After some time surfing to find the solution I decided to post because i can’t see it clear…
I have been using without problems the app in my phone by the external url: https://domain.duckdns.org and when at home with the internal url: http://raspberryip:8123 without any problem. It seems that the new update has included new changes and the external URL with this config doesn’t work anymore.
I haven’t use before the part HTTP in the configuration.yaml avec the trusted proxies and all that stuff…
Is this the way to get the external URL to work again?
how do i procceed to set it up properly?
But it doesn’t work…
To connect from home I use Pc, phone (by the app) or tablet (by the app) with the internal address without problem.
When I try to accès with the phone with 4G or external PC, it says error and show me the internal address but it propose me to change the external one.
Before the update, that addresses (http in internal and https in external) worked like a charm but now I can’t find the mistake to use again the external access.
Can you show me the example of correct config in the yaml or the Internal/external modifications?
In fact I don’t really know the address… I suppose that is the Raspi IP because I use NGINX Home Assistant SSL proxy.
A thing that I dont understant is that when i try to connect in 4G by the phone app to my home assistant… It tells me unable to connect to http://internal-ip:8123 net::ERR_CONNECTION_RESET
But it gives me the options to configuration, External URL update or wait.
This is the way I have the config.
In the configuration yaml (trusted_proxies) I’ve tried multiples options found in the net and i tried to put the address of the Raspi (because Nginx is normally installed inside) But any of this actions works.
If I switch to WIFI–>Internal connection works great but for the external I can’t solve it…
In fact I’ve tried everything and is like HA doesn’t detect any external access the reason why I don’t have a log with the Nginx IP in my opinion.
I’ve tried to reinstall Nginx Home assistant SSL proxy and also tried the way by Nginx proxy manager with Maria DB. I can’t make it works.
The duckdns domain seems to be ok, but I admit that I’m totally lost in this config and can’t see the light at the end of the tunnel…
But no luck. When I try to access from outside I receive the following message: ERR_SSL_PROTOCOL_ERROR
I tried with curl -v https://url:port and the message is:
TLSv1.3 (OUT), TLS handshake, Client hello (1):
error:1408F10B:SSL routines:ssl3_get_record:wrong version number
Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
I don’t know what else I can do, I tried reinstalling duckdns and nginx addon. I tried using Cloudflare and same error. This is so annoying, I hope we can fix this issue ASAP.
@EzeCuervo Could it be the yaml indentation causing your issue? What you listed is what NGINX docs has, but the http integration in Home Assistant has indentation. I have indentation and it works for me.
Hi @Xelloss99, thanks for your reply!
I gave up with NGINX add-on but I believe what you suggested was the real problem.
Now, I re-tried using CloudFlare. I can access HA from outside, but when I’m logged in I receive this message: Unable to connect to Home Assistant.
I noticed this at web browser console:
core.821a37cc.js:1 WebSocket connection to ‘wss://xxxx/api/websocket’ failed:
a @ core.821a37cc.js:1
My setup is:
CloudFlare domain with Flexible https and Portzilla app that routes my domain to specific port →
My firewall forwards from specific port → internal_IP:8123 and that’s it.
In my configuration.yaml I specified all CF IP address ranges:
Following the thread I’ve changed the way to connect and I think that I’m near to the solution… I’ve abandoned the Nginx home assistant SSL proxy.
I’ve set up Nginx proxy manager with Maria DB. I have a proxy running and normally the ports to the internal HA ip opened but when I try to open the domain duckdns from the phone for example I land to the main page of the router instead inside HA…
Anyway with the first trusted proxies line It seams that Nginx and Maria DB runs without problem…
Where is the problem now? Why it lands on routers page?
Internal URL: http://192.168.1.26:8123 (home assistant runs ok in WIFI)
External URL: https://domain.duckdns.org (home assistant doesn’t work in phone app and in web browser lands to the router main page )
Hi! check that in the url of the browser you are putting https://dominio.duckdns.org if you have SSL activated, it is what was happening to me. As the browser hides what is in front of the domain.duckdns.org I did not see that it was trying to enter http://domain.duckdns.org.
Hope this can help you
I finally solved it but I don’t really know how… I’ve renewed one more time the ssl certificate in Nginx proxy manager and reclosed/reopened the ports 443, 80 and 8123 and like this it works. I’m not sure that 8123 is really needed, but with this config it works properly inside and outside. I don’t use cloudflare. I only use Maria DB, Duckdns and Nginx proxy manager.
I’ve also added ::1 to the list of trusted_proxies.
I have this same issue.
The add on documentation is not clear at all. I entered both the default ip and the pi IP for trusted_proxies, and none of them work and the logs do not error out at all.
Also, do we still need port forwarding? The addon set up on github does not mention that at all.
Thanks!!
log below, same regardless of the ip I put for trusted_proxies
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[22:18:38] INFO: Running nginx...
Configure port forwarding 443 port of your pi, to 443 external port
* And the most important step, not mentioned anywhere… you need to install the MariaDB add-on and make sure it runs fine, before starting MariaDB, make sure you change de null password value. Please ignore this bullet. Thanks. - Petro