Before everything, please note:
- This is a tech doc only for Pros
- Incorrect settings of port forwarding will result ports being opened on your WAN interface
- This is for Firewalla Gold only
Thanks Michael Bierman for his effort on this topic to sort everything out.
First, login to Gold via SSH, you could find the credential on your Firewalla app, settings -> Advanced -> Configurations -> SSH Console, username is pi
Create the following file, change the port if 8080 is already occupied by other service on your Gold
/home/pi/.firewalla/run/docker/homebridge/docker-compose.yaml
version: '2'
services:
homebridge:
image: oznu/homebridge:3.3.0
container_name: homebridge
restart: always
network_mode: host
environment:
- PGID=1000
- PUID=1000
- HOMEBRIDGE_CONFIG_UI=1
- HOMEBRIDGE_CONFIG_UI_PORT=8080
volumes:
- '/data/homebridge:/homebridge'
Run the following commands to install and start HomeBridge
cd /home/pi/.firewalla/run/docker/homebridge sudo systemctl start docker sudo docker-compose up --detach
You should be able visit the configuration UI on http://fire.walla:8080/ (use ip if you have your own DNS server). Default user/password is admin/admin.
Now click config and add the follow section
"mdns": { "interface": "LAN-IP-of-Gold" },
The config should look like
{
"mdns": { "interface": "192.168.42.1" },
"bridge": {
"name": "...",
"username": "...",
"port": ...,
"pin": "..."
},
"description": "....",
"accessories": [
....
],
"platforms": [
....
}
Click restart on the upper right corner and you should be able to pair HomeBridge with your HomeKit (Home app) now.
The docker service won't start itself after system reboot, to do so, create the following folder and file
/home/pi/.firewalla/config/post_main.d/start_homebridge.sh
#!/bin/bash
sudo systemctl start docker sudo systemctl start docker-compose@homebridge
And you are ready to go.
In case docker service doesn't start, please follow this guide to reset your docker service. https://help.firewalla.com/hc/en-us/articles/360060535553
References:
https://github.com/homebridge/homebridge/wiki/Install-Homebridge-on-Docker
https://github.com/oznu/docker-homebridge/wiki/Running-Homebridge-on-Firewalla-Gold
https://github.com/homebridge/homebridge/issues/1957
Comments
20 comments
Bonus! If you want to track the CPU temperatures of firewalla in Homekit do this:
"accessory": "LinuxTemperature",
"name": "Core 0 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp2_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Core 1 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp3_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "core 2 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp4_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Core 3 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp5_input",
"divisor": 1000
}
What is the trick to get the port to attach to the container? I have 2 other containers running but when I compose this one, it won't attach to a port.
Have you tried https://github.com/oznu/docker-homebridge/wiki/Running-Homebridge-on-Firewalla-Gold ?
Yes I just cross referenced the two docs, it's ignoring the parameter to change my port. It looks like the port change setting is also ignored in your yaml. In your pictures it looks like you're going back to 80. Have you tried this on a Firewalla with other containers running on 80?
I'll see if I can drop into bash in the container and see what's going on with the config.json.
Odd, when I drop into the container and cat out the config.json, the port change works but it's not resolving in the web address. So I decided to use ubuntu as the container image so I could run lsof to see if the port was listening in. Turns out it's listening but getting reset somewhere (see the connection refusal from the walla).
Then I tried looking up IP tables to see if I could find the culprit, but that's over my head.
@Firewalla
@Michael Bierman
Did you set the
This is critical.
The instructions seem to indicate you use the web UI to do this but I cannot get to the web UI.
You can use the webui if it is running or just edit the config.json via terminal.
Note, I have only tested this with the Alpine docker image. I can't guarantee it works the same on other architectures.
I've tried both images. For whatever reason I can't access 8080 or any other port I try to change. Does your setup have all 3 containers running (pi-hole, cloudflared, homebridge?).
Try this.
Delete “persist” and “accessories“ dirs in the `/home/pi/.firewalla/run/docker/homebridge/homebridge` directory
The default homebridge user is **`admin`** with password **`admin`**.
If Homebridge works, start the other containers and test them. If there is a problem is is likely because of conflicting ports.
Let me know heat happens. If it doesn’t work, post your config.json here.
Sample
{
"mdns": {
"interface": "192.168.0.1"
},
"bridge": {
"name": "Homebridge Firewalla",
"username": "5V:20:6G:1A:1B:9C",
"port": 52175,
"pin": "093-48-135"
},
"accessories": [
{
"accessory": "LinuxTemperature",
"name": "Firewalla Core 0 Temp",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp2_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Firewalla Core 1 Temp",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp3_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Firewalla Core 2 Temp",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp4_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Firewalla Core 3 Temp",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp5_input",
"divisor": 1000
},
"timeout":
{
"accessory": "PowerlossIFTTTNotifier",
"name": "PowerlossIFTTTNotifier",
"IFTTTkey": "",
"IFTTTservice": "-u!",
"IFTTTvalue2": "https://avatars2.githubusercontent.com/u/21322342?s=200&v=4",
"IFTTTvalue3": "http://fire.walla:8581/"
}
],
"platforms": [
{
"name": "Config",
"port": 8581,
"auth": "form",
"theme": "orange",
"tempUnits": "f",
"lang": "auto",
"sudo": false,
"sessionTimeout": 28800,
"log": {
"method": "native",
"path": "/homebridge/homebridge.log"
},
"platform": "config"
}
]
}
Okay - we are jamming. It's hard to say what fixed it, but I did have to clean up some space and remove some docker images. Thanks for your help!
Excellent! Enjoy.
If you can, please use /data for docker and docker images. We have seen people storing a lot of stuff in ~/. so please be careful
+1. I see no downside to using docker and potential issues if you don't!
I would just add that you should use docker prune as you upgrade to get rid of any residual garbage that gets left behind when updating your containers.
@Firewalla I agree but I followed the directions according to the docs. Note that /var/lib/docker is actually mounted on a mmc block partition that is 1.6GB. The /data dir looks to be mounted to the same block device but the partition is 3.6G. I believe this was by factory default during docker installation. Does the documentation need to be modified to move the docker install? Side note - I could/should mount an external drive.
@Michael and I agree re: prunning! I cleaned up some of the images this way.
I have updated the Github tutorial. with the new /data/homebridge path and new screenshots, etc.
@Firewalla any reply to @Danny Natale's question?
Note, the mDNS a instructions here have changed in Homebridge 1.3.0. See new instructions.
Please sign in to leave a comment.