I almost just want to buy a cloud key because I think it'll be easier. -_- <> = Hosted as a docker container = This turns out to be the nicest solution yet. You need a decently beefy host to run it, but I find it less annoying than the raw Java app in a .deb that needs fiddly backups and upgrades periodically. Via: https://hub.docker.com/r/linuxserver/unifi-controller Details on deployment are here: [[servers/illustrious#Unifi_controller]] = DIY controller stuff = On any sort of OS: * https://community.ui.com/questions/UniFi-Installation-Scripts-or-UniFi-Easy-Update-Script-or-UniFi-Lets-Encrypt-or-UniFi-Easy-Encrypt-/ccbc7530-dd61-40a7-82ec-22b17f027776 * https://get.glennr.nl/unifi/install/unifi-5.13.32.sh Some easy guides: * Easy-UBNT for supported OSes: https://community.ui.com/questions/Easy-UBNT-Install-Update-and-Secure-UBNT-Software/9ccb57b3-b9a7-4e42-9bae-2306efd8243f * Controller on an RPi, with Pi-hole: https://community.ui.com/questions/Step-By-Step-Tutorial-Guide-Raspberry-Pi-with-UniFi-Controller-and-Pi-hole-from-scratch-headless/e8a24143-bfb8-4a61-973d-0b55320101dc I should really setup pihole one of these days, and then I can also use it for dnsmasq and local DNS that doesn't die when the internet goes down. Just get DNS off the USG, I already don't use it as it is. = Installation on vector = I used the Easy Update Script mentioned above to install the controller on [[servers/vector]], then import the old site config. * wget https://get.glennr.nl/unifi/install/unifi-6.2.17.sh * Grow partition with cfdisk, then FS with resize2fs * bash unifi-6.2.17.sh * Setup new empty site, create local admin account * Import site from old controller * Update DNS to point unifi to vector = A real signed SSL cert for the controller = This SSL cert command doesn't frikken work, yet it should be exactly the perfect method. -_- `java -jar /usr/lib/unifi/lib/ace.jar import_key_cert STAR_thighhighs_top.key.stripped STAR_thighhighs_top.crt` Instead I used this script, it's stashed in `/root/unifi-import-cert.sh` {{{ # Backup previous keystore cp /var/lib/unifi/keystore /var/lib/unifi/keystore.backup.$(date +%F_%R) # Convert cert to PKCS12 format openssl pkcs12 -export \ -inkey /etc/ssl/STAR_thighhighs_top.key \ -in /etc/ssl/STAR_thighhighs_top.crt \ -out /etc/ssl/STAR_thighhighs_top.p12 \ -name unifi -password pass:unifi # Install certificate keytool -importkeystore \ -deststorepass aircontrolenterprise \ -destkeypass aircontrolenterprise \ -destkeystore /var/lib/unifi/keystore \ -srckeystore /etc/ssl/STAR_thighhighs_top.p12 \ -srcstoretype PKCS12 \ -srcstorepass unifi \ -alias unifi \ -noprompt # Restart UniFi controller systemctl restart unifi }}}