Hi, I’m running Home Assistant in Docker - and having trouble enabling remote access via my Traefik reverse proxy.
When visiting hass.example.com - I get a gateway timeout.
I’m successfully using Traefik with other containers on my traefik docker network - but the Home Assistant container is on the host network.
The ‘homeassistant’ HTTP rotuer and service are showing as successful in my Traefik dashboard
Very grateful for any help - thanks!
compose.yaml extract:
homeassistant:
container_name: homeassistant
image: ghcr.io/home-assistant/home-assistant:stable
restart: unless-stopped
network_mode: host
volumes:
- $DOCKERDIR/homeassistant:/config
environment:
- PUID=$PUID
- PGID=$PGID
- TZ=$TZ
app-homeassitant.yaml :
http:
routers:
homeassistant-rtr:
rule: "Host(`hass.example.com`)"
entryPoints:
- https
middlewares:
- chain-oauth
service: homeassistant-svc
tls:
certResolver: dns-cloudflare
services:
homeassistant-svc:
loadBalancer:
servers:
- url: "http://192.168.86.114:8123"
Home Assistant configuration.yaml extract:
http:
use_x_forwarded_for: true
trusted_proxies:
- 127.0.0.1
- 192.168.86.114 # Server IP
- 172.18.0.0/16 # traefik proxy subnet
MrksHfmn
January 3, 2023, 3:04pm
2
I have the same problem. I moved my home assistant container from 192.168.1.101 to 192.168.1.100 and adjusted all configuration files. Locally I can work and open everything but traefik does not forward anything from outside.
level=warning msg="Could not find network named 'proxy' for container '/homeassistant'! Maybe you're missing the project's prefix in the label? Defaulting to first available network." serviceName=homeassistant-homeassistant container=homeassistant-homeassistant-67069fc82d05dfb8b56521649a7cd13df91ce98708365441f9166a850684388b providerName=docker
level=error msg="service \"homeassistant-homeassistant\" error: port is missing" providerName=docker container=homeassistant-homeassistant-67069fc82d05dfb8b56521649a7cd13df91ce98708365441f9166a850684388b
"POST /auth/token HTTP/2.0" 499 21 "-" "-" 1 "home-assistant@file" "http://192.168.1.100:8123" 29969ms
"GET /api/websocket HTTP/1.1" 499 21 "-" "-" 2 "home-assistant@file" "http://192.168.1.100:8123" 29942ms
edit: changed traefik to network_mode: host
svalmorri
March 3, 2023, 7:48am
3
Hi, I have it up and running on my system.
Here is the docker-compose configuration I have:
#######################TRAEFIK
traefik:
hostname: traefik
image: traefik:latest
container_name: traefik
restart: always
command:
- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.le.acme.tlschallenge=true"
- "--certificatesresolvers.le.acme.email=***********@gmail.com"
- "--certificatesresolvers.le.acme.storage=/traefik/acme/acme.json"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /home/*********/traefik:/traefik
network_mode: "host"
and here is the piece about HA:
#####################HOMEASSISTANT
homeassistant:
container_name: home-assistant
restart: always
ports:
- 8123:8123
volumes:
- /home/********/home_assistant:/config
- /etc/localtime:/etc/localtime:ro
environment:
- TZ=Europe/Rome
healthcheck:
test: ["CMD", "curl", "-f", "http://192.168.100.100:8123"] #host
interval: "30s"
timeout: "10s"
retries: "10"
privileged: true
cap_add:
- NET_ADMIN
- NET_BIND_SERVICE
- SYS_ADMIN
network_mode: "host"
labels:
- "traefik.enable=true"
- "traefik.http.services.home-assistant.loadbalancer.server.port=8123"
- "traefik.http.routers.home-assistant.rule=Host(`*********.duckdns.org`)"
- "traefik.http.routers.home-assistant.entrypoints=websecure"
- "traefik.http.routers.home-assistant.tls=true"
- "traefik.http.routers.home-assistant.tls.certresolver=le"
image: homeassistant/home-assistant:latest
Hope this helps
1 Like
janbro
June 11, 2023, 9:56am
4
I am trying to utilize your example, but I keep getting the error:
svalmorri
June 12, 2023, 10:08am
5
My current docker compose configuration is exactly what I pasted. Make sure you don’t specify the ports when you set traefik network_mode to host.
Can you paste your not working config?
janbro
June 16, 2023, 6:08pm
6
HI, I was using your exact example with only slight adjustments for the volumes:
I got it working now (meaning I can reach the gui):
version: '3'
services:
homeassistant:
container_name: homeassistant
image: homeassistant/home-assistant:latest
devices:
- /dev/ttyAMA0
environment:
- TZ=Europe/Berlin
volumes:
- /docker/homeassistant/config:/config
- /etc/localtime:/etc/localtime:ro
restart: unless-stopped
privileged: true
# network_mode: host
labels:
- "traefik.enable=true"
- "traefik.http.routers.homeassistant.entrypoints=homeassistant"
- "traefik.http.routers.homeassistant.rule=Host(`ha.example.com`)"
- "traefik.http.middlewares.homeassistant-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.homeassistant.middlewares=homassistant-https-redirect"
- "traefik.http.routers.homeassistant-secure.entrypoints=https"
- "traefik.http.routers.homeassistant-secure.rule=Host(`ha.example.com`)"
- "traefik.http.routers.homeassistant-secure.tls=true"
- "traefik.http.routers.homeassistant-secure.service=homeassistant"
- "traefik.docker.network=traefik"
- "traefik.http.services.homeassistant.loadbalancer.server.port=8123"
networks:
- traefik
networks:
traefik:
external: true
pplmx
November 29, 2023, 2:03pm
7
hi, @janbro
What is the network mode of your Traefik? Host?