Monday, September 21, 2020

Install Unifi on Centos

 From:Spacework community

Step 1: Build a CentOS 7 server

ISO can be obtained from the internet for free and works on Hyper V or ESX (any potentially others)

Step 2: Boot your server and SSH into it

Step 3: Disable SELinux and update the server:

sed -i /etc/selinux/config -r -e 's/^SELINUX=.*/SELINUX=disabled/g'
yum -y update
systemctl reboot

Step 4: Install EPEL Repo

yum -y install epel-release

Step 5: Install prerequisites

useradd -r ubnt
yum -y install mongodb-server java-1.8.0-openjdk unzip wget

Step 6: Download and Extract the Unifi Controller (latest version can be found on unifi website)

cd ~ && wget http://dl.ubnt.com/unifi/4.7.6/UniFi.unix.zip
unzip -q UniFi.unix.zip -d /opt
chown -R ubnt:ubnt /opt/UniFi

Step 7: Create Startup Script with Systemd

vi /etc/systemd/system/unifi.service
---
#
# Systemd unit file for UniFi Controller
#

[Unit]
Description=UniFi AP Web Controller
After=syslog.target network.target

[Service]
Type=simple
User=ubnt
WorkingDirectory=/opt/UniFi
ExecStart=/usr/bin/java -Xmx1024M -jar /opt/UniFi/lib/ace.jar start
ExecStop=/usr/bin/java -jar /opt/UniFi/lib/ace.jar stop
SuccessExitStatus=143

[Install]
WantedBy=multi-user.target
---

Step 8: Configure Firewalld

systemctl stop firewalld.service
vi /etc/firewalld/services/unifi.xml
---
<?xml version="1.0" encoding="utf-8"?>
<service version="1.0">
<short>unifi</short>
<description>UniFi Controller</description>
<port port="8081" protocol="tcp"/>
<port port="8080" protocol="tcp"/>
<port port="8443" protocol="tcp"/>
<port port="8880" protocol="tcp"/>
<port port="8843" protocol="tcp"/>
<port port="10001" protocol="udp"/>
<port port="3478" protocol="udp"/>
</service>
---

systemctl start firewalld.service
firewall-cmd --set-default-zone=home
firewall-cmd --permanent --zone=home --change-interface=eth0
firewall-cmd --permanent --zone=home --add-service=unifi

Step 9: Enable on Startup

systemctl enable unifi.service

Step 10: And to finish CLEANUP

rm -rf ~/UniFi.unix.zip
systemctl reboot

Step 11: Access to your new controller

to access the web UI for the controller just browse on the local network to Https://<IP OF SERVER>:8443 this can then be published externally if needed to allow for multiple sites to be connected to one controller

Posted by at 1 comment:
Subscribe to: Posts (Atom)