i also get a 400 error. Vanilla installation, cloudflare shows active tunnel and cloudflared logs show add-on starts without a hitch (recognizes cert, tunnel, etc.). how to debug when everything seems to be working but returns 400: bad request.
<Update> All working fine after I noticed in HA Logs that there were a bunch of proxy errors. rebooted HA to re-read the config file and all works fine.
1 Like
Nice idea, as I had been using opera. But switching it back to safari and rebooting it still has the same problem after HA auth.
‘ObjectMapper failed to serialize response’
Alamofire.AFError 10
It had been working lovely till a few weeks ago.
I feel like I’m missing something silly, but I haven’t been able to figure it out. I never received a URL in the logs, but it appears to connect up to the tunnel. I can see the connector ID on CloudFlare coming from my IP and the logs show INF Connections 0-3 being registered. If I try and go to my URL nothing happens. So either I’m missing something in the DNS, or maybe something in Cloudflare?
Hiya! I’m new to HA (RPi), I have a Cloudflare domain, so this looks ideal for my needs, but I can’t seem to add the repo (“Invalid Add-on repository!”). Am I doing something wrong, or is there another way to install the add-on?
Many thanks
Scrap that, did a fresh HA install and the repo is working now!
1 Like
I’ve just tried moving over from using let’s encrypt (and port forwarding) to cloudflared.
I did my best to follow the instructions, followed the link in the log and authenticated.
Now I’m getting a 400: Bad Request error.
Any thoughts on what it could be?
I tried adding the following to config listing cloudflare ips
http:
use_x_forwarded_for: true
trusted_proxies:
Still no joy.
What am I missing?
Thanks for the add-on, looking forward to using it!
During a reboot I get a cloudflare argo error page - once HA is booted I get the 400: Bad Request error so I tend to believe the add-on is working, it’s got to be a config error somewhere. I just don’t know where.
The logs look mostly good there is a note about buffer size.
[17:42:53] INFO: Connecting Cloudflared Tunnel…
2022-06-02T07:42:53Z INF Starting tunnel tunnelID=ea71211d-362e-4c3c-a38f-
2022-06-02T07:42:53Z INF Version 2022.5.1
2022-06-02T07:42:53Z INF GOOS: linux, GOVersion: go1.17.5, GoArch: amd64
2022-06-02T07:42:53Z INF Settings: map[config:/tmp/config.json cred-file:/data/tunnel.json credentials-file:/data/tunnel.json loglevel:info no-autoupdate:true origincert:/data/cert.pem]
2022-06-02T07:42:53Z INF Generated Connector ID: fc3e55f7-300d-4766-9c51-
2022-06-02T07:42:53Z INF Initial protocol quic
2022-06-02T07:42:53Z INF Starting metrics server on 127.0.0.1:42131/metrics
2022/06/02 17:42:53 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See UDP Receive Buffer Size · lucas-clemente/quic-go Wiki · GitHub for details.
2022-06-02T07:42:53Z WRN Your version 2022.5.1 is outdated. We recommend upgrading it to 2022.5.3
2022-06-02T07:42:55Z INF Connection e95bc2bb-ca95-4ecf-a9d1- registered connIndex=0 location=SYD
2022-06-02T07:42:56Z INF Connection 334d6e55-3266-49b3-8c44- registered connIndex=1 location=MEL
2022-06-02T07:42:57Z INF Connection c2a86036-1424-4495-b21e- registered connIndex=2 location=SYD
2022-06-02T07:42:58Z INF Connection 5eb9cca5-32df-4c6e- registered connIndex=3 location=MEL
You need to copy paste exactly the config from here. Adding Cloudflare IPs isn’t needed as the proxy is the add-on ip which is in address space 172.30.33.0/24.
1 Like
Thanks heaps!
Working perfectly now!
(And I won’t be showing as having port 8123 open on shodan!)
I’m trying to start the addon but receive this message at the logs. I’m going crazy trying to understand what’s happening.
Any ideas? thanks in advance
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/cloudflare.sh
curl: (7) Couldn’t connect to server
[20:54:53] ERROR: Something went wrong contacting the API
[20:54:54] FATAL: Hostname not defined
cont-init: info: /etc/cont-init.d/cloudflare.sh exited 1
cont-init: warning: some scripts exited nonzero
s6-rc: warning: unable to start service legacy-cont-init: command exited 1
/run/s6/basedir/scripts/rc.init: warning: s6-rc failed to properly bring all the services up! Check your logs (in /run/uncaught-logs/current if you have in-container logging) for more information.
/run/s6/basedir/scripts/rc.init: fatal: stopping the container.
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
What add-on do you use? The log excerpt does not look familiar. Make sure to use the right repository from the beginning of this thread.
I got it figured out last night. I didn’t have the Application and Access groups setup correctly in Cloudflare.
If your tunnel is connecting, and you see your external IP connected to the tunnel in Cloudflare, make sure to double check your other Cloudflare settings.
Also, I never had to copy a link in the log to authenticate. Not sure if that’s only with Quick Tunnels or if something has changed.
Thanks so much for your awesome Addon!
I’ve got no errors, but getting a 400 Bad Request when I enter my url. I’m still looking, but have not found anything to change.
Does it matter if I’m subscribed to Nabu Casa? I’ve never been able to get NGINX working correctly, so there has to be something else.
I currently have the following setup…
-
Router port forwarding 443 to home assistant local ip
-
Duckdns configured add to home assistant addon
-
Cloudflare dns A record point to my subdomain to public ip
-
Using nginx proxy manager force ssl into home assistant. No other service used.
Now to use tunnel to avoid ports to.be open
…
-
Disable all addon npn, duckdns, cloud flare on home assistant
-
Make sure home assistant works again in local ip address instead of duckdns or any ther host
-
Install addon follow configuration and add cname record.
Is this the right approach?
My domain dns is managed by Cloudflare
1 Like
Should i also remove these entries from the configuration yml file
http:
server_port: 8123
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
use_x_forwarded_for: true
trusted_proxies:
Yes, this is the right approach and you should also remove the http part of your configuration and only add the exact trusted_proxies entry as described in the add-on.
Let me know if there are any problems.
Looks like the repository link for add on is not working . I tried to add the following to the repository link and i get invalid repository
Copy and pasted the URL from your post and it worked for me:
Settings > Add-ons > Add-on Store > (triple dots top right) > Repositories
Got it Thanks.
I followed the following steps when migrating to tunnel approach and it worked.
- replaced the existing configuration file content for http as below
-
Deactivated and stopped all services like npm, duckdns
-
removed the port forwarding from the router.
-
Now I was able to access home assistant back in my local homeassistant:8123
-
I created the tunnel in Cloudflare account and linked the same with the addon using token. I used the basic configuration and filled in tunnel name and token.
-
Add-on log shows the connection is registered
-
CNAME is automatically created by Cloudflare when creating the tunnel
-
tunnel status shows active
1 Like