Updated 2022-12-24: Added --bind_ip 127.0.0.1
to prevent remote MongoDB access in context with network_mode: host
. Thanks Matt Johnson for the suggestion 🙂
This setup runs both MongoDB and unifi using network_mode: host
, this is why we are running MongoDB on a nonstandard port (so it will not interfere with other MongoDB instances). This has the huge benefit of allowing direct Layer 2 network access allowing L2 access point adoption.
Create a directory such as /opt/unifi
and create docker-compose.yml
version: '2.3' services: mongo: image: mongo:3.6 network_mode: host restart: always volumes: - ./mongo_db:/data/db - ./mongo/dbcfg:/data/configdb command: mongod --bind_ip 127.0.0.1 --port 29718 controller: image: "jacobalberty/unifi:latest" depends_on: - mongo init: true network_mode: host restart: always volumes: - ./unifi_dir:/unifi - ./unifi_data:/unifi/data - ./unifi_log:/unifi/log - ./unifi_cert:/unifi/cert - ./unifi_init:/unifi/init.d - ./unifi_run:/var/run/unifi - ./unifi_backup:/unifi/data/backup environment: - DB_URI=mongodb://localhost:29718/unifi - STATDB_URI=mongodb://localhost:29718/unifi_stat - DB_NAME=unifi logs: image: bash depends_on: - controller command: bash -c 'tail -F /unifi/log/*.log' restart: always volumes: - ./unifi_log:/unifi/log
Now create the directories with the correct permissions:
mkdir -p unifi_backup unifi_cert unifi_data unifi_dir unifi_init unifi_log unifi_run chown -R 999:999 unifi_backup unifi_cert unifi_data unifi_dir unifi_init unifi_log unifi_run
Now you can use our script from Create a systemd service for your docker-compose project in 10 seconds to automatically start the controller on boot (and start it immediately):
curl -fsSL https://techoverflow.net/scripts/create-docker-compose-service.sh | sudo bash /dev/stdin
Now access https://<IP of controller>:8443
to get started with the setup or import a backup.