This is a short simple guide to assist users with installing the Ubiquiti UniFi Controller required for all UniFi devices on a CentOS 7 Server.
First we need to update our CentOS server and disable SELinux:
yum -y update sed -i /etc/selinux/config -r -e 's/^SELINUX=.*/SELINUX=disabled/g' systemctl reboot
NOTE: you dont need to disable SELinux however may experience issues if it isn’t setup correctly.
Now we need to make sure we have EPEL Repo:
yum -y install epel-release
Install services required by the Controller:
yum -y install mongodb-server java-1.8.0-openjdk unzip wget
Create our service user account:
useradd -r ubnt -s /sbin/nologin
We put the -s /sbin/nologin so that this user cannot be logged in as a user, only the service will be able to use this account.
Download and extract the UniFi Controller software:
cd ~ && wget http://dl.ubnt.com/unifi/5.3.11/UniFi.unix.zip unzip -q UniFi.unix.zip -d /opt chown -R ubnt:ubnt /opt/UniFi
At the time of writing the latest version was v5.3.11, change the version number in the download link to the latest version.
Create a startup script for use with Systemd:
vi /etc/systemd/system/unifi.service --- # # Systemd unit file for UniFi Controller # [Unit] Description=UniFi Controller After=syslog.target network.target [Service] Type=simple User=ubnt WorkingDirectory=/opt/UniFi ExecStart=/usr/bin/java -Xmx1024M -jar /opt/UniFi/lib/ace.jar start ExecStop=/usr/bin/java -jar /opt/UniFi/lib/ace.jar stop SuccessExitStatus=143 [Install] WantedBy=multi-user.target ---
Configure Firewalld:
systemctl stop firewalld.service vi /etc/firewalld/services/unifi.xml --- <?xml version="1.0" encoding="utf-8"?> <service version="1.0"> <short>unifi</short> <description>UniFi Controller</description> <port port="8081" protocol="tcp"/> <port port="8080" protocol="tcp"/> <port port="8443" protocol="tcp"/> <port port="8880" protocol="tcp"/> <port port="8843" protocol="tcp"/> <port port="10001" protocol="udp"/> <port port="3478" protocol="udp"/> </service> ---
Once the firewall rules xml file is created we need to add this to our firewall zones, the default zone will be public but you should know for your firewall.
systemctl start firewalld.service firewall-cmd --permanent --zone=public --add-service=unifi
Enable the service to run when the server boots:
systemctl enable unifi.service
Remove the zip and reboot the server:
rm -rf ~/UniFi.unix.zip systemctl reboot
Once the server is back online you should be able to access the controller via the URL: https://FQDN_or_IP:8443 Follow the simple wizard to complete the setup of your controler, I would also recommend you register with Ubiquiti when you setup the controller, this will allow you to manage it remotely on a mobile device.
Credit to: https://deviantengineer.com