How to install UniFi controller

Install UniFi controller to configure wireless network using Ubiquiti devices.

Initial server setup

Install dirmngr a server for managing and downloading OpenPGP and X.509 certificates.

$ sudo apt-get install dirmngr

Import UniFi Developers <unifi-dev@ubnt.com> public key.

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 06E85760C0A52C50

Configure software source.

$ cat << EOF | sudo tee /etc/apt/sources.list.d/unifi.list
deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti
EOF

Update package index.

$ sudo apt-get update

Install Ubiquiti UniFi server.

$ sudo apt-get install unifi
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  binutils ca-certificates-java default-jre-headless fontconfig-config fonts-dejavu-core java-common
  jsvc libavahi-client3 libavahi-common-data libavahi-common3 libboost-chrono1.62.0
  libboost-program-options1.62.0 libboost-regex1.62.0 libboost-thread1.62.0 libcommons-daemon-java
  libcups2 libfontconfig1 libgoogle-perftools4 libjpeg62-turbo liblcms2-2 libnspr4 libnss3 libpcap0.8
  libpcrecpp0v5 libpcsclite1 libsnappy1v5 libstemmer0d libtcmalloc-minimal4 libunwind8 libxi6
  libxrender1 libxtst6 libyaml-cpp0.5v5 mongo-tools mongodb-clients mongodb-server
  openjdk-8-jre-headless x11-common
Suggested packages:
  binutils-doc default-jre java-virtual-machine cups-common liblcms2-utils pcscd libnss-mdns
  fonts-dejavu-extra fonts-ipafont-gothic fonts-ipafont-mincho fonts-wqy-microhei fonts-wqy-zenhei
  fonts-indic
The following NEW packages will be installed:
  binutils ca-certificates-java default-jre-headless fontconfig-config fonts-dejavu-core java-common
  jsvc libavahi-client3 libavahi-common-data libavahi-common3 libboost-chrono1.62.0
  libboost-program-options1.62.0 libboost-regex1.62.0 libboost-thread1.62.0 libcommons-daemon-java
  libcups2 libfontconfig1 libgoogle-perftools4 libjpeg62-turbo liblcms2-2 libnspr4 libnss3 libpcap0.8
  libpcrecpp0v5 libpcsclite1 libsnappy1v5 libstemmer0d libtcmalloc-minimal4 libunwind8 libxi6
  libxrender1 libxtst6 libyaml-cpp0.5v5 mongo-tools mongodb-clients mongodb-server
  openjdk-8-jre-headless unifi x11-common
0 upgraded, 39 newly installed, 0 to remove and 1 not upgraded.
Need to get 131 MB of archives.
After this operation, 430 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
[...]

UniFi setup wizard

Open web-interface https://server_adddress:8443 and provide correct country and timezone.

You can add or adopt devices later, so click next button.

You can perform wireless configuration later, so click next button.

Define administrator username/password and credentials for device authentication.

Review and confirm initial configuration.

Provide cloud login credentials if you have these or skip this step.

Log in to the web-interface.

Done. You can now configure wireless network.

Additional notes

Go to UniFi Controller downloads for up-to-date firmware, software and documentation.

Additional notes

Default IP address on AP devices is 192.168.1.20.

Default username and password combination on AP devices is ubnt/ubnt or root/ubnt. Device authentication username and password is stored in settings->site->services on UniFi controller. You can copy it from there.

You can bootstrap initial configuration using /tmp/system.cfg configuration file, do not edit files inside /etc/sysinit/ directory.

# vi /tmp/system.cfg

Use cfgmtd utility to write modified file to flash.

BZ.v3.8.6# cfgmtd
Usage: cfgmtd [options]
        -t <type>                       - Configuration type to use [1(active)|2(backup)]. (Default: 1(active))
        -f <config file>                - Configuration file to use. (Default: /tmp/system.cfg)
        -p <persistent directory>       - Directory to persistent dir. (Default: none)
        -w                              - Write to flash action.
        -r                              - Read from flash action.
        -c                              - Clear flash action.
        -o <mtd|file name>              - Use mtd or file name. (Default: cfg)
        -h                              - This message.
BZ.v3.8.6# cfgmtd -f /tmp/system.cfg -w
Found Backup1 on[1] ...
Found  Active on[2] ...
Storing Active[1] ... [%100]
Active->Backup[2] ... [%100]

Use mca-cli to send adoption request from AP device.

