First let me say that OMV is fantastic! I've been able to move a bunch of things I've had going on an old Pogoplug, Raspberry Pi, and Win7 machine over to OMV with very little effort. This is simplifying my life significantly!
I'm trying to get reverse proxy going for some of these services (most importantly Home Assistant) and am running into trouble. I have the DuckDNS container running fine. I have the Let's Encrypt container running as well as explained in @TechnoDadLife video:
Unfortunately I can't get the Home Assistant reverse proxy to work. I do have the Home Assistant container running with the extra '--network my-net' option and the web page is server on port 8123. I'm certain it has everything to do with the conf file but I am uncertain what should be in it. HA does have information on this at:
https://www.home-assistant.io/docs/ecosystem/nginx/
On that page they offer this conf file:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
# Update this line to be your domain
server_name example.com;
# These shouldn't need to be changed
listen [::]:80 default_server ipv6only=off;
return 301 https://$host$request_uri;
}
server {
# Update this line to be your domain
server_name example.com;
# Ensure these lines point to your SSL certificate and key
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
# Use these lines instead if you created a self-signed certificate
# ssl_certificate /etc/nginx/ssl/cert.pem;
# ssl_certificate_key /etc/nginx/ssl/key.pem;
# Ensure this line points to your dhparams file
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
# These shouldn't need to be changed
listen [::]:443 default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
proxy_buffering off;
location / {
proxy_pass http://localhost:8123;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
Alles anzeigen
Other than changing the server_name options to 'mycoolsubdomain.duckdns.org' and pointing to my ssl .pem files, is there anything else I need to do?
I know you guys are busy, but can someone please help me get this going? This is the final thing I need to do and everything will be in place. Thanks for your time!