I had a full working HADashboard, then I installed SSL certificates to access from ouside to my Home Assistant instance and HADashboard stopped working.
I can connect to HA instance in these ways
I can’t access (as I want) via http anymore from outside nor inside my LAN.
To login I can use both user and password or legacy password
This is my HA configuration.yaml
homeassistant:
# Name of the location where Home Assistant is running
name: Home
# Location required to calculate the time the sun rises and sets
latitude: ****
longitude: *****
# Impacts weather/sunrise data (altitude above sea level in meters)
elevation: 19
# metric for Metric, imperial for Imperial
unit_system: metric
# Pick yours from here: http://en.wikipedia.org/wiki/List_of_tz_database_time_zones
time_zone: UTC
# Customization file
customize: !include customize.yaml
http:
api_password: !secret api_pwd
ssl_certificate: /home/homeassistant/.homeassistant/certs/fullchain.pem
ssl_key: /home/homeassistant/.homeassistant/certs/privkey.pem
# Show links to resources in log and frontend
# introduction:
# Enables the frontend
frontend:
# Enables configuration UI
config:
# Uncomment this if you are using SSL/TLS, running in Docker container, etc.
# http:
# base_url: example.duckdns.org:8123
# Checks for available updates
# Note: This component will send some information about your system to
# the developers to assist with development of Home Assistant.
# For more information, please see:
# https://home-assistant.io/blog/2016/10/25/explaining-the-updater/
updater:
# Optional, allows Home Assistant developers to focus on popular components.
# include_used_components: true
# Discover some devices automatically
discovery:
device_tracker:
- platform: owntracks_http
# Allows you to issue voice commands from the frontend in enabled browsers
conversation:
# Enables support for tracking state changes over time
history:
# View all events in a logbook
logbook:
# Enables a map showing the location of tracked devices
map:
google_assistant:
project_id: home-assistant-*****
api_key: !secret google_apikey
exposed_domains:
- switch
- light
- group
# Configure Mosquitto MQTT broker
mqtt:
broker: 192.168.0.11
Yes, appdaemon is running
After a reboot this is the appdaemon.og
2018-11-06 11:02:16.629611 INFO SIGTERM Recieved
2018-11-06 11:02:17.969127 INFO AppDaemon: HASS: Disconnecting from Home Assistant
2018-11-06 11:02:17.971191 INFO AppDeamon Exited
2018-11-06 11:02:44.645354 INFO AppDaemon Version 3.0.1 starting
2018-11-06 11:02:44.649026 INFO Configuration read from: /home/homeassistant/appdaemon/appdaemon.yaml
2018-11-06 11:02:44.654357 INFO AppDaemon: Starting Apps
2018-11-06 11:02:44.656142 WARNING config_dir: /home exists, but is not writeable, owner: root
2018-11-06 11:02:44.664550 INFO AppDaemon: Loading Plugin HASS using class HassPlugin from module hassplugin
2018-11-06 11:02:44.759687 INFO AppDaemon: HASS: HASS Plugin Initializing
2018-11-06 11:02:44.760908 INFO AppDaemon: HASS: HASS Plugin initialization complete
2018-11-06 11:02:44.761957 INFO Starting Dashboards
2018-11-06 11:02:44.789687 INFO API is disabled
2018-11-06 11:02:44.792143 WARNING AppDaemon: HASS: Disconnected from Home Assistant, retrying in 5 seconds
2018-11-06 11:02:49.795393 WARNING AppDaemon: HASS: Disconnected from Home Assistant, retrying in 5 seconds
2018-11-06 11:02:54.799110 WARNING AppDaemon: HASS: Disconnected from Home Assistant, retrying in 5 seconds
2018-11-06 11:02:59.802471 WARNING AppDaemon: HASS: Disconnected from Home Assistant, retrying in 5 seconds
2018-11-06 11:03:11.841819 WARNING AppDaemon: HASS: Disconnected from Home Assistant, retrying in 5 seconds
and this is the output of command sudo systemctl status [email protected]
pi@hassbian:/etc/init.d $ sudo systemctl status [email protected]
● [email protected] - AppDaemon
Loaded: loaded (/etc/systemd/system/[email protected]; enabled; vendor preset: enabled)
Active: active (running) since Tue 2018-11-06 11:02:40 CET; 7min ago
Main PID: 524 (appdaemon)
CGroup: /system.slice/system-appdaemon.slice/[email protected]
└─524 /srv/appdaemon/bin/python3.5 /srv/appdaemon/bin/appdaemon -c /home/homeassistant/appdaemon/
Nov 06 11:02:40 hassbian systemd[1]: Started AppDaemon.
first of all you have AD 3.0.1 running which doesnt work with token
token is introduced in AD 3.0.2
secondly you need to chose 1 or the other token or ha_key (in your case ha_key which is the api_password from HA)
you did set ssl in HA so you need to add it to the plugin setup also.
thats why dashboard cant connect to HA
if you want to be able to access HA with http (as you state you want) you need to use a proxyserver like nginx.
its also way better to do so, because when you keep ssl inside HA and you connect HA and AD with your outside url, all your data needs to go on the internet and back. and when internet is down you dont have access to your dashboards.
so my advice:
delete SSL inside HA
install a proxyserver (like nginx) and set ssl in there
connect AD to your HA the way you were used to.
Initially I didn’t use “token” and HADashboard dind’t connect, so I tried to use tokens, but no success.
No, “I don’t want” to use http inside my LAN, I only thougth it was necessary to use SSL once you install certificates.
I don’t use nginx, but I use this trick to use always https://my.publicdomain.net inside and outside my LAN
I have a dnsmasq running on a local host who services DHCP and DNS inside my LAN
My DNS redirects all the calls to https:\my.publicdomain.net to https:\hassbian.,local.mak
For the issue of the port 8123 instead of 443, I use iptables on my A host to redirect all thecalls to port 443 to port 8123
Ok, can you show me how to do it? It’s just something to add in appdaemon.yaml or I have to install something else?
At the moment I should prefer not to install nginx…but if it is a “must” I will do.
it isnt a must, but its highly adviced, because thats the only way to use things without ssl locally.
browsers often have trouble connecting to other websites with ssl (you use dashboard which is a wesite, and in the dashboard you connect to HA which is a different website) so esspecially with things like camera i often see people getting into trouble when they use SSL inside HA.
i also advise you to upgrade to appdaemon 3.0.2
that way you can use the token and delete apipassword from HA (if you dont use it for something else) and ha_key from appdaemon.yaml
but i advise to do that AFTER you got it working with SSL.