I am using this to remote access my NAS. I would like to be able to access it via SMB at nas.example.com:445. I would also like to access all the other ports. I cannot do this, as it throws an error about the hostname being incorrect:
First of all thanks Tobias, the idea is great, but the addon doesn’t work for me. After spending countless hours trying to fix this, I finally posted my question here. I followed the guides that are on the net, but also this forum, I had already registered my own domain that I use for a website and then I successfully transferred it to Cloudflare, after verifying that everything worked fine, I installed and configured the addon on my HA with this configuration:
I also stopped my old DuckDNS addon from restarting on restarts, but when HA restarts the log is filled with:
2023-08-19 20:21:58.119 ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
File “/usr/local/lib/python3.11/site-packages/aiohttp/web_protocol.py”, line 332, in data_received
messages, upgraded, tail = self._request_parser.feed_data(data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “aiohttp/_http_parser.pyx”, line 557, in aiohttp._http_parser.HttpParser.feed_data
aiohttp.http_exceptions.BadStatusLine: 400, message:
Bad status line “Invalid method encountered:\n\n b’\x16\x03\x01\x02’\n ^”
2023-08-19 20:21:59.970 ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
File “/usr/local/lib/python3.11/site-packages/aiohttp/web_protocol.py”, line 332, in data_received
messages, upgraded, tail = self._request_parser.feed_data(data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “aiohttp/_http_parser.pyx”, line 557, in aiohttp._http_parser.HttpParser.feed_data
aiohttp.http_exceptions.BadStatusLine: 400, message:
Bad status line “Invalid method encountered:\n\n b’\x16\x03\x01’\n ^”
If on Chrome I type ha.mydomain.xx on the browser I get “Bad gateway Error code 502” and in the addon log I find:
2023-08-19T18:18:14Z ERR error=“Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: tls: first record does not look like a TLS handshake” cfRay=XXXXXXXXXXXXXXX-MXP event=1 ingressRule=0 originService=https://homeassistant:8123
2023-08-19T18:18:14Z ERR Request failed error=“Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: tls: first record does not look like a TLS handshake” connIndex=0 dest=https://ha.mydomain.xx/ event=0 ip=198.41.200.13 type=http
All software versions are updated to the latest release available, my HA has been under Docker/Debian for many years now.
I saw that the addon refers to the address httpS://homeassistant:8123, not reachable from my lan, while instead it is reachable as http://myHAServerName:8123, but I don’t know if it’s important and anyway I don’t know how to change it .
I would really appreciate some help, by now I’ve tried everything, but I don’t want to give up on greater security.
I went back to my problem, maybe I had seen the name of the wrong home assistant server right trying to contact the addon I had tried some “gateway” options available on the addon as described in its documentation but they seem to have no effect, so I deleted my local tunnel and configured the remote one from the Cloudflare dashboard, finally specifying all the names I needed. And poof… It works perfectly! Guys, if you have done too many network customizations to your Home assistant installation, it’s better to create and configure the tunnel remotely instead of local.
Hi all,
I’m new to the HA world and I’m trying to setup the Cloudflare add on. It seems that all steps are working, however when I’m try to access my domain, I get a “Bad gateway (502)” error and the following messages on the add-on log:
-----------------------------------------------------------
Add-on: Cloudflared
Use a Cloudflare Tunnel to remotely connect to Home Assistant without opening any ports
-----------------------------------------------------------
Add-on version: 4.2.4
You are running the latest version of this add-on.
System: Home Assistant OS 10.5 (amd64 / qemux86-64)
Home Assistant Core: 2023.8.4
Home Assistant Supervisor: 2023.08.1
-----------------------------------------------------------
Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[10:57:53] INFO: Using Cloudflare Remote Management Tunnel
[10:57:53] INFO: All add-on configuration options except tunnel_token will be ignored.
[10:57:53] INFO: Connecting Cloudflare Tunnel...
2023-08-29T14:57:53Z INF Starting tunnel tunnelID=f913d407-8d05-4387-a329-04d6c19277d2
2023-08-29T14:57:53Z INF Version 2023.8.0
2023-08-29T14:57:53Z INF GOOS: linux, GOVersion: go1.20.6, GoArch: amd64
2023-08-29T14:57:53Z INF Settings: map[loglevel:info metrics:0.0.0.0:36500 no-autoupdate:true token:*****]
2023-08-29T14:57:53Z INF Generated Connector ID: <removed>
2023-08-29T14:57:53Z INF Initial protocol quic
2023-08-29T14:57:53Z INF ICMP proxy will use 172.30.33.6 as source for IPv4
2023-08-29T14:57:53Z INF ICMP proxy will use :: as source for IPv6
2023-08-29T14:57:53Z INF Starting metrics server on [::]:36500/metrics
2023-08-29T14:57:53Z WRN Your version 2023.8.0 is outdated. We recommend upgrading it to 2023.8.1
2023-08-29T14:57:54Z INF Registered tunnel connection connIndex=0 connection=c5903f54-7d40-47e7-b506-ea24b25fd4d8 event=0 ip=198.41.200.193 location=ORD protocol=quic
2023-08-29T14:57:54Z INF Registered tunnel connection connIndex=1 connection=296e9deb-db2b-40ae-b56c-8e566e11ca38 event=0 ip=198.41.192.57 location=yul01 protocol=quic
2023-08-29T14:57:55Z INF Registered tunnel connection connIndex=2 connection=5a37df0d-96f0-4572-8392-8adb63710935 event=0 ip=198.41.192.227 location=yul01 protocol=quic
2023-08-29T14:57:56Z INF Updated to new configuration config="{\"ingress\":[{\"hostname\":\"ha.regert.ovh\",\"originRequest\":{},\"service\":\"http://homeassistant:8183\"},{\"service\":\"http_status:404\"}],\"warp-routing\":{\"enabled\":false}}" version=2
2023-08-29T14:57:56Z INF Registered tunnel connection connIndex=3 connection=be40eab5-9e55-4fc1-a834-cb5268aefe47 event=0 ip=198.41.200.13 location=ord06 protocol=quic
2023-08-29T14:58:07Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8183: connect: connection refused" cfRay=7fe5a67e68c636c0-YYZ event=1 ingressRule=0 originService=http://homeassistant:8183
2023-08-29T14:58:07Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8183: connect: connection refused" connIndex=0 dest=https://removed.ovh/ event=0 ip=198.41.200.193 type=http
2023-08-29T14:58:08Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8183: connect: connection refused" cfRay=7fe5a680bbf136c0-YYZ event=1 ingressRule=0 originService=http://homeassistant:8183
2023-08-29T14:58:08Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8183: connect: connection refused" connIndex=2 dest=https://removed.ovh/favicon.ico event=0 ip=198.41.192.227 type=http
Cloudflare is showing my tunnel as healthy.
The DNS Records on Cloudflare are also showing the correct information (proxied).
I’ve tried access using http and https.
I did add the proxy configuration in the configuration.yaml:
2023-08-29T14:57:56Z INF Updated to new configuration config="{\"ingress\":[{\"hostname\":\"ha.regert.ovh\",\"originRequest\":{},\"service\":\"http://homeassistant:8183\"},{\"service\":\"http_status:404\"}],\"warp-routing\":{\"enabled\":false}}" version=2
Your log indicates that you set up your tunnel with the Cloudflare Dashboard, which is fine.
The log line above shows homeassistant:8183 as proxy URL. If you haven’t changed the HA default port, there’s a typo in the port part. The default port is 8123.
Hope this helps.
I have a question regarding WAN backup and Cloudflared: In a setup where I have a second failover WAN connection (via LTE), what happens when my main WAN connection drops? The router switches over to the second WAN automatically. But what happens to the Cloudflare tunnel? Will it re-establish the tunnel over the new WAN connection? Any information from people who are using failover internet connections and have experience with the Cloudflared add-on in these cases would be highly appreciated! Thank you!
