UniFi Controller

A Kubernetes configuration file for running the UniFi Controller with Podman.

Synopsis

Run the UniFi controller in a rootless container via Podman, configure it as a systemd service, and automate image updates. This project uses the docker-unifi-controller image provided by LinuxServer.io and uses a Kubernetes configuration file similar to the provided docker-compose.

Getting Started

The instructions here have been tested on Ubuntu 18.04.

Follow the Podman installation instructions to install Podman.

Clone this project’s Git repository.

➜ git clone https://github.com/jwillikers/unifi-controller.git ~/Projects/unifi-controller

Use podman-play-kube(1) to create the unifi-controller pod. The instructions here use rootless Podman containers running under the current user for increased security.
➜ podman play kube ~/Projects/unifi-controller/unifi-controller.yml
ℹ️

The container will store persistent data in a Podman volume with the same name as the Persistent Volume Claim.
Access the controller’s web console at https://127.0.0.1:8443/.
fish
➜ open http://127.0.0.1:8443
Other shells
➜ xdg-open http://127.0.0.1:8443

Automate

Podman makes it extremely easy to set up your pods as systemd services. It also offers deeper integration with systemd services within the containers themselves. Follow the instructions here to configure the unifi-controller pod to be managed as a service by systemd and automatically started when your user logs in.

Create the systemd directory for user units.
```
➜ mkdir -p ~/.config/systemd/user/
```
Change to this directory.
```
➜ cd ~/.config/systemd/user/
```

To view your current pods, use the following command.

➜ podman pod ps
POD ID        NAME              STATUS   CREATED         INFRA ID      # OF CONTAINERS
a8a533215a75  unifi-controller  Running  47 minutes ago  ccf291de56ac  2

Generate the systemd service unit files for the unifi-controller pod with podman-generate-systemd(1).
Here I generate the actual files using the --files option and use the --name option to name them using the pod name instead of the hash. The --new option creates a new container when the service starts and destroys the container when it stops. This option allows Podman to automatically apply updates to the container.
➜ podman generate systemd --files --name --new unifi-controller /home/jordan/.config/systemd/user/pod-unifi-controller.service /home/jordan/.config/systemd/user/container-unifi-controller_unifi-controller_1.service

Enable the pod’s systemd service unit.

➜ systemctl --user enable --now pod-unifi-controller.service
Created symlink /home/jordan/.config/systemd/user/multi-user.target.wants/pod-unifi-controller.service → /home/jordan/.config/systemd/user/pod-unifi-controller.service.
Created symlink /home/jordan/.config/systemd/user/default.target.wants/pod-unifi-controller.service → /home/jordan/.config/systemd/user/pod-unifi-controller.service.

Enable automatic updates of the container image.
Podman ships with both system and user auto-update timers for systemd. Here I enable the user timer to activate the auto-update service. The timer is runs daily.
➜ systemctl --user enable --now podman-auto-update.timer Created symlink /home/jordan/.config/systemd/user/timers.target.wants/podman-auto-update.timer → /usr/lib/systemd/user/podman-auto-update.timer.

Contributing

Contributions in the form of issues, feedback, and even pull requests are welcome. Make sure to adhere to the project’s Code of Conduct.

Open Source Software

This project is built on the hard work of countless open source contributors. Several of these projects are enumerated below.

Code of Conduct

The project’s Code of Conduct is available in the Code of Conduct file.

License

This repository is licensed under the GPLv3, available in the license file.

Authors

Jordan Williams