Mikael Hansson

Arbitrary thoughts, mostly on computery stuff. See Projects for more longform howtos.

Deploying a Ubiquiti Unifi appliance with Ansible

1 minute read

Unifi Application screenshots as per Unifi's own product page

I finally got tired of my old 802.11n Apple Airport Express(!) that has been serving the kitchen part of our house with an Internet connection for many years. Effectively it tops out at ~100Mbps speeds and has pretty poor range. It is being replaced by a Ubiquiti Unifi6 Lite access point.

EDIT: I replaced both Airport base stations with two Ubiquiti Unifi6 LR access points as the Lite turned out to be too small for my needs and once I had tried I wanted to modernize my entire WiFi setup.

In preparation for this, I decided to set up a local instance of the Unifi network application on a VM. While researching the install process, I found an excellent and apparently blessed by Ubiquiti shell script that installs the prerequisites and the application. After reading it through I see nothing wrong with the current version, but as it is almost 160 KB of text and there’s no kind of verification that what you download actually is what the author intended, I’m not entirely comfortable running it blindly. Instead I took a couple of hours to understand what it does and ported its main features to Ansible, resulting in a completely readable 2 KB playbook.

What’s missing compared to the original script is a) certificate management via Let’s Encrypt, and b) cleanup of failed previous installations, removal of invalid prerequisite software versions, etc. For a) in my network I would set up the certificate request/renewal on my reverse proxy which already has all the required bits in place, and then copy the valid certificate to the Unifi server and restart the services using recurring cron jobs. For b) I prefer the cattle way of managing servers: Running the playbook against a fresh Ubuntu installation ensures I don’t have to deal with – possibly even manually configured and undocumented – cruft.

The Ansible role can be downloaded from my Git repo here.

As the people at Ubiquiti provide a dpkg/.deb repository, this work had the added benefit of forcing me to generalize my KVM virtual machine deployment playbook a bit: I had started out with an extremely simple Cloud-Init config which worked well with the Fedora Server cloud-base image, but which made no sense on the Ubuntu Server equivalent. The new version works well with both of them, and can be downloaded from this Git repo.

You May Also Enjoy

Connecting to Home from Abroad

3 minute read

A long time ago I set up a VPN server on my pfSense network gateway. Then I switched away from pfSense, and then Covid happened, and during a number of years...

Fixing Performance Issues in Dirt Rally 2.0

less than 1 minute read

A while ago I suddenly began seeing wild framerate fluctuations and gradual performance drops as stages progressed in my current favorite car game, Dirt Rall...

Lenovo X260 as a Unix workhorse

1 minute read

I’m writing this post from an old Lenovo X260 on which I’ve installed Fedora 39. For desktop usage this is currently my favorite Linux distribution: It suppo...

Alternatives to ESXi in the Home Lab

4 minute read

On Valentine’s day this year, Broadcom did what many of us expected it to do, and decapitated the free vSphere (ESXi) hypervisor.