There are links to edit the document or suggest improvements at the bottom of the page.
trusted_proxies: - 172.30.33.0/24 # Add the IP address of the proxy server
Adding this in place of the trusted proxies IP magically fixed this issue for me completely, including remote access for other addons such as WireGuard.
My final configuration:
http: use_x_forwarded_for: true trusted_proxies: - 172.30.33.0/24 ip_ban_enabled: true login_attempts_threshold: 5
Hass Os - Hass i O.
Yeah it’s very confusing, i make mistakes everyday.
What about a public contest to choose more clear names?
Mmmm and did you remove
from hass os config.yaml ?
If I do remove them as suggested into docs, I can’t reach anymore the webserver.
I didn’t include it in the
http component of my
configuration.yaml. That makes Home Assistant inaccessible via http on my local network.
Woke up this morning, updated ha on my pi, WAN facing web interface got borked, googled, found this forum, pieced together my own solution, fixed.
Also, I swear, I must be the only person on earth who uses Apache as my reverse proxy. Which works fantastic btw.
Here was my error in home-assistant.log:
2021-07-13 08:37:52 ERROR (MainThread) [homeassistant.components.http.forwarded] A request from a reverse proxy was received from 192.168.1.192, but your HTTP integration is not set-up for reverse proxies
Here are the lines of code I added to configuration.yaml:
http: use_x_forwarded_for: true trusted_proxies: - 172.30.33.0/24 - 192.168.1.192 ip_ban_enabled: true login_attempts_threshold: 5
Note the “-172…” address needs to remain because this is used internally between the OS and the container. Add the IP of your proxy server as a new line directly below it.
I did nothing with the SSL key or certificate stuff.
This fixed it for me.
Thanks for your replay.
Works for me!!!
I had the same problem, and used the same solution of getting the proxy IP address from the HA log file. However I didn’t need to add the second local IP address (- 192.168.1.192).
no. no I did not. i just hit the update button like always.
thanks for pointing out my idiocy. RTFM
None of this is working for me, I’m starting to feel really dumb…
You’re not alone.
In my case I put:
http: use_x_forwarded_for: true trusted_proxies: - 172.30.33.6 #Remote LAN - 192.168.1.XX #Your Home assistant IP only ip_ban_enabled: true login_attempts_threshold: 5 And it works for me!
Finally, the answer! External access was working fine until I updated.
Struggling with this for a week or so and finally found this thread… This one is working for me after adding it to http: in the configuration.yaml:
Hi! check that in the url of the browser you are putting https://dominio.duckdns.org if you have SSL activated, it is what was happening to me. As the browser hides what is in front of the domain.duckdns.org I did not see that it was trying to enter http://domain.duckdns.org.
Hope this can help you
I can’t for the life of me figure this out.
Setup Nginx on my OPNsense firewall and followed the guides with using Let’s Encrypt with another ddns service. Use my browser to go to the external url (https: with valid cert showing on the browser) and can get to the login screen. Enter my credentials and get the “Unable to connect to Home Assistant”… If I enter the wrong credentials, I get a message that it was an invalid user name or password.
My config.yaml applicable sections
homeassistant: internal_url: http://192.168.xxx.yyy:9123 external_url: https://xxx.xxxxxxx.net:9123 http: server_port: 9123 use_x_forwarded_for: true trusted_proxies: - 172.30.33.0/24 - 192.168.xxx.0/24 # network range of nginx proxy server location
Would love to figure this out. Thanks
Well, now I feel dumb. Looked through a few other threads here and someone mentioned that if the proxy server did not support web sockets, there would be an issue.
So, if anyone uses OPNsense and wants to run NGINX on the firewall, you have to make sure this box for WebSocket Support is checked in the advanced options of NGINX–> Configuration → HTTP(s) → Location for your HomeAssistant instance.
Once I did that, it worked great.
edit to include link to other thread that helped me.
Shall i leave 443 for host in ngix supervisor settings if i use a non standard external port?
@JorgeMoreira Does it work if you remove home assistant ip? I’m asking because in the documentation is not reported to config like that.
At the end of the day I will test and comment. At the time I saw this configuration on the net and adapted it to my case. It probably won’t be necessary, but soon I’ll test and comment.