Unifi

From Wildsong
Jump to navigationJump to search

Now using Vilo access point for high speed connections. Go to that page.

I run the UniFi controller here: https://bellman:8443/

I use a Ubiquiti UAP AC Lite. Supports VLAN 802.1Q, some more specs 802.11 a/b/g/n/ac; WiFi 5, 450 Mbps (BW40) / 867 Mbps (BW80) The Vilo is 600 / 1200.

Its MAC is 80:2a:a8:90:cd:65. You need this to get the WAP adopted.

I pried open the saucer today and looked inside. It has two very nice 3D antennas and it has U.FL jacks next to them, should you want to plug in better ones.

History

  • 2024-12-09 setting up as the AP for my home automation equipment. Updated firmware 6.5.62.14788 to 6.6.77.15402
  • 2020-01-02 upgraded the AP firmware 4.0.69
  • 2020-01-01 rebuilt the docker container with new Unifi and readopted the AP
  • 2019-06-26 upgraded the AP firmware 3.something
  • 2019-06-26 changed from the docker config described below to one that lives in docker-compose.
  • 2019-02-20 removed systemctl files and changed to using 'restart'. Moved to the volumes documented below, used to use system files in /var/log/unifi and /home/unifi. Removed port 8080
  • 2018-03-21 built a systemctl file for it
  • 2017-08-16 it's now dockerized.

IoT

For now its SSID is "wildoats". Password is in Bitwarden.

Control for many settings in Unifi is from Settings (GEAR). It's set up to manage many APs so there are few settings at the AP level.

For example you deactivate the 5GHz radio (to reduce interference) by going to Settings -> WiFi -> "wildoats" and turn it off under Advanced Configuration. https://dannyda.com/2021/05/28/where-how-to-disable-2-4ghz-for-unifi-access-points-ap-via-unifi-network-application/

VLAN

On the ERX you have to set the port to TAGGED so that the Unifi sees the packets with the tag.

In Unifi,

  • Settings -> Networks -> IoT -> Router
  • Check "VLAN-only Network"
  • Set VLAN ID to 100

Reverse proxy

Running the usual reverse proxy set up that I use does not work with Unifi because it does an automatic REDIRECT from port 8080 to port 8443. Then the certs are wrong.

And the other problem is that adoption does not work if Unifi is running on a Docker network. It has to be on the host network.

Adoption

After the docker-compose shift I had problems seeing the AP so I did two things: I "abandoned" the AP and readopted it. I used ssh to connect to the AP (same user/pass as unifi) and issued this command (once before and once after adoption in Unifi)

set-inform http://192.168.123.2:8080/inform

I also changed the network mode in Unifi docker to network-mode: "host" and restarted it.

At this point the AP shows up in UniFi with Click To Adopt.

Full reset

Okay, a year has gone by and I could not ssh into the access point so I did a factory reset on it.

Hold down the Reset button with the infamous paperclip for 10 seconds (lights go out). Wait. It will come up in Factory Reset mode.

You can ssh into it as ui/ui

Then I did the set-inform thing above.

Docker version

2024-12-09 Currently it's at version 7.2.95. I have wrapped my own version of https://hub.docker.com/r/jacobalberty/unifi/ so that logfiles would go to STDOUT.

Creds are in its REAME.md file.

It's loaded from a compose.yaml file that looks like this:

services:
  server:
    image: wildsong/unifi
    init: true
    
    environment:
      TZ: America/LosAngeles
      RUNAS_UID0: "false"
      # When you connect just go to bellman:8443, don't use 8080
      # 8080 is used by devices though so it has to be listening there.
      
    ports:
      - "8080:8080"
      - "8880:8880"
      - "6789:6789"
      - "8443:8443"
      - "3478:3478/udp"
      - "27117:27117"
      - "5656-5699:5656-5699/udp"
      - "10001:10001"
      - "1900:1900/udp"
      
    volumes:
      - ./data:/unifi/data
      - ./log:/unifi/log

Troubleshooting

Watch the daemon.log on Bellman and you can watch devices try to associate with the WAP.