bridge.bind is ignored when container is connected to host network

thumax commented 1 year ago

Describe The Bug

Listening interface should be configurable using bridge.bind property but homebridge binds all avalilable interfaces regardless of bridge.bind value.

oznu/homebridge latest (1.5.0) is started via docker compose up -d, see yaml below.
docker network host is used
The docker host has several network interfaces. Goal: have homebridge listen only on bond0, 10.1.0.192.
Using the bridge.bind property appears to do nothing at all, see ss output below.

What should I do to further investigate?

P.S.: Credentials in log and config not critical, will be changed later.

config.json:

{
    "bridge": {
        "name": "Homebridge CFAE",
        "username": "0E:33:C7:9E:CF:AE",
        "port": 51065,
        "pin": "591-77-727",
        "advertiser": "bonjour-hap",
        "bind": [
            "bond0"
        ]
    },
    "accessories": [],
    "platforms": [
        {
            "name": "Config",
            "port": 8581,
            "platform": "config"
        }
    ]
}

Binds on docker host:

❯ sudo ss -tulpn | grep "homebridge\|hb-service\|avahi"
udp   UNCONN 0      0                                     0.0.0.0:60976      0.0.0.0:*    users:(("avahi-daemon",pid=20772,fd=11))
udp   UNCONN 0      0                                     0.0.0.0:5353       0.0.0.0:*    users:(("homebridge",pid=22398,fd=20))
udp   UNCONN 0      0                                     0.0.0.0:5353       0.0.0.0:*    users:(("hb-service",pid=22385,fd=19))
udp   UNCONN 0      0                                     0.0.0.0:5353       0.0.0.0:*    users:(("avahi-daemon",pid=20772,fd=10))
tcp   LISTEN 0      511                                         *:51065            *:*    users:(("homebridge",pid=22398,fd=19))
tcp   LISTEN 0      511                                         *:8581             *:*    users:(("hb-service",pid=22385,fd=20))

Web-UI: web-ui-interfaces

Docker Config

services:
  homebridge:
    image: oznu/homebridge
    container_name: homebridge
    restart: unless-stopped
    network_mode: host
    hostname: homebridge
    environment:
      TZ: Europe/Berlin
    volumes:
      - homebridge:/homebridge
    logging:
      driver: json-file
      options:
        max-size: "10mb"
        max-file: "1"

Logs

homebridge  | [7/23/2022, 2:59:52 PM] [Homebridge UI] Homebridge restart request received
homebridge  | [7/23/2022, 2:59:53 PM] [Homebridge UI] Sending SIGTERM to process...
homebridge  | [7/23/2022, 2:59:53 PM] [HB Supervisor] Stopping services...
homebridge  | [7/23/2022, 2:59:53 PM] Got SIGTERM, shutting down Homebridge...
homebridge  | [7/23/2022, 2:59:58 PM] [HB Supervisor] Homebridge Process Ended. Code: 143, Signal: null
homebridge  | [7/23/2022, 3:00:00 PM] [HB Supervisor] Homebridge Storage Path: /var/lib/homebridge
homebridge  | [7/23/2022, 3:00:00 PM] [HB Supervisor] Homebridge Config Path: /var/lib/homebridge/config.json
homebridge  | [7/23/2022, 3:00:00 PM] [HB Supervisor] Logging to /var/lib/homebridge/homebridge.log
homebridge  | [7/23/2022, 3:00:00 PM] [HB Supervisor] OS: Linux 5.15.0-41-generic x64
homebridge  | [7/23/2022, 3:00:00 PM] [HB Supervisor] Node.js v16.16.0 /opt/homebridge/bin/node
homebridge  | [7/23/2022, 3:00:00 PM] [HB Supervisor] Homebridge Path: /var/lib/homebridge/node_modules/homebridge/bin/homebridge
homebridge  | [7/23/2022, 3:00:00 PM] [HB Supervisor] UI Path: /opt/homebridge/lib/node_modules/homebridge-config-ui-x/dist/bin/standalone.js
homebridge  | [7/23/2022, 3:00:01 PM] [Homebridge UI] Homebridge Config UI X v4.49.0 is listening on :: port 8581
homebridge  | [7/23/2022, 3:00:01 PM] [HB Supervisor] Starting Homebridge with extra flags: -I -P /var/lib/homebridge/node_modules -D --strict-plugin-resolution
homebridge  | [7/23/2022, 3:00:01 PM] [HB Supervisor] Started Homebridge v1.5.0 with PID: 1633
homebridge  | [7/23/2022, 3:00:02 PM] Loaded config.json with 0 accessories and 1 platforms.
homebridge  | [7/23/2022, 3:00:02 PM] Loaded 0 cached accessories from cachedAccessories.
homebridge  | [7/23/2022, 3:00:02 PM] ---
homebridge  | [7/23/2022, 3:00:02 PM] No plugins found.
homebridge  | [7/23/2022, 3:00:02 PM] Loading 1 platforms...
homebridge  | [7/23/2022, 3:00:02 PM] Publishing bridge accessory (name: Homebridge CFAE, publishInfo: {
homebridge  |   username: '0E:33:C7:9E:CF:AE',
homebridge  |   port: 51065,
homebridge  |   pincode: '***-**-***',
homebridge  |   category: 2,
homebridge  |   bind: [ 'bond0', [length]: 1 ],
homebridge  |   mdns: undefined,
homebridge  |   addIdentifyingMaterial: true,
homebridge  |   advertiser: 'bonjour-hap'
homebridge  | }).
homebridge  | Setup Payload:
homebridge  | X-HM://0024G5XXB8G89
homebridge  | Enter this code with your HomeKit app on your iOS device to pair with Homebridge:
homebridge  |
homebridge  |     ┌────────────┐
homebridge  |     │ 591-77-727 │
homebridge  |     └────────────┘
homebridge  |
homebridge  | [7/23/2022, 3:00:02 PM] Homebridge v1.5.0 (HAP v0.10.2) (Homebridge CFAE) is running on port 51065.

Host Operating System

Ubuntu / Debian (or a variant)

Host Architecture

x86_64 / amd64

thumax commented 1 year ago

I tried setting "advertiser": "avahi", instead of the default "advertiser": "bonjour-hap", but the results are the same.

thumax commented 1 year ago

Now I installed homebridge on metal to further investigate and this appears to be a problem there as well. So it's probably not Docker related.

The only way I can make any component of homebridge at all bind to a specific interface is the "host" property of platforms/Config (homebridge-config-ui-x). But that's just the web UI then - how can I restrict homebridge and all its plugins to a specific network interface or IP address? 🤔

thumax commented 1 year ago

Alright, this is definitely not a specific issue of docker-homebridge.

FYI: homebridge mDNS appears to be working in docker network macvlan, so I'm using that now in order to bind a specific IP address.

homebridge / docker-homebridge