IIS and reverse proxy for sub domain

miesjel · March 14, 2018, 6:30pm

Hi all!

I’m trying to use hass.io behind a reverse proxy for easy access (i have multiple devices i can access over the internet via reverse proxy so why not hass.io).

I’ve set everything up like the rest, but when I go to the specific subdomain, it says
Home Assistant had trouble
connecting to the server.
TRY AGAIN

In my configuration.yaml i’ve entered “base_url: sub.domain.com” but that didn’t help either.

On some sites people said to use http_sec_websocket_extensions, i’ve enabled those and added it to the server Variables list.

My IIS web.config:

<?xml version="1.0" encoding="UTF-8"?>

<configuration>
    <system.webServer>
        <rewrite>
            <outboundRules>
                <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
                    <match filterByTags="A, Form, Img" pattern="^http(s)?://192.168.1.2:8123/(.*)" />
                    <action type="Rewrite" value="http{R:1}://sub.domain.com.nl/{R:2}" />
                </rule>
                <preConditions>
                    <preCondition name="ResponseIsHtml1">
                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                    </preCondition>
                </preConditions>
            </outboundRules>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://192.168.1.2:8123/{R:1}" />
					                    <serverVariables>
                        <set name="HTTP_SEC_WEBSOCKET_EXTENSIONS" value="" />
                    </serverVariables>
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>

What did i forgot to do??

bremic9188 · January 3, 2019, 2:45pm

Were you ever able to figure this out? I’m having the same issue - I can get to the login screen just fine, but after entering valid creds I receive “Home Assistant had trouble connecting to the server. TRY AGAIN”

miesjel · January 3, 2019, 6:16pm

Hi,

Not with iis. I switched to caddy server for a proxy.

bremic9188 · January 3, 2019, 6:33pm

I know you went a different route, but I just figured this one out so figured I would share.

I had the server variable for HTTP_SEC_WEBSOCKET_EXTENSIONS, but I didn’t actually have WebSocket Protocol installed on the server.

I’m running IIS on Windows 10, so I went to Programs and Features > Turn Windows features on or off > IIS\World Wide Web Services\App Dev Features\WebSocket Protocol. After that, works perfectly!

miesjel · January 3, 2019, 6:45pm

Kind of you, thanks!

CaptainComedy · September 18, 2022, 2:43pm

Hi all, sorry to bring this from the dead

I have a reverse proxy, and have enabled HTTP_SEC_WEBSOCKET_EXTENSIONS, created and assigned the server variable and it’s in web.config as you’d expect, but I’m still getting connection timeout…

Any ideas?

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <outboundRules>
                <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
                    <match filterByTags="A, Form, Img" pattern="^http(s)?://homeassistant.local/(.*)" />
                    <action type="Rewrite" value="http{R:1}://home.myexample.app/{R:2}" />
                </rule>
                <rule name="RestoreAcceptEncoding" preCondition="NeedsRestoringAcceptEncoding">
                    <match serverVariable="HTTP_ACCEPT_ENCODING" pattern="^(.*?)" />
                    <action type="Rewrite" value="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" />
                </rule>
                <rule name="A tag handler" preCondition="NeedsRestoringAcceptEncoding">
                    <match pattern="href=(.*?)http://homeassistant.local/(.*?)\s" />
                    <action type="Rewrite" value="href={R:1}https://home.myexample.app/{R:2}" />
                </rule>
                <rule name="Form handler" preCondition="NeedsRestoringAcceptEncoding">
                    <match pattern="action=(.*?)http://homeassistant.local/(.*?)\\" />
                    <action type="Rewrite" value="action={R:1}https://home.myexample.app/{R:2}\" />
                </rule>
                <preConditions>
                    <preCondition name="ResponseIsHtml1">
                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/(.+)" />
                    </preCondition>
                    <preCondition name="NeedsRestoringAcceptEncoding">
                        <add input="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" pattern=".+" />
                    </preCondition>
                </preConditions>
            </outboundRules>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://homeassistant.local/{R:1}" />
                    <serverVariables>
                        <set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
                        <set name="HTTP_ACCEPT_ENCODING" value="" />
                        <set name="HTTP_SEC_WEBSOCKET_EXTENSIONS" value="" />
                    </serverVariables>
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>