@finity
I believe you have to create a subdomain as the “landing page” is only for that.
Just create a subdomain for hass. for example if you use hass. your address would be https://hass.mydomain.duckdns.org.
of course with all the hacking stories going on, I suggest you dont use hass. Use anything else.
Ok, thanks.
I had already gotten that part to work but I was just wondering (in part because of the hacking stories) if it was possible to just use my duckdns domain.
I’ll definitely have to look into switching it from hass then.
Thanks for this guide, BTW. It definitely helped me in moving my setup to Docker. before when I tried it I just got so confused and flustered I just gave up.
Now I suddenly have HA, Nginx and letsencrypt running in docker! I still need to figure out the right settings for my z wave & zigbee sticks tho.
And I have Syncthing running but I can’t figure out how to set the HA config directory as the directory to be backed up.
to add your z stick you need to give permission to your docker user.
In ubuntu I use these commands
ls -ltr /dev/tty*|tail -n 1
sudo usermod -G dialout dockeruser
I pressume it’ll be the same for zigbee
for syncthing assuming you’re using container this is my compose:
syncthing:
container_name: syncthing
image: linuxserver/syncthing
restart: unless-stopped
volumes:
- /home/user/docker/syncthing:/config
- /home/user:/mnt/dir <here you put the path to the folder you want to edit>
environment:
- PGID=1004
- PUID=1000
ports:
- "8384:8384"
- "22000:22000"
- "21027:21027/udp"
on the host machine in syncthing you create a folder that points to /mnt/dir/ (per the volume)
I got the zigbee stick working with no issues.
For some reason the z wave stick is giving me issues and keeps giving me an invalid config warning and in the logs it says it can’t find the configuration files.
I’ll try to add my user to the dialout group and see if that fixes it. I won’t be able to look at that part for a couple of days tho. If I can’t figure it out I might be back then to ask more questions on that topic.
As for Syncthing, I have my HA config files in my users home directory: /home/finity/docker/hass-config.
for syncthing I have the volumes set up as:
/home/finity/docker/syncthing/config:/config
/home/finity/docker/hass-config:/hass-sync
when I open up the web interface for Syncthing I only see the default folder (which from the docs is the folder it auto creates in the config directory).
Where do I access the directory for syncing up my hass-config directory to my other machine?
you need to add a folder where hass is and point to it.
Thank you for the guide! One update: the nginx/default.conf file is now nginx/site-confs/default. That confused me for about a half hour, but I got it working.
I have Grafana and Portainer working. Has anyone been able to get HADashboard working with it? I get an Internal Server error when point a subdomain to my HADashboard Port.
that’s exactly what I can’t figure out how to do…
my HA config is located at /home/finity/docker/hass-config.
Where do I go from there?
I thought that the line above (/home/finity/docker/hass-config:/hass-sync) should have pointed to my hass-config directory and exposed a directory in the syncthing interface called hass-sync. But it didn’t so obviously I’m not getting something.
it’s still the same and they’re separate files;
the default.conf file contains default headers/settings for nginx
the nginx/site-confs/default file is the site specific file containing the respective server blocks.
on appdaemon make sure you dont ssl active
Nevermind, it is suddenly working. Maybe it just needed a fresh reboot?
I’m not sure I understand. There was not and is not a file at nginx/default.conf. So I copied and pasted your example configuration into nginx/site-confs/default and everything is working, even though I think you are saying I pasted the code into the wrong file. Anyway, it works so I’m not going to worry about it too much. 
my mistake.
it’s
letsencrypt/nginx/nginx.conf not “default.conf”
I need some help/clarification
I have docker running on a mac mini and I’ve created a container using the linuxserver/letsencrypt. I’ve forwarded port 80/443 to the IP of my mac mini. I started the container. I renamed the /nginx/site-confs/default file to default.bak and then replaced with yours changing my server_name to my.duckdns.org and then each of the subdomains as well. I changed proxy_pass to http://192.168.x.x:8123 (I didn’t know what hostip was). I didn’t change the fastcgi_pass because I have no idea what it is. My PUID is 501 and my PGID is 20.
At this point I restarted my container and tried to browse to https://hass.my.duckdns.org outside my network. I get a site cannot be reached error. I tried to browse directly to my domain https://my.duckdns.org and I got my login page but my password doesn’t work. My understanding is this page should not render with this URL. I can get to the IP http://192.168.x.x:8123 from inside my network which is expected. Before I started down this path I had the DuckDNS and PiHole components enabled in HA but I stopped both (didn’t uninstall yet).
Any ideas on how I can debug this?
Know where to buy one of them? Seems there’s a new version (https://www.hikvision.com/en/Products/Video-Intercom/Wi-Fi-Door-Bell/DS-KB6403-WIP) but I can’t find where to buy it.
EDIT: Can you store the video on a NAS via FTP?
@Jay_Heavner I recommend commenting out the 2 unused subdomains (until you actually need them because leaving them and not doing anything with those blocks like setting the hostip will cause this whole thing to fail) and the sub1, sub2 references in the docker create command (although this part I don’t think is a big deal if you leave). hostip (or Host IP) is the internal IP address if your nginx server.
@juan11perez isn’t very clear on the fastcgi_pass step. What he’s really referring you to do is change the hostip part (again your server’s internal IP address). So to be perfectly clear that line will read “fastcgi_pass 192.168.xxx.xxx:9000;”
Try those fixes and restart the container. If everything else is correct it’ll work when you go to hass.yourduckdnsaddress.duckdns.org.
@mnl1121
This is where I got mine
https://www.aliexpress.com/item/Hikvision-Wi-Fi-Video-Doorbell-DS-KB6003-WIP/32835778153.html?spm=a2g0s.9042311.0.0.45304c4dZ4ybO9
I suggest you also buy the power supply unit. The manual claims it works of the existing doorbell power supply, but it’s not the case and finding this power supply units (24VAC) it’s a bit of a pain. This seller has both.
I set it up and use motioneye. I can record in my server etc; works great and all in your network!
I also got the motion detector set up and the chime etc.
Once you get it, give me a shout and I’ll help. Although you can find in here a post I did about the chime.
@Jay_Heavner
I didnt rename or create a new /nginx/site-confs/default. I edited the default file adding the content I showed above.
your host ip is the ip of your mac mini. every server block you create that corresponds to a container in your mac will have a proxy pass that is http://the ip of your mac:port
to @mnl1121’s point do not activate a server block for a container that doesn’t exist.
A question on the “fastcgi_pass 192.168.xxx.xxx:9000;”:
This is the default port for Portainer - is it more reasonable to change which port Portainer is using - or to change “fastcgi_pass 192.168.xxx.xxx:9000;” to another port number?
its easy enough to change the external (host) port that portainer is exposed to that I changed that instead of the NGINX port.
This is awesome, I can throw as many containers on my Pi as I want and just map the port in the Nginx config.
Why did you comment out basic_auth for hass? It seems to be working as expected when enabled. One of the main reasons I wanted this proxy was to add that extra layer of security in case of exploits specific to HA.