Reverse proxy to an url, not sub-domain (server.net/hass instead of hass.server.net)

etique57 · September 23, 2017, 5:52pm

Hello,

I cannot manage to set up my reverse proxy to home-assistant, following the Apache2 guide and just changing the root context to a sub context (/hass in my case).

Did any one achieve that?

Thanks!

etique57 · September 24, 2017, 9:28am

Any one?

Tinkerer · September 24, 2017, 10:16am

Did you try some Google time Here’s one possible hint, and here’s another.

etique57 · September 24, 2017, 10:45am

Actually, I’m not exactly a newcomer when it comes to reverseproxying stuff to subfolders

So i know how to do it, and actually the links you pointed me to (thanks by the way!) are merely describing the normal way.

But I think it’s just not possible as I just noticed home-assistant doesn’t have a configurable web root.

adamoutler · September 27, 2020, 6:45pm

Hi guys. I’m running an apache server as an HTTPS proxy and I figured out a few workarounds for issues encountered when configuring Apache. This configuration addresses the following issues:

External proxy to internal IP
HTTP redirect to HTTPS configuration
Wrong IP Address showed in login notifications within Home Assistant
Websockets don’t work properly
Addons don’t work

<VirtualHost *:80>
        ServerName        homeassistant.adamoutler.com #MODIFY to your host name
        ServerAdmin       [email protected] #MODIFY to your email
        RewriteEngine On
        # This will enable the Rewrite capabilities
        RewriteCond %{HTTPS} !=on
        # This checks to make sure the connection is not already HTTPS
        RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>

		#Declare server
        ServerName        homeassistant.adamoutler.com #MODIFY to your host name
        ServerAdmin       [email protected] #MODIFY to your email

        #fix detecting incorrect login IP by proxy server
        RemoteIPInternalProxy 192.168.1.1  #MODIFY to your proxy, or delete if you aren't using a firewall
        RemoteIPHeader X-Forwarded-For

        #proxy server setup
        ProxyPreserveHost On
        ProxyRequests Off
        ProxyPass /api/websocket ws://192.168.1.8:8123/api/websocket #MODIFY to your HA IP:Port
        ProxyPassReverse /api/websocket wss://192.168.1.8:8123/api/websocket #MODIFY to your HA:Port
        ProxyPass / http://192.168.1.8:8123/ #MODIFY to your HA IP:Port
        ProxyPassReverse / http://192.168.1.8:8123/ #MODIFY to your HA IP:Port

        #fix websockets for addons and apis
        RewriteEngine On
        RewriteCond %{HTTP:Upgrade} websocket [NC]
        RewriteRule ^/?(.*) "ws://192.168.1.8:8123/$1" [P,L] #MODIFY to your HA IP address


        #Set security on certan areas(some redacted)
        <Location "/">
                Satisfy any
#               Include /path/to/mySecuritySettings.conf
        </Location>
        <Location "/api">
                Satisfy any
        </Location>

        #HTTPS certs
#        Include /path/to/sites-available/ssl.conf
#        Include /path/to/options-ssl-apache.conf
#        SSLProxyEngine On
#        SSLCertificateFile /path/to/my-chain.pem
#        SSLCertificateKeyFile /path/to/my-cert.pem
</VirtualHost>
</IfModule>