SmartThings Integration behind network reverse proxy

rrosson · February 24, 2019, 4:55pm

I was unable to find anything concrete with my type of network config. I have HA installed on a Pi 3B+ and all communication via 8123 is reverse proxied by my NGINX reverse proxy server. The reverse proxy server is handling the LetsEncrypt certificate and the communication between reverse proxy is not secured by a certificate.

Here is the error I get when I try to submit my token for SmartThings Integration:

2019-02-24 09:53:46 ERROR (MainThread) [frontend.js.es5.201902200] https://hassio.oneinsane.com:8123/frontend_es5/65f582fcebdc3a5cd0ae.chunk.js:64:15146 Uncaught TypeError: Cannot convert undefined or null to object

Below is a snippet from configuration.yaml:

    # Uncomment this if you are using SSL/TLS, running in Docker container, etc.
 http:
   server_port: 8123
   base_url: https://<external fqdn for HA>
   use_x_forwarded_for: true
   trusted_proxies: <ip of my reverse proxy>

Below is the configuration on the reverse proxy:
server {
listen :8123 ssl;
server_name ;
set $upstream :8123;
add_header Strict-Transport-Security “max-age=31536000; includeSubdomains”;

    ssl on;
    ssl_certificate <path to my cert>/fullchain.pem;
    ssl_certificate_key <path to my cert_key>/key.pem;
    ssl_protocols TLSv1.2;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_prefer_server_ciphers on;
    ssl_ecdh_curve secp384r1;
    ssl_session_timeout  10m;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;

    location / {
	proxy_pass_header Authorization;
        proxy_pass http://$upstream;
        proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Connection "upgrade";
        proxy_set_header Upgrade $http_upgrade;
        proxy_buffering off;
    }
    location /api/websocket {
        proxy_pass http://$upstream/api/websocket;
        proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_buffering off;
    }
}

Vin · February 26, 2019, 5:44pm

Got mine working…

Router - forward public 443 to local 443

I’m running let’s encrypt and no-ip combo.

http:
base_url: https://home.example.com

nginx addon

I only changed domain.

{
“domain”: “home.example.com”,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”,
“hsts”: “max-age=31536000; includeSubDomains”,
“customize”: {
“active”: false,
“default”: “nginx_proxy_default*.conf”,
“servers”: “nginx_proxy/*.conf”
}
}

Diamondius · May 5, 2021, 7:24pm

Is there any way for somebody who is using core and does not have addons to do this?