1 minute read

Unifi Application screenshots as per Unifi's own product page

I finally got tired of my old 802.11n Apple Airport Express(!) that has been serving the kitchen part of our house with an Internet connection for many years. Effectively it tops out at ~100Mbps speeds and has pretty poor range. It is being replaced by a Ubiquiti Unifi6 Lite access point.

EDIT: I replaced both Airport base stations with two Ubiquiti Unifi6 LR access points as the Lite turned out to be too small for my needs and once I had tried I wanted to modernize my entire WiFi setup.

In preparation for this, I decided to set up a local instance of the Unifi network application on a VM. While researching the install process, I found an excellent and apparently blessed by Ubiquiti shell script that installs the prerequisites and the application. After reading it through I see nothing wrong with the current version, but as it is almost 160 KB of text and there’s no kind of verification that what you download actually is what the author intended, I’m not entirely comfortable running it blindly. Instead I took a couple of hours to understand what it does and ported its main features to Ansible, resulting in a completely readable 2 KB playbook.

What’s missing compared to the original script is a) certificate management via Let’s Encrypt, and b) cleanup of failed previous installations, removal of invalid prerequisite software versions, etc. For a) in my network I would set up the certificate request/renewal on my reverse proxy which already has all the required bits in place, and then copy the valid certificate to the Unifi server and restart the services using recurring cron jobs. For b) I prefer the cattle way of managing servers: Running the playbook against a fresh Ubuntu installation ensures I don’t have to deal with – possibly even manually configured and undocumented – cruft.

The Ansible role can be downloaded from my Git repo here.

As the people at Ubiquiti provide a dpkg/.deb repository, this work had the added benefit of forcing me to generalize my KVM virtual machine deployment playbook a bit: I had started out with an extremely simple Cloud-Init config which worked well with the Fedora Server cloud-base image, but which made no sense on the Ubuntu Server equivalent. The new version works well with both of them, and can be downloaded from this Git repo.