Install UniFi controller to configure wireless network using Ubiquiti devices.

Initial server setup

Install dirmngr a server for managing and downloading OpenPGP and X.509 certificates.

$ sudo apt-get install dirmngr

Import UniFi Developers unifi-dev@ubnt.com public key.

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 06E85760C0A52C50

Configure software source.

$ cat << EOF | sudo tee /etc/apt/sources.list.d/unifi.list
deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti
EOF

Update package index.

$ sudo apt-get update

Install Ubiquiti UniFi server.

$ sudo apt-get install unifi
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  binutils ca-certificates-java default-jre-headless fontconfig-config fonts-dejavu-core java-common
  jsvc libavahi-client3 libavahi-common-data libavahi-common3 libboost-chrono1.62.0
  libboost-program-options1.62.0 libboost-regex1.62.0 libboost-thread1.62.0 libcommons-daemon-java
  libcups2 libfontconfig1 libgoogle-perftools4 libjpeg62-turbo liblcms2-2 libnspr4 libnss3 libpcap0.8
  libpcrecpp0v5 libpcsclite1 libsnappy1v5 libstemmer0d libtcmalloc-minimal4 libunwind8 libxi6
  libxrender1 libxtst6 libyaml-cpp0.5v5 mongo-tools mongodb-clients mongodb-server
  openjdk-8-jre-headless x11-common
Suggested packages:
  binutils-doc default-jre java-virtual-machine cups-common liblcms2-utils pcscd libnss-mdns
  fonts-dejavu-extra fonts-ipafont-gothic fonts-ipafont-mincho fonts-wqy-microhei fonts-wqy-zenhei
  fonts-indic
The following NEW packages will be installed:
  binutils ca-certificates-java default-jre-headless fontconfig-config fonts-dejavu-core java-common
  jsvc libavahi-client3 libavahi-common-data libavahi-common3 libboost-chrono1.62.0
  libboost-program-options1.62.0 libboost-regex1.62.0 libboost-thread1.62.0 libcommons-daemon-java
  libcups2 libfontconfig1 libgoogle-perftools4 libjpeg62-turbo liblcms2-2 libnspr4 libnss3 libpcap0.8
  libpcrecpp0v5 libpcsclite1 libsnappy1v5 libstemmer0d libtcmalloc-minimal4 libunwind8 libxi6
  libxrender1 libxtst6 libyaml-cpp0.5v5 mongo-tools mongodb-clients mongodb-server
  openjdk-8-jre-headless unifi x11-common
0 upgraded, 39 newly installed, 0 to remove and 1 not upgraded.
Need to get 131 MB of archives.
After this operation, 430 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
[...]

UniFi setup wizard

Open web-interface https://server_adddress:8443 and provide correct country and timezone.

You can add or adopt devices later, so click next button.

<p> You can perform wireless configuration later, so click <em>next</em> button. </p> <p class="align-center"> <img decoding="async" alt="" class="aligncenter size-large" src="/wp-content/uploads/2018/02/unifi_server_3.png" /></p <p> Define administrator username/password and credentials for device authentication. </p> <p class="align-center"> <img decoding="async" alt="" class="aligncenter size-large" src="/wp-content/uploads/2018/02/unifi_server_4.png" /></p <p> Review and confirm initial configuration. </p> <p class="align-center"> <img decoding="async" alt="" class="aligncenter size-large" src="/wp-content/uploads/2018/02/unifi_server_5.png" /></p <p> Provide cloud login credentials if you have these or skip this step. </p> <p class="align-center"> <img decoding="async" alt="" class="aligncenter size-large" src="/wp-content/uploads/2018/02/unifi_server_6.png" /></p <p> Log in to the web-interface. </p> <p class="align-center"> <img decoding="async" alt="" class="aligncenter size-large" src="/wp-content/uploads/2018/02/unifi_server_7.png" /></p <p> Done. You can now configure wireless network. </p> <h3> Additional notes </h3> <p> Go to <a target="_blank" rel="external noopener noreferrer" href="https://www.ubnt.com/download/unifi/">UniFi Controller downloads</a> for up-to-date firmware, software and documentation. </p> <h3> Additional notes </h3> <p> Default IP address on AP devices is <strong>192.168.1.20</strong>. </p> <p> Default username and password combination on AP devices is <strong>ubnt</strong>/<strong>ubnt</strong> or <strong>root</strong>/<strong>ubnt</strong>. Device authentication username and password is stored in <em>settings->site->services</em> on UniFi controller. You can copy it from there. </p> <p> You can bootstrap initial configuration using <code>/tmp/system.cfg</code> configuration file, do not edit files inside <code>/etc/sysinit/</code> directory. </p> <pre>

vi /tmp/system.cfg

          <p>
            Use <code>cfgmtd</code> utility to write modified file to flash.
          </p>
          
          <pre>

BZ.v3.8.6# cfgmtd

          <pre>

Usage: cfgmtd [options] -t <type> - Configuration type to use [1(active)|2(backup)]. (Default: 1(active)) -f <config file> - Configuration file to use. (Default: /tmp/system.cfg) -p <persistent directory> - Directory to persistent dir. (Default: none) -w - Write to flash action. -r - Read from flash action. -c - Clear flash action. -o <mtd|file name> - Use mtd or file name. (Default: cfg) -h - This message.

