Unifi: Difference between revisions

From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs)
Brian Wilson (talk | contribs)
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
Now using [[Vilo]] access point for high speed connections. Go to that page.
Now using [[Vilo]] access point for high speed connections. Go to that page.


I use a Ubiquiti WAP and it talks Unifi. I run the controller here: https://bellman:8443/
I run the UniFi controller here: https://bellman:8443/
and I have a page on its features [[Presence detection]]


My access point's MAC is 80:2a:a8:90:cd:65 and I can see (on Debian anyway) that MAC when the Debian system tries to connect to it.
I use a Ubiquiti [https://store.ui.com/us/en/products/uap-ac-lite UAP AC Lite]. Supports VLAN 802.1Q, some more specs 802.11 a/b/g/n/ac; WiFi 5, 450 Mbps (BW40) / 867 Mbps (BW80) The Vilo is 600 / 1200.
 
Its MAC is 80:2a:a8:90:cd:65. You need this to get the WAP adopted.
 
I pried open the saucer today and looked inside. It has two very nice 3D antennas and it has U.FL jacks next to them, should you want to plug in better ones.


== History ==
== History ==


* 2024-12-09 setting up as the AP for my home automation equipment.  
* 2024-12-09 setting up as the AP for my home automation equipment. Updated firmware 6.5.62.14788 to 6.6.77.15402
* 2020-01-02 upgraded the AP firmware 4.0.69
* 2020-01-02 upgraded the AP firmware 4.0.69
* 2020-01-01 rebuilt the docker container with new Unifi and readopted the AP
* 2020-01-01 rebuilt the docker container with new Unifi and readopted the AP
Line 19: Line 22:
== IoT ==
== IoT ==
Maybe its SSID will be "wildoats". I could probably rein in the network so much with VLANs and routers that it would be okay running it open.
Maybe its SSID will be "wildoats". I could probably rein in the network so much with VLANs and routers that it would be okay running it open.
It seems there is no longer any obvious way to disable the 5GHz radio in the WAP. I turned it off at the network level, per these instructions. https://dannyda.com/2021/05/28/where-how-to-disable-2-4ghz-for-unifi-access-points-ap-via-unifi-network-application/


== Reverse proxy ==
== Reverse proxy ==
Line 33: Line 38:
  set-inform http://192.168.123.2:8080/inform
  set-inform http://192.168.123.2:8080/inform


I also changed the network mode in Unifi docker to '''network-mode: "host"''' and restarted it. I think this might actually be what did the trick, I think the AP could not see Unifi even with all the ports exposed.
I also changed the network mode in Unifi docker to '''network-mode: "host"''' and restarted it.
 
At this point the AP shows up in UniFi with Click To Adopt.


== Dockerization ==
== Full reset ==
Okay, a year has gone by and I could not ssh into the access point so I did a factory reset on it.


Originally I ran Unifi locally so I just reused its data and log folders. Eventually I copied them into Docker volumes instead.
Hold down the Reset button with the infamous paperclip for 10 seconds (lights go out). Wait. It will come up in Factory Reset mode.


Here is how I copied the log files into the volume
You can ssh into it as ui/ui
cd /var/log/unifi
docker run -v unifi_data:/data busybox helper
docker cp . helper:/data
docker stop helper
docker rm helper


When I started it up it migrated my old database to the 5.5 version of UniFi.
Then I did the set-inform thing above.
It was able to successfully detect my UniFi AP and updated its IP address to my new
address scheme and then provisioned it. '''EXCELLENT'''.


See https://hub.docker.com/r/jacobalberty/unifi/
== Docker version ==
2024-12-09 Currently it's at version 7.2.95. I have wrapped my own version of https://hub.docker.com/r/jacobalberty/unifi/ so that logfiles would go to STDOUT.


docker volume create unifi_data
Creds are in its REAME.md file.
docker volume create unifi_logs


docker run -d --dns=192.168.123.2 -p 8443:8443 -p 3478:3478 -p 10001:10001 -e TZ='Americas/Los_Angeles' \
It's loaded from a compose.yaml file that looks like this:
-v unifi_data:/var/lib/unifi -v unifi_logs:/var/log/unifi --name=unifi jacobalberty/unifi


docker update --restart always unifi
<pre>
services:
  server:
    image: wildsong/unifi
    init: true
   
    environment:
      TZ: America/LosAngeles
      RUNAS_UID0: "false"
      # When you connect just go to bellman:8443, don't use 8080
      # 8080 is used by devices though so it has to be listening there.
     
