Hi guys I would like to know if you have | Home Assistant | Page 1

half otter Aug 9, 2023, 10:14 AM

#

What's in the HA (core) logs?
What's in your NGINX logs?

spice tusk Aug 9, 2023, 2:01 PM

#

half otter What's in the HA (core) logs? What's in your NGINX logs?

https://imgur.com/WBwYKFL

spice tusk Aug 9, 2023, 2:03 PM

#

half otter What's in the HA (core) logs? What's in your NGINX logs?

https://imgur.com/PpR60M3

molten trellisBOT Aug 9, 2023, 2:03 PM

#

@spice tusk Please use a code share site to share code or logs, for example:

https://dpaste.org/ (select YAML for the language, and consider picking a longer expiry)
http://pastie.org/ (select YAML for the language)
https://paste.debian.net/ (you guessed it, select YAML as the language)

Please don't use Pastebin, since it can randomly add spaces to the main view. Please also don't share text as images since it makes it harder for people to help you. Remember that others may have colour blindness, impaired vision, etc.

half otter Aug 9, 2023, 2:04 PM

#

Images of text are horrible, please don't do that

spice tusk Aug 9, 2023, 2:04 PM

#

Okay sorry i do that

half otter Aug 9, 2023, 2:04 PM

#

Also, using Reply in a thread is annoying, if you must please turn the notifications off

#

spice tusk Aug 9, 2023, 2:05 PM

#

I got it. Excuse me

#

Nginx access.log:

185.224.128.141 - - [09/Aug/2023:15:57:29 +0200] "GET / HTTP/1.1" 301 169 "-" "Hello World"
192.168.1.254 - - [09/Aug/2023:15:59:00 +0200] "GET / HTTP/1.1" 400 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
192.168.1.254 - - [09/Aug/2023:15:59:01 +0200] "GET /favicon.ico HTTP/1.1" 400 16 "https://haos-habsheim.noacco.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrom```

**Nginx error.log:**
*Nothing*

#

HA core logs:

Log Details (ERROR)
Logger: homeassistant.components.http.forwarded
Source: components/http/forwarded.py:125
Integration: HTTP (documentation, issues)
First occurred: 4:02:35 PM (2 occurrences)
Last logged: 4:02:35 PM

Received X-Forwarded-For header from an untrusted proxy 192.168.1.252```

half otter Aug 9, 2023, 2:08 PM

#

You should fix that 😉

#

https://www.home-assistant.io/integrations/http#reverse-proxies

spice tusk Aug 9, 2023, 2:11 PM

#

Oh my god thank you, you've saved me an afternoon, I've been at it for 3 hours. 🥲
Sorry again for the screenshots and pings above, I'll find out a bit more about the rules...

#

Have nice day

half otter Aug 9, 2023, 2:12 PM

#

Any time something doesn't work, the logs should be the first place to look 😉

spice tusk Aug 9, 2023, 2:12 PM

#

😅

#

Well, apparently the redirection works correctly, but when I connect via my url, I get the home asisstant logo displayed with the message

Unable to connect to Home Assistant.
Retrying in 60 seconds...
Retry Now

I have no logs displayed in home assistant

half otter Aug 9, 2023, 2:25 PM

#

And you have access logs iin NGINX?

spice tusk Aug 9, 2023, 2:26 PM

#

Nope, i've nothing

half otter Aug 9, 2023, 2:27 PM

#

Then it's not even reaching NGINX

spice tusk Aug 9, 2023, 2:27 PM

#

oh wait

#

my bad

#

server@boxisex808:/var/log/nginx$ sudo cat access.log
192.168.1.254 - - [09/Aug/2023:16:26:31 +0200] "GET / HTTP/1.1" 200 3084 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
192.168.1.254 - - [09/Aug/2023:16:26:31 +0200] "GET /api/websocket HTTP/1.1" 400 66 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
192.168.1.254 - - [09/Aug/2023:16:26:31 +0200] "GET /manifest.json HTTP/1.1" 200 933 "https://haos-habsheim.noacco.fr/lovelace" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"
192.168.1.254 - - [09/Aug/2023:16:26:33 +0200] "GET /service_worker.js HTTP/1.1" 304 0 "https://haos-habsheim.noacco.fr/service_worker.js" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"```

half otter Aug 9, 2023, 2:28 PM

#

That 400 looks bad 😉

#

What does your NGINX config look like?

spice tusk Aug 9, 2023, 2:28 PM

#

server {
  listen 80;
  server_name haos-habsheim.noacco.fr;
  return 301 https://haos-habsheim.noacco.fr$request_uri;
}

server {
  listen   *:443;
  server_name  haos-habsheim.noacco.fr;

  # allow large uploads of files
  client_max_body_size 1G;

  # optimize downloading files larger than 1G
  #proxy_max_temp_file_size 2G;

  ssl on;
  ssl_certificate /etc/letsencrypt/live/haos-habsheim.noacco.fr/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/haos-habsheim.noacco.fr/privkey.pem;

  location / {
    # Use IPv4 upstream address instead of DNS name to avoid attempts by nginx to use IPv6 DNS lookup
    proxy_pass http://192.168.1.251:8123;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto "https";
  }
}

half otter Aug 9, 2023, 2:29 PM

#

Hmmm....

#

You appear to be missing websocket support

#

Enable that, and maybe consider switching to a more modern proxy server that doesn't require you to do that 😛

#

https://blog.ceard.tech/2018/01/nginx-and-home-assistant is a little old, but it covers the details you need

  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection $connection_upgrade;

spice tusk Aug 9, 2023, 2:31 PM

#

Hmm ok I'll look into it...
However, I'm using nginx and it's up to date. What do you recommend as a reverse proxy?

half otter Aug 9, 2023, 2:32 PM

#

I like Traefik, but I run most software in Docker and that makes it trivial to set up

#

Bonus points because it handles LetsEncrypt certificate renewal itself too

#Hi guys I would like to know if you have