HON’s Wiki # Ubiquiti UniFi Controllers

Home / Server

Contents

• General
• Setup
  • Cloud Key
  • Debian 9
  • Unofficial Docker Image

Related Pages

• Ubiquiti UniFi Access Points

General

• Relevant ports (incoming) (from Ports Used (UniFi)):
  • TCP 8443: GUI/API (for admins)
  • TCP 8880: HTTP portal (for guests)
  • TCP 8843: HTTPS portal (for guests)
  • TCP 6789: Mobile speedtest (for admins)
  • TCP 8080: Device-controller communication (for devices)
  • UDP 1900: L2 adoption (for devices, optional)
  • UDP 3478: STUN (for devices)
  • UDP 10001: Device discovery (for devices)
  • UDP 5514: Syslog (for monitoring)

Setup

Setup alternatives:

• Cloud Key (official hardware controller)
• Linux package (official)
• Docker image (unofficial)

Cloud Key

• A standalone device by Ubiquiti.
• Costs money.
• Requires physical space and power.
• Doen’t require setting it up yourself, which can be a little tricky/uncomfortable.
• Supports a limited amount of devices and clients, however most small-to-mid-size deployments are unlikely to reach that limit.

Debian 9

UniFi 5 is the latest version and does only officially support Debian 9 (Stretch) and Ubuntu Desktop/Server 16.04 for Linux. It requires Java 8 and other stuff which is an absolute pain to install on later versions of Debian. There is also the official physical Cloud Key device and multiple unofficial Docker images and installation packages for Linux servers.

Official installation instructions: UniFi: How to Install & Upgrade the UniFi Network Controller Software

1. Install Debian 9 (later versions don’t have the required versions of Java etc.).
2. Configure it: See Debian Server (for Debian 10).
3. Open incoming ports: See note above.
4. (Optional) NAT port 443 to 8443 (to access it from the normal HTTPS port): iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443
5. (Alternative 1) Install via repo: See How to Install and Update via APT on Debian or Ubuntu (UniFi).
6. (Alternative 2) Install via downloaded package: Go to the UniFi downloads page and download for Linux/Debian.
7. Configure:
   • File: /var/lib/unifi/system.properties
   • (Optional) Reduce the pre-allocated memory size: unifi.xms=256
8. (Optional) Check the logs:
   • UniFi: /usr/lib/unifi/logs/server.log
   • MongoDB: /usr/lib/unifi/logs/mongod.log
9. Set up UniFi in the web UI.
10. (Optional) Usa an existing TLS certificate:
    1. Stop UniFi.
    2. Save the full-chain certificate as fullchain.pem and key as privkey.pem.
    3. Convert it: openssl pkcs12 -export -inkey privkey.pem -in fullchain.pem -out cert.p12 -name unifi -password pass:temppass
    4. Import it: keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/keystore -srckeystore cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt
    5. Delete the local files.
    6. Start UniFi.

Unofficial Docker Image

See jacobalberty/unifi-docker (GitHub).

---

hon.one | HON95/wiki | Edit page