Hi
I am somewhat confused about how to go about things now with the changes to API and authentication. I would like to (as advised) moved away from the legacy api but I am having some issues with my set up. I have a Nginx reverse proxy set up with the SSL certificates set up and renewed on the proxy itself. Therefore I should be able to remove them from coonfiguration.yaml but I get the error listed below? Also - what changes do I make to phase out the http password? If I removed this the proxy also fails.
Config.yaml
homeassistant:
name: Home
auth_providers:
- type: homeassistant
- type: legacy_api_password
api_password: !secret http_passwordhttp:
base_url: xxx.org
use_x_forwarded_for: true
ssl_certificate: /home/homeassistant/.acme.sh/xxx.org/fullchain.cer
ssl_key: /home/homeassistant/.acme.sh/xxx.org/xxx.org.key
trusted_proxies:
- 127.0.0.1
- 192.168.xx.xx
NGINX:
server {
listen 443 http2;
server_name xxx.org;
ssl on;
ssl_certificate /root/.acme.sh/xxx.org/xxx.cer;
ssl_certificate_key /root/.acme.sh/xxx.org/xxx.org.key;
ssl_session_timeout 30m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_session_cache shared:SSL:10m;
ssl_dhparam /etc/nginx/ssl/xxx.org/dhparams.pem;
ssl_prefer_server_ciphers on;## Improves TTFB by using a smaller SSL buffer than the nginx default ssl_buffer_size 8k; ## Enables OCSP stapling ssl_stapling on; resolver 8.8.8.8; ssl_stapling_verify on; ## Send header to tell the browser to prefer https to http traffic add_header Strict-Transport-Security max-age=31536000; ## SSL logs ## #access_log /var/log/nginx/xxx.org/ssl_access.log; #error_log /var/log/nginx/xxx.org/ssl_error.log; #- END SSL config -## proxy_buffering off; location / { proxy_pass https://192.168.xx.xx:8123; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header Authorization "Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; }
Error:
2019-03-26 11:24:32 ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
File “/srv/homeassistant/lib/python3.6/site-packages/aiohttp/web_protocol.py”, line 275, in data_received
messages, upgraded, tail = self._request_parser.feed_data(data)
File “aiohttp/_http_parser.pyx”, line 523, in aiohttp._http_parser.HttpParser.feed_data
aiohttp.http_exceptions.BadStatusLine: invalid HTTP method
Any help much appreciated!