Differences

This shows you the differences between two versions of the page.

--- vm:unifi [2022/01/02 18:02] – warnaud
+++ vm:unifi [2023/02/16 09:43] (current) – [Docker] warnaud
@@ Line 1: / Line 1: @@
+====== Unifi ======
+VM to install [[https://www.ui.com/download/unifi/unifi-flex-hd|Unifi Network Application]]\\
+====== Docker ======
+Since everything else failed...\\
+References:
+  * https://community.ui.com/questions/UniFi-Installation-Scripts-or-UniFi-Easy-Update-Script-or-UniFi-Lets-Encrypt-or-UniFi-Easy-Encrypt-/ccbc7530-dd61-40a7-82ec-22b17f027776
+  * https://www.youtube.com/watch?v=peWzAUKbnlw
+  * https://glennr.nl/s/unifi-network-controller [UniFi scripts]
+Download Ubuntu 18.04 container Template from Proxmox: Proxmox > Local > Templates\\
+Set up a CT with this Template with password/ssh keys + 32GB of disk, 1GB RAM + IP 192.268.1.70/24\\
+Download script:
+<code bash>
+wget https://get.glennr.nl/unifi/install/unifi-7.3.83.sh
+bash unifi-7.3.83.sh
+</code>
+====== Ubuntu ======
+OS: Ubuntu 22.04 Server LTS (laziness, mostly)\\
+IP: 192.168.1.70 (unifi.fortier-family.com)
+===== Install =====
+Following :
+  * https://www.billysoftacademy.com/2022-tutorial-learn-how-to-install-the-unifi-controller-version-7-on-a-linux-ubuntu-20-04-lts-vm/ | https://www.billysoftacademy.com/wp-content/uploads/2022/06/UNIFI-INSTALLATION-COMMANDS.pdf
+<code bash>
+apt update && apt upgrade -y
+apt install openjdk-8-jdk ca-certificates apt-transport-https -y
+echo 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list
+apt-key adv --keyserver keyserver.ubuntu.com --recv 06E85760C0A52C50
+apt update && apt install unifi -y
+#### ERRORS #####
+</code>
+<code bash>
+wget https://get.glennr.nl/unifi/install/unifi-7.1.66.sh
+chmod +x unifi-7.1.66.sh
+./unifi-7.1.sh
+systemctl status unifi
+</code>
+====== Previous _Failed_ Install ======
+<code bash>
+sudo apt-get update && sudo apt-get install ca-certificates apt-transport-https
+echo 'deb https://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list
+wget -qO - https://www.mongodb.org/static/pgp/server-3.4.asc | sudo apt-key add -
+echo "deb https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.4.list
+sudo apt-get update
+sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ui.com/unifi/unifi-repo.gpg
+sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 06E85760C0A52C50
+sudo apt-get update && sudo apt-get install unifi -y
+systemctl enable --now unifi
+apt install default-jre
+</code>
+Top shit -> doesn't work... m(
+<code bash> wget https://dl.ui.com/unifi/6.5.55/unifi_sysvinit_all.deb
+dpkg -i unifi_sysvinit_all.deb
+apt-get install -f
+</code>
+doesn't work either...
+<code bash> wget https://get.glennr.nl/unifi/install/unifi-6.5.55.sh
+bash unifi-6.5.55.sh </code>
+===== Interface =====
+-> [[https://unifi.fortier-family.com:8443/|here]]
+===== Timezone =====
+<code bash>
+timedatectl set-timezone Europe/Zurich
+timedatectl
+</code>
+===== NTP client =====
+<code bash>vi /etc/systemd/timesyncd.conf</code>
+<code perl>
+[Time]
+NTP=ntp.fortier-family.com
+</code>
+<code bash>timedatectl set-ntp true
+timedatectl status
+systemctl restart systemd-timesyncd
+</code>
+===== NTP server (NOT DONE, now on another server) =====
+Why not? :-)
+<code bash>
+apt-get install ntp
+sntp --version
+vi /etc/ntp.conf</code>
+choose a pool close : https://support.ntp.org/bin/view/Servers/NTPPoolServers
+<code perl>
+server 0.ch.pool.ntp.org
+server 1.ch.pool.ntp.org
+server 2.ch.pool.ntp.org
+server 3.ch.pool.ntp.org
+</code>
+<code bash>systemctl restart ntp
+systemctl status ntp</code>
+<code perl>
+...kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized</code>
+<code bash> ufw allow from any to any port 123 proto udp</code>
+===== Remove fucking cloud-init =====
+every reboot ... SSH Keys are regenerated !! How stoopid is that?! m( m( m( m( m( m( m( m( m( m( m( m( m( m( m( m(
+<code bash>ssh 192.168.1.70
+@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
+@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
+@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
+IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
+Someone could be eavesdropping on you right now (man-in-the-middle attack)!
+It is also possible that a host key has just been changed.
+The fingerprint for the ED25519 key sent by the remote host is
+SHA256:y7imTO26lQ4UFuIDhuJ+aRl6v3JdsUEeUBghUx7V/+o.
+Please contact your system administrator.
+Add correct host key in /Users/fortiera/.ssh/known_hosts to get rid of this message.
+Offending ECDSA key in /Users/fortiera/.ssh/known_hosts:309
+Host key for 192.168.1.70 has changed and you have requested strict checking.
+Host key verification failed.</code>
+<code bash>
+dpkg-reconfigure cloud-init # None (28)
+dpkg-reconfigure cloud-init
+apt-get purge cloud-init
+rm -rf /etc/cloud/ && sudo rm -rf /var/lib/cloud/
+</code>
+====== Archlinux ======
+since Unifi is not providing statistics... Java Power !! Let's install it on Arch
+Basic Archlinux Install
+<code bash>gdisk /dev/sda </code>
+# create one partition for EFI + 1 for /
+==== UEFI de merde ====
+<code perl>
+root@archiso ~ # gdisk /dev/sda
+GPT fdisk (gdisk) version 1.0.8
+Partition table scan:
+  MBR: not present
+  BSD: not present
+  APM: not present
+  GPT: not present
+Creating new GPT entries in memory.
+Command (? for help): o
+This option deletes all partitions and creates a new protective MBR.
+Proceed? (Y/N): Y
+Command (? for help): n
+Partition number (1-128, default 1):
+First sector (34-67108830, default = 2048) or {+-}size{KMGTP}:
+Last sector (2048-67108830, default = 67108830) or {+-}size{KMGTP}: +550M
+Current type is 8300 (Linux filesystem)
+Hex code or GUID (L to show codes, Enter = 8300): EF00
+Changed type of partition to 'EFI system partition'
+Command (? for help): n
+Partition number (2-128, default 2):
+First sector (34-67108830, default = 1128448) or {+-}size{KMGTP}:
+Last sector (1128448-67108830, default = 67108830) or {+-}size{KMGTP}:
+Current type is 8300 (Linux filesystem)
+Hex code or GUID (L to show codes, Enter = 8300):
+Changed type of partition to 'Linux filesystem'
+Command (? for help): p
+Disk /dev/sda: 67108864 sectors, 32.0 GiB
+Model: QEMU HARDDISK
+Sector size (logical/physical): 512/512 bytes
+Disk identifier (GUID): 2B7EBB37-FD6B-495E-8DFF-A2B02184B4BA
+Partition table holds up to 128 entries
+Main partition table begins at sector 2 and ends at sector 33
+First usable sector is 34, last usable sector is 67108830
+Partitions will be aligned on 2048-sector boundaries
+Total free space is 2014 sectors (1007.0 KiB)
+Number  Start (sector)    End (sector)  Size       Code  Name
+            2048         1128447   550.0 MiB   EF00  EFI system partition
+         1128448        67108830   31.5 GiB    8300  Linux filesystem
+Command (? for help): w
+Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
+PARTITIONS!!
