128 lines
3.0 KiB
YAML
128 lines
3.0 KiB
YAML
---
|
|
|
|
- name: install certs
|
|
copy:
|
|
src: "/usr/local/etc/letsencrypt/live/{{ item }}"
|
|
dest: "/usr/local/etc/certs/"
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
tags:
|
|
- letsencrypt
|
|
- letsencrypt-certs
|
|
notify: reload nginx
|
|
vars:
|
|
prediff_cmd: echo
|
|
with_items:
|
|
- "{{ domain }}"
|
|
- "{{ inventory_hostname.split('.')[1:] | join('.') }}"
|
|
|
|
- name: template nginx vhost
|
|
template:
|
|
src: 02-unifi.conf.j2
|
|
dest: /etc/nginx/sites-enabled/01-unifi
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
tags:
|
|
- nginx
|
|
- unifi-nginx
|
|
notify: reload nginx
|
|
|
|
- name: create dir structure
|
|
file:
|
|
state: directory
|
|
path: "{{ unifi_root }}/{{ item.name }}"
|
|
owner: "{{ systemuserlist.unifi.uid }}"
|
|
group: "{{ systemuserlist.unifi.gid }}"
|
|
mode: "{{ item.mode | default('0770') }}"
|
|
tags:
|
|
- unifi-dirs
|
|
loop_control:
|
|
label: "{{ item.name }}"
|
|
with_items:
|
|
- name: data
|
|
- name: log
|
|
- name: run
|
|
mode: "0775"
|
|
|
|
# to adopt
|
|
# ssh unifi-ap
|
|
# mca-cli
|
|
# set-inform http://<controller_ip>:8080/inform
|
|
#
|
|
#
|
|
# if that hangs:
|
|
# mca-cli-op set-inform http://<controller_ip>:8080/inform
|
|
#
|
|
# somtimes:
|
|
# set-inform http://<controller_ip>:8080/inform
|
|
#
|
|
# check with this (sometimes it trie the docker container ip f.ex):
|
|
# unifi-ap$ info
|
|
# ...
|
|
# status: Unknown[11] (http://172.17.0.2:8080/inform)
|
|
#
|
|
# use tag 'arm32v7' for raspbian
|
|
#
|
|
# list of ports: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used
|
|
|
|
# v6.5.55
|
|
# v6.0.45
|
|
# v5.14.23
|
|
#
|
|
# updated: v5.14.23 -> stable-5 -> stable-6 -> latest (v7)
|
|
- name: start docker container
|
|
docker_container:
|
|
name: "unifi"
|
|
#image: "jacobalberty/unifi:v5.14.23"
|
|
image: jacobalberty/unifi:latest
|
|
auto_remove: false
|
|
detach: true
|
|
restart_policy: "unless-stopped"
|
|
state: "{{ unifi_container_state|default('started') }}"
|
|
init: true
|
|
pull: true
|
|
user: "{{ systemuserlist['unifi']['uid'] }}:{{ systemuserlist['unifi']['gid'] }}"
|
|
memory: "1536M"
|
|
env:
|
|
TZ: "Europe/Berlin"
|
|
RUNAS_UID0: "false"
|
|
UNIFI_UID: "{{ systemuserlist['unifi']['uid'] }}"
|
|
UNIFI_GID: "{{ systemuserlist['unifi']['gid'] }}"
|
|
UNIFI_HTTPS_PORT: "443"
|
|
container_default_behavior: compatibility
|
|
network_mode: bridgewithdns
|
|
networks:
|
|
- name: bridgewithdns
|
|
ipv4_address: "{{ bridgewithdns.unifi }}"
|
|
mounts:
|
|
- type: bind
|
|
source: "{{ unifi_root }}/data"
|
|
target: "/unifi/data"
|
|
- type: bind
|
|
source: "{{ unifi_root }}/run"
|
|
target: "/unifi/run"
|
|
- type: bind
|
|
source: "{{ unifi_root }}/log"
|
|
target: "/unifi/log"
|
|
ports:
|
|
- "3478:3478/udp" # STUN
|
|
- "6789:6789/tcp" # Speed test
|
|
- "8080:8080/tcp" # Device/ controller comm.
|
|
- "10001:10001/udp" # AP discovery
|
|
tags:
|
|
- unifi-container
|
|
- docker-containers
|
|
|
|
|
|
- name: wait for controller to be responsive
|
|
wait_for:
|
|
port: 8080
|
|
host: localhost
|
|
sleep: 2
|
|
when:
|
|
- unifi_container_state|default('started') == "started"
|
|
tags:
|
|
- docker
|