Websocket Connection Failed Through Nginx Proxy

Hi everyone I’ve seen this topic posted a few times but I cannot for the life of me get it to work using those examples. Here is what I’m trying to do:

I’ve got a subdomain pointed to a VM on my network that is acting as a proxy to home assistant running in another VM. I went in and setup nginx to proxy everything from that subdomain and the normal HTTP requests work and I can even login. But then it fails while trying to load data and just says “Unable to connect to Home Assistant”. In the console I see the error “WebSocket connection to 'wss://ha.mydomain.com/api/websocket failed:”

I feel like I’ve tried everything but must be missing something. Any help would be appreciated.

Below is my nginx config for the site:

server {                                                                                                                                                                               
  listen      443 ssl http2;                                                                                                                                                           
  server_name ha.mydomain.com;                                                                                                                                                     
                                                                                                                                                                                       
  ssl_certificate           /etc/nginx/ssl/letsencrypt/ha.mydomain.com/ha.mydomain.com.cer;                                                                                    
  ssl_certificate_key       /etc/nginx/ssl/letsencrypt/ha.mydomain.com/ha.mydomain.com.key;                                                                                    
  ssl_ciphers               ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;                             
  ssl_dhparam               /etc/nginx/ssl/letsencrypt/ha.mydomain.com/dhparams.pem;                                                                                               
                                                                                                                                                                                       
  ## SSL logs ##                                                                                                                                                                       
  access_log /var/log/nginx/ha.mydomain.com_ssl_access.log;                                                                                                                        
  error_log  /var/log/nginx/ha.mydomain.com_ssl_error.log;                                                                                                                         
                                                                                                                                                                                       
  root          /var/www/ha.mydomain.com/html;                                                                                                                                     
  index         index.html index.htm index.php;                                                                                                                                        
                                                                                                                                                                                       
  proxy_buffering off;                                                                                                                                                                 
                                                                                                                                                                                       
  location / {                                                                                                                                                                         
    proxy_pass                  http://192.168.1.130:8123;                                                                                                                             
    proxy_http_version          1.1;                                                                                                                                                   
    proxy_redirect              http:// https://;                                                                                                                                      
    proxy_set_header            Host $host;                                                                                                                                            
    proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;                                                                                                            
    proxy_set_header            Upgrade $http_upgrade;                                                                                                                                 
    proxy_set_header            Connection $connection_upgrade;                                                                                                                        
  }                                                                                                                                                                                    
}                                                                                                                                                                                      
                                                                                                                                                                                       
# Upgrade http to https                                                                                                                                                                
server {                                                                                                                                                                               
  listen      80;                                                                                                                                                                      
  server_name ha.mydomain.com;                                                                                                                                                     
                                                                                                                                                                                       
  return 301 https://ha.mydomain.com$request_uri;                                                                                                                                  
}

And then here is my home assistant config.yaml:


# Configure a default setup of Home Assistant (frontend, api, etc)
default_config:

# Text to speech
tts:
  - platform: google_translate

group: !include groups.yaml
automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml

http:
  server_port: 8123
  use_x_forwarded_for: true
  trusted_proxies:
    - 192.168.1.135

bumping for visibility. Thanks!

bumping for visibility. Thanks!

So per another user’s suggestion I decided to try and use Docker with swag to keep things simpler. Set it up and pointed it to my HA instance and once again got the login screen and then got the same websocket error in the console:

WebSocket connection to 'wss://my.domain.com/api/websocket' failed: 
Uncaught (in promise) 1 /lovelace?auth_callb…D&storeToken=true:1

I even tried using the template conf file provided by swag themselves and it still fails.

bumping for visibility

Hi, I think I had a similar problem today whilst redoing my HASS.

For me, I used this configuration in combination with the guide here

I checked the NGINX logs and apparently, it couldn’t find a variable for $connection_upgrade; .

Replacing

proxy_set_header            Upgrade $http_upgrade;                                                                                                                                 
proxy_set_header            Connection $connection_upgrade; `

with

proxy_set_header    Upgrade     $http_upgrade;
proxy_set_header    Connection  "upgrade";

seemed to let the web socket through

Try tinkering with your NGINX, and maybe checking the logs for it.
Good Luck.

-Dylan.