+Do you want to proceed? (Y/N): Y
+OK; writing new GUID partition table (GPT) to /dev/sda.
+The operation has completed successfully.
+</code>
+<code bash>
+mkfs.ext4 -L ROOT /dev/sda2
+mkfs.vfat -F32 -n EFI /dev/sda1
+mount /dev/sda2 /mnt
+mkdir /mnt/boot
+mount /dev/sda1 /mnt/boot
+pacstrap /mnt linux-hardened base base-devel intel-ucode vim linux-firmware dhcpcd networkmanager git openssh go net-snmp wget
+genfstab -U /mnt >> /mnt/etc/fstab
+arch-chroot /mnt/
+===== Config =====
+echo "unifi" > /etc/hostname
+echo LANG=en_US.UTF-8 > /etc/locale.conf
+ln -s `which vim` /usr/bin/vi
+</code>
+<code bash>
+vi /etc/locale.gen
+#uncomment #en_US.utf-8
+</code>
+<code bash>
+locale-gen
+echo KEYMAP=us-acentos > /etc/vconsole.conf
+echo FONT=lat9w-16 >> /etc/vconsole.conf
+ln -sf /usr/share/zoneinfo/Europe/Zurich /etc/localtime
+echo "#<ip-address>	<hostname.domain.org>	<hostname>
+.0.0.1	monitor.localdomain	monitor" >/etc/hosts
+==== Init/boot ====
+<code bash>
+vi /etc/mkinitcpio.conf
+# HOOKS=(base keyboard udev autodetect modconf block keymap filesystems)
+</code>
+<code bash>
+mkinitcpio -p linux-hardened
+bootctl --path=/boot install
+</code>
+  * /boot/loader/entries/arch.conf
+<code perl>
+title Arch Linux
+linux /vmlinuz-linux-hardened
+initrd /intel-ucode.img
+initrd /initramfs-linux-hardened.img
+options root="LABEL=ROOT" rw</code>
+  * /boot/loader/loader.conf
+<code perl>
+default  arch.conf
+timeout  4
+console-mode max
+#editor   no
+</code>
+<code bash>passwd
+</code>
+==== post install ====
+<code bash>pacman -S htop zsh ccze dfc</code>
+<code bash>useradd -m warnaud</code>
+=== AUR Helper ===
+<code bash>
+su - warnaud
+cd /tmp
+mkdir yay
+curl https://aur.archlinux.org/cgit/aur.git/plain/PKGBUILD?h=yay > /tmp/yay/PKGBUILD
+cd yay
+makepkg
+su
+pacman -U yay*.zst
+</code>
+=== Static IP ===
+<code bash>vi /etc/systemd/network/ens192.network</code>
+<code perl>
+[Match]
+Name=ens192
+[Network]
+Address=192.168.1.60/24
+Gateway=192.168.1.1
+DNS=192.168.1.10
+DNS=192.168.1.11
+</code>
+<code bash>systemctl enable --now systemd-networkd</code>
+====== Reference ======
+  * https://help.ui.com/hc/en-us/articles/220066768-UniFi-Network-How-to-Install-and-Update-via-APT-on-Debian-or-Ubuntu
+  * https://technium.ch/unifi-controller-lxc-container-installieren-tutorial/
+  * https://community.ui.com/questions/Java-Home-Directory-Fail-Issue-on-Ubuntu-RESOLVED/1faea5fd-6eda-4be9-a12f-676ef6be2529
+  * https://community.ui.com/questions/UniFi-Installation-Scripts-or-UniFi-Easy-Update-Script-or-UniFi-Lets-Encrypt-or-UniFi-Easy-Encrypt-/ccbc7530-dd61-40a7-82ec-22b17f027776
+  * https://vitux.com/how-to-install-ntp-server-and-client-on-ubuntu/
+  * https://linuxize.com/post/how-to-set-or-change-timezone-on-ubuntu-20-04/
+  * https://davidshomelab.com/unifi-controller-setup-on-ubuntu-20-04lts/