Public | Automated Build

Last pushed: 2 days ago
Short Description
Unifi Access Point controller
Full Description

unifi-docker

Description

This is a containerized version of Ubiqiti Network's Unifi Controller version 5.

Use docker run --net=host -d jacobalberty/unifi:unifi5 to run it.

The following options may be of use:

  • Set the timezone with TZ
  • Bind mount the data and log volumes

Example to test with

mkdir -p unifi/data
mkdir -p unifi/logs
docker run --rm --net=host -e TZ='Africa/Johannesburg' -v ~/unifi/data:/var/lib/unifi -v ~/unifi/logs:/var/log/unifi --name unifi jacobalberty/unifi:unifi5

Volumes:

/var/lib/unifi

Configuration data

/var/log/unifi

Log files

/var/run/unifi

Run information

Environment Variables:

TZ

TimeZone. (i.e America/Chicago)

Expose:

8080/tcp - Device command/control

8443/tcp - Web interface + API

8843/tcp - HTTPS portal

8880/tcp - HTTP portal

3478/udp - STUN service

6789/tcp - Speed Test (unifi5 only)

10001/udp - UBNT Discovery

See UniFi - Ports Used

Mulit-process container

While micro-service patterns try to avoid running multiple processes in a container, the unifi5 container tries to follow the same process execution model intended by the original debian package and it's init script, while trying to avoid needing to run a full init system.

Essentially, dump-init runs a simple shell wrapper script placed at /usr/local/bin/unifi.sh. unifi.sh executes and waits on the jsvc process which orchestrates running the controller as a service. The wrapper script also traps SIGTERM to issue the appropriate stop command to the unifi java com.ubnt.ace.Launcher process in the hopes that it helps keep the shutdown graceful.

Example seen within the container after it was started

$  docker exec -it ef081fcf6440 bash
# ps -e -o pid,ppid,cmd | more
  PID  PPID CMD
    1     0 /usr/bin/dumb-init -- /usr/local/bin/unifi.sh
    7     1 sh /usr/local/bin/unifi.sh
    9     7 unifi -nodetach -home /usr/lib/jvm/java-8-openjdk-amd64 -classpath /usr/share/java/commons-daemon.jar:/usr/lib/unifi/lib/ace.jar -pidfile /var/run/unifi/unifi.pid -procname unifi -outfile /var/log/unifi/unifi.out.log -errfile /var/log/unifi/unifi.err.log -Dunifi.datadir=/var/lib/unifi -Dunifi.rundir=/var/run/unifi -Dunifi.logdir=/var/log/unifi -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Xmx1024M -Xms32M com.ubnt.ace.Launcher start
   10     9 unifi -nodetach -home /usr/lib/jvm/java-8-openjdk-amd64 -classpath /usr/share/java/commons-daemon.jar:/usr/lib/unifi/lib/ace.jar -pidfile /var/run/unifi/unifi.pid -procname unifi -outfile /var/log/unifi/unifi.out.log -errfile /var/log/unifi/unifi.err.log -Dunifi.datadir=/var/lib/unifi -Dunifi.rundir=/var/run/unifi -Dunifi.logdir=/var/log/unifi -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Xmx1024M -Xms32M com.ubnt.ace.Launcher start
   31    10 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -Xmx1024M -XX:ErrorFile=/usr/lib/unifi/data/logs/hs_err_pid<pid>.log -Dapple.awt.UIElement=true -jar /usr/lib/unifi/lib/ace.jar start
   58    31 bin/mongod --dbpath /usr/lib/unifi/data/db --port 27117 --logappend --logpath logs/mongod.log --nohttpinterface --bind_ip 127.0.0.1
  108     0 bash
  116   108 ps -e -o pid,ppid,cmd
  117   108 [bash]

TODO

Future work?

  • Don't run as root (but Unifi's Debian package does by the way...)
  • Possibly use Debian image with systemd init included (but thus far, I don't know of an official Debian systemd image to base off)
Docker Pull Command
Owner
jacobalberty
Source Repository

Comments (112)
rsiesta
7 days ago

If you want to run this on a synology nas without --net=host I was successful with two changes, make sure the dns your devices use point unifi to the synology nas. The second change is in the data volume, add to a file called system.properties the line
system_ip=[synology host ip]

bedou974
14 days ago

Hello, i have error 400 HTTP ? anyone ? with docker on DSM

jacobalberty
2 months ago

@ahow628
As long as your volumes are outside of the container you just delete old container, pull new image and then include those same volumes with the new container from the new image. Easy peasy lemon squeezy. Not sure how you accomplish that on disk station though.

@tirello
I would be unable to test it. I've been talking with the girlfriend about getting voip phones when we move back in (we're remodeling). UniFi voip phones are top of the list.

I likely will not be getting unifi cameras anytime soon though as we already have other cameras.

@mlaihk
The wiki covers that (https://github.com/jacobalberty/unifi-docker/wiki)
I do have a branch I'm working on to make it easy to install custom certificates at creation time, I'm just working on how to make it easy to use.

ahow628
2 months ago

Welp, I fixed my problem, but I have no idea why it was a problem or why it happened.

Anyway, I went in and edited the container and on the Environment page it had a error that the JVM_inti_heap size was empty. I typed in 512M and the container fired right up.

Secondary question, do I have to do anything special to upgrade to the latest Unifi Controller version? I'm running on a Synology NAS.

ahow628
2 months ago

It was working great for me until 2 days ago. I wonder if it may have to do with upgrading to the latest version of Disk Station.

When I click "start" it flashes like it is starting and then says it "stopped unexpectedly". Any ideas?

tirello
2 months ago

Working well for me.

Could you at some point make a docker image for the Unifi Voip software?

mlaihk
2 months ago

Is it possible to use a real cert for the SSL instead of the default cert? I am running my unifi in a VM at the moment and replacing the default cert with my own cert was quite easy......

jacobalberty
2 months ago

@pdevine
Yeah but the default line needs to be replaced with an actual pattern rather than just recommending what will be perceived as a broken setup.

I've been experimenting around with the cloud access stuff and I think the best solution may be to recommend the port forwards with cloud setup enabled then follow up with the ubiquity device discovery tool. That seems to be the simplest option from end user perspective.

pdevine
3 months ago

@jacobalberty it was just the drive filling up. The problem though was the error message wasn't very useful because mongo wasn't returning its logs to STDOUT. It'd be nice to interleave the logs.

I definitely get the point of using --net=host, but it's a bit of an anti-pattern.

jacobalberty
3 months ago

@pdevine

was the disk issue just your hard drive filling up or something else going on?
--net=host is what I give as the default command because going into depth about the inform is a bit out of scope for a readme. I'm working on expanding the wiki out a bit to include at least a faq on this. You shouldn't need to ssh into anything to set the inform url by hand. Either add a static dns record named 'unifi' or use dhcp option 43 to set the inform url. see https://help.ubnt.com/hc/en-us/articles/204909754-UniFi-Layer-3-methods-for-UAP-adoption-and-management