I recently updates to 0.77.x and since then I am unable to bypass any type of login requests. I don’t want that, I don’t need that. My instance is not exposed to public networks nor do I have any unknown people in my house.
So - how can I prevent unnecessary password or login requests with the new auth system? I have Home Assistant running inside a docker container (not HASS.IO) listening to 127.0.0.1 (networking bound to host network). Nginx server is acting as frontend-proxy, injecting what used to be the api_password. Yet, visitors of my HA instance are still forced to select a “user” (and I was forced to create one immediately after update).
Any hints?
For analysis purposes, here are the excerpts from my HA configuration and the complete nginx configuration:
homeassistant:
auth_providers:
- type: trusted_networks
- type: homeassistant
- type: legacy_api_password
http:
api_password: !secret http_password
trusted_networks:
- 127.0.0.1
- 192.168.0.0/24
- fd00::/8
- ::1
base_url: !secret http_base_url
server_host: 127.0.0.1
map $http_upgrade $connection_upgrade {
default upgrade;
‘’ close;
}
server {
server_name $http_base_url
listen [::]:80 default_server ipv6only=off;
proxy_buffering off;
location / {
proxy_pass http://127.0.0.1:8123;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-HA-Access "$http_password";
}
}
Cheers
m0wlheld