FreeNAS
Introduction
In this guide we're going to install Domoticz in a FreeBSD jail, or specifically, a FreeNAS jail. More information on FreeNAS jails is available in the FreeNAS manual. These instructions will compile Domoticz with OpenZWave support. However, I don't own any Z-wave hardware yet, so I couldn't test if Z-wave really works.
Also, in this guide I will create a dedicated ‘domoticz’ user, I do not want to run Domoticz as root user. In my understanding a jail should be a safe ‘sandbox’ where running an app as root should not be a problem, but maybe in the future I need to map some shares from FreeNAS to the jail to give Domoticz access to some data. I do not want Domoticz to have root privileges in that case. If you don’t care you can run it as root; it will work fine, it’s even easier.
Autostarts has still one problem: the permissions on ttyU0 are not persistent. I'm looking in to this. For now, you have to set the rights after restarting the jail again... I appreciate your input!
Prerequisites
Before creating any jails we need a place to store them. It’s recommended to create an dedicated dataset for the jail root. Read more about this in the FreeNAS documentation.
In this tutorial I will assume the jail root is located at /mnt/volume1/jails
Step 1: Create a new jail
- Login to your FreeNAS webgui
- Click the ‘Jails’ button
- Click the ‘Add Jails’ button
- Specify the name for the jail. In this tutorial I will be using ‘domoticz’ (without the parentheses of course).
- Click the `Advanced Mode' button and uncheck `VIMAGE'
- After clicking the ‘Ok’ button the new jail will be created. This can take a while.
Step 2: Open a shell to the created 'Domoticz' jail
I prefer to open a SSH connection to the FreeNAS box and enter the jail from there. Another option is to click the ‘Shell’ button from the webgui once the ‘domoticz’ jail is selected. To open a shell by SSH'ing to the FreeNAS box use these commands:
ssh <username>@<IP FreeNAS box>
sudo jexec domoticz tcsh
Step 3: Install dependencies
Before we can build Domoticz we need some dependencies and tools to download the source. Inside the jail run this command. Leave the shell of the jail open, we will need it again.
pkg update
pkg upgrade (say yes to all prompts)
pkg install sqlite3 expat curl libiconv gmake cmake subversion git devel/boost-libs devel/boost-python-libs devel/boost-all
Step 4: Create new user
I created a new user named ‘domoticz’ on the FreeNAS box and created a user with the same username and UID inside the jail.
You can skip this step and run Domoticz as root in the jail (it should not be able to escape from the jail), however, for security reasons I would not recommend this (especially when you give Domoticz access to some of your files).
Step A: FreeNAS user
To create the ‘domoticz’ user on the FreeNAS box go to the webgui of FreeNAS:
- Account -> Users -> Add User
- Fill in a username ('domoticz') and a full name
- Disable password logins
- Change the shell to ‘nologin’ to disable logins at all
- Remember the ‘user id’ (this is important! In my case it is ‘1010’)
Step B: Jail user
To create the domoticz user inside the ‘domoticz’ jail we need to go back to the shell we opened in step 2. Don't forget to replace the UID with your correct one!
pw useradd -n domoticz -u 1010 -m -s /sbin/nologin
A new user and home directory is created.
Step 5: Download and build Open-Zwave
Only required if you want Z-wave support
Still in the jail, execute:
cd /home/domoticz/
git clone https://github.com/OpenZWave/open-zwave.git open-zwave-read-only
cd open-zwave-read-only
gmake
When this is build correctly you can check whether Open-ZWave is working by doing the following command in the open-zwave dir:
./MinOZW /dev/ttyU1
(where ttyU1 should be replaced by the devicename for your Zwave stick)
Step 6: Download and build Domoticz
Still in the jail:
cd /home/domoticz/
git clone https://github.com/domoticz/domoticz.git domoticz
cd domoticz
cmake -DCMAKE_BUILD_TYPE=Release
make -j 2
… and grab a coffee ;). Don’t close the shell after the building completes, we will need it again.
Step 7: Test it
After the build process completes it’s time to test if Domoticz will run.
- Find out the ip address of the jail
- in the webgui under jails, or
- in the jail shell using ‘ifconfig’
- Run
./domoticz
in the jail - Keep the shell open and point your browser to http://<jail_ip>:8080/
If everything is allright you should see the Domoticz dashboard in your browser. But we are still running as root. Time to fix that!
Step 8: Permissions
cd /home/domoticz
chown -R domoticz:domoticz domoticz/
chmod -R 775 domoticz/
For setting the correct rights on the USB stick you need to define on which port your USB is recognized in your /dev directory. On my FreeNAS jail it was recognized as cuau1 and ttyu1. You should adapt that in the two commands below. I understood that when a correct driver is loaded for your stick ttyu1 will change to ttyU1 for example. Also in order to be able to select your serial in Domoticz you should make a symbolic link to ttyUSB0.
chown root:domoticz /dev/ttyU*
chmod 660 /dev/ttyU*
Please note that in the end I was not able to get the USB ZWave stick correctly working in a FreeNAS jail due to missing drivers. I ended up with installing Domoticz in a Debian Virtualbox jail and enabling USB passthrough for the stick.
Step 9: Autostart
We need to create an rc.d file so domoticz can be started as a service, begin by changing to the rc.d directory
cd /etc/rc.d
Start the editor to create the new rc.d file
ee domoticz
In the editor, paste the following code (e.g. by right clicking in a Putty window)
#!/bin/sh # # $FreeBSD: releng/11.1/etc/rc.d/sshd 303770 2016-08-05 15:32:35Z des $ # # PROVIDE: domoticz # REQUIRE: LOGIN # KEYWORD: jail # Enable this script by adding: # domoticz_enable="YES" # to /etc/rc.conf . /etc/rc.subr name="domoticz" desc="Domoticz Daemon" rcvar="domoticz_enable" domoticz_chdir="/home/domoticz/domoticz" command="${name}" # change directory with command does not seem to work, this does start_cmd="cd /home/domoticz/domoticz; ./${command}" load_rc_config $name run_rc_command "$1"
Then save and exit the file with ESC + Enter
Make the file executable and enable domoticz as a service that must be auto started on boot
chmod 555 /etc/rc.d/domoticz
echo 'domoticz_enable="YES"' >> /etc/rc.conf
Domoticz will now be started on boot. If Domoticz is not already running, you can manually start Domoticz now with
service domoticz start