Danke für deine Antwort. Ich würde das gern nachbauen, daher ein paar Fragen:
Auf welchem Gerät läuft dein nginx genau und aktualisierst du bei DuckDNS die WAN-IPv6 der FritzBox oder die globale IPv6 des Geräts, auf dem nginx läuft?
Ich habe einen Proxmox Server und da läuft HA als VM und nginx in einer Ubuntu VM. Ich nehme die ipv6 der Fritzbox, welche diese als Entität in HA in der Fritzbox Integration bereitstellt.
Der Flow ist in Nodered dann folgender:
[{"id":"6451029d3a330b0f","type":"tab","label":"ip_v6 Duckdns","disabled":false,"info":"","env":[]},{"id":"577a6cab02df26ea","type":"server-state-changed","z":"6451029d3a330b0f","name":"","server":"7b040d23.b65e04","version":6,"outputs":1,"exposeAsEntityConfig":"","entities":{"entity":["sensor.fritz_box_7490_externe_ipv6"],"substring":[],"regex":[]},"outputInitially":false,"stateType":"str","ifState":"","ifStateType":"str","ifStateOperator":"is","outputOnlyOnStateChange":true,"for":"0","forType":"num","forUnits":"minutes","ignorePrevStateNull":false,"ignorePrevStateUnknown":true,"ignorePrevStateUnavailable":true,"ignoreCurrentStateUnknown":true,"ignoreCurrentStateUnavailable":true,"outputProperties":[{"property":"payload","propertyType":"msg","value":"","valueType":"entityState"},{"property":"data","propertyType":"msg","value":"","valueType":"eventData"},{"property":"topic","propertyType":"msg","value":"","valueType":"triggerId"}],"x":290,"y":180,"wires":[["ef24c57a65745bc8","5221e9ee47a0038b","01a9213188a7501b"]]},{"id":"0d5b03a9758ec780","type":"debug","z":"6451029d3a330b0f","name":"debug 2","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"payload","targetType":"msg","statusVal":"","statusType":"auto","x":800,"y":200,"wires":[]},{"id":"ef24c57a65745bc8","type":"debug","z":"6451029d3a330b0f","name":"debug 3","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"payload","targetType":"msg","statusVal":"","statusType":"auto","x":660,"y":120,"wires":[]},{"id":"5221e9ee47a0038b","type":"template","z":"6451029d3a330b0f","name":"","field":"payload","fieldType":"msg","format":"handlebars","syntax":"mustache","template":"https://www.duckdns.org/update?domains=meinedomain1.duckdns.org&token=meinduckdnstoken&ip=&ipv6={{payload}}","output":"str","x":620,"y":280,"wires":[["0d5b03a9758ec780","93c75cca230a64ce"]]},{"id":"93c75cca230a64ce","type":"http request","z":"6451029d3a330b0f","name":"","method":"GET","ret":"txt","paytoqs":"ignore","url":"{{{payload}}}&format=json","tls":"","persist":false,"proxy":"","insecureHTTPParser":false,"authType":"","senderr":false,"headers":[],"x":790,"y":360,"wires":[["b3756ead4e005a3a"]]},{"id":"b3756ead4e005a3a","type":"debug","z":"6451029d3a330b0f","name":"debug 4","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"false","statusVal":"","statusType":"auto","x":930,"y":280,"wires":[]},{"id":"ca0dbf602f1d2792","type":"http request","z":"6451029d3a330b0f","name":"","method":"GET","ret":"txt","paytoqs":"ignore","url":"{{{payload}}}&format=json","tls":"","persist":false,"proxy":"","insecureHTTPParser":false,"authType":"","senderr":false,"headers":[],"x":790,"y":440,"wires":[["fb821b61fd0de16e"]]},{"id":"01a9213188a7501b","type":"template","z":"6451029d3a330b0f","name":"","field":"payload","fieldType":"msg","format":"handlebars","syntax":"mustache","template":"https://www.duckdns.org/update?domains=meinedomain2.duckdns.org&token=meinduckdnstoken&ip=&ipv6={{payload}}","output":"str","x":620,"y":420,"wires":[["ca0dbf602f1d2792"]]},{"id":"fb821b61fd0de16e","type":"debug","z":"6451029d3a330b0f","name":"debug 6","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"false","statusVal":"","statusType":"auto","x":980,"y":440,"wires":[]},{"id":"7b040d23.b65e04","type":"server","name":"Home Assistant","addon":true},{"id":"363723515b6a9a4f","type":"global-config","env":[],"modules":{"node-red-contrib-home-assistant-websocket":"0.80.3"}}]
Und nginx ist wie folgt konfiguriert:
server {
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
server_name meinedomain1.duckdns.org;
# SSL configuration
# RSA certificates
ssl_certificate /etc/letsencrypt/meinedomain1.duckdns.org/rsa/fullchain.p>
ssl_certificate_key /etc/letsencrypt/meinedomain1.duckdns.org/rsa/key.pem;
# ECC certificates
ssl_certificate /etc/letsencrypt/meinedomain1.duckdns.org/ecc/fullchain.p>
ssl_certificate_key /etc/letsencrypt/meinedomain1.duckdns.org/ecc/key.pem;
# This should be ca.pem (certificate with the additional intermediate c>
# See here: https://certbot.eff.org/docs/using.html
# ECC
ssl_trusted_certificate /etc/letsencrypt/meinedomain1.duckdns.org/ecc/ca.>
# Include SSL configuration
include /etc/nginx/snippets/ssl_home.conf;
# Include headers
include /etc/nginx/snippets/headers.conf;
location / {
proxy_pass http://192.168.xxx.ipv4 von HA:8123;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
In der Fritzbox dann den HTTPS Port 443 auf die nginx IP Port 443 freigeben und den HTTP Port genauso für letsencrypt bzw wenn du die Zertifikate schon über das Duckdns im HA hast kannst du auch diese nutzen und auch nginx als Addon in HA laufen lassen
1 „Gefällt mir“
Danke dir für die ausführliche Erklärung und das Bereitstellen von Flow und Config – jetzt ist mir klar, wie dein Setup mit Proxmox, nginx-VM und Node-RED funktioniert.
Für mein relativ kleines Home-Assistant-Setup wäre dieser Ansatz aber doch etwas “too much”, Bleibe erstmal bei meiner bisherigen Lösung. Trotzdem vielen Dank für deine Mühe! 
Grüße, sedowan
1 „Gefällt mir“
Naja wie gesagt kannst du nginx auch als Addon in HA laufen lassen und die dort schon vorhandenen Zertifikate nutzen, dann ist das noch einfacher. Bei mir ist das nur etwas breiter aufgebaut weil ich zuerst die Ubuntu VM mit nginx und Nextcloud schon hatte