Hello, Bonjour !
Prerequisites
I just installed HA supervised on and existing VM with Debian 12.
On this Debian, i already have a reverse proxy nginx (and some services: wordpress, domoticz, a small java app)
I don’t want to buy an other device and i don’t have enough memory to create an other vm on my server. (it’s an old server i can’t add more)
I can access webUI using 192.168.1.10:8123
now i want to reach through ha . mydomain . com
I add the nginx configuration founded here:
My issue
but I have this error when i execute this command after restarting nginx:
sudo journalctl -xeu nginx.service
févr. 21 18:39:48 debian nginx[9933]: nginx: [emerg] bind() to [::]:443 failed (98: Address already in use)
févr. 21 18:39:48 debian nginx[9933]: nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
févr. 21 18:39:48 debian nginx[9933]: nginx: [emerg] still could not bind()
It seems that a docker container created by HA is using port 80 and 443:
(here nginx is not lauched cause i can’t)
~ % sudo netstat -ltnp | grep -w ':80'
~ % sudo netstat -ltnp | grep -w ':443'
~ % sudo lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
python3 8891 root 27u IPv4 175764 0t0 TCP debian:43306->172.30.32.2:http (ESTABLISHED)
python3 8891 root 31u IPv4 175765 0t0 TCP debian:43308->172.30.32.2:http (ESTABLISHED)
python3 8891 root 34u IPv4 161515 0t0 TCP debian:54886->172.30.32.2:http (ESTABLISHED)
~ % sudo lsof -i :443
~ %
I don’t really understand why HA is using port both: 8123, 80, 443.
Here all port used : (nginx is not lauched)
% sudo netstat -tlnp
Connexions Internet actives (seulement serveurs)
Proto Recv-Q Send-Q Adresse locale Adresse distante Etat PID/Program name
tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN 508/systemd-resolve
tcp 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN 628/mosquitto
tcp 0 0 0.0.0.0:4357 0.0.0.0:* LISTEN 1526/docker-proxy
tcp 0 0 172.30.32.1:65455 0.0.0.0:* LISTEN 3748/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 652/sshd: /usr/sbin
tcp 0 0 192.168.1.10:40000 0.0.0.0:* LISTEN 8891/python3
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/init
tcp 0 0 127.0.0.1:65455 0.0.0.0:* LISTEN 3748/nginx: master
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 753/mariadbd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1224/exim4
tcp 0 0 0.0.0.0:8123 0.0.0.0:* LISTEN 8891/python3
tcp6 0 0 :::5355 :::* LISTEN 508/systemd-resolve
tcp6 0 0 ::1:25 :::* LISTEN 1224/exim4
tcp6 0 0 :::4357 :::* LISTEN 1533/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 652/sshd: /usr/sbin
tcp6 0 0 :::111 :::* LISTEN 1/init
tcp6 0 0 :::8123 :::* LISTEN 8891/python3
tcp6 0 0 fe80::58c9:4eff:f:40000 :::* LISTEN 8891/python3
Here my ha.conf for nginx:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
server_name ha.mydomain.com;
listen [::]:80 default_server ipv6only=off;
return 301 https://$host$request_uri;
}
server {
server_name ha.mydomain.com;
ssl_certificate /etc/letsencrypt/live/ha.mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ha.mydomain.com/privkey.pem;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
listen [::]:443 ssl default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
ssl_protocols TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
proxy_buffering off;
location / {
proxy_pass http://127.0.0.1:8123;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
% sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
81e31e627c4c ghcr.io/hassio-addons/vscode/amd64:5.15.0 "/init" 5 hours ago Up 5 hours (healthy) addon_a0d7b954_vscode
999bb2579796 ghcr.io/esphome/esphome-hassio:2024.2.0 "/init" 6 hours ago Up 6 hours addon_5c53de3b_esphome
2de3674ed3f8 ghcr.io/home-assistant/amd64-hassio-multicast:2023.06.2 "/init" 6 hours ago Up 6 hours hassio_multicast
0a79e38f66d2 ghcr.io/home-assistant/amd64-hassio-audio:2023.12.0 "/init" 6 hours ago Up 6 hours hassio_audio
4ab032e941f7 ghcr.io/home-assistant/amd64-hassio-dns:2023.06.2 "/init" 6 hours ago Up 6 hours hassio_dns
7dbd09d83d34 ghcr.io/home-assistant/amd64-hassio-cli:2023.11.0 "/init" 6 hours ago Up 6 hours hassio_cli
121f55f4aa14 ghcr.io/home-assistant/amd64-hassio-supervisor:latest "/init" 12 hours ago Up 6 hours hassio_supervisor
d5792425ab29 ghcr.io/home-assistant/qemux86-64-homeassistant:2024.2.2 "/init" 23 hours ago Up 5 hours homeassistant
3e2fee09dbdc ghcr.io/home-assistant/amd64-hassio-observer:2023.06.0 "/usr/bin/observer" 23 hours ago Up 6 hours 0.0.0.0:4357->80/tcp, :::4357->80/tcp hassio_observer
What is hassio_observer ? I think that this is the one who don’t allow nginx to start cause it use port 80
Do you have an idea / explainations / links ?
Thanks !