Mosquitto Addon, Nginx Proxy Manager

I’ve installed the Mosquitto addon on Hassio as well as Nginx Proxy manager for external access.
For location purpose, i want to track my phone GPS via Owntrack… but the problem is that i’m struggling to get the MQTT component working from the outside.

When i set my integration to my local IP address:

It works perfectly.

Then i want to make mosquitto accessible from outside. I set a new rule on Nginx proxy manager:

And when i go back to integration and try to establish communication with the Mosquitto broker it doesn’t work at all…

Has someone ever experienced those kind of trouble ? I tried almost everything but i think i did something wrong.

Thanks in advance

No one can help me there ?

MQTT isn’t transported over HTTP. You need to have nginx proxy a TCP connection for you.

I do this with with a hand-built configuration, I don’t know if the plugin has the ability to do that? Perhaps if you select something different that “http” in the “scheme” box, somehow?

In my case, I proxy MQTT-over-TLS from the “outside” to MQTT unencrypted on port 1883 to mosquitto. Just proxying a TCP connection should be even easier.


Can you find a solution because I have the same concerns

Sincerely, Pierre

For the moment, i stopped the idea to get mqtt over nginx platform. I’ll try that maybe later. If you have a solution, don’t hesitate to share it here !

Have you seen tailscale? I installed tailscale on my linux server and also on my HA box using a custom integration. I have access to everything everywhere at all times. No portforwarding, reverse proxies needed at all. Guthub handles the oauth ( and i have 2fa on github) so it’s more secure than anything i could knock together.
Here was my walkthrough:

1 Like

Totally agree.

As long you have a limited number of devices needing remote access to your HA (typically, your phone), Tailscale is far easier and more secure than opening up to the world via a reverse proxy and managing SSL and certificates.

1 Like

@lmamakos or anyone I know its been a while since you posted this. But would you mind sharing how you hand-built you configuration for MQTT in nginx Proxy Manager? I have redirecting to my home IP WITHOUT proxy. I can connect to Mosquitto just fine, but when I make it go through nginx. I get no response. I have tried almost every setting turned on and off. Going through web sockets. Nothing has worked. How do I use a TCP connection in nginx?

I’m no longer proxying MQTT into Home Assistant as I no longer need that capability. At the time, I had hand-built an nginx configuration to do this. I used the nginx documention on the stream proxy module to implement this.

These days, I’m just using the swag docker container which does the Let’s Encrypt certificate stuff and has configuration for a whole bunch of applications (including HTTP proxy for Home Assistant) available. It doesn’t have any pre-configured MQTT stream proxy available, but it should be relatively easy to add it based on the nginx docs.

I’m running the Home Assistant container distribution on Ubuntu, so I’m not familiar with the “supervised” version and what sort of hooks it has in the web proxy it can make available.

Thank you for your response and background information. I will go through the docs to see if I can whip up something.

Oh, I managed to find an old backup of the nginx configuration. In /etc/nginx/stream.d/ I had configuration file that looks like this:

server {
    listen *:1884 ssl;
    listen [::]:1884 ssl;

    # Ensure these lines point to your SSL certificate and key
    ssl_certificate         /etc/letsencrypt/live/;
    ssl_certificate_key     /etc/letsencrypt/live/;
    ssl_trusted_certificate /etc/letsencrypt/live/;

    include snippets/stream-ssl.conf;

    proxy_connect_timeout 10s;

    proxy_pass localhost:1883;

It ought to be pretty obvious what’s going on; most of the complexity is around getting the HTTPS/TLS certificate stuff configured. You’ll need to figure that out; but the TLS configuration is essentially the same as for an HTTP/HTTPS server and proxy vs. this stream proxy.

That file was included from inside a

   stream {
      include stream.d/*.conf;

fragment inside the main /etc/nginx.conf file.

Hope this helps a bit to get you started.

1 Like

This will save me a lot of headaches and disappointment. Thanks again for your efforts :grinning:. I am 6 months into this (day job has nothing to do with computers) and honestly cant stop tinkering enough with my setup lol.

tI have the same problem but I don’t know where these files are. can you help?

Did you manage to solve the problem?

You have to describe your problem a bit more. I wrote a guide as well to access the addon externally. You can try this. Guide to MQTT Broker Remote (outside home) Access with Ngnix Proxy Manager and Cloudflare DNS - Configuration - Home Assistant Community (

Sorry for the late reply. Been busy and been away from HA community due to “life”