Please note:
- This is a tech doc only for Pros.
- This is for Firewalla Gold, Purple, or Blue Plus.
- Incorrect settings of port forwarding will result in ports being opened on your WAN interface.
Thanks to Michael Bierman for his effort on this topic to sort everything out.
Homebridge is a server you can run on your home network that can connect many devices that aren't certified to work with Apple Homekit. It is a bridge between HomeKit and these devices which allows you to use Siri to control them.
1. Login to Firewalla via SSH. You will find the credential on your Firewalla app, Settings > Advanced > Configurations > SSH Console. The username is always, "pi"
2. Create the file, /home/pi/.firewalla/run/docker/homebridge/docker-compose.yaml.
# make homebridge storage directory mkdir /home/pi/.firewalla/run/docker/homebridge/ # change directory cd /home/pi/.firewalla/run/docker/homebridge/
# edit with your favorite editor, like vi
vi /home/pi/.firewalla/run/docker/homebridge/docker-compose.yaml
Add the following to docker-compose.yaml
version: '2'
services:
homebridge:
image: oznu/homebridge:latest
container_name: homebridge
restart: always
network_mode: host
environment:
- PGID=1000
- PUID=1000
- HOMEBRIDGE_CONFIG_UI=1
- HOMEBRIDGE_CONFIG_UI_PORT=8080
- HOMEBRIDGE_INSECURE=1
- TZ=America/Los_Angeles
- QEMU_ARCH=x86_64
- S6_KEEP_ENV=1
- ENABLE_AVAHI=0
volumes:
- '/data/homebridge:/homebridge'
- Adjust the
TZoption to match your current location - see list of timezone names here. - If you are running something else on port 8080, change
HOMEBRIDGE_CONFIG_UI_PORTto another port.
3. Run the following commands to install and start HomeBridge:
cd /home/pi/.firewalla/run/docker/homebridge sudo systemctl start docker sudo docker-compose up --detach
You can run this command and confirm the homebridge container running in docker.
sudo docker ps
# CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
# cfb1c63c8b36 oznu/homebridge:ubuntu "/init" About a minute ago Up About a minute homebridge
5. Go to the "more options" (three dots) menu and open the Homebridge, Settings menu and find Network.
If you open Homebridge's Network Interfaces you will see all of Firewalla's network interfaces. Choose the one that contains your Apple TV or HomePod as homebridge needs to connect to them.
Choose "Ciao".
Save when done.
6. Click restart on the upper right corner and you should be able to pair HomeBridge with your HomeKit (Home app) now.
The docker service and homebridge container won't start after a system reboot, to do so, create the following folder and file
mkdir /home/pi/.firewalla/config/post_main.d/
cd /home/pi/.firewalla/config/post_main.d/
nano start_homebridge.sh
#!/bin/bash
sudo systemctl start docker sudo systemctl start docker-compose@homebridge
now docker and homebridge will automatically start when firewalla reboots.
To Reset Docker Containers
In case the docker service doesn't start, please follow this guide to reset your docker service.
Tracking firewalla CPU temperature
Here's an example of a plugin that adds some monitoring of Firewalla itself in Homekit. If you want to track the CPU temperatures of firewalla in Homekit:
-
Install the homebridge-linux-temperature plugin
-
Add the following to the Accessory part of Homebridge
config.json:
Firewalla Gold
{
"accessory": "LinuxTemperature",
"name": "Core 0 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp2_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Core 1 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp3_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "core 2 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp4_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Core 3 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp5_input",
"divisor": 1000
}
Firewalla Purple
{
"accessory": "LinuxTemperature",
"name": "Core 0 Temperature",
"sensor_path": "/sys/class/thermal/thermal_zone0/temp",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Core 1 Temperature",
"sensor_path": "/sys/class/thermal/thermal_zone1/temp",
"divisor": 1000
}
- Restart homebridge.
And you can see FIrewalla's CPU temperatures in Homekit (Eve app shown below.)
Docker Configuration Reference
This table contains important commands to help you manage your docker container.
| File Location / Command | |
|---|---|
| Config File Path | /homebridge/config.json (inside container shell) |
| Storage Path | /homebridge (inside container shell) |
| Restart Command | sudo docker restart homebridge |
| Stop Command | sudo docker stop homebridge |
| Start Command | sudo docker start homebridge |
| View Logs Command | sudo docker logs -f homebridge |
Important Note: Preserve Resources
Docker containers can range from small to fairly large and the upgrade process means downloading a new image before deleting the old container. So be sure to use docker prune to get rid of unused containers and images or you may easily run out of space on Firewalla.
References:
- https://github.com/homebridge/homebridge/wiki/Install-Homebridge-on-Docker
- https://github.com/oznu/docker-homebridge/wiki/Running-Homebridge-on-Firewalla-Gold
- https://github.com/homebridge/homebridge/issues/1957
All product names, logos, and brands are the property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.