          <pre>

BZ.v3.8.6# cfgmtd -f /tmp/system.cfg -w

          <pre>

Found Backup1 on[1] … Found Active on[2] … Storing Active[1] … [%100] Active->Backup[2] … [%100]

          <p>
            Use <code>mca-cli</code> to send adoption request from AP device.
          </p>
          
          <pre>

$ ssh 172.16.0.21 -l ubnt BusyBox v1.11.2 (2017-07-12 21:44:37 PDT) built-in shell (ash) Enter ‘help’ for a list of built-in commands.

          <pre>

BZ.v3.8.6# mca-cli

          <pre>

UniFi# info

Model: UAP-AC Version: 3.8.6.6650 MAC Address: 24:a4:3c:30:a6:f4 IP Address: 172.16.0.21 Hostname: UBNT Uptime: 687 seconds

Status: Unable to resolve (http://unifi:8080/inform)

          <pre>

UniFi# set-inform https://172.16.0.10:8080/inform

          <pre>

Adoption request sent to ‘https://172.16.0.10:8080/inform’.

  1. please adopt it on the controller
  2. issue the set-inform command again
  3. <inform_url> will be saved after device is successfully managed

          <pre>

UniFi# reboot

          <p>
            There is also <code>/etc/persistent/</code> directory that can be used by various services.
          </p>
          
          <pre>

BZ.v3.8.6# grep -r persistent /etc/* 2>/dev/null

          <pre>

/etc/passwd:root:$1$M2dy9$…:0:0:Administrator:/etc/persistent:/bin/sh /etc/passwd:nobody:x:0:0:Administrator:/etc/persistent:/bin/false /etc/profile:if [ -e /etc/persistent/profile ]; then /etc/profile: . /etc/persistent/profile /etc/rc.d/rc.sysinit: if [ -e /etc/persistent/https/$f ]; then /etc/rc.d/rc.sysinit: ln -s /etc/persistent/https/$f /etc/httpd/$f /etc/rc.d/rc.sysinit: if [ ! -f /etc/persistent/dropbear_rsa_host_key ]; then /etc/rc.d/rc.sysinit: dropbearkey -t rsa -f /etc/persistent/dropbear_rsa_host_key /etc/rc.d/rc.sysinit: cp /etc/persistent/dropbear_rsa_host_key /var/run/dropbear_rsa_host_key /etc/rc.d/rc.sysinit: if [ ! -f /etc/persistent/dropbear_dss_host_key ]; then /etc/rc.d/rc.sysinit: dropbearkey -t dss -f /etc/persistent/dropbear_dss_host_key /etc/rc.d/rc.sysinit: cp /etc/persistent/dropbear_dss_host_key /var/run/dropbear_dss_host_key /etc/rc.d/rc.sysinit:/sbin/hotplug2 –persistent –set-rules-file /usr/etc/hotplug2.rules & /etc/rc.d/rc.modules:[ ! -e /etc/persistent/no-modules -a -d /etc/modules.d ] || exit 0

          <p>
            Just remember to store its contents.
          </p>
          
          <pre>

BZ.v3.8.6# cfgmtd -p /etc/ -w

          <pre>

Found Active on[1] … Found Backup1 on[2] … Storing Active[2] … [%100] Active->Backup[1] … [%100]

          <p>
            There is also very interesting <code>syswrapper.sh</code> shell script located on UniFi AP devices with many useful actions.
          </p>
          
          <pre>

BZ.v3.8.6# grep “^[a-z].*)$” /usr/bin/syswrapper.sh | sed ’s/)$//’

          <pre>

set-tmp-ip set-adopt set-channel ip-changed dhclient-renew-subnet dhclient-renew-dhcprange led-locate set-locate unset-locate set-custom-sysled unset-custom-sysled set-volume set-stream set-stream-media unset-stream scan scan-2G-background scan-5G-background spectrum-scan spectrum-scan-restore apply-config soft-restart save-config reload set-ready set-meshv3-payload unset-meshv3-payload ssh-adopt set-selfrun unset-selfrun restart restore-default download-firmware upgrade upgrade2 kick-sta kick-sta-on block-sta unblock-sta apply-blocked-sta authorize-guest unauthorize-guest apply-authorized-guests clear-authorized-guests refresh-walled-garden kill-mcad mca-custom-alert gen-sup gen-sup-file schedule-action run dfs-reset

          <p>
            Visit <a href="https://community.ubnt.com" rel="external noopener noreferrer" target="_blank">Ubiquiti community</a> for more relevant information.</p