This is probably a very silly question… I use this addon and it has always worked very well, however, I’m trying to setup the Asterisk addon which requires ssl certs to be in the ssl directory. This addon doesn’t seem to put them there, where does it put them?
When i try https://router.myhome.xx, my browser shows 192.168.8.1 instead of going to the offsite router. This happens on my local wifi or on 3G.
Could anybody help please?
Does anyone have any ideas at all on the ssl certificate location? I could open an issue, but it’s not really one… I just don’t have a clue where to look for the answer.
Anyone having problems with cloudflare?
My addon stopped working and when entering the website several errors appear on the page.
Addon log:
-----------------------------------------------------------
Add-on: Cloudflared
Use a Cloudflare Tunnel to remotely connect to Home Assistant without opening any ports
-----------------------------------------------------------
Add-on version: 4.2.9
You are running the latest version of this add-on.
System: Home Assistant OS 11.0 (amd64 / qemux86-64)
Home Assistant Core: 2023.10.3
Home Assistant Supervisor: 2023.10.1
-----------------------------------------------------------
Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[12:49:32] INFO: Checking add-on config...
[12:49:32] INFO: Checking for existing certificate...
[12:49:32] INFO: Existing certificate found
[12:49:32] INFO: Checking for existing tunnel...
[12:49:32] INFO: Existing tunnel with ID c1c6add6-c0b4-4a8c-8882-aedb12f16a56 found
[12:49:32] INFO: Checking if existing tunnel matches name given in config
2023-11-02T15:49:44Z WRN Your version 2023.8.2 is outdated. We recommend upgrading it to 2023.10.0
Failed to list tunnels: code: 10000, reason: Internal authentication error: internal server error
[12:49:44] ERROR: Existing Cloudflare Tunnel name does not match add-on config.
[12:49:44] ERROR: ---------------------------------------
[12:49:44] ERROR: Add-on Configuration tunnel name: HomeAssistant
[12:49:44] ERROR: Tunnel credentials file tunnel name:
[12:49:44] ERROR: ---------------------------------------
[12:49:44] ERROR: Align add-on configuration to match existing tunnel credential file
[12:49:44] ERROR: or re-install the add-on.
s6-rc: warning: unable to start service init-cloudflared-config: command exited 1
/run/s6/basedir/scripts/rc.init: warning: s6-rc failed to properly bring all the services up! Check your logs (in /run/uncaught-logs/current if you have in-container logging) for more information.
/run/s6/basedir/scripts/rc.init: fatal: stopping the container.
Thanks for making this add on its great and very straight foreword to use.
I just started getting this error and now my tunnel wont connect anymore. I do have the post-quantum config turned off
===================================================================================
You are hitting an error while using the experimental post-quantum tunnels feature.
Please check:
https://pqtunnels.cloudflareresearch.com
for known problems.
===================================================================================
2023-11-15T00:39:07Z ERR Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=0 event=0 ip=198.41.192.77
2023-11-15T00:39:07Z INF Retrying connection in up to 2s connIndex=0 event=0 ip=198.41.192.77
2023-11-15T00:39:13Z ERR Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=0 event=0 ip=198.41.192.67
2023-11-15T00:39:13Z INF Retrying connection in up to 4s connIndex=0 event=0 ip=198.41.192.67
2023-11-15T00:39:21Z ERR Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=0 event=0 ip=198.41.192.167
2023-11-15T00:39:21Z INF Retrying connection in up to 8s connIndex=0 event=0 ip=198.41.192.167
I do also encounter the same problem as @RobbyC231 although I’m not using the post-quantum setting. When I restart the service, the connection works for a very short amount of time but than encounters the same error again.
@RobbyC231 can you please raise an issue on GitHub for this? You can also include more details about the logs and your set-up, happy to have a detailed look.
