Unifi Controller
Manage Ubiquity Unifi APs & Switches.
Ansible Role: radarr
You may copy your existing configuration to unifi_data directory
adjusting paths.
Read Example Unifi VLAN for detailed configuration instructions on an example network.
# Unifi
Unifi installation from public release tarball.
## Requirements
No additional requirements.
## Role Variables
Settings have been throughly documented for usage.
[defaults/main.yml](https://github.com/r-pufky/ansible_unifi/blob/main/defaults/main/main.yml).
### Ports
All ports and protocols have been defined for the role.
Hosts should only define firewall rules for ports they need.
[defaults/ports.yml](https://github.com/r-pufky/ansible_unifi/blob/main/defaults/main/ports.yml).
## Dependencies
N/A
## Example Playbook
Default role setting will deploy a vanilla Unifi Controller instance.
site.yml
``` yaml
- name: 'unifi server'
hosts: 'unifi.example.com'
become: true
roles:
- 'r_pufky.unifi'
```
## Issues
Create a bug and provide as much information as possible.
Associate pull requests with a submitted bug.
## License
[AGPL-3.0 License](https://github.com/r-pufky/ansible_unifi/blob/main/LICENSE)
## Author Information
https://keybase.io/rpufky
BLOCKING OS Distribution upgrades REQUIRE: Universal repo, Java dependency current requires backport.
Role Details: Updated: 2022-10-09 galaxy source service docs
Ports
---
###############################################################################
# Ports Configuration
###############################################################################
# Ports should be managed externally via an OS role.
#
# Reference:
# * https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used
# * https://docs.ansible.com/ansible/latest/collections/community/general/ufw_module.html
ports:
- {proto: 'udp', from_ip: 'any', to_port: 3478, direction: 'in', comment: 'STUN'}
- {proto: 'udp', from_ip: 'any', to_port: 5514, direction: 'in', comment: 'remote syslog capture'}
- {proto: 'udp', from_ip: 'any', to_port: '5656:5699', direction: 'in', comment: 'AP-EDU broadcasting'}
- {proto: 'udp', from_ip: 'any', to_port: 10001, direction: 'in', comment: 'device discovery'}
- {proto: 'udp', from_ip: 'any', to_port: 1900, direction: 'in', comment: 'L2 network discovery'}
- {proto: 'tcp', from_ip: 'any', to_port: 8080, direction: 'in', comment: 'device/application communication'}
- {proto: 'tcp', from_ip: 'any', to_port: 8443, direction: 'in', comment: 'WebUI'}
- {proto: 'tcp', from_ip: 'any', to_port: 8880, direction: 'in', comment: 'HTTP portal redirection'}
- {proto: 'tcp', from_ip: 'any', to_port: 8843, direction: 'in', comment: 'HTTPS portal redirection'}
- {proto: 'tcp', from_ip: 'any', to_port: 6789, direction: 'in', comment: 'unifi mobile speed test'}
- {proto: 'tcp', from_ip: '127.0.0.1', to_ip: '127.0.0.1', to_port: 27117, direction: 'in', comment: 'database communication (localhost only)'}
Defaults
---
###############################################################################
# Unifi Controller Role Configuration
###############################################################################
# If unifi controller IP changes, ssh to each device to migrate to new IP:
#
# set-inform http://{IP}:8080/inform
#
# Backup/Restore tasks: automatic upgrade will fail unless a backup is made.
#
# Reference:
# * https://community.ui.com/questions/unifi-apt-get-upgrade-prompt-for-backups/f2ac7635-07f4-46fe-aeda-2933af474174
# User that unifi will run under. Assumes externally managed.
unifi_user: 'unifi'
unifi_group: 'unifi'
# User that MongoDB will run under. Assumes externally managed.
mongo_user: 'mongodb'
mongo_group: 'mongodb'
# Create 'unifi'/'mongodb' user if not detected? See: vars/main.yml.
unifi_create_user: false
# Installation directory
unifi_data: '/var/lib/unifi'
# Staging directory for backups
unifi_staging: '/var/lib/unifi-staging'
# Target location of backup file on ansible host.
unifi_local_backup: 'host_vars/data/unifi-config.tar.gz'
# Backup MongoDB on upgrades? (If false autoupgrades will fail).
unifi_backup: true