Installing Ubiquiti Unifi Controller on CentOS 6.x
Upon needing to install a Ubiquiti Unifi controller on a VM recently, I found that they only have official support for Windows and Debian variants. Although I enjoy Debian and the like just fine, I thought I’d give it a go to install the controller on CentOS 6.5.
We’ll:
- Install CentOS
- Update CentOS
- Install MongoDB
- Install Java JRE
- Install UniFi
- Create UniFi Service
- Open Ports for UniFi through IPTables
- Notes on SELinux
- Wrap Up
1. Install CentOS
Funny enough, I thought I had a little article written on installing CentOS. Apparently I don’t. But dont be afraid, there are lots of articles on this simple process. Just search on the web for “Install CentOS” and find one for the version your using. Most likely you wont be led too far astray. (try this link)
2. Update CentOS
Updating CentOS is a simple command using Yum. You just want to make sure that CentOS is up to date before its gets off the ground running.
# yum update -y
This will update all necessary files automatically from the built-in repo’s.
3. Install MongoDB
MongoDB is a great noSQL database that UniFi uses to store data.
see the MongoDB Manual for reference
1. Install the MongoDB repo.
# vi /etc/yum.repos.d/mongodb.repo
using copy/paste, add this to the file:
[mongodb] name=MongoDB Repository baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/ gpgcheck=0 enabled=1
Save the file out (:x enter)
2. Install the mongoDB software.
# yum install -y mongo-10gen mongo-10gen-server
3. Start the MongoD service and enable startup through chkconfig.
# service mongod start # chkconfig mongod on
4. Install Java JRE
UniFi requires Java to run. Lets install it!
1. Install JRE.
Frustrating as it is, you need to get the RPM from Oracle, but they require that you accept a EULA in a webpage in order to do that. We can bypass this with a great little workaround.
At the time of writing, Java 7u51 was the latest. Well be installing that, but you’ll want to check the Oracle Java Download Page in order to find out what your latest version is.
Otherwise, well run a wget on the RPM, accepting the cookie ( remember your version might be different! ):
wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-oraclelicense-cookie" http://download.oracle.com/otn-pub/java/jdk/7u51-b13/jre-7u51-linux-x64.rpm
2. Install the RPM.
You’ll now install the RPM ( remember that version might be different! ):
# rpm -ivh jre-7u51-linux-x64.rpm
5. Install UniFi
1. First off, we want to check and find out what the latest version is. At the time of writing, we are still in the 2.x versions, and they are working out some kinks in the 3.x versions. I am sure that they’ll get that stable soon. Either way, you’ll want to check the UniFi Blog for updates, and get the latest stable.
2. Next you’ll want to download the UniFi.unix.zip file from Ubiquiti. This file location is on the blog. They unfortunately have a silly EULA as well, but at the time of writing I didn’t have the time to find the cookie, so justdownload and SFTP it over to the server.
3. Then well want to unzip the file, so get yourself to wherever you SFTPd the file to on the server CLI and:
# unzip -q UniFi.unix.zip
4. Next, we will move that recently extracted directory to the /opt:
# mv ./UniFi /opt
5. After that, well want to make sure that the MongoD binary has a symbolic link into the folder we just moved.
If you don’t know where your MongoD binary is, you can search ( mine was located in /usr/bin/ ):
# find / -name mongod
After you’ve located the bin file, you can make the symlink in /opt/UniFi/bin/:
# cd /opt//UniFi/bin/ # sudo ln -fs /usr/bin/mongod mongod
6. Create UniFi Service
You can use VI to create the init file and then paste the data into it. You’ll want to check the paths in the data your pasting to make sure they match up (they should, but just a warning).
# vi /etc/init.d/UniFi
#!/bin/bash # chkconfig: 2345 95 20 # description: UniFi system # processname: UniFi ctrl_start() { #nohup java -jar JarFile.jar >myLogFile 2>>myErrorFile& java -jar /opt/UniFi/lib/ace.jar start & } ctrl_stop() { java -jar /opt/UniFi/lib/ace.jar stop & } ctrl_restart() { ctrl_stop sleep 1 ctrl_start } case "$1" in start) echo -n "starting UniFi system" ctrl_start echo " service started" ;; stop) echo -n "stopping UniFi system" ctrl_stop echo " service stopped" ;; restart) echo -n "restarting UniFi system" ctrl_restart echo "service restarted" ;; *) echo "usage: service UniFi {start|stop|restart}" ;; esac exit 0
Next, we want to make that service executable:
# chmod +x /etc/init.d/UniFi
And lastly we’ll add it to run on boot with chkconfig:
# chkconfig UniFi on
7. Open Ports with IPTables
You can read what ports are required to be open on the server here. We’ll just get started opening those ports in IPTables:
# vi /etc/sysconfig/iptables
We start by putting right above the ICMP line (-A INPUT -p icmp -j ACCEPT):
# -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
And we’ll do the same for 8081, 8443, 8880, 8843, 27117.
We also want the UDP port 3478 to be open (little different syntax):
# -A INPUT -m state --state NEW -m udp -p udp --dport 3478 -j ACCEPT
You can save/exit out of VI with (:x enter) and restart the iptables service to commit the changes:
# service iptables restart
8. Notes on SELinux
Seriously, take 50 minutes and enlighten yourself.
http://stopdisablingselinux.com/
9. Wrap Up
Reboot and you’ll be done.
Attempt ( with success ) to connect to http://yourserverip:8080 and get redirected to the self signed SSL cert acceptance.
Great job installing the UniFi Controller on a more enterprise-friendly Linux distribution!
Комментарии
Комментариев пока нет
Оставить комментарий