Skip to content

Instantly share code, notes, and snippets.

@keilmillerjr

keilmillerjr/Create_Remote_UniFi_SDN_Controller.md

Last active October 21, 2020 08:20
Show Gist options
  • Save keilmillerjr/eb54fbfa846f29e303a54cf6a13cbe5e to your computer and use it in GitHub Desktop.
Save keilmillerjr/eb54fbfa846f29e303a54cf6a13cbe5e to your computer and use it in GitHub Desktop.
Download ZIP
Create Remote UniFi SDN Controller
Raw
Create_Remote_UniFi_SDN_Controller.md

Create Remote UniFi SDN Controller

Create A New Linode

Directions are loose. Follow on screen directions appropriately.

  1. https://cloud.linode.com/linodes > Add a Linode
  2. Choose a Distribution > Images > Debian 10
  3. Generate an SSH Key if not present
  4. $ ssh-keygen
  5. ~ cat ~/.ssh/id_rsa.pub
  6. Copy public key results
  7. Add SSH Key from local computer
  8. Label > id_rsa
  9. SSH Public Key > <paste public key results>
  10. Create

SSH into your Linode

The public IP Address of your linode can be found here.

# Replace IP Address with IP Address of Linode
$ ssh [email protected]

Unifi Installation Script

UniFi Installation Scripts | UniFi Easy Update Script | UniFi Let's Encrypt | Ubuntu 16.04, 18.04, 18.10, 19.04, 19.10, 20.04 and 20.10 | Debian 8, 9, 10 and 11

  1. SSH into your Linode as root.
$ apt-get update; apt-get install ca-certificates wget -y
$ rm unifi-latest.sh &> /dev/null; wget https://get.glennr.nl/unifi/install/install_latest/unifi-latest.sh && bash unifi-latest.sh

Controller Status

  1. SSH into your Linode as root.
$ sudo service unifi restart
$ sudo service unifi status
$ sudo service unifi start
$ sudo service unifi stop

Browse to Controller

The default port for UniFi is 8443. You can use a web broser and navigate to https://ip.of.your.server:8443 or https://mydomain.com:8443

Adding a Domain Name

Add Domain

  1. https://cloud.linode.com/domains > Add a Domain
  2. Select Master
  3. Domain > <yourdomain.com>
  4. SOA Email Address > <[email protected]>
  5. Insert Default Records > Insert default records from one of my Linodes.
  6. Linode > <your linode>
  7. Create

Edit Domain

  1. https://cloud.linode.com/domains > Edit DNS Records
  2. Remove instances of mail server. They are not needed for unifi.

Generate SSL Certificate

SSH into your Linode as root. Fill out the questionair presented by openssl.

$ mkdir /root/certs && cd /root/certs
$ openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out MyCertificate.crt -keyout MyKey.key

Install Nginx

SSH into your Linode as root.

$ sudo apt update
$ sudo apt install nginx

Configure Nginx

By default on Debian systems, Nginx server blocks configuration files are stored in /etc/nginx/sites-available directory, which are enabled through symbolic links to the /etc/nginx/sites-enabled/ directory.

SSH into your Linode as root and create a Nginx configuration file. Port 80 is pointed towards port 443 (SSL).

$ nano /etc/nginx/sites-available/unifi.conf
--------------------
server {
  listen 80;
  listen [::]:80;

  server_name mydomain.com www.mydomain.com;

  return 301 https://mydomain.com/$request_uri;
}

server {
  listen 443 ssl;
  listen [::]:443 ssl;

  server_name mydomain.com www.mydomain.com;

  ssl on;
  ssl_certificate /root/certs/MyCertificate.crt;
  ssl_certificate_key /root/certs/MyKey.key;
  
  location / {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

    proxy_pass https://192.168.1.1:8443/$request_uri;
    proxy_read_timeout 90;

    proxy_redirect https://192.168.1.1:8443 https://mydomain.com;
  }
}

Create a symbolic link.

$ ln -s /etc/nginx/sites-available/unifi.conf /etc/nginx/sites-enabled/

Test the configuration.

$ sudo nginx -t

If there are no errors, the output will look like this:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Restart Nginx.

$ sudo systemctl restart nginx

You should now be able to browse to https://mydomain.com and see the UniFi SDM Controller login page.

Adopt A Device

The Discover Device feature is only compatible with the Chrome web browser.

  1. Connect device to a router with internet access. Reset if necessary by holding the reset button for 10 seconds.
  2. UniFi Network Portal Devices
  3. Toggle Discover Device ON.
  • Install Ubiquiti Device Discovery Tool Extension when prompted.
  1. Click Adopt on device row.
  2. Controller > <your controller>
  3. Adopt

Device will be adopted to the default site of your controller.

  1. Launch your controller
  • UniFi Network Portal Controllers > <your controller> > launch
  • https://mydomain.com
  • 192.168.1.1:8443
  1. Create a new site
  2. Current Site > Add new site > <your site> > submit
  3. Settings > WiFi Networks Create New Wireless Network
  4. Move device to your site
  5. Current Site > Default
  6. Devices > <device> > Config > Manage Device > Move this device to > <your site> > confirm
  7. Current Site > <your site>
  8. Devices > <device>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment