Reverse proxy NGINX .... Unable to connect to Home Assistant

Configuration
1

Using home-assistant v.0.78.3
I follow this docs below, but cannot connect to home-assistant


It’s working fine if setup home-assistant port to 443 and without nginx but using port forwarding on the router.

nginx error.log

2018/09/27 19:03:40 [error] 11989#0: *28 upstream prematurely closed connection while reading response header from upstream, client: 207.123.57.123, server: EXAMPLE.duckdns.org, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8123/", host: "EXAMPLE.duckdns.org"
2018/09/27 19:03:42 [error] 11989#0: *32 upstream prematurely closed connection while reading response header from upstream, client: xxx.123.57.123, server: EXAMPLE.duckdns.org, request: "GET /service_worker_es5.js HTTP/1.1", upstream: "http://127.0.0.1:8123/service_worker_es5.js", host: "EXAMPLE.duckdns.org", referrer: "https://EXAMPLE.duckdns.org/service_worker_es5.js"
2018/09/27 19:03:43 [error] 11989#0: *32 upstream prematurely closed connection while reading response header from upstream, client: 207.123.57.123, server: EXAMPLE.duckdns.org, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8123/", host: "EXAMPLE.duckdns.org", referrer: "https://EXAMPLE.duckdns.org/"
2018/09/27 19:03:45 [error] 11989#0: *32 upstream prematurely closed connection while reading response header from upstream, client: 207.123.57.123, server: EXAMPLE.duckdns.org, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8123/", host: "EXAMPLE.duckdns.org", referrer: "https://EXAMPLE.duckdns.org/"

home-assistant configuration.yaml

# home-assistant http frontend
http:
  # Uncomment this to add a password (recommended!)
  # server_host: 128.168.1.40
   ssl_certificate: /etc/letsencrypt/live/EXAMPLE.duckdns.org/fullchain.pem
   ssl_key: /etc/letsencrypt/live/EXAMPLE.duckdns.org/privkey.pem
#   base_url: some.random.url
   server_port: 8123
   #server_port: 443
   trusted_networks:
     - 127.0.0.1
     - 128.168.1.0/24
     - 128.168.2.0/24
#   trusted_proxies:
#     - 127.0.0.1
#     - 128.168.1.40
#   use_x_forwarded_for: true
1 Like
2

if using home-assistant ios app, error message
“502 Bad Gateway”
what could be wrong?

3

Why are you doing any SSL in HA? Let NGINX handle the SSL.

Seems like you are trying to use the reverse proxy AND your duckdns and sending your ‘upstream’ to the DUCKDNS URL?

I’m confused.

get rid of the SSL stuff inside HA, put your certs on NGINX, set your upstream in your NGINX to be the INTERNAL IP of your HA

1 Like
4

ahhh … foolish of me
it’s working now
thanks for help

5

UH. You need to remove your duckdns address and fix your config

Are you in your office right now?

6

image
image1688×773 72.8 KB

7

Sounds like a horn alarm might be fun…

8

I don’t want to wake the kids.

I have private messaged him with some valuable info that I have regarding his configuration.

1 Like
9

FYI: Your “internal IP addresses” are not internal. Those are publicly routeable IP addresses owned by someone else. Your network is all sorts of broken.