use nginx proxy manager with home assistant to access many network devices

8 Responses

  1. Scott says:

    In this setup, what URL should be placed in HA/Settings/Home Assistant URL?

    It says…
    Configure what website addresses Home Assistant should share with other devices when they need to fetch data from Home Assistant (eg. to play text-to-speech or other hosted media).

    Do I enable Local Network Automatic?
    What URL shall be used…is this the external https://XXXX.duckdns.org:PORT URL?

    • roger says:

      remember that nginx does the port for you when you set up a proxy you’ll be entering the port e.g. 8123
      what URL should be placed in HA/Settings/Home Assistant URL this >> https://XXXX.duckdns.org
      What URL shall be used https://XXXX.duckdns.org (without a port)

      1) URL from outside goes to your home router. Your home router forwards this to the port of home assistant nginx proxy manager config page
      2) as you set up in npm, nginx proxy manager now directs the outside request to eg home assistant

      • Scott says:

        Thanks for the follow-up.
        I assume this is if using the typical 443 for SSL.
        My HA/hassio is on a VM of my main PC, so I have 9123 as my SSL. Using just https://XXXX.duckdns.org fails, in my case.

        • roger says:

          “Using just https://XXXX.duckdns.org fails, in my case” and presumably adding a port doesn’t help.

          Much as it makes sense I would investigate your idea that it’s possible to change the SSL port to anything other than 443. So go like this
          router forwards port 443 to 443 on the VPC and nginx and not 9123. Put that another way, I’d try the regular thing first.
          I’m happy to help. stackexchange eg has a bigger pool of talent for network advice.

          • Scott says:

            Actually, adding the port does work; what I have as that URL. https://XXXX.duckdns.org:9123

            If I forward 443 traffic to my VM, that means all SSL traffic gets sent to my VM… I don’t want that. The reason I created the new port.

            It all works, set up as above. I’m assuming that all traffic w/in HA is still local. Thanks for the input!

          • roger says:

            That’s good Scott and I see now what you’re doing and the want to keep it local. I wish all this away.

  2. Tim says:

    In light of the publication today by Home Assistant about misconfigured reverse proxies, doesn’t this article need to be updated to correctly capture the forwarding header?

    https://community.home-assistant.io/t/disabling-new-login-page-functionality/655819

    • roger says:

      No the process above doesn’t need changing as it appears to differentiate between internal and external incoming traffic. It’s right to flag problems where they exist and do your own tests and be forever vigilant.

      Home Assistant have some cheek to introduce such a trivial, and unsafe, feature and then blame everything else for it not working safely.

Leave a Reply

Your email address will not be published. Required fields are marked *