@MrSir wrote:
Hi Everyone,
First up just wanted to say a big thank you to everyone’s contributions on this forum. I’ve solved many problems over the last 6 months with such a rich source of helpful info!
Unfortunately I’ve run into a problem I haven’t been able to find a solution for. I have set up an NGINX Reverse Proxy which is working fine and dandy for plex, my irrigation system, etc etc. It is also PARTIALLY working for home assistant. I am able to connect, log in, see my home page and all that good stuff - however there are some elements which will not load through the proxy (they work totally fine locally).
A prime example of this is my ‘camera.adelaideradar’ entity (Australian weather radar station).
I have HA 0.104.2 running in a FreeBSD jail (so it’s NOT hassio).
HA Config:
http: ssl_certificate: /home/hass/homeassistant/ssl/test2/server-selfsigned-CA.crt ssl_key: /home/hass/homeassistant/ssl/test2/server-selfsigned-CA.key base_url: https://homeassistant.MYDOMAIN use_x_forwarded_for: true trusted_proxies: 192.168.1.73 ip_ban_enabled: true login_attempts_threshold: 5My NGINX Config is as follows:
server { listen 443 ssl; server_name homeassistant.MYDOMAIN; ssl_certificate /usr/local/etc/letsencrypt/live/homeassistant.MYDOMAIN/fullchain.pem; ssl_certificate_key /usr/local/etc/letsencrypt/live/homeassistant.MYDOMAIN/privkey.pem; include common_ssl.conf; include common_general.conf; location / { proxy_pass https://192.168.1.166:8123; proxy_ssl_trusted_certificate /usr/local/etc/nginx/server-selfsigned-CA.crt; proxy_set_header Host $host; proxy_ssl_verify off; proxy_redirect http:// https://; proxy_set_header X-Real-IP $remote_addr; proxy_buffering off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /api/websocket { proxy_pass https://192.168.1.166:8123/api/websocket; proxy_ssl_trusted_certificate /usr/local/etc/nginx/server-selfsigned-CA.crt; proxy_set_header Host $host; proxy_ssl_verify off; proxy_redirect http:// https://; proxy_set_header X-Real-IP $remote_addr; proxy_buffering off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }When attempting to open up one of the entities that doesn’t work, the NGINX logs give a response of 444 (i.e. dropped connection):
192.168.1.1 - - [24/Jan/2020:08:49:37 +1030] "GET /api/camera_proxy/camera.adelaideradar?token=XXXX HTTP/1.1" 444 0 "https://homeassistant.MYDOMAIN/lovelace/default_view" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"(of course in the above I have replaced my real domain with MYDOMAIN).
So it looks like NGINX is dropping some of the requests for entities - yet is allowing others to pass through… I suspect the change required will be in the NGINX config.
Any help would be greatly appreciated!
Posts: 5
Participants: 3