I have a setup with Home Assistant Supervised and a Nextcloud server on the same device. The Nextcloud server runs on port 80 is already configured with https by adding the certificates in the Apache configuration. The HA server runs on the default port 8123, but it is not secured via SSL, although I am using the same IP and domain for it. I also have the problem that I can’t access HA by typing IP:8123. I have to type IP:8123/lovelace or else be redirected to an empty index.php. . I think I also might have messed up something by tinkering around earlier, because I reinstalled HA and let the Apache of Nextcloud listen on port 8123 earlier, because I did not do what I was doing.
Where can I configure all these server parameters? This is the last step for my setup to be complete
I have found this guide, which seems to be deprecated
I am also not sure if this step is necessary, since I have already certified the domain during the Nextcloud installation.
Apache’s ssl config will not carry to ha. BUT if you are using the same hostname for apache and home assistant you can put the apache certificate in the ssl folder under /usr/share/hassio/homeassistant and then configure the http integration per here HTTP - Home Assistant
to my /usr/share/hassio/homeassistant/configuration.yaml, as well as using the Letsencrypt addon and adding the symlinked files, which I put to /usr/share/hassio/ssl. Both don’t work unfortunately. I can still only reach HA via an unsecured http session.
HA also started in safe mode. I guess my configuration was faulty. I guess I will also have an issue with port forwarding. In the docs it says
Not sure what you exactly mean by that, but a symlink to host files won’t be accessible in docker, unless it’s relative links to a path also accessible from the docker container
I created symlinks in /usr/share/hassio/ssl to /etc/letsencrypt/live/mydomain/privkey.pem etc. via ln -s . Else I would have copy them manually everytime the certificate is renewed.
I tried copying the .pem files instead. Same error.
That won’t work. A symlink is like an http link. From inside the docker, HA will try to access /etc/letsencrypt/live/mydomain/… which will very likely fail.
Sorry if I missed it, but what is the actual error/symptoms?
I’m a bit surprised that you can access HA at all if its ssl configuration is faulty. I would expect that you couldn’t reach the GUI at all.
I get this error message when trying to restart the server. After rebooting HA starts in safe mode because of faulty configuration.
The system cannot restart because the configuration is not valid: Invalid config for [http]: not a file for dictionary value @ data['http']['ssl_certificate']. Got '/usr/share/hassio/ssl/fullchain.pem'
not a file for dictionary value @ data['http']['ssl_key']. Got '/usr/share/hassio/ssl/privkey.pem'. (See /config/configuration.yaml, line 13).
As nickrout said, the path should be /ssl. That path is mounted inside the container and points to /usr/share/hassio/ssl (I think; a docker inspect would tell)
A docker container has no access to the host filesystem.