DocHodges Posted June 16, 2021 Share Posted June 16, 2021 All, I am at my wits end and could really use some support. I have DuckDNS and SWAG installed as dockers for remote access to various dockers on unraid. All is working fine as I followed spaceinvaders videos. I even setup remote access allowing me to connect to my server through the "my servers" link in the forum. So with all of this working I then created a Home assistant VM. I previously had this as a docker but decided I wanted to give it a go as VM. No specific reason except to learn more about various VM implementations. The VM is setup and running fine. The issue I am having is getting remote access for it. I know I need to setup a reverse proxy for it but I am not sure how to do it. I tried to install duckdns and NGNIX from within the VM but I couldn't not get it working. I then tried to add the dns to duckdns and add that to SWAG but then I realized I have no idea how to manually configure the config file as they are all premade for dockers. How the heck can I get remote access for the VM working properly in Home Assistant while maintaining the remote access I have running through the docker containers? I have spent an embarrassingly long amount of time fighting with this for some reason. Quote Link to comment
simono5 Posted July 29, 2021 Share Posted July 29, 2021 Hi mate, I don't use SWAG, instead NGINX Proxy Manager. It's GUI based rather than config files. I find it so much easier to use. So I've got Home Assistant working remotely using NGINX Proxy Manager. It's pretty easy. I have NGINX set up for a few dockers as well as HA VM. Happy to help you if I can but I'd recommend moving over to NGINX PM 🙂 Quote Link to comment
Iker Posted August 6, 2021 Share Posted August 6, 2021 Hey, you need to create another config file in SWAG, the following is the content: server { listen 443 ssl; listen [::]:443 ssl; server_name homeassistant.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.10.2; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /api { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app 192.168.10.2; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } 2 Quote Link to comment
arifer Posted September 22, 2021 Share Posted September 22, 2021 @iker 's solution worked for me on SWAG. I also had to include the following lines in my configuration.yaml file for the Hassio VM. http: use_x_forwarded_for: true trusted_proxies: - XXX.XXX.XXX.XXX # IP address of my unRAID box If you're facing problems getting the right IP address, try accessing the web app through the site you have set up the CNAME for like homeassistant.domain.host and search your Home Assistant logs under "Configuration >> Logs" for the following entry: Quote "A request from a reverse proxy was received from XXX.XXX.XXX.XXX, but your HTTP integration is not set-up for reverse proxies" where the IP address shown is what you need to insert into the code block above. 2 Quote Link to comment
TheBurgundyBear Posted December 27, 2021 Share Posted December 27, 2021 I have the opposite problem! Now I can only access HA remotely. I've lost local access! Quote Link to comment
Skylinar Posted January 4, 2022 Share Posted January 4, 2022 confirming that the hints from @Iker & @arifer working as a charm. Made minor adjustments to swag homeassistant.subdomain.conf: server { listen 443 ssl; listen [::]:443 ssl; server_name homeassistant.*; include /config/nginx/ssl.conf; client_max_body_size 0; location / { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app YOUR_HOMEASSISTANT_IP; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location ~ ^/(api|local|media)/ { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_app YOUR_HOMEASSISTANT_IP; set $upstream_port 8123; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } additional to that (as mentioned) added those lines to configuration.yaml as well as the ban functionality from home assistant if there are too much login attempts. http: use_x_forwarded_for: true trusted_proxies: - 127.0.0.1 - 192.168.0.2 # IP address of your unRAID box ip_ban_enabled: true login_attempts_threshold: 5 I am using Home Assistant on a separate machine than Swag Docker Container - it works without any problems. Thanks! 1 1 Quote Link to comment
omartian Posted January 29, 2022 Share Posted January 29, 2022 On 7/29/2021 at 5:59 PM, simono5 said: Hi mate, I don't use SWAG, instead NGINX Proxy Manager. It's GUI based rather than config files. I find it so much easier to use. So I've got Home Assistant working remotely using NGINX Proxy Manager. It's pretty easy. I have NGINX set up for a few dockers as well as HA VM. Happy to help you if I can but I'd recommend moving over to NGINX PM 🙂 Hi. Sorry to dig up an old thread. Do you have nginx running as a docker in unRAID for your HA VM? I have HA as a vm and having a tough time setting up a reverse proxy w nginx. Was trying to use the guide https://www.juanmtech.com/getting-started-with-home-assistant-2021/ He uses mariadb and nginx add-ons w/in ha. I was never able to open ports 443 and 80 w/my HA IP, but just realized that ha is configured for 8123. Can you point me in the right direction to get nginx working as a reverse proxy for my ha vm? Quote Link to comment
RyanDownyJr Posted March 2, 2023 Share Posted March 2, 2023 Perfect instructions above. Everything is working great for the remote access. The only thing I feel I am missing is Edge is reporting "Not Secure" with respect to the certificate. Is this because it is not a standard trusted publisher (DigiCert, etc.), or is it because I might have missed a step where I need to pass the certificates to the HA machine...? Best information I can find is that its not...possible? Well not cleanly done at least. how-to-manually-set-ssl-certificates Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.