Impossible to access my home assistant via cloudflare

hello !
I just bought a domain name and i try to configure cloudflare so that i can access my HA from outside… i am connecting using starlink and i read the ip adress is not fix so i this is the way i found by looking over the internet…

so i followed a tuto (but i dont understand anything to this process)

i changed the serveurs name on the domain name provider
i added a few lines to the config.yaml :
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
- 172.30.33.3
and i configured the cloudflare addon and put my domain name:

here is the addon log:
"

Add-on: Cloudflared
Use a Cloudflare Tunnel to remotely connect to Home Assistant without opening any ports

Add-on version: 5.1.1
You are running the latest version of this add-on.
System: Home Assistant OS 11.4 (aarch64 / raspberrypi3-64)
Home Assistant Core: 2024.1.5
Home Assistant Supervisor: 2023.12.1

Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.

[10:34:39] INFO: Checking add-on config…
[10:34:40] INFO: Checking for existing certificate…
[10:34:40] INFO: Existing certificate found
[10:34:40] INFO: Checking for existing tunnel…
[10:34:40] INFO: Existing tunnel with ID d2930ad0-a8ec-4485-a255-d4b1116786cd found
[10:34:40] INFO: Checking if existing tunnel matches name given in config
[10:34:43] INFO: Existing Cloudflare Tunnel name matches config, proceeding with existing tunnel file
[10:34:43] INFO: Creating config file…
[10:34:43] INFO: Validating config file…
Validating rules from /tmp/config.json
OK
[10:34:44] INFO: Creating DNS entry XXXXXXXX.fr
2024-01-29T09:34:45Z INF xxxxxxxxxx.fr is already configured to route to your tunnel tunnelID=d2930ad0-a8ec-4485-a255-d4b1116786cd
[10:34:45] INFO: Finished setting up the Cloudflare Tunnel
[10:34:46] INFO: Connecting Cloudflare Tunnel…
2024-01-29T09:34:46Z INF Starting tunnel tunnelID=d2930ad0-a8ec-4485-a255-d4b1116786cd
2024-01-29T09:34:46Z INF Version 2024.1.5
2024-01-29T09:34:46Z INF GOOS: linux, GOVersion: go1.21.5, GoArch: arm64
2024-01-29T09:34:46Z INF Settings: map[config:/tmp/config.json cred-file:/data/tunnel.json credentials-file:/data/tunnel.json loglevel:info metrics:0.0.0.0:36500 no-autoupdate:true origincert:/data/cert.pem]
2024-01-29T09:34:46Z INF Generated Connector ID: c8ebad75-03c9-41ae-a2f6-82efb066429e
2024-01-29T09:34:46Z INF Initial protocol quic
2024-01-29T09:34:46Z INF ICMP proxy will use 172.30.33.3 as source for IPv4
2024-01-29T09:34:46Z INF ICMP proxy will use :: as source for IPv6
2024-01-29T09:34:46Z INF Starting metrics server on [::]:36500/metrics
2024-01-29T09:34:47Z INF Registered tunnel connection connIndex=0 connection=8745c869-ff39-4bda-bb21-f68cdad707f9 event=0 ip=198.41.200.33 location=mad04 protocol=quic
2024-01-29T09:34:48Z INF Registered tunnel connection connIndex=1 connection=4e8dde17-4d9a-43c4-be80-5b8887743c8a event=0 ip=198.41.192.27 location=bcn01 protocol=quic
2024-01-29T09:34:49Z INF Registered tunnel connection connIndex=2 connection=a0d64a85-06b7-46a3-bf90-55985d49a24a event=0 ip=198.41.200.193 location=mad01 protocol=quic
2024-01-29T09:34:50Z INF Registered tunnel connection connIndex=3 connection=0418cf2f-d582-4fe3-bd66-0918e1a5eb54 event=0 ip=198.41.192.37 location=bcn01 protocol=quic
"

Can anyone tell me why i get a 404: not found when i try to connect?

I followed the steps, tried to find on the internet why it is not working, but i cant find out…
would anyone be kind enough to help me please… i am really stucked…
If you need other info please let me know :wink:

Hi Thomas,

I see you didn’t blur out all the domain names in your posted log. I can see your domain is working when browsing to your domain the Home Assistant login screen is visible.

thank you for your answer by the way (i m so fuccussed i forgot to be polite :wink: )

yeah i just modified it so you cant see the domain name (i dont know is it a security issue?)
but i m not sure i understand your answer… you mean that you can access my HA??? why cant i ?
when i type my domain name in the browser i get a 404?

Yes we can, just typing “http://XXXXXXXX.fr”.
Modify your initial post a second time, otherwise, we can still see your domain in the history.

hi! i did modify it twice… but it didnt remove the history :wink:

but do you really get my HA homepage??? when i do it it says error 404: not found
i m really confused now…

how can it work from your computer and not from mine???

Never noticed you could go past the last modification :wink:
Oh well…

Maybe because the DNS server you’re using takes longer to update?
Try again tomorrow…

1 Like

What kind of router do you have. It may not support or be configured for hairpin.

Your client asks for where is x
Its given an address which is your external ip.

Your client attempts to access the external ip and runs into the router itself. If it supports hairpin you’re fine if not it gets confused.

ok i ll do that! thanks for you answer

i am on the starlink router, but i dont know if it support hairpin ( i just searched what it is and it s actually what you described :wink: )
but when i do it from my phone through 4G it is still the same outcome…

Shouldn’t be the case, here, as OP goes through cloudflare, which acts as a reverse proxy. The domain properly points to cloudflare.

1 Like

ok you totally lost me… but if you say it works with you i ll try tomorow … and if it still doesnt work i ll be back here for advises :wink:
thanks a lot!!!

You shouldn’t expose your HA to the whole internet via http. If you don’t know what you are doing, I’d recommend some kind of VPN, like Tailscale.

ok it is working now! (not from my computer but from my phone on 4G)
ok now concerning the security issues… I thought cloudflare tunnel was secure… is it not?
i read that the vpn solution was not easy to do…

1 Like

i managed to get cloudflare to redirect everything to https… is it enough?

Ok i manage to install a vpn!!!
Thanks for tour help!