$ ssh 172.16.0.21 -l ubnt
BusyBox v1.11.2 (2017-07-12 21:44:37 PDT) built-in shell (ash)
Enter 'help' for a list of built-in commands.
BZ.v3.8.6# mca-cli
UniFi# info

Model:       UAP-AC
Version:     3.8.6.6650
MAC Address: 24:a4:3c:30:a6:f4
IP Address:  172.16.0.21
Hostname:    UBNT
Uptime:      687 seconds

Status:      Unable to resolve (http://unifi:8080/inform)
UniFi# set-inform https://172.16.0.10:8080/inform

Adoption request sent to 'https://172.16.0.10:8080/inform'.

1. please adopt it on the controller
2. issue the set-inform command again
3. <inform_url> will be saved after device is successfully managed

UniFi# reboot

There is also /etc/persistent/ directory that can be used by various services.

BZ.v3.8.6# grep -r persistent /etc/* 2>/dev/null
/etc/passwd:root:$1$M2dy9$...:0:0:Administrator:/etc/persistent:/bin/sh
/etc/passwd:nobody:x:0:0:Administrator:/etc/persistent:/bin/false
/etc/profile:if [ -e /etc/persistent/profile ]; then
/etc/profile:	. /etc/persistent/profile
/etc/rc.d/rc.sysinit:	if [ -e /etc/persistent/https/$f ]; then
/etc/rc.d/rc.sysinit:		ln -s /etc/persistent/https/$f /etc/httpd/$f
/etc/rc.d/rc.sysinit:	if [ ! -f /etc/persistent/dropbear_rsa_host_key ]; then
/etc/rc.d/rc.sysinit:		dropbearkey -t rsa -f /etc/persistent/dropbear_rsa_host_key
/etc/rc.d/rc.sysinit:	cp /etc/persistent/dropbear_rsa_host_key /var/run/dropbear_rsa_host_key
/etc/rc.d/rc.sysinit:	if [ ! -f /etc/persistent/dropbear_dss_host_key ]; then
/etc/rc.d/rc.sysinit:		dropbearkey -t dss -f /etc/persistent/dropbear_dss_host_key
/etc/rc.d/rc.sysinit:	cp /etc/persistent/dropbear_dss_host_key /var/run/dropbear_dss_host_key
/etc/rc.d/rc.sysinit:/sbin/hotplug2 --persistent --set-rules-file /usr/etc/hotplug2.rules &
/etc/rc.d/rc.modules:[ ! -e /etc/persistent/no-modules -a -d /etc/modules.d ] || exit 0

Just remember to store its contents.

BZ.v3.8.6# cfgmtd -p /etc/ -w
Found  Active on[1] ...
Found Backup1 on[2] ...
Storing Active[2] ... [%100]
Active->Backup[1] ... [%100]

There is also very interesting syswrapper.sh shell script located on UniFi AP devices with many useful actions.

BZ.v3.8.6# grep "^[a-z].*)$" /usr/bin/syswrapper.sh | sed 's/)$//'
set-tmp-ip
set-adopt
set-channel
ip-changed
dhclient-renew-subnet
dhclient-renew-dhcprange
led-locate
set-locate
unset-locate
set-custom-sysled
unset-custom-sysled
set-volume
set-stream
set-stream-media
unset-stream
scan
scan-2G-background
scan-5G-background
spectrum-scan
spectrum-scan-restore
apply-config
soft-restart
save-config
reload
set-ready
set-meshv3-payload
unset-meshv3-payload
ssh-adopt
set-selfrun
unset-selfrun
restart
restore-default
download-firmware
upgrade
upgrade2
kick-sta
kick-sta-on
block-sta
unblock-sta
apply-blocked-sta
authorize-guest
unauthorize-guest
apply-authorized-guests
clear-authorized-guests
refresh-walled-garden
kill-mcad
mca-custom-alert
gen-sup
gen-sup-file
schedule-action
run
dfs-reset

Visit Ubiquiti community for more revelant information.

Milosz Galazka's Picture

About Milosz Galazka

Milosz is a Linux Foundation Certified Engineer working for a successful Polish company as a system administrator and a long time supporter of Free Software Foundation and Debian operating system. He is also open for new opportunities and challenges.

Gdansk, Poland https://sleeplessbeastie.eu