Firefly III
Firefly III
Get Started with Apps!
Get Started with Apps!
Requires TrueNAS: 24.10.2.2 or newer
App Version: version-6.2.16 (Changelog)
Keywords: finance
Train: Community
Home Page: https://www.firefly-iii.org/
App Version: version-6.2.16 (Changelog)
Keywords: finance
Train: Community
Home Page: https://www.firefly-iii.org/
Firefly III Details
Added: 2024-08-13
Last Updated: 2025-06-07
Added: 2024-08-13
Last Updated: 2025-06-07
Firefly III is a personal finances manager
Run as Context- Firefly III runs as non-root user.
Group: 33 / www-data
User: 33 / www-data - Firefly III Data Importer runs as non-root user.
Group: 33 / www-data
User: 33 / www-data - Postgres runs as non-root user.
Group: 999 / postgres
User: 999 / postgres - Redis runs as a non-root user and root group.
Group: 0 / root
User: 1001 / redis
Screenshots
×
![Full Screenshot]()
Security Capabilities
- Importer is able to change file ownership arbitrarily
- Importer is able to bypass permission checks for file operations
- Cron, Importer are able to change group ID of processes
- Cron, Importer are able to change user ID of processes
App Metadata (Raw File)
{
"1.6.3": {
"healthy": true,
"supported": true,
"healthy_error": null,
"location": "/__w/apps/apps/trains/community/firefly-iii/1.6.3",
"last_update": "2025-06-07 23:02:15",
"required_features": [],
"human_version": "version-6.2.16_1.6.3",
"version": "1.6.3",
"app_metadata": {
"annotations": {
"min_scale_version": "24.10.2.2"
},
"app_version": "version-6.2.16",
"capabilities": [
{
"description": "Importer is able to change file ownership arbitrarily",
"name": "CHOWN"
},
{
"description": "Importer is able to bypass permission checks for file operations",
"name": "FOWNER"
},
{
"description": "Cron, Importer are able to change group ID of processes",
"name": "SETGID"
},
{
"description": "Cron, Importer are able to change user ID of processes",
"name": "SETUID"
}
],
"categories": [
"financial"
],
"changelog_url": "https://docs.firefly-iii.org/references/firefly-iii/changelog/",
"date_added": "2024-08-13",
"description": "Firefly III is a personal finances manager",
"home": "https://www.firefly-iii.org/",
"host_mounts": [],
"icon": "https://media.sys.truenas.net/apps/firefly-iii/icons/icon.png",
"keywords": [
"finance"
],
"lib_version": "2.1.35",
"lib_version_hash": "1bd4e0058fbd4d7c207df2cae606580065e8e6dba3e232f41bc1b006848b05d2",
"maintainers": [
{
"email": "dev@ixsystems.com",
"name": "truenas",
"url": "https://www.truenas.com/"
}
],
"name": "firefly-iii",
"run_as_context": [
{
"description": "Firefly III runs as non-root user.",
"gid": 33,
"group_name": "www-data",
"uid": 33,
"user_name": "www-data"
},
{
"description": "Firefly III Data Importer runs as non-root user.",
"gid": 33,
"group_name": "www-data",
"uid": 33,
"user_name": "www-data"
},
{
"description": "Postgres runs as non-root user.",
"gid": 999,
"group_name": "postgres",
"uid": 999,
"user_name": "postgres"
},
{
"description": "Redis runs as a non-root user and root group.",
"gid": 0,
"group_name": "root",
"uid": 1001,
"user_name": "redis"
}
],
"screenshots": [
"https://media.sys.truenas.net/apps/firefly-iii/screenshots/screenshot1.png",
"https://media.sys.truenas.net/apps/firefly-iii/screenshots/screenshot2.png",
"https://media.sys.truenas.net/apps/firefly-iii/screenshots/screenshot3.png",
"https://media.sys.truenas.net/apps/firefly-iii/screenshots/screenshot4.png"
],
"sources": [
"https://hub.docker.com/r/fireflyiii/core/",
"https://github.com/firefly-iii/firefly-iii"
],
"title": "Firefly III",
"train": "community",
"version": "1.6.3"
},
"schema": {
"groups": [
{
"name": "Firefly III Configuration",
"description": "Configure Firefly III"
},
{
"name": "Network Configuration",
"description": "Configure Network for Firefly III"
},
{
"name": "Storage Configuration",
"description": "Configure Storage for Firefly III"
},
{
"name": "Labels Configuration",
"description": "Configure Labels for Firefly III"
},
{
"name": "Resources Configuration",
"description": "Configure Resources for Firefly III"
}
],
"questions": [
{
"variable": "TZ",
"group": "Firefly III Configuration",
"label": "Timezone",
"schema": {
"type": "string",
"default": "Etc/UTC",
"required": true,
"$ref": [
"definitions/timezone"
]
}
},
{
"variable": "firefly_iii",
"label": "",
"group": "Firefly III Configuration",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "postgres_image_selector",
