Nginx Websocket Issues

Brett_C · March 6, 2018, 5:48pm

Hi all,

I’ve spent more time than I probably should have over the last two days fighting with Nginx and HASS. I have followed the setup guide in the HASS docs, and scoured the forums looking for a solution but to no avail. It seems that others have had my issue of “Error during WebSocket Handshake” but when I try what they’ve done to fix it, it doesn’t work… I have cleared my browser cache every time I try something new just to be safe as well.

Is there something maybe in the latest version of either HASS or Nginx that is giving me grief? Is anyone else experiencing this issue?

Worth noting that I am NOT doing anything with port 80 - it’s not being forwarded on my router, and subsequently I haven’t put the redirect code into my Nginx setup either. Could that be my problem? I left it out because I will always use https, so I didn’t think I would need it.

My current setup:

HASS 0.64.3 running on Ubuntu 16.04LTS (python3.6)

Nginx 1.10.3 on the same server

  map $http_upgrade $connection_upgrade {
              default upgrade;
              ''      close;
  }

  server {
      listen 443 ssl;
      server_name redacted.com;
      ssl_certificate /etc/letsencrypt/live/redacted.com/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/redacted.com/privkey.pem;
      ssl_dhparam /etc/nginx/ssl/dhparams.pem;
      ssl on;
      ssl_prefer_server_ciphers on;
      proxy_buffering off;

      location / {
          proxy_pass http://localhost:8123;
          proxy_set_header Host $host;

          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection $connection_upgrade;
      }

      location /api/websocket {
          proxy_pass http://localhost:8123/api/websocket;
          proxy_set_header Host $host;

          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
      }
  }

Tinkerer · March 7, 2018, 7:30am

You need to be on 1.13.3 or later for WebSocket support.

Brett_C · March 8, 2018, 1:55pm

Thanks @Tinkerer. That linked page actually mentions version 1.3.13, so I thought I was okay. I did upgrade to the latest version but to no avail.

What’s even more troubling now, is that I have completely removed Nginx from my server, and now can’t even connect using just basic port forwarding… I’m getting “failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED” in my browser console.

I feel like I’ve tried everything to resolve and just haven’t had any luck. Wanted to put it out there for ANY thoughts or suggestions on what to do with this error, keeping in mind that I’m now simply trying to use https://hass.mydomain.com/ with port forwarding on my router from 443 to 8123.

Any suggestions are welcome! I’ve probably missed the most basic thing so don’t rule anything out!

Tinkerer · March 8, 2018, 8:42pm

Can you connect to your HA server with your LAN IP and port?

Have you tested from outside your network (since your router may not support NAT reflection).

Brett_C · March 8, 2018, 9:38pm

Thanks for the reply. I am able to connect via LAN IP and port. Good thought on testing outside the network, but unfortunately that doesn’t work either.

Probably going to end up starting over with a clean Ubuntu install, but wanted to put the post out there as a last ditch effort.

firstof9 · March 8, 2018, 11:16pm

Have you tried disabling the firewall in Ubuntu?

systemctl stop firewalld

if that fixes it you can disable it from auto start on boot with
systemctl disable firewalld

Tinkerer · March 9, 2018, 7:11am

Other things to check:

You’ve given the Ubuntu system a fixed IP on your network
The port is forwarded to the IP of your system
When you connect with the LAN IP (and port) you are using https://?

Brett_C · March 9, 2018, 12:35pm

Thanks for the ideas guys. Still no luck unfortunately. I’ve backed up my config and gone ahead with a clean install. Fingers crossed for try 2!

Appreciate the input!

Angelo_Santagata · March 24, 2018, 9:13pm

Hey Brett, did u figure this out? Im hitting the same issue and totally stumped

Brett_C · March 25, 2018, 2:09pm

Unfortunately no, I had to move on to get my system back up and running. I was in the process of migrating to a Linux server from an RPi. Hope to revisit it again in the future though.