"Unable to connect to Home Assistant" via nginx reverse proxy

Configuration
21

I just found this thread after having the same issue. I am using Cloudflare and nginx proxy manager. To get it working, go to nginx proxy manager and open the proxy host settings for the home assistant proxy you have configured. You will see the option there for Websockets support. Enable that and you should be good to go.

6 Likes
22

Looking everywhere and found this thread! Having same problem but don’t know how to apply the WebSocket custom header on Nginx Proxy Manager.
Please if someone could guide us

23

To get it working, go to nginx proxy manager and open the proxy host settings for the home assistant proxy you have configured. You will see the option there for Websockets support. Enable that and you should be good to go.

1 Like
24

I already have the websocket support enable… Dont know what else to try

Could be regarding the refresh tokens? I have a huge list and before this I was using another domain to connect

1 Like
25

Hi @barabasz
I am trying to include HA in my DSM reverse proxy with no luck so far. I would be grateful if you could provide some guidance.
Also, is DSM the best application, or do you recommend anything else?
Thanks in advance

27

I have similar problem but didn’t bother to look into it as I rarely need to access from outside the firewall. Finally today got a chance and got some insights from the posts above on proxy_set_header. To apply the two proxy_set_header rules in Nginx Reverse Proxy, add the following rules in Custom Location
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;

image

7 Likes
28

I am having this same issue except its only occuring when using Firefox. Chrome and Edge both connect fine through my domain. I’ve tried adding the set header commands to the location but it has no affect when using Firefox. Any ideas why this is happening?

edit

To add to this, running Firefox in Troubleshooting Mode fixes it.

edit2

It was uBlock Origin that was causing it. I disabled it and it works now.

1 Like
29

I have similar problem but didn’t bother to look into it as I rarely need to access from outside the firewall. Finally today got a chance and got some insights from the posts above on proxy_set_header. To apply the two proxy_set_header rules in Nginx Reverse Proxy, add the following rules in Custom Location
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;

This solved it for me. But I’ve not the foggiest idea why these headers should be required. Would anyone care to explain ?

1 Like
31

edit2 It was uBlock Origin that was causing it. I disabled it and it works now.

You made my day! I have spent months trying to solve this problem even to the extend that I stoped using Firefox for a while just so I could have HA running. Now with uBlock disabled it works flawlessly.
Thank you!

32

Same here. After adding Websocket Support it started working. :slight_smile: Cheers!

33

This solved my problem as well!

1 Like
34

This totally worked for me, using my reverse proxy from a different machine than my docker HA installation. Thanks!

35

Does anyone know how to configure this in the NPM UI? I have enabled Websocket support

37

Private IP in clear, public ones shadowed.

Local networking.
FWA behind double NAT, no port-forwarding, nope.
192.168.1.3 Debian server, Wireguard onboard (wireguard wg0 IP 192.168.168.5).
Same server, HA core on Docker.
Same server, Nginx, just for debug, read below.

WAN
Route 53 domain
AWS server, Debian
Wireguard onboard, as vpn concentrator, up and working (wireguard wg0 IP 192.168.168.1).
Nginx as a reverse proxy for HA

AWS proxy config

map $http_upgrade $connection_upgrade {
default upgrade;
‘’ close;
}

server {
listen 80;
listen 443 ssl;

force https-redirects

    if ($scheme = http) {
        return 301 https://$server_name$request_uri;
    }

    server_name xxx.yyy.name; 
    include snippets/yyy.conf;

    root /var/www/html;
    index index.html;

    location / {
       proxy_pass http://192.168.1.3:8123;   #routed on wg0
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection $connection_upgrade;
       proxy_set_header Host $host;
    }

}

Debug test on local server,
of course docker stop home-assistant and systemctl start nginx

Default server configuration

server {
listen 8123 default_server;
listen [::]:8123 default_server;

https://mydomain.com, works, access.log reports connections from 192.168.168.1

192.168.168.1 - - [17/Apr/2023:12:38:10 +0200] “GET / HTTP/1.1” 200 396
“-” “Mozilla/5.0 (Linux; Android 10; POCOPHONE F1)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36”

Now with nginx off, docker HA on

http:
use_x_forwarded_for: true
trusted_proxies:
- 192.168.168.1

Timeout …

Any hint?

TyL. Paolo

38

Follow up … working now.

To be confirmed, but could be CG-NAT & IPV6 related. Succeded after lovering to 1384

wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1384 qdisc noqueue state UNKNOWN group default qlen 1000

tunnel MTU, to avoid fragmentation.

Paolo

39

Thanks for this! I found these instructions for websocket support and now I’m able to log in.

location /wsapp/ {
    proxy_pass http://wsbackend;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header Host $host;
}

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}
40

This worked for me with the version of NGINX I have

41

works like a charme

42

I have had the same problem for ages. I was trying to fix something else and came across your post. This fixed it for me. Awesome. Thank you very much.

43

I had the same problem but I am using Opnsense with the nginx plugin. The solution was to enable the “WebSocket support” checkbox under “Location”. Make sure to toggle the advanced options. Hope this helps someone.

image
image1407×1131 50.8 KB