Reverse proxy suddenly stopped working

Hi everyone,

I run Hassio in a VM on Unraid and have connected it with the outside world through a Swag reverse proxy. The home assistant app on my phone accesses my Home Assistant instance through homeassistant.mydomain.com and all was working perfectly until recently when the app said it cannot find my server.

I know that Swag is still working correctly because I can still access several other applications through there.

Here’s my HA config.yaml:

# Loads default set of integrations. Do not remove.
default_config:

# Text to speech
tts:
  - platform: google_translate

automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 192.168.1.160 # IP address of my unRAID box
    - 192.168.1.44
    - 172.30.32.1
    - 172.30.232.1
    - 172.19.0.3
    - 172.19.0.4

Here’s my Swag conf file for Home Assistant:

## Version 2021/10/11
# make sure that your dns has a cname set for homeassistant and that your homeassistant container is not using a base url

# As of homeassistant 2021.7.0, it is now required to define the network range your proxy resides in, this is done in Homeassitants configuration.yaml
# https://www.home-assistant.io/integrations/http/#trusted_proxies
# Example below uses the default dockernetwork ranges, you may need to update this if you dont use defaults.
#
# http:
#   use_x_forwarded_for: true
#   trusted_proxies:
#     - 172.16.0.0/12

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name homeassistant.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app 192.168.1.44;
        set $upstream_port 8123;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
		proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

    }
    
    location ~ ^/(api|local|media)/ {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_app 192.168.1.44;
        set $upstream_port 8123;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
		proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

Your ip didn’t get banned did it?

Banned where? Within SWAG?

HA

ip_ban_enabled Is “true”by default.
If trusted proxy is incorrectly set you can get locked out.

I’ve fixed it.

Your suggestion prompted me to check the SWAG dashboard, in which it said it couldn’t access the IP address I’d listed within the HA conf file. I then discovered that my router must have reassigned HA with a new IP address. I changed the conf file to this new IP address and voila, everything works again.

Thanks for pointing me towards the answer!