progrez.cloud

Install UniFi Controller on CentOS 8

25 November 2020

Ubiquiti only officially supports installing the UniFi SDN controller on Debian and Ubuntu. If you prefer CentOS, the process to install the UniFi SDN controller is below.


Step-by-step guide


Install the EPEL repo

yum install epel-release

Add a user account to run the controller

useradd -r ubnt

Install MongoDB version 3.4

Create the repo file

nano /etc/yum.repos.d/mongodb-org-3.4.repo

Paste the contents into the file

[mongodb-org-3.4]
name=MongoDB Repository
#baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.4/x86_64/
#hard-coded release number since there is not one for CentOS 8
baseurl=https://repo.mongodb.org/yum/redhat/7/mongodb-org/3.4/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.4.asc

Save the file

Refresh the repo list

yum repolist

Install the package

yum install mongodb-org

Install Java 8

Change directory into the temp folder

cd /tmp

Download the package

Go to the Java Manual Downloads page and get the URL for Linux x64 RPM.

wget https://the-url-from-java-download-page

Find the name of the package that was downloaded. It should be something like jre-8u161-linux-x64.rpm

Install the RPM package

yum localinstall jre-8u161-linux-x64.rpm

Install the generic Linux version of the UniFi SDN controller

Find the latest version number from the UniFi download page

Download the ZIP file

wget https://dl.ui.com/unifi/[version]/UniFi.unix.zip

Fill in [version] with the correct version number. ex. /unifi/6.0.36/UniFi.unix.zip

Unzip the contents

unzip -q UniFi.unix.zip -d /opt

Set the correct owner for the new files

chown -R ubnt:ubnt /opt/UniFi

Create the startup script

nano /etc/systemd/system/unifi.service

Paste the contents into the new startup script

# Systemd unit file for UniFi Controller #
 
[Unit]
Description=UniFi Controller
After=syslog.target network.target
 
[Service]
Type=simple
User=ubnt
ExecStart=/usr/bin/java -Xmx1024M -jar /opt/UniFi/lib/ace.jar start
ExecStop=/usr/bin/java -jar /opt/UniFi/lib/ace.jar stop
SuccessExitStatus=143
 
[Install]
WantedBy=multi-user.target

Set the service to start on system boot

systemctl enable unifi

Start the service

systemctl start unifi

Open firewall ports

Open the web admin interface port


If your server is connected directly to the Internet, you should not open web admin ports for security reasons. Admin ports should be accessed through a secure channel, like a VPN.

firewall-cmd --permanent --add-port=8443/tcp

Open the two ports needed for device management

firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --permanent --add-port=3478/udp

Reload the firewall for settings to take effect


firewall-cmd --reload

Go to your controller's web address in a browser.

The address will be the FQDN or IP followed by the admin port, 8443.


https://192.168.1.100:8443

It is safe to bypass certificate warnings since the controller does not have publicly trusted certificates installed.

That's it! Everything should be working!