Accès duckdns+application homeassistant

lubobel · Avril 1, 2025, 1:48

Bonjour,

j’ai installé duckdns avec le super tuto
Avant j’utilisait Nabucasa (ça fait peu de temps que j’ai commencé home assistant).
J’avais l’appli android et je voudrais qu’elle fonctionne de nouveau.
j’ai l’impression que mon erreur vient de nginx, ça démarre mais ça s’arrête.

Sur une page web http://blabla.duckdns.org:8123 ça fonctionne (j’ai pas le https) mais je n’arrive pas à enregistrer l’adresse dans l’application pour que ça fonctionne aussi.

Est ce que c’est possible, où me suis-je trompé?

Est ce que je suis clair, ça m’étonnerai…

en résumé dans configuration.yaml j’ai ajouté

http:
  use_x_forwarded_for: true
  trusted_proxies:
  - 172.30.33.0/24

le add on duck dns fonctionne avec mon domaine blabla.duckdns.org
nginx la config yaml:

domain: blabla.duckdns.org
hsts: max-age=   je passe le reste, j'ai rien changé

dans network home assistant URL j’ai indiqué https://xxxxxxx.duckdns.org:8123, local c’est http://192.168.1.10:8123

Je suis désolé, les réseaux c’est pas mon truc!
Merci

WarC0zes · Avril 1, 2025, 1:54

Bonjour,
tu as ouvert le port 443 > 443 sur l’ip de HA sur ta box ?
et dans paramètres / système / réseau modifie les adresses interne et externe

tu te connecte ensuite par https://xxxxx.duckdns.org ou en local http://192.168.1.10:8123

edit:
j’ai caché ton DNS duckdns, tu avais mis ton DNS visible.

lubobel · Avril 1, 2025, 2:00

Merci pour ta question rapide, en effet j’avais oublié de préciser. La réponse est oui, j’ai une box orange (heureusement elle est noire ). Sur mon téléphone à distance ça marche en passant par chrome, adresse http://blabla.duckdns.org:8123
si je mets https « ce site ne peut pas fournir de connexion sécurisée »

WarC0zes · Avril 1, 2025, 2:02

Avec NGINX home assistant SSL proxy, en HTTP ( donc en local ) tu te connectes par l’ip de HA et non ton nom de domaine duckdns.
C’est en extérieur que tu passes par ton nom de domaine et le HTTPS.

Puis ne met pas le port 8123 pour le HTTPS, c’est NGINX qui gère la redirection.

WarC0zes · Avril 1, 2025, 2:06

je vois des espaces qui manque sur l’adresse, a modifier.

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24

lubobel · Avril 1, 2025, 2:14

nginx me semble pas correctement configuré, ce n’est pas un copié collé que j’ai affiché (vu que je ne suis pas chez moi).
Quand je démarre l’add on nginx ça a l’air de démarrer mais ça fini par s’arrêter.

WarC0zes · Avril 1, 2025, 2:16

Il faut montrer les logs de NGINX , qui ce trouve dans le module complémentaire.

lubobel · Avril 1, 2025, 2:22

[12:28:54] INFO:  [32mService crond exited with code 256 (by signal 15) [0m
s6-rc: info: service crond successfully stopped
s6-rc: info: service nginx: stopping
s6-rc: info: service nginx successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service nginx: starting
s6-rc: info: service nginx successfully started
s6-rc: info: service crond: starting
s6-rc: info: service crond successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[12:29:04] INFO:  [32mMerging options & variables for template [0m
[12:29:04] INFO:  [32mGenerating nginx.conf from template in /etc/nginx/nginx.conf.gtpl [0m
[12:29:05] INFO:  [32mRunning nginx... [0m
stat: can't stat '/ssl/fullchain.pem': No such file or directory
[12:29:05] INFO:  [32mService nginx exited with code 1 (by signal 0) [0m
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service crond: stopping
[12:29:05] INFO:  [32mService crond exited with code 256 (by signal 15) [0m
s6-rc: info: service crond successfully stopped
s6-rc: info: service nginx: stopping
s6-rc: info: service nginx successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service nginx: starting
s6-rc: info: service nginx successfully started
s6-rc: info: service crond: starting
s6-rc: info: service crond successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[12:29:14] INFO:  [32mMerging options & variables for template [0m
[12:29:14] INFO:  [32mGenerating nginx.conf from template in /etc/nginx/nginx.conf.gtpl [0m
[12:29:15] INFO:  [32mRunning nginx... [0m
stat: can't stat '/ssl/fullchain.pem': No such file or directory
[12:29:15] INFO:  [32mService nginx exited with code 1 (by signal 0) [0m
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service crond: stopping
[12:29:15] INFO:  [32mService crond exited with code 256 (by signal 15) [0m
s6-rc: info: service crond successfully stopped
s6-rc: info: service nginx: stopping
s6-rc: info: service nginx successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service nginx: starting
s6-rc: info: service nginx successfully started
s6-rc: info: service crond: starting
s6-rc: info: service crond successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[16:08:42] INFO:  [32mMerging options & variables for template [0m
[16:08:43] INFO:  [32mGenerating nginx.conf from template in /etc/nginx/nginx.conf.gtpl [0m
[16:08:43] INFO:  [32mRunning nginx... [0m
stat: can't stat '/ssl/fullchain.pem': No such file or directory
[16:08:44] INFO:  [32mService nginx exited with code 1 (by signal 0) [0m
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service crond: stopping
[16:08:44] INFO:  [32mService crond exited with code 256 (by signal 15) [0m
s6-rc: info: service crond successfully stopped
s6-rc: info: service nginx: stopping
s6-rc: info: service nginx successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped

