Have a relatively complicated network setup and can’t seem to get HA (Supervised VM) to allow forwarded SSL requests from my NGINX Proxy Manager instance on another host.
Network setup is:
- (Untagged) Management/Private VLAN [192.168.1.x]: NGINX Proxy Manager + a bunch of other utility containers (Unifi controller, MariaDB, etc).
- (99) IoT VLAN [192.168.99.x]: Home Assistant VM + all my IoT devices.
- Gateway is 192.168.1.1, DNS is set to supplied DNS from provider.
- Firewall rules to allow all connections from HA host to private VLAN
- Firewall rules to allow all connections from private VLAN to all VLANs
- Internal and External URL in HA set to my external address (assume this is correct when using a reverse proxy)
NGINX Proxy Manager is setup and working on a Docker container spawned on 192.168.1.20. My settings for it are:
I know that it’s working, because I used to run NPM as an addon on the HA host. So if I use the manual
ssl_certificate and ssl_key in my http configuration for HA, it serves just fine. However, these certs are no longer being updated, and I want to move all my network config off HA.
I’ve tried adding the following configuration to allowing proxy forwarding, but to no avail.
http:
use_x_forwarded_for: true
trusted_proxies:
- 192.168.1.20
- 192.168.1.1
However, when restarting using this configuration, log just fills with the following:
2020-07-18 08:47:07 ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/aiohttp/web_protocol.py", line 275, in data_received
messages, upgraded, tail = self._request_parser.feed_data(data)
File "aiohttp\_http_parser.pyx", line 523, in aiohttp._http_parser.HttpParser.feed_data
aiohttp.http_exceptions.BadStatusLine: invalid HTTP method
It seems like something within HA isn’t receiving the SSL certificates from the NPM instance, but at a bit of a loss now as to where to look next to solve this problem.
TIA for any direction!