Hi! check that in the url of the browser you are putting https://dominio.duckdns.org if you have SSL activated, it is what was happening to me. As the browser hides what is in front of the domain.duckdns.org I did not see that it was trying to enter http://domain.duckdns.org.
Hope this can help you
I can’t for the life of me figure this out.
Setup Nginx on my OPNsense firewall and followed the guides with using Let’s Encrypt with another ddns service. Use my browser to go to the external url (https: with valid cert showing on the browser) and can get to the login screen. Enter my credentials and get the “Unable to connect to Home Assistant”… If I enter the wrong credentials, I get a message that it was an invalid user name or password.
My config.yaml applicable sections
homeassistant:
internal_url: http://192.168.xxx.yyy:9123
external_url: https://xxx.xxxxxxx.net:9123
http:
server_port: 9123
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
- 192.168.xxx.0/24 # network range of nginx proxy server location
Would love to figure this out. Thanks
Well, now I feel dumb. Looked through a few other threads here and someone mentioned that if the proxy server did not support web sockets, there would be an issue.
So, if anyone uses OPNsense and wants to run NGINX on the firewall, you have to make sure this box for WebSocket Support is checked in the advanced options of NGINX–> Configuration → HTTP(s) → Location for your HomeAssistant instance.
Once I did that, it worked great.
edit to include link to other thread that helped me.
Shall i leave 443 for host in ngix supervisor settings if i use a non standard external port?
@JorgeMoreira Does it work if you remove home assistant ip? I’m asking because in the documentation is not reported to config like that.
@thewolf56 i can reach internal url with https://192.168.xx.xx
While with http:// won’t open.
I know that it is the opposite way it should work.
At the end of the day I will test and comment. At the time I saw this configuration on the net and adapted it to my case. It probably won’t be necessary, but soon I’ll test and comment.
@raidnet-ms I am definitely not an expert in anything tech-related, but try to share what I have learned along the way. Are you using OPNsense to run NGINX? If so, I can link a couple of tutorials that helped me, along with the applicable code from my configuration.yaml. I had issues before when I tried to run nginx inside my Home Assistant as an add-on. Now, I’m experimenting with FreePBX, so decided to revisit nginx as I would need certs for each VM. Started with a new Home Assistant VM while I left my other one VPN access only and tried to get NGINX working on a clean install and this is what worked.
I’m trying to keep as easy as possible so I’m using hassio official ngix addon.
Today I noticed another incomprensible behivior: from desktop pc i was able to access esphome supervisor while from the mobile i got ssl forbidden access .
Small update: my router settings were all good, but it seems my ISP did something with their modem and disabled all my port forwarding…
Problem fixed
/mental breakdown off
Friends thanks, put this code in configuration.yaml and solved.
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
ip_ban_enabled: true
login_attempts_threshold: 5
I have no idea how, I should study more, it seems, although I humbly believe that HA got a little more complicated.
Greetings
Sorry for my delay.
Works very well without my home assistant ip
A Hug,
Oh good to know so I should watch somewhere else.
How did you configure internal and external url?
Like this?
homeassistant:
internal_url: http://192.168.xxx.yyy:8123
external_url: https://xxx.xxxxxxx.net:xxxx
In particular I’m curious if you use http or https for internal url.
If I use http I can’t reach some supervisors like esphome or file editor.
While if I use https I can’t reach hassos.
To access locally:
http://192.168.XX.XX:8123
To access externally: https://mydomain.duckdns.org
Oh thank you for your answer.
So you are not specifing any port for external access?
That’s right, I don’t assign a port from the outside. I use Nginx proxy
Like many, after upgrading external access ceased with “Unable to connect to Home Assistant Retry”. Installed nginix, modified default nginix configuration by adding my Duck DNS domain (added what is listed in “domain” column of duckdns.org only–did not follow with “.duckdns.org”) and then replaced http: section of configutation.yaml with the following–
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
ip_ban_enabled: true
login_attempts_threshold: 5
Nothing else is now listed in the http: section of my configuation.yaml. Have not changed anything (e.g., port forwarding) on the firewall. However, am still getting “Unable to connect to Home Assistant Retry”.
Have only made the changes listed above. Have I missed anything?
Thank you for your assistance.
How is fowarded your port on the router? You should forward 443>443->hassos ip
Thank you for the update. I do indeed forward 443>443>The Internal HA IP…
For testing purposes, I also temporarily forwarded all traffic >443>Home Assistant host IP.
Same result…