WarC0zes · Avril 1, 2025, 2:23

Tu n’as pas de fichier pour le certificat SSL.
Tu as bien démarrer duckdns ?
c’est lui qui va les créer.

lubobel · Avril 1, 2025, 2:26

s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service duckdns: starting
s6-rc: info: service duckdns successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[10:03:51] INFO:  [32mStarting DuckDNS... [0m
[10:03:52] INFO:  [32mOK
90.45.242.154

UPDATED [0m
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service duckdns: stopping
[10:35:00] INFO:  [32mService duckdns exited with code 256 (by signal 15) [0m
s6-rc: info: service duckdns successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service duckdns: starting
s6-rc: info: service duckdns successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[18:59:19] INFO:  [32mStarting DuckDNS... [0m
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service duckdns: stopping
[19:00:39] INFO:  [32mService duckdns exited with code 256 (by signal 15) [0m
s6-rc: info: service duckdns successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service duckdns: starting
s6-rc: info: service duckdns successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[19:02:19] INFO:  [32mStarting DuckDNS... [0m

WarC0zes · Avril 1, 2025, 2:30

Montre ta configuration de duckdns, dans la configuration du module complémentaire, passe en mode YAMLet copie le ( les 3 points, afficher en YAML).

ddfdom · Avril 1, 2025, 2:42

allé ma boule de cristal me donne une erreur sur le nom de domaine

lubobel · Avril 1, 2025, 4:39

[19:02:48] INFO: Merging options & variables for template

[19:02:48] INFO: Generating nginx.conf from template in /etc/nginx/nginx.conf.gtpl

[19:02:49] INFO: Running nginx...

stat: can't stat '/ssl/fullchain.pem': No such file or directory

[19:02:49] INFO: Service nginx exited with code 1 (by signal 0)

s6-rc: info: service legacy-services: stopping

s6-rc: info: service legacy-services successfully stopped

s6-rc: info: service crond: stopping

[19:02:49] INFO: Service crond exited with code 256 (by signal 15)

s6-rc: info: service crond successfully stopped

s6-rc: info: service nginx: stopping

s6-rc: info: service nginx successfully stopped

s6-rc: info: service legacy-cont-init: stopping

s6-rc: info: service legacy-cont-init successfully stopped

s6-rc: info: service fix-attrs: stopping

s6-rc: info: service fix-attrs successfully stopped

s6-rc: info: service s6rc-oneshot-runner: stopping

s6-rc: info: service s6rc-oneshot-runner successfully stopped

WarC0zes · Avril 1, 2025, 4:50

Il faut accepter les termes, sur true. Ça va démarrer et te créer les fichiers du certificat. Puis, tu démarres NGINX.

  accept_terms: true

domains:
  - my-domain.duckdns.org
token: sdfj-2131023-dslfjsd-12321
lets_encrypt:
  accept_terms: true
  algo: secp384r1
  certfile: fullchain.pem
  keyfile: privkey.pem
aliases: []
seconds: 300

lubobel · Avril 1, 2025, 5:10

j’ai bien mit true mais ça reste nginx ça veut pas démarrer

lubobel · Avril 1, 2025, 5:14

dans home-assistant.log1 j’ai
> 2025-04-01 19:01:08.690 ERROR (MainThread) [homeassistant.components.hassio] Failed to to call /addons/core_nginx_proxy/stats - 404 Client Error for http+docker://localhost/v1.48/containers/addon_core_nginx_proxy/json: Not Found ("No such container: addon_core_nginx_proxy")

WarC0zes · Avril 1, 2025, 5:25

Tu as bien installer NGINX Home Assistant SSL Proxy ?

domain: xxxxxxx.xxxxxx.fr
hsts: max-age=31536000; includeSubDomains
certfile: fullchain.pem
keyfile: privkey.pem
cloudflare: false
customize:
  active: false
  default: nginx_proxy_default*.conf
  servers: nginx_proxy/*.conf
real_ip_from: []

lubobel · Avril 1, 2025, 5:36

oui c’est le même, le domaine c’est .org avec duckdns, le reste c’est identique

lubobel · Avril 1, 2025, 5:41

après dans duckdns il y a des errors :

[18:58:02] INFO: Renew certificate for domains: *******.duckdns.org and aliases: 
# INFO: Using main config file /data/workdir/config
 + Creating chain cache directory /data/workdir/chains
Processing ******.duckdns.org
 + Creating new directory /data/letsencrypt/*******.duckdns.org ...
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting new certificate order from CA...
 + Received 1 authorizations URLs from the CA
 + Handling authorization for ******.duckdns.org
 + 1 pending challenge(s)
 + Deploying challenge tokens...
OK + Responding to challenge for ******.duckdns.org authorization...
 + Cleaning challenge tokens...
OK + Challenge validation has failed :(
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"]	"dns-01"
["url"]	"https://acme-v02.api.letsencrypt.org/acme/chall/2315993657/498874128327/PTi4-g"
["status"]	"invalid"
["validated"]	"2025-04-01T16:58:14Z"
["error","type"]	"urn:ietf:params:acme:error:unauthorized"
["error","detail"]	"Incorrect TXT record \"\" found at _acme-challenge.******.duckdns.org"
["error","status"]	403
["error"]	{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Incorrect TXT record \"\" found at _acme-challenge.*****.duckdns.org","status":403}
["token"]	"1pPko2****_TBoDlZnBVjUSQG3bi1dLV4")

Tochy · Avril 1, 2025, 5:54

Je te conseille de reprendre à zéro, d’abord duckdns en suivant cette vidéo.

Une fois que duckdns sera ok tu passeras ensuite à nginx.