Hey, did you ever fix this? I’m having the exact same problem as far as I can tell. Using the add-in running in ha os and the integration won’t connect even though the metrics page works fine using a wget on the same machine.
I had problems setting up the integration. I followed this YouTube Video (Like A Pro Service Monitoring with Uptime Kuma for Home Assistant - YouTube) and I was able to get the integration to work.
I am using the Uptime Kuma Addon as well.
Thanks. I was not prefixing my host with http, that fixed it.
I’m still using the workaround.
Now I feel bad since I got it working after fixing a silly mistake but yours still doesn’t work well… Thanks for responding though!
Can this be used to track if internal IOT devices are online by checking their internal ip address?
Yes, you can monitor pretty much anything.
Yes - I monitor things using various methods - a Ping to see if a device is up, using an HTTP call to check the gui, looking to see if docker containers are running for things like Zigbee2MQTT, and also doing TCP calls to check things like MariaDB and Transmission are running ok. There’s very little that it can’t do, and improving all the time.
Uptime kuma still doesnt work with nabu casa cloud service. It doesnt work with ssl, at least not in my case.
Does anyone have a working setup for ssl and nabu casa ?
There’s no reason why it shouldn’t work - Nabu Casa is just an https site. Maybe you’re trying to access the full HA interface which will require Nabu Casa to login.
I monitor HA in two ways (both should work with Nabu Casa too).
1. Monitor the HA API
https://yourHAaddress.com:8123/api/
You need to pass the authentication header, by obtaining a long-lived access token and inserting it here, and including that in the UK headers:
{
“Authorization”: “Bearer LONGLIVEDACCESSTOKEN”,
“content-type”: “application/json”
}
2. Monitor the HA GUI
https://yourHAaddress.com:8123
This is probably where it’s failing on authentication. If using Basic Auth, this may help:
Maybe I have some weird setup but this is how I set up things on my ha. I know that for local access I don’t need ssl but I have it. I use ssl cert for local access only and for remote access I use nabu casa.
I obtained my cert using dynudns addon.
I use nginx reverse proxy with this config
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
server_name my_domain.com;
ssl_certificate /ssl/fullchain.pem;
ssl_certificate_key /ssl/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
listen [::]:443 ssl http2 default_server ipv6only=on;
ssl_protocols TLSv1.3;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
proxy_buffering off;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://172.30.32.1:8123;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Connection $connection_upgrade;
}
}
To make this work I use dns rewite to rewrite my_domain.com to my local ha ip address 192.168.x.x My domain is not accessible from net because my provider is behind nat, as I understood.
I also use Multi-factor Authentication.
Now if I do
curl -i https://my_server.com/api/ -H "Authorization: Bearer MY_TOKEN"
I get this response
HTTP/2 200
server: nginx
date: Wed, 21 Dec 2022 21:23:09 GMT
content-type: application/json
content-length: 26
strict-transport-security: max-age=31536000; includeSubDomains
but if I try
curl -i https://my_server.com:8123/api/ -H "Authorization: Bearer MY_TOKEN"
I get this
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
Maybe I’m doing something wrong, I’m not sure.
Is your Uptime Kuma running locally on the same network as HASS, or remotely? Are you trying to test HASS locally, or as if you were outside your network?
If you’re UK is local and HASS is local, then it’s probably not using your NGINX proxy and therefore not using SSL, so you would want to use the local URL - http://192.168.x.x:8123/api/
I have debian server and supervised installation of home assistant. So everything is running in docker on the same network.
I’m not in UK, I’m in Croatia.
I can access uptime kuma with out ssl but I will like to use it with ssl.
I saw faq how to set up uptime kuma to work with ssl but I was unable to set it up. That is why I posted my nginx config file.
And there is one more thing I noticed with uptime kuma. I can’t connect it to my docker. I’m not sure why but it doesn’t work.
If you’re trying to integrate HA with UK (Uptime Kuma!), and they are both on the same docker, then you should be accessing UK locally and not going out to the internet and back in again - this rules out errors with network connectivity, etc.
If you want to access UK externally, then that is something different. Setting up the reverse proxy for external access to UK can be found here
For monitoring docker with UK, see here - you can either expose the docker.sock to the UK container, or access docker over TCPIP.
Personally, I also use Uptime Robot as an external monitor to check that my HA and UK setup are both accessible from the internet.
1 Like
Ok, sorry I just connected UK with United Kingdom not with Uptime Kuma. Its a honest mistake.
But I think you didn’t get me or maybe I did something wrong. I use ssl for local access not for remote access. I know that most people find this weird but I don’t. I don’t see why people should trust their own local network.
I tried to change some docker images inside home assistant but this is not that easy to do. It is not that I’m not appreciate your help on this matter, but this just doesnt work.
That makes things clearer. It’s not usual for people to want to use SSL within their own network, but there is nothing wrong with that if that is what you want to do.
In your post you said you tried using
curl -i https://my_server.com/api/ -H “Authorization: Bearer MY_TOKEN”
If that is working, then what is the issue? This sounds like your proxy server and SSL certificate are working ok, so why can you not use that?
Is it that you want to use Nabu Casa? If that is so, then you need to replace the URL with your Nabu Casa Remote UI URL as shown here
For example, instead of
curl -i https://my_server.com/api/ -H "Authorization: Bearer MY_TOKEN"
You would use
curl -i https://mylongremoteurl.ui.nabu.casa/api/ -H "Authorization: Bearer MY_TOKEN"
I can’t open UK dashboard using ssl because it give me ERR_SSL_PROTOCOL_ERROR
By this document made by UK maintainer to use UK with ssl you have to add additional domain or subdomain to use UK with reverse proxy.
Now, I can use ssl with my_domain.com because I use dns rewrite to rewrite my_domain.com ip address to my local ip ha address.
I tried to add a subdomain to my config but I got the same ssl error.
So the first problem is how to open UK dashboard using ssl on local network.
When I open dashboard using ssl I get https://my_domain.com:3001 with ssl error mention above.
If I try curl with my domain and port 3001 I get
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
In iptables I have
ACCEPT tcp -- anywhere 172.30.33.16 tcp dpt:3001
This is port and address for UK in docker.
Edit:
When I use curl with --verbose option I get this
* Trying 192.168.31.103:3001...
* Connected to my_domain.com (192.168.31.103) port 3001 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
My certs are stored in /usr/share/hassio/ssl.
I have UK running on a different VM from HA. I normally access UK via uptime.mydomain.com with SSL. I do not use auth within UK because I have Google Auth securing all of my services. Am I still able to use this add on with that setup? I enter my host and leave user and pass blank (tried port 443 and blank and SSL checked and unchecked), I get “Unexpected Error”
None of the created monitoring devices are shown in HA as entities?
Is there anyway to change this so they can be displayed on a graph?
You should have sensors for each - a binary sensor for whether each monitor is actually running or not, and a normal sensor for the status of that monitor, which includes response time, etc. as attributes.