Invalid authentication with nginx and HA in docker from internal LAN (Rhasspy)

Hey there,

I have the following setup. I run HomeAssistant in Docker on a Raspberry PI. I use the DuckDNS-Addon and NGINX-Addon to reach HA remotely via SSL and with HTTP from my LAN. These are my relevant configuration snippets:


  use_x_forwarded_for: true


certfile: fullchain.pem
keyfile: privkey.pem
hsts: max-age=31536000; includeSubDomains
cloudflare: false
  active: false
  default: nginx_proxy_default*.conf
  servers: nginx_proxy/*.conf

I am now trying to set up Rhasspy for Voice Control Intent handling. I followed the official documentation and created a long lived access token. I am certain that I did not copy leading or trailing spaces. However, whenever my Rhasspy-setup sends an intent to the HA intent API I receive the following notification in HA:

Login attempt or request with invalid authentication from ( See the log for details.

Rhasspy runs on a second raspberry pi within a portainer-managed docker container within the same LAN as HA. Alternatively, I also tried using the HA Rhasspy-Addon, which gave me a similar authentication error:

Login attempt or request with invalid authentication from ( See the log for details.

This brings me to the conclusion that something with my nginx/http setup seems to block the incoming requests even though “normal” browser-based access to the HA frontend works within the LAN. Unfortunately, I am not an expert on ip-routing, proxies and such, so that I hope I am simply missing a key concept.

I searched the forum and google but could not find a matching problem. If you need additional input to help me out, please let me know.

Thanks and looking forward to your input!