Dear all,
I have configured home assistant and nginx and they work… most of the times.
The both of them start with an init.d file.
I’m running a Raspbian over a raspberry pi 3, set up a https connections using SSL certificates issued by letsencrypt.
Everything works fine. I can connect from the internet.
But, sometimes, it does not work. After the system boot, what I see is:
- I can enter the dashboard if I connect to http://192.168.1.6:8123 from inside my network
- I can reach the login page from https://mywebsite:7443, but I cannot login. The login attempt takes some time and the file with the error: “Unable to connect”.
Using the tools provided with the browser, I see that all the network request to websocket, started after I press the “login” button, fails with 502 - bad gateway.
If I CTRL+F5 to force refresh the page, I see again the login page.
When this occurs, I can fix the error just restarting nginx. Then everything is back to normal.
Just to be clear: it happens from time to time. Most of the time, everything work.
I suspect some dependency in the start of ha and nginx.
Unfortunately, even if I try manually to start ha BEFORE (or AFTER) nginx, I am not able to replicate the error.
This is my nginx conf:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
# Update this line to be your domain
server_name mywebsite;
# These shouldn't need to be changed
listen [::]:80 default_server ipv6only=off;
return 301 https://$host$request_uri;
}
server {
# Update this line to be your domain
server_name mywebsite;
# Ensure these lines point to your SSL certificate and key
ssl_certificate /etc/letsencrypt/live/mywebsite/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mywebsite/privkey.pem;
# Use these lines instead if you created a self-signed certificate
# ssl_certificate /etc/nginx/ssl/cert.pem;
# ssl_certificate_key /etc/nginx/ssl/key.pem;
# Ensure this line points to your dhparams file
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
# These shouldn't need to be changed
listen [::]:7443 default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
proxy_buffering off;
location / {
proxy_pass http://localhost:8123;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
I can’t find any help online. Can you give me some hint?