search

brenner-tobias / addon-cloudflared

Connect remotely to your Home Assistant instance without opening any ports using Cloudflared.
MIT License
874 stars 54 forks source link

Unable to connect through app until i hit retry since adding CloudFlared. #287

Closed burnski666 closed 1 year ago

burnski666 commented 1 year ago

The problem

Issue where i get the "unable to connect, try again on 60 seconds" . Only happens on the android app (desktop/browser works fine) since migrating to CloudFlared from DuckDNS. However if i immediately hit the "retry now" - even at 59seconds left on the counter, it always connects.

What version of Cloudflared has the issue?

4.0.7

What was the last working version of Cloudflared?

No response

What type of installation are you running?

Home Assistant OS

Add-on YAML Configuration

# Loads default set of integrations. Do not remove.
default_config:

# Load frontend themes from the themes folder
frontend:
  themes: !include_dir_merge_named themes

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24
    - 192.168.1.246/24

# Text to speech
tts:
  - platform: google_translate

automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml

my:

# Custom Panels
panel_custom: 
  - name: Supervisor
    url_path: hassio/system # url_path needs to be unique for each panel_custom config
    sidebar_title: Supervisor
    sidebar_icon: mdi:home-assistant # https://materialdesignicons.com/
    module_url: /local/panel-redirect.js # 'local' is '/config/www/'

sensor:  
  - platform: systemmonitor
    resources:
    - type: processor_use
    - type: disk_use_percent
      arg: "/"
    - type: disk_free
      arg: "/"
    - type: memory_use_percent
    - type: network_in
      arg: eth0
    - type: throughput_network_in
      arg: eth0
    - type: network_out
      arg: eth0
    - type: throughput_network_out
      arg: eth0
    - type: processor_temperature
    - type: last_boot
# OPTIONAL CPU Raspberry Pi Temp
  - platform: command_line
    name: CPU Temp
    command: "cat /sys/class/thermal/thermal_zone0/temp"
    unit_of_measurement: "°C"
    value_template: '{{ value | multiply(0.001) | round(2)  }}'

Anything in the logs that might be useful for us?

-----------------------------------------------------------
 Add-on: Cloudflared
 Use a Cloudflare Tunnel to remotely connect to Home Assistant without opening any ports
-----------------------------------------------------------
 Add-on version: 4.0.7
 You are running the latest version of this add-on.
 System: Home Assistant OS 9.4  (aarch64 / raspberrypi4-64)
 Home Assistant Core: 2022.12.8
 Home Assistant Supervisor: 2022.11.2
-----------------------------------------------------------
 Please, share the above information when looking for help
 or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[09:11:48] INFO: Checking add-on config...
[09:11:50] INFO: Checking for existing certificate...
[09:11:50] INFO: Existing certificate found
[09:11:50] INFO: Checking for existing tunnel...
[09:11:50] INFO: Existing tunnel with ID [xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] found
[09:11:50] INFO: Checking if existing tunnel matches name given in config
[09:11:51] INFO: Existing Cloudflare Tunnel name matches config, proceeding with existing tunnel file
[09:11:51] INFO: Creating config file...
[09:11:53] INFO: Validating config file...
Validating rules from /tmp/config.json
OK
[09:11:53] INFO: Creating DNS entry [domain].ca...
2022-12-26T14:11:54Z INF [domain].ca is already configured to route to your tunnel tunnelID=[xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx]
[09:11:54] INFO: Creating DNS entry ha.[domain].ca...
2022-12-26T14:11:55Z INF ha.[domain].ca is already configured to route to your tunnel tunnelID=[xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx]
[09:11:55] INFO: Finished setting up the Cloudflare Tunnel
[09:11:55] INFO: Connecting Cloudflare Tunnel...
2022-12-26T14:11:56Z INF Starting tunnel tunnelID=[xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx]
2022-12-26T14:11:56Z INF Version 2022.12.1
2022-12-26T14:11:56Z INF GOOS: linux, GOVersion: go1.19.3, GoArch: arm64
2022-12-26T14:11:56Z INF Settings: map[config:/tmp/config.json cred-file:/data/tunnel.json credentials-file:/data/tunnel.json loglevel:info metrics:0.0.0.0:36500 no-autoupdate:true origincert:/data/cert.pem]
2022-12-26T14:11:56Z INF Generated Connector ID: 9620b7a8-79df-458a-8386-3d8c6672c727
2022-12-26T14:11:56Z INF Initial protocol quic
2022-12-26T14:11:56Z INF ICMP proxy will use 172.30.33.2 as source for IPv4
2022-12-26T14:11:56Z INF ICMP proxy will use :: as source for IPv6
2022-12-26T14:11:56Z INF Starting metrics server on [::]:36500/metrics
2022-12-26T14:11:56Z INF Connection 3a900bb3-2c54-4fb4-9039-a35603947841 registered with protocol: quic connIndex=0 ip=198.41.192.107 location=YYZ
2022-12-26T14:11:56Z INF Connection 6b7d9909-9c5b-4c38-b305-a8a9d4325e13 registered with protocol: quic connIndex=1 ip=198.41.200.43 location=ORD
2022-12-26T14:11:57Z INF Updated to new configuration config="{\"ingress\":[{\"hostname\":\"[domain].ca\",\"originRequest\":{\"noTLSVerify\":true},\"service\":\"http://homeassistant:8123\"},{\"hostname\":\"ha.[domain].ca\",\"originRequest\":{\"noTLSVerify\":true},\"service\":\"http://192.168.1.246:8123\"},{\"hostname\":\"www.[domain].ca\",\"originRequest\":{\"noTLSVerify\":true},\"service\":\"http://192.168.1.246:8123\"},{\"hostname\":\"plex.[domain].ca\",\"originRequest\":{\"noTLSVerify\":true},\"service\":\"http://192.168.1.212:32400\"},{\"originRequest\":{\"noTLSVerify\":true},\"service\":\"http_status:404\"}],\"warp-routing\":{\"enabled\":false}}" version=4
2022-12-26T14:11:57Z INF Connection 4f294e80-25ff-4de6-96a1-05a83244362c registered with protocol: quic connIndex=2 ip=198.41.200.33 location=ORD
2022-12-26T14:11:58Z INF Connection 8e7aa861-2d52-4800-84ff-5dee192a5d93 registered with protocol: quic connIndex=3 ip=198.41.192.37 location=YYZ
2022-12-26T15:26:11Z INF Unregistered tunnel connection connIndex=1
2022-12-26T15:26:11Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=1 ip=198.41.200.43
2022-12-26T15:26:11Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=1 ip=198.41.200.43
2022-12-26T15:26:11Z INF Retrying connection in up to 1s connIndex=1 ip=198.41.200.43
2022-12-26T15:26:11Z INF Unregistered tunnel connection connIndex=2
2022-12-26T15:26:11Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=2 ip=198.41.200.33
2022-12-26T15:26:11Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=2 ip=198.41.200.33
2022-12-26T15:26:11Z INF Retrying connection in up to 1s connIndex=2 ip=198.41.200.33
2022-12-26T15:26:11Z INF Unregistered tunnel connection connIndex=0
2022-12-26T15:26:11Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=0 ip=198.41.192.107
2022-12-26T15:26:11Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=0 ip=198.41.192.107
2022-12-26T15:26:11Z INF Retrying connection in up to 1s connIndex=0 ip=198.41.192.107
2022-12-26T15:26:12Z INF Unregistered tunnel connection connIndex=3
2022-12-26T15:26:12Z ERR Failed to serve quic connection error="timeout: no recent network activity" connIndex=3 ip=198.41.192.37
2022-12-26T15:26:12Z ERR Serve tunnel error error="timeout: no recent network activity" connIndex=3 ip=198.41.192.37
2022-12-26T15:26:12Z INF Retrying connection in up to 1s connIndex=3 ip=198.41.192.37
2022-12-26T15:26:22Z ERR Failed to refresh protocol error="lookup protocol-v2.argotunnel.com on 127.0.0.11:53: server misbehaving"
2022-12-26T15:26:22Z ERR Connection terminated error="timeout: no recent network activity" connIndex=2
2022-12-26T15:26:32Z ERR Failed to refresh protocol error="lookup protocol-v2.argotunnel.com on 127.0.0.11:53: server misbehaving"
2022-12-26T15:26:32Z ERR Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=2 ip=198.41.200.53
2022-12-26T15:26:32Z INF Retrying connection in up to 4s connIndex=2 ip=198.41.200.53
2022-12-26T15:26:36Z ERR Connection terminated error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=2
2022-12-26T15:26:37Z ERR Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=0 ip=198.41.192.47
2022-12-26T15:26:37Z INF Retrying connection in up to 4s connIndex=0 ip=198.41.192.47
2022-12-26T15:26:42Z ERR Failed to refresh protocol error="lookup protocol-v2.argotunnel.com on 127.0.0.11:53: server misbehaving"
2022-12-26T15:26:42Z ERR Connection terminated error="timeout: no recent network activity" connIndex=1
2022-12-26T15:26:42Z ERR Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=0 ip=198.41.192.57
2022-12-26T15:26:42Z INF Retrying connection in up to 8s connIndex=0 ip=198.41.192.57
2022-12-26T15:26:52Z ERR Failed to refresh protocol error="lookup protocol-v2.argotunnel.com on 127.0.0.11:53: server misbehaving"
2022-12-26T15:26:52Z ERR Connection terminated error="timeout: no recent network activity" connIndex=3
2022-12-26T15:26:52Z ERR Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=0 ip=198.41.192.107
2022-12-26T15:26:52Z INF Retrying connection in up to 16s connIndex=0 ip=198.41.192.107
2022-12-26T15:27:02Z INF Connection 00c23e83-d101-4249-bd9b-acfd987e6235 registered with protocol: quic connIndex=0 ip=198.41.192.37 location=YYZ
2022-12-26T15:27:02Z INF Connection 8fbd0bf3-bd95-4514-87ad-a5c63531c38a registered with protocol: quic connIndex=3 ip=198.41.192.77 location=YYZ
2022-12-26T15:27:02Z INF Connection 1718db13-9446-4172-81ce-16ec80e227b6 registered with protocol: quic connIndex=1 ip=198.41.200.23 location=ORD
2022-12-26T15:27:02Z INF Connection b2b2d93e-9030-4fa6-8485-8b33e29ae2e2 registered with protocol: quic connIndex=2 ip=198.41.200.193 location=ORD

