TTS not working because of local URL

bdery · April 8, 2025, 1:37pm

Ever since creating a DuckDNS link, I’ve bene unable to send TTS to either Sonos or Google Home speakers (everything else works fine, from local or remote).

I’ve searched here, on reddit, via Google, and instructions are all over the place, and most is way over my head. A lot of advice is also 4-5 years old, and doesn’t seem to apply anymore.

Before trying anything and possibly breaking stuff, I’d like some definitive and up-to-date advice.

I’m running HAOS (baremetal?) on a X86-64 PC.

When trying to run an automation calling TTS (using Google Translate and configuring via the GUI), I get this error message looking at traces:

Unable to determine Home Assistant URL to send to device. Configure internal and external URL in general settings

Now I’m pretty sure I had done just that when configuring DuckDNS but when I go to “network” I see local network is set to automatic, and HA gives me a warning saying

You have configured an HTTPS certificate in Home Assistant. This means that your internal URL needs to be set to a domain covered by the certificate.

Sounds easy, if you know what you’re doing I guess. I’m not sure I do.

Older topics suggest playing with “base_url”, newer indicate that this is deprecated.

Some people suggest adding this

external_url: "https://www.example.com/" 
internal_url: "http://homeassistant.local:8123"

to the configuration file, but without clarifying the exact section, syntax and indentation.

Some people suggest I should just use https://local.ip:8123 for the internal URL and call it a day.

the TTS documentation (here ) acknowledges the problem, but is too specialized for me to understand and know what to do. The last sentence in that section says

The recommended way to overcome these obstacles is to not manually configure a local Home Assistant URL.

which I haven’t done, but TTS doesn’t work regardless. And that advice is opposite to the previous paragraph.

A topic from 2021 says I should add this in the configuration file, specifically for Sonos:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.32.0/24

It wouldn’t do anything, presumably, for Google speakers.

Others say I should use the DNSMasq add-on, and configure it somehow.

In short, advice is well-meaning but all over the place, I’m not sure what is current, what could break my links. I don’t want to have to restore because I typed the wrong URL in the wrong place.

I’m sure the solution exists and is well-understood. I’d really appreciate some input by someone who knows what they’re doing.

Many thanks.

Sir_Goodenough · April 8, 2025, 2:16pm

Hello bdery,

For TTS to work your external URL has to be secure and have a valid traceable cert. It cannot use a self signed cert. That is likely your problem.

bdery · April 8, 2025, 2:32pm

@Sir_Goodenough , indeed that part I gathered. What I don’t know is, what is the fix? I’m sure not everyone using DuckDNS has to forego TTS forever.

Sir_Goodenough · April 8, 2025, 2:35pm

Is that using a self signed certificate? If so you need a valid cert instead.

Search here for others input…
Tips on Searching for Answers & Duplicate Topics in the Forum.

bdery · April 8, 2025, 5:28pm

I have indeed searched for other inputs. I have highlighted all the relevant, but contradictory (or incomplete) potential solutions I found on the web, even commented on my evaluation of their relevance. I’m still at my wits’ end.

The “external_url” line is just one hypothesis, and before learning how I could obtain a valid certificate instead of a self-signed one, there are many steps to be taken (namely, evaluating if using the two lines in configuration.yaml is indeed the way to go, what would be the exact syntax, which URLs to actually use, THEN determine if I need a different certificate, which the proposed solution suggests I don’t need).

I feel that I have done my homework. I am appreciative for your help and that of all other contributors here. I do the same on topics I’m comfortable with. Sadly, here the sentence “if so you need a valid cert instead” brings me no closer to solving my issue. I’m too far behind, and all the questions I previously asked remain, all the competing hypothesis still compete.

EDIT: I will stress again that it seems to me the solution is to define a proper internal URL, since that’s what HA is asking for. However, that’s risky if I don’t know what I’m doing.

bdery · April 8, 2025, 7:47pm

I did make a bit of progress. Continuing my search, I saw someone recommend to use https://homeassistant.local as the internal URL. I tried and I’m not getting any error message anymore. When looking at the Automation Traces, it shows that everything was executed. I did hear a chime on a Google Home speaker I was using for testing purposes, but no speech. On another Google Speaker and on Sonos, nothing, not even a chime. When looking at the logs, I see (when testing just with one Google Speaker)

Failed to cast media https://homeassistant.local/api/tts_proxy/bEbDxeWjwz6rG2FI9zKbGA.mp3 from internal_url (https://homeassistant.local). Please make sure the URL is: Reachable from the cast device and either a publicly resolvable hostname or an IP address

It’s clearly reaching the speaker, confirmed by the chime. So I’m partway there, but not quite.