I dont use Nabu Casa so I would like to know how to do it with NGINX.
I finally got this resolved. I never felt really good about turning Home Assistant into a reverse proxy inside of my LAN, so I took a pass on doing the nginx configuration on my Home Assistant device. There is also a seemingly large amount of growing pains going on in the Let’s Encrypt world, so I decided against using them for now. Here’s what I ended up doing:
First, I decided to use a regular SSL certificate from my domain host (NameCheap). It only cost $10 for a year (less if I want to pay for more years), and it’s nice that I can manage the SSL certificate alongside my other domains.
Second, since I utilize pfSense for my firewall, I went ahead and configured the HAproxy (not to be confused with Home Assistant) add on package with a the SSL certificate I bought. This allows my Home Assistant install to run unencrypted on my LAN where my other devices and speakers can access it without issues. My remote access to Home Assistant is now secured via SSL through the firewall at the edge of the network.
Not super easy to configure, but it works really well and I feel it’s a bit more secure and keeps my already very complex Home Assistant installation simpler since it no longer has to deal with certificates and dynamic DNS.
Hey guys.
I use DuckDNS and have installed NGINX SSL Proxy
Settings:
domain: redacted.duckdns.org
certfile: fullchain.pem
keyfile: privkey.pem
hsts: max-age=31536000; includeSubDomains
cloudflare: false
customize:
active: false
default: nginx_proxy_default*.conf
servers: nginx_proxy/*.conf
configuration.yaml
http:
#ssl_certificate: /ssl/fullchain.pem
#ssl_key: /ssl/privkey.pem
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
tts:
- platform: google_translate
language: 'sv'
base_url: http://192.x.x.x:8123
In router, port-forward: I forward port 9876 to 443, tcp only, on my homeassistant-machine and now its WORKS!
1 Like
Only an example. I use another port but any port works