|
⇤ ← Revision 1 as of 2021-03-31 16:22:29
Size: 954
Comment: DIY controller
|
Size: 2502
Comment: copy install notes from vector
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 14: | Line 14: |
= Installation on vector = I used the Easy Update Script mentioned above to install the controller on [[servers/vector]], then import the old site config. * wget https://get.glennr.nl/unifi/install/unifi-6.2.17.sh * Grow partition with cfdisk, then FS with resize2fs * bash unifi-6.2.17.sh * Setup new empty site, create local admin account * Import site from old controller * Update DNS to point unifi to vector = A real signed SSL cert for the controller = This SSL cert command doesn't frikken work, yet it should be exactly the perfect method. -_- `java -jar /usr/lib/unifi/lib/ace.jar import_key_cert STAR_thighhighs_top.key.stripped STAR_thighhighs_top.crt` Instead I used this script, it's stashed in `/root/unifi-import-cert.sh` {{{ # Backup previous keystore cp /var/lib/unifi/keystore /var/lib/unifi/keystore.backup.$(date +%F_%R) # Convert cert to PKCS12 format openssl pkcs12 -export \ -inkey /etc/ssl/STAR_thighhighs_top.key \ -in /etc/ssl/STAR_thighhighs_top.crt \ -out /etc/ssl/STAR_thighhighs_top.p12 \ -name unifi -password pass:unifi # Install certificate keytool -importkeystore \ -deststorepass aircontrolenterprise \ -destkeypass aircontrolenterprise \ -destkeystore /var/lib/unifi/keystore \ -srckeystore /etc/ssl/STAR_thighhighs_top.p12 \ -srcstoretype PKCS12 \ -srcstorepass unifi \ -alias unifi \ -noprompt # Restart UniFi controller systemctl restart unifi }}} |
I really just want to buy a cloud key because I think it'll be easier. -_-
DIY controller stuff
On any sort of OS:
Some easy guides:
Easy-UBNT for supported OSes: https://community.ui.com/questions/Easy-UBNT-Install-Update-and-Secure-UBNT-Software/9ccb57b3-b9a7-4e42-9bae-2306efd8243f
Controller on an RPi, with Pi-hole: https://community.ui.com/questions/Step-By-Step-Tutorial-Guide-Raspberry-Pi-with-UniFi-Controller-and-Pi-hole-from-scratch-headless/e8a24143-bfb8-4a61-973d-0b55320101dc
I should really setup pihole one of these days, and then I can also use it for dnsmasq and local DNS that doesn't die when the internet goes down. Just get DNS off the USG, I already don't use it as it is.
Installation on vector
I used the Easy Update Script mentioned above to install the controller on servers/vector, then import the old site config.
- Grow partition with cfdisk, then FS with resize2fs
- bash unifi-6.2.17.sh
- Setup new empty site, create local admin account
- Import site from old controller
- Update DNS to point unifi to vector
A real signed SSL cert for the controller
This SSL cert command doesn't frikken work, yet it should be exactly the perfect method. -_-
java -jar /usr/lib/unifi/lib/ace.jar import_key_cert STAR_thighhighs_top.key.stripped STAR_thighhighs_top.crt
Instead I used this script, it's stashed in /root/unifi-import-cert.sh
# Backup previous keystore
cp /var/lib/unifi/keystore /var/lib/unifi/keystore.backup.$(date +%F_%R)
# Convert cert to PKCS12 format
openssl pkcs12 -export \
-inkey /etc/ssl/STAR_thighhighs_top.key \
-in /etc/ssl/STAR_thighhighs_top.crt \
-out /etc/ssl/STAR_thighhighs_top.p12 \
-name unifi -password pass:unifi
# Install certificate
keytool -importkeystore \
-deststorepass aircontrolenterprise \
-destkeypass aircontrolenterprise \
-destkeystore /var/lib/unifi/keystore \
-srckeystore /etc/ssl/STAR_thighhighs_top.p12 \
-srcstoretype PKCS12 \
-srcstorepass unifi \
-alias unifi \
-noprompt
# Restart UniFi controller
systemctl restart unifi