Are you accessing HA only via the reverse proxy or do you have local http access also?
Do you have HA in host mode for the network?
How are you updating via CLI or Portainer or Watchtower, etc.
Is the PI set with a static IP?
I can access HA also via static IP (192.168.1.100:8133) but I access via my custom domain also from local network.
HA is in network_mode: host
Every update is via CLI:
a) docker-compose stop
b) docker container rm nginx
c) upgrade version on docker-compose
d) docker-compose up -d
PI has a static IP.
These are the two docker-compose file, in two different folders, nginx and ha (I prefer use docker-compose also for single containers 'cause I can manage them faster)
Are you getting a warning about a mis-configured proxy on the Home Assistant side when you try and connect?
I had issues after the new requirement added in release 2021.6 to require additional configuration settings in config.yaml for reverse proxy:
HTTP (using reverse proxies)
Home Assistant will now warn when a misconfigured reverse proxy, or misconfigured Home Assistant instance when using a reverse proxy, has been detected.
These warnings will become an error in Home Assistant 2021.7.
If you are using a reverse proxy, and see these warnings, please make sure you have configured use_x_forwarded_for and trusted_proxies in your HTTP integration configuration.
I also had to specify a static IP in the docker compose so that the IP address of the container wouldn’t shift around on me and break the proxy. I did that by adding this to the compose:
networks:
default:
ipv4_address: 172.21.0.2
Not an expert on the network compose here but I beleive yours would replace “default” with “nginx”. You’d have to replace the IP with the one that works now and matches the IP on the config.yaml - I used portainer to find mine.
So it works fine when you refresh? Sounds like a cache issue, but could be websockets aren’t configured right or won’t stay open. Home Assistant is fussy about websockets and nginx config. I use two different lines one for ‘default location /’ and another for ‘location /api/websocket’ in my nginx config.
Also when you “roll back” to the older NGINX image you have no issues, and this only happens when you try and upgrade to the latest NGINX container image? I don’t use the container but if that’s the case you’ll want to look closely at what they changed in the change log.
Its not going to translate direct because I’m on the SWAG container to your setup using the NGINX container, but here’s my nginx config if it helps and you’re still having issues. If there are still issues hopefully others can chime in who use the same exact setup as you.
## Version 2020/05/23 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/default
# redirect all traffic to https
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name mydomain.duckdns.org;
return 301 https://$host$request_uri;
}
# main server block
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
root /config/www;
index index.html index.htm index.php;
server_name mydomain.duckdns.org;
# enable subfolder method reverse proxy confs
include /config/nginx/proxy-confs/*.subfolder.conf;
# all ssl related config moved to ssl.conf
include /config/nginx/ssl.conf;
# enable for ldap auth
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
# enable for geo blocking
# See /config/nginx/geoip2.conf for more information.
#if ($allowed_country = no) {
#return 444;
#}
client_max_body_size 0;
location / {
try_files $uri $uri/ /index.html /index.php?$args =404;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
### HOMEASSISTANT ##############################################################
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name hass.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app homeassistant;
set $upstream_port 8123;
set $upstream_proto http;
proxy_pass http://192.168.0.184:8123;
}
location /api/websocket {
resolver 127.0.0.11 valid=30s;
set $upstream_app homeassistant;
set $upstream_port 8123;
set $upstream_proto http;
proxy_pass http://192.168.0.184:8123;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
# enable subdomain method reverse proxy confs
include /config/nginx/proxy-confs/*.subdomain.conf;
# enable proxy cache for auth
proxy_cache_path cache/ keys_zone=auth_cache:10m;