Synology nas docker appdaemon install with ssl hass - unable to connect to hass

Tags: #<Tag:0x00007f325f5d3930> #<Tag:0x00007f325f5d37a0>

I have been struggling for 3 days trying to install appdaemon3 on synology nas with docker. I am using below to create the image:
sudo docker run --name=dash -itd -p 5050:5050 --restart=always -e HA_URL=“https://home.domain.com:8123” -e HA_KEY=“SECRET_KEY” -e DASH_URL=“https://home.domain.com:5050” --mount type=bind,source=/volume1/docker/dash/config,target=/conf --mount type=bind,source=/volume1/docker/hass/config/ssl,target=/certs -e EXTRA_CMD="-D DEBUG" acockburn/appdaemon:latest

I have enabled the debug and below is the log

cp: cannot stat ‘/usr/src/app/conf/apps.yaml.example’: No such file or directory
2018-04-06 06:37:39.563510 INFO AppDaemon Version 3.0.0 starting
2018-04-06 06:37:39.563804 INFO Configuration read from: /conf/appdaemon.yaml
2018-04-06 06:37:39.563941 DEBUG AppDaemon Section: None
2018-04-06 06:37:39.564062 DEBUG HADashboard Section: None
2018-04-06 06:37:39.564880 INFO AppDaemon: Starting Apps
2018-04-06 06:37:39.565236 DEBUG AppDaemon: Creating worker threads …
2018-04-06 06:37:39.568088 DEBUG AppDaemon: Done
2018-04-06 06:37:39.568608 DEBUG AppDaemon: Entering run()
2018-04-06 06:37:39.569041 INFO AppDaemon: Loading Plugin HASS using class HassPlugin from module hassplugin
2018-04-06 06:37:39.697350 INFO AppDaemon: HASS: HASS Plugin Initializing
2018-04-06 06:37:39.697900 INFO AppDaemon: HASS: HASS Plugin initialization complete
2018-04-06 06:37:39.698227 DEBUG AppDaemon: Starting utility loop
2018-04-06 06:37:39.698459 INFO Starting Dashboards
2018-04-06 06:37:39.706318 INFO API is disabled
2018-04-06 06:37:39.706639 DEBUG Start Loop
2018-04-06 06:37:40.083677 DEBUG AppDaemon: Event type:ha_disconnected:
2018-04-06 06:37:40.083981 DEBUG AppDaemon: {}
2018-04-06 06:37:40.084288 WARNING AppDaemon: HASS: Disconnected from Home Assistant, retrying in 5 seconds
2018-04-06 06:37:40.084426 WARNING AppDaemon: HASS: ------------------------------------------------------------
2018-04-06 06:37:40.084538 WARNING AppDaemon: HASS: Unexpected error:
2018-04-06 06:37:40.084683 WARNING AppDaemon: HASS: ------------------------------------------------------------
2018-04-06 06:37:40.169178 WARNING AppDaemon: HASS: Traceback (most recent call last):
File “/usr/local/lib/python3.6/site-packages/appdaemon/plugins/hass/hassplugin.py”, line 189, in get_updates
“{}/api/websocket”.format(url), sslopt=sslopt
File “/usr/local/lib/python3.6/site-packages/websocket/_core.py”, line 494, in create_connection
websock.connect(url, **options)
File “/usr/local/lib/python3.6/site-packages/websocket/_core.py”, line 217, in connect
options.pop(‘socket’, None))
File “/usr/local/lib/python3.6/site-packages/websocket/_http.py”, line 76, in connect
sock = _ssl_socket(sock, options.sslopt, hostname)
File “/usr/local/lib/python3.6/site-packages/websocket/_http.py”, line 191, in _ssl_socket
sock = _wrap_sni_socket(sock, sslopt, hostname, check_hostname)
File “/usr/local/lib/python3.6/site-packages/websocket/_http.py”, line 168, in _wrap_sni_socket
server_hostname=hostname,
File “/usr/local/lib/python3.6/ssl.py”, line 407, in wrap_socket
_context=self, _session=session)
File “/usr/local/lib/python3.6/ssl.py”, line 814, in init
self.do_handshake()
File “/usr/local/lib/python3.6/ssl.py”, line 1068, in do_handshake
self._sslobj.do_handshake()
File “/usr/local/lib/python3.6/ssl.py”, line 689, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)
2018-04-06 06:37:40.169467 WARNING AppDaemon: HASS: ------------------------------------------------------------
2018-04-06 06:37:45.210214 DEBUG AppDaemon: Event type:ha_disconnected:

Really appreciate any inputs. Thanks.

Here is the appdaemon.yaml:

log:
logfile: STDOUT
errorfile: STDERR
appdaemon:
threads: 10
plugins:
HASS:
type: hass
ha_url: https://home.domain.com:8123
ha_key: secret_key
#commtype: SSE
hadashboard:
dash_url: https://home.domain.com:5050
dash_dir: /conf/dashboards
dash_ssl_certificate: /certs/cert.pem
dash_ssl_key: /certs/privkey.pem

if you share yaml, please share it as codeblock, this way it is unreadable.

a few things:

  1. the ha_url needs to be an url that you can use in a browser to reach HA.
  2. ssl inside ha and ssl inside AD is asking for trouble.

if you want to reach your dashboards from outside your network, the better way is to install a proxyserver like nginx or caddy and setup your ssl there and remove it from ha and AD.
if you only use your dashboards inside your own network, then lose the ssl in AD.

There is a bug in the setup script that I have fixed for the next version. In the meantime if you manually setup your appdaemon.yaml as above it should work fine

OK, I got it working finally. Looks like the default appdaemon api port on synology nas has a conflict, so I had to go with 5010 instead. below is my working setup. Hope it will help someone.

Docker image:

sudo docker run --name=dash -itd -p 5050:5050 --restart=always -e HA_URL="https://home.xxxx.com:8123" -e HA_KEY="xxxx" -e DASH_URL="https://home.xxxx.com:5050" --mount type=bind,source=/volume1/docker/dash/config,target=/conf --mount type=bind,source=/volume1/docker/hass/config/ssl,target=/certs acockburn/appdaemon:latest

appdaemon.yaml

log:
  logfile: STDOUT
  errorfile: STDERR
appdaemon:
  threads: 10
  api_key: xxxx
  api_port: 5010
  api_ssl_certificate: /certs/cert.pem
  api_ssl_key: /certs/privkey.pem
  plugins:
    HASS:
      type: hass
      ha_url: https://home.xxxx.com:8123
      ha_key: xxxx
      cert_path: /certs/cert.pem
      cert_verify: false
hadashboard:
  dash_url: https://home.xxxx.com:5050
  dash_dir: /config/appdaemon/dashboards
  dash_ssl_certificate: /certs/cert.pem
  dash_ssl_key: /certs/privkey.pem
2 Likes

@cpuram, short note to thank you for sharing your solution. I had exactly the same problem with the api port and Im running ubuntu 18.04 on nuc. So I think the conflict is general.
Anyway, changed as per your setting and all works.