so in my http section i still have
http:
base_url:
https://mynamehere.duckdns.org
but all the other stuff is removed.
then i have duckdns
lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: my token here
domains:
- mynamehere.duckdns.org
aliases: []
seconds: 300
and i have nginx
domain: mynamehere.duckdns.org
certfile: fullchain.pem
keyfile: privkey.pem
hsts: max-age=31536000; includeSubDomains
cloudflare: false
customize:
active: false
default: nginx_proxy_default*.conf
servers: nginx_proxy/*.conf
and i have 443/tcp set to 443 and 80/tcp disabled
then on my router i have outside 443 forwarded to internal ip of my HA port 443
i can access HA from the outside on the
https://myname.duckdns.org and internally on the
http://ipaddress:8123
i note you say you cant use 443, im just showing you for reference what worked for me