Hey Guys, so I still have no clue about most of the stuff im doing hence why I am doing it :) I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet. Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following: ``` homeassistant: internal_url: http://192.168.178.214:8123 external_url: https://ha.xxxxx.duckdns.org http: use_x_forwarded_for: true trusted_proxies: - 172.22.0.0/24 ``` Following is my Homeassistant Configuration: ``` homeassistant: container_name: homeassistant image: "ghcr.io/home-assistant/home-assistant:stable" volumes: - /homeassistant/:/config - /etc/localtime:/etc/localtime:ro restart: unless-stopped network_mode: host privileged: true ports: - 8123:8123 - 5683:5683 nginx-proxy-manager: container_name: nginx privileged: true image: 'jc21/nginx-proxy-manager:latest' ports: - '80:80' - '81:81' - '443:443' environment: DB_MYSQL_HOST: "nginx-db" DB_MYSQL_PORT: 3306 volumes: - /nginx/data:/data - /nginx/letsencrypt:/etc/letsencrypt nginx-db: container_name: nginx-db image: 'jc21/mariadb-aria:latest' environment: volumes: - /nginx/mysql:/var/lib/mysql vaultwarden: container_name: vaultwarden image: vaultwarden/server:latest restart: unless-stopped volumes: - /vaultwarden:/data/ ports: - 8125:3012 - 8124:80 environment: - DOMAIN=https://vw.xxxxx.duckdns.org - LOGIN_RATELIMIT_MAX_BURST=10 - LOGIN_RATELIMIT_SECONDS=60 - ADMIN_RATELIMIT_MAX_BURST=10 - ADMIN_RATELIMIT_SECONDS=60 - ADMIN_TOKEN= - SENDS_ALLOWED=true - EMERGENCY_ACCESS_ALLOWED=true - WEB_VAULT_ENABLED=true - SIGNUPS_ALLOWED=true ``` I have forwarded the ports in the router. I have set up nginx the following:  Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!). What is the reason for this? Do I have to set some sort of header? Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.

Hello Friends, I have a small ubuntu Server and I finally also want to transfer my Vaultwarden Instance to it. On this Server I have several services running (homeassistant, ...) and Certbot via Dehydrated (right now I get a certificate for my duckdns address). In some directory I have the privkey and fullchain files. Now my Problem is that when I start vaultwarden it wont load as https. I believe, my Problem is telling Vaultwarden, where my certificate files are located so it can use them accordingly. This is my Compose File right now: ``` vaultwarden: container_name: vaultwarden image: vaultwarden/server:latest restart: unless-stopped volumes: - /home/vaultwarden:/data/ - /home/(directory to my certificates):/usr/share/ca-certificates/ ports: - 8129:80 environment: - DOMAIN=https://hurrdurr.duckdns.org - LOGIN_RATELIMIT_MAX_BURST=10 - LOGIN_RATELIMIT_SECONDS=60 - ADMIN_RATELIMIT_MAX_BURST=10 - ADMIN_RATELIMIT_SECONDS=60 - ADMIN_TOKEN=token - SENDS_ALLOWED=true - EMERGENCY_ACCESS_ALLOWED=true - WEB_VAULT_ENABLED=true - SIGNUPS_ALLOWED=true ``` The Volume Mapping to the certificates was just me trying it out so maybe its working if I map it like that. If I open the 8129 in my Browser it will just time out. I also managed it to start but it wouldnt let me register as theres not https certificate.