Installing Ubiquiti Unifi Controller on

CentOS 6.x
Apr 7, 2014 | Saved for Later, Systems

Upon needing to install a Ubiquiti Unifi controller on a VM recently, I found that they only
have official support for Windows and Debian variants. Although I enjoy Debian and the like
just fine, I thought Id give it a go to install the controller on CentOS 6.5.
Well:
1. Install CentOS
2. Update CentOS
3. Install MongoDB
4. Install Java JRE
5. Install UniFi
6. Create UniFi Service
7. Open Ports for UniFi through IPTables
8. Notes on SELinux
9. Wrap Up
1. Install CentOS
Funny enough, I thought I had a little article written on installing CentOS. Apparently I dont.
But dont be afraid, there are lots of articles on this simple process. Just search on the web
for Install CentOS and find one for the version your using. Most likely you wont be led too
far astray. (try this link)

2. Update CentOS
Updating CentOS is a simple command using Yum. You just want to make sure that
CentOS is up to date before its gets off the ground running.
# yum update -y

This will update all necessary files automatically from the built-in repos.

3. Install MongoDB
MongoDB is a great noSQL database that UniFi uses to store data.
see the MongoDB Manual for reference
1. Install the MongoDB repo.
# vi /etc/yum.repos.d/mongodb.repo

using copy/paste, add this to the file:

[mongodb]
name=MongoDB Repository
baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64/
gpgcheck=0
enabled=1

Save the file out (:x enter)

2. Install the mongoDB software.
# yum install -y mongo-10gen mongo-10gen-server

3. Start the MongoD service and enable startup through chkconfig.

# service mongod start
# chkconfig mongod on
4. Install Java JRE
UniFi requires Java to run. Lets install it!
1. Install JRE.
Frustrating as it is, you need to get the RPM from Oracle, but they require that you accept a
EULA in a webpage in order to do that. We can bypass this with a great little workaround.
At the time of writing, Java 7u51 was the latest. Well be installing that, but youll want to
check the Oracle Java Download Page in order to find out what your latest version is.
Otherwise, well run a wget on the RPM, accepting the cookie ( remember your version
might be different! ):
wget --no-cookies --no-check-certificate --header "Cookie:
gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-
oraclelicense-cookie" http://download.oracle.com/otn-
pub/java/jdk/8u144-b01/090f390dda5b47b9b72
1c7dfaa008135/jre-8u144-linux-x64.rpm

2. Install the RPM.

Youll now install the RPM ( remember that version might be different! ):
# rpm -ivh jre-8u144-linux-x64.rpm

5. Install UniFi
1. First off, we want to check and find out what the latest version is. At the time of writing,
we are still in the 2.x versions, and they are working out some kinks in the 3.x versions. I
am sure that theyll get that stable soon. Either way, youll want to check the UniFi Blog for
updates, and get the latest stable.
2. Next youll want to download the UniFi.unix.zip file from Ubiquiti. This file location is on
the blog. They unfortunately have a silly EULA as well, but at the time of writing I didnt
have the time to find the cookie, so just download and SFTP it over to the server.
3. Then well want to unzip the file, so get yourself to wherever you SFTPd the file to on the
server CLI and:
# unzip -q UniFi.unix.zip

4. Next, we will move that recently extracted directory to the /opt:

# mv ./UniFi /opt

5. After that, well want to make sure that the MongoD binary has a symbolic link into the
folder we just moved.
If you dont know where your MongoD binary is, you can search ( mine was located in
/usr/bin/ ):
# find / -name mongod

After youve located the bin file, you can make the symlink in /opt/UniFi/bin/:
# cd /opt//UniFi/bin/
# sudo ln -fs /usr/bin/mongod mongod

6. Create UniFi Service

You can use VI to create the init file and then paste the data into it. Youll want to check the
paths in the data your pasting to make sure they match up (they should, but just a warning).
# vi /etc/init.d/UniFi
#!/bin/bash
# chkconfig: 2345 95 20
# description: UniFi system
# processname: UniFi

ctrl_start()
{
#nohup java -jar JarFile.jar >myLogFile 2>>myErrorFile&
java -jar /opt/UniFi/lib/ace.jar start &
}

ctrl_stop()
{
java -jar /opt/UniFi/lib/ace.jar stop &
}

ctrl_restart()
{
ctrl_stop
sleep 1
ctrl_start
}
case "$1" in

start)

echo -n "starting UniFi system"

ctrl_start
echo " service started"
;;

stop)

echo -n "stopping UniFi system"

ctrl_stop
echo " service stopped"
;;

restart)

echo -n "restarting UniFi system"

ctrl_restart
echo "service restarted"
;;

*)

echo "usage: service UniFi {start|stop|restart}"

;;

esac
exit 0

Next, we want to make that service executable:

# chmod +x /etc/init.d/UniFi

And lastly well add it to run on boot with chkconfig:

# chkconfig UniFi on

7. Open Ports with IPTables

You can read what ports are required to be open on the server here. Well just get started
opening those ports in IPTables:
# vi /etc/sysconfig/iptables

We start by putting right above the ICMP line (-A INPUT -p icmp -j ACCEPT):
# -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080
-j ACCEPT

And well do the same for 8081, 8443, 8880, 8843, 27117.
We also want the UDP port 3478 to be open (little different syntax):
# -A INPUT -m state --state NEW -m udp -p udp --dport 3478
-j ACCEPT

You can save/exit out of VI with (:x enter) and restart the iptables service to commit the
changes:
# service iptables restart

8. Notes on SELinux
Seriously, take 50 minutes and enlighten yourself.
http://stopdisablingselinux.com/

9. Wrap Up
Reboot and youll be done.
Attempt ( with success ) to connect to http://yourserverip:8080 and get redirected to the self
signed SSL cert acceptance.
Great job installing the UniFi Controller on a more enterprise-friendly Linux distribution!