In my two previous posts i documented the use of Raspberry Pi as a VPN gateway using WireGuard and a DNS + DHCP server using Pi-Hole.
If you, like me, are using Ubiquity Unifi products, you can safely use your Raspberry Pi, to run the Unifi Controller as well. Lets get started.
Install haveged
Not really necessary, but the startup of the Unifi Controller can take a bit long on a Raspberry Pi. Since your Pi will be running 24/7 it’s not a big deal, but we can speed it up any way.
sudo apt install haveged -y
Update Java 8
Starting with version 5.10.x the old Java version that comes with Raspbian isn’t supported anymore. So we are going to replace it with OpenJDK 8.
sudo apt purge java7* sudo apt purge java8* sudo apt autoremove sudo apt install openjdk-8-jre-headless -y
Add the repository for the Unifi Controller and authenticate
Unifi Controller is not listed in the default repositories, so we need to add it first:
echo 'deb http://www.ui.com/downloads/unifi/debian stable ubiquiti' | sudo tee /etc/apt/sources.list.d/100-ubnt-unifi.list sudo wget -O /etc/apt/trusted.gpg.d/unifi-repo.gpg https://dl.ubnt.com/unifi/unifi-repo.gpg
Install the Unifi Controller
We now have added the software to our list of available software and have the ability to check its authenticity. So let’s download the software and install the Unifi Controller on the Raspberry Pi:
sudo apt update; sudo apt install unifi -y
Cleanup MongoDB
The installation may take a couple of minutes to complete. When done, we need to remove the default database that comes with MongoDB instance. This would only waste resources of our Pi, so we get rid of it:
sudo systemctl stop mongodb sudo systemctl disable mongodb
Split memory
Since you are probably using a headless (no monitor) Raspberry you can reduce the amount of ram used by the GPU. By default, the Pi has assigned 64MB RAM to the GPU. We can reduce that amount for RAM to 16MB, leaving more RAM available.
Open the Raspberry Pi config with the following command:
sudo raspi-config
Advanced Options A3 Memory Split Change 64 to 16MB Enter and Esc to close
Make sure you reboot the Pi to apply the changes.
All done, just open your Chrome or Firefox to the address of the Pi on the port 8443
https://xxx.xxx.xxx.xxx:8443/
and start adopting!!
Important
If you are using iptables to limit access to your Raspberry you need to open some ports. The ports are documented in this link
sudo iptables -A INPUT -i eth0 -p udp --dport 3478 -j ACCEPT sudo iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT sudo iptables -A INPUT -i eth0 -p tcp --dport 8443 -j ACCEPT sudo iptables -A INPUT -i eth0 -p tcp --dport 8880 -j ACCEPT sudo iptables -A INPUT -i eth0 -p tcp --dport 8843 -j ACCEPT sudo iptables -A INPUT -i eth0 -p tcp --dport 6789 -j ACCEPT sudo iptables -A INPUT -i eth0 -p tcp --dport 27117 -j ACCEPT sudo iptables -A INPUT -i eth0 -p udp --dport 10001 -j ACCEPT sudo iptables -A INPUT -i eth0 -p udp --dport 1900 -j ACCEPT sudo iptables -A INPUT -i eth0 -p udp --match multiport --dports 5656:5699 -j ACCEPT sudo iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT sudo iptables -A INPUT -i eth0 -p udp --dport 443 -j ACCEPT sudo iptables -A INPUT -i eth0 -p tcp --dport 8883 -j ACCEPT sudo netfilter-persistent save sudo netfilter-persistent reload
All the credit for the post goes to this guy:
https://lazyadmin.nl/home-network/installing-unifi-controller-on-a-raspberry-pi-in-5-min/
... 