New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Support]: Instructions for adding a nginx reverse proxy with ssl+auth #2708
Comments
I have this with my setup using Nginx Proxy Manager. Do you have frigate running as a HASS addon or separate? |
Separate |
Alright, so you have proxy host setup to forward with an access list, when you try to access the page does it show http auth popup or blank screen without that? |
I haven't even added in the auth component yet. I was just trying to get an instance of the reverse proxy working. Really just an example nginx config is what I'm looking for. |
Okay, perhaps I am confused. You shouldn't have to do anything within frigate itself to get this working. Just setup a proxy host that points to the IP & port that frigate is running on, request an SSL cert, and you are on your way. |
Yes no change should be needed in frigate, however, just doing the basics in nginx doesn't work like it does for all the other unrelated services I am doing reverse proxy for.
|
If you have it working, can you share the relevant sections of your nginx config file? |
Interesting, I have been doing things via the GUI of Nginx Proxy Manager docker. I will try to parse out my config file and see what I can find. One thing I can say off the bat is that instead of doing /frigate, I use separate subdomains for HASS and Frigate
|
Ah yea, doing it at / actually ends up working. Trying to get it working under the same domain but /frigate is the problem. Making that work likely would require a frigate change so the embedded html will start at /frigate instead of /, although at this time it seems like frigate doesn't support that. Or at least I can't find anything that seems to be related in the frigate config docs. |
It supports it. You have to insert a header to tell it to rewrite paths. Example |
I cannot get it to work using the example:
I tried using curl to test. This returns the content:
This returns a 404:
This also returns the content:
So it seams that header isn't actually doing anything. Am I missing something, or could there perhaps be a regression in 0.10.0-beta6-amd64? |
It's definitely working. That's how the ingress works for the homeassistant addon. If it wasn't working, there would be dozens of issues about it. |
You are thinking about it wrong. That header tells nginx in frigate to rewrite the contents in the file returned, not change the path that works. Try hitting the main html page with that header and looking at the returned file. You will see the references to js, css, etc are all now under the path you passed in the header. |
Ah so somehow I was missing the trailing slash on the proxy_pass line. I'm sure I had it there at some point, I guess I was changing too many things. Anyway, it does work now. Thanks! |
I did find one small issue. When this is done, clicking around in the frigate UI results in the URL in the URL bar being changed to something that doesn't actually work, as it doesn't add in the /frigate prefix. There is only a problem if the browser refresh button is hit, which will of course result in a 404 since the URL is wrong. I'm guessing there is some javascript changing that URL that isn't respecting the header. |
Could it be due it not rewriting? I know I had a very similar issue with jellyfin, but the solution was to change the base url. I suspect a rewrite may help, but I am no expert an nginx |
Hi @blakeblackshear the code for nginx proxy posted by @nbartos (shown bellow) is working but this will expose internal frigate url to outside world even without logging into Home Assistant. Is there any workaround to this problem? I use your great software inside docker compose container and would like to use it in HA on public address.
|
You can setup basic auth in nginx: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ |
Describe the problem you are having
Since the frigate web interface does not support ssl or auth, I am trying to setup a nginx reverse proxy on a sub-url (e.g. https://server/frigate) of an nginx instance I'm already using for other things, however I can't get it to work. I just end up getting an empty page.
Home assistant has direct access to the frigate container on port 5000 and I don't intend on changing that, I just want to add a way for a web browser to access frigate using ssl+auth. Ideally I'd really like to set it up at https://server/frigate instead of having nginx listen on another port and putting it at the root (e.g. https://server:10000/).
I've been looking through all the documentation, but I can't find any reference to trying to do this.
Version
0.10.0-DB1255A
Frigate config file
Relevant log output
FFprobe output from your camera
Frigate stats
Operating system
Other Linux
Install method
Docker Compose
Coral version
CPU (no coral)
Network connection
Wired
Camera make and model
Amcrest IP8M-T2669EW-AI
Any other information that may be helpful
No response
The text was updated successfully, but these errors were encountered: