search

brenner-tobias / addon-cloudflared

Connect remotely to your Home Assistant instance without opening any ports using Cloudflared.
MIT License
879 stars 54 forks source link

Dont have access using cloudflare #706

Closed schlumm closed 1 month ago

schlumm commented 2 months ago

The problem

Recently I have had a problem connecting from outside my network. Everything seems OK. I erased all the private data of the website as well as the tunnel info,

Use a Cloudflare Tunnel to remotely connect to Home Assistant without opening any ports
-----------------------------------------------------------
 Add-on version: 5.1.19
 You are running the latest version of this add-on.
 System: Home Assistant OS 13.1  (aarch64 / raspberrypi3-64)
 Home Assistant Core: 2024.9.1
 Home Assistant Supervisor: 2024.09.1
-----------------------------------------
[14:21:54] INFO: Checking add-on config...
[14:21:55] INFO: Checking for existing certificate...
[14:21:55] INFO: Existing certificate found
[14:21:55] INFO: Checking for existing tunnel...
[14:21:55] INFO: Existing tunnel with ID xxxxa383 found
[14:21:55] INFO: Checking if existing tunnel matches name given in config
2024-09-16T11:22:03Z WRN Your version 2024.8.3 is outdated. We recommend upgrading it to 2024.9.1
[14:22:03] INFO: Existing Cloudflare Tunnel name matches config, proceeding with existing tunnel file
[14:22:03] INFO: Creating config file...
[14:22:05] INFO: Validating config file...
Validating rules from /tmp/config.json
OK
[14:22:05] INFO: Creating DNS entry xxxx.xyz...
2024-09-16T11:22:07Z INF xxxx.xyz is already configured to route to your tunnel tunnelID=xxxxxxxxxx
[14:22:07] INFO: Finished setting up the Cloudflare Tunnel
[14:22:08] INFO: Connecting Cloudflare Tunnel...
2024-09-21T07:46:21Z INF Retrying connection in up to 2s connIndex=3 event=0 ip=198.41.192.167
2024-09-21T07:46:22Z WRN Connection terminated error="already connected to this server, trying another address" connIndex=3
2024-09-21T07:46:43Z INF Registered tunnel connection connIndex=3 connection=xxxxx event=0 ip=198.41.192.227 location=tlv02 protocol=quic
2024-09-21T08:11:19Z ERR  error="Incoming request ended abruptly: context canceled" connIndex=2 event=1 ingressRule=0 originService=http://homeassistant:8123
2024-09-21T08:11:19Z ERR Request failed error="Incoming request ended abruptly: context canceled" connIndex=2 dest=https://xxxx.xyz/ event=0 ip=198.41.200.13 type=http

What version of Cloudflared has the issue?

5.1.19

What was the last working version of Cloudflared?

No response

What type of installation are you running?

Home Assistant OS

Add-on YAML Configuration

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24

Anything in the logs that might be useful for us?

Use a Cloudflare Tunnel to remotely connect to Home Assistant without opening any ports
-----------------------------------------------------------
 Add-on version: 5.1.19
 You are running the latest version of this add-on.
 System: Home Assistant OS 13.1  (aarch64 / raspberrypi3-64)
 Home Assistant Core: 2024.9.1
 Home Assistant Supervisor: 2024.09.1
-----------------------------------------
[14:21:54] INFO: Checking add-on config...
[14:21:55] INFO: Checking for existing certificate...
[14:21:55] INFO: Existing certificate found
[14:21:55] INFO: Checking for existing tunnel...
[14:21:55] INFO: Existing tunnel with ID xxxxa383 found
[14:21:55] INFO: Checking if existing tunnel matches name given in config
2024-09-16T11:22:03Z WRN Your version 2024.8.3 is outdated. We recommend upgrading it to 2024.9.1
[14:22:03] INFO: Existing Cloudflare Tunnel name matches config, proceeding with existing tunnel file
[14:22:03] INFO: Creating config file...
[14:22:05] INFO: Validating config file...
Validating rules from /tmp/config.json
OK
[14:22:05] INFO: Creating DNS entry xxxx.xyz...
2024-09-16T11:22:07Z INF xxxx.xyz is already configured to route to your tunnel tunnelID=xxxxxxxxxx
[14:22:07] INFO: Finished setting up the Cloudflare Tunnel
[14:22:08] INFO: Connecting Cloudflare Tunnel...

2024-09-21T07:46:21Z INF Retrying connection in up to 2s connIndex=3 event=0 ip=198.41.192.167
2024-09-21T07:46:22Z WRN Connection terminated error="already connected to this server, trying another address" connIndex=3
2024-09-21T07:46:43Z INF Registered tunnel connection connIndex=3 connection=xxxxx event=0 ip=198.41.192.227 location=tlv02 protocol=quic
2024-09-21T08:11:19Z ERR  error="Incoming request ended abruptly: context canceled" connIndex=2 event=1 ingressRule=0 originService=http://homeassistant:8123
2024-09-21T08:11:19Z ERR Request failed error="Incoming request ended abruptly: context canceled" connIndex=2 dest=https://xxxx.xyz/ event=0 ip=198.41.200.13 type=http

Steps to reproduce the issue

the domain name is something .xyz

in the cloudflare website everything looks OK (using the freeplan and it's active)

Additional information

No response

brenner-tobias commented 2 months ago

Which domain registrar are you using? I suggest to do an update to the newest version and a full re-install and configuration of the add-on, if not already done.

schlumm commented 2 months ago

As seen in the logs above the domain name is XYZ. within cloudflare everything looks OK all the time. Currently, I'm using the latest version on HAOS. As you recommended, I'll go ahead and reinstall the addon. If you need more info, either from cloudflare or from the HA, please tell me what to attach.

cloudflare

schlumm commented 2 months ago

Another hint, that may be related. I created a rule to block requests from the country Singapour (which of course, not my location). In the cloudFlare website under /security/waf/custom-rules. And I see that it blocks several requests from Singapour.

Also, in the log, sometimes it has:

Incoming request ended abruptly: context canceled

More question: why I get the following warning even my HAOS is 2024.9.1?

WRN Your version 2024.8.3 is outdated. We recommend upgrading it to 2024.9.1
brenner-tobias commented 1 month ago

It looks like you are not on the latest add-on version (5.1.19, while we have 5.1.20 released since around two weeks), otherwise the warning WRN Your version 2024.8.3 is outdated. We recommend upgrading it to 2024.9.1 would not be shown. So please update the Cloudflared Add-On. Also, please deactivate any WAF rules in Cloudflare. If the connection is working without them, there is nothing we can do from the add-on perspective.

schlumm commented 2 weeks ago

without changing anything on my side (HA or cloudflare), suddenly it started to work.