Hello! as per title, I have my nice HASS green almost working perfectly. I have NGINX proxy manager and DUCKDNS for the HTTPS certificate when I’m outside the local network.
The problem is that the application (both android and iOS) is very slow\bad on GPS and my wifey app (on iOS) has always problem on opening the app, needing to refresh, or close and reopen to make the app use the correct URL (internal or external url). I already set up GPS on full\always, etc but still it’s not reliable. My wife get mad on this, and we don’t want unhappy wife!
With this, I have also Galaxy Watch APP that still it’s working ONLY if you configured internal or external url, it can’t switch.
So I can think to avoid the internal URL in local, and switch to External URL with https certificate also in internal wifi.
→ How can I do it?
is it just simple to unistall NGINX? now https is not working, if i’m connected with WIFI, I did 1 year ago the installation of https, SSL certificate and trusted proxies etc, to enable local access into HASS with wifi, and I don’t know how to revert back, without loosing everything.
The objective is to have only https external URL access, both in wifi and external internet. At the end I don’t care if it can be faster in lan than external, it’s just switching on lights, open outside door and some automations with notification
the problem is this. I can’t use External url when I’m connected to WIFI=local network. It’s about reverse proxy or similar that I set up in the past with NGINX, to avouid going into internet to switch ON a light in my home. At the end, this mechanism is creaing more side effects that oher, because the switch between ext and int is not working well
Are you using this Nginx Proxy Manager? If so there’s no reason why the external URL won’t work on the local network at all - assuming you have set it up correctly.
If reverse NAT – I think thats what its called – is not working or blocked you may not be able to connect into router from internal LAN. This will cause this issue. I forgot to mention this.
No. It tells HA to expect requests to come from an unexpected source – nginx or other proxy – so that it does not think someone is hijacking your traffic
Therefore in a reverse proxy scenario, this option should be set with extreme care. If the immediate upstream proxy is not in the list, the request will be rejected. If any other intermediate proxy is not in the list, the first untrusted proxy will be considered the client.
You also should set use_x_forwarded_fort so HA can know the IP of the connecting device
This may not be a concern now. I just tell you for understanding of the purpose. Need to determine what is happening to internal >> external.
Really you can look at logs from HA or nginx and see exactly what is happening with request but this can be difficult and unfortunately I dont know your setup well enough to instruct how to retreive them. This would be clearest method to determine issue before just guessing. Guessing is easier if you cannot determine how to check in logs. If you have logs I can help determine their meaning.
So, If I install this Proxy Manger, that is different than the add-on that I have instlaled right now, I can have both internal URL and External URL working together?
this will solve all my issue with maybe no big modification.
The objective should be “enable the external url https to work also in local lan” actually it’s not, and I think it’s becuase this proxy manager.
do you have some guide to advice? or some steps? many thanks
yes I checked and seems too easy to be true! in your opinion, is this something that can works for my situation? checking that short gif\guide, seems that I can force the SSL and redirect the domain url to the internal ip.
in your opinion, I should just remove the previous add-on of NGINX, and install this one? DUCKDNS I think must remain because it’s about domain and exposure in internet