Sorry to hear that @RiseUp, it’s frustrating I know!.
I’m trying to think back to what I did, but it’s been a while.
A few things to try…
(basically try and troubleshoot HA and nginx separately, before making them work together)
Verify your HA instance is still listening on 8123 - I like nmap for this. Try it from localhost (the host which is hosting HA), as well as another host on your network. Both should show that 8123 is listening.
Also, try hitting the HA web interface from a puter within your network, it should work without issue.
(bypass nginx for testing)
To test nginx, tail it’s log file while trying to hit the nginx 443 port, you should see requests come in, like the apache access log… Also nmap the host locally & remote to verify 443 (nginx) is listening.
Hope some of this helps, let me know if you still run into issues.
Thank you for your tips. I’ve never used nmap, but based on what you’ve said I’ll definitely have to give that a try. As for those specific errors, I believe they ended up being due to a hassio addon or two that still had "ssl": true in their configurations.
As far as reaching the frontend bypassing nginx, do you mean using the Pi’s LAN IP directly? Whenever I try that, Chrome always gives me ERR_CONNECTION_REFUSED.
Interestingly enough, the whole reason I even started on the journey of changing over to an nginx reverse proxy (on another machine in the LAN) was to be able to access hassio from within the network directly, while also keeping SSL for external access. So far, I don’t see that happening.
@RiseUp So did removing the "ssl": true configuration options let you load up the UI again?
Have you tried clearing the cache in Chrome? I do that often, as Chrome likes to cache everything, especially when there’s an error, it seems. Could also try enabling developer tools in Chrome, and disabling cache, which is great when troubleshooting issues like these.
Do all the machines in your network get a 404 when trying to access the UI at: http://IP:8123 ?
You should (in theory) be able to hit the UI from any address on your internal network using the IP:8123 address. When Nginx is setup, all it should do is listen on port 443 with a valid ssl cert, then pass all traffic to your HA IP on port 8123.
nmap is your friend for this kind of troubleshooting!
In a pinch, you could create a temporary configuration directory, and point the hass executable at it on startup, then run hass manually aka: hass -c /opt/temp/ha
This would start up a bare new-install of HA and create all the initial configuration files, in said directory. Which would be handy for troubleshooting, because then you could verify that IP:8123 is in fact valid, and there’s no OS level firewalls or anything, this would also let you test the nginx setup.
When finished simply kill it, and remove the temporary directory.
Oddly enough, I was getting the UI the whole time, but my log was filling up with the same errors that filled yours. Setting "ssl": false fixed the error flood.
I don’t know why I didn’t think of trying that. Of course, on my first attempt from another machine successfully connected. Here’s the crazy, incredibly embarrassing part of it all—I’ve been trying to connect directly to the Pi’s IP without the port (naturally trying to use port 80), forgetting that it’s only accessible at 8123! Not until trying from that other machine did I realize when that other browser auto-completed the :8123 for me!
My only explanation is I’ve spent entirely too much time learning as much as I can with nginx that I got port crazy.
Being that I’m using hassio, I wouldn’t have been able to run another instance of HA on the same Pi. However, while figuring out nginx, I did set up a test instance on the nginx host machine with docker. Certainly if it were possible, your solution would be better.
Thanks so much for the help. I don’t know how long I would have been banging my head against a wall without it!
seeing this same issue after updating to 0.60. commenting out SSL works but that also breaks my alexa/google assistant and need a proper solution, not throwing nginx in front of it. Its always worked running on port 443 till the update.
@RiseUp Hehe, no problem at all man! I’ve been there many times (thus this post)! I’m glad it’s working better now. So would you consider the issue fixed then, or do you need some more help with the whole setup (including nginx)? Also, if it would help, I’ll post my nginx config for others to use as an example.
So without commenting out SSL, what errors are you seeing? Can you post them here?
Also, after updating, how are you stopping/starting HA? Running hassio, hasbian, docker, or other?
Figured i’d reply back, check SSL expiry if this happens LOL. Turns out my SSL cert expired yesterday afternoon which correlates with about the time it stopped working for me! facepalms
Well, I’m not sure what the issue is that would be considered fixed. As far as the Invalid HTTP Method errors go, then yes, it’s fixed.
I’m still working out some kinks with nginx as a reverse proxy; namely, getting Telegram webhooks to work. Right now, they’re just giving me “access denied”. I understand why, but I’m just trying to work out the best workaround.
I think posting your nginx config would be a great idea as a resource for whomever needs it.
I’ll get my nginx config posted tonight, hopefully it helps.
So it’s just giving you “access denied”, would you mind explaining why? My guess is, nginx isn’t passing the connection correctly, if that’s the case, might want to look at the nginx logs…
Of course, on my first attempt from another machine successfully connected. Here’s the crazy, incredibly embarrassing part of it all—I’ve been trying to connect directly to the Pi’s IP without the port (naturally trying to use port 80), forgetting that it’s only accessible at 8123! Not until trying from that other machine did I realize when that other browser auto-completed the :8123 for me!
As far as the Invalid HTTP Method errors go, then yes, it’s fixed.