    ports:
      - "8080:8080"
      - "8880:8880"
      - "6789:6789"
      - "8443:8443"
      - "3478:3478/udp"
      - "27117:27117"
      - "5656-5699:5656-5699/udp"
      - "10001:10001"
      - "1900:1900/udp"
     
    volumes:
      - ./data:/unifi/data
      - ./log:/unifi/log
</pre>


== Troubleshooting ==
== Troubleshooting ==

Latest revision as of 01:23, 10 December 2024

Now using Vilo access point for high speed connections. Go to that page.

I run the UniFi controller here: https://bellman:8443/

I use a Ubiquiti UAP AC Lite. Supports VLAN 802.1Q, some more specs 802.11 a/b/g/n/ac; WiFi 5, 450 Mbps (BW40) / 867 Mbps (BW80) The Vilo is 600 / 1200.

Its MAC is 80:2a:a8:90:cd:65. You need this to get the WAP adopted.

I pried open the saucer today and looked inside. It has two very nice 3D antennas and it has U.FL jacks next to them, should you want to plug in better ones.

History

  • 2024-12-09 setting up as the AP for my home automation equipment. Updated firmware 6.5.62.14788 to 6.6.77.15402
  • 2020-01-02 upgraded the AP firmware 4.0.69
  • 2020-01-01 rebuilt the docker container with new Unifi and readopted the AP
  • 2019-06-26 upgraded the AP firmware 3.something
  • 2019-06-26 changed from the docker config described below to one that lives in docker-compose.
  • 2019-02-20 removed systemctl files and changed to using 'restart'. Moved to the volumes documented below, used to use system files in /var/log/unifi and /home/unifi. Removed port 8080
  • 2018-03-21 built a systemctl file for it
  • 2017-08-16 it's now dockerized.

IoT

Maybe its SSID will be "wildoats". I could probably rein in the network so much with VLANs and routers that it would be okay running it open.

It seems there is no longer any obvious way to disable the 5GHz radio in the WAP. I turned it off at the network level, per these instructions. https://dannyda.com/2021/05/28/where-how-to-disable-2-4ghz-for-unifi-access-points-ap-via-unifi-network-application/

Reverse proxy

Running the usual reverse proxy set up that I use does not work with Unifi because it does an automatic REDIRECT from port 8080 to port 8443. Then the certs are wrong.

And the other problem is that adoption does not work if Unifi is running on a Docker network. It has to be on the host network.

Adoption

After the docker-compose shift I had problems seeing the AP so I did two things: I "abandoned" the AP and readopted it. I used ssh to connect to the AP (same user/pass as unifi) and issued this command (once before and once after adoption in Unifi)

set-inform http://192.168.123.2:8080/inform

I also changed the network mode in Unifi docker to network-mode: "host" and restarted it.

At this point the AP shows up in UniFi with Click To Adopt.

Full reset

Okay, a year has gone by and I could not ssh into the access point so I did a factory reset on it.

Hold down the Reset button with the infamous paperclip for 10 seconds (lights go out). Wait. It will come up in Factory Reset mode.

You can ssh into it as ui/ui

Then I did the set-inform thing above.

Docker version

2024-12-09 Currently it's at version 7.2.95. I have wrapped my own version of https://hub.docker.com/r/jacobalberty/unifi/ so that logfiles would go to STDOUT.

Creds are in its REAME.md file.

It's loaded from a compose.yaml file that looks like this:

services:
  server:
    image: wildsong/unifi
    init: true
    
    environment:
      TZ: America/LosAngeles
      RUNAS_UID0: "false"
      # When you connect just go to bellman:8443, don't use 8080
      # 8080 is used by devices though so it has to be listening there.
      
    ports:
      - "8080:8080"
      - "8880:8880"
      - "6789:6789"
      - "8443:8443"
      - "3478:3478/udp"
      - "27117:27117"
      - "5656-5699:5656-5699/udp"
      - "10001:10001"
      - "1900:1900/udp"
      
    volumes:
      - ./data:/unifi/data
      - ./log:/unifi/log

Troubleshooting

Watch the daemon.log on Bellman and you can watch devices try to associate with the WAP.