Comments
21 comments
Bonus! If you want to track the CPU temperatures of firewalla in Homekit do this:
"accessory": "LinuxTemperature",
"name": "Core 0 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp2_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Core 1 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp3_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "core 2 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp4_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Core 3 Temperature",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp5_input",
"divisor": 1000
}
What is the trick to get the port to attach to the container? I have 2 other containers running but when I compose this one, it won't attach to a port.
Have you tried https://github.com/oznu/docker-homebridge/wiki/Running-Homebridge-on-Firewalla-Gold ?
Yes I just cross referenced the two docs, it's ignoring the parameter to change my port. It looks like the port change setting is also ignored in your yaml. In your pictures it looks like you're going back to 80. Have you tried this on a Firewalla with other containers running on 80?
I'll see if I can drop into bash in the container and see what's going on with the config.json.
Odd, when I drop into the container and cat out the config.json, the port change works but it's not resolving in the web address. So I decided to use ubuntu as the container image so I could run lsof to see if the port was listening in. Turns out it's listening but getting reset somewhere (see the connection refusal from the walla).
Then I tried looking up IP tables to see if I could find the culprit, but that's over my head.
@Firewalla
@Michael Bierman
Did you set the
This is critical.
The instructions seem to indicate you use the web UI to do this but I cannot get to the web UI.
You can use the webui if it is running or just edit the config.json via terminal.
Note, I have only tested this with the Alpine docker image. I can't guarantee it works the same on other architectures.
I've tried both images. For whatever reason I can't access 8080 or any other port I try to change. Does your setup have all 3 containers running (pi-hole, cloudflared, homebridge?).
Try this.
Delete “persist” and “accessories“ dirs in the `/home/pi/.firewalla/run/docker/homebridge/homebridge` directory
The default homebridge user is **`admin`** with password **`admin`**.
If Homebridge works, start the other containers and test them. If there is a problem is is likely because of conflicting ports.
Let me know heat happens. If it doesn’t work, post your config.json here.
Sample
{
"mdns": {
"interface": "192.168.0.1"
},
"bridge": {
"name": "Homebridge Firewalla",
"username": "5V:20:6G:1A:1B:9C",
"port": 52175,
"pin": "093-48-135"
},
"accessories": [
{
"accessory": "LinuxTemperature",
"name": "Firewalla Core 0 Temp",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp2_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Firewalla Core 1 Temp",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp3_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Firewalla Core 2 Temp",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp4_input",
"divisor": 1000
},
{
"accessory": "LinuxTemperature",
"name": "Firewalla Core 3 Temp",
"sensor_path": "/sys/bus/platform/devices/coretemp.0/hwmon/hwmon1/temp5_input",
"divisor": 1000
},
"timeout":
{
"accessory": "PowerlossIFTTTNotifier",
"name": "PowerlossIFTTTNotifier",
"IFTTTkey": "",
"IFTTTservice": "-u!",
"IFTTTvalue2": "https://avatars2.githubusercontent.com/u/21322342?s=200&v=4",
"IFTTTvalue3": "http://fire.walla:8581/"
}
],
"platforms": [
{
"name": "Config",
"port": 8581,
"auth": "form",
"theme": "orange",
"tempUnits": "f",
"lang": "auto",
"sudo": false,
"sessionTimeout": 28800,
"log": {
"method": "native",
"path": "/homebridge/homebridge.log"
},
"platform": "config"
}
]
}
Okay - we are jamming. It's hard to say what fixed it, but I did have to clean up some space and remove some docker images. Thanks for your help!
Excellent! Enjoy.
If you can, please use /data for docker and docker images. We have seen people storing a lot of stuff in ~/. so please be careful
+1. I see no downside to using docker and potential issues if you don't!
I would just add that you should use docker prune as you upgrade to get rid of any residual garbage that gets left behind when updating your containers.
@Firewalla I agree but I followed the directions according to the docs. Note that /var/lib/docker is actually mounted on a mmc block partition that is 1.6GB. The /data dir looks to be mounted to the same block device but the partition is 3.6G. I believe this was by factory default during docker installation. Does the documentation need to be modified to move the docker install? Side note - I could/should mount an external drive.
@Michael and I agree re: prunning! I cleaned up some of the images this way.
I have updated the Github tutorial. with the new /data/homebridge path and new screenshots, etc.
@Firewalla any reply to @Danny Natale's question?
Note, the mDNS a instructions here have changed in Homebridge 1.3.0. See new instructions.
HomeBridge on Portainer Install Instructions:
https://github.com/oznu/docker-homebridge/wiki/Homebridge-on-Portainer
NOTES: Be sure to change TZ below to your local timezone, and don't forget this will fire up on 8581 according to the setup below.
Here's the quick link on your local network assuming your firewalla is at the default address:
http://firewalla.lan:8581
Here's my Stack (yaml) script:
version: '2'
services:
homebridge:
image: oznu/homebridge:ubuntu
container_name: homebridge
restart: always
network_mode: host
environment:
- PGID=1000
- PUID=1000
- HOMEBRIDGE_CONFIG_UI=1
- HOMEBRIDGE_CONFIG_UI_PORT=8581
- TZ=Los_Angeles/America
volumes:
- '/data/homebridge:/homebridge'
Please sign in to leave a comment.