UniFi Help

See docker.

Sources of the images:

  • https://github.com/jacobalberty/unifi-docker
  • https://github.com/11notes/docker-unifi
  • https://github.com/linuxserver/docker-unifi-network-application

I used jacobalberty image previously; switched to linuxserver now.

  • create unifi user: $ sudo useradd unifi.
  • put into init-mongo.sh: ```shell #!/bin/bash

if which mongosh > /dev/null 2>&1; then mongo_init_bin=’mongosh’ else mongo_init_bin=’mongo’ fi “${mongo_init_bin}” «EOF use ${MONGO_AUTHSOURCE} db.auth(“${MONGO_INITDB_ROOT_USERNAME}”, “${MONGO_INITDB_ROOT_PASSWORD}”) db.createUser({ user: “${MONGO_USER}”, pwd: “${MONGO_PASS}”, roles: [ { db: “${MONGO_DBNAME}”, role: “dbOwner” }, { db: “${MONGO_DBNAME}_stat”, role: “dbOwner” } ] })

- put into `docker-compose.yaml`:
```yaml
services:
  unifi-db:
    image: docker.io/mongo:7.0.12
    container_name: unifi-db
    environment:
      - MONGO_INITDB_ROOT_USERNAME=root
      - MONGO_INITDB_ROOT_PASSWORD=password
      - MONGO_AUTHSOURCE=admin
      - MONGO_USER=unifi
      - MONGO_PASS=unifi
      - MONGO_DBNAME=unifi
    volumes:
      - /home/unifi/mongo-db-data/:/data/db:Z
      - /home/unifi/mongo-db-config-data/:/data/configdb:Z
      - /home/unifi/init-mongo.sh:/docker-entrypoint-initdb.d/init-mongo.sh:ro,Z
    restart: unless-stopped

  unifi-network-application:
    image: lscr.io/linuxserver/unifi-network-application:latest
    container_name: unifi-network-application
    environment:
      - TZ=America/New_York
      - MONGO_USER=unifi
      - MONGO_PASS=unifi
      - MONGO_HOST=unifi-db
      - MONGO_PORT=27017
      - MONGO_DBNAME=unifi
      - MONGO_AUTHSOURCE=admin
    volumes:
      - /home/unifi/unifi-controller-config:/config:Z
    ports:
      - 8443:8443
      - 3478:3478/udp
      - 10001:10001/udp
      - 8080:8080
    restart: unless-stopped
  • run $ docker-compose up -d

TODO there still seems to be some empty Docker-managed volume hanging around…

Setup

Basic

  • name: k39-3
  • choose “Advanced Setup” to avoid logging into Unifi UI account
  • admin: dub/whatwhen
  • Settings > System > Advanced > Inform Host > Override with the IP address of the machine running unifi

Devices

Move devices from the old controller:

Reset to the factory state with a paperclip; it may be necessary to $ set-inform http://<controller host>:8080/inform on the device; default SSH credentials - ubnt/ubnt

Reset to the factory state with a syswrapper.sh restore-default command on the device.

Networks

  • LAN: 192.168.1.0/24
    • Settings Network Default Advanced Manual DHCP DHCP Service Management Domain Name: “lan.podval.org”
  • WiFi:
    • podval-u: all the bands
    • podval-2g: 2G only

SSH

Enable SSH for UniFi devices:

  • in the UniFi Console Settings System Application Configuration Device SSH Authentication
  • retrieve auto-generated SSH password (dlczW8IWQI7YmIdk)
  • use it: ssh -o PubkeyAcceptedKeyTypes=ssh-rsa -o HostKeyAlgorithms=ssh-rsa -o RequiredRSASize=1024 192.168.1.157 (see https://kcore.org/2023/03/27/ssh-unifi-fedora-37/)

    Port forwarding

TODO I’in the UniFi Console | Settings | Security | Port Forwarding, forward to the gatekeeper:

  • 22 - ssh
  • 80 - http
  • 443 - https

    Static Addresses

Addresses on the 192.168.1.* network (*.lan.podval.org).

TODO HOW DO I ASSIGN STATIC ADDRESSES TO UniFi DEVICES?

Address Name
1 USG-3P (gateway)
2 dub
4 OBi202
21 printer
22 printer-colour2
30 TV
31 gatekeeper
32 gatekeeper-wifi
33 dub-phone
34 nina
35 (nina-wifi)
36 nina-phone
40 bedroom speaker
41 Anova oven
71 UAP-nanoHD
72 UAP-AC-Pro
78 dub-wifi
156 US-8-60W
158 Viessmann-2224 podval-2g
200 turingpi
201 cube1
202 cube2
203 cube3
204 cube4