Remote access using duckdns not working

Configuration
1

Hello,

I am trying to remotely access my HA. This was working for sometime and then suddenly it stopped, i have no idea why. I am on the very latest version of HA. I have set up a subdomain on duckdns.

I then have added this to the config of duckdns addon:

lets_encrypt:
  accept_terms: true
  certfile: fullchain.pem
  keyfile: privkey.pem
token: 60cf4d18-xxxx-xxxx-xxxx-3dca35d5571f
domains:
  - mydomain.duckdns.org
aliases: []
seconds: 300

In my config.yaml i have added this:

default_config:

  external_url: https://mydomain.duckdns.org:8123
  internal_url: http://192.168.1.2:8123

automation: !include automations.yaml
switch: !include switches.yaml
group: !include groups.yaml
script: !include scripts.yaml
scene: !include scenes.yaml

frontend:
  themes: !include themes.yaml

http:
  base_url: mydomain.duckdns.org:8123
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

I want to use port 8123 to access from distance too because 443 is used by something else. On my router i have opened external 8123 to internal 8123.

However i just get connection errors… Do i need to install LetsEncrypt?

I have no idea why it does not work. Any help appreciated

2

You already did when you included this:

lets_encrypt:
  accept_terms: true
3

internal and external url need to be in the homeassistant: section not in the default_config: section, like this:

homeassistant:
  internal_url: http://192.168.1.2:8123
  external_url: https://mydomain.duckdns.org:8123

And also remove base_url from the http: section, this has been deprecated.

Did you not get any errors in your logs??

4

I will try this, but i do not get any errors bizarrely

5

I have tried this and if i go to http://192.168.1.2:8123/

it will not connect

6

As far as I know you can only access it locally with https once you setup letsencrypt and duckdns, unless you are using a reverse proxy. (which I do and also why I have the http address for the internal URL)

Try: https://192.168.1.2:8123

1 Like
7

I had also previously installed LetEncypt, is there some sort of certificate error? I admit i have no idea how this works…

1 Like
8

Let’s encrypt generates a certificate for your domain, not for your local IP. Therefore when you try to access HA through the local IP with https you get a certificate error, that needs to be ignored, because there is no certificate for the local IP.
In my opinion, it’s best to use a reverse proxy such as NGINX or Traefik. Then you can continue using http locally and avoid the unnecessary SSL overhead, but still keep SSL for remote access.

9

OK, so if i understand correctly because i added this to the config.yaml:

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

It means that i will get a certificate error (which i can ignore)

I tried using the mobile app and i cannot access at all, it refuses the connection even using the https address.

As for my original problem i still cannpt access anything so i assume its my router blocking something

10

When you go to the duckdns setup website does it correctly report your router’s public IP address?

11

yes it does.

12

This what i have on mine and It’s been working since January 2020.

  1. Port Forward: 8123 - 8123 to HA-IP.

  2. Installed: NGINX Home Assistant SSL Proxy" and the configuration below:
    domain: yourddns.duckdns.org
    certfile: fullchain.pem
    keyfile: privkey.pem
    hsts: max-age=31536000; includeSubDomains
    cloudflare: false
    customize:
    active: false
    default: nginx_proxy_default*.conf
    servers: nginx_proxy/*.conf

======================================================
3. configuration.yaml

http:
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem

4:
In my Configuration Settings Tab:
Configuration -> General Configuration
External URL: https://youddns.duckdns.org
Internal URL: https:yourhaip:8123

You should already know but to make sure do a quick HA restart. As well as your router.
Hope this help

13

Hi! I’ve the same issue. I’ve configured duckdns, forward port 8123 ->8123. All was working fine until I’ve installed Wire Guard. Since I’ve created another port to Wire Guard, I’ve deleted the port for 8123 so I can use Wire Guard VPN instead. While connected to the VPN, outside the home network I can access my HA local IP, but I can’t access through the application nor the duckdns address. Did you manage to solve it?