User Tools

Site Tools


vm:unifi

Unifi

Docker

Since everything else failed…
References:

Download Ubuntu 18.04 container Template from Proxmox: Proxmox > Local > Templates
Set up a CT with this Template with password/ssh keys + 32GB of disk, 1GB RAM + IP 192.268.1.70/24
Download script:

wget https://get.glennr.nl/unifi/install/unifi-7.3.83.sh
bash unifi-7.3.83.sh

Ubuntu

OS: Ubuntu 22.04 Server LTS (laziness, mostly)
IP: 192.168.1.70 (unifi.fortier-family.com)

Install

Following :

apt update && apt upgrade -y
apt install openjdk-8-jdk ca-certificates apt-transport-https -y
 
echo 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list
apt-key adv --keyserver keyserver.ubuntu.com --recv 06E85760C0A52C50
apt update && apt install unifi -y
#### ERRORS #####
wget https://get.glennr.nl/unifi/install/unifi-7.1.66.sh
chmod +x unifi-7.1.66.sh
./unifi-7.1.sh
systemctl status unifi

Previous _Failed_ Install

sudo apt-get update && sudo apt-get install ca-certificates apt-transport-https
echo 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list
wget -qO - https://www.mongodb.org/static/pgp/server-3.4.asc | sudo apt-key add -
echo "deb https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.4.list
sudo apt-get update
sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ui.com/unifi/unifi-repo.gpg 
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 06E85760C0A52C50 
sudo apt-get update && sudo apt-get install unifi -y
systemctl enable --now unifi
apt install default-jre

Top shit → doesn't work… m(

 wget https://dl.ui.com/unifi/6.5.55/unifi_sysvinit_all.deb
dpkg -i unifi_sysvinit_all.deb
apt-get install -f

doesn't work either…

 wget https://get.glennr.nl/unifi/install/unifi-6.5.55.sh
bash unifi-6.5.55.sh 

Interface

here

Timezone

timedatectl set-timezone Europe/Zurich
timedatectl

NTP client

vi /etc/systemd/timesyncd.conf
[Time]
NTP=ntp.fortier-family.com
timedatectl set-ntp true
timedatectl status
systemctl restart systemd-timesyncd

NTP server (NOT DONE, now on another server)

Why not? :-)

apt-get install ntp
sntp --version
vi /etc/ntp.conf

choose a pool close : https://support.ntp.org/bin/view/Servers/NTPPoolServers

server 0.ch.pool.ntp.org
server 1.ch.pool.ntp.org
server 2.ch.pool.ntp.org
server 3.ch.pool.ntp.org
systemctl restart ntp
systemctl status ntp
...kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
 ufw allow from any to any port 123 proto udp

Remove fucking cloud-init

every reboot … SSH Keys are regenerated !! How stoopid is that?! m( m( m( m( m( m( m( m( m( m( m( m( m( m( m( m(

ssh 192.168.1.70
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:y7imTO26lQ4UFuIDhuJ+aRl6v3JdsUEeUBghUx7V/+o.
Please contact your system administrator.
Add correct host key in /Users/fortiera/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/fortiera/.ssh/known_hosts:309
Host key for 192.168.1.70 has changed and you have requested strict checking.
Host key verification failed.
dpkg-reconfigure cloud-init # None (28)
 
dpkg-reconfigure cloud-init
apt-get purge cloud-init
rm -rf /etc/cloud/ && sudo rm -rf /var/lib/cloud/

Archlinux

since Unifi is not providing statistics… Java Power !! Let's install it on Arch Basic Archlinux Install

gdisk /dev/sda 

# create one partition for EFI + 1 for /

UEFI de merde

root@archiso ~ # gdisk /dev/sda
GPT fdisk (gdisk) version 1.0.8
 
Partition table scan:
  MBR: not present
  BSD: not present
  APM: not present
  GPT: not present
 
Creating new GPT entries in memory.
 
Command (? for help): o
This option deletes all partitions and creates a new protective MBR.
Proceed? (Y/N): Y
 
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-67108830, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-67108830, default = 67108830) or {+-}size{KMGTP}: +550M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): EF00
Changed type of partition to 'EFI system partition'
 
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-67108830, default = 1128448) or {+-}size{KMGTP}:
Last sector (1128448-67108830, default = 67108830) or {+-}size{KMGTP}:
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300):
Changed type of partition to 'Linux filesystem'
 
Command (? for help): p
Disk /dev/sda: 67108864 sectors, 32.0 GiB
Model: QEMU HARDDISK
Sector size (logical/physical): 512/512 bytes
Disk identifier (GUID): 2B7EBB37-FD6B-495E-8DFF-A2B02184B4BA
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 67108830
Partitions will be aligned on 2048-sector boundaries
Total free space is 2014 sectors (1007.0 KiB)
 
Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048         1128447   550.0 MiB   EF00  EFI system partition
   2         1128448        67108830   31.5 GiB    8300  Linux filesystem
 
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
 
Do you want to proceed? (Y/N): Y
OK; writing new GUID partition table (GPT) to /dev/sda.
The operation has completed successfully.
mkfs.ext4 -L ROOT /dev/sda2
mkfs.vfat -F32 -n EFI /dev/sda1
mount /dev/sda2 /mnt
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
pacstrap /mnt linux-hardened base base-devel intel-ucode vim linux-firmware dhcpcd networkmanager git openssh go net-snmp wget
genfstab -U /mnt >> /mnt/etc/fstab
arch-chroot /mnt/
===== Config =====
echo "unifi" > /etc/hostname
echo LANG=en_US.UTF-8 > /etc/locale.conf
ln -s `which vim` /usr/bin/vi
vi /etc/locale.gen
#uncomment #en_US.utf-8
locale-gen
echo KEYMAP=us-acentos > /etc/vconsole.conf
echo FONT=lat9w-16 >> /etc/vconsole.conf
ln -sf /usr/share/zoneinfo/Europe/Zurich /etc/localtime
echo "#<ip-address>	<hostname.domain.org>	<hostname>
127.0.0.1	monitor.localdomain	monitor" >/etc/hosts
 
==== Init/boot ====
<code bash>
vi /etc/mkinitcpio.conf
# HOOKS=(base keyboard udev autodetect modconf block keymap filesystems)
mkinitcpio -p linux-hardened
bootctl --path=/boot install
  • /boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux-hardened
initrd /intel-ucode.img
initrd /initramfs-linux-hardened.img
options root="LABEL=ROOT" rw
  • /boot/loader/loader.conf
default  arch.conf
timeout  4
console-mode max
#editor   no
passwd

post install

pacman -S htop zsh ccze dfc
useradd -m warnaud

AUR Helper

su - warnaud
cd /tmp
mkdir yay
curl https://aur.archlinux.org/cgit/aur.git/plain/PKGBUILD?h=yay > /tmp/yay/PKGBUILD
cd yay
makepkg
su
pacman -U yay*.zst

Static IP

vi /etc/systemd/network/ens192.network
[Match]
Name=ens192
 
[Network]
Address=192.168.1.60/24
Gateway=192.168.1.1
DNS=192.168.1.10
DNS=192.168.1.11
systemctl enable --now systemd-networkd

Reference

vm/unifi.txt · Last modified: 2023/02/16 09:43 by warnaud