.

My configuration.yaml lines are as follows:

google_assistant:
  project_id: my_project_id
  service_account: !include SERVICE_ACCOUNT.JSON
  report_state: true
  expose_by_default: true

I get 405: method not allowed when I try to access my /api/google_assistant and /auth/token from both my external and internal url.

Do I just need to wait for some time or is there something I am missing?

akshtsha · April 14, 2024, 6:44pm

I think it was because of the access rules. I can link it if I disable access rules completely

Kazionator · April 29, 2024, 11:26pm

Where exactly should I set this? I’ve clicked through the entire cloudflare panel but don’t see anything similar. Did I miss something or has cloudflare changed the interface?