I just installed the Nginx Proxy Manager add-on and configured everything. I also successfully retrieved an SSL certificate by Let’s Encrypt.
When I’m now trying to access my HA frontend (on a PC), my login fails with a notification on my other devices, that a Login attempt failed (I’m in an VPN with that iPhone):
My entered username and password are correct. The problem occurs after entering my OTP (2FA with Google Authenticator); “Neu anfangen” means “Start again”:
My configuration is as follows:
Port 80 ext to 80 int
Port 443 ext to 443 int
Nginx Proxy Manager Add-on
Can anyone please tell me why I can’t login anymore?
Hi, your config looks ok; only difference vs. my setup is that I use /23 for the trusted proxies and I do not have totp in my yaml config. I do have it enabled but through the gui.
As a first step, can you still login locally with the PC, eg. by approaching http://ha_ip:8123? Also, a second step, turn off 2FA temporarily (or make a new account without it) and check if that allows you to log in.
Thank you for your reply and suggestions!
It’s a bit weird:
- I’m able to login from within my local network (x:8123)
- I’m able to login with as a temporary user (admin rights, 2FA enabled)
- I’m still not able to login with my own user account
- I used the subnet from this thread: https://www.reddit.com/r/homeassistant/comments/og1hao/comment/h4gr4n2/
I don’t really like to disable and re-enable my 2FA, I’d prefer this just to work “out of the box”.
So is there a known “bug”?
At least now you know it’s not an issue with your NGINX setup. I am not aware of any 2FA bugs but then again, never experienced issues so never bothered to look.
Did you also try to login with your original account on another device or different browser/incognito mode? If this works then it’s not a 2FA issue but probably browser related and you could try to purge your cookies/browser history (and delete your tokens within HA).
I did, both incognito and different browser and also different device.
I’ll try then when I’m back at home. Removing all those tokens in the app is quite a pain.
I just did (HA app → user account → deleting all tokens). No success. Very weird: I still can’t login with my user account (same message: “Start again”)?! So it’s not a 2FA-related problem.
Okay. That’s a bit embarassing… I just saw that I obviously someday enabled the option: “Only allow login from local network” in the user settings (Configuration → Users → User Account).
Sorry, I really didn’t remember that!