Steps to reproduce the issue

open the HA app, get the error, hit retry, works. Only started since migrating from DuckDNS to CloudFlared.

Additional information

System Information

version core-2022.12.8
installation_type Home Assistant OS
dev false
hassio true
docker true
user root
virtualenv false
python_version 3.10.7
os_name Linux
os_version 5.15.76-v8
arch aarch64
timezone America/Toronto
config_dir /config
Home Assistant Community Store GitHub API | ok -- | -- GitHub Content | ok GitHub Web | ok GitHub API Calls Remaining | 5000 Installed Version | 1.29.0 Stage | running Available Repositories | 1202 Downloaded Repositories | 8
Home Assistant Cloud logged_in | false -- | -- can_reach_cert_server | ok can_reach_cloud_auth | ok can_reach_cloud | ok
Home Assistant Supervisor host_os | Home Assistant OS 9.4 -- | -- update_channel | stable supervisor_version | supervisor-2022.11.2 agent_version | 1.4.1 docker_version | 20.10.19 disk_total | 116.7 GB disk_used | 7.9 GB healthy | true supported | true board | rpi4-64 supervisor_api | ok version_api | ok installed_addons | ESPHome (2022.12.3), Studio Code Server (5.5.0), Terminal & SSH (9.6.1), Home Assistant Google Drive Backup (0.109.2), Samba share (10.0.0), Cloudflared (4.0.7)
Dashboards dashboards | 1 -- | -- resources | 1 views | 5 mode | storage
Recorder oldest_recorder_run | December 18, 2022 at 3:06 AM -- | -- current_recorder_run | December 25, 2022 at 10:49 PM estimated_db_size | 959.52 MiB database_engine | sqlite database_version | 3.38.5
brenner-tobias commented 1 year ago

Thanks a lot for raising. Have you created an Application for HomeAssistant in Cloudflare Zero Trust (for additional protection with another layer of login, inkl. 2FA)? If so, this might be the reason since this seems to not work properly with the Android App.

brenner-tobias commented 1 year ago

Closing this as a duplicate of #283