Install Ubiquiti Unifi Network Controller on CentOS 7

From Nearline Storage
Jump to navigation Jump to search

Generate Installation RPM From DEB Distribution

Ubiquiti distributes the software as a DEB package: https://www.ui.com/download/unifi/

$ sudo alien --to-rpm --scripts --target=x86_64 unifi_sysvinit_all.deb
$ rpmrebuild -ep unifi-6.0.41_14327-2.x86_64.rpm

The file list and the scripts in the package SPEC must be modified during the rpmrebuild step. These are the changes that need to be made:

--- unifi.spec.orig	2020-12-15 18:46:54.858689951 -0500
+++ unifi.spec	2020-12-16 07:53:43.774814565 -0500
@@ -105,10 +105,10 @@
 Provides:      unifi(x86-64) = 6.0.41_14327-2
 Requires:      /bin/bash  
 Requires:      /bin/sh  
-Requires:      /bin/sh  
-Requires:      /bin/sh  
-Requires:      /bin/sh  
-Requires:      /bin/sh  
+Requires:      apache-commons-daemon-jsvc
+Requires:      apache-commons-daemon
+Requires:      redhat-lsb-core
+Requires:      mongodb-server
 #Requires:      rpmlib(CompressedFileNames) <= 3.0.4-1
 #Requires:      rpmlib(FileDigests) <= 4.6.0-1
 #Requires:      rpmlib(PayloadFilesHavePrefix) <= 4.0-1
@@ -125,19 +125,9 @@
 
 (Converted from a deb package by alien version 8.95.)
 %files
-%dir %attr(0755, root, root) "/etc"
-%dir %attr(0755, root, root) "/etc/init.d"
-%attr(0777, root, root) "/etc/init.d/unifi"
-%dir %attr(0755, root, root) "/etc/logrotate.d"
 %attr(0644, root, root) "/etc/logrotate.d/unifi"
-%dir %attr(0755, root, root) "/etc/pam.d"
 %attr(0644, root, root) "/etc/pam.d/unifi"
-%dir %attr(0755, root, root) "/lib"
-%dir %attr(0755, root, root) "/lib/systemd"
-%dir %attr(0755, root, root) "/lib/systemd/system"
 %attr(0644, root, root) "/lib/systemd/system/unifi.service"
-%dir %attr(0755, root, root) "/usr"
-%dir %attr(0755, root, root) "/usr/lib"
 %dir %attr(0755, root, root) "/usr/lib/unifi"
 %dir %attr(0755, root, root) "/usr/lib/unifi/bin"
 %attr(0755, root, root) "/usr/lib/unifi/bin/ubnt-apttool"
@@ -6182,174 +6172,36 @@
 %dir %attr(0755, root, root) "/usr/share/doc/unifi"
 %doc %attr(0644, root, root) "/usr/share/doc/unifi/changelog.Debian.gz"
 %doc %attr(0644, root, root) "/usr/share/doc/unifi/changelog.gz"
-%pre -p /bin/sh
-#!/bin/sh -e
-
-. /usr/share/debconf/confmodule
-
-if [ -f /var/lib/unifi/db/version ]; then
-    echo "Previous setting (UniFi $(cat /var/lib/unifi/db/version)) is found."
-
-    db_fset unifi/has_backup seen false
-    db_input critical unifi/has_backup || true
-    db_go
-
-    db_get unifi/has_backup
-    if [ "$RET" = "false" ]; then
-        db_input critical unifi/err_no_backup || true
-        db_go
-        exit 2
-    fi
-fi
 %post -p /bin/sh
-#!/bin/sh
-set -e
-mkdir /tmp/alien.$$
-perl -pe '$_=unpack("u",$_)' << '__EOF__' > /tmp/alien.$$/script
-M(R$O8FEN+V)A<V@*"DY!344]=6YI9FD*0D%%3141)4CTO=7-R+VQI8B\D>TY!
-M345]"@I;("UF("]E=&,O9&5F875L="\D>TY!345](%%T@)B8@+B`O971C+V1E
-M9F%%U;'0O)'M.04U%%?0H*1$%%4041)4CTD>U5.249)7T1!5$%%?1$E2.BTO=F%%R
-M+VQI8B\D3D%%-17T*3$]'1$E2/21[54Y)1DE?3$]'7T1)4CHM+W9A<B]L;V<O
-M)$Y!345]"D-/1$50051(/21[0D%%3141)4GT*4E5.1$E2/21[54Y)1DE?4E5.
-M7T1)4CHM+W9A<B]R=6XO)$Y!345]"@IF;W(@:2!I;B`D*'-E<2`Q(#$P*3L@
-M9&\*("`@(%%L@+7H@(B0H<&=R97`@+68@)'M#3T1%%4$%%42'TO;&EB+V%%C92YJ
-M87(I(B!=("8F(&)R96%%K"B`@("`C(&=R86-E9G5L('-H=71D;W=N"B`@("!;
-M("1I("UG="`Q(%%T@)B8@6R`M9"`D>U)53D1)4GT@72`F)B!T;W5C:"`D>U)5
-M3D1)4GTO<V5R=F5R+G-T;W`@?'P@=')U90H@("`@(R!S879A9V4@<VAU=&1O
-M=VX*("`@(%%L@)&D@+6=T(#<@72`F)B!P:VEL;"`M9B`D>T-/1$50051(?2]L
-M:6(O86-E+FIA<B!\?"!T<G5E"B`@("!S;&5E<"`Q"F1O;F4*"G-E<G9I8V5?
-M8W1R;"@I('L*("`@(&EF(%%L@+60@+W)U;B]S>7-T96UD+W-Y<W1E;2!=.R!T
-M:&5N"B`@("`@("`@<WES=&5M8W1L("TM<WES=&5M(&1A96UO;BUR96QO860@
-M/B]D978O;G5L;"!\?"!T<G5E"B`@("`@("`@9&5B+7-Y<W1E;60M:6YV;VME
-M("0R("0Q+G-E<G9I8V4@/B]D978O;G5L;"!\?"!T<G5E"B`@("!E;&EF('=H
-M:6-H(&EN=F]K92UR8RYD(#XO9&5V+VYU;&P@,CXF,3L@=&AE;@H@("`@("`@
-M(&EN=F]K92UR8RYD("0Q("0R"B`@("!E;'-E"B`@("`@("`@+V5T8R]I;FET
-M+F0O)#$@)#(*("`@(&9I"GT*"G-Y<W1E;61?<V5T=7`H*2!["B`@("!L;V-A
-M;"!S>7-T96UD7VAE;'!E<@H@("`@<WES=&5M9%%]H96QP97(]+W5S<B]B:6XO
-M9&5B+7-Y<W1E;60M:&5L<&5R"B`@("!I9B!;("$@+7@@)'MS>7-T96UD7VAE
-M;'!E<GT@73L@=&AE;@H@("`@("`@(')E='5R;B`P.PH@("`@9FD*"B`@("`D
-M>W-Y<W1E;61?:&5L<&5R?2!U;FUA<VL@)'M.04U%%?2YS97)V:6-E(#XO9&5V
-M+VYU;&P@?'P@=')U90H@("`@:68@)'MS>7-T96UD7VAE;'!E<GT@+2UQ=6EE
-M="!W87,M96YA8FQE9"`D>TY!345]+G-E<G9I8V4@/B]D978O;G5L;#L@=&AE
-M;@H@("`@("`@("1[<WES=&5M9%%]H96QP97)](&5N86)L92`D>TY!345]+G-E
-M<G9I8V4@/B]D978O;G5L;"!\?"!T<G5E"B`@("!E;'-E"B`@("`@("`@)'MS
-M>7-T96UD7VAE;'!E<GT@=7!D871E+7-T871E("1[3D%%-17TN<V5R=FEC92`^
-M+V1E=B]N=6QL('Q\('1R=64*("`@(&9I"GT*"E5-05-+/3`R-PIU;6%%S:R`D
-M>U5-05-+?0H*:68@6R`B)#$B(#T@(F-O;F9I9W5R92(@72`[('1H96X*("`@
-M(%%5.249)7U5315(])'M53DE&25]54T52.BUU;FEF:7T*("`@($9)3$5?34]$
-M13TD*'!R:6YT9B`G)7@G("0H*#!X-S<W-R`M(#!X)'M534%%32WT@)B`P>#`V
-M-C8I*2D*("`@($1)4E]-3T1%%/20H<')I;G1F("<E>"<@)"@H,'@W-S<W("T@
-M,'@D>U5-05-+?2`F(#!X,#<W-RDI*0H*("`@(&EF("$@:60@)'M53DE&25]5
-M4T52?2`^+V1E=B]N=6QL(#(^)C$[('1H96X*("`@("`@("!A9&1U<V5R("TM
-M<WES=&5M("TM:&]M92`D>T1!5$%%$25)]("TM;F\M8W)E871E+6AO;64@+2UG
-M<F]U<"`M+61I<V%%B;&5D+7!A<W-W;W)D("TM<75I970@)'M53DE&25]54T52
-M?0H@("`@9FD*("`@(%%5.249)7T=23U50/20H:60@+6=N("1[54Y)1DE?55-%%
-M4GTI"@H@("`@6R`M92`D>T1!5$%%$25)](%%T@?'P@:6YS=&%%L;"`M;R`D>U5.
-M249)7U5315)]("UG("1[54Y)1DE?1U)/55!]("UM("1[1$E27TU/1$5]("UD
-M("1[1$%%4041)4GT*("`@(%%L@+64@)'M,3T=$25)](%%T@?'P@:6YS=&%%L;"`M
-M;R`D>U5.249)7U5315)]("UG("1[54Y)1DE?1U)/55!]("UM("1[1$E27TU/
-M1$5]("UD("1[3$]'1$E2?0H@("`@6R`M92`D>U)53D1)4GT@72!\?"!I;G-T
-M86QL("UO("1[54Y)1DE?55-%%4GT@+6<@)'M53DE&25]'4D]54'T@+6T@)'M$
-M25)?34]$17T@+60@)'M254Y$25)]"@H@("`@8VAO=VX@+6@@)'M53DE&25]5
-M4T52?3HD>U5.249)7T=23U50?2`D>T1!5$%%$25)]("1[3$]'1$E2?2`D>U)5
-M3D1)4GT@)B8@8VAO=VX@+5)(("1[54Y)1DE?55-%%4GTZ)'M53DE&25]'4D]5
-M4'T@)'M$051!1$E2?2`D>TQ/1T1)4GT@)'M254Y$25)]"@H@("`@=7!D871E
-M+7)C+F0@=6YI9FD@9&5F875L=',@.3(@,#@*("`@(&QN("US9B`D*'=H:6-H
-M(&UO;F=O9"D@)'M#3T1%%4$%%42'TO8FEN+VUO;F=O9`H*("`@(')M("UR9B`D
-M>T-/1$50051(?2]C;VYF"F9I"@IS>7-T96UD7W-E='5P"G-E<G9I8V5?8W1R
-8;"`D>TY!345]('-T87)T"@IE>&ET(#`*
-__EOF__
-chmod 755 /tmp/alien.$$/script
-/tmp/alien.$$/script "$@"
-rm -f /tmp/alien.$$/script
-rmdir /tmp/alien.$$
+#!/bin/sh -e
+NAME=unifi
+[ ! id "${NAME}" 2>/dev/null ] || useradd -M -s/sbin/nologin ${NAME}
+[ -d /var/lib/${NAME} ] || mkdir /var/lib/${NAME}
+chown -R ${NAME} /var/lib/${NAME}
+[ -d /var/log/${NAME} ] || mkdir /var/log/${NAME}
+chown -R ${NAME} /var/log/${NAME}
+[ -d /var/run/${NAME} ] || mkdir /var/run/${NAME}
+chown -R ${NAME} /var/run/${NAME}
+[ -x /usr/lib/${NAME}/bin/mongod ] || ln -s /usr/bin/mongod /usr/lib/${NAME}/bin/mongod
+exit 0
 %preun -p /bin/sh
 #!/bin/sh -e
-
 CODEPATH=/usr/lib/unifi
-
-if [ "$1" = "remove" ] || [ "$1" = "upgrade" ] ; then
-    if [ -d /run/systemd/system ]; then
-      deb-systemd-invoke stop "unifi.service" >/dev/null
-    elif which invoke-rc.d >/dev/null 2>&1; then
-        invoke-rc.d unifi stop
-    else
-        /etc/init.d/unifi stop
-    fi
-    for i in $(seq 1 30); do
-        [ -z "$(pgrep -f ${CODEPATH}/lib/ace.jar)" ] && break
-        # graceful shutdown
-        [ $i -gt 1 ] && touch ${CODEPATH}/run/server.stop || true
-        # savage shutdown
-        [ $i -gt 15 ] && pkill -f ${CODEPATH}/lib/ace.jar || true
-        sleep 1
-    done
-    [ ! -d ${CODEPATH}/webapps/ROOT ] || rm -rf ${CODEPATH}/webapps/ROOT
-    [ ! -d ${CODEPATH}/work ] || rm -rf ${CODEPATH}/work
-    rm -rf ${CODEPATH}/data ${CODEPATH}/logs ${CODEPATH}/run ${CODEPATH}/bin/mongod
-fi
+if [ -d /run/systemd/system ]; then
+	systemctl stop "unifi.service" >/dev/null
+[ ! -d ${CODEPATH}/webapps/ROOT ] || rm -rf ${CODEPATH}/webapps/ROOT
+[ ! -d ${CODEPATH}/work ] || rm -rf ${CODEPATH}/work
+rm -rf ${CODEPATH}/data ${CODEPATH}/logs ${CODEPATH}/run ${CODEPATH}/bin/mongod
 exit 0
 %postun -p /bin/sh
 #!/bin/sh -e
-
 NAME=unifi
-BASEDIR=/usr/lib/${NAME}
-
-[ -f /etc/default/${NAME} ] && . /etc/default/${NAME}
-
-DATADIR=${UNIFI_DATA_DIR:-/var/lib/$NAME}
-LOGDIR=${UNIFI_LOG_DIR:-/var/log/$NAME}
-RUNDIR=${UNIFI_RUN_DIR:-/var/run/$NAME}
-
-[ -z "${UNIFI_DATA_DIR}" ] || DATADIR=${UNIFI_DATA_DIR}
-[ -z "${UNIFI_LOG_DIR}" ] || LOGDIR=${UNIFI_LOG_DIR}
-[ -z "${UNIFI_RUN_DIR}" ] || RUNDIR=${UNIFI_RUN_DIR}
-
-systemd_helper=/usr/bin/deb-systemd-helper
-
-systemd_remove() {
-    [ -x ${systemd_helper} ] || return 0
-    ${systemd_helper} mask ${NAME}.service > /dev/null
-}
-
-systemd_purge() {
-    [ -x ${systemd_helper} ] || return 0
-    ${systemd_helper} purge ${NAME}.service > /dev/null
-    ${systemd_helper} unmask ${NAME}.service > /dev/null
-}
-
-case "$1" in
-    failed-upgrade|abort-install|abort-upgrade|disappear)
-        echo "$1: please reinstall previous version"
-        echo ""
-        echo "sudo apt-get install --reinstall unifi=$2"
-        echo ""
-        exit 2
-    ;;
-
-    remove|upgrade)
-        systemd_remove
-        update-rc.d -f unifi remove
-    ;;
-
-    purge)
-        update-rc.d -f unifi remove
-        systemd_purge
-        [ ! -d ${DATADIR} ] || rm -rf ${DATADIR}
-        [ ! -d ${LOGDIR} ] || rm -rf ${LOGDIR}
-        [ ! -d ${RUNDIR} ] || rm -rf ${RUNDIR}
-
-        . /usr/share/debconf/confmodule
-        db_purge
-
-        deluser ${UNIFI_USER:-unifi}
-    ;;
-
-    *)
-        echo "postrm called with unknown argument \`$1'" >&2
-        exit 1
-    ;;
-esac
-
+DATADIR=/var/lib/$NAME}
+LOGDIR=/var/log/$NAME}
+RUNDIR=/var/run/$NAME}
+[ ! -d ${DATADIR} ] || rm -rf ${DATADIR}
+[ ! -d ${LOGDIR} ] || rm -rf ${LOGDIR}
+[ ! -d ${RUNDIR} ] || rm -rf ${RUNDIR}
+userdel --remove $NAME
 exit 0
 %changelog

Install The RPM

$ sudo dnf install /home/dlk/rpmbuild/RPMS/x86_64/unifi-6.0.41_14327-2.x86_64.rpm

Modify The systemd Startup Script

Create an /etc/sysconfig/unifi file that looks like this:

#
#  Location of the JVM used to run the Unifi Network Controller
#
JAVA_HOME=/PATH/TO/ORACLE/JVM

A Java 8 JRE is required to run the controller, see the FAQ in the setup instructions for details on system requirements.

Create an /etc/systemd/system/unifi.service.d/override.conf file that looks like this:

[Service]
EnvironmentFile=/etc/sysconfig/unifi
ExecStart=
ExecStart=/bin/jsvc -cwd /usr/lib/unifi -home $JAVA_HOME -cp /usr/share/java/commons-daemon.jar:/usr/lib/unifi/lib/ace.jar -pidfile /var/run/unifi.pid -procname unifi -outfile SYSLOG -errfile SYSLOG -umask 027 -user unifi -Dunifi.datadir=/var/lib/unifi -Dunifi.logdir=/var/log/unifi -Dunifi.rundir=/var/run/unifi -Dunifi.core.enabled=false -Xmx1024M -Djava.awt.headless=true -Dfile.encoding=UTF-8 com.ubnt.ace.Launcher start
ExecStop=
ExecStop=/bin/jsvc -cwd /usr/lib/unifi -home $JAVA_HOME -cp /usr/share/java/commons-daemon.jar:/usr/lib/unifi/lib/ace.jar -pidfile /var/run/unifi.pid -procname unifi -outfile SYSLOG -errfile SYSLOG -umask 027 -user unifi -Dunifi.datadir=/var/lib/unifi -Dunifi.logdir=/var/log/unifi -Dunifi.rundir=/var/run/unifi -Dunifi.core.enabled=false -Xmx1024M -Djava.awt.headless=true -Dfile.encoding=UTF-8 -stop com.ubnt.ace.Launcher stop
ExecReload=

Open Server Firewall Ports

$ sudo firewall-cmd --add-port 8080/tcp --add-port 8443/tcp --add-port 3478/udp
$ sudo firewall-cmd --add-port 8080/tcp --add-port 8443/tcp --add-port 3478/udp --permanent