No Remote Access with SSL/Proxy

[willsanderson]

Unable to access Fusion dashboard remotely (using NGINX Home Assistant SSL proxy with Duck DNS.). Currently receiving error in Fusion logs showing attempted connections using http instead of https. Screenshots with details below:

Fusion Logs:

Browser details:

[EvanBarbour3]

@willsanderson I have ha-fusion running and can access mine via duckdns & nginx proxy with no issues. I've attached images showing it working via the proxy and what I have in my config.

I'm running 2014.1.11 if that helps

[willsanderson]

@willsanderson I have ha-fusion running and can access mine via duckdns & nginx proxy with no issues. I've attached images showing it working via the proxy and what I have in my config.

I'm running 2014.1.11 if that helps

How are you able to add "hass_url" in the Fusion options? I see Network options and only the ability to change the port. I am running the latest 2024.1.11 build as well.

[Getslow6]

Same issue here, version 2024.1.11 and using Cloudflared addon (version 5.1.2):

Configuration tab

Cloudflared settings

Loading the page
I see briefly the colorful background and then it switches to this:

Addon logging

{
  source: null,
  forwardedProto: 'https',
  forwardedHost: null,
  host: 'fusion.DOMAIN.org'
}
DEBUG: http://fusion.DOMAIN.org

I think it has to do with the authentication flow. The URL at the moment of the error above is of the form:

https://fusion.DOMAIN.org/auth/authorize?response_type=code&redirect_uri=[......]

[Getslow6]

To add to the above;

The webpage also briefly loads before it is redirected to the authentication URL mentioned in the post above. This could be a privacy issue.

[alex4108]

I ended up deploying ha-fusion on my k8s cluster instead of using the ha addon because of this issue. My HA instance listens on http, haproxy on the router terminates HTTPS between homeassistant and the internet.

Eg, inside the LAN, homeassistant can be accessed at http://10.1.2.3:8123.
Outside the LAN (or inside too) can be accessed via haproxy at https://ha.FQDN.TLD:8123

When I access hafusion as addon and expose a port, eg http://10.1.2.3:8124 - this works fine
When I access hafusion as addon via haproxy, eg https://ha.FQDN.TLD:8124 - this fails. The application is attempting to access homeassistant over HTTP, yielding the error: ERR_INVALID_HTTPS_TO_HTTP.

I think expressjs needs some special parameters to accept X-Forwarded-* headers. In theory, with reverse proxy enabled in express, adding X-Forwarded-Proto=https to requests routed through haproxy would trigger req.secure to rewrite proto=https and clear the error.

[hasifm2010]

Any fix for this issue.. I am using NGINX proxy with duckdns. Fusion dashboard can't connect wss of hass.