Home assistant SWAG reverse proxy not working

Hi there! First-time poster here.

Coming from Home Assistant OS, I wanted to run Plex (music only) along side so switched to running as a container. Am trying to set up SWAG to reverse proxy to home assistant. I followed the instructions adding trusted_proxies to the yaml, renaming the homeassistant.subdomain.conf.sample to homeassistant.subdomain.conf, changed the server name in that conf file to the duckdns subdomain, ensuring the upstream_app name is the same as the container name, but to no avail. Using Docker Compose on a Pi 3 running Raspberry Pi OS 64-bit. Home assistant working on host network mode.

I can access the example page from outside the network using my duckdns subdomain. I tried looking at the default.conf and tried breaking the config to figure out why the example page is still showing but couldn’t. Does it cache the result or fallback to the example page if there’s an issue?

Tried changing server_name to the actual IP address as well as upstream_app but that doesn’t help either. I would post the docker-compose.yaml file and homeassistant.subdomain.conf but I can’t access it at the office.

Any ideas?

You never said what happens when you try to access. I’m assuming a 502

Leave the server name as default. But change the upstream app to the local ip of homeassistant (the server hosting it). It can’t connect to it by container name if it’s running in host networking, so you need to use the IP.

1 Like

Thanks for your help, @aptalca

I didn’t see an error. How would I see it? Would it be in the developer console of the browser? All I saw was the same SWAG example page. There must be logs for Nginx but haven’t found that yet. When I look at docker logs swag it shows that it’s started OK.

Of course it won’t have access to the container! I thought I already tried changing the upstream_app as the IP address but perhaps not leaving the server_name as homeassistant.*. It’s worth noting that I can’t access the local address by using http://homeassistant.local link. Would that be a factor? The router may not have mDNS. What is the server_name used for exactly?

So for trusted_proxies in the home assistant config, you’d give it the server’s IP, not the docker IP 172...?

If you’re seeing the default SWAG landing page, that means one of the following happened:

  • your proxy conf for HA is not enabled properly
  • you’re not using the right address (server_name needs to match whatever address you’re accessing it at, ie. homeassistant.* would match https://homeassistant.yourdomain.com)
  • old browser cache

Do the following:

  • Set upstream_app to HA server LAN IP
  • Leave server_name as is, and access it at https://homeassistant.yourdomain.com
  • Set the trusted_proxies address to cover whatever IP SWAG would be connecting from. If SWAG is accessing HA via the host server IP, SWAG’s IP will likely show up as SWAG’s host’s LAN IP.
1 Like

That was it! Thanks for that. Remote access is up!

Followed your instructions:

  • named server_name to my URL without https:// (e.g. ******.duckdns.org
  • cleared browser cache which showed an error 400: Bad request
  • add the IP as a trusted proxy to home assistant YAML config

…and hey presto it’s up. Learned a lot. Thanks for your help, @aptalca

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.