"label": "Postgres Image (CAUTION)",
"description": "If you are changing this after the postgres directory has been initialized,</br>\nSTOP! and make sure you have a backup of your data.</br>\nChanging this will trigger an one way database upgrade.</br>\nYou can only select newer versions of postgres.</br>\nSelecting an older version will refuse to start.</br>\nIf something goes wrong, you will have to restore from backup.\n",
"schema": {
"type": "string",
"default": "postgres_17_image",
"required": true,
"enum": [
{
"value": "postgres_15_image",
"description": "Postgres 15"
},
{
"value": "postgres_17_image",
"description": "Postgres 17"
}
]
}
},
{
"variable": "db_password",
"label": "Database Password",
"description": "The password for Firefly III.",
"schema": {
"type": "string",
"default": "",
"required": true,
"private": true
}
},
{
"variable": "redis_password",
"label": "Redis Password",
"description": "The password for Firefly III.",
"schema": {
"type": "string",
"default": "",
"required": true,
"private": true
}
},
{
"variable": "app_key",
"label": "App Key",
"description": "The app key for Firefly III.</br>\nMust be exactly 32 characters long.</br>\n",
"schema": {
"type": "string",
"min_length": 32,
"max_length": 32,
"default": "",
"required": true,
"private": true
}
},
{
"variable": "app_url",
"label": "App URL",
"description": "The base URL for Firefly III.</br>\nExamples:</br>\nhttps://firefly.example.com </br>\nhttp://192.168.1.100:30064\n",
"schema": {
"type": "uri",
"default": ""
}
},
{
"variable": "additional_envs",
"label": "Additional Environment Variables",
"schema": {
"type": "list",
"default": [],
"items": [
{
"variable": "env",
"label": "Environment Variable",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "name",
"label": "Name",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "value",
"label": "Value",
"schema": {
"type": "string"
}
}
]
}
}
]
}
},
{
"variable": "enable_importer",
"label": "Enable Importer",
"description": "Enable the importer for Firefly III",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "additional_importer_envs",
"label": "Additional Environment Variables",
"schema": {
"type": "list",
"show_if": [
[
"enable_importer",
"=",
true
]
],
"default": [],
"items": [
{
"variable": "env",
"label": "Environment Variable",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "name",
"label": "Name",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "value",
"label": "Value",
"schema": {
"type": "string"
}
}
]
}
}
]
}
}
]
}
},
{
"variable": "network",
"label": "",
"group": "Network Configuration",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "web_port",
"label": "WebUI Port",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "bind_mode",
"label": "Port Bind Mode",
"description": "The port bind mode.</br>\n- Publish: The port will be published on the host for external access.</br>\n- Expose: The port will be exposed for inter-container communication.</br>\n- None: The port will not be exposed or published.</br>\nNote: If the Dockerfile defines an EXPOSE directive,\nthe port will still be exposed for inter-container communication regardless of this setting.\n",
"schema": {
"type": "string",
"default": "published",
"enum": [
{
"value": "published",
"description": "Publish port on the host for external access"
},
{
"value": "exposed",
"description": "Expose port for inter-container communication"
},
{
"value": "",
"description": "None"
}
]
}
},
{
"variable": "port_number",
"label": "Port Number",
"schema": {
"type": "int",
"show_if": [
[
"bind_mode",
"=",
"published"
]
],
"default": 30105,
"min": 1,
"max": 65535,
"required": true
}
},
{
"variable": "host_ips",
"label": "Host IPs",
"description": "IPs on the host to bind this port",
"schema": {
"type": "list",
"show_if": [
[
"bind_mode",
"=",
"published"
]
],
"default": [],
"items": [
{
"variable": "host_ip",
"label": "Host IP",
"schema": {
"type": "string",
"required": true,
"$ref": [
"definitions/node_bind_ip"
]
}
}
]
}
}
]
}
},
{
"variable": "importer_port",
"label": "Importer Port",
"description": "The port for Firefly III Importer",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "bind_mode",
"label": "Port Bind Mode",
"description": "The port bind mode.</br>\n- Publish: The port will be published on the host for external access.</br>\n- Expose: The port will be exposed for inter-container communication.</br>\n- None: The port will not be exposed or published.</br>\nNote: If the Dockerfile defines an EXPOSE directive,\nthe port will still be exposed for inter-container communication regardless of this setting.\n",
"schema": {
"type": "string",
"default": "",
"enum": [
{
"value": "published",
"description": "Publish port on the host for external access"
},
{
"value": "exposed",
"description": "Expose port for inter-container communication"
},
{
"value": "",
"description": "None"
}
]
}
},
{
"variable": "port_number",
"label": "Port Number",
"schema": {
"type": "int",
"show_if": [
[
"bind_mode",
"=",
"published"
]
],
"default": 30028,
"min": 1,
"max": 65535,
"required": true
}
},
{
"variable": "host_ips",
"label": "Host IPs",
"description": "IPs on the host to bind this port",
"schema": {
"type": "list",
"show_if": [
[
"bind_mode",
"=",
"published"
]
],
"default": [],
"items": [
{
"variable": "host_ip",
"label": "Host IP",
"schema": {
"type": "string",
"required": true,
"$ref": [
"definitions/node_bind_ip"
]
}
}
]
}
}
]
}
}
]
}
},
{
"variable": "storage",
"label": "",
"group": "Storage Configuration",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "uploads",
"label": "Firefly III Uploads Storage",
"description": "The path to store Firefly III Uploads.",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "type",
"label": "Type",
"description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.\n",
"schema": {
"type": "string",
"required": true,
"immutable": true,
"default": "ix_volume",
"enum": [
{
"value": "host_path",
"description": "Host Path (Path that already exists on the system)"
},
{
"value": "ix_volume",
"description": "ixVolume (Dataset created automatically by the system)"
}
]
}
},
{
"variable": "ix_volume_config",
"label": "ixVolume Configuration",
"description": "The configuration for the ixVolume dataset.",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"ix_volume"
]
],
"$ref": [
"normalize/ix_volume"
],
"attrs": [
{
"variable": "acl_enable",
"label": "Enable ACL",
"description": "Enable ACL for the storage.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "dataset_name",
"label": "Dataset Name",
"description": "The name of the dataset to use for storage.",
"schema": {
"type": "string",
"required": true,
"immutable": true,
"hidden": true,
"default": "uploads"
}
},
{
"variable": "acl_entries",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"acl_enable",
"=",
true
]
],
"attrs": []
}
}
]
}
},
{
"variable": "host_path_config",
"label": "Host Path Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"host_path"
]
],
"attrs": [
{
"variable": "acl_enable",
"label": "Enable ACL",
"description": "Enable ACL for the storage.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "acl",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"acl_enable",
"=",
true
]
],
"attrs": [],
"$ref": [
"normalize/acl"
]
}
},
{
"variable": "path",
"label": "Host Path",
"description": "The host path to use for storage.",
"schema": {
"type": "hostpath",
"show_if": [
[
"acl_enable",
"=",
false
]
],
"required": true
}
}
]
}
}
]
}
},
{
"variable": "postgres_data",
"label": "Firefly III Postgres Data Storage",
"description": "The path to store Firefly III Postgres Data.",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "type",
"label": "Type",
"description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.\n",
"schema": {
"type": "string",
"required": true,
"immutable": true,
"default": "ix_volume",
"enum": [
{
"value": "host_path",
"description": "Host Path (Path that already exists on the system)"
},
{
"value": "ix_volume",
"description": "ixVolume (Dataset created automatically by the system)"
}
]
}
},
{
"variable": "ix_volume_config",
"label": "ixVolume Configuration",
"description": "The configuration for the ixVolume dataset.",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"ix_volume"
]
],
"$ref": [
"normalize/ix_volume"
],
"attrs": [
{
"variable": "acl_enable",
"label": "Enable ACL",
"description": "Enable ACL for the storage.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "dataset_name",
"label": "Dataset Name",
"description": "The name of the dataset to use for storage.",
"schema": {
"type": "string",
"required": true,
"immutable": true,
"hidden": true,
"default": "postgres_data"
}
},
{
"variable": "acl_entries",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"acl_enable",
"=",
true
]
],
"attrs": []
}
}
]
}
},
{
"variable": "host_path_config",
"label": "Host Path Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"host_path"
]
],
"attrs": [
{
"variable": "acl_enable",
"label": "Enable ACL",
"description": "Enable ACL for the storage.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "acl",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"acl_enable",
"=",
true
]
],
"attrs": [],
"$ref": [
"normalize/acl"
]
}
},
{
"variable": "path",
"label": "Host Path",
"description": "The host path to use for storage.",
"schema": {
"type": "hostpath",
"show_if": [
[
"acl_enable",
"=",
false
]
],
"required": true
}
},
{
"variable": "auto_permissions",
"label": "Automatic Permissions",
"description": "Automatically set permissions for the host path.\nEnabling this, will check the top level directory,</br>\nIf it finds incorrect permissions, it will `chown` the\nhost path to the user and group required for the\npostgres container.\n",
"schema": {
"type": "boolean",
"default": false,
"show_if": [
[
"acl_enable",
"=",
false
]
]
}
}
]
}
}
]
}
},
{
"variable": "additional_storage",
"label": "Additional Storage",
"description": "Additional storage for Firefly III.",
"schema": {
"type": "list",
"default": [],
"items": [
{
"variable": "storageEntry",
"label": "Storage Entry",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "type",
"label": "Type",
"description": "ixVolume: Is dataset created automatically by the system.</br>\nHost Path: Is a path that already exists on the system.</br>\nSMB Share: Is a SMB share that is mounted to as a volume.\n",
"schema": {
"type": "string",
"required": true,
"default": "ix_volume",
"immutable": true,
"enum": [
{
"value": "host_path",
"description": "Host Path (Path that already exists on the system)"
},
{
"value": "ix_volume",
"description": "ixVolume (Dataset created automatically by the system)"
},
{
"value": "cifs",
"description": "SMB/CIFS Share (Mounts a volume to a SMB share)"
}
]
}
},
{
"variable": "read_only",
"label": "Read Only",
"description": "Mount the volume as read only.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "mount_path",
"label": "Mount Path",
"description": "The path inside the container to mount the storage.",
"schema": {
"type": "path",
"required": true
}
},
{
"variable": "host_path_config",
"label": "Host Path Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"host_path"
]
],
"attrs": [
{
"variable": "acl_enable",
"label": "Enable ACL",
"description": "Enable ACL for the storage.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "acl",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"acl_enable",
"=",
true
]
],
"attrs": [],
"$ref": [
"normalize/acl"
]
}
},
{
"variable": "path",
"label": "Host Path",
"description": "The host path to use for storage.",
"schema": {
"type": "hostpath",
"show_if": [
[
"acl_enable",
"=",
false
]
],
"required": true
}
}
]
}
},
{
"variable": "ix_volume_config",
"label": "ixVolume Configuration",
"description": "The configuration for the ixVolume dataset.",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"ix_volume"
]
],
"$ref": [
"normalize/ix_volume"
],
"attrs": [
{
"variable": "acl_enable",
"label": "Enable ACL",
"description": "Enable ACL for the storage.",
"schema": {
"type": "boolean",
"default": false
}
},
{
"variable": "dataset_name",
"label": "Dataset Name",
"description": "The name of the dataset to use for storage.",
"schema": {
"type": "string",
"required": true,
"immutable": true,
"default": "storage_entry"
}
},
{
"variable": "acl_entries",
"label": "ACL Configuration",
"schema": {
"type": "dict",
"show_if": [
[
"acl_enable",
"=",
true
]
],
"attrs": [],
"$ref": [
"normalize/acl"
]
}
}
]
}
},
{
"variable": "cifs_config",
"label": "SMB Configuration",
"description": "The configuration for the SMB dataset.",
"schema": {
"type": "dict",
"show_if": [
[
"type",
"=",
"cifs"
]
],
"attrs": [
{
"variable": "server",
"label": "Server",
"description": "The server to mount the SMB share.",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "path",
"label": "Path",
"description": "The path to mount the SMB share.",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "username",
"label": "Username",
"description": "The username to use for the SMB share.",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "password",
"label": "Password",
"description": "The password to use for the SMB share.",
"schema": {
"type": "string",
"required": true,
"private": true
}
},
{
"variable": "domain",
"label": "Domain",
"description": "The domain to use for the SMB share.",
"schema": {
"type": "string"
}
}
]
}
}
]
}
}
]
}
}
]
}
},
{
"variable": "labels",
"label": "",
"group": "Labels Configuration",
"schema": {
"type": "list",
"default": [],
"items": [
{
"variable": "label",
"label": "Label",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "key",
"label": "Key",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "value",
"label": "Value",
"schema": {
"type": "string",
"required": true
}
},
{
"variable": "containers",
"label": "Containers",
"description": "Containers where the label should be applied",
"schema": {
"type": "list",
"items": [
{
"variable": "container",
"label": "Container",
"schema": {
"type": "string",
"required": true,
"enum": [
{
"value": "firefly-iii",
"description": "firefly-iii"
},
{
"value": "importer",
"description": "importer"
},
{
"value": "cron",
"description": "cron"
},
{
"value": "redis",
"description": "redis"
},
{
"value": "postgres",
"description": "postgres"
}
]
}
}
]
}
}
]
}
}
]
}
},
{
"variable": "resources",
"label": "",
"group": "Resources Configuration",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "limits",
"label": "Limits",
"schema": {
"type": "dict",
"attrs": [
{
"variable": "cpus",
"label": "CPUs",
"description": "CPUs limit for Firefly III.",
"schema": {
"type": "int",
"default": 2,
"required": true
}
},
{
"variable": "memory",
"label": "Memory (in MB)",
"description": "Memory limit for Firefly III.",
"schema": {
"type": "int",
"default": 4096,
"required": true
}
}
]
}
}
]
}
}
]
},
"readme": "<h1>Firefly III</h1> <p><a href=\"https://www.firefly-iii.org/\">Firefly III</a> is a personal finances manager</p>",
"changelog": null,
"chart_metadata": {
"annotations": {
"min_scale_version": "24.10.2.2"
},
"app_version": "version-6.2.16",
"capabilities": [
{
"description": "Importer is able to change file ownership arbitrarily",
"name": "CHOWN"
},
{
"description": "Importer is able to bypass permission checks for file operations",
"name": "FOWNER"
},
{
"description": "Cron, Importer are able to change group ID of processes",
"name": "SETGID"
},
{
"description": "Cron, Importer are able to change user ID of processes",
"name": "SETUID"
}
],
"categories": [
"financial"
],
"changelog_url": "https://docs.firefly-iii.org/references/firefly-iii/changelog/",
"date_added": "2024-08-13",
"description": "Firefly III is a personal finances manager",
"home": "https://www.firefly-iii.org/",
"host_mounts": [],
"icon": "https://media.sys.truenas.net/apps/firefly-iii/icons/icon.png",
"keywords": [
"finance"
],
"lib_version": "2.1.35",
"lib_version_hash": "1bd4e0058fbd4d7c207df2cae606580065e8e6dba3e232f41bc1b006848b05d2",
"maintainers": [
{
"email": "dev@ixsystems.com",
"name": "truenas",
"url": "https://www.truenas.com/"
}
],
"name": "firefly-iii",
"run_as_context": [
{
"description": "Firefly III runs as non-root user.",
"gid": 33,
"group_name": "www-data",
"uid": 33,
"user_name": "www-data"
},
{
"description": "Firefly III Data Importer runs as non-root user.",
"gid": 33,
"group_name": "www-data",
"uid": 33,
"user_name": "www-data"
},
{
"description": "Postgres runs as non-root user.",
"gid": 999,
"group_name": "postgres",
"uid": 999,
"user_name": "postgres"
},
{
"description": "Redis runs as a non-root user and root group.",
"gid": 0,
"group_name": "root",
"uid": 1001,
"user_name": "redis"
}
],
"screenshots": [
"https://media.sys.truenas.net/apps/firefly-iii/screenshots/screenshot1.png",
"https://media.sys.truenas.net/apps/firefly-iii/screenshots/screenshot2.png",
"https://media.sys.truenas.net/apps/firefly-iii/screenshots/screenshot3.png",
"https://media.sys.truenas.net/apps/firefly-iii/screenshots/screenshot4.png"
],
"sources": [
"https://hub.docker.com/r/fireflyiii/core/",
"https://github.com/firefly-iii/firefly-iii"
],
"title": "Firefly III",
"train": "community",
"version": "1.6.3"
}
}
}Support, maintenance, and documentation for applications within the Community catalog is handled by the TrueNAS community. The TrueNAS Applications Portal hosts but does not validate or maintain any linked resources associated with this app.
There currently aren’t any resources available for this application!
Please help the TrueNAS community add resources here or discuss this application in the TrueNAS Community forum.