- This is a tech doc only for Pros.
- This is for Firewalla Gold, Purple, or Blue Plus.
- Incorrect settings of port forwarding will result in ports being opened on your WAN interface.
Thanks to Michael Bierman for his effort on this topic to sort everything out.
Homebridge is a server you can run on your home network that can connect many devices that aren't certified to work with Apple Homekit. It is a bridge between HomeKit and these devices which allows you to use Siri to control them.
1. Login to Firewalla via SSH. You will find the credential on your Firewalla app, Settings > Advanced > Configurations > SSH Console. The username is always, "pi"
2. Create the file,
# make homebridge storage directory mkdir /home/pi/.firewalla/run/docker/homebridge/ # change directory cd /home/pi/.firewalla/run/docker/homebridge/
# edit with your favorite editor, like vi
Add the following to
version: '2' services: homebridge: image: oznu/homebridge:ubuntu container_name: homebridge restart: always network_mode: host environment: - PGID=1000 - PUID=1000 - HOMEBRIDGE_CONFIG_UI=1 - HOMEBRIDGE_CONFIG_UI_PORT=8581 - TZ=Australia/Sydney - ENABLE_AVAHI=0 volumes: - '/data/homebridge:/homebridge' logging: driver: "json-file" options: max-size: "10m"
- Adjust the
TZoption to match your current location - see list of timezone names here.
- If you are running something else on port 8080, change
HOMEBRIDGE_CONFIG_UI_PORTto another port.
- Note the logging options are recommended to prevent using up all your valuable space on your Firewalla. (see https://github.com/homebridge/docker-homebridge/issues/399)
- Note YAML only supports space characters for indents, not tabs. Use either two or four spaces for each level of indent as you prefer.
3. Run the following commands to install and start HomeBridge:
cd /home/pi/.firewalla/run/docker/homebridge sudo systemctl start docker sudo docker-compose up --detach
You can run this command and confirm the homebridge container running in docker.
sudo docker ps # CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES # cfb1c63c8b36 oznu/homebridge:ubuntu "/init" About a minute ago Up About a minute homebridge
5. Go to the "more options" (three dots) menu and open the
Homebridge, Settings menu and find Network.
If you open Homebridge's Network Interfaces you will see all of Firewalla's network interfaces. Choose the one that contains your Apple TV or HomePod as homebridge needs to connect to them.
Save when done.
6. Click restart on the upper right corner and you should be able to pair HomeBridge with your HomeKit (Home app) now.
The docker service and homebridge container won't automatically start after a system reboot, to do so, create the following folder and file
mkdir /home/pi/.firewalla/config/post_main.d/and add this to start_homebridge.sh
sudo systemctl start docker sudo systemctl start docker-compose@homebridge
now docker and homebridge will automatically start when Firewalla reboots.
To Check Docker Containers
sudo docker logs homebridge
This lets you confirm how the startup went, what port you are running on, and tons of other diagnostic information.
To Reset Docker Containers
In case the docker service doesn't start, please follow this guide to reset your docker service.
Tracking Firewalla CPU temperature
Here's an example of a plugin that adds some monitoring of Firewalla itself in Homekit. If you want to track the CPU temperatures of firewalla in Homekit:
Install the homebridge-linux-temperature plugin
Add the following to the Accessory part of Homebridge
"name": "Firewalla Core Temp",
"name": "Firewalla Core 0 Temp",
"name": "Firewalla Core 1 Temp",
"name": "Firewalla Core 2 Temp",
"name": "Firewalla Core 3 Temp",
Note that this plugin does not currently work with Firewalla Purple. The sensor path is as follows in case it gets fixed in the future.
And you can see FIrewalla's CPU temperatures in Homekit (Eve app shown below.)
Docker Configuration Reference
This table contains important commands to help you manage your docker container.
|File Location / Command|
|Config File Path||
|View Logs Command||
Updating Homebridge docker
sudo docker container stop homebridge && sudo docker container rm homebridge
sudo docker-compose up -d
sudo docker ps
Important Note: Preserve Resources
Docker containers can range from small to fairly large and the upgrade process means downloading a new image before deleting the old container. So be sure to use docker prune to get rid of unused containers and images or you may easily run out of space on Firewalla.
sudo docker system prune
On ubuntu 22.04 and later, when docker starts up, it may load a kernel module
br_netfilter which conflicts with ubuntu 22.04 if you are using Smart Queue. Dockers managed by Firewalla will automatically handle this, but if you create docker instance, you may need to run:
sudo rmmod br_netfilter
after starting docker service or the firewalla routing function may break.
This is due to a Linux Kernel bug which we plan to fix in our 1.976 release.
All product names, logos, and brands are the property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.