I run a supervised home assistant install on Debian 11.
I’ve generated let’s encrypt certificates, and have added the following to my /usr/share/hassio/homeassistant/configuration.yaml
http:
ssl_certificate: /etc/letsencrypt/live/mydomain.com/fullchain.pem
ssl_key: /etc/letsencrypt/live/mydomain.com/privkey.pem
I get the following error booting up my system/home assistant:
May 26 01:29:07 gremy-deb homeassistant[727]: 2023-05-26 01:29:07.225 ERROR (MainThread) [homeassistant.config] Invalid config for [http]: not a file for dictionary value @ data['http']['ssl_certificate']. Got '/etc/letsencrypt/live/mydomain.com/fullchain.pem'
May 26 01:29:07 gremy-deb homeassistant[727]: not a file for dictionary value @ data['http']['ssl_key']. Got '/etc/letsencrypt/live/mydomain.com/privkey.pem'. (See /config/configuration.yaml, line 17). Please check the docs at https://www.home-assistant.io/integrations/http
I don’t believe it is a permission issue, as I’ve also tried running this with 755 on everything in /etc/letsencrypt/live and archive both, as well as their respective directories. I’ve also taken ownership of the certs/folders (and a supervised install doesn’t have a homeassistant user, to my understanding it should be using my own). Currently, i’ve set it back to 700, it looks like this:
$ ls -l /etc/letsencrypt/
total 0
drwx------ 1 root root 56 May 25 22:41 accounts
drwx------ 1 myuser myuser 22 May 25 22:44 archive
drwx------ 1 myuser myuser 34 May 25 22:44 live
drwxr-xr-x 1 root root 32 May 25 22:44 renewal
drwxr-xr-x 1 root root 26 May 25 22:41 renewal-hooks
(the same is true for all files and folder under live and archive)
Although ill-advised, I have tried pointing the home assistant yaml config to /archive files instead of /live as well, to no avail.
Any advice would be greatly appreciated.