Vpn and ngninx von externem server, WebSocket connection to 'wss://xxx.org/api/websocket' failed

Kiki99 · July 15, 2025, 1:48pm

Hello everyone,
I’m having serious problems with my new internet connection, which only provides an IPv6 (DS-Lite tunnel). To be precise, with my Alexa connection via a Lambda function on Amazon; everything else is working fine now.

After some back and forth, I’ve now rented a mini server from ionos that has its own fixed IPv4. The server now establishes a connection to my network via Wireguard, and I route external traffic to HomeAssistant via Nginx. The HomeAssistant framework is also loading, but inside it, I get this “Unable to connect to HomeAssistant” retry in xx seconds message. In the console, I then find “WebSocket connection to ‘wss://xxx.org/api/websocket’ failed.”

I now suspect that I have to disable my nginx installation in HomeAssistant itself and install the SSL certificate on the mini server and then route it unencrypted over the VPN from there. Is that the problem? I find it a bit confusing right now… Is there a guide for this? I always end up with nginx directly in HomeAssistant. My nginx configuration is minimal at the moment.

 server {
                listen  80;
                listen 443;
                location / {
                         proxy_pass https://192.168.178.80;
                }
        }

I suspect it will need to be significantly expanded? Can I copy the certificate that nginx generated on my HomeAssistant computer?

Or is there perhaps an easier way, so that wss is also forwarded and decrypted on the HomeAssistant computer?

Thanks in advance for any advice.

Kiki99 · July 22, 2025, 5:59pm

hi all,
after some more searching i added a second location entry in the nginx i found in the web.

server {
                listen  80;
                listen 443;
                location / {
                         proxy_pass https://192.168.178.80;
                         proxy_set_header X-Real-IP $remote_addr;
                         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                         proxy_set_header X-Forwarded-Proto $scheme;
                         proxy_set_header Upgrade $http_upgrade;
                         proxy_set_header Connection "upgrade";
                }
                location /api/websocket {
                        #resolver 127.0.0.11 valid=30s;
                        set $upstream_homeassistant 192.168.178.80;
                        proxy_pass http://$upstream_homeassistant:8123;
                        proxy_set_header Host $host;

                        proxy_http_version 1.1;
                        proxy_set_header Upgrade $http_upgrade;
                        proxy_set_header Connection "upgrade";
                }
        }

it sounded very good for me. sadly the error is still the same: Firefox kann keine Verbindung zu dem Server unter wss://xyz.duckdns.org/api/websocket aufbauen alias firefox couldn’t connect to the server under wss://xyz.duckdns.org/api/websocket .

Has no one had this problem before?

Thanks for every tip…
best regards.