Putting an API gateway in front of HA

I am currently looking into putting an API gateway in front of HomeAssistant to deal with better authentication, ssl cert and creating rules to limiting access to the rest api (to name a few reasons) .

The API gateway I am currently testing is https://www.express-gateway.io whis is a solution built on top of nodejs.

SSL certificate and normal https requests works, but I have run into problem when it comes to using the websocket (right after the password screen).

Does anyone here have experience in using express-gateway and can give me suggestions on how to get the websocket working?

This is my current gateway.config.yml:

  port: 8080  # will be changed to 443 once everything is working
      key: /etc/letsencrypt/live/mydomain.se/privkey.pem
      cert: /etc/letsencrypt/live/mydomain.se/fullchain.pem

  port: 9876
  hostname: localhost

    host: 'mydomain.se'
    paths: '/*'

    url: ""

  - proxy
      - hass
      - proxy:
        - action:
            serviceEndpoint: hass
            ws: true

I am currently using nginx as a reverse proxy in front of home assistant, and the relevant config section to get websockets to work there is this:

location / {
    proxy_http_version 1.1;
    proxy_pass http://localhost:8123/;

    proxy_set_header   Host             $host;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_set_header   Upgrade          $http_upgrade;
    proxy_set_header   Connection       "upgrade";

Any help to get this working is very appreciated. If I can’t make any progress on this product I still have other alternatives that sounds interesting, such as Kong API gateway and TreeGateway, but I would like to give this a fair chance before I give up.

I am pretty sure that it’s possible to get it working, and it probably seems obvious when you know how to do it. Things like these usually looks much simpler in hindsight. :slight_smile: