Skip to main content
Work in Progress: The self-hosted installation is currently a work in progress and may or may not function correctly. For a stable, production-ready experience, we recommend using the hosted service instead.
Before you begin:
  • Ensure you have a Nest Generation 1 or Generation 2 thermostat (check compatibility)
  • This is for advanced users comfortable with command line, Docker, and networking
  • You’ll need a server that can run 24/7 (Raspberry Pi, NAS, VPS, etc.)
  • Gen 1 requires device teardown - only proceed if comfortable with electronics disassembly

Overview

The self-hosted installation sets up:
  1. Firmware flashing tools - To flash your Nest thermostat
  2. API Server - Backend server for thermostat communication (runs in Docker container)

Step 1: Clone the Repository

Clone the open-source-prototype branch: 
git clone -b open-source-prototype https://github.com/codykociemba/NoLongerEvil-Thermostat.git
cd NoLongerEvil-Thermostat

Step 2: Install Dependencies

sudo apt-get update
sudo apt-get install build-essential libusb-1.0-0-dev gcc pkg-config docker.io nodejs npm
Start Docker:
sudo systemctl start docker
sudo systemctl enable docker
Add your user to docker group (optional, to run docker without sudo):
sudo usermod -aG docker $USER
Log out and log back in for this to take effect.

Step 3: Run the Installer

The installer will:
  • Build firmware flashing tools
  • Set up Docker container for the API server
  • Guide you through flashing your thermostat
Run the installer: 
chmod +x install.sh
./install.sh
The installer is interactive and will prompt you for configuration options. Follow the on-screen instructions carefully.

Step 4: Flash Your Thermostat

The installer will guide you through flashing your thermostat. The process differs for Gen 1 and Gen 2 - choose your device below:

Gen 2: Simple USB Method

Follow these steps carefully:
  1. Boot device on backplate - Connect your Nest to the wall backplate and let it fully boot to the home screen
  2. Remove from wall - Once fully booted, remove the Nest from its backplate
  3. Connect via USB - Plug the Nest into your computer using a micro USB cable
  4. Reboot the device - Press and hold down on the display for 10-15 seconds until the device reboots
  5. DFU mode active - The installer will detect the device and begin flashing
The firmware installer will automatically flash the custom bootloader (x-load, u-boot) and kernel (uImage).

Step 5: Build the server

After you have completed flashing your device, you can build the API server. Run the commands below to build. 
cd server
npm run build
docker build -t nolongerevil .

Step 6: Starting the API Server

After the build completes, you can start the API Server. Copy the docker-compose.yml.example to your own docker-compose.yml file. 
cp docker-compose.yml.example docker-compose.yml
You then need to edit the environment settings in this new file for your setup.
If you want to use Home Assistant/MQTT, follow Step 6 below before starting the server.
Once done, you can start the server with the below command. 
docker compose up -d

Check Running Containers

docker ps
You should see a container image nolongerevil running.

Test API Server

The default docker-compose will expose the API Server on port you selected in your docker-compose.yml file.
You can confirm connectivity with curl. 
curl localhost:80

Step 6: Home Assistant/MQTT Integration (Optional)

If you use Home Assistant, you can integrate No Longer Evil using MQTT for automatic device discovery.

Configure MQTT Integration

Update the following environment variables in your docker-compose.yml file:
  • NEST_DEVICES: This should be the IP address of your Nest thermostat and the device ID. Should be separated with a :. (If you have more than one device, separate them with a ,.)
- NEST_DEVICES=192.168.1.20:ABCDEFGHIJKMNOPQ
  • MQTT_ENABLED: true to enable, or false to disable.
- MQTT_ENABLED=true
  • MQTT_SERVER_IP: The IP address of your MQTT server.
- MQTT_SERVER_IP=192.168.1.19
  • MQTT_SERVER_PORT: The port your MQTT server is listening on.
- MQTT_SERVER_PORT=1883
  • MQTT_USERNAME/MQTT_PASSWORD: If secure, you can input your MQTT credentials.
- MQTT_USERNAME=
- MQTT_PASSWORD=
  • Other MQTT Settings: While not recommended, you can edit the default values for the below environment settings.
- MQTT_CLIENT_ID=nolongerevil-hass
- MQTT_TOPIC_PREFIX=nest
- MQTT_DISCOVERY_PREFIX=homeassistant
  • MQTT_HA_DISCOVERY: Use this to make the device Home Assistant discoverable. true to enable, or false to disable.
- MQTT_HA_DISCOVERY=false
Once you start the server after modifying NEST_DEVICES and/or MQTT_* settings, the server will attempt to initialize your device. You will see in the docker logs where the server will try and update the endpoint of your device to the environment setting API_ORIGIN. Your Nest device must be active (screen on) when this runs for the first time. Subsequent start up will check the local SQLite database to see if the device already exists. Requirements:
  • Home Assistant must have MQTT broker configured (Mosquitto addon recommended)
  • MQTT broker must be accessible from your No Longer Evil server
  • If using authentication, create a dedicated MQTT user in Home Assistant
Once configured, your Nest thermostats will automatically appear in Home Assistant under MQTT devices with the entity climate.nest_DEVICE_ID. They will support climate control, temperature monitoring, and scheduling through Home Assistant.

Step 8: Configure Networking (For Remote Access)

If you want to access your thermostat remotely (outside your local network):
1

Port Forwarding

Configure your router to forward these ports to your server:
  • Port 443 - Thermostat Communication API (HTTPS)
  • Port 8081 - Control API (HTTP)
  • Port 5173 (or 80/443 if using nginx) - Frontend (if self-hosting)
2

DNS/DDNS Setup

Set up a domain name or Dynamic DNS (DDNS) service to point to your public IP:
  • Use a service like DuckDNS, No-IP, or your own domain
  • Configure it to update automatically if your IP changes
3

SSL/TLS Certificates

For secure HTTPS access, set up SSL certificates:
  • Use Let’s Encrypt with certbot
  • Or use a reverse proxy like nginx with automatic certificate management
sudo apt-get install certbot
sudo certbot certonly --standalone -d your-domain.com

🎉 Success!

Your self-hosted No Longer Evil infrastructure is now running! What’s Running:
  • ✅ API Server (Docker container)
  • ✅ Your thermostat is connected to YOUR server

Managing Your Server

Start/Stop Containers

View running containers: 
docker ps
Stop all containers: 
docker stop $(docker ps -q)
Restart containers: 
docker restart $(docker ps -q)

View Logs

API Server logs: 
docker logs <container-id>
Follow logs in real-time: 
docker logs -f <container-id>

Next Steps

Troubleshooting

Solutions to common self-hosting issues

API Reference

Learn about the API endpoints

Credits & Acknowledgments

This project builds upon the excellent work of several security researchers and developers: Without their groundbreaking research, open-source contributions, and advocacy for device ownership rights, this work would not be possible. Thank you!