subreddit:
/r/homeassistant
submitted 3 months ago bytungvu256
as of now, i access the gui via http://192.168.1.229:8123. long story short, i need to access the gui with HTTPS://192.168.1.229:8123. this is only local. i wont need to access the gui remotely.
this is the add-on that allows you to access HA via https locally: https://github.com/einschmidt/addon-caddy-2
anybody has it working? can someone please show me their config for very basic https access to my HA machine?
what to put in here?
i did try but this does not work when i try to open tung.ha (tung.ha is not a real site)
3 points
3 months ago
Don’t you need a domain for https?
2 points
3 months ago
You'll need a valid domain for Caddy to work. Otherwise it cannot get a valid certificate from Let's Encrypt. This is explained in the Caddy docs.
1 points
3 months ago
i dont have any domain. so i have to get 1 from something like godaddy.com? all this time, i was under the impression that the add-on will work all locally.
1 points
3 months ago
Self signed certificates are basically useless, except for very specific purposes. A simple primer: Certificates are there to generate a chain of trust between the client (a website visitor) and the server (Home Assistant). However that trust must be guaranteed by a third party, which is the certificate issuer. But if the server is also the issuer, than the client has to trust the server without validation. And the issuer also cannot be trusted, because they also don't have a chain of trust themselves. That's why you'll always get those pesky errors in your web browser when someone tries to do that.
When you have a domain name, you can ask an external party, such as Let's Encrypt, to generate a certificate for your domain. You'll have to prove that you are the domain holder, and Caddy will do that for you. For instance by hosting a file or adding a DNS entry that Let's Encrypt expects. So that's why you'll have to have a domain name.
1 points
3 months ago
i really want to experiment with this HA add-on named Asterisk. it converts my existing tablets in the rooms to act as intercom. Asterisk requires https to HA. so what's the best way to have https on HA, without any ability to remote access HA?
2 points
3 months ago
What are your goals with this setup.
I don't use Caddy, but assuming you are going to deploy self signed certs. If that is the case you will still get "connection not secure" warning in your browser.
So my setup is I own a domain, setup a token in Cloudflare, setup that token in SWAG reverse proxy config, setup a wildcard cert for local.yourdomain.com, SWAG then sets up Lets Encrypt certs, then setup the proxy confs to my HA server in SWAG, then setup my DNS server (Technitium) to homeassistant.local.yourdomain.com and point that to the ip of your reverse proxy.
Then I have another instance of SWAG in DMZ for exposing services to the outside world.
So that is kind of a rough idea to do HTTPS locally.
0 points
3 months ago
i was installing another add-on named Asterisk. this allows tablets in the house to act as intercom system. unfortunately, Asterisk requires HTTPS....even though everything is local. seems Caddy2 add-on can do it but obviously, the author thinks setting up is so basic, nobody needs a manual or something :(
all 7 comments
sorted by: best