Firewalla Tutorial: Expanding With Docker Containers

Follow

Comments

21 comments

  • Avatar
    Alex Kac

    Questions:

    1. How do you keep docker running after a firewalla reboot? Right now I've got to go in and restart docker every time.
    2. How do we get Homebridge to respond or be on the same network as the main LAN?
    0
    Comment actions Permalink
  • Avatar
    Matt Chesler

    Alex, you should be able to keep docker running after reboot by running

     sudo systemctl enable docker
    3
    Comment actions Permalink
  • Avatar
    Michael Bierman

    This isn't working for me.

    Homebridge is running just fine, but can't be added to my homekit. Anyone notice that the WAN address is shown in homebridge when it is running on Firewalla? 

     

     

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Alex, make sure you point at your firewalla. For me, initially the URL given was wrong. Instead of my gateway, which is Firewalla at 192.168.0.1 it gave me my WAN IP. Switch to your Firewalla IP and specify port "8080" and you should see homebridge on Firewalla. for me that is, "http://192.168.0.1:8080/login"

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    By the way, some great tutorials about homebridge/docker. It would be great to have a link to that in the tutorial.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    O.K. here is how to get homebridge working on firewalla Gold. After completing the steps above, you must do this:

    0. Confirm the homebridge container is running using the terminal as above or, open the UI

    http://yourfirewallaLANIP:8080

    1.You need to add "mdns": { "interface": "LAN-IP-of-Gold" } to your homebridge config.json file. Check this for more details https://github.com/homebridge/homebridge/issues/1957 For example, 

    {
    "mdns": {
    "interface": "192.168.0.1"
    },

         "bridge": {
         "name": "Homebridge Firewalla",
         "username": "1B:20:2J:1A:1C:4B",
         "port": 52175,
         "pin": "093-48-135"
    },

    Note, the username does not have to be the MAC address of your firewalla.

    2. Change the user name, PIN, and hostname in the homebridge config.json.
    3. Delete “persist” and “accessories“ dirs in homebridge directory.
    4. Restart the docker container.
    5. Open the homebridge UI in a browser,
    5. Add the homebridge accessory to Home by scanning the QR Code.

    Note firewalla will show an IPV6 address in the UI even if you have disabled ipv6. Also, it will report your WAN IP as the ipv4 address which isn’t standard for homebridge. Neither of these seems to impact things working though.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Added a tutorial on the homebridge github side. 

    0
    Comment actions Permalink
  • Avatar
    Shawn H

    Thanks much! Works great now. 

    0
    Comment actions Permalink
  • Avatar
    BatraD

    thanks. wanted a place to run the Unifi controller since i got rid of the UDM 

     

    0
    Comment actions Permalink
  • Avatar
    Hans Hong (dyndragon)

    @Matt Chesler that command doesn't seem to have any effect. Tried it on my pi-hole docker setup on FWG. I still have to manually start up the pi-hole docker. Everything else inside the pi-hole configuration persists though, which is good.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    @Hans, the persist code will be in 1.971 for the Gold; we will update the document once it is ready.  (as the time of this message, should be very soon)

    0
    Comment actions Permalink
  • Avatar
    Pimbox

    How a change my docker ip? I will configure pihole in there now to free my raspberry o/

    0
    Comment actions Permalink
  • Avatar
    Shane Lord

    Hi team,

    Have you or anyone had a chance to try setting up https://nginxproxymanager.com/ under the Firewalla Docker environment? I should receive my Gold next week, but it would be great to be able to have my reverse proxy running on the Gold rather than requiring another device.

    Thanks,
    Shane.

    0
    Comment actions Permalink
  • Avatar
    Brian Newbold

    HIGHLY recommend installing Portainer to your Docker stack.

    It makes management of all your containers incredibly simple. I followed this guide:
    https://homenetworkguy.com/how-to/install-pihole-on-raspberry-pi-with-docker-and-portainer/

    More info on portainer in Guide: How to install Pi-Hole on Gold (beta). Seek the 2nd page of comments for my Q&A and findings,
    HERE:
    https://help.firewalla.com/hc/en-us/articles/360051625034-Guide-How-to-install-Pi-Hole-on-Gold-Beta-?page=2#comments

    0
    Comment actions Permalink
  • Avatar
    Brian Newbold

    Quick update: Portainer Install commands. This is assuming your firewalla is named firewalla.lan on the network which is default.

    SSH to Firewalla (mac terminal): 
    ssh pi@firewalla.lan

    Portainer docker setup location:
    cd /home/pi/.firewalla/run/docker

    Install:
    sudo systemctl start docker
    sudo docker volume create portainer_data
    sudo docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data --restart always portainer/portainer
    sudo docker ps

    If correctly installed, portainer will show as a docker container from the docker ps command.
    You should then be able to access portainer on the network at:
    http://firewalla.lan:9000

    If you see this, you can set up your portainer admin password and start using portainer to add your containers (homebridge/pihole/etc):

    Good luck and have fun!

    0
    Comment actions Permalink
  • Avatar
    Shane Lord

    @brian for some reason i can’t make this work. Portainer installs and is running but doesn’t load when I go to the IP:9000 address of my Gold.

    0
    Comment actions Permalink
  • Avatar
    Brian Newbold

    I'm not very good at docker debugging hence my desire to use portainer :-)
    Simple suggestion first, you went to http instead of https right?
    Next up, check the container log. When installed it's named randomly mine was trusty_trigger:
    docker container ls
    docker container logs trusty_trigger

    That might give you a hint as to what's the matter.

     

    0
    Comment actions Permalink
  • Avatar
    Steve

    How effecient are the containers on a Purple?

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    @steve you may want to use an SD card for storage as Purple can run out of space with just a few containers. 

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    @steve I moved my docker root to an SD card on my FWP.
    https://help.firewalla.com/hc/en-us/community/posts/4491452568851-Moving-docker-to-SD-card-on-Firewalla-Purple

    0
    Comment actions Permalink

Please sign in to leave a comment.