This documents everything I needed to get my Proxmox instance to listen to my UPS Server and initiate a shutdown script that would shutdown my UDM Pro. This is needed as the UDM Pro does not have the ability to listen to a NUT server on it's own (what the hell ubiquiti).
I'm using a Synology NAS as a NUT server, but you can point your NUT client to any supported UPS. It's set to alert any clients subscribed to it when the UPS connected to it is in low battery. This all applies regardless of what machine you have a NUT server on, it does not have to be Synology.
Additionally these install steps were on my Proxmox machine, but these steps will probably work on any Debian GNU/Linux OS with little to no modification. YMMV
High level summary of the steps:
- Install the NUT client on Proxmox
- Enable SSH on the UDM Pro
- Creating a no-passphrase SSH Key on Proxmox
- Add the SSH Public Key to Authorized Keys on UDM Pro
- Create a shutdown script that will SSH into UDM and initiate shutdown
- Call shutdown script with NUT Server broadcasts low battery
With small tweaks I believe most of these steps would work on most linux systems
apt-get install nut- Edit
/etc/nut/nut.conf:
MODE=netclient- Edit
/etc/nut/upsmon.conf:MONITOR <system> <powervalue> <username> <password> ("master"|"slave"):
MONITOR [email protected] 1 monuser secret slave- Start monitoring:
upsmon start- To check UPS status:
upsc <name>for direct attached units orupsc <name>@<address>for remote
upsc [email protected]This applies to my Synology NAS, I'm not sure if other NUT Servers will require this.
In synology go to Power>UPS Settings, add the IPs of all devices that will be accessing the NUT server. In my case I need to add the IP of my Proxmox instance. Ensure that you're using a static IP.
Go to your UniFi OS page select Console Settings. Enable SSH and set a password
I used the ssh-keygen -t rsa command to generate a new key. I stored it in the .ssh dir but gave it a name specific to the UDM id_rsa_udmp
This was a bit more involved...
Because keys get wiped after firmware updates (and restarts?), we need to ensure the Pubic key is added to the list of authorized keys on boot. I installed the UDMPro Boot Script Utility. Then added a script which ensures the public key lives in authorized_keys.
Once that utility is installed you can create the following file which will ensure the key lives in /root/.ssh/authorized_keys.
/data/on_boot.d/07-pub-key.sh
#!/bin/sh
echo 'ssh-rsa AAAAB...your-ssh-public-key root@proxmox' >> /root/.ssh/authorized_keysMake sure the script is executeable with chmod +x 07-pub-key.sh
On proxmox, create a shutdown script
/etc/nut/shutdown.sh
#!/bin/sh
echo 'Staring Shutdown Scirpt, initiated by NUT client'
ssh -i /root/.ssh/id_rsa_udmp [email protected] 'ubnt-systool poweroff' & sleep 2 && /sbin/shutdown -h +0Make sure the script is executeable with chmod +x shutdown.sh
Now update SHUTDOWNCMD in /etc/nut/upsmon.conf
SHUTDOWNCMD "/bin/bash /etc/nut/shutdown.sh >> /var/log/ups/ups.log"On Promox you can check the file /var/log/ups/ups.log to validate the shutdown script is being executed in a shutdown situation. That's it. Make sure you test and ensure this works on your system. Please feel free to add comments or suggestions.
Exactly what I needed, thanks for this great write-up.
Personally, I prefer to run 'ubnt-systool poweroff' instead of just 'poweroff'. It may be more graceful in shutting down processes cleanly. I'd imagine there must be some reason they wrote that command rather than just having people call shutdown. At worst, it just calls shutdown.
Additionally, I pasted the entire SSH shutdown command directly into /etc/nut/upsmon.conf instead of calling an external script. IMHO it will simplify the setup and avoid unnecessary dependencies, but it's just a matter of personal taste really.
PS. what the hell ubiquiti indeed.