This is a simple setup that uses hap-nodejs to interface with HomeKit and node-unifi to talk to my unifi devices.
The goal is to create a switch/toggle in my Apple Home app to be able to cut internet for some devices in my house.
This is specifically useful for other non-technical members of the family who for example might want to cut internet to something like an Apple TV - where there is no Screen Time.
- Set the following env vars:
UNIFI_HOST- mandatory. This is your Cloud Key or UDM IPUNIFI_USER- mandatory. Unifi user name. My approach was to create a separate user without 2FA for this scenario. I set the user to only login locally and only gave it privileges to the network app.UNIFI_PASS- mandatory. Unifi user passwordUNIFI_PORT- optional. Defaults to443UNIFI_ACCESS_DEVICE_NAME- mandatory. This is the device name of your router as shown in the Unifi interface. Code is easy enough to modify to use a mac address if you choose to.UNIFI_DEVICE_HOSTNAMEor UNIFI_DEVICE_MAC - mandatory. No need to set both. This is the device hostname you want to block - as seen by your router or the mac of the device. Only one is neededUNIFI_RULE_NAME_TEMPLATE- optional. Defaults toHomeKit rule for <DEVICE_HOSTNAME>HOMEKIT_SERVICE_NAME_TEMPLATE- optional. Defaults toStop Internet Access for <DEVICE_HOSTNAME>HOMEKIT_PIN_CODE- optional. Defaults to123-45-678SERVICE_PORT- optional. Defaults to8080SERVICE_IP- optional. Defaults to0.0.0.0. Useful when you are running in docker and the virtual accessory is unresponsive. Then you want to bind to a specific IP.
- Run docker:
docker run docker pull ghcr.io/venatir/ubnt-homekit-firewall-toggle:latest. Make sure to set the env vars above and the network should behost, notbridge, so that mDNS works correctly. Otherwise you'll need mDNS reflectors. - If you look at the output, you'll see a QR code that you can scan with your phone to add it to Apple Home. Alternatively, you can add manually using the
HOMEKIT_PIN